/src/edu/ucsb/nceas/metacat/dataone/CNodeService.java - Annotate - Metacat - Ecoinformatics Redmine

metacat/src/edu/ucsb/nceas/metacat/dataone/CNodeService.java @ 6402

-            cjones
+/**
  *  '$RCSfile$'
  *  Copyright: 2000-2011 Regents of the University of California and the
  *              National Center for Ecological Analysis and Synthesis
+ *
  *   '$Author:  $'
  *     '$Date:  $'
+ *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation; either version 2 of the License, or
  * (at your option) any later version.
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
+ *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 package edu.ucsb.nceas.metacat.dataone;
 import java.util.Date;
-            leinfelder
+import java.util.List;
             cjones
-            cjones
+import org.apache.log4j.Logger;
-            leinfelder
+import org.dataone.service.cn.v1.CNAuthorization;
 import org.dataone.service.cn.v1.CNCore;
 import org.dataone.service.cn.v1.CNRead;
 import org.dataone.service.cn.v1.CNReplication;
-            cjones
+import org.dataone.service.exceptions.IdentifierNotUnique;
 import org.dataone.service.exceptions.InsufficientResources;
 import org.dataone.service.exceptions.InvalidRequest;
 import org.dataone.service.exceptions.InvalidSystemMetadata;
 import org.dataone.service.exceptions.InvalidToken;
 import org.dataone.service.exceptions.NotAuthorized;
 import org.dataone.service.exceptions.NotFound;
 import org.dataone.service.exceptions.NotImplemented;
 import org.dataone.service.exceptions.ServiceFailure;
-            leinfelder
+import org.dataone.service.types.v1.Checksum;
 import org.dataone.service.types.v1.Identifier;
 import org.dataone.service.types.v1.NodeList;
 import org.dataone.service.types.v1.ObjectFormat;
 import org.dataone.service.types.v1.ObjectFormatIdentifier;
 import org.dataone.service.types.v1.ObjectFormatList;
 import org.dataone.service.types.v1.ObjectList;
 import org.dataone.service.types.v1.ObjectLocationList;
 import org.dataone.service.types.v1.Permission;
 import org.dataone.service.types.v1.Replica;
 import org.dataone.service.types.v1.ReplicationPolicy;
 import org.dataone.service.types.v1.ReplicationStatus;
 import org.dataone.service.types.v1.Session;
 import org.dataone.service.types.v1.Subject;
 import org.dataone.service.types.v1.SystemMetadata;
             cjones
-            leinfelder
+import edu.ucsb.nceas.metacat.EventLog;
 import edu.ucsb.nceas.metacat.IdentifierManager;
-            leinfelder
+import edu.ucsb.nceas.metacat.McdbDocNotFoundException;
-            leinfelder
+import edu.ucsb.nceas.metacat.replication.ForceReplicationSystemMetadataHandler;
-            cjones
+/**
  * Represents Metacat's implementation of the DataONE Coordinating Node
-            cjones
+ * service API. Methods implement the various CN* interfaces, and methods common
-            cjones
+ * to both Member Node and Coordinating Node interfaces are found in the
  * D1NodeService super class.
+ *
  */
 public class CNodeService extends D1NodeService implements CNAuthorization,
-            leinfelder
+    CNCore, CNRead, CNReplication {
             cjones
-            cjones
+	/* the instance of the CNodeService object */
   private static CNodeService instance = null;
   /* the logger instance */
   private Logger logMetacat = null;
             cjones
-            cjones
+  /**
    * singleton accessor
    */
-            cjones
+  public static CNodeService getInstance() {
-            cjones
+    if (instance == null) {
             cjones
-            cjones
+      instance = new CNodeService();
             cjones
             cjones
             cjones
-            cjones
+    return instance;
+  }
   /**
    * Constructor, private for singleton access
    */
-            cjones
+  private CNodeService() {
   	super();
-            cjones
+    logMetacat = Logger.getLogger(CNodeService.class);
+  }
-            cjones
+	/**
 	 * Set the replication policy for an object given the object identifier
+	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param pid - the object identifier for the given object
 	 * @param policy - the replication policy to be applied
+	 *
 	 * @return true or false
+	 *
 	 * @throws NotImplemented
 	 * @throws NotAuthorized
 	 * @throws ServiceFailure
 	 * @throws InvalidRequest
+	 *
 	 */
 	@Override
 	public boolean setReplicationPolicy(Session session, Identifier pid,
 	  ReplicationPolicy policy)
-            leinfelder
+	  throws NotImplemented, NotFound, NotAuthorized, ServiceFailure, InvalidRequest, InvalidToken {
             cjones
-            leinfelder
+		// get the subject
 		Subject subject = session.getSubject();
 		// get the system metadata
 		String guid = pid.getValue();
 		// are we allowed to do this?
-            leinfelder
+		if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
-            leinfelder
+			throw new NotAuthorized("4881", Permission.CHANGE_PERMISSION + " not allowed by " + subject.getValue() + " on " + guid);
             leinfelder
 		SystemMetadata systemMetadata = null;
 		try {
 			systemMetadata = IdentifierManager.getInstance().getSystemMetadata(guid);
 		} catch (McdbDocNotFoundException e) {
 			throw new NotFound("4884", "No record found for: " + guid);
+		}
 		// set the new policy
 		systemMetadata.setReplicationPolicy(policy);
 		// update the metadata
 		try {
 			IdentifierManager.getInstance().updateSystemMetadata(systemMetadata);
 		} catch (McdbDocNotFoundException e) {
 			throw new ServiceFailure("4882", e.getMessage());
+		}
 		return true;
             cjones
 	/**
 	 * Set the replication status for an object given the object identifier
+	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param pid - the object identifier for the given object
 	 * @param status - the replication status to be applied
+	 *
 	 * @return true or false
+	 *
 	 * @throws NotImplemented
 	 * @throws NotAuthorized
 	 * @throws ServiceFailure
 	 * @throws InvalidRequest
 	 * @throws InvalidToken
 	 * @throws NotFound
+	 *
 	 */
 	@Override
 	public boolean setReplicationStatus(Session session, Identifier pid,
 	  ReplicationStatus status)
 	  throws ServiceFailure, NotImplemented, InvalidToken, NotAuthorized,
 	  InvalidRequest, NotFound {
-            leinfelder
+		// get the subject
 		Subject subject = session.getSubject();
 		// get the system metadata
 		String guid = pid.getValue();
 		// are we allowed to do this?
-            leinfelder
+		if (!isAuthorized(session, pid, Permission.WRITE)) {
-            leinfelder
+			throw new NotAuthorized("4720", Permission.WRITE + " not allowed by " + subject.getValue() + " on " + guid);
             leinfelder
 		SystemMetadata systemMetadata = null;
 		try {
 			systemMetadata = IdentifierManager.getInstance().getSystemMetadata(guid);
 		} catch (McdbDocNotFoundException e) {
 			throw new NotFound("4740", "No record found for: " + guid);
+		}
 		// set the status for each replica
 		// TODO: should this method select a certain replica?
 		List<Replica> replicas = systemMetadata.getReplicaList();
 		for (Replica replica: replicas) {
 			replica.setReplicationStatus(status);
+		}
 		// [re]set the list -- redundant?
 		systemMetadata.setReplicaList(replicas);
 		// update the metadata
 		try {
 			IdentifierManager.getInstance().updateSystemMetadata(systemMetadata);
 		} catch (McdbDocNotFoundException e) {
 			throw new ServiceFailure("4700", e.getMessage());
+		}
 		return true;
             cjones
 	/**
 	 * Test that the specified relationship between pidOfSubject and pidOfObject exists
+	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param node - the node information for the given node be modified
+	 *
 	 * @return true if the relationship exists
+	 *
 	 * @throws InvalidToken
 	 * @throws ServiceFailure
 	 * @throws NotAuthorized
 	 * @throws NotFound
 	 * @throws InvalidRequest
 	 * @throws NotImplemented
 	 */
 	@Override
-            leinfelder
+	public boolean assertRelation(Session session, Identifier pidOfSubject,
-            cjones
+		String relationship, Identifier pidOfObject)
 	  throws InvalidToken, ServiceFailure, NotAuthorized, NotFound,
 	  InvalidRequest, NotImplemented {
             leinfelder
 		// get the system metadata
 		String guid1 = pidOfSubject.getValue();
 		// are we allowed to do this?
-            leinfelder
+		if (!isAuthorized(session, pidOfSubject, Permission.READ)) {
-            leinfelder
+			throw new NotAuthorized("4881", Permission.READ + " not allowed on " + guid1);
+		}
 		SystemMetadata systemMetadata = null;
 		try {
 			systemMetadata = IdentifierManager.getInstance().getSystemMetadata(guid1);
 		} catch (McdbDocNotFoundException e) {
 			throw new NotFound("4884", "No record found for: " + guid1);
+		}
 		// check relationships
-            leinfelder
+		// TODO: use ORE map
-            leinfelder
+		if (relationship.equalsIgnoreCase("describes")) {
             leinfelder
             leinfelder
 		if (relationship.equalsIgnoreCase("describedBy")) {
             leinfelder
             leinfelder
 		if (relationship.equalsIgnoreCase("derivedFrom")) {
             leinfelder
             leinfelder
 		if (relationship.equalsIgnoreCase("obsoletes")) {
-            leinfelder
+			Identifier pid = systemMetadata.getObsoletes();
 			if (pid.getValue().equals(pidOfObject.getValue())) {
 				return true;
             leinfelder
 			//return systemMetadata.getObsoleteList().contains(pidOfObject);
             leinfelder
 		if (relationship.equalsIgnoreCase("obsoletedBy")) {
-            leinfelder
+			Identifier pid = systemMetadata.getObsoletedBy();
 			if (pid.getValue().equals(pidOfObject.getValue())) {
 				return true;
             leinfelder
 			//return systemMetadata.getObsoletedByList().contains(pidOfObject);
             leinfelder
-            cjones
+		return false;
+	}
 	/**
-            leinfelder
+	 * Return the checksum of the object given the identifier
             cjones
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param pid - the object identifier for the given object
+	 *
 	 * @return checksum - the checksum of the object
+	 *
 	 * @throws InvalidToken
 	 * @throws ServiceFailure
 	 * @throws NotAuthorized
 	 * @throws NotFound
 	 * @throws InvalidRequest
 	 * @throws NotImplemented
 	 */
 	@Override
 	public Checksum getChecksum(Session session, Identifier pid)
 	  throws InvalidToken, ServiceFailure, NotAuthorized, NotFound,
 	  InvalidRequest, NotImplemented {
-            leinfelder
+		if (!isAuthorized(session, pid, Permission.READ)) {
 			throw new NotAuthorized("1400", Permission.READ + " not allowed on " + pid.getValue());
+		}
 		SystemMetadata systemMetadata = null;
 		try {
 			systemMetadata = IdentifierManager.getInstance().getSystemMetadata(pid.getValue());
 		} catch (McdbDocNotFoundException e) {
 			throw new NotFound("1420", "No record found for: " + pid.getValue());
+		}
 		Checksum checksum = systemMetadata.getChecksum();
 		return checksum;
             cjones
 	/**
 	 * Resolve the location of a given object
+	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param pid - the object identifier for the given object
+	 *
 	 * @return objectLocationList - the list of nodes known to contain the object
+	 *
 	 * @throws InvalidRequest
 	 * @throws InvalidToken
 	 * @throws ServiceFailure
 	 * @throws NotAuthorized
 	 * @throws NotFound
 	 * @throws NotImplemented
 	 */
 	@Override
 	public ObjectLocationList resolve(Session session, Identifier pid)
 	  throws InvalidRequest, InvalidToken, ServiceFailure, NotAuthorized,
 	  NotFound, NotImplemented {
-            leinfelder
+		throw new NotImplemented("4131", "resolve not implemented");
             cjones
 	/**
 	 * Search the metadata catalog for identifiers that match the criteria
+	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param queryType - An identifier for the type of query expression
 	 *                    provided in the query
 	 * @param query -  The criteria for matching the characteristics of the
 	 *                 metadata objects of interest
+	 *
 	 * @return objectList - the list of objects matching the criteria
+	 *
 	 * @throws InvalidToken
 	 * @throws ServiceFailure
 	 * @throws NotAuthorized
 	 * @throws InvalidRequest
 	 * @throws NotImplemented
 	 */
 	@Override
-            leinfelder
+	public ObjectList search(Session session, String queryType, String query)
-            cjones
+	  throws InvalidToken, ServiceFailure, NotAuthorized, InvalidRequest,
 	  NotImplemented {
-            leinfelder
+		ObjectList objectList = null;
 		try {
 		    objectList =
 		    	IdentifierManager.getInstance().querySystemMetadata(
 		    			null, //startTime,
 		    			null, //endTime,
 		    			null, //objectFormat,
 		    			false, //replicaStatus,
 , //start,
 		    			-1 //count
 		    			);
 		} catch (Exception e) {
 			throw new ServiceFailure("4310", "Error querying system metadata: " + e.getMessage());
+		}
-            leinfelder
+	    return objectList;
 		//throw new NotImplemented("4281", "search not implemented");
             leinfelder
 		// the code block below is from an older implementation
 		/*  This block commented out because of the EcoGrid circular dependency.
          *  For now, query will not be supported until the circularity can be
          *  resolved, probably by moving the ecogrid query syntax transformers
          *  directly into the Metacat codebase.  MBJ 2010-02-03
         try {
             EcogridQueryParser parser = new EcogridQueryParser(request
                     .getReader());
             parser.parseXML();
             QueryType queryType = parser.getEcogridQuery();
             EcogridJavaToMetacatJavaQueryTransformer queryTransformer =
                 new EcogridJavaToMetacatJavaQueryTransformer();
             QuerySpecification metacatQuery = queryTransformer
                     .transform(queryType);
             leinfelder
-            leinfelder
+            DBQuery metacat = new DBQuery();
             boolean useXMLIndex = (new Boolean(PropertyService
                     .getProperty("database.usexmlindex"))).booleanValue();
             String xmlquery = "query"; // we don't care the query in resultset,
             // the query can be anything
             PrintWriter out = null; // we don't want metacat result, so set out null
             // parameter: queryspecification, user, group, usingIndexOrNot
             StringBuffer result = metacat.createResultDocument(xmlquery,
                     metacatQuery, out, username, groupNames, useXMLIndex);
             // create result set transfer
             String saxparser = PropertyService.getProperty("xml.saxparser");
             MetacatResultsetParser metacatResultsetParser = new MetacatResultsetParser(
                     new StringReader(result.toString()), saxparser, queryType
                             .getNamespace().get_value());
             ResultsetType records = metacatResultsetParser.getEcogridResult();
             System.out
                     .println(EcogridResultsetTransformer.toXMLString(records));
             response.setContentType("text/xml");
             out = response.getWriter();
             out.print(EcogridResultsetTransformer.toXMLString(records));
         } catch (Exception e) {
             e.printStackTrace();
         }*/
             cjones
 	/**
 	 * Returns the object format registered in the DataONE Object Format
 	 * Vocabulary for the given format identifier
+	 *
 	 * @param fmtid - the identifier of the format requested
+	 *
 	 * @return objectFormat - the object format requested
+	 *
 	 * @throws InvalidRequest
 	 * @throws ServiceFailure
 	 * @throws NotFound
 	 * @throws InsufficientResources
 	 * @throws NotImplemented
 	 */
 	@Override
 	public ObjectFormat getFormat(ObjectFormatIdentifier fmtid)
 	  throws InvalidRequest, ServiceFailure, NotFound, InsufficientResources,
 	  NotImplemented {
             leinfelder
 	  	return ObjectFormatService.getInstance().getFormat(fmtid);
             cjones
 	/**
    * Returns a list of all object formats registered in the DataONE Object
    * Format Vocabulary
+ 	 *
 	 * @return objectFormatList - The list of object formats registered in
 	 *                            the DataONE Object Format Vocabulary
+	 *
 	 * @throws InvalidRequest
 	 * @throws ServiceFailure
 	 * @throws NotImplemented
 	 * @throws NotFound
 	 * @throws InsufficientResources
 	 */
 	@Override
 	public ObjectFormatList listFormats()
 	  throws InvalidRequest, ServiceFailure, NotFound, InsufficientResources,
 	  NotImplemented {
-            leinfelder
+		return ObjectFormatService.getInstance().listFormats();
             cjones
 	/**
    * Returns a list of nodes that have been registered with the DataONE infrastructure
+ 	 *
 	 * @return nodeList - List of nodes from the registry
+	 *
 	 * @throws ServiceFailure
 	 * @throws NotImplemented
 	 */
 	@Override
 	public NodeList listNodes()
 	  throws NotImplemented, ServiceFailure {
-            leinfelder
+		throw new NotImplemented("4800", "listNodes not implemented");
             cjones
 	/**
    * Provides a mechanism for adding system metadata independently of its
    * associated object, such as when adding system metadata for data objects.
+ 	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param pid - The identifier of the object to register the system metadata against
 	 * @param sysmeta - The system metadata to be registered
+	 *
 	 * @return true if the registration succeeds
+	 *
 	 * @throws NotImplemented
 	 * @throws NotAuthorized
 	 * @throws ServiceFailure
 	 * @throws InvalidRequest
 	 * @throws InvalidSystemMetadata
 	 */
 	@Override
-            leinfelder
+	public Identifier registerSystemMetadata(Session session, Identifier guid,
-            cjones
+	  SystemMetadata sysmeta)
 	  throws NotImplemented, NotAuthorized, ServiceFailure, InvalidRequest,
 	  InvalidSystemMetadata {
-            leinfelder
+		// TODO: control who can call this?
 	      if (session == null) {
 	          //TODO: many of the thrown exceptions do not use the correct error codes
 	          //check these against the docs and correct them
-            leinfelder
+	          throw new NotAuthorized("4861", "No Session - could not authorize for registration." +
-            leinfelder
+	                  "  If you are not logged in, please do so and retry the request.");
+	      }
 	      // verify that guid == SystemMetadata.getIdentifier()
 	      logMetacat.debug("Comparing guid|sysmeta_guid: " + guid.getValue() + "|" + sysmeta.getIdentifier().getValue());
 	      if (!guid.getValue().equals(sysmeta.getIdentifier().getValue())) {
 	          throw new InvalidRequest("4863",
 	              "GUID in method call (" + guid.getValue() + ") does not match GUID in system metadata (" +
 	              sysmeta.getIdentifier().getValue() + ").");
+	      }
 	      logMetacat.debug("Checking if identifier exists...");
 	      // Check that the identifier does not already exist
-            leinfelder
+	      if (IdentifierManager.getInstance().identifierExists(guid.getValue())) {
-            leinfelder
+	          throw new InvalidRequest("4863",
 	              "GUID is already in use by an existing object.");
             leinfelder
             leinfelder
 	      // insert the system metadata into the object store
 	      logMetacat.debug("Starting to insert SystemMetadata...");
 	      sysmeta.setDateSysMetadataModified(new Date());
 	      try {
 			    IdentifierManager.getInstance().createSystemMetadata(sysmeta);
 			    // force replication of this record
 			    ForceReplicationSystemMetadataHandler forceReplication =
 			    	new ForceReplicationSystemMetadataHandler(guid.getValue(), null);
 		    } catch (Exception e) {
 	          throw new ServiceFailure("4862", "Error inserting system metadata: " + e.getClass() + ": " + e.getMessage());
+		    }
 	      logMetacat.debug("Returning from registerSystemMetadata");
 	      EventLog.getInstance().log(null, session.getSubject().getValue(), guid.getValue(), "registerSystemMetadata");
-            leinfelder
+	      return guid;
             cjones
 	/**
-            leinfelder
+	 * Provides a mechanism for updating system metadata independently of its
 	 * associated object
+ 	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param pid - The identifier of the system metadata
 	 * @param sysmeta - The system metadata to be registered
+	 *
 	 * @return true if the update succeeds
+	 *
 	 * @throws NotImplemented
 	 * @throws NotAuthorized
 	 * @throws ServiceFailure
 	 * @throws InvalidRequest
 	 * @throws InvalidSystemMetadata
 	 * @throws NotFound
 	 */
 	@Override
 	public boolean updateSystemMetadata(Session session, Identifier guid,
 	  SystemMetadata sysmeta)
 	  throws NotImplemented, NotAuthorized, ServiceFailure, InvalidRequest,
 	  InvalidSystemMetadata, NotFound {
 		// TODO: control who can call this?
 	      if (session == null) {
 	          //TODO: many of the thrown exceptions do not use the correct error codes
 	          //check these against the docs and correct them
 	          throw new NotAuthorized("4861", "No Session - could not authorize for update." +
 	                  "  If you are not logged in, please do so and retry the request.");
+	      }
 	      // verify that guid == SystemMetadata.getIdentifier()
 	      logMetacat.debug("Comparing guid|sysmeta_guid: " + guid.getValue() + "|" + sysmeta.getIdentifier().getValue());
 	      if (!guid.getValue().equals(sysmeta.getIdentifier().getValue())) {
 	          throw new InvalidRequest("4863",
 	              "GUID in method call (" + guid.getValue() + ") does not match GUID in system metadata (" +
 	              sysmeta.getIdentifier().getValue() + ").");
+	      }
 	      logMetacat.debug("Checking if identifier exists...");
 	      // Check that the identifier exists
 	      if (!IdentifierManager.getInstance().identifierExists(guid.getValue())) {
 	          throw new NotFound("000",
 	              "GUID does not exist");
+	      }
 	      // update the system metadata into the object store
 	      logMetacat.debug("Starting to update SystemMetadata...");
 	      sysmeta.setDateSysMetadataModified(new Date());
 	      try {
 			    IdentifierManager.getInstance().updateSystemMetadata(sysmeta);
 			    // force replication of this record
 			    ForceReplicationSystemMetadataHandler forceReplication =
 			    	new ForceReplicationSystemMetadataHandler(guid.getValue(), null);
 		    } catch (Exception e) {
 	          throw new ServiceFailure("4862", "Error updating system metadata: " + e.getClass() + ": " + e.getMessage());
+		    }
 	      logMetacat.debug("Returning from updateSystemMetadata");
 	      EventLog.getInstance().log(null, session.getSubject().getValue(), guid.getValue(), "updateSystemMetadata");
 	      return true;
+	}
 	/**
-            cjones
+   * Given an optional scope and format, reserves and returns an identifier
    * within that scope and format that is unique and will not be
    * used by any other sessions.
+ 	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param pid - The identifier of the object to register the system metadata against
 	 * @param scope - An optional string to be used to qualify the scope of
 	 *                the identifier namespace, which is applied differently
 	 *                depending on the format requested. If scope is not
 	 *                supplied, a default scope will be used.
 	 * @param format - The optional name of the identifier format to be used,
 	 * 								 drawn from a DataONE-specific vocabulary of identifier
 	 *                 format names, including several common syntaxes such
 	 *                 as DOI, LSID, UUID, and LSRN, among others. If the
 	 *                 format is not supplied by the caller, the CN service
 	 *                 will use a default identifier format, which may change
 	 *                 over time.
+	 *
 	 * @return true if the registration succeeds
+	 *
 	 * @throws InvalidToken
 	 * @throws ServiceFailure
 	 * @throws NotAuthorized
 	 * @throws IdentifierNotUnique
 	 * @throws NotImplemented
 	 */
 	@Override
-            leinfelder
+	public boolean reserveIdentifier(Session session, Identifier pid)
 	throws InvalidToken, ServiceFailure,
         NotAuthorized, IdentifierNotUnique, NotImplemented, InvalidRequest {
             cjones
-            leinfelder
+		throw new NotImplemented("4191", "reserveIdentifier not implemented on this node");
             cjones
             leinfelder
-            leinfelder
+	@Override
 	public Identifier generateIdentifier(Session session, String scheme, String fragment)
 	throws InvalidToken, ServiceFailure,
         NotAuthorized, NotImplemented, InvalidRequest {
 		throw new NotImplemented("4191", "generateIdentifier not implemented on this node");
+	}
-            leinfelder
+	/**
  	 * Checks whether the pid is reserved by the subject in the session param
  	 * If the reservation is held on the pid by the subject, we return true.
+ 	 *
 	 * @param session - the Session object containing the Subject
 	 * @param pid - The identifier to check
+	 *
 	 * @return true if the reservation exists for the subject/pid
+	 *
 	 * @throws InvalidToken
 	 * @throws ServiceFailure
 	 * @throws NotFound - when the pid is not found (in use or in reservation)
 	 * @throws NotAuthorized - when the subject does not hold a reservation on the pid
 	 * @throws IdentifierNotUnique - when the pid is in use
 	 * @throws NotImplemented
 	 */
             cjones
-            leinfelder
+	@Override
 	public boolean hasReservation(Session session, Identifier pid)
 		  throws InvalidToken, ServiceFailure, NotFound, NotAuthorized, IdentifierNotUnique,
 		  NotImplemented, InvalidRequest {
 			throw new NotImplemented("4191", "hasReservation not implemented on this node");
+	}
-            cjones
+	/**
    * Changes ownership (RightsHolder) of the specified object to the
    * subject specified by userId
+ 	 *
 	 * @param session - the Session object containing the credentials for the Subject
 	 * @param pid - Identifier of the object to be modified
 	 * @param userId - The subject that will be taking ownership of the specified object.
+	 *
 	 * @return pid - the identifier of the modified object
+	 *
 	 * @throws ServiceFailure
 	 * @throws InvalidToken
 	 * @throws NotFound
 	 * @throws NotAuthorized
 	 * @throws NotImplemented
 	 * @throws InvalidRequest
 	 */
 	@Override
 	public Identifier setOwner(Session session, Identifier pid, Subject userId)
 	  throws InvalidToken, ServiceFailure, NotFound, NotAuthorized,
 	  NotImplemented, InvalidRequest {
             leinfelder
 		// get the subject
 		Subject subject = session.getSubject();
 		// get the system metadata
 		String guid = pid.getValue();
 		// are we allowed to do this?
-            leinfelder
+		if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
-            leinfelder
+			throw new NotAuthorized("4440", "not allowed by " + subject.getValue() + " on " + guid);
+		}
 		SystemMetadata systemMetadata = null;
 		try {
 			systemMetadata = IdentifierManager.getInstance().getSystemMetadata(guid);
 		} catch (McdbDocNotFoundException e) {
 			throw new NotFound("4460", "No record found for: " + guid);
+		}
 		// set the new rights holder
 		systemMetadata.setRightsHolder(userId);
 		// update the metadata
 		try {
 			IdentifierManager.getInstance().updateSystemMetadata(systemMetadata);
 		} catch (McdbDocNotFoundException e) {
 			throw new ServiceFailure("4490", e.getMessage());
+		}
             cjones
-            leinfelder
+		return pid;
             cjones
-            cjones
+	/**
 	 * Verify that a replication task is authorized by comparing the target node's
 	 * Subject (from the X.509 certificate-derived Session) with the list of
 	 * subjects in the known, pending replication tasks map.
+	 *
 	 * @param originatingNodeSession - Session information that contains the
 	 *                                 identity of the calling user
 	 * @param targetNodeSubject - Subject identifying the target node
 	 * @param pid - the identifier of the object to be replicated
 	 * @param replicatePermission - the execute permission to be granted
+	 *
 	 * @throws ServiceFailure
 	 * @throws NotImplemented
 	 * @throws InvalidToken
 	 * @throws NotAuthorized
 	 * @throws InvalidRequest
 	 * @throws NotFound
 	 */
 	@Override
   public boolean isReplicationAuthorized(Session originatingNodeSession,
     Subject targetNodeSubject, Identifier pid, Permission replicatePermission)
 	  throws NotImplemented, NotAuthorized, InvalidToken, ServiceFailure,
 	  NotFound, InvalidRequest {
 		throw new NotImplemented("4870", "isReplicationAuthorized not implemented");
+  }
             cjones

Project

General

Profile

Metacat