Revision 5386
Added by berkley almost 14 years ago
| ResourceHandler.java | ||
|---|---|---|
| 267 | 267 |
//System.out.println("done setting access");
|
| 268 | 268 |
} |
| 269 | 269 |
} else if (resource.equals(RESOURCE_META)) {
|
| 270 |
if(params.get(FUNCTION_KEYWORD)[0].equals(FUNCTION_NAME_GENERATE_MISSING_SYSTEM_METADATA)) |
|
| 270 |
if(params != null && params.get(FUNCTION_KEYWORD) != null && |
|
| 271 |
params.get(FUNCTION_KEYWORD)[0].equals(FUNCTION_NAME_GENERATE_MISSING_SYSTEM_METADATA)) |
|
| 271 | 272 |
{ //generate system metadata for any object that is
|
| 272 | 273 |
//a) not system metadata itself |
| 273 | 274 |
//b) does not already have a system metadata id in the systemmetadata table |
| ... | ... | |
| 371 | 372 |
while (paramlist.hasMoreElements()) {
|
| 372 | 373 |
name = (String) paramlist.nextElement(); |
| 373 | 374 |
value = request.getParameterValues(name); |
| 374 |
//System.out.println("adding param: " + name + " = " + value);
|
|
| 375 | 375 |
params.put(name, value); |
| 376 | 376 |
} |
| 377 |
|
|
| 378 | 377 |
} |
| 379 | 378 |
|
| 380 | 379 |
/** |
| ... | ... | |
| 408 | 407 |
password = sessionData.getPassword(); |
| 409 | 408 |
groupNames = sessionData.getGroupNames(); |
| 410 | 409 |
sessionId = sessionData.getId(); |
| 411 |
//System.out.println("setting sessionid to " + sessionId);
|
|
| 410 |
System.out.println("setting sessionid to " + sessionId);
|
|
| 411 |
System.out.println("username: " + username);
|
|
| 412 | 412 |
} |
| 413 | 413 |
|
| 414 | 414 |
//if the session is not valid or the username is null, set |
| 415 | 415 |
//username to public |
| 416 | 416 |
if (username == null) |
| 417 | 417 |
{
|
| 418 |
System.out.println("setting username to public.");
|
|
| 418 | 419 |
username = "public"; |
| 419 | 420 |
} |
| 420 | 421 |
} |
| ... | ... | |
| 645 | 646 |
private void getSystemMetadataObject(String guid) {
|
| 646 | 647 |
CrudService cs = CrudService.getInstance(); |
| 647 | 648 |
cs.setParamsFromRequest(request); |
| 648 |
AuthToken token = null;
|
|
| 649 |
AuthToken token = new AuthToken(sessionId);
|
|
| 649 | 650 |
OutputStream out = null; |
| 650 | 651 |
try {
|
| 651 | 652 |
out = response.getOutputStream(); |
| ... | ... | |
| 746 | 747 |
*/ |
| 747 | 748 |
private void putObject(String guid, String action) {
|
| 748 | 749 |
logMetacat.debug("Entering putObject: " + guid + "/" + action);
|
| 749 |
|
|
| 750 |
// TODO: This function lacks proper handling of authz and authn, so it |
|
| 751 |
// seems that anyone can insert or update; interacts with |
|
| 752 |
// loadSessionData(), which doesn't validate the session |
|
| 753 |
|
|
| 754 |
// Get an output stream for handling errors; this should really be passed in as |
|
| 755 |
// a parameter |
|
| 756 | 750 |
OutputStream out = null; |
| 757 | 751 |
try {
|
| 758 | 752 |
out = response.getOutputStream(); |
| ... | ... | |
| 793 | 787 |
} |
| 794 | 788 |
|
| 795 | 789 |
logMetacat.debug("Commence creation...");
|
| 796 |
AuthToken token = null; |
|
| 797 | 790 |
IBindingFactory bfact = |
| 798 | 791 |
BindingDirectory.getFactory(SystemMetadata.class); |
| 799 | 792 |
IUnmarshallingContext uctx = bfact.createUnmarshallingContext(); |
| 800 | 793 |
SystemMetadata m = (SystemMetadata) uctx.unmarshalDocument(sysmeta, null); |
| 801 | 794 |
|
| 802 | 795 |
CrudService cs = CrudService.getInstance(); |
| 796 |
AuthToken token = new AuthToken(sessionId); |
|
| 803 | 797 |
cs.setParamsFromRequest(request); |
| 804 | 798 |
Identifier id = new Identifier(); |
| 805 | 799 |
id.setValue(guid); |
| 806 | 800 |
cs.create(token, id, object, m); |
| 807 |
|
|
| 801 |
|
|
| 808 | 802 |
} else if (action.equals(FUNCTION_NAME_UPDATE)) { //handle updates
|
| 809 | 803 |
IdentifierManager im = IdentifierManager.getInstance(); |
| 810 | 804 |
CrudService cs = CrudService.getInstance(); |
| 811 | 805 |
Identifier obsoletedGuid = new Identifier(); |
| 812 | 806 |
Identifier id = new Identifier(); |
| 813 | 807 |
id.setValue(guid); |
| 814 |
AuthToken token = null;
|
|
| 808 |
AuthToken token = new AuthToken(sessionId);
|
|
| 815 | 809 |
|
| 816 | 810 |
//do some checks |
| 817 | 811 |
if(params.get("obsoletedGuid") == null)
|
Also available in: Unified diff
fixed bugs associated with crud access control changes.