Project

General

Profile

« Previous | Next » 

Revision 6514

Added by ben leinfelder over 12 years ago

correctly handle incoming "accessPolicy" parameters for the setAccess() method

View differences:

MNResourceHandler.java
157 157
158 158 
            // get the rest of the path info
159 159 
            String extra = null;
160 
            if (resource.lastIndexOf("/") != -1) {
161 
                extra = resource.substring(resource.lastIndexOf("/") + 1);
162 
            }
163 160
164 161 
            logMetacat.debug("handling verb " + httpVerb + " request with resource '" + resource + "'");
165 162 
            logMetacat.debug("resource: '" + resource + "'");
......
173 170 
                    status = true;
174 171 
                } else if (resource.startsWith(RESOURCE_ACCESS_RULES)) {
175 172 
                    if (httpVerb == POST) {
173 
                    	// after the command
174 
                        extra = parseTrailing(resource, RESOURCE_ACCESS_RULES);
176 175 
	                	// set the access rules
177 
	                    setAccess();
176 
	                    setAccess(extra);
178 177 
	                    status = true;
179 178 
	                    logMetacat.debug("done setting access");
180 179 
                    }
181 180 
                } else if (resource.startsWith(RESOURCE_IS_AUTHORIZED)) {
182 181 
                    if (httpVerb == GET) {
182 
                    	// after the command
183 
                        extra = parseTrailing(resource, RESOURCE_IS_AUTHORIZED);
183 184 
	                	// check the access rules
184 185 
	                    isAuthorized(extra);
185 186 
	                    status = true;
......
189 190 
                    logMetacat.debug("Using resource 'meta'");
190 191 
                    // get
191 192 
                    if (httpVerb == GET) {
193 
                    	// after the command
194 
                        extra = parseTrailing(resource, RESOURCE_META);
192 195 
                        getSystemMetadataObject(extra);
193 196 
                        status = true;
194 197 
                    }
195 198
196 199 
                } else if (resource.startsWith(RESOURCE_OBJECTS)) {
197 200 
                    logMetacat.debug("Using resource 'object'");
198
201 
                    // after the command
202 
                    extra = parseTrailing(resource, RESOURCE_OBJECTS);
199 203 
                    logMetacat.debug("objectId: " + extra);
200 204 
                    logMetacat.debug("verb:" + httpVerb);
201 205 

  		




  ......




  227
  231
  
    
                    logMetacat.debug("Using resource 'checksum'");


  		




  228
  232
  
    
                    // handle checksum requests


  		




  229
  233
  
    
                    if (httpVerb == GET) {


  		




  
  234
  
    
                    	// after the command


  		




  
  235
  
    
                        extra = parseTrailing(resource, RESOURCE_CHECKSUM);


  		




  230
  236
  
    
                        checksum(extra);


  		




  231
  237
  
    
                        status = true;


  		




  232
  238
  
    
                    }


  		




  233
  239
  
    
                } else if (resource.startsWith(RESOURCE_MONITOR)) {


  		




  234
  240
  
    
                    // there are various parts to monitoring


  		




  235
  241
  
    
                    if (httpVerb == GET) {


  		




  
  242
  
    
                    	// after the command


  		




  
  243
  
    
                        extra = parseTrailing(resource, RESOURCE_MONITOR);


  		




  236
  244
  
    
                    	// health monitoring calls


  		




  237
  245
  
    
                        status = monitor(extra);


  		




  238
  246
  
    
                    }


  		




  ......




  330
  338
  
    
		MNodeService.getInstance().synchronizationFailed(session, syncFailed);


  		




  331
  339
  
    
    }


  		




  332
  340
  
    
    


  		




  333
  
  
    
    protected SynchronizationFailed collectSynchronizationFailed() throws IOException, ServiceFailure, InvalidRequest, JiBXException, InstantiationException, IllegalAccessException, ParserConfigurationException, SAXException  {


  		




  334
  
  
    
		


  		




  335
  
  
    
		// Read the incoming data from its Mime Multipart encoding


  		




  336
  
  
    
		logMetacat.debug("Disassembling MIME multipart form");


  		




  337
  
  
    
		InputStream sf = null;


  		




  338
  341
  
    

  		




  339
  
  
    
		// handle MMP inputs


  		




  340
  
  
    
		File tmpDir = getTempDirectory();


  		




  341
  
  
    
		logMetacat.debug("temp dir: " + tmpDir.getAbsolutePath());


  		




  342
  
  
    
		MultipartRequestResolver mrr = 


  		




  343
  
  
    
			new MultipartRequestResolver(tmpDir.getAbsolutePath(), 1000000000, 0);


  		




  344
  
  
    
		MultipartRequest mr = null;


  		




  345
  
  
    
		try {


  		




  346
  
  
    
			mr = mrr.resolveMultipart(request);


  		




  347
  
  
    
		} catch (Exception e) {


  		




  348
  
  
    
			throw new ServiceFailure("2161", 


  		




  349
  
  
    
					"Could not resolve multipart: " + e.getMessage());


  		




  350
  
  
    
		}


  		




  351
  
  
    
		logMetacat.debug("resolved multipart request");


  		




  352
  
  
    
		Map<String, File> files = mr.getMultipartFiles();


  		




  353
  
  
    
		if (files == null || files.keySet() == null) {


  		




  354
  
  
    
			throw new InvalidRequest("2163",


  		




  355
  
  
    
					"must have multipart file with name 'message'");


  		




  356
  
  
    
		}


  		




  357
  
  
    
		logMetacat.debug("got multipart files");


  		




  358
  
  
    

  		




  359
  
  
    
		multipartparams = mr.getMultipartParameters();


  		




  360
  
  
    

  		




  361
  
  
    
		File sfFile = files.get("message");


  		




  362
  
  
    
		if (sfFile == null) {


  		




  363
  
  
    
			throw new InvalidRequest("2163",


  		




  364
  
  
    
					"Missing the required file-part 'message' from the multipart request.");


  		




  365
  
  
    
		}


  		




  366
  
  
    
		logMetacat.debug("sfFile: " + sfFile.getAbsolutePath());


  		




  367
  
  
    
		sf = new FileInputStream(sfFile);


  		




  368
  
  
    
	


  		




  369
  
  
    
		SynchronizationFailed syncFailed = (SynchronizationFailed) ExceptionHandler.deserializeXml(sf, "Error deserializing exception");


  		




  370
  
  
    
		return syncFailed;


  		




  371
  
  
    
	}


  		




  372
  
  
    

  		




  373
  342
  
    
    /**


  		




  374
  343
  
    
     * Handles the monitoring resources


  		




  375
  344
  
    
     * @return


  		




  ......




  973
  942
  
    
     * @throws IllegalAccessException 


  		




  974
  943
  
    
     * @throws InstantiationException 


  		




  975
  944
  
    
     * @throws IOException 


  		




  
  945
  
    
     * @throws SAXException 


  		




  
  946
  
    
     * @throws ParserConfigurationException 


  		




  976
  947
  
    
     */


  		




  977
  
  
    
    protected void setAccess() throws JiBXException, InvalidToken, ServiceFailure, NotFound, NotAuthorized, NotImplemented, InvalidRequest, IOException, InstantiationException, IllegalAccessException


  		




  
  948
  
    
    protected void setAccess(String pid) throws JiBXException, InvalidToken, ServiceFailure, NotFound, NotAuthorized, NotImplemented, InvalidRequest, IOException, InstantiationException, IllegalAccessException, ParserConfigurationException, SAXException


  		




  978
  949
  
    
    {


  		




  979
  950
  
    
    


  		




  980
  
  
    
        String pid = params.get("pid")[0];


  		




  
  951
  
    
        //String pid = params.get("pid")[0];


  		




  981
  952
  
    
        Identifier id = new Identifier();


  		




  982
  953
  
    
        id.setValue(pid);


  		




  983
  
  
    
        String accesspolicy = params.get("accesspolicy")[0];


  		




  984
  
  
    
        AccessPolicy accessPolicy = TypeMarshaller.unmarshalTypeFromStream(AccessPolicy.class, new ByteArrayInputStream(accesspolicy.getBytes("UTF-8")));


  		




  
  954
  
    
        


  		




  
  955
  
    
        AccessPolicy accessPolicy = collectAccessPolicy();


  		




  985
  956
  
    
        MNodeService.getInstance().setAccessPolicy(session, id, accessPolicy);


  		




  986
  957
  
    
        


  		




  987
  958
  
    
        


  		




  988
  959
  
    
    }


  		




  989
  960
  
    

  		




  
  961
  
    
	protected SynchronizationFailed collectSynchronizationFailed() throws IOException, ServiceFailure, InvalidRequest, JiBXException, InstantiationException, IllegalAccessException, ParserConfigurationException, SAXException  {


  		




  
  962
  
    
		


  		




  
  963
  
    
		// Read the incoming data from its Mime Multipart encoding


  		




  
  964
  
    
		logMetacat.debug("Disassembling MIME multipart form");


  		




  
  965
  
    
		InputStream sf = null;


  		




  
  966
  
    
	


  		




  
  967
  
    
		// handle MMP inputs


  		




  
  968
  
    
		File tmpDir = getTempDirectory();


  		




  
  969
  
    
		logMetacat.debug("temp dir: " + tmpDir.getAbsolutePath());


  		




  
  970
  
    
		MultipartRequestResolver mrr = 


  		




  
  971
  
    
			new MultipartRequestResolver(tmpDir.getAbsolutePath(), 1000000000, 0);


  		




  
  972
  
    
		MultipartRequest mr = null;


  		




  
  973
  
    
		try {


  		




  
  974
  
    
			mr = mrr.resolveMultipart(request);


  		




  
  975
  
    
		} catch (Exception e) {


  		




  
  976
  
    
			throw new ServiceFailure("2161", 


  		




  
  977
  
    
					"Could not resolve multipart: " + e.getMessage());


  		




  
  978
  
    
		}


  		




  
  979
  
    
		logMetacat.debug("resolved multipart request");


  		




  
  980
  
    
		Map<String, File> files = mr.getMultipartFiles();


  		




  
  981
  
    
		if (files == null || files.keySet() == null) {


  		




  
  982
  
    
			throw new InvalidRequest("2163",


  		




  
  983
  
    
					"must have multipart file with name 'message'");


  		




  
  984
  
    
		}


  		




  
  985
  
    
		logMetacat.debug("got multipart files");


  		




  
  986
  
    
	


  		




  
  987
  
    
		multipartparams = mr.getMultipartParameters();


  		




  
  988
  
    
	


  		




  
  989
  
    
		File sfFile = files.get("message");


  		




  
  990
  
    
		if (sfFile == null) {


  		




  
  991
  
    
			throw new InvalidRequest("2163",


  		




  
  992
  
    
					"Missing the required file-part 'message' from the multipart request.");


  		




  
  993
  
    
		}


  		




  
  994
  
    
		logMetacat.debug("sfFile: " + sfFile.getAbsolutePath());


  		




  
  995
  
    
		sf = new FileInputStream(sfFile);


  		




  
  996
  
    
	


  		




  
  997
  
    
		SynchronizationFailed syncFailed = (SynchronizationFailed) ExceptionHandler.deserializeXml(sf, "Error deserializing exception");


  		




  
  998
  
    
		return syncFailed;


  		




  
  999
  
    
	}


  		




  
  1000
  
    

  		




  990
  1001
  
    
}


  		












Also available in:  Unified diff