Revision 6744
Added by ben leinfelder over 12 years ago
Eml210SAXHandler.java | ||
---|---|---|
195 | 195 |
updateDate); |
196 | 196 |
// Get the unchangeable subtrees (user doesn't have write permission) |
197 | 197 |
try { |
198 |
PermissionController control = new PermissionController(docid |
|
199 |
+ PropertyService.getProperty("document.accNumSeparator") + revision); |
|
200 | 198 |
|
201 |
// If the action is update and user doesn't have "ALL" permission |
|
202 |
// we need to check if user can update access subtree |
|
203 |
if (!control.hasPermission(user, groups, AccessControlInterface.ALLSTRING) |
|
204 |
&& action != null && action.equals("UPDATE")) { |
|
205 |
needToCheckAccessModule = true; |
|
206 |
unChangeableAccessSubTreeVector = getAccessSubTreeListFromDB(); |
|
199 |
if (action.equals("UPDATE")) { |
|
200 |
// If the action is update and user doesn't have "ALL" permission |
|
201 |
// we need to check if user can update access subtree |
|
202 |
int latestRevision = DBUtil.getLatestRevisionInDocumentTable(docid); |
|
203 |
String previousDocid = |
|
204 |
docid + PropertyService.getProperty("document.accNumSeparator") + latestRevision; |
|
205 |
|
|
206 |
PermissionController control = new PermissionController(previousDocid ); |
|
207 |
if (!control.hasPermission(user, groups, AccessControlInterface.ALLSTRING) |
|
208 |
&& action != null) { |
|
209 |
needToCheckAccessModule = true; |
|
210 |
unChangeableAccessSubTreeVector = getAccessSubTreeListFromDB(); |
|
211 |
} |
|
207 | 212 |
} |
208 | 213 |
|
209 | 214 |
} catch (Exception e) { |
... | ... | |
1188 | 1193 |
/* The method to write all access rule into db */ |
1189 | 1194 |
private void writeAccessRuleToDB() throws SAXException { |
1190 | 1195 |
// Delete old permssion |
1191 |
deletePermissionsInAccessTable(docid);
|
|
1196 |
deletePermissionsInAccessTable(); |
|
1192 | 1197 |
// write top leve access rule |
1193 | 1198 |
writeTopLevelAccessRuleToDB(); |
1194 | 1199 |
// write additional access rule |
... | ... | |
1376 | 1381 |
|
1377 | 1382 |
if (distributionType == DistributionSection.DATA_DISTRIBUTION) { |
1378 | 1383 |
try { |
1379 |
PermissionController controller = new PermissionController( |
|
1380 |
distributionSection.getDataFileName(), false); |
|
1384 |
// check for the previous version for permissions |
|
1385 |
int latestRevision = DBUtil.getLatestRevisionInDocumentTable(distributionSection.getDataFileName()); |
|
1386 |
String previousDocid = |
|
1387 |
distributionSection.getDataFileName() + PropertyService.getProperty("document.accNumSeparator") + latestRevision; |
|
1388 |
PermissionController controller = new PermissionController(previousDocid); |
|
1389 |
|
|
1381 | 1390 |
if (AccessionNumber.accNumberUsed(docid) |
1382 | 1391 |
&& !controller.hasPermission(user, groups, "WRITE")) { |
1383 | 1392 |
throw new SAXException(UPDATEACCESSERROR); |
... | ... | |
1393 | 1402 |
} |
1394 | 1403 |
} else if (distributionType == DistributionSection.INLINE_DATA_DISTRIBUTION && action == "UPDATE") { |
1395 | 1404 |
try { |
1396 |
PermissionController controller = new PermissionController( |
|
1397 |
docid, false); |
|
1405 |
|
|
1406 |
// check for the previous version for permissions |
|
1407 |
int latestRevision = DBUtil.getLatestRevisionInDocumentTable(docid); |
|
1408 |
String previousDocid = |
|
1409 |
docid + PropertyService.getProperty("document.accNumSeparator") + latestRevision; |
|
1410 |
PermissionController controller = new PermissionController(previousDocid); |
|
1398 | 1411 |
|
1399 | 1412 |
if (!controller.hasPermission(user, groups, "WRITE")) { |
1400 | 1413 |
throw new SAXException(UPDATEACCESSERROR); |
... | ... | |
1426 | 1439 |
throw new SAXException("The access object is null"); |
1427 | 1440 |
} |
1428 | 1441 |
|
1442 |
String guid = null; |
|
1443 |
try { |
|
1444 |
guid = IdentifierManager.getInstance().getGUID(docid, Integer.valueOf(revision)); |
|
1445 |
} catch (NumberFormatException e) { |
|
1446 |
throw new SAXException(e.getMessage(), e); |
|
1447 |
} catch (McdbDocNotFoundException e) { |
|
1448 |
// register the default mapping now |
|
1449 |
guid = docid + "." + revision; |
|
1450 |
IdentifierManager.getInstance().createMapping(guid, guid); |
|
1451 |
} |
|
1452 |
|
|
1429 | 1453 |
String permOrder = accessSection.getPermissionOrder(); |
1430 | 1454 |
String sql = null; |
1431 | 1455 |
PreparedStatement pstmt = null; |
1432 | 1456 |
if (topLevel) { |
1433 |
sql = "INSERT INTO xml_access (docid, principal_name, permission, "
|
|
1457 |
sql = "INSERT INTO xml_access (guid, principal_name, permission, "
|
|
1434 | 1458 |
+ "perm_type, perm_order, accessfileid) VALUES " |
1435 | 1459 |
+ " (?, ?, ?, ?, ?, ?)"; |
1436 | 1460 |
} else { |
1437 |
sql = "INSERT INTO xml_access (docid,principal_name, "
|
|
1461 |
sql = "INSERT INTO xml_access (guid,principal_name, "
|
|
1438 | 1462 |
+ "permission, perm_type, perm_order, accessfileid, subtreeid" |
1439 | 1463 |
+ ") VALUES" + " (?, ?, ?, ?, ?, ?, ?)"; |
1440 | 1464 |
} |
... | ... | |
1444 | 1468 |
// Increase DBConnection usage count |
1445 | 1469 |
connection.increaseUsageCount(1); |
1446 | 1470 |
// Bind the values to the query |
1447 |
pstmt.setString(6, docid);
|
|
1448 |
logMetacat.debug("Accessfileid in accesstable: " + docid);
|
|
1471 |
pstmt.setString(6, guid);
|
|
1472 |
logMetacat.debug("Accessfileid in accesstable: " + guid);
|
|
1449 | 1473 |
pstmt.setString(5, permOrder); |
1450 | 1474 |
logMetacat.debug("PermOder in accesstable: " + permOrder); |
1451 | 1475 |
// if it is not top level, set subsection id |
1452 | 1476 |
if (topLevel) { |
1453 |
pstmt.setString(1, docid);
|
|
1454 |
logMetacat.debug("Docid in accesstable: " + docid);
|
|
1477 |
pstmt.setString(1, guid);
|
|
1478 |
logMetacat.debug("Guid in accesstable: " + guid);
|
|
1455 | 1479 |
} |
1456 | 1480 |
if (!topLevel) { |
1481 |
// TODO: look up guid? |
|
1457 | 1482 |
pstmt.setString(1, accessSection.getDataFileName()); |
1458 | 1483 |
logMetacat.debug("Docid in accesstable: " + inlineDataFileName); |
1459 | 1484 |
|
... | ... | |
1503 | 1528 |
|
1504 | 1529 |
}// writeGivenAccessRuleIntoDB |
1505 | 1530 |
|
1506 |
/* Write a gaven access rule into db */ |
|
1507 |
private void writeAccessRuleForRelatedDataFileIntoDB(AccessSection accessSection, |
|
1508 |
String dataId) throws SAXException { |
|
1509 |
if (accessSection == null) { |
|
1510 |
throw new SAXException("The access object is null"); |
|
1511 |
} |
|
1512 |
// get rid of rev from dataId |
|
1513 |
// dataId = MetacatUtil.getDocIdFromString(dataId); |
|
1514 |
String permOrder = accessSection.getPermissionOrder(); |
|
1515 |
String sql = null; |
|
1516 |
PreparedStatement pstmt = null; |
|
1517 |
sql = "INSERT INTO xml_access (docid, principal_name, permission, " |
|
1518 |
+ "perm_type, perm_order, accessfileid) VALUES " + " (?, ?, ?, ?, ?, ?)"; |
|
1531 |
|
|
1519 | 1532 |
|
1520 |
try { |
|
1521 |
|
|
1522 |
pstmt = connection.prepareStatement(sql); |
|
1523 |
// Increase DBConnection usage count |
|
1524 |
connection.increaseUsageCount(1); |
|
1525 |
// Bind the values to the query |
|
1526 |
pstmt.setString(1, dataId); |
|
1527 |
logMetacat.debug("Docid in accesstable: " + docid); |
|
1528 |
pstmt.setString(6, docid); |
|
1529 |
logMetacat.debug("Accessfileid in accesstable: " + docid); |
|
1530 |
pstmt.setString(5, permOrder); |
|
1531 |
logMetacat.debug("PermOder in accesstable: " + permOrder); |
|
1532 |
// if it is not top level, set subsection id |
|
1533 |
|
|
1534 |
Vector<AccessRule> accessRules = accessSection.getAccessRules(); |
|
1535 |
// go through every rule |
|
1536 |
for (int i = 0; i < accessRules.size(); i++) { |
|
1537 |
AccessRule rule = accessRules.elementAt(i); |
|
1538 |
String permType = rule.getPermissionType(); |
|
1539 |
int permission = rule.getPermission(); |
|
1540 |
pstmt.setInt(3, permission); |
|
1541 |
logMetacat.debug("permission in accesstable: " + permission); |
|
1542 |
pstmt.setString(4, permType); |
|
1543 |
logMetacat.debug("Permtype in accesstable: " + permType); |
|
1544 |
// go through every principle in rule |
|
1545 |
Vector<String> nameVector = rule.getPrincipal(); |
|
1546 |
for (int j = 0; j < nameVector.size(); j++) { |
|
1547 |
String prName = nameVector.elementAt(j); |
|
1548 |
pstmt.setString(2, prName); |
|
1549 |
logMetacat.debug("Principal in accesstable: " + prName); |
|
1550 |
logMetacat.debug("running sql: " + pstmt.toString()); |
|
1551 |
pstmt.execute(); |
|
1552 |
}// for |
|
1553 |
}// for |
|
1554 |
pstmt.close(); |
|
1555 |
}// try |
|
1556 |
catch (SQLException e) { |
|
1557 |
throw new SAXException("EMLSAXHandler.writeAccessRuletoDB(): " |
|
1558 |
+ e.getMessage()); |
|
1559 |
}// catch |
|
1560 |
finally { |
|
1561 |
try { |
|
1562 |
pstmt.close(); |
|
1563 |
} catch (SQLException ee) { |
|
1564 |
throw new SAXException("EMLSAXHandler.writeAccessRuletoDB(): " |
|
1565 |
+ ee.getMessage()); |
|
1566 |
} |
|
1567 |
}// finally |
|
1568 |
|
|
1569 |
}// writeAccessRuleForRalatedDataFileIntoDB |
|
1570 |
|
|
1571 |
/* Delete from db all permission for resources related to @aclid if any. */ |
|
1572 |
private void deletePermissionsInAccessTable(String aclid) throws SAXException { |
|
1533 |
/* Delete from db all permission for resources related to the document, if any */ |
|
1534 |
private void deletePermissionsInAccessTable() throws SAXException { |
|
1573 | 1535 |
PreparedStatement pstmt = null; |
1574 | 1536 |
try { |
1575 |
String sql = "DELETE FROM xml_access WHERE accessfileid = ?"; |
|
1537 |
String sql = "DELETE FROM xml_access " + |
|
1538 |
"WHERE accessfileid IN (SELECT guid from identifier where docid = ? and rev = ?)"; |
|
1576 | 1539 |
// delete all acl records for resources related to @aclid if any |
1577 | 1540 |
pstmt = connection.prepareStatement(sql); |
1578 |
pstmt.setString(1, aclid); |
|
1541 |
pstmt.setString(1, docid); |
|
1542 |
pstmt.setInt(2, Integer.valueOf(revision)); |
|
1579 | 1543 |
// Increase DBConnection usage count |
1580 | 1544 |
connection.increaseUsageCount(1); |
1581 | 1545 |
logMetacat.debug("running sql: " + sql); |
... | ... | |
1829 | 1793 |
// handle ecogrid protocol |
1830 | 1794 |
// get rid of revision number to get the docid. |
1831 | 1795 |
String docid = DocumentUtil.getDocIdFromAccessionNumber(accessionNumber); |
1796 |
int rev = DocumentUtil.getRevisionFromAccessionNumber(accessionNumber); |
|
1797 |
String guid = null; |
|
1798 |
try { |
|
1799 |
guid = IdentifierManager.getInstance().getGUID(docid, rev); |
|
1800 |
} catch (McdbDocNotFoundException e1) { |
|
1801 |
guid = docid + "." + rev; |
|
1802 |
IdentifierManager.getInstance().createMapping(guid, guid); |
|
1803 |
} |
|
1832 | 1804 |
|
1833 | 1805 |
currentDistributionSection |
1834 | 1806 |
.setDistributionType(DistributionSection.DATA_DISTRIBUTION); |
1835 |
currentDistributionSection.setDataFileName(docid);
|
|
1807 |
currentDistributionSection.setDataFileName(guid);
|
|
1836 | 1808 |
|
1837 | 1809 |
// distributionOnlineFileName = docid; |
1838 | 1810 |
onlineDataFileIdInRelationVector.add(docid); |
Also available in: Unified diff
refactor Metacat access handling to be on a per-revision basis so that it more closely aligns with the DataONE approach
http://bugzilla.ecoinformatics.org/show_bug.cgi?id=5560