Revision 638
Added by bojilova over 23 years ago
| src/edu/ucsb/nceas/metacat/DBSAXHandler.java | ||
|---|---|---|
| 15 | 15 |
package edu.ucsb.nceas.metacat; |
| 16 | 16 |
|
| 17 | 17 |
import java.sql.*; |
| 18 |
import java.io.StringReader; |
|
| 18 | 19 |
import java.util.Stack; |
| 19 | 20 |
import java.util.Vector; |
| 20 | 21 |
import java.util.Enumeration; |
| ... | ... | |
| 191 | 192 |
DBSAXNode currNode = null; |
| 192 | 193 |
DBSAXNode prevNode = null; |
| 193 | 194 |
Connection dbconn = null; |
| 195 |
String doctype = currentDocument.getDoctype(); |
|
| 194 | 196 |
int step = 0; |
| 195 | 197 |
int counter = 0; |
| 196 | 198 |
|
| ... | ... | |
| 204 | 206 |
Enumeration nodes = nodeIndex.elements(); |
| 205 | 207 |
while ( nodes.hasMoreElements() ) {
|
| 206 | 208 |
currNode = (DBSAXNode)nodes.nextElement(); |
| 207 |
currNode.updateNodeIndex(dbconn, docid, currentDocument.getDoctype());
|
|
| 209 |
currNode.updateNodeIndex(dbconn, docid, doctype);
|
|
| 208 | 210 |
} |
| 209 | 211 |
|
| 210 | 212 |
dbconn.commit(); |
| 211 |
|
|
| 213 |
|
|
| 212 | 214 |
//if this is a package file then write the package info to |
| 213 | 215 |
//the xml_relation table. RelationHandler checks to see |
| 214 | 216 |
//if it is a package file so you don't have to do it here. |
| 215 |
DocumentImpl xmldoc = new DocumentImpl(dbconn, docid); |
|
| 216 |
RelationHandler rth = new RelationHandler(xmldoc, dbconn); |
|
| 217 |
if ( doctype.equals(util.getOption("packagedoctype")) )
|
|
| 218 |
{
|
|
| 219 |
DocumentImpl xmldoc = new DocumentImpl(dbconn, docid); |
|
| 220 |
RelationHandler rth = new RelationHandler(xmldoc, dbconn); |
|
| 221 |
} |
|
| 222 |
else if ( doctype.equals("-//NCEAS//eml-access//EN") )
|
|
| 223 |
{
|
|
| 224 |
DocumentImpl xmldoc = new DocumentImpl(dbconn, docid); |
|
| 225 |
String xml = xmldoc.toString(); |
|
| 226 |
AccessControlList aclobj = |
|
| 227 |
new AccessControlList(dbconn,docid,null,new StringReader(xml)); |
|
| 228 |
dbconn.commit(); |
|
| 229 |
} |
|
| 217 | 230 |
|
| 231 |
|
|
| 218 | 232 |
dbconn.close(); |
| 219 | 233 |
|
| 220 | 234 |
} catch (Exception e) {
|
| src/edu/ucsb/nceas/metacat/DocumentImpl.java | ||
|---|---|---|
| 842 | 842 |
conn.setAutoCommit(false); |
| 843 | 843 |
parser.parse(new InputSource(xml)); |
| 844 | 844 |
conn.commit(); |
| 845 |
|
|
| 846 |
// if acltext is provided for @xml, store acl info into db |
|
| 845 | 847 |
if ( acl != null ) |
| 846 | 848 |
{
|
| 847 |
if ( action.equals("UPDATE") )
|
|
| 848 |
{
|
|
| 849 |
Statement stmt = conn.createStatement(); |
|
| 850 |
stmt.execute("DELETE FROM xml_access WHERE docid='"+newdocid+"'");
|
|
| 851 |
stmt.close(); |
|
| 852 |
} |
|
| 853 |
AccessControlList aclobj = new AccessControlList(conn,newdocid,acl); |
|
| 849 |
AccessControlList aclobj=new AccessControlList(conn,null,newdocid,acl); |
|
| 854 | 850 |
conn.commit(); |
| 855 | 851 |
} |
| 852 |
|
|
| 856 | 853 |
conn.setAutoCommit(true); |
| 857 | 854 |
} |
| 858 | 855 |
catch (Exception e) |
| ... | ... | |
| 909 | 906 |
} |
| 910 | 907 |
|
| 911 | 908 |
try |
| 912 |
{
|
|
| 909 |
{
|
|
| 913 | 910 |
XMLReader parser=initializeParser(conn,action,newdocid,user,serverCode,dtd); |
| 914 | 911 |
conn.setAutoCommit(false); |
| 915 | 912 |
parser.parse(new InputSource(xml)); |
| 916 | 913 |
conn.commit(); |
| 914 |
|
|
| 915 |
// if acltext is provided for @xml, store acl info into db |
|
| 917 | 916 |
if ( acl != null ) |
| 918 | 917 |
{
|
| 919 |
if ( action.equals("UPDATE") )
|
|
| 920 |
{
|
|
| 921 |
Statement stmt = conn.createStatement(); |
|
| 922 |
stmt.execute("DELETE FROM xml_access WHERE docid='"+newdocid +"'");
|
|
| 923 |
stmt.close(); |
|
| 924 |
} |
|
| 925 |
AccessControlList aclobj = new AccessControlList(conn, newdocid, acl); |
|
| 918 |
AccessControlList aclobj=new AccessControlList(conn,null,newdocid,acl); |
|
| 926 | 919 |
conn.commit(); |
| 927 |
} |
|
| 920 |
} |
|
| 921 |
|
|
| 928 | 922 |
conn.setAutoCommit(true); |
| 929 | 923 |
|
| 930 | 924 |
} |
| ... | ... | |
| 992 | 986 |
//no longer be active if it has been deleted from the system. |
| 993 | 987 |
RelationHandler.deleteRelations(docid); |
| 994 | 988 |
} |
| 995 |
|
|
| 989 |
|
|
| 996 | 990 |
/** |
| 997 | 991 |
* Check for "WRITE" permission on @docid for @user and/or @group |
| 998 | 992 |
* from DB connection |
| src/edu/ucsb/nceas/metacat/AccessControlList.java | ||
|---|---|---|
| 46 | 46 |
private Stack elementStack; |
| 47 | 47 |
|
| 48 | 48 |
private boolean processingDTD; |
| 49 |
private String aclid; |
|
| 50 |
private String docid; |
|
| 49 | 51 |
private String docname; |
| 50 | 52 |
private String doctype; |
| 51 | 53 |
private String systemid; |
| 52 | 54 |
|
| 55 |
private String resourceURL; |
|
| 53 | 56 |
private String resourceId; |
| 54 | 57 |
private Vector principalName; |
| 55 | 58 |
private int permission; |
| ... | ... | |
| 58 | 61 |
private String beginTime; |
| 59 | 62 |
private String endTime; |
| 60 | 63 |
private int ticketCount; |
| 61 |
|
|
| 64 |
|
|
| 62 | 65 |
/** |
| 63 | 66 |
* Construct an instance of the AccessControlList class. |
| 64 | 67 |
* It is used by the permission check up from DBQuery and DocumentImpl |
| ... | ... | |
| 78 | 81 |
* @param docid the Accession# of the document with the acl data |
| 79 | 82 |
* @param acl the acl file containing acl data |
| 80 | 83 |
*/ |
| 81 |
public AccessControlList ( Connection conn, String docid, Reader acl )
|
|
| 84 |
public AccessControlList(Connection conn,String aclid,String docid,Reader acl)
|
|
| 82 | 85 |
throws SAXException, IOException, ClassNotFoundException |
| 83 | 86 |
{
|
| 84 | 87 |
// Get an instance of the parser |
| ... | ... | |
| 90 | 93 |
this.processingDTD = false; |
| 91 | 94 |
this.elementStack = new Stack(); |
| 92 | 95 |
|
| 96 |
this.aclid = aclid; |
|
| 97 |
this.docid = docid; |
|
| 93 | 98 |
this.principalName = new Vector(); |
| 94 | 99 |
this.permission = 0; |
| 95 | 100 |
this.ticketCount = 0; |
| 96 |
|
|
| 101 |
|
|
| 97 | 102 |
// Initialize the parser and read the queryspec |
| 98 | 103 |
XMLReader parser = initializeParser(); |
| 99 | 104 |
parser.parse(new InputSource(acl)); |
| ... | ... | |
| 108 | 113 |
* @param docid the Accession# of the document with the acl data |
| 109 | 114 |
* @param aclfilename the name of acl file containing acl data |
| 110 | 115 |
*/ |
| 111 |
public AccessControlList( Connection conn, String docid, String aclfilename ) |
|
| 116 |
public AccessControlList( Connection conn, String aclid, |
|
| 117 |
String docid, String aclfilename ) |
|
| 112 | 118 |
throws SAXException, IOException, ClassNotFoundException |
| 113 | 119 |
{
|
| 114 |
this(conn,docid,new FileReader(new File(aclfilename).toString()));
|
|
| 120 |
this(conn, aclid, docid, new FileReader(new File(aclfilename).toString()));
|
|
| 115 | 121 |
} |
| 116 |
|
|
| 122 |
|
|
| 117 | 123 |
/** |
| 118 | 124 |
* Set up the SAX parser for reading the XML serialized ACL |
| 119 | 125 |
*/ |
| ... | ... | |
| 125 | 131 |
parser = XMLReaderFactory.createXMLReader(parserName); |
| 126 | 132 |
|
| 127 | 133 |
// Turn off validation |
| 128 |
parser.setFeature("http://xml.org/sax/features/validation", false);
|
|
| 134 |
parser.setFeature("http://xml.org/sax/features/validation", true);
|
|
| 129 | 135 |
|
| 130 | 136 |
// Set Handlers in the parser |
| 131 | 137 |
// Set the ContentHandler to this instance |
| ... | ... | |
| 177 | 183 |
String currentTag = currentNode.getTagName(); |
| 178 | 184 |
|
| 179 | 185 |
if (currentTag.equals("resourceIdentifier")) {
|
| 180 |
resourceId = inputString; |
|
| 186 |
if ( docid != null ) {
|
|
| 187 |
resourceId = docid; |
|
| 188 |
} else {
|
|
| 189 |
resourceURL = inputString; |
|
| 190 |
resourceId = getDocID(inputString); |
|
| 191 |
// here should be ProtocolHandler.get("docid");
|
|
| 192 |
} |
|
| 181 | 193 |
} else if (currentTag.equals("principalName")) {
|
| 182 | 194 |
principalName.addElement(new String(inputString)); |
| 183 | 195 |
} else if (currentTag.equals("permission")) {
|
| ... | ... | |
| 210 | 222 |
throws SAXException |
| 211 | 223 |
{
|
| 212 | 224 |
BasicNode leaving = (BasicNode)elementStack.pop(); |
| 213 |
if ( leaving.getTagName().equals("allow") ) {
|
|
| 225 |
if ( leaving.getTagName().equals("resourceIdentifier") ) {
|
|
| 214 | 226 |
|
| 227 |
try {
|
|
| 228 |
// delete all acl records for resourceId first if any |
|
| 229 |
deletePermissions(); |
|
| 230 |
// make a relationship for acl file on resourceId |
|
| 231 |
if ( aclid != null ) {
|
|
| 232 |
insertRelation(); |
|
| 233 |
} |
|
| 234 |
} catch (SQLException sqle) {
|
|
| 235 |
throw new SAXException(sqle); |
|
| 236 |
} |
|
| 237 |
|
|
| 238 |
} else if ( leaving.getTagName().equals("allow") ) {
|
|
| 239 |
|
|
| 215 | 240 |
if ( permission > 0 ) {
|
| 216 | 241 |
|
| 217 | 242 |
// insert into db calculated permission for the list of principals |
| ... | ... | |
| 297 | 322 |
return processingDTD; |
| 298 | 323 |
} |
| 299 | 324 |
|
| 325 |
/** Delete from db all permission for resourceId if any */ |
|
| 326 |
private void deletePermissions() |
|
| 327 |
throws SQLException |
|
| 328 |
{
|
|
| 329 |
// delete all acl records for resourceId if any |
|
| 330 |
Statement stmt = conn.createStatement(); |
|
| 331 |
stmt.execute("DELETE FROM xml_access WHERE docid='" + resourceId +"'");
|
|
| 332 |
stmt.close(); |
|
| 333 |
} |
|
| 334 |
|
|
| 335 |
/** Insert relationship into db for aclid on resourceId */ |
|
| 336 |
private void insertRelation() |
|
| 337 |
throws SQLException |
|
| 338 |
{
|
|
| 339 |
MetaCatUtil util = new MetaCatUtil(); |
|
| 340 |
String server = util.getOption("server");
|
|
| 341 |
String aclURL = "metacat://" + server + "?docid=" + aclid; |
|
| 342 |
|
|
| 343 |
// insert relationship |
|
| 344 |
PreparedStatement pstmt; |
|
| 345 |
pstmt = conn.prepareStatement( |
|
| 346 |
"INSERT INTO xml_relation (docid,subject,relationship,object) " + |
|
| 347 |
"VALUES (?, ?, ?, ?)"); |
|
| 348 |
pstmt.setString(1, aclid); |
|
| 349 |
pstmt.setString(2, aclURL); |
|
| 350 |
pstmt.setString(3, "isaclfor"); |
|
| 351 |
pstmt.setString(4, resourceURL); |
|
| 352 |
|
|
| 353 |
pstmt.execute(); |
|
| 354 |
pstmt.close(); |
|
| 355 |
} |
|
| 356 |
|
|
| 300 | 357 |
/** Insert into db calculated permission for the list of principals */ |
| 301 | 358 |
private void insertPermissions( String permType ) |
| 302 | 359 |
throws SQLException |
| 303 | 360 |
{
|
| 304 | 361 |
PreparedStatement pstmt; |
| 305 |
// |
|
| 362 |
|
|
| 306 | 363 |
try {
|
| 307 | 364 |
pstmt = conn.prepareStatement( |
| 308 | 365 |
"INSERT INTO xml_access " + |
| ... | ... | |
| 416 | 473 |
permOrder = rs.getString(2); |
| 417 | 474 |
ticketCount = rs.getInt(3); |
| 418 | 475 |
if ( ( accessValue & intValue(permission) ) == intValue(permission) && |
| 419 |
( permOrder.equals("allow first") ) &&
|
|
| 476 |
( permOrder.equals("allowFirst") ) &&
|
|
| 420 | 477 |
( rs.wasNull() || ticketCount > 0 ) ) {
|
| 421 | 478 |
if ( !rs.wasNull() && ticketCount > 0 ) {
|
| 422 | 479 |
decreaseNumberOfAccess(accessValue,principal,resourceId,"denied"); |
| ... | ... | |
| 507 | 564 |
|
| 508 | 565 |
return -1; |
| 509 | 566 |
} |
| 567 |
|
|
| 568 |
// TEMPORARY - ProtocolHandler should be used instead |
|
| 569 |
// get the docid from @url |
|
| 570 |
private String getDocID ( String url ) throws SAXException |
|
| 571 |
{
|
|
| 572 |
try {
|
|
| 573 |
return url.substring(url.lastIndexOf("docid=")+6);
|
|
| 574 |
} catch (StringIndexOutOfBoundsException e) {
|
|
| 575 |
throw new SAXException(e.getMessage()); |
|
| 576 |
} |
|
| 577 |
} |
|
| 510 | 578 |
} |
Also available in: Unified diff
included support for submition of access files
+ storing the acl info in xml_access table and relationship records in xml_relation table like
<aclfile, "isaclfilefor", recourceIdentifier> for every resource included in the access file