Revision 7039
Added by Chris Jones almost 13 years ago
src/edu/ucsb/nceas/metacat/dataone/D1NodeService.java | ||
---|---|---|
714 | 714 |
List<Person> personList = subjectInfo.getPersonList(); |
715 | 715 |
if (personList != null) { |
716 | 716 |
for (Person p : personList) { |
717 |
// for the primary person |
|
718 |
if (p.getSubject().equals(subject)) { |
|
717 |
// for every person listed (isVerified is transitive) |
|
719 | 718 |
logMetacat.debug("checking person"); |
720 | 719 |
logMetacat.debug("p.getVerified(): " + p.getVerified()); |
721 | 720 |
if (p.getVerified() != null && p.getVerified()) { |
... | ... | |
740 | 739 |
} |
741 | 740 |
} |
742 | 741 |
break; |
743 |
} |
|
744 | 742 |
} |
745 | 743 |
} |
746 | 744 |
} |
... | ... | |
777 | 775 |
|
778 | 776 |
// do we own it? |
779 | 777 |
for (Subject s: subjects) { |
778 |
logMetacat.debug("Comparing \t" + |
|
779 |
systemMetadata.getRightsHolder().getValue() + |
|
780 |
" \tagainst \t" + s.getValue()); |
|
780 | 781 |
allowed = systemMetadata.getRightsHolder().equals(s); |
781 | 782 |
if (allowed) { |
782 | 783 |
return allowed; |
... | ... | |
805 | 806 |
// catch all for errors - safe side should be to deny the access |
806 | 807 |
logMetacat.error("Problem checking authorization - defaulting to deny", e); |
807 | 808 |
allowed = false; |
808 |
} |
|
809 |
|
|
810 |
} |
|
809 | 811 |
|
810 | 812 |
// throw or return? |
811 | 813 |
if (!allowed) { |
Also available in: Unified diff
A minor change to isAuthorized() - compare each Person in the SubjectInfo (not just the primary Subject) since each person could have an equivalent identity mapped to the primary Subject. Add debug logging for the comparison.