Revision 6728
Added by Jing Tao about 13 years ago
src/edu/ucsb/nceas/metacat/clientview/ClientViewHelper.java | ||
---|---|---|
13 | 13 |
import com.oreilly.servlet.multipart.MultipartParser; |
14 | 14 |
import com.oreilly.servlet.multipart.ParamPart; |
15 | 15 |
import com.oreilly.servlet.multipart.Part; |
16 |
|
|
17 |
import edu.ucsb.nceas.metacat.DocInfoHandler; |
|
18 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlException; |
|
19 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlForSingleFile; |
|
20 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlInterface; |
|
21 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlList; |
|
22 |
import edu.ucsb.nceas.metacat.accesscontrol.XMLAccessAccess; |
|
23 |
import edu.ucsb.nceas.metacat.accesscontrol.XMLAccessDAO; |
|
16 | 24 |
import edu.ucsb.nceas.metacat.client.InsufficientKarmaException; |
17 | 25 |
import edu.ucsb.nceas.metacat.client.MetacatClient; |
18 | 26 |
import edu.ucsb.nceas.metacat.client.MetacatException; |
... | ... | |
20 | 28 |
import edu.ucsb.nceas.metacat.client.MetacatInaccessibleException; |
21 | 29 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
22 | 30 |
import edu.ucsb.nceas.metacat.service.SessionService; |
31 |
import edu.ucsb.nceas.metacat.shared.AccessException; |
|
32 |
import edu.ucsb.nceas.metacat.util.DocumentUtil; |
|
23 | 33 |
import edu.ucsb.nceas.metacat.util.SessionData; |
24 | 34 |
import edu.ucsb.nceas.utilities.XMLUtilities; |
25 | 35 |
import edu.ucsb.nceas.utilities.PropertyNotFoundException; |
... | ... | |
49 | 59 |
import org.w3c.dom.Node; |
50 | 60 |
import org.w3c.dom.NodeList; |
51 | 61 |
import org.w3c.dom.Text; |
62 |
import org.xml.sax.ContentHandler; |
|
63 |
import org.xml.sax.ErrorHandler; |
|
64 |
import org.xml.sax.InputSource; |
|
65 |
import org.xml.sax.SAXException; |
|
66 |
import org.xml.sax.XMLReader; |
|
67 |
import org.xml.sax.helpers.XMLReaderFactory; |
|
52 | 68 |
|
53 | 69 |
/** |
54 | 70 |
* |
... | ... | |
489 | 505 |
} |
490 | 506 |
|
491 | 507 |
private String setPublicAccess(String permissionType, String metaDocId, Stack docIdStack) |
492 |
throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException {
|
|
508 |
throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException, AccessControlException{
|
|
493 | 509 |
String result = " for Documents "; |
494 | 510 |
String docId, lst = metaDocId, permOrder; |
495 | 511 |
|
496 | 512 |
/*if (permissionType.equals("allow")) |
497 | 513 |
permOrder = "denyFirst"; |
498 | 514 |
else |
499 |
permOrder = "allowFirst";*/
|
|
515 |
permOrder = "allowFirst"; |
|
500 | 516 |
permOrder = "allowFirst"; |
501 | 517 |
|
502 |
getMetacatClient().setAccess(metaDocId, "public", "read", permissionType, permOrder); |
|
518 |
getMetacatClient().setAccess(metaDocId, "public", "read", permissionType, permOrder);*/ |
|
519 |
setPublicReadAccess(permissionType, metaDocId) ; |
|
503 | 520 |
//*** Grant the public read access to the data files. |
504 | 521 |
while(!docIdStack.isEmpty()) { |
505 | 522 |
docId = (String) docIdStack.pop(); |
506 |
getMetacatClient().setAccess(docId, "public", "read", permissionType, permOrder); |
|
523 |
//getMetacatClient().setAccess(docId, "public", "read", permissionType, permOrder); |
|
524 |
setPublicReadAccess(permissionType, docId); |
|
507 | 525 |
lst += ", " + docId; |
508 | 526 |
} |
509 | 527 |
result = "Changed public read access to '" + permissionType + "' for " + result + lst; |
510 | 528 |
return(result); |
511 | 529 |
} |
512 | 530 |
|
531 |
/* |
|
532 |
* Set up public access by using accessblock to replace old success rules. |
|
533 |
* First, we need to get original access rules. |
|
534 |
* Second, remove all access rules of the user public, then add the new rules. |
|
535 |
*/ |
|
536 |
private void setPublicReadAccess(String permissionType, String docid) |
|
537 |
throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException, AccessControlException{ |
|
538 |
String originalAccessBlock = getMetacatClient().getAccessControl(docid); |
|
539 |
Vector<XMLAccessDAO> accessList = parseAccessXMLBlock(docid, originalAccessBlock); |
|
540 |
if(accessList != null && !accessList.isEmpty()) { |
|
541 |
//there are some access rules in the metacat server for this docid |
|
542 |
XMLAccessDAO rule = accessList.elementAt(0); |
|
543 |
//we should persist the perm order from original access block |
|
544 |
String permOrder = rule.getPermOrder(); |
|
545 |
//remove all public access rule but preserver other access rules. |
|
546 |
removeAllPublicAccessRules(accessList); |
|
547 |
//generate a new access rule and add it to the list |
|
548 |
XMLAccessDAO newRule = generateXMLAccessDAO(docid, AccessControlInterface.PUBLIC, |
|
549 |
AccessControlInterface.READSTRING, permissionType, permOrder); |
|
550 |
accessList.add(newRule); |
|
551 |
} else { |
|
552 |
//generate a new access rule and add it to the list |
|
553 |
accessList = new Vector<XMLAccessDAO>(); |
|
554 |
XMLAccessDAO newRule = generateXMLAccessDAO(docid, AccessControlInterface.PUBLIC, |
|
555 |
AccessControlInterface.READSTRING, permissionType, AccessControlInterface.ALLOWFIRST); |
|
556 |
accessList.add(newRule); |
|
557 |
} |
|
558 |
//transform the new XMLAccessDAO object list to the String |
|
559 |
AccessControlForSingleFile controller = new AccessControlForSingleFile(docid); |
|
560 |
String accessBlock = controller.getAccessString(accessList); |
|
561 |
//send the access block to the metacat |
|
562 |
getMetacatClient().setAccess(docid, accessBlock); |
|
563 |
} |
|
564 |
|
|
565 |
/* |
|
566 |
* Parse the access xml block to get access rule list object. |
|
567 |
*/ |
|
568 |
private Vector<XMLAccessDAO> parseAccessXMLBlock(String docId, String accessXMLBlock) throws AccessControlException{ |
|
569 |
try { |
|
570 |
// use DocInfoHandler to parse the access section into DAO objects |
|
571 |
XMLReader parser = null; |
|
572 |
DocInfoHandler docInfoHandler = new DocInfoHandler(docId); |
|
573 |
ContentHandler chandler = docInfoHandler; |
|
574 |
|
|
575 |
// Get an instance of the parser |
|
576 |
String parserName = PropertyService.getProperty("xml.saxparser"); |
|
577 |
parser = XMLReaderFactory.createXMLReader(parserName); |
|
578 |
|
|
579 |
// Turn off validation |
|
580 |
parser.setFeature("http://xml.org/sax/features/validation", false); |
|
581 |
parser.setContentHandler((ContentHandler)chandler); |
|
582 |
parser.setErrorHandler((ErrorHandler)chandler); |
|
583 |
|
|
584 |
parser.parse(new InputSource(new StringReader(accessXMLBlock))); |
|
585 |
|
|
586 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
|
587 |
Vector<XMLAccessDAO> accessRuleList = docInfoHandler.getAccessControlList(); |
|
588 |
return accessRuleList; |
|
589 |
|
|
590 |
|
|
591 |
} catch (PropertyNotFoundException pnfe) { |
|
592 |
throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - " |
|
593 |
+ "property error when replacing permissions: " + pnfe.getMessage()); |
|
594 |
} catch (AccessException ae) { |
|
595 |
throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - " |
|
596 |
+ "DB access error when replacing permissions: " + ae.getMessage()); |
|
597 |
} catch (SAXException se) { |
|
598 |
throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - " |
|
599 |
+ "SAX error when replacing permissions: " + se.getMessage()); |
|
600 |
} catch(IOException ioe) { |
|
601 |
throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - " |
|
602 |
+ "I/O error when replacing permissions: " + ioe.getMessage()); |
|
603 |
} |
|
604 |
} |
|
605 |
|
|
606 |
/* |
|
607 |
* Populate xmlAccessDAO object with the some parameters. |
|
608 |
*/ |
|
609 |
private XMLAccessDAO generateXMLAccessDAO(String docid, String principalName, |
|
610 |
String permission, String permType, String permOrder) { |
|
611 |
String identifier = DocumentUtil.getDocIdFromString(docid); |
|
612 |
XMLAccessDAO xmlAccessDAO = new XMLAccessDAO(); |
|
613 |
xmlAccessDAO.setDocId(identifier); |
|
614 |
xmlAccessDAO.setPrincipalName(principalName); |
|
615 |
xmlAccessDAO.setPermission(Integer.valueOf(AccessControlList.intValue(permission)).longValue()); |
|
616 |
xmlAccessDAO.setPermType(permType); |
|
617 |
xmlAccessDAO.setPermOrder(permOrder); |
|
618 |
return xmlAccessDAO; |
|
619 |
} |
|
620 |
|
|
621 |
|
|
622 |
/* |
|
623 |
* Remove every access rule for user public from the specified access rule list |
|
624 |
*/ |
|
625 |
private void removeAllPublicAccessRules(Vector<XMLAccessDAO> accessList) { |
|
626 |
if(accessList != null && !accessList.isEmpty()) { |
|
627 |
Vector<Integer> removingIndexList = new Vector<Integer>(); |
|
628 |
for(int i=0; i<accessList.size(); i++) { |
|
629 |
XMLAccessDAO rule = accessList.elementAt(i); |
|
630 |
if(rule != null && rule.getPrincipalName() != null && rule.getPrincipalName().equalsIgnoreCase(AccessControlInterface.PUBLIC)) { |
|
631 |
//store the index which should be remove |
|
632 |
removingIndexList.add(new Integer(i)); |
|
633 |
} |
|
634 |
} |
|
635 |
if(!removingIndexList.isEmpty()) { |
|
636 |
for(int i=removingIndexList.size()-1; i>=0; i--) { |
|
637 |
accessList.remove(removingIndexList.elementAt(i).intValue()); |
|
638 |
} |
|
639 |
} |
|
640 |
} |
|
641 |
} |
|
642 |
|
|
513 | 643 |
private String handleChangeAccess(String metaDocId, String permissionType) throws Exception { |
514 | 644 |
Stack dataDocIDs; |
515 | 645 |
String result = "", xpathExpr = null; |
Also available in: Unified diff
Use accessblock in setaccess method. So user can grant/revoke public readable access.