Project

General

Profile

« Previous | Next » 

Revision 7068

Added by Chris Jones over 12 years ago

Remove individual calls to isAdminAuthorized() in favor of the centralized isAuthorized() call that handles it now.

View differences:

src/edu/ucsb/nceas/metacat/dataone/CNodeService.java
136 136
      Subject subject = session.getSubject();
137 137
      
138 138
      // are we allowed to do this?
139
      if (!isAdminAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
140
          if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
141
              throw new NotAuthorized("4881", Permission.CHANGE_PERMISSION
142
                      + " not allowed by " + subject.getValue() + " on "
143
                      + pid.getValue());
144
              
145
          }
139
      if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
140
          throw new NotAuthorized("4881", Permission.CHANGE_PERMISSION
141
                  + " not allowed by " + subject.getValue() + " on "
142
                  + pid.getValue());
143
          
146 144
      }
147 145
      
148 146
      SystemMetadata systemMetadata = null;
......
230 228
		Subject subject = session.getSubject();
231 229

  
232 230
		// are we allowed to do this?
233
		if (!isAdminAuthorized(session, pid, Permission.WRITE)) {
234
			boolean isAuthorized = false;
235
			try {
236
				isAuthorized = isAuthorized(session, pid, Permission.WRITE);
237
			} catch (InvalidRequest e) {
238
				throw new ServiceFailure("4882", e.getDescription());
239
			}
240
			if (!isAuthorized) {
241
				throw new NotAuthorized("4881", Permission.WRITE
242
						+ " not allowed by " + subject.getValue() + " on "
243
						+ pid.getValue());
231
		boolean isAuthorized = false;
232
		try {
233
			isAuthorized = isAuthorized(session, pid, Permission.WRITE);
234
		} catch (InvalidRequest e) {
235
			throw new ServiceFailure("4882", e.getDescription());
236
		}
237
		if (!isAuthorized) {
238
			throw new NotAuthorized("4881", Permission.WRITE
239
					+ " not allowed by " + subject.getValue() + " on "
240
					+ pid.getValue());
244 241

  
245
			}
246 242
		}
247 243

  
248 244
		SystemMetadata systemMetadata = null;
......
346 342
		Subject subject = session.getSubject();
347 343

  
348 344
		// are we allowed to do this?
349
		if (!isAdminAuthorized(session, pid, Permission.WRITE)) {
350
			if (!isAuthorized(session, pid, Permission.WRITE)) {
351
				throw new NotAuthorized("4881", Permission.WRITE
352
						+ " not allowed by " + subject.getValue() + " on "
353
						+ pid.getValue());
345
		if (!isAuthorized(session, pid, Permission.WRITE)) {
346
			throw new NotAuthorized("4881", Permission.WRITE
347
					+ " not allowed by " + subject.getValue() + " on "
348
					+ pid.getValue());
354 349

  
355
			}
356 350
		}
357 351

  
352

  
358 353
		SystemMetadata systemMetadata = null;
359 354
		try {
360 355
			lock = HazelcastService.getInstance().getLock(pid.getValue());
......
520 515
                  }
521 516
              }
522 517

  
523
              if ( !isAdminAuthorized(session, pid, Permission.WRITE) ) {
518
              if ( !isAuthorized(session, pid, Permission.WRITE) ) {
524 519
                  if (!allowed) {
525 520
                    String msg = "The subject identified by "
526 521
                            + subject.getValue()
......
991 986
      Subject subject = session.getSubject();
992 987
      
993 988
      // are we allowed to do this?
994
      if (!isAdminAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
995
          if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
996
              throw new NotAuthorized("4440", "not allowed by "
997
                      + subject.getValue() + " on " + pid.getValue());
998
              
999
          }
989
      if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
990
          throw new NotAuthorized("4440", "not allowed by "
991
                  + subject.getValue() + " on " + pid.getValue());
992
          
1000 993
      }
1001 994
      
1002 995
      SystemMetadata systemMetadata = null;
......
1288 1281
      // get the subject
1289 1282
      Subject subject = session.getSubject();
1290 1283
      
1291
      if (!isAdminAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
1292
          // are we allowed to do this?
1293
          if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
1294
              throw new NotAuthorized("4420", "not allowed by "
1295
                      + subject.getValue() + " on " + pid.getValue());
1296
          }
1284
      // are we allowed to do this?
1285
      if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
1286
          throw new NotAuthorized("4420", "not allowed by "
1287
                  + subject.getValue() + " on " + pid.getValue());
1297 1288
      }
1298 1289
      
1299 1290
      try {
......
1384 1375
      
1385 1376
      // are we allowed to do this?
1386 1377
      try {
1387
        if (!isAdminAuthorized(session, pid, Permission.WRITE)) {
1388
            // what is the controlling permission?
1389
            if (!isAuthorized(session, pid, Permission.WRITE)) {
1390
                throw new NotAuthorized("4851", "not allowed by "
1391
                        + subject.getValue() + " on " + pid.getValue());
1392
            }
1393
        }
1378

  
1379
          // what is the controlling permission?
1380
          if (!isAuthorized(session, pid, Permission.WRITE)) {
1381
              throw new NotAuthorized("4851", "not allowed by "
1382
                      + subject.getValue() + " on " + pid.getValue());
1383
          }
1384

  
1394 1385
        
1395 1386
      } catch (InvalidToken e) {
1396 1387
          throw new NotAuthorized("4851", "not allowed by " + subject.getValue() + 

Also available in: Unified diff