Project

General

Profile

Statistics
| Revision:
Name Size Revision Age Author Comment
  dbadapter 5030 over 15 years daigle Change location of PropertyService to propertie...
  metacat 7075 over 12 years Chris Jones Only allow CNs to call MN.synchronizationFailed...
  protocols 3077 about 18 years Matt Jones Removed the @release@ ant token from all files ...
  shared 5015 over 15 years daigle Create database and shared directories for data...

Latest revisions

# Date Author Comment
7075 03/16/2012 11:40 AM Chris Jones

Only allow CNs to call MN.synchronizationFailed() by calling isAdminAuthorized(). The pid must also be valid.

7074 03/15/2012 07:50 PM Chris Jones

Modify CNodeService.setReplicationStatus() slightly to restrict MN-based calls to only set the status to COMPLETED. The CNs should be setting failures or invalidations, or the status can remain at QUEUED or REQUESTED, and the MNAuditTask can revisit those replicas as needed.

7073 03/15/2012 07:14 PM Chris Jones

Add a notifyReplicaNodes() method that calls MNStorage.systemMetadataChanged() on MN replica nodes for a given object identifier. This will be called when there are changes to AccessPolicy and rights holder since these are critical access metadata for an MN, but they can only be changed on the CN.

7072 03/15/2012 12:10 PM Chris Jones

Add some debugging statements in isAuthorized().

7071 03/15/2012 12:08 PM Chris Jones

In setReplicationStatus(), first check for a replica target MN subject match with the session subject. If this fails, look to see if CN admin access is allowed. Otherwise throw NotAuthorized. Addresses https://redmine.dataone.org/issues/2494

7070 03/15/2012 11:46 AM ben leinfelder

do not allow "Metacat-conforming" identifiers to be used. "test.1.001" is interpreted as "test.1.1" which renders "test.1.002" unusable unless a traditional Metacat "update" is used for that id/revision which contradicts the DataONE use of Identifiers that have no lexical requirements for revisions.

7069 03/15/2012 08:08 AM ben leinfelder

check for session when checking administrative authorization

7068 03/14/2012 12:02 PM Chris Jones

Remove individual calls to isAdminAuthorized() in favor of the centralized isAuthorized() call that handles it now.

7067 03/14/2012 11:57 AM Chris Jones

Incorporate isAdminAuthorized() into isAuthorized() for blanket CN access to objects.

7066 03/13/2012 04:00 PM ben leinfelder

check for null Session before continuing with setReplicationStatus()
https://redmine.dataone.org/issues/2476#note-3

View revisions

Also available in: Atom