Revision 5099
Added by daigle over 14 years ago
AccessControlForSingleFile.java | ||
---|---|---|
43 | 43 |
import org.xml.sax.helpers.XMLReaderFactory; |
44 | 44 |
|
45 | 45 |
import edu.ucsb.nceas.metacat.DocInfoHandler; |
46 |
import edu.ucsb.nceas.metacat.DocumentImpl; |
|
47 | 46 |
import edu.ucsb.nceas.metacat.McdbException; |
48 | 47 |
import edu.ucsb.nceas.metacat.PermissionController; |
49 | 48 |
import edu.ucsb.nceas.metacat.database.DBConnection; |
... | ... | |
62 | 61 |
public class AccessControlForSingleFile implements AccessControlInterface |
63 | 62 |
{ |
64 | 63 |
|
65 |
private String docId; |
|
64 |
private String _docId;
|
|
66 | 65 |
private Logger logMetacat = Logger.getLogger(AccessControlForSingleFile.class); |
67 | 66 |
|
68 | 67 |
|
... | ... | |
73 | 72 |
public AccessControlForSingleFile(String accessionNumber) throws AccessControlException |
74 | 73 |
{ |
75 | 74 |
//Get rid of dev if myaccessNumber has one; |
76 |
docId = DocumentUtil.getDocIdFromString(accessionNumber);
|
|
77 |
if (docId == null || docId.equals(""))
|
|
75 |
_docId = DocumentUtil.getDocIdFromString(accessionNumber);
|
|
76 |
if (_docId == null || _docId.equals(""))
|
|
78 | 77 |
{ |
79 | 78 |
throw new AccessControlException("AccessControlForSingleFile() - Accession number " + |
80 | 79 |
"can't be null in constructor"); |
81 | 80 |
} |
82 | 81 |
|
83 |
logMetacat.debug("AccessControlForSingleFile() - docid: " + docId); |
|
82 |
logMetacat.debug("AccessControlForSingleFile() - docid: " + _docId);
|
|
84 | 83 |
|
85 | 84 |
} |
86 | 85 |
|
... | ... | |
111 | 110 |
// It will bitwise OR to permissions if the principal already has a record for this |
112 | 111 |
// doc id. |
113 | 112 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
114 |
xmlAccessAccess.addXMLAccess(docId, principalName, new Long(permission), permType, permOrder); |
|
113 |
xmlAccessAccess.addXMLAccess(_docId, principalName, new Long(permission), permType, permOrder);
|
|
115 | 114 |
} catch (AccessException ae) { |
116 | 115 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - " |
117 | 116 |
+ "DB access error when inserting permissions: " + ae.getMessage()); |
... | ... | |
129 | 128 |
public void insertPermissions(String accessBlock) throws AccessControlException { |
130 | 129 |
try { |
131 | 130 |
XMLReader parser = null; |
132 |
DocInfoHandler docInfoHandler = new DocInfoHandler(); |
|
131 |
DocInfoHandler docInfoHandler = new DocInfoHandler(_docId);
|
|
133 | 132 |
ContentHandler chandler = docInfoHandler; |
134 | 133 |
|
135 | 134 |
// Get an instance of the parser |
... | ... | |
143 | 142 |
|
144 | 143 |
parser.parse(new InputSource(new StringReader(accessBlock))); |
145 | 144 |
|
145 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
|
146 |
xmlAccessAccess.deleteXMLAccessForDoc(_docId); |
|
147 |
|
|
146 | 148 |
Vector<XMLAccessDAO> accessControlList = docInfoHandler.getAccessControlList(); |
147 | 149 |
if (accessControlList != null) { |
148 | 150 |
for (XMLAccessDAO xmlAccessDAO : accessControlList) { |
149 | 151 |
insertPermissions(xmlAccessDAO); |
150 |
logMetacat.debug("AccessControlForSingleFile.insertPermissions - document " + docId |
|
152 |
logMetacat.debug("AccessControlForSingleFile.insertPermissions - document " + _docId
|
|
151 | 153 |
+ " permissions added to DB"); |
152 | 154 |
} |
153 | 155 |
} |
154 | 156 |
} catch (PropertyNotFoundException pnfe) { |
155 | 157 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - " |
156 |
+ "property error when inserting permissions: " + pnfe.getMessage()); |
|
158 |
+ "property error when replacing permissions: " + pnfe.getMessage()); |
|
159 |
} catch (AccessException ae) { |
|
160 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - " |
|
161 |
+ "DB access error when replacing permissions: " + ae.getMessage()); |
|
157 | 162 |
} catch (SAXException se) { |
158 | 163 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - " |
159 |
+ "SAX error when inserting permissions: " + se.getMessage());
|
|
164 |
+ "SAX error when replacing permissions: " + se.getMessage());
|
|
160 | 165 |
} catch(IOException ioe) { |
161 | 166 |
throw new AccessControlException("AccessControlForSingleFile.insertPermissions - " |
162 |
+ "I/O error when inserting permissions: " + ioe.getMessage());
|
|
167 |
+ "I/O error when replacing permissions: " + ioe.getMessage());
|
|
163 | 168 |
} |
164 | 169 |
} |
165 | 170 |
|
... | ... | |
187 | 192 |
"AND perm_order =? "); |
188 | 193 |
|
189 | 194 |
// Bind the values to the query |
190 |
pstmt.setString(1, docId); |
|
195 |
pstmt.setString(1, _docId);
|
|
191 | 196 |
pstmt.setString(2, xmlAccessDAO.getPrincipalName()); |
192 | 197 |
pstmt.setLong(3, xmlAccessDAO.getPermission()); |
193 | 198 |
pstmt.setString(4, xmlAccessDAO.getPermType()); |
... | ... | |
229 | 234 |
* @param groups |
230 | 235 |
* names of user's groups to which user belongs |
231 | 236 |
*/ |
232 |
public String getACL(String user, String[] groups, boolean emlCompliant)
|
|
237 |
public String getACL(String user, String[] groups) |
|
233 | 238 |
throws AccessControlException { |
234 | 239 |
StringBuffer output = new StringBuffer(); |
235 | 240 |
boolean hasPermission = false; |
236 | 241 |
|
237 |
try { |
|
238 |
// Get a list of all access dao objects for this docid |
|
239 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
|
240 |
Vector<XMLAccessDAO> xmlAccessDAOList = xmlAccessAccess.getXMLAccessForDoc(docId); |
|
241 |
|
|
242 |
hasPermission = isOwned(docId, user); |
|
242 |
try { |
|
243 |
hasPermission = isOwned(_docId, user); |
|
243 | 244 |
if (!hasPermission) { |
244 |
PermissionController controller = new PermissionController(docId); |
|
245 |
PermissionController controller = new PermissionController(_docId);
|
|
245 | 246 |
hasPermission = |
246 | 247 |
controller.hasPermission(user, groups, READSTRING); |
247 | 248 |
} |
248 | 249 |
|
249 | 250 |
if (hasPermission) { |
250 |
output.append(getAccessString(xmlAccessDAOList, emlCompliant)); |
|
251 |
// Get a list of all access dao objects for this docid |
|
252 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
|
253 |
Vector<XMLAccessDAO> xmlAccessDAOList = xmlAccessAccess.getXMLAccessForDoc(_docId); |
|
254 |
output.append(getAccessString(xmlAccessDAOList)); |
|
255 |
} else { |
|
256 |
output.append(getAccessString(new Vector<XMLAccessDAO>())); |
|
251 | 257 |
} |
252 | 258 |
|
253 | 259 |
return output.toString(); |
... | ... | |
270 | 276 |
try { |
271 | 277 |
// Get a list of all access dao objects for this docid |
272 | 278 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
273 |
xmlAccessDAOList = xmlAccessAccess.getXMLAccessForDoc(docId); |
|
279 |
xmlAccessDAOList = xmlAccessAccess.getXMLAccessForDoc(_docId);
|
|
274 | 280 |
} catch (AccessException ae) { |
275 | 281 |
throw new AccessControlException("AccessControlForSingleFile.getAccessString() - DB access error when " + |
276 | 282 |
"getting access string: " + ae.getMessage()); |
277 | 283 |
} |
278 | 284 |
|
279 |
return getAccessString(xmlAccessDAOList, false);
|
|
285 |
return getAccessString(xmlAccessDAOList); |
|
280 | 286 |
} |
281 | 287 |
|
282 |
public String getAccessString(Vector<XMLAccessDAO> xmlAccessDAOList, boolean emlCompliant) throws AccessControlException {
|
|
288 |
public String getAccessString(Vector<XMLAccessDAO> xmlAccessDAOList) throws AccessControlException { |
|
283 | 289 |
|
284 | 290 |
StringBuffer output = new StringBuffer(); |
285 | 291 |
StringBuffer tmpOutput = new StringBuffer(); |
... | ... | |
296 | 302 |
if (xmlAccessDAOList.size() > 0) { |
297 | 303 |
permOrder = xmlAccessDAOList.get(0).getPermOrder(); |
298 | 304 |
} |
299 |
|
|
300 |
if (emlCompliant) { |
|
301 |
output.append("<?xml version=\"1.0\"?>\n<acc:access"); |
|
302 |
} else { |
|
303 |
output.append("<access "); |
|
304 |
} |
|
305 | 305 |
|
306 |
output.append(" authSystem=\"knb\" order=\"" + permOrder + "\" id=\"" + docId + "\" scope=\"document\""); |
|
307 |
|
|
308 |
if (emlCompliant) { |
|
309 |
output.append(" xmlns:acc=\"" + DocumentImpl.EML2_1_0NAMESPACE + "\""); |
|
310 |
} |
|
306 |
output.append("<access authSystem=\"knb\" order=\"" + permOrder + "\" id=\"" + _docId + "\" scope=\"document\""); |
|
311 | 307 |
|
312 | 308 |
output.append(">\n"); |
313 | 309 |
|
... | ... | |
358 | 354 |
output.append(allowOutput); |
359 | 355 |
} |
360 | 356 |
|
361 |
if (emlCompliant) { |
|
362 |
output.append("</acc:access>"); |
|
363 |
} else { |
|
364 |
output.append("</access>"); |
|
365 |
} |
|
357 |
output.append("</access>"); |
|
366 | 358 |
|
367 | 359 |
return output.toString(); |
368 | 360 |
} |
Also available in: Unified diff
Change access section in getaccesscontrol and getdocumentinfo apis to be more eml 2.1.0 compliant. Add a block access option to setaccess api.