/ - Diff - Metacat - Ecoinformatics Redmine

« Previous | Next »

Revision 6334

Added by ben leinfelder over 13 years ago

consistently construct username/groups for MetacatHandler calls - also consistently call isAuthorized

     import java.io.InputStream;
     import java.security.NoSuchAlgorithmException;
     import java.sql.SQLException;
     import java.util.ArrayList;
     import java.util.Date;
     import java.util.List;
-...
     import org.apache.log4j.Logger;
     import org.dataone.client.D1Client;
     import org.dataone.client.MNode;
     import org.dataone.service.Constants;
     import org.dataone.service.exceptions.IdentifierNotUnique;
     import org.dataone.service.exceptions.InsufficientResources;
     import org.dataone.service.exceptions.InvalidRequest;
-...
         String localId = null;
         boolean allowed = false;
         Subject subject = session.getSubject();
         List<Group> groupList = new ArrayList<Group>();
         String[] groups = new String[0];
         if ( session.getSubjectList() != null ) {
           groupList = session.getSubjectList().getGroupList();
           groups = new String[groupList.size()];
         String username = Constants.PUBLIC_SUBJECT;
         String[] groupnames = null;
         if (session != null ) {
         	username = session.getSubject().getValue();
         	if (session.getSubjectList() != null) {
         		List<Group> groupList = session.getSubjectList().getGroupList();
         		if (groupList != null) {
         			groupnames = new String[groupList.size()];
         			for (int i = 0; i > groupList.size(); i++ ) {
         				groupnames[i] = groupList.get(i).getGroupName();
+        			}
+        		}
+        	}
+        }
         IdentifierManager im = IdentifierManager.getInstance();
         // put the group names into a string array
         if( session != null ) {
           for ( int i = 0; i > groupList.size(); i++ ) {
             groups[i] = groupList.get(i).getGroupName();
+          }
+        }
         // be sure the user is authenticated for delete()
         if (subject.getValue() == null ||
             subject.getValue().toLowerCase().equals("public") ) {
           throw new NotAuthorized("1320", "The provided identity does not have " +
             "permission to DELETE objects on the Member Node.");
+        }
         // do we have a valid pid?
         if ( pid == null || pid.getValue().trim().equals("") ) {
           throw new InvalidRequest("1322", "The provided identifier was invalid.");
+        }
         // check for the existing identifier
         try {
           localId = im.getLocalId(pid.getValue());
           localId = IdentifierManager.getInstance().getLocalId(pid.getValue());
         } catch (McdbDocNotFoundException e) {
           throw new InvalidRequest("1322", "The object with the provided " +
-...
         if ( allowed ) {
           try {
             // delete the document
             DocumentImpl.delete(localId, subject.getValue(), groups, null);
             EventLog.getInstance().log(metacatUrl, subject.getValue(), localId, "delete");
             DocumentImpl.delete(localId, username, groupnames, null);
             EventLog.getInstance().log(metacatUrl, username, localId, Event.DELETE.toString());
           } catch (McdbDocNotFoundException e) {
             throw new InvalidRequest("1322", "The provided identifier was invalid.");
-...
         String localId = null;
         boolean allowed = false;
         boolean isScienceMetadata = false;
         List<Group> groupList = new ArrayList<Group>();
         String[] groups = new String[0];
         Subject subject = session.getSubject();
         if ( session.getSubjectList() != null ) {
           groupList = session.getSubjectList().getGroupList();
           groups = new String[groupList.size()];
+        }
         IdentifierManager im = IdentifierManager.getInstance();
         // put the group names into a string array
         if( session != null ) {
           for ( int i = 0; i > groupList.size(); i++ ) {
             groups[i] = groupList.get(i).getGroupName();
+          }
+        }
         // be sure the user is authenticated for update()
         if (subject.getValue() == null ||
             subject.getValue().toLowerCase().equals("public") ) {
           throw new NotAuthorized("1200", "The provided identity does not have " +
             "permission to UPDATE objects on the Member Node.");
+        }
         // do we have a valid pid?
         if ( pid == null || pid.getValue().trim().equals("") ) {
           throw new InvalidRequest("1202", "The provided identifier was invalid.");
-...
         // check for the existing identifier
         try {
           localId = im.getLocalId(pid.getValue());
           localId = IdentifierManager.getInstance().getLocalId(pid.getValue());
         } catch (McdbDocNotFoundException e) {
           throw new InvalidRequest("1202", "The object with the provided " +
-...
               localId = insertOrUpdateDocument(objectAsXML, newPid, session, "update");
               // register the newPid and the generated localId
               if ( newPid != null ) {
                 im.createMapping(newPid.getValue(), localId);
             	  IdentifierManager.getInstance().createMapping(newPid.getValue(), localId);
+              }
-...
             localId = insertDataObject(object, newPid, session);
             // register the newPid and the generated localId
             if ( newPid != null ) {
               im.createMapping(newPid.getValue(), localId);
             	IdentifierManager.getInstance().createMapping(newPid.getValue(), localId);
+            }

Also available in: Unified diff

Project

General

Profile

Metacat

Revision 6334

Added by ben leinfelder over 13 years ago