Revision 7157
Added by ben leinfelder over 12 years ago
src/edu/ucsb/nceas/metacat/dataone/D1NodeService.java | ||
---|---|---|
170 | 170 |
|
171 | 171 |
String localId = null; |
172 | 172 |
boolean allowed = false; |
173 |
String username = Constants.SUBJECT_PUBLIC; |
|
174 |
String[] groupnames = null; |
|
175 | 173 |
if (session == null) { |
176 | 174 |
throw new InvalidToken("1330", "No session has been provided"); |
177 |
} else { |
|
178 |
username = session.getSubject().getValue(); |
|
179 |
if (session.getSubjectInfo() != null) { |
|
180 |
List<Group> groupList = session.getSubjectInfo().getGroupList(); |
|
181 |
if (groupList != null) { |
|
182 |
groupnames = new String[groupList.size()]; |
|
183 |
for (int i = 0; i > groupList.size(); i++) { |
|
184 |
groupnames[i] = groupList.get(i).getGroupName(); |
|
185 |
} |
|
186 |
} |
|
187 |
} |
|
188 | 175 |
} |
176 |
// just for logging purposes |
|
177 |
String username = session.getSubject().getValue(); |
|
189 | 178 |
|
190 | 179 |
// do we have a valid pid? |
191 | 180 |
if (pid == null || pid.getValue().trim().equals("")) { |
... | ... | |
199 | 188 |
throw new NotFound("1340", "The object with the provided " + "identifier was not found."); |
200 | 189 |
} |
201 | 190 |
|
202 |
// does the subject have DELETE (a D1 CHANGE_PERMISSION level) priveleges on the pid? |
|
191 |
// only admin is allowed a full delete |
|
192 |
allowed = isAdminAuthorized(session); |
|
193 |
if (!allowed) { |
|
194 |
throw new NotAuthorized("1320", "The provided identity does not have " + "permission to DELETE objects on the Member Node."); |
|
195 |
} |
|
196 |
|
|
203 | 197 |
try { |
204 |
allowed = isAuthorized(session, pid, Permission.CHANGE_PERMISSION); |
|
205 |
} catch (InvalidRequest e) { |
|
206 |
throw new ServiceFailure("1350", e.getDescription()); |
|
207 |
} |
|
198 |
// delete the document, as admin |
|
199 |
DocumentImpl.delete(localId, null, null, null, true); |
|
200 |
EventLog.getInstance().log(request.getRemoteAddr(), request.getHeader("User-Agent"), username, localId, Event.DELETE.xmlValue()); |
|
201 |
|
|
202 |
// archive it |
|
203 |
SystemMetadata sysMeta = HazelcastService.getInstance().getSystemMetadataMap().get(pid); |
|
204 |
sysMeta.setArchived(true); |
|
205 |
sysMeta.setDateSysMetadataModified(Calendar.getInstance().getTime()); |
|
206 |
HazelcastService.getInstance().getSystemMetadataMap().put(pid, sysMeta); |
|
208 | 207 |
|
208 |
} catch (McdbDocNotFoundException e) { |
|
209 |
throw new NotFound("1340", "The provided identifier was invalid."); |
|
209 | 210 |
|
210 |
if (allowed) { |
|
211 |
try { |
|
212 |
// delete the document |
|
213 |
DocumentImpl.delete(localId, username, groupnames, null, true); |
|
214 |
EventLog.getInstance().log(request.getRemoteAddr(), request.getHeader("User-Agent"), username, localId, Event.DELETE.xmlValue()); |
|
211 |
} catch (SQLException e) { |
|
212 |
throw new ServiceFailure("1350", "There was a problem deleting the object." + "The error message was: " + e.getMessage()); |
|
215 | 213 |
|
216 |
// archive it |
|
217 |
SystemMetadata sysMeta = HazelcastService.getInstance().getSystemMetadataMap().get(pid); |
|
218 |
sysMeta.setArchived(true); |
|
219 |
sysMeta.setDateSysMetadataModified(Calendar.getInstance().getTime()); |
|
220 |
HazelcastService.getInstance().getSystemMetadataMap().put(pid, sysMeta); |
|
221 |
|
|
222 |
} catch (McdbDocNotFoundException e) { |
|
223 |
throw new NotFound("1340", "The provided identifier was invalid."); |
|
214 |
} catch (InsufficientKarmaException e) { |
|
215 |
throw new NotAuthorized("1320", "The provided identity does not have " + "permission to DELETE objects on the Member Node."); |
|
224 | 216 |
|
225 |
} catch (SQLException e) { |
|
226 |
throw new ServiceFailure("1350", "There was a problem deleting the object." + "The error message was: " + e.getMessage()); |
|
227 |
|
|
228 |
} catch (InsufficientKarmaException e) { |
|
229 |
throw new NotAuthorized("1320", "The provided identity does not have " + "permission to DELETE objects on the Member Node."); |
|
230 |
|
|
231 |
} catch (Exception e) { // for some reason DocumentImpl throws a general Exception |
|
232 |
throw new ServiceFailure("1350", "There was a problem deleting the object." + "The error message was: " + e.getMessage()); |
|
233 |
} |
|
234 |
|
|
235 |
} else { |
|
236 |
throw new NotAuthorized("1320", "The provided identity does not have " + "permission to DELETE objects on the Member Node."); |
|
217 |
} catch (Exception e) { // for some reason DocumentImpl throws a general Exception |
|
218 |
throw new ServiceFailure("1350", "There was a problem deleting the object." + "The error message was: " + e.getMessage()); |
|
237 | 219 |
} |
238 | 220 |
|
239 | 221 |
return pid; |
Also available in: Unified diff
only admin users can call MN/CN.delete(). This is limited to any CN and only the MN that is calling itself