Project

General

Profile

« Previous | Next » 

Revision 7039

A minor change to isAuthorized() - compare each Person in the SubjectInfo (not just the primary Subject) since each person could have an equivalent identity mapped to the primary Subject. Add debug logging for the comparison.

View differences:

src/edu/ucsb/nceas/metacat/dataone/D1NodeService.java
714 714
			List<Person> personList = subjectInfo.getPersonList();
715 715
			if (personList != null) {
716 716
				for (Person p : personList) {
717
					// for the primary person
718
					if (p.getSubject().equals(subject)) {
717
					  // for every person listed (isVerified is transitive)
719 718
						logMetacat.debug("checking person");
720 719
						logMetacat.debug("p.getVerified(): " + p.getVerified());
721 720
						if (p.getVerified() != null && p.getVerified()) {
......
740 739
							}
741 740
						}
742 741
						break;
743
					}
744 742
				}
745 743
			}
746 744
		}
......
777 775
	    
778 776
    // do we own it?
779 777
    for (Subject s: subjects) {
778
      logMetacat.debug("Comparing \t" + 
779
                       systemMetadata.getRightsHolder().getValue() +
780
                       " \tagainst \t" + s.getValue());
780 781
    	allowed = systemMetadata.getRightsHolder().equals(s);
781 782
    	if (allowed) {
782 783
    		return allowed;
......
805 806
    	// catch all for errors - safe side should be to deny the access
806 807
    	logMetacat.error("Problem checking authorization - defaulting to deny", e);
807 808
		allowed = false;
808
	}
809
	  
810
    }
809 811
    
810 812
    // throw or return?
811 813
    if (!allowed) {

Also available in: Unified diff