Revision 7059
Added by ben leinfelder over 12 years ago
| src/edu/ucsb/nceas/metacat/dataone/D1NodeService.java | ||
|---|---|---|
| 819 | 819 |
search: // label break |
| 820 | 820 |
for (AccessRule accessRule: allows) {
|
| 821 | 821 |
for (Subject s: subjects) {
|
| 822 |
logMetacat.debug("Checking allow access rule for subject: " + s.getValue());
|
|
| 822 | 823 |
if (accessRule.getSubjectList().contains(s)) {
|
| 824 |
logMetacat.debug("Access rule contains subject: " + s.getValue());
|
|
| 823 | 825 |
for (Permission p: accessRule.getPermissionList()) {
|
| 826 |
logMetacat.debug("Checking permission: " + p.xmlValue());
|
|
| 824 | 827 |
expandedPermissions = expandPermissions(p); |
| 825 | 828 |
allowed = expandedPermissions.contains(permission); |
| 826 | 829 |
if (allowed) {
|
| 830 |
logMetacat.info("Permission granted: " + p.xmlValue() + " to " + s.getValue());
|
|
| 827 | 831 |
break search; //label break |
| 828 | 832 |
} |
| 829 | 833 |
} |
Also available in: Unified diff
logging for permission checks - trying to nail down details of MN checking