Revision 7029
Added by ben leinfelder about 12 years ago
| CNodeService.java | ||
|---|---|---|
| 231 | 231 |
|
| 232 | 232 |
// are we allowed to do this? |
| 233 | 233 |
if (!isAdminAuthorized(session, pid, Permission.WRITE)) {
|
| 234 |
if (!isAuthorized(session, pid, Permission.WRITE)) {
|
|
| 234 |
boolean isAuthorized = false; |
|
| 235 |
try {
|
|
| 236 |
isAuthorized = isAuthorized(session, pid, Permission.WRITE); |
|
| 237 |
} catch (InvalidRequest e) {
|
|
| 238 |
throw new ServiceFailure("4882", e.getDescription());
|
|
| 239 |
} |
|
| 240 |
if (!isAuthorized) {
|
|
| 235 | 241 |
throw new NotAuthorized("4881", Permission.WRITE
|
| 236 | 242 |
+ " not allowed by " + subject.getValue() + " on " |
| 237 | 243 |
+ pid.getValue()); |
| ... | ... | |
| 597 | 603 |
public Checksum getChecksum(Session session, Identifier pid) |
| 598 | 604 |
throws InvalidToken, ServiceFailure, NotAuthorized, NotFound, |
| 599 | 605 |
NotImplemented {
|
| 600 |
|
|
| 601 |
if (!isAuthorized(session, pid, Permission.READ)) {
|
|
| 606 |
|
|
| 607 |
boolean isAuthorized = false; |
|
| 608 |
try {
|
|
| 609 |
isAuthorized = isAuthorized(session, pid, Permission.READ); |
|
| 610 |
} catch (InvalidRequest e) {
|
|
| 611 |
throw new ServiceFailure("1410", e.getDescription());
|
|
| 612 |
} |
|
| 613 |
if (!isAuthorized) {
|
|
| 602 | 614 |
throw new NotAuthorized("1400", Permission.READ + " not allowed on " + pid.getValue());
|
| 603 | 615 |
} |
| 604 | 616 |
|
Also available in: Unified diff
throw InvalidToken when an invalid Permission is passed in. THis requires that internal calls to the method also check for this exception.
https://redmine.dataone.org/issues/2388