Revision 5166
Added by daigle over 14 years ago
| Eml200SAXHandler.java | ||
|---|---|---|
| 65 | 65 |
* Here is the rules for user which has write permission in top level access |
| 66 | 66 |
* rules(he can update metadata but can't update access module) try to update |
| 67 | 67 |
* a document: |
| 68 |
* 1. Checking access part (both in top level and addtional level, node by node) |
|
| 68 |
* 1. Checking access part (both in top level and additional level, node by node)
|
|
| 69 | 69 |
* If something was modified, reject the document. Note: for additional part |
| 70 | 70 |
* The access subtree startnode starts at "<describ>" rather than <access>. |
| 71 | 71 |
* This is because make sure ids wouldn't be mess up by user. |
| ... | ... | |
| 94 | 94 |
* The new rules. |
| 95 | 95 |
* |
| 96 | 96 |
* |
| 97 |
* Here is some info about addtional access rules ( data object rules): |
|
| 97 |
* Here is some info about additional access rules ( data object rules):
|
|
| 98 | 98 |
* The data access rules format looks like: |
| 99 | 99 |
* <additionalMetadata> |
| 100 | 100 |
* <describes>100</describes> |
| ... | ... | |
| 182 | 182 |
|
| 183 | 183 |
private AccessSection topAccessSection; |
| 184 | 184 |
|
| 185 |
private Vector addtionalAccessVector = new Vector(); |
|
| 185 |
private Vector additionalAccessVector = new Vector();
|
|
| 186 | 186 |
|
| 187 | 187 |
// key is subtree id and value is accessSection object |
| 188 | 188 |
private Hashtable possibleReferencedAccessHash = new Hashtable(); |
| ... | ... | |
| 207 | 207 |
|
| 208 | 208 |
private Vector inlineFileIDList = new Vector(); |
| 209 | 209 |
|
| 210 |
private boolean inAddtionalMetaData = false;
|
|
| 210 |
private boolean inadditionalMetaData = false;
|
|
| 211 | 211 |
|
| 212 | 212 |
//user has unwritable inline data object when it updates a document |
| 213 | 213 |
private boolean unWritableInlineDataObject = false; |
| ... | ... | |
| 231 | 231 |
|
| 232 | 232 |
//This hashtable will stored the id which already has additional access |
| 233 | 233 |
// control. So the top level access control will ignore them. |
| 234 |
private Hashtable onlineURLIdHasAddtionalAccess = new Hashtable();
|
|
| 234 |
private Hashtable onlineURLIdHasadditionalAccess = new Hashtable();
|
|
| 235 | 235 |
|
| 236 | 236 |
// additional access module will be in additionalMetadata part. Its format |
| 237 | 237 |
// look like |
| ... | ... | |
| 476 | 476 |
catch (SQLException e) |
| 477 | 477 |
{
|
| 478 | 478 |
throw new SAXException( |
| 479 |
"EMLSAXHandler.getAddtionalAccessSubTreeListFromDB(): "
|
|
| 479 |
"EMLSAXHandler.getadditionalAccessSubTreeListFromDB(): "
|
|
| 480 | 480 |
+ e.getMessage()); |
| 481 | 481 |
}//catch |
| 482 | 482 |
finally |
| ... | ... | |
| 596 | 596 |
|
| 597 | 597 |
//start handle inline data |
| 598 | 598 |
//===================================================== |
| 599 |
if (qName.equals(INLINE) && !inAddtionalMetaData)
|
|
| 599 |
if (qName.equals(INLINE) && !inadditionalMetaData)
|
|
| 600 | 600 |
{
|
| 601 | 601 |
handleInlineData = true; |
| 602 | 602 |
inLineDataIndex++; |
| ... | ... | |
| 808 | 808 |
} |
| 809 | 809 |
else if (attributeName != null && attributeName.equals(ID) && |
| 810 | 810 |
currentNode.getTagName().equals(DISTRIBUTION) && |
| 811 |
!inAddtionalMetaData)
|
|
| 811 |
!inadditionalMetaData)
|
|
| 812 | 812 |
{
|
| 813 | 813 |
// this is a distribution element and the id is distributionID |
| 814 | 814 |
distributionId = attributeValue; |
| ... | ... | |
| 835 | 835 |
// put parent node back |
| 836 | 836 |
nodeStack.push(tmpNode); |
| 837 | 837 |
String grandParentTag = grandParentNode.getTagName(); |
| 838 |
if (grandParentTag.equals(EML) && !inAddtionalMetaData)
|
|
| 838 |
if (grandParentTag.equals(EML) && !inadditionalMetaData)
|
|
| 839 | 839 |
{
|
| 840 | 840 |
processTopLeverAccess = true; |
| 841 | 841 |
|
| 842 | 842 |
} |
| 843 |
else if ( !inAddtionalMetaData )
|
|
| 843 |
else if ( !inadditionalMetaData )
|
|
| 844 | 844 |
{
|
| 845 | 845 |
// process other access embedded into resource level |
| 846 | 846 |
// module |
| ... | ... | |
| 852 | 852 |
// described element. If it has a descirbed element, |
| 853 | 853 |
// this code would hurt any thing |
| 854 | 854 |
processAdditionalAccess = true; |
| 855 |
logMetacat.warn("accessing process addtional access true when meet access");
|
|
| 855 |
logMetacat.info("accessing process additional access true when meet access");
|
|
| 856 | 856 |
} |
| 857 | 857 |
|
| 858 | 858 |
|
| ... | ... | |
| 939 | 939 |
|
| 940 | 940 |
if (currentNode.getTagName().equals(ADDITIONALMETADATA)) |
| 941 | 941 |
{
|
| 942 |
inAddtionalMetaData = true;
|
|
| 942 |
inadditionalMetaData = true;
|
|
| 943 | 943 |
} |
| 944 | 944 |
else if (currentNode.getTagName().equals(DESCRIBES) && |
| 945 | 945 |
parentNode.getTagName().equals(ADDITIONALMETADATA) && |
| ... | ... | |
| 953 | 953 |
localName, prefix, MetacatUtil.normalize(null)); |
| 954 | 954 |
storedAccessNodeStack.push(nodeElement); |
| 955 | 955 |
processAdditionalAccess = true; |
| 956 |
logMetacat.warn("set processAdditonalAccess ture when meet describe");
|
|
| 956 |
logMetacat.info("set processAdditonalAccess true when meet describe");
|
|
| 957 | 957 |
} |
| 958 |
else if (inAddtionalMetaData && processAdditionalAccess &&
|
|
| 958 |
else if (inadditionalMetaData && processAdditionalAccess &&
|
|
| 959 | 959 |
parentNode.getTagName().equals(ADDITIONALMETADATA) && |
| 960 | 960 |
!currentNode.getTagName().equals(DESCRIBES) && |
| 961 | 961 |
!currentNode.getTagName().equals(ACCESS)) |
| 962 | 962 |
{
|
| 963 |
// we start processAddtionalAccess module when first hit describes
|
|
| 963 |
// we start processadditionalAccess module when first hit describes
|
|
| 964 | 964 |
// in additionalMetadata. So this is possible, there are |
| 965 | 965 |
// "describes" but not "access". So here is try to terminate |
| 966 | 966 |
// processAddionalAccess. In this situation, there another element |
| ... | ... | |
| 972 | 972 |
logMetacat.warn("set processAddtionAccess false if the there is no access in additional");
|
| 973 | 973 |
} |
| 974 | 974 |
else if (currentNode.getTagName().equals(DISTRIBUTION) && |
| 975 |
!inAddtionalMetaData)
|
|
| 975 |
!inadditionalMetaData)
|
|
| 976 | 976 |
{
|
| 977 | 977 |
proccessDistribution = true; |
| 978 | 978 |
} |
| ... | ... | |
| 1258 | 1258 |
} |
| 1259 | 1259 |
|
| 1260 | 1260 |
} |
| 1261 |
else if (currentTag.equals(URL) && !inAddtionalMetaData)
|
|
| 1261 |
else if (currentTag.equals(URL) && !inadditionalMetaData)
|
|
| 1262 | 1262 |
{
|
| 1263 | 1263 |
//handle online data, make sure its'parent is online |
| 1264 | 1264 |
DBSAXNode parentNode = (DBSAXNode) nodeStack.peek(); |
| ... | ... | |
| 1337 | 1337 |
// put discribesId into the accessobject and put this |
| 1338 | 1338 |
// access object into vector |
| 1339 | 1339 |
newAccessObject.setDescribedIdList(describesId); |
| 1340 |
addtionalAccessVector.add(newAccessObject); |
|
| 1340 |
additionalAccessVector.add(newAccessObject);
|
|
| 1341 | 1341 |
|
| 1342 | 1342 |
}//if |
| 1343 | 1343 |
else if (processOtherAccess) |
| ... | ... | |
| 1372 | 1372 |
//reset describesId |
| 1373 | 1373 |
describesId = null; |
| 1374 | 1374 |
describesId = new Vector(); |
| 1375 |
inAddtionalMetaData = false;
|
|
| 1375 |
inadditionalMetaData = false;
|
|
| 1376 | 1376 |
firstDescribesNodeId = -1; |
| 1377 | 1377 |
// reset tmp stored node stack |
| 1378 | 1378 |
storedAccessNodeStack = null; |
| ... | ... | |
| 1380 | 1380 |
|
| 1381 | 1381 |
|
| 1382 | 1382 |
} |
| 1383 |
else if (currentTag.equals(DISTRIBUTION) && !inAddtionalMetaData)
|
|
| 1383 |
else if (currentTag.equals(DISTRIBUTION) && !inadditionalMetaData)
|
|
| 1384 | 1384 |
{
|
| 1385 | 1385 |
//reset distribution id |
| 1386 | 1386 |
distributionId = null; |
| 1387 | 1387 |
proccessDistribution = false; |
| 1388 | 1388 |
} |
| 1389 |
else if (currentTag.equals(OFFLINE) && !inAddtionalMetaData)
|
|
| 1389 |
else if (currentTag.equals(OFFLINE) && !inadditionalMetaData)
|
|
| 1390 | 1390 |
{
|
| 1391 | 1391 |
if (distributionId != null) |
| 1392 | 1392 |
{
|
| ... | ... | |
| 1394 | 1394 |
} |
| 1395 | 1395 |
} |
| 1396 | 1396 |
else if ((currentTag.equals(CONNECTION) || currentTag.equals(CONNECTIONDEFINITION)) |
| 1397 |
&& !inAddtionalMetaData)
|
|
| 1397 |
&& !inadditionalMetaData)
|
|
| 1398 | 1398 |
{
|
| 1399 | 1399 |
//handle online data, make sure its'parent is online |
| 1400 | 1400 |
DBSAXNode parentNode = (DBSAXNode) nodeStack.peek(); |
| ... | ... | |
| 1721 | 1721 |
|
| 1722 | 1722 |
//compare additional level |
| 1723 | 1723 |
int oldSize = unChangebleAdditionalAccessSubTreeVector.size(); |
| 1724 |
int newSize = addtionalAccessVector.size(); |
|
| 1724 |
int newSize = additionalAccessVector.size();
|
|
| 1725 | 1725 |
// if size is different, use deleted or added rules, so throw a exception |
| 1726 | 1726 |
if (oldSize != newSize) |
| 1727 | 1727 |
{
|
| ... | ... | |
| 1734 | 1734 |
AccessSection fromDB = (AccessSection) |
| 1735 | 1735 |
unChangebleAdditionalAccessSubTreeVector.elementAt(i); |
| 1736 | 1736 |
AccessSection fromParser = (AccessSection) |
| 1737 |
addtionalAccessVector.elementAt(i); |
|
| 1737 |
additionalAccessVector.elementAt(i);
|
|
| 1738 | 1738 |
compareAccessSubtree(fromDB, fromParser); |
| 1739 | 1739 |
} |
| 1740 | 1740 |
|
| ... | ... | |
| 1824 | 1824 |
//write additional access rule, and old records in xml_access will be |
| 1825 | 1825 |
//deleted too |
| 1826 | 1826 |
//System.out.println("before write additional access rules");
|
| 1827 |
writeAddtionalAccessRuleToDB();
|
|
| 1827 |
writeadditionalAccessRuleToDB();
|
|
| 1828 | 1828 |
//System.out.println("after write additional access rules");
|
| 1829 | 1829 |
//write top leve access rule, and old records in xml_access will be |
| 1830 | 1830 |
//deleted too |
| ... | ... | |
| 1877 | 1877 |
else |
| 1878 | 1878 |
{
|
| 1879 | 1879 |
// search it the additional access |
| 1880 |
for ( int i = 0; i <addtionalAccessVector.size(); i++) |
|
| 1880 |
for ( int i = 0; i <additionalAccessVector.size(); i++)
|
|
| 1881 | 1881 |
{
|
| 1882 | 1882 |
AccessSection additionalAccess = (AccessSection) |
| 1883 |
addtionalAccessVector.elementAt(i); |
|
| 1883 |
additionalAccessVector.elementAt(i);
|
|
| 1884 | 1884 |
String additionId = additionalAccess.getSubTreeId(); |
| 1885 | 1885 |
if (additionId != null && additionId.equals(reference)) |
| 1886 | 1886 |
{
|
| ... | ... | |
| 1947 | 1947 |
* deleted |
| 1948 | 1948 |
* If no describedId in the access object, this access rules will be ingorned |
| 1949 | 1949 |
*/ |
| 1950 |
private void writeAddtionalAccessRuleToDB() throws SAXException
|
|
| 1950 |
private void writeadditionalAccessRuleToDB() throws SAXException
|
|
| 1951 | 1951 |
{
|
| 1952 |
//System.out.println("in write addtional");
|
|
| 1952 |
//System.out.println("in write additional");
|
|
| 1953 | 1953 |
// we should delete all inline access rules in xml_access if |
| 1954 | 1954 |
// user has all permission |
| 1955 | 1955 |
if (!needCheckingAccessModule) |
| 1956 | 1956 |
{
|
| 1957 | 1957 |
deleteAllInlineDataAccessRules(); |
| 1958 | 1958 |
} |
| 1959 |
for (int i=0; i < addtionalAccessVector.size(); i++) |
|
| 1959 |
for (int i=0; i < additionalAccessVector.size(); i++)
|
|
| 1960 | 1960 |
{
|
| 1961 |
//System.out.println("in for loop of write addtional");
|
|
| 1962 |
AccessSection access = (AccessSection)addtionalAccessVector.elementAt(i); |
|
| 1961 |
//System.out.println("in for loop of write additional");
|
|
| 1962 |
AccessSection access = (AccessSection)additionalAccessVector.elementAt(i);
|
|
| 1963 | 1963 |
Vector describeIdList = access.getDescribedIdList(); |
| 1964 | 1964 |
// if this access is a reference, a new access object will be created |
| 1965 | 1965 |
// which contains the real access rules referenced. Also, each access tree |
| ... | ... | |
| 2019 | 2019 |
// put the id into a hashtalbe. So when we run wirtetop level |
| 2020 | 2020 |
// access, those id will be ignored because they already has |
| 2021 | 2021 |
// additional access rules |
| 2022 |
onlineURLIdHasAddtionalAccess.put(subreeid, subreeid);
|
|
| 2022 |
onlineURLIdHasadditionalAccess.put(subreeid, subreeid);
|
|
| 2023 | 2023 |
} |
| 2024 | 2024 |
}//elseif |
| 2025 | 2025 |
}//if |
| ... | ... | |
| 2029 | 2029 |
}//writeAdditonalLevelAccessRuletoDB |
| 2030 | 2030 |
|
| 2031 | 2031 |
|
| 2032 |
/* The method to write addtional access rule into db. */ |
|
| 2032 |
/* The method to write additional access rule into db. */
|
|
| 2033 | 2033 |
private void writeTopLevelAccessRuleToDB() throws SAXException |
| 2034 | 2034 |
{
|
| 2035 | 2035 |
// if top access is reference, we need figure out the real access rules |
| ... | ... | |
| 2056 | 2056 |
while (em.hasMoreElements()) |
| 2057 | 2057 |
{
|
| 2058 | 2058 |
String onlineSubtreeId = (String)em.nextElement(); |
| 2059 |
if (!onlineURLIdHasAddtionalAccess.containsKey(onlineSubtreeId))
|
|
| 2059 |
if (!onlineURLIdHasadditionalAccess.containsKey(onlineSubtreeId))
|
|
| 2060 | 2060 |
{
|
| 2061 | 2061 |
String url = |
| 2062 | 2062 |
(String)onlineURLDistributionIdList.get(onlineSubtreeId); |
| ... | ... | |
| 2286 | 2286 |
long startNodeId = -1; |
| 2287 | 2287 |
if (level != null && level.equals(DATAACCESSLEVEL)) |
| 2288 | 2288 |
{
|
| 2289 |
// for addtional access module the start node id should be |
|
| 2289 |
// for additional access module the start node id should be
|
|
| 2290 | 2290 |
// descirbes element id |
| 2291 | 2291 |
startNodeId = accessSection.getStartedDescribesNodeId(); |
| 2292 | 2292 |
// if in additional access, there is not describes element, |
Also available in: Unified diff
fix spelling of word additional