throw NotAllowed in MNodeService.delete() when isAuthorized() returns false.
Implement the MNStorage.delete() MNodeService. There is debate about what permissions are needed to 'delete' an object (archive it in metacat terms): D1 'WRITE' (metacat 'write') or D1 CHANGE_PERMISSION (metacat 'all'). For now we are using CHANGE_PERMISSION until it is ironed out.
add shared operations for authorization
share tempDir method with subclasses
make RestServlet and ResourceHandler extendible for D1 CN and MN handlers
use session member variable now that we actually have it
isAuthorized: check for nulls in Session subjects, catch any unexpected errors and deny access when in doubt
remove CrudService calls in favor of MNodeService
Remove setParamsFromRequest() from D1NodeService. This was called (previously as CrudService) from ResourceHandler, but will be deprecated in favor of manually creating a param map for each method that needs to pass params on to MetacatHandler.
Implement [MN|CN]Storage.create() in D1NodeService. Since MetacatHandler requires an IP for event logging, we pass in the metacat URL (hold over from CrudService). To do this in the abstract D1NodeService, change the constructors to take metacatUrl as a parameter and get the URL from the metacat properties file in getInstance() of the subclasses. Needs testing.
View revisions
Also available in: Atom