Project

General

Profile

« Previous | Next » 

Revision 6728

Added by Jing Tao about 13 years ago

Use accessblock in setaccess method. So user can grant/revoke public readable access.

View differences:

src/edu/ucsb/nceas/metacat/clientview/ClientViewHelper.java
13 13
import com.oreilly.servlet.multipart.MultipartParser;
14 14
import com.oreilly.servlet.multipart.ParamPart;
15 15
import com.oreilly.servlet.multipart.Part;
16

  
17
import edu.ucsb.nceas.metacat.DocInfoHandler;
18
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlException;
19
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlForSingleFile;
20
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlInterface;
21
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlList;
22
import edu.ucsb.nceas.metacat.accesscontrol.XMLAccessAccess;
23
import edu.ucsb.nceas.metacat.accesscontrol.XMLAccessDAO;
16 24
import edu.ucsb.nceas.metacat.client.InsufficientKarmaException;
17 25
import edu.ucsb.nceas.metacat.client.MetacatClient;
18 26
import edu.ucsb.nceas.metacat.client.MetacatException;
......
20 28
import edu.ucsb.nceas.metacat.client.MetacatInaccessibleException;
21 29
import edu.ucsb.nceas.metacat.properties.PropertyService;
22 30
import edu.ucsb.nceas.metacat.service.SessionService;
31
import edu.ucsb.nceas.metacat.shared.AccessException;
32
import edu.ucsb.nceas.metacat.util.DocumentUtil;
23 33
import edu.ucsb.nceas.metacat.util.SessionData;
24 34
import edu.ucsb.nceas.utilities.XMLUtilities;
25 35
import edu.ucsb.nceas.utilities.PropertyNotFoundException;
......
49 59
import org.w3c.dom.Node;
50 60
import org.w3c.dom.NodeList;
51 61
import org.w3c.dom.Text;
62
import org.xml.sax.ContentHandler;
63
import org.xml.sax.ErrorHandler;
64
import org.xml.sax.InputSource;
65
import org.xml.sax.SAXException;
66
import org.xml.sax.XMLReader;
67
import org.xml.sax.helpers.XMLReaderFactory;
52 68

  
53 69
/**
54 70
 *
......
489 505
    }
490 506
    
491 507
    private String setPublicAccess(String permissionType, String metaDocId, Stack docIdStack)
492
    throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException {
508
    throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException, AccessControlException{
493 509
        String                      result = " for Documents ";
494 510
        String                      docId, lst = metaDocId, permOrder;
495 511
        
496 512
        /*if (permissionType.equals("allow"))
497 513
            permOrder = "denyFirst";
498 514
        else
499
            permOrder = "allowFirst";*/
515
            permOrder = "allowFirst";
500 516
        permOrder = "allowFirst";
501 517
        
502
        getMetacatClient().setAccess(metaDocId, "public", "read", permissionType, permOrder);
518
        getMetacatClient().setAccess(metaDocId, "public", "read", permissionType, permOrder);*/
519
        setPublicReadAccess(permissionType, metaDocId) ;
503 520
        //*** Grant the public read access to the data files.
504 521
        while(!docIdStack.isEmpty()) {
505 522
            docId = (String) docIdStack.pop();
506
            getMetacatClient().setAccess(docId, "public", "read", permissionType, permOrder);
523
            //getMetacatClient().setAccess(docId, "public", "read", permissionType, permOrder);
524
            setPublicReadAccess(permissionType, docId);
507 525
            lst += ", " + docId;
508 526
        }
509 527
        result = "Changed public read access to '" + permissionType + "' for " + result + lst;
510 528
        return(result);
511 529
    }
512 530
    
531
    /*
532
     * Set up public access by using accessblock to replace old success rules.
533
     * First, we need to get original access rules.
534
     * Second, remove all access rules of the user public, then add the new rules. 
535
     */
536
    private void setPublicReadAccess(String permissionType, String docid) 
537
        throws InsufficientKarmaException, MetacatException, MetacatInaccessibleException, AccessControlException{
538
      String originalAccessBlock = getMetacatClient().getAccessControl(docid);
539
      Vector<XMLAccessDAO> accessList = parseAccessXMLBlock(docid, originalAccessBlock);
540
      if(accessList != null  && !accessList.isEmpty()) {
541
        //there are some access rules in the metacat server for this docid
542
        XMLAccessDAO rule = accessList.elementAt(0);
543
        //we should persist the perm order from original access block
544
        String permOrder = rule.getPermOrder();
545
        //remove all public access rule but preserver other access rules.
546
        removeAllPublicAccessRules(accessList);
547
        //generate a new access rule and add it to the list
548
        XMLAccessDAO newRule = generateXMLAccessDAO(docid, AccessControlInterface.PUBLIC,
549
            AccessControlInterface.READSTRING, permissionType, permOrder);
550
        accessList.add(newRule);
551
      } else {
552
        //generate a new access rule and add it to the list
553
        accessList = new Vector<XMLAccessDAO>();
554
        XMLAccessDAO newRule = generateXMLAccessDAO(docid, AccessControlInterface.PUBLIC,
555
            AccessControlInterface.READSTRING, permissionType, AccessControlInterface.ALLOWFIRST);
556
        accessList.add(newRule);
557
      }
558
      //transform the new XMLAccessDAO object list to the String 
559
      AccessControlForSingleFile controller = new AccessControlForSingleFile(docid);
560
      String accessBlock = controller.getAccessString(accessList);
561
      //send the access block to the metacat
562
      getMetacatClient().setAccess(docid, accessBlock);
563
    }
564
    
565
    /*
566
     * Parse the access xml block to get access rule list object.
567
     */
568
    private Vector<XMLAccessDAO> parseAccessXMLBlock(String docId, String accessXMLBlock) throws AccessControlException{
569
      try { 
570
        // use DocInfoHandler to parse the access section into DAO objects
571
        XMLReader parser = null;
572
        DocInfoHandler docInfoHandler = new DocInfoHandler(docId); 
573
        ContentHandler chandler = docInfoHandler;
574

  
575
        // Get an instance of the parser
576
        String parserName = PropertyService.getProperty("xml.saxparser");
577
        parser = XMLReaderFactory.createXMLReader(parserName);
578

  
579
        // Turn off validation
580
        parser.setFeature("http://xml.org/sax/features/validation", false);
581
        parser.setContentHandler((ContentHandler)chandler);
582
        parser.setErrorHandler((ErrorHandler)chandler);
583

  
584
        parser.parse(new InputSource(new StringReader(accessXMLBlock)));
585
        
586
        XMLAccessAccess xmlAccessAccess = new XMLAccessAccess();
587
         Vector<XMLAccessDAO> accessRuleList = docInfoHandler.getAccessControlList();
588
         return accessRuleList;
589
           
590

  
591
      } catch (PropertyNotFoundException pnfe) {
592
        throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - "
593
            + "property error when replacing permissions: " + pnfe.getMessage());
594
      } catch (AccessException ae) {
595
        throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - "
596
            + "DB access error when replacing permissions: " + ae.getMessage());
597
      } catch (SAXException se) {
598
        throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - "
599
            + "SAX error when replacing permissions: " + se.getMessage());
600
      } catch(IOException ioe) {
601
        throw new AccessControlException("ClientViewHelper.parseAccessXMLBlock - "
602
            + "I/O error when replacing permissions: " + ioe.getMessage());
603
      }
604
    }
605
    
606
    /*
607
     * Populate xmlAccessDAO object with the some parameters.
608
     */
609
    private XMLAccessDAO generateXMLAccessDAO(String docid, String principalName,
610
        String permission, String permType, String permOrder) {
611
      String identifier = DocumentUtil.getDocIdFromString(docid);
612
      XMLAccessDAO xmlAccessDAO = new XMLAccessDAO();
613
      xmlAccessDAO.setDocId(identifier);
614
      xmlAccessDAO.setPrincipalName(principalName);
615
      xmlAccessDAO.setPermission(Integer.valueOf(AccessControlList.intValue(permission)).longValue());
616
      xmlAccessDAO.setPermType(permType);
617
      xmlAccessDAO.setPermOrder(permOrder);
618
      return xmlAccessDAO;
619
    }
620
    
621
    
622
    /*
623
     * Remove every access rule for user public from the specified access rule list
624
     */
625
    private void removeAllPublicAccessRules(Vector<XMLAccessDAO> accessList) {
626
      if(accessList != null && !accessList.isEmpty()) {
627
        Vector<Integer> removingIndexList = new Vector<Integer>();
628
        for(int i=0; i<accessList.size(); i++) {
629
          XMLAccessDAO rule = accessList.elementAt(i);
630
          if(rule != null && rule.getPrincipalName() != null && rule.getPrincipalName().equalsIgnoreCase(AccessControlInterface.PUBLIC)) {
631
            //store the index which should be remove
632
            removingIndexList.add(new Integer(i));
633
          }      
634
        }
635
        if(!removingIndexList.isEmpty()) {
636
          for(int i=removingIndexList.size()-1; i>=0; i--) {
637
            accessList.remove(removingIndexList.elementAt(i).intValue());
638
          }
639
       }
640
      }
641
    }
642
    
513 643
    private String handleChangeAccess(String metaDocId, String permissionType) throws Exception {
514 644
        Stack                       dataDocIDs;
515 645
        String                      result = "", xpathExpr = null;

Also available in: Unified diff