Project

General

Profile

« Previous | Next » 

Revision 6015

Added by ben leinfelder over 13 years ago

insert/update documents with null user and null group to circumvent access control restrictions then update the user_owner and user_updated values to reflect what exists on the originating server (pisco)

View differences:

src/edu/ucsb/nceas/metacat/replication/ReplicationHandler.java
396 396 
                              null,  /* the dtd text */
397 397 
                              actions,
398 398 
                              accNumber,
399 
                              docinfoHash.get("user_updated"),
400 
                              //docinfoHash.get("user_owner"),
399 
                              null, //docinfoHash.get("user_owner"),
401 400 
                              null, /* null for groups[] */
402 401 
                              docHomeServer,
403 402 
                              remoteserver, tableName, true,// true is for time replication
404 403 
                              createdDate,
405 404 
                              updatedDate);
406 405
406 
      //set the user information
407 
      String user = (String) docinfoHash.get("user_owner");
408 
      String updated = (String) docinfoHash.get("user_updated");
409 
      ReplicationService.updateUserOwner(dbConn, accNumber, user, updated);
410
407 411 
      //process extra access rules
408 412 
      Vector<XMLAccessDAO> xmlAccessDAOList = dih.getAccessControlList();
409 413 
      if (xmlAccessDAOList != null) {
......
555 559 
      String docInfoStr = ReplicationService.getURLContent(docinfoUrl);
556 560 
      docinfoParser.parse(new InputSource(new StringReader(docInfoStr)));
557 561 
      Hashtable<String, String> docinfoHash = dih.getDocInfo();
558 
      // Get docid owner
559 
      //String user = docinfoHash.get("user_owner");
560 
      String user = docinfoHash.get("user_updated");
562
561 563 
      // Get docid name (such as acl or dataset)
562 564 
      String docName = docinfoHash.get("docname");
563 565 
      // Get doc type (eml public id)
......
587 589 
        DocumentImpl.writeDataFileInReplication(input,
588 590 
                                                datafilePath,
589 591 
                                                docName,docType,
590 
                                                accNumber, user,
592 
                                                accNumber,
593 
                                                null,
591 594 
                                                docHomeServer,
592 595 
                                                remoteserver,
593 596 
                                                tableName,
......
595 598 
                                                createdDate,
596 599 
                                                updatedDate);
597 600
601 
        //set the user information
602 
        String user = (String) docinfoHash.get("user_owner");
603 
		String updated = (String) docinfoHash.get("user_updated");
604 
        ReplicationService.updateUserOwner(dbConn, accNumber, user, updated);
605
598 606 
        //process extra access rules
599 607 
        Vector<XMLAccessDAO> xmlAccessDAOList = dih.getAccessControlList();
600 608 
        if (xmlAccessDAOList != null) {
src/edu/ucsb/nceas/metacat/replication/ReplicationService.java
557 557 
			//      Hashtable<String,Vector<AccessControlForSingleFile>> docinfoHash = dih.getDocInfo();
558 558 
			Hashtable<String, String> docinfoHash = dih.getDocInfo();
559 559 

  		




  560
  
  
    
			// Get user owner of this docid


  		




  561
  
  
    
			String user = (String) docinfoHash.get("user_updated");


  		




  562
  
  
    
			//String user = (String) docinfoHash.get("user_owner");


  		




  
  560
  
    
			


  		




  563
  561
  
    
			// Get home server of this docid


  		




  564
  562
  
    
			String homeServer = (String) docinfoHash.get("home_server");


  		




  565
  563
  
    
			String guid = (String) docinfoHash.get("guid");


  		




  ......




  645
  643
  
    
//			Exception writeException = null;


  		




  646
  644
  
    
			try {


  		




  647
  645
  
    
				wrapper.writeReplication(dbConn, xmldoc, null, null,


  		




  648
  
  
    
						dbaction, docid, user, null, homeServer, server, createdDate,


  		




  
  646
  
    
						dbaction, docid, null, null, homeServer, server, createdDate,


  		




  649
  647
  
    
						updatedDate);


  		




  650
  648
  
    
			} finally {


  		




  651
  649
  
    
//				writeException = e;


  		




  ......




  662
  660
  
    
		        		}


  		




  663
  661
  
    
		            }


  		




  664
  662
  
    
		        }


  		




  665
  
  
    
//				if (accessControlList != null) {


  		




  666
  
  
    
//					for (int i = 0; i < accessControlList.size(); i++) {


  		




  667
  
  
    
//						AccessControlForSingleFile acfsf = (AccessControlForSingleFile) accessControlList


  		




  668
  
  
    
//								.get(i);


  		




  669
  
  
    
//						if (!acfsf.accessControlExists()) {


  		




  670
  
  
    
//							acfsf.insertPermissions();


  		




  671
  
  
    
//							logReplication.info("ReplicationService.handleForceReplicateRequest - document " + docid


  		




  672
  
  
    
//									+ " permissions added to DB");


  		




  673
  
  
    
//						}


  		




  674
  
  
    
//					}


  		




  675
  
  
    
//				}


  		




  
  663
  
    
		        


  		




  
  664
  
    
		        // process the real owner and updater


  		




  
  665
  
    
				String user = (String) docinfoHash.get("user_owner");


  		




  
  666
  
    
				String updated = (String) docinfoHash.get("user_updated");


  		




  
  667
  
    
		        updateUserOwner(dbConn, docid, user, updated);


  		




  676
  668
  
    

  		




  677
  
  
    
//				if (writeException != null) {


  		




  678
  
  
    
//					throw writeException;


  		




  679
  
  
    
//				}


  		




  680
  
  
    

  		




  681
  669
  
    
				logReplication.info("ReplicationService.handleForceReplicateRequest - document " + docid + " added to DB with "


  		




  682
  670
  
    
						+ "action " + dbaction);


  		




  683
  671
  
    
				


  		




  ......




  834
  822
  
    
			XMLReader docinfoParser = ReplicationHandler.initParser(dih);


  		




  835
  823
  
    
			docinfoParser.parse(new InputSource(new StringReader(docInfoStr)));


  		




  836
  824
  
    
			Hashtable<String, String> docinfoHash = dih.getDocInfo();


  		




  837
  
  
    
			String user = (String) docinfoHash.get("user_updated");


  		




  838
  
  
    
			//String user = (String) docinfoHash.get("user_owner");


  		




  839
  
  
    

  		




  
  825
  
    
			


  		




  840
  826
  
    
			String docName = (String) docinfoHash.get("docname");


  		




  841
  827
  
    

  		




  842
  828
  
    
			String docType = (String) docinfoHash.get("doctype");


  		




  ......




  871
  857
  
    
				//into file system


  		




  872
  858
  
    
				try {


  		




  873
  859
  
    
					DocumentImpl.writeDataFileInReplication(url.openStream(),


  		




  874
  
  
    
							datafilePath, docName, docType, docid, user, docHomeServer,


  		




  
  860
  
    
							datafilePath, docName, docType, docid, null, docHomeServer,


  		




  875
  861
  
    
							server, DocumentImpl.DOCUMENTTABLE, false, createdDate,


  		




  876
  862
  
    
							updatedDate);


  		




  877
  863
  
    
				} catch (Exception e) {


  		




  878
  864
  
    
					writeException = e;


  		




  879
  865
  
    
				}


  		




  880
  
  
    
				//process extra access rules


  		




  881
  
  
    
//				Vector<AccessControlForSingleFile> accessControlList = dih


  		




  882
  
  
    
//						.getAccessControlList();


  		




  883
  
  
    
//				if (accessControlList != null) {


  		




  884
  
  
    
//					for (int i = 0; i < accessControlList.size(); i++) {


  		




  885
  
  
    
//						AccessControlForSingleFile acfsf = (AccessControlForSingleFile) accessControlList


  		




  886
  
  
    
//								.get(i);


  		




  887
  
  
    
//						if (!acfsf.accessControlExists()) {


  		




  888
  
  
    
//							acfsf.insertPermissions();


  		




  889
  
  
    
//							logReplication.info("ReplicationService.handleForceReplicateDataFileRequest - datafile " + docid


  		




  890
  
  
    
//									+ " permissions added to DB");


  		




  891
  
  
    
//						}


  		




  892
  
  
    
//					}


  		




  893
  
  
    
//				}


  		




  894
  866
  
    
				


  		




  
  867
  
    
				// process the real owner and updater


  		




  
  868
  
    
				DBConnection dbConn = DBConnectionPool.getDBConnection("ReplicationService.handleForceDataFileRequest");


  		




  
  869
  
    
		        int serialNumber = dbConn.getCheckOutSerialNumber();


  		




  
  870
  
    
		        dbConn.setAutoCommit(false);


  		




  
  871
  
    
				String user = (String) docinfoHash.get("user_owner");


  		




  
  872
  
    
				String updated = (String) docinfoHash.get("user_updated");


  		




  
  873
  
    
		        updateUserOwner(dbConn, docid, user, updated);


  		




  
  874
  
    
		        DBConnectionPool.returnDBConnection(dbConn, serialNumber);


  		




  
  875
  
    
		        


  		




  895
  876
  
    
		        Vector<XMLAccessDAO> accessControlList = dih.getAccessControlList();


  		




  896
  877
  
    
		        if (accessControlList != null) {


  		




  897
  878
  
    
		        	AccessControlForSingleFile acfsf = new AccessControlForSingleFile(docid);


  		




  ......




  1519
  1500
  
    

  		




  1520
  1501
  
    
	}//handlUpdateRequest


  		




  1521
  1502
  
    

  		




  
  1503
  
    
	/**


  		




  
  1504
  
    
	 * 


  		




  
  1505
  
    
	 * @param dbConn connection for doing the update


  		




  
  1506
  
    
	 * @param docid the document id to update


  		




  
  1507
  
    
	 * @param owner the user_owner


  		




  
  1508
  
    
	 * @param updater the user_updated


  		




  
  1509
  
    
	 * @throws SQLException


  		




  
  1510
  
    
	 */


  		




  
  1511
  
    
	public static void updateUserOwner(DBConnection dbConn, String docid, String owner, String updater) throws SQLException {


  		




  
  1512
  
    
	


  		




  
  1513
  
    
		String sql = 


  		




  
  1514
  
    
			"UPDATE xml_documents " +


  		




  
  1515
  
    
			"SET user_owner = ?, " +


  		




  
  1516
  
    
			"user_updated = ? " +


  		




  
  1517
  
    
			"WHERE docid = ?;";


  		




  
  1518
  
    
		PreparedStatement pstmt = dbConn.prepareStatement(sql);


  		




  
  1519
  
    
		//usage count should increas 1


  		




  
  1520
  
    
		dbConn.increaseUsageCount(1);


  		




  
  1521
  
    

  		




  
  1522
  
    
		docid = DocumentUtil.getSmartDocId(docid);


  		




  
  1523
  
    
		pstmt.setString(1, owner);


  		




  
  1524
  
    
		pstmt.setString(2, updater);


  		




  
  1525
  
    
		pstmt.setString(3, docid);


  		




  
  1526
  
    
		pstmt.execute();


  		




  
  1527
  
    
		pstmt.close();


  		




  
  1528
  
    
		


  		




  
  1529
  
    
		dbConn.commit();


  		




  
  1530
  
    
	}


  		




  
  1531
  
    
	


  		




  1522
  1532
  
    
	/*


  		




  1523
  1533
  
    
	 * This method will get the xml string for document in xml_revision


  		




  1524
  1534
  
    
	 * The schema look like <!ELEMENT revisionDocument (docid, rev, datafile*)>


  		












Also available in:  Unified diff