Project

General

Profile

« Previous | Next » 

Revision 6463

Added by Chris Jones over 13 years ago

Change isNodeAuthorized() to query the hzSystemMetadata map rather than the hzPendingreplicationTasks map. The latter isn't needed for authorization since the ReplicationStatus for each Replica in SystemMetadata lists the status of the replica and can be queried.

View differences:

src/edu/ucsb/nceas/metacat/dataone/CNodeService.java
43 43
import org.dataone.service.exceptions.ServiceFailure;
44 44
import org.dataone.service.types.v1.Checksum;
45 45
import org.dataone.service.types.v1.Identifier;
46
import org.dataone.service.types.v1.Node;
46 47
import org.dataone.service.types.v1.NodeList;
47 48
import org.dataone.service.types.v1.NodeReference;
48 49
import org.dataone.service.types.v1.ObjectFormat;
......
734 735
    throws NotImplemented, NotAuthorized, InvalidToken, ServiceFailure, 
735 736
    NotFound, InvalidRequest {
736 737

  
737
	// build a predicate like: 
738
	    // "pid                    = '{pid}                   ' AND 
739
	    //  pemission              = '{permission}            ' AND
740
	    //  originatingNodeSubject = '{originatingNodeSubject}' AND
741
	    //  targetNodeSubject      = '{targetNodeSubject}     '"
742
	    boolean isAllowed = false;
743
	    String query = "";
744
	    query += "pid = '";
745
	    query += pid;
746
	    query += "' AND permission = '";
747
	    query += replicatePermission.name();
748
	    query += "' AND originatingNodeSubject = '";
749
	    query += originatingNodeSession.getSubject().getValue();
750
	    query += "' AND targetNodeSubject = '";
751
	    query += targetNodeSubject.getValue();
752
	    query += "'";
738
	  boolean isAllowed = false;
739
	  SystemMetadata sysmeta = null;
740
    String query = "subject = '" + targetNodeSubject + "'";
741
    NodeReference targetNode = null;
742
    
743
	  try {
744
	    // get the target node reference from the hzNodes map
745
	    Set<Node> nodeList = (Set<Node>) 
746
	      HazelcastService.getInstance().getNodesMap().values(new SqlPredicate(query));
753 747
	    
754
	    logMetacat.debug("Pending replication task query is: " + query);
755
	    // search the hzPendingReplicationTasks map for the  originating node subject, 
756
	    // target node subject, pid, and replicate permission
748
	    // we should only have one subject DN per node
749
	    for (Node node : nodeList) {      
750
	      targetNode = node.getIdentifier();
751
	      break;
752
	        
753
      }
754
	     //lock, get, and unlock the pid
755
	    HazelcastService.getInstance().getSystemMetadataMap().lock(pid);
756
      sysmeta = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
757
      HazelcastService.getInstance().getSystemMetadataMap().unlock(pid);
758
	    List<Replica> replicaList = sysmeta.getReplicaList();
757 759
	    
758
	    Set<CNReplicationTask> tasks = 
759
	      (Set<CNReplicationTask>) HazelcastService.getInstance().getPendingReplicationTasks().values(new SqlPredicate(query));
760
	    
761
	    // do we have a matching task?
762
	    if ( tasks.size() >= 1 ) {
763
	      isAllowed = true;
764
	      
760
	    // find the replica with the status set to 'requested'
761
	    for(Replica replica : replicaList) {
762
	      ReplicationStatus status = replica.getReplicationStatus();
763
	      NodeReference listedNode = replica.getReplicaMemberNode();
764
	      if ( listedNode.equals(targetNode) && 
765
	           status.equals(ReplicationStatus.REQUESTED)) {
766
	        isAllowed = true;
767
	        break;
768
	        
769
	      }
765 770
	    }
771

  
772
	  } catch(Exception e) {
773
	    // Catch Hazelcast RuntimeExceptions
766 774
	    
767
	    return isAllowed;
775
	  } finally {
776
	    // always unlock the pid
777
      HazelcastService.getInstance().getSystemMetadataMap().unlock(pid);
778

  
779
	  }
780
	    
781
	  return isAllowed;
768 782
    
769 783
  }
770 784

  

Also available in: Unified diff