Revision 6728
Added by Jing Tao almost 13 years ago
| src/edu/ucsb/nceas/metacat/clientview/ClientViewHelper.java | ||
|---|---|---|
| 13 | 13 |
import com.oreilly.servlet.multipart.MultipartParser; |
| 14 | 14 |
import com.oreilly.servlet.multipart.ParamPart; |
| 15 | 15 |
import com.oreilly.servlet.multipart.Part; |
| 16 |
|
|
| 17 |
import edu.ucsb.nceas.metacat.DocInfoHandler; |
|
| 18 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlException; |
|
| 19 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlForSingleFile; |
|
| 20 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlInterface; |
|
| 21 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlList; |
|
| 22 |
import edu.ucsb.nceas.metacat.accesscontrol.XMLAccessAccess; |
|
| 23 |
import edu.ucsb.nceas.metacat.accesscontrol.XMLAccessDAO; |
|
| 16 | 24 |
import edu.ucsb.nceas.metacat.client.InsufficientKarmaException; |
| 17 | 25 |
import edu.ucsb.nceas.metacat.client.MetacatClient; |
| 18 | 26 |
import edu.ucsb.nceas.metacat.client.MetacatException; |
| ... | ... | |
| 20 | 28 |
import edu.ucsb.nceas.metacat.client.MetacatInaccessibleException; |
| 21 | 29 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
| 22 | 30 |
import edu.ucsb.nceas.metacat.service.SessionService; |
| 31 |
import edu.ucsb.nceas.metacat.shared.AccessException; |
|
| 32 |
import edu.ucsb.nceas.metacat.util.DocumentUtil; |
|
| 23 | 33 |
import edu.ucsb.nceas.metacat.util.SessionData; |
| 24 | 34 |
import edu.ucsb.nceas.utilities.XMLUtilities; |
| 25 | 35 |
import edu.ucsb.nceas.utilities.PropertyNotFoundException; |
| ... | ... | |
| 49 | 59 |
import org.w3c.dom.Node; |
| 50 | 60 |
import org.w3c.dom.NodeList; |
| 51 | 61 |
import org.w3c.dom.Text; |
| 62 |
import org.xml.sax.ContentHandler; |
|
| 63 |
import org.xml.sax.ErrorHandler; |
|
| 64 |
import org.xml.sax.InputSource; |
|
| 65 |
import org.xml.sax.SAXException; |
|
| 66 |
import org.xml.sax.XMLReader; |
|
| 67 |
import org.xml.sax.helpers.XMLReaderFactory; |
|
| 52 | 68 |
|
| 53 | 69 |
/** |
| 54 | 70 |
* |
| ... | ... | |
| 489 | 505 |
} |
| 490 | 506 |
|
| 491 | 507 |
private String setPublicAccess(String permissionType, String metaDocId, Stack docIdStack) |
| 492 |
throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException {
|
|
| 508 |
throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException, AccessControlException{
|
|
| 493 | 509 |
String result = " for Documents "; |
| 494 | 510 |
String docId, lst = metaDocId, permOrder; |
| 495 | 511 |
|
| 496 | 512 |
/*if (permissionType.equals("allow"))
|
| 497 | 513 |
permOrder = "denyFirst"; |
| 498 | 514 |
else |
| 499 |
permOrder = "allowFirst";*/
|
|
| 515 |
permOrder = "allowFirst"; |
|
| 500 | 516 |
permOrder = "allowFirst"; |
| 501 | 517 |
|
| 502 |
getMetacatClient().setAccess(metaDocId, "public", "read", permissionType, permOrder); |
|
| 518 |
getMetacatClient().setAccess(metaDocId, "public", "read", permissionType, permOrder);*/ |
|
| 519 |
setPublicReadAccess(permissionType, metaDocId) ; |
|
| 503 | 520 |
//*** Grant the public read access to the data files. |
| 504 | 521 |
while(!docIdStack.isEmpty()) {
|
| 505 | 522 |
docId = (String) docIdStack.pop(); |
| 506 |
getMetacatClient().setAccess(docId, "public", "read", permissionType, permOrder); |
|
| 523 |
//getMetacatClient().setAccess(docId, "public", "read", permissionType, permOrder); |
|
| 524 |
setPublicReadAccess(permissionType, docId); |
|
| 507 | 525 |
lst += ", " + docId; |
| 508 | 526 |
} |
| 509 | 527 |
result = "Changed public read access to '" + permissionType + "' for " + result + lst; |
| 510 | 528 |
return(result); |
| 511 | 529 |
} |
| 512 | 530 |
|
| 531 |
/* |
|
| 532 |
* Set up public access by using accessblock to replace old success rules. |
|
| 533 |
* First, we need to get original access rules. |
|
| 534 |
* Second, remove all access rules of the user public, then add the new rules. |
|
| 535 |
*/ |
|
| 536 |
private void setPublicReadAccess(String permissionType, String docid) |
|
| 537 |
throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException, AccessControlException{
|
|
| 538 |
String originalAccessBlock = getMetacatClient().getAccessControl(docid); |
|
| 539 |
Vector<XMLAccessDAO> accessList = parseAccessXMLBlock(docid, originalAccessBlock); |
|
| 540 |
if(accessList != null && !accessList.isEmpty()) {
|
|
| 541 |
//there are some access rules in the metacat server for this docid |
|
| 542 |
XMLAccessDAO rule = accessList.elementAt(0); |
|
| 543 |
//we should persist the perm order from original access block |
|
| 544 |
String permOrder = rule.getPermOrder(); |
|
| 545 |
//remove all public access rule but preserver other access rules. |
|
| 546 |
removeAllPublicAccessRules(accessList); |
|
| 547 |
//generate a new access rule and add it to the list |
|
| 548 |
XMLAccessDAO newRule = generateXMLAccessDAO(docid, AccessControlInterface.PUBLIC, |
|
| 549 |
AccessControlInterface.READSTRING, permissionType, permOrder); |
|
| 550 |
accessList.add(newRule); |
|
| 551 |
} else {
|
|
| 552 |
//generate a new access rule and add it to the list |
|
| 553 |
accessList = new Vector<XMLAccessDAO>(); |
|
| 554 |
XMLAccessDAO newRule = generateXMLAccessDAO(docid, AccessControlInterface.PUBLIC, |
|
| 555 |
AccessControlInterface.READSTRING, permissionType, AccessControlInterface.ALLOWFIRST); |
|
| 556 |
accessList.add(newRule); |
|
| 557 |
} |
|
| 558 |
//transform the new XMLAccessDAO object list to the String |
|
| 559 |
AccessControlForSingleFile controller = new AccessControlForSingleFile(docid); |
|
| 560 |
String accessBlock = controller.getAccessString(accessList); |
|
| 561 |
//send the access block to the metacat |
|
| 562 |
getMetacatClient().setAccess(docid, accessBlock); |
|
| 563 |
} |
|
| 564 |
|
|
| 565 |
/* |
|
| 566 |
* Parse the access xml block to get access rule list object. |
|
| 567 |
*/ |
|
| 568 |
private Vector<XMLAccessDAO> parseAccessXMLBlock(String docId, String accessXMLBlock) throws AccessControlException{
|
|
| 569 |
try {
|
|
| 570 |
// use DocInfoHandler to parse the access section into DAO objects |
|
| 571 |
XMLReader parser = null; |
|
| 572 |
DocInfoHandler docInfoHandler = new DocInfoHandler(docId); |
|
| 573 |
ContentHandler chandler = docInfoHandler; |
|
| 574 |
|
|
| 575 |
// Get an instance of the parser |
|
| 576 |
String parserName = PropertyService.getProperty("xml.saxparser");
|
|
| 577 |
parser = XMLReaderFactory.createXMLReader(parserName); |
|
| 578 |
|
|
| 579 |
// Turn off validation |
|
| 580 |
parser.setFeature("http://xml.org/sax/features/validation", false);
|
|
| 581 |
parser.setContentHandler((ContentHandler)chandler); |
|
| 582 |
parser.setErrorHandler((ErrorHandler)chandler); |
|
| 583 |
|
|
| 584 |
parser.parse(new InputSource(new StringReader(accessXMLBlock))); |
|
| 585 |
|
|
| 586 |
XMLAccessAccess xmlAccessAccess = new XMLAccessAccess(); |
|
| 587 |
Vector<XMLAccessDAO> accessRuleList = docInfoHandler.getAccessControlList(); |
|
| 588 |
return accessRuleList; |
|
| 589 |
|
|
| 590 |
|
|
| 591 |
} catch (PropertyNotFoundException pnfe) {
|
|
| 592 |
throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - "
|
|
| 593 |
+ "property error when replacing permissions: " + pnfe.getMessage()); |
|
| 594 |
} catch (AccessException ae) {
|
|
| 595 |
throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - "
|
|
| 596 |
+ "DB access error when replacing permissions: " + ae.getMessage()); |
|
| 597 |
} catch (SAXException se) {
|
|
| 598 |
throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - "
|
|
| 599 |
+ "SAX error when replacing permissions: " + se.getMessage()); |
|
| 600 |
} catch(IOException ioe) {
|
|
| 601 |
throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - "
|
|
| 602 |
+ "I/O error when replacing permissions: " + ioe.getMessage()); |
|
| 603 |
} |
|
| 604 |
} |
|
| 605 |
|
|
| 606 |
/* |
|
| 607 |
* Populate xmlAccessDAO object with the some parameters. |
|
| 608 |
*/ |
|
| 609 |
private XMLAccessDAO generateXMLAccessDAO(String docid, String principalName, |
|
| 610 |
String permission, String permType, String permOrder) {
|
|
| 611 |
String identifier = DocumentUtil.getDocIdFromString(docid); |
|
| 612 |
XMLAccessDAO xmlAccessDAO = new XMLAccessDAO(); |
|
| 613 |
xmlAccessDAO.setDocId(identifier); |
|
| 614 |
xmlAccessDAO.setPrincipalName(principalName); |
|
| 615 |
xmlAccessDAO.setPermission(Integer.valueOf(AccessControlList.intValue(permission)).longValue()); |
|
| 616 |
xmlAccessDAO.setPermType(permType); |
|
| 617 |
xmlAccessDAO.setPermOrder(permOrder); |
|
| 618 |
return xmlAccessDAO; |
|
| 619 |
} |
|
| 620 |
|
|
| 621 |
|
|
| 622 |
/* |
|
| 623 |
* Remove every access rule for user public from the specified access rule list |
|
| 624 |
*/ |
|
| 625 |
private void removeAllPublicAccessRules(Vector<XMLAccessDAO> accessList) {
|
|
| 626 |
if(accessList != null && !accessList.isEmpty()) {
|
|
| 627 |
Vector<Integer> removingIndexList = new Vector<Integer>(); |
|
| 628 |
for(int i=0; i<accessList.size(); i++) {
|
|
| 629 |
XMLAccessDAO rule = accessList.elementAt(i); |
|
| 630 |
if(rule != null && rule.getPrincipalName() != null && rule.getPrincipalName().equalsIgnoreCase(AccessControlInterface.PUBLIC)) {
|
|
| 631 |
//store the index which should be remove |
|
| 632 |
removingIndexList.add(new Integer(i)); |
|
| 633 |
} |
|
| 634 |
} |
|
| 635 |
if(!removingIndexList.isEmpty()) {
|
|
| 636 |
for(int i=removingIndexList.size()-1; i>=0; i--) {
|
|
| 637 |
accessList.remove(removingIndexList.elementAt(i).intValue()); |
|
| 638 |
} |
|
| 639 |
} |
|
| 640 |
} |
|
| 641 |
} |
|
| 642 |
|
|
| 513 | 643 |
private String handleChangeAccess(String metaDocId, String permissionType) throws Exception {
|
| 514 | 644 |
Stack dataDocIDs; |
| 515 | 645 |
String result = "", xpathExpr = null; |
Also available in: Unified diff
Use accessblock in setaccess method. So user can grant/revoke public readable access.