Revision 6463
Added by Chris Jones over 13 years ago
src/edu/ucsb/nceas/metacat/dataone/CNodeService.java | ||
---|---|---|
43 | 43 |
import org.dataone.service.exceptions.ServiceFailure; |
44 | 44 |
import org.dataone.service.types.v1.Checksum; |
45 | 45 |
import org.dataone.service.types.v1.Identifier; |
46 |
import org.dataone.service.types.v1.Node; |
|
46 | 47 |
import org.dataone.service.types.v1.NodeList; |
47 | 48 |
import org.dataone.service.types.v1.NodeReference; |
48 | 49 |
import org.dataone.service.types.v1.ObjectFormat; |
... | ... | |
734 | 735 |
throws NotImplemented, NotAuthorized, InvalidToken, ServiceFailure, |
735 | 736 |
NotFound, InvalidRequest { |
736 | 737 |
|
737 |
// build a predicate like: |
|
738 |
// "pid = '{pid} ' AND |
|
739 |
// pemission = '{permission} ' AND |
|
740 |
// originatingNodeSubject = '{originatingNodeSubject}' AND |
|
741 |
// targetNodeSubject = '{targetNodeSubject} '" |
|
742 |
boolean isAllowed = false; |
|
743 |
String query = ""; |
|
744 |
query += "pid = '"; |
|
745 |
query += pid; |
|
746 |
query += "' AND permission = '"; |
|
747 |
query += replicatePermission.name(); |
|
748 |
query += "' AND originatingNodeSubject = '"; |
|
749 |
query += originatingNodeSession.getSubject().getValue(); |
|
750 |
query += "' AND targetNodeSubject = '"; |
|
751 |
query += targetNodeSubject.getValue(); |
|
752 |
query += "'"; |
|
738 |
boolean isAllowed = false; |
|
739 |
SystemMetadata sysmeta = null; |
|
740 |
String query = "subject = '" + targetNodeSubject + "'"; |
|
741 |
NodeReference targetNode = null; |
|
742 |
|
|
743 |
try { |
|
744 |
// get the target node reference from the hzNodes map |
|
745 |
Set<Node> nodeList = (Set<Node>) |
|
746 |
HazelcastService.getInstance().getNodesMap().values(new SqlPredicate(query)); |
|
753 | 747 |
|
754 |
logMetacat.debug("Pending replication task query is: " + query); |
|
755 |
// search the hzPendingReplicationTasks map for the originating node subject, |
|
756 |
// target node subject, pid, and replicate permission |
|
748 |
// we should only have one subject DN per node |
|
749 |
for (Node node : nodeList) { |
|
750 |
targetNode = node.getIdentifier(); |
|
751 |
break; |
|
752 |
|
|
753 |
} |
|
754 |
//lock, get, and unlock the pid |
|
755 |
HazelcastService.getInstance().getSystemMetadataMap().lock(pid); |
|
756 |
sysmeta = HazelcastService.getInstance().getSystemMetadataMap().get(pid); |
|
757 |
HazelcastService.getInstance().getSystemMetadataMap().unlock(pid); |
|
758 |
List<Replica> replicaList = sysmeta.getReplicaList(); |
|
757 | 759 |
|
758 |
Set<CNReplicationTask> tasks = |
|
759 |
(Set<CNReplicationTask>) HazelcastService.getInstance().getPendingReplicationTasks().values(new SqlPredicate(query)); |
|
760 |
|
|
761 |
// do we have a matching task? |
|
762 |
if ( tasks.size() >= 1 ) { |
|
763 |
isAllowed = true; |
|
764 |
|
|
760 |
// find the replica with the status set to 'requested' |
|
761 |
for(Replica replica : replicaList) { |
|
762 |
ReplicationStatus status = replica.getReplicationStatus(); |
|
763 |
NodeReference listedNode = replica.getReplicaMemberNode(); |
|
764 |
if ( listedNode.equals(targetNode) && |
|
765 |
status.equals(ReplicationStatus.REQUESTED)) { |
|
766 |
isAllowed = true; |
|
767 |
break; |
|
768 |
|
|
769 |
} |
|
765 | 770 |
} |
771 |
|
|
772 |
} catch(Exception e) { |
|
773 |
// Catch Hazelcast RuntimeExceptions |
|
766 | 774 |
|
767 |
return isAllowed; |
|
775 |
} finally { |
|
776 |
// always unlock the pid |
|
777 |
HazelcastService.getInstance().getSystemMetadataMap().unlock(pid); |
|
778 |
|
|
779 |
} |
|
780 |
|
|
781 |
return isAllowed; |
|
768 | 782 |
|
769 | 783 |
} |
770 | 784 |
|
Also available in: Unified diff
Change isNodeAuthorized() to query the hzSystemMetadata map rather than the hzPendingreplicationTasks map. The latter isn't needed for authorization since the ReplicationStatus for each Replica in SystemMetadata lists the status of the replica and can be queried.