Revision 5099
Added by daigle over 14 years ago
| AccessControlForSingleFile.java | ||
|---|---|---|
| 43 | 43 |
import org.xml.sax.helpers.XMLReaderFactory; |
| 44 | 44 |
|
| 45 | 45 |
import edu.ucsb.nceas.metacat.DocInfoHandler; |
| 46 |
import edu.ucsb.nceas.metacat.DocumentImpl; |
|
| 47 | 46 |
import edu.ucsb.nceas.metacat.McdbException; |
| 48 | 47 |
import edu.ucsb.nceas.metacat.PermissionController; |
| 49 | 48 |
import edu.ucsb.nceas.metacat.database.DBConnection; |
| ... | ... | |
| 62 | 61 |
public class AccessControlForSingleFile implements AccessControlInterface |
| 63 | 62 |
{
|
| 64 | 63 |
|
| 65 |
private String docId; |
|
| 64 |
private String _docId;
|
|
| 66 | 65 |
private Logger logMetacat = Logger.getLogger(AccessControlForSingleFile.class); |
| 67 | 66 |
|
| 68 | 67 |
|
| ... | ... | |
| 73 | 72 |
public AccessControlForSingleFile(String accessionNumber) throws AccessControlException |
| 74 | 73 |
{
|
| 75 | 74 |
//Get rid of dev if myaccessNumber has one; |
| 76 |
docId = DocumentUtil.getDocIdFromString(accessionNumber);
|
|
| 77 |
if (docId == null || docId.equals(""))
|
|
| 75 |
_docId = DocumentUtil.getDocIdFromString(accessionNumber);
|
|
| 76 |
if (_docId == null || _docId.equals(""))
|
|
| 78 | 77 |
{
|
| 79 | 78 |
throw new AccessControlException("AccessControlForSingleFile() - Accession number " +
|
| 80 | 79 |
"can't be null in constructor"); |
| 81 | 80 |
} |
| 82 | 81 |
|
| 83 |
logMetacat.debug("AccessControlForSingleFile() - docid: " + docId);
|
|
| 82 |
logMetacat.debug("AccessControlForSingleFile() - docid: " + _docId);
|
|
| 84 | 83 |
|
| 85 | 84 |
} |
| 86 | 85 |
|
| ... | ... | |
| 111 | 110 |
// It will bitwise OR to permissions if the principal already has a record for this |
| 112 | 111 |
// doc id. |
| 113 | 112 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
| 114 |
xmlAccessAccess.addXMLAccess(docId, principalName, new Long(permission), permType, permOrder); |
|
| 113 |
xmlAccessAccess.addXMLAccess(_docId, principalName, new Long(permission), permType, permOrder);
|
|
| 115 | 114 |
} catch (AccessException ae) {
|
| 116 | 115 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - "
|
| 117 | 116 |
+ "DB access error when inserting permissions: " + ae.getMessage()); |
| ... | ... | |
| 129 | 128 |
public void insertPermissions(String accessBlock) throws AccessControlException {
|
| 130 | 129 |
try {
|
| 131 | 130 |
XMLReader parser = null; |
| 132 |
DocInfoHandler docInfoHandler = new DocInfoHandler(); |
|
| 131 |
DocInfoHandler docInfoHandler = new DocInfoHandler(_docId);
|
|
| 133 | 132 |
ContentHandler chandler = docInfoHandler; |
| 134 | 133 |
|
| 135 | 134 |
// Get an instance of the parser |
| ... | ... | |
| 143 | 142 |
|
| 144 | 143 |
parser.parse(new InputSource(new StringReader(accessBlock))); |
| 145 | 144 |
|
| 145 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
|
| 146 |
xmlAccessAccess.deleteXMLAccessForDoc(_docId); |
|
| 147 |
|
|
| 146 | 148 |
Vector<XMLAccessDAO> accessControlList = docInfoHandler.getAccessControlList(); |
| 147 | 149 |
if (accessControlList != null) {
|
| 148 | 150 |
for (XMLAccessDAO xmlAccessDAO : accessControlList) {
|
| 149 | 151 |
insertPermissions(xmlAccessDAO); |
| 150 |
logMetacat.debug("AccessControlForSingleFile.insertPermissions - document " + docId
|
|
| 152 |
logMetacat.debug("AccessControlForSingleFile.insertPermissions - document " + _docId
|
|
| 151 | 153 |
+ " permissions added to DB"); |
| 152 | 154 |
} |
| 153 | 155 |
} |
| 154 | 156 |
} catch (PropertyNotFoundException pnfe) {
|
| 155 | 157 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - "
|
| 156 |
+ "property error when inserting permissions: " + pnfe.getMessage()); |
|
| 158 |
+ "property error when replacing permissions: " + pnfe.getMessage()); |
|
| 159 |
} catch (AccessException ae) {
|
|
| 160 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - "
|
|
| 161 |
+ "DB access error when replacing permissions: " + ae.getMessage()); |
|
| 157 | 162 |
} catch (SAXException se) {
|
| 158 | 163 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - "
|
| 159 |
+ "SAX error when inserting permissions: " + se.getMessage());
|
|
| 164 |
+ "SAX error when replacing permissions: " + se.getMessage());
|
|
| 160 | 165 |
} catch(IOException ioe) {
|
| 161 | 166 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - "
|
| 162 |
+ "I/O error when inserting permissions: " + ioe.getMessage());
|
|
| 167 |
+ "I/O error when replacing permissions: " + ioe.getMessage());
|
|
| 163 | 168 |
} |
| 164 | 169 |
} |
| 165 | 170 |
|
| ... | ... | |
| 187 | 192 |
"AND perm_order =? "); |
| 188 | 193 |
|
| 189 | 194 |
// Bind the values to the query |
| 190 |
pstmt.setString(1, docId); |
|
| 195 |
pstmt.setString(1, _docId);
|
|
| 191 | 196 |
pstmt.setString(2, xmlAccessDAO.getPrincipalName()); |
| 192 | 197 |
pstmt.setLong(3, xmlAccessDAO.getPermission()); |
| 193 | 198 |
pstmt.setString(4, xmlAccessDAO.getPermType()); |
| ... | ... | |
| 229 | 234 |
* @param groups |
| 230 | 235 |
* names of user's groups to which user belongs |
| 231 | 236 |
*/ |
| 232 |
public String getACL(String user, String[] groups, boolean emlCompliant)
|
|
| 237 |
public String getACL(String user, String[] groups) |
|
| 233 | 238 |
throws AccessControlException {
|
| 234 | 239 |
StringBuffer output = new StringBuffer(); |
| 235 | 240 |
boolean hasPermission = false; |
| 236 | 241 |
|
| 237 |
try {
|
|
| 238 |
// Get a list of all access dao objects for this docid |
|
| 239 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
|
| 240 |
Vector<XMLAccessDAO> xmlAccessDAOList = xmlAccessAccess.getXMLAccessForDoc(docId); |
|
| 241 |
|
|
| 242 |
hasPermission = isOwned(docId, user); |
|
| 242 |
try {
|
|
| 243 |
hasPermission = isOwned(_docId, user); |
|
| 243 | 244 |
if (!hasPermission) {
|
| 244 |
PermissionController controller = new PermissionController(docId); |
|
| 245 |
PermissionController controller = new PermissionController(_docId);
|
|
| 245 | 246 |
hasPermission = |
| 246 | 247 |
controller.hasPermission(user, groups, READSTRING); |
| 247 | 248 |
} |
| 248 | 249 |
|
| 249 | 250 |
if (hasPermission) {
|
| 250 |
output.append(getAccessString(xmlAccessDAOList, emlCompliant)); |
|
| 251 |
// Get a list of all access dao objects for this docid |
|
| 252 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
|
| 253 |
Vector<XMLAccessDAO> xmlAccessDAOList = xmlAccessAccess.getXMLAccessForDoc(_docId); |
|
| 254 |
output.append(getAccessString(xmlAccessDAOList)); |
|
| 255 |
} else {
|
|
| 256 |
output.append(getAccessString(new Vector<XMLAccessDAO>())); |
|
| 251 | 257 |
} |
| 252 | 258 |
|
| 253 | 259 |
return output.toString(); |
| ... | ... | |
| 270 | 276 |
try {
|
| 271 | 277 |
// Get a list of all access dao objects for this docid |
| 272 | 278 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
| 273 |
xmlAccessDAOList = xmlAccessAccess.getXMLAccessForDoc(docId); |
|
| 279 |
xmlAccessDAOList = xmlAccessAccess.getXMLAccessForDoc(_docId);
|
|
| 274 | 280 |
} catch (AccessException ae) {
|
| 275 | 281 |
throw new AccessControlException("AccessControlForSingleFile.getAccessString() - DB access error when " +
|
| 276 | 282 |
"getting access string: " + ae.getMessage()); |
| 277 | 283 |
} |
| 278 | 284 |
|
| 279 |
return getAccessString(xmlAccessDAOList, false);
|
|
| 285 |
return getAccessString(xmlAccessDAOList); |
|
| 280 | 286 |
} |
| 281 | 287 |
|
| 282 |
public String getAccessString(Vector<XMLAccessDAO> xmlAccessDAOList, boolean emlCompliant) throws AccessControlException {
|
|
| 288 |
public String getAccessString(Vector<XMLAccessDAO> xmlAccessDAOList) throws AccessControlException {
|
|
| 283 | 289 |
|
| 284 | 290 |
StringBuffer output = new StringBuffer(); |
| 285 | 291 |
StringBuffer tmpOutput = new StringBuffer(); |
| ... | ... | |
| 296 | 302 |
if (xmlAccessDAOList.size() > 0) {
|
| 297 | 303 |
permOrder = xmlAccessDAOList.get(0).getPermOrder(); |
| 298 | 304 |
} |
| 299 |
|
|
| 300 |
if (emlCompliant) {
|
|
| 301 |
output.append("<?xml version=\"1.0\"?>\n<acc:access");
|
|
| 302 |
} else {
|
|
| 303 |
output.append("<access ");
|
|
| 304 |
} |
|
| 305 | 305 |
|
| 306 |
output.append(" authSystem=\"knb\" order=\"" + permOrder + "\" id=\"" + docId + "\" scope=\"document\"");
|
|
| 307 |
|
|
| 308 |
if (emlCompliant) {
|
|
| 309 |
output.append(" xmlns:acc=\"" + DocumentImpl.EML2_1_0NAMESPACE + "\"");
|
|
| 310 |
} |
|
| 306 |
output.append("<access authSystem=\"knb\" order=\"" + permOrder + "\" id=\"" + _docId + "\" scope=\"document\"");
|
|
| 311 | 307 |
|
| 312 | 308 |
output.append(">\n");
|
| 313 | 309 |
|
| ... | ... | |
| 358 | 354 |
output.append(allowOutput); |
| 359 | 355 |
} |
| 360 | 356 |
|
| 361 |
if (emlCompliant) {
|
|
| 362 |
output.append("</acc:access>");
|
|
| 363 |
} else {
|
|
| 364 |
output.append("</access>");
|
|
| 365 |
} |
|
| 357 |
output.append("</access>");
|
|
| 366 | 358 |
|
| 367 | 359 |
return output.toString(); |
| 368 | 360 |
} |
Also available in: Unified diff
Change access section in getaccesscontrol and getdocumentinfo apis to be more eml 2.1.0 compliant. Add a block access option to setaccess api.