Revision 7078
Added by ben leinfelder almost 13 years ago
| src/edu/ucsb/nceas/metacat/dataone/CNodeService.java | ||
|---|---|---|
| 336 | 336 |
public Identifier delete(Session session, Identifier pid) |
| 337 | 337 |
throws InvalidToken, ServiceFailure, NotAuthorized, NotFound, NotImplemented {
|
| 338 | 338 |
|
| 339 |
// TODO: any CN-specific checks to perform? |
|
| 339 |
// check that it is CN/admin |
|
| 340 |
boolean allowed = isAdminAuthorized(session, pid, Permission.CHANGE_PERMISSION); |
|
| 340 | 341 |
|
| 342 |
if (!allowed) {
|
|
| 343 |
String msg = "The subject is not allowed to call delete() on a Coordinating Node."; |
|
| 344 |
logMetacat.info(msg); |
|
| 345 |
throw new NotAuthorized("1320", msg);
|
|
| 346 |
} |
|
| 347 |
|
|
| 341 | 348 |
// defer to superclass implementation |
| 342 | 349 |
return super.delete(session, pid); |
| 343 | 350 |
} |
Also available in: Unified diff
check that caller is CN/admin for CN.delete()
https://redmine.dataone.org/issues/2506