Revision 7137
Added by ben leinfelder about 12 years ago
Eml210SAXHandler.java | ||
---|---|---|
1215 | 1215 |
|
1216 | 1216 |
// if accessSection is not null and is not reference |
1217 | 1217 |
if (accessSectionObj.getReferences() == null) { |
1218 |
// check for denyFirst permOrder |
|
1219 |
String permOrder = accessSectionObj.getPermissionOrder(); |
|
1220 |
if (permOrder.equals(AccessControlInterface.DENYFIRST) && ignoreDenyFirst) { |
|
1221 |
logMetacat.warn("Metacat no longer supports EML 'denyFirst' access rules - ignoring this access block"); |
|
1222 |
return; |
|
1223 |
} |
|
1218 | 1224 |
// write the top level access module into xml_accesssubtree to |
1219 | 1225 |
// store info and then when update to check if the user can |
1220 | 1226 |
// update it or not |
... | ... | |
1242 | 1248 |
for (int i = 0; i < accessObjectList.size(); i++) { |
1243 | 1249 |
AccessSection accessObj = accessObjectList.elementAt(i); |
1244 | 1250 |
String accessObjId = accessObj.getSubTreeId(); |
1251 |
// check for denyFirst permOrder |
|
1252 |
String permOrder = accessObj.getPermissionOrder(); |
|
1253 |
if (permOrder.equals(AccessControlInterface.DENYFIRST) && ignoreDenyFirst) { |
|
1254 |
logMetacat.warn("Metacat no longer supports EML 'denyFirst' access rules - ignoring this access block, subtree id: " + accessObjId); |
|
1255 |
continue; |
|
1256 |
} |
|
1245 | 1257 |
if (referenceId != null && accessObj != null |
1246 | 1258 |
&& referenceId.equals(accessObjId)) { |
1247 | 1259 |
// make sure the user didn't change any thing in this |
... | ... | |
1375 | 1387 |
// If the distribution doesn't have an access section, we continue. |
1376 | 1388 |
if (accessSection == null) { |
1377 | 1389 |
continue; |
1378 |
}
|
|
1390 |
} |
|
1379 | 1391 |
|
1392 |
// check for denyFirst permOrder |
|
1393 |
String permOrder = accessSection.getPermissionOrder(); |
|
1394 |
if (permOrder.equals(AccessControlInterface.DENYFIRST) && ignoreDenyFirst) { |
|
1395 |
logMetacat.warn("Metacat no longer supports EML 'denyFirst' access rules - ignoring this access block: " + distributionSection.getDataFileName()); |
|
1396 |
continue; |
|
1397 |
} |
|
1398 |
|
|
1380 | 1399 |
// We want to check file permissions for all online data updates and inserts, or for |
1381 | 1400 |
// inline updates. |
1382 | 1401 |
// if (distributionType == DistributionSection.DATA_DISTRIBUTION |
Also available in: Unified diff
no not record EML access rules that use the "denyFirst" permOrder.
https://redmine.dataone.org/issues/2614