Project

General

Profile

« Previous | Next » 

Revision 5376

Added by berkley almost 14 years ago

moved authentication checking out of ResourceHandler and into CrudService

View differences:

ResourceHandler.java
538 538 
     * @param guid ID of data object to be read
539 539 
     */
540 540 
    private void getObject(String guid) {
541 
      //hack...fix this
542 
        //CrudService cs = new CrudService(servletContext, request, response);
543 541 
        CrudService cs = CrudService.getInstance();
544 542 
        cs.setParamsFromRequest(request);
545 
        //System.out.println("sessionId: " + sessionId);
546 543 
        AuthToken token = new AuthToken(sessionId);
547 544 
        OutputStream out = null;
548 545 
        try {
......
796 793 
                    throw new IdentifierNotUnique("1000", "Identifier is already in use: " + guid);
797 794 
                }
798 795 

  		




  799
  
  
    
                // TODO: access control -- should be in CrudService et al. I think


  		




  800
  
  
    
                //if (username != null && !username.equals("public")) {


  		




  801
  
  
    
                if (username != null) {


  		




  802
  
  
    
                    logMetacat.debug("Commence creation...");


  		




  803
  
  
    
                    AuthToken token = null;


  		




  804
  
  
    
                    IBindingFactory bfact =


  		




  805
  
  
    
                        BindingDirectory.getFactory(SystemMetadata.class);


  		




  806
  
  
    
                    IUnmarshallingContext uctx = bfact.createUnmarshallingContext();


  		




  807
  
  
    
                    SystemMetadata m = (SystemMetadata) uctx.unmarshalDocument(sysmeta, null);


  		




  
  796
  
    
                logMetacat.debug("Commence creation...");


  		




  
  797
  
    
                AuthToken token = null;


  		




  
  798
  
    
                IBindingFactory bfact =


  		




  
  799
  
    
                    BindingDirectory.getFactory(SystemMetadata.class);


  		




  
  800
  
    
                IUnmarshallingContext uctx = bfact.createUnmarshallingContext();


  		




  
  801
  
    
                SystemMetadata m = (SystemMetadata) uctx.unmarshalDocument(sysmeta, null);


  		




  
  802
  
    

  		




  
  803
  
    
                CrudService cs = CrudService.getInstance();


  		




  
  804
  
    
                cs.setParamsFromRequest(request);


  		




  
  805
  
    
                Identifier id = new Identifier();


  		




  
  806
  
    
                id.setValue(guid);


  		




  
  807
  
    
                cs.create(token, id, object, m);


  		




  808
  808
  
    
                    


  		




  809
  
  
    
                    CrudService cs = CrudService.getInstance();


  		




  810
  
  
    
                    cs.setParamsFromRequest(request);


  		




  811
  
  
    
                    Identifier id = new Identifier();


  		




  812
  
  
    
                    id.setValue(guid);


  		




  813
  
  
    
                    cs.create(token, id, object, m);


  		




  814
  
  
    

  		




  815
  
  
    
                } else {


  		




  816
  
  
    
                    logMetacat.debug("Unauthorized to create.");


  		




  817
  
  
    
                    throw new NotAuthorized("1000", "Permission denied for user " + username);


  		




  818
  
  
    
                }


  		




  819
  809
  
    
            } else if (action.equals(FUNCTION_NAME_UPDATE)) { //handle updates


  		




  820
  810
  
    
                IdentifierManager im = IdentifierManager.getInstance();


  		




  821
  811
  
    
                CrudService cs = CrudService.getInstance();


  		












Also available in:  Unified diff