/src/edu/ucsb/nceas/metacat/dataone/CNodeService.java - Annotate - Metacat - Ecoinformatics Redmine

metacat/src/edu/ucsb/nceas/metacat/dataone/CNodeService.java @ 7315

-            cjones
+/**
  *  '$RCSfile$'
  *  Copyright: 2000-2011 Regents of the University of California and the
  *              National Center for Ecological Analysis and Synthesis
+ *
  *   '$Author:  $'
  *     '$Date:  $'
+ *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation; either version 2 of the License, or
  * (at your option) any later version.
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
+ *
  * You should have received a copy of the GNU General Public License
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 package edu.ucsb.nceas.metacat.dataone;
-            cjones
+import java.io.InputStream;
-            cjones
+import java.math.BigInteger;
-            leinfelder
+import java.util.ArrayList;
-            cjones
+import java.util.Calendar;
-            cjones
+import java.util.Date;
-            leinfelder
+import java.util.List;
-            cjones
+import java.util.concurrent.locks.Lock;
             cjones
-            leinfelder
+import javax.servlet.http.HttpServletRequest;
-            cjones
+import org.apache.log4j.Logger;
-            cjones
+import org.dataone.client.CNode;
 import org.dataone.client.D1Client;
-            cjones
+import org.dataone.client.MNode;
-            leinfelder
+import org.dataone.service.cn.v1.CNAuthorization;
 import org.dataone.service.cn.v1.CNCore;
 import org.dataone.service.cn.v1.CNRead;
 import org.dataone.service.cn.v1.CNReplication;
-            cjones
+import org.dataone.service.exceptions.BaseException;
-            cjones
+import org.dataone.service.exceptions.IdentifierNotUnique;
 import org.dataone.service.exceptions.InsufficientResources;
 import org.dataone.service.exceptions.InvalidRequest;
 import org.dataone.service.exceptions.InvalidSystemMetadata;
 import org.dataone.service.exceptions.InvalidToken;
 import org.dataone.service.exceptions.NotAuthorized;
 import org.dataone.service.exceptions.NotFound;
 import org.dataone.service.exceptions.NotImplemented;
 import org.dataone.service.exceptions.ServiceFailure;
-            cjones
+import org.dataone.service.exceptions.UnsupportedType;
-            cjones
+import org.dataone.service.exceptions.VersionMismatch;
-            cjones
+import org.dataone.service.types.v1.AccessPolicy;
-            leinfelder
+import org.dataone.service.types.v1.Checksum;
-            leinfelder
+import org.dataone.service.types.v1.ChecksumAlgorithmList;
-            leinfelder
+import org.dataone.service.types.v1.DescribeResponse;
 import org.dataone.service.types.v1.Event;
-            leinfelder
+import org.dataone.service.types.v1.Identifier;
-            leinfelder
+import org.dataone.service.types.v1.Log;
-            cjones
+import org.dataone.service.types.v1.Node;
-            leinfelder
+import org.dataone.service.types.v1.NodeList;
-            cjones
+import org.dataone.service.types.v1.NodeReference;
-            cjones
+import org.dataone.service.types.v1.NodeType;
-            leinfelder
+import org.dataone.service.types.v1.ObjectFormat;
 import org.dataone.service.types.v1.ObjectFormatIdentifier;
 import org.dataone.service.types.v1.ObjectFormatList;
 import org.dataone.service.types.v1.ObjectList;
 import org.dataone.service.types.v1.ObjectLocationList;
 import org.dataone.service.types.v1.Permission;
 import org.dataone.service.types.v1.Replica;
 import org.dataone.service.types.v1.ReplicationPolicy;
 import org.dataone.service.types.v1.ReplicationStatus;
 import org.dataone.service.types.v1.Session;
 import org.dataone.service.types.v1.Subject;
 import org.dataone.service.types.v1.SystemMetadata;
-            leinfelder
+import org.dataone.service.types.v1.util.ServiceMethodRestrictionUtil;
             cjones
-            leinfelder
+import edu.ucsb.nceas.metacat.EventLog;
 import edu.ucsb.nceas.metacat.IdentifierManager;
-            leinfelder
+import edu.ucsb.nceas.metacat.dataone.hazelcast.HazelcastService;
             leinfelder
-            cjones
+/**
  * Represents Metacat's implementation of the DataONE Coordinating Node
-            cjones
+ * service API. Methods implement the various CN* interfaces, and methods common
-            cjones
+ * to both Member Node and Coordinating Node interfaces are found in the
  * D1NodeService super class.
+ *
  */
 public class CNodeService extends D1NodeService implements CNAuthorization,
-            leinfelder
+    CNCore, CNRead, CNReplication {
             cjones
-            cjones
+  /* the logger instance */
   private Logger logMetacat = null;
             cjones
-            cjones
+  /**
    * singleton accessor
    */
-            leinfelder
+  public static CNodeService getInstance(HttpServletRequest request) {
     return new CNodeService(request);
             cjones
   /**
    * Constructor, private for singleton access
    */
-            leinfelder
+  private CNodeService(HttpServletRequest request) {
     super(request);
-            cjones
+    logMetacat = Logger.getLogger(CNodeService.class);
+  }
-            cjones
+  /**
    * Set the replication policy for an object given the object identifier
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - the object identifier for the given object
    * @param policy - the replication policy to be applied
+   *
    * @return true or false
+   *
    * @throws NotImplemented
    * @throws NotAuthorized
    * @throws ServiceFailure
    * @throws InvalidRequest
-            cjones
+   * @throws VersionMismatch
             cjones
    */
-            jones
+  @Override
-            cjones
+  public boolean setReplicationPolicy(Session session, Identifier pid,
-            cjones
+      ReplicationPolicy policy, long serialVersion)
-            cjones
+      throws NotImplemented, NotFound, NotAuthorized, ServiceFailure,
-            cjones
+      InvalidRequest, InvalidToken, VersionMismatch {
             cjones
-            cjones
+      // The lock to be used for this identifier
-            cjones
+      Lock lock = null;
             cjones
-            cjones
+      // get the subject
       Subject subject = session.getSubject();
       // are we allowed to do this?
-            cjones
+      if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
           throw new NotAuthorized("4881", Permission.CHANGE_PERMISSION
                   + " not allowed by " + subject.getValue() + " on "
                   + pid.getValue());
             cjones
       SystemMetadata systemMetadata = null;
-            cjones
+      try {
-            cjones
+          lock = HazelcastService.getInstance().getLock(pid.getValue());
           lock.lock();
-            cjones
+          logMetacat.debug("Locked identifier " + pid.getValue());
             cjones
           try {
               if ( HazelcastService.getInstance().getSystemMetadataMap().containsKey(pid) ) {
                   systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
+              }
             cjones
               // did we get it correctly?
               if ( systemMetadata == null ) {
                   throw new NotFound("4884", "Couldn't find an object identified by " + pid.getValue());
+              }
             cjones
               // does the request have the most current system metadata?
               if ( systemMetadata.getSerialVersion().longValue() != serialVersion ) {
                  String msg = "The requested system metadata version number " +
                      serialVersion + " differs from the current version at " +
                      systemMetadata.getSerialVersion().longValue() +
                      ". Please get the latest copy in order to modify it.";
-            cjones
+                 throw new VersionMismatch("4886", msg);
             cjones
             cjones
-            cjones
+          } catch (RuntimeException e) { // Catch is generic since HZ throws RuntimeException
-            cjones
+              throw new NotFound("4884", "No record found for: " + pid.getValue());
             cjones
             cjones
           // set the new policy
           systemMetadata.setReplicationPolicy(policy);
           // update the metadata
           try {
               systemMetadata.setSerialVersion(systemMetadata.getSerialVersion().add(BigInteger.ONE));
               systemMetadata.setDateSysMetadataModified(Calendar.getInstance().getTime());
               HazelcastService.getInstance().getSystemMetadataMap().put(systemMetadata.getIdentifier(), systemMetadata);
-            cjones
+              notifyReplicaNodes(systemMetadata);
-            cjones
+          } catch (RuntimeException e) {
-            cjones
+              throw new ServiceFailure("4882", e.getMessage());
             cjones
-            cjones
+      } catch (RuntimeException e) {
           throw new ServiceFailure("4882", e.getMessage());
       } finally {
           lock.unlock();
           logMetacat.debug("Unlocked identifier " + pid.getValue());
+      }
             cjones
-            cjones
+      return true;
             cjones
             cjones
-            cjones
+  /**
-            leinfelder
+   * Deletes the replica from the given Member Node
    * NOTE: MN.delete() may be an "archive" operation. TBD.
    * @param session
    * @param pid
    * @param nodeId
    * @param serialVersion
    * @return
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotAuthorized
    * @throws NotFound
    * @throws NotImplemented
-            leinfelder
+   * @throws VersionMismatch
-            leinfelder
+   */
-            leinfelder
+  @Override
-            leinfelder
+  public boolean deleteReplicationMetadata(Session session, Identifier pid, NodeReference nodeId, long serialVersion)
-            leinfelder
+  	throws InvalidToken, ServiceFailure, NotAuthorized, NotFound, NotImplemented, VersionMismatch {
             leinfelder
-            leinfelder
+	  	// The lock to be used for this identifier
 		Lock lock = null;
 		// get the subject
 		Subject subject = session.getSubject();
 		// are we allowed to do this?
-            cjones
+		boolean isAuthorized = false;
 		try {
 			isAuthorized = isAuthorized(session, pid, Permission.WRITE);
 		} catch (InvalidRequest e) {
 			throw new ServiceFailure("4882", e.getDescription());
+		}
 		if (!isAuthorized) {
 			throw new NotAuthorized("4881", Permission.WRITE
 					+ " not allowed by " + subject.getValue() + " on "
 					+ pid.getValue());
             leinfelder
+		}
 		SystemMetadata systemMetadata = null;
 		try {
 			lock = HazelcastService.getInstance().getLock(pid.getValue());
 			lock.lock();
 			logMetacat.debug("Locked identifier " + pid.getValue());
 			try {
 				if (HazelcastService.getInstance().getSystemMetadataMap().containsKey(pid)) {
 					systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
+				}
 				// did we get it correctly?
 				if (systemMetadata == null) {
 					throw new NotFound("4884", "Couldn't find an object identified by " + pid.getValue());
+				}
 				// does the request have the most current system metadata?
 				if (systemMetadata.getSerialVersion().longValue() != serialVersion) {
 					String msg = "The requested system metadata version number "
 							+ serialVersion
 							+ " differs from the current version at "
 							+ systemMetadata.getSerialVersion().longValue()
 							+ ". Please get the latest copy in order to modify it.";
 					throw new VersionMismatch("4886", msg);
+				}
 			} catch (RuntimeException e) { // Catch is generic since HZ throws RuntimeException
 				throw new NotFound("4884", "No record found for: " + pid.getValue());
+			}
 			// check permissions
 			// TODO: is this necessary?
 			List<Node> nodeList = D1Client.getCN().listNodes().getNodeList();
 			boolean isAllowed = ServiceMethodRestrictionUtil.isMethodAllowed(session.getSubject(), nodeList, "CNReplication", "deleteReplicationMetadata");
-            cjones
+			if (!isAllowed) {
-            leinfelder
+				throw new NotAuthorized("4881", "Caller is not authorized to deleteReplicationMetadata");
+			}
 			// delete the replica from the given node
-            cjones
+			// CSJ: use CN.delete() to truly delete a replica, semantically
 			// deleteReplicaMetadata() only modifies the sytem metadata entry.
-            cjones
+			//D1Client.getMN(nodeId).delete(session, pid);
             leinfelder
 			// reflect that change in the system metadata
 			List<Replica> updatedReplicas = new ArrayList<Replica>(systemMetadata.getReplicaList());
 			for (Replica r: systemMetadata.getReplicaList()) {
 				  if (r.getReplicaMemberNode().equals(nodeId)) {
 					  updatedReplicas.remove(r);
 					  break;
+				  }
+			}
 			systemMetadata.setReplicaList(updatedReplicas);
 			// update the metadata
 			try {
 				systemMetadata.setSerialVersion(systemMetadata.getSerialVersion().add(BigInteger.ONE));
 				systemMetadata.setDateSysMetadataModified(Calendar.getInstance().getTime());
 				HazelcastService.getInstance().getSystemMetadataMap().put(systemMetadata.getIdentifier(), systemMetadata);
 			} catch (RuntimeException e) {
 				throw new ServiceFailure("4882", e.getMessage());
+			}
 		} catch (RuntimeException e) {
 			throw new ServiceFailure("4882", e.getMessage());
 		} finally {
 			lock.unlock();
 			logMetacat.debug("Unlocked identifier " + pid.getValue());
+		}
 		return true;
             leinfelder
+  }
-            leinfelder
+  /**
-            leinfelder
+   * Deletes an object from the Coordinating Node, where the object is a
    * a science metadata object.
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - The object identifier to be deleted
+   *
    * @return pid - the identifier of the object used for the deletion
+   *
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotAuthorized
    * @throws NotFound
    * @throws NotImplemented
    * @throws InvalidRequest
    */
   @Override
   public Identifier delete(Session session, Identifier pid)
       throws InvalidToken, ServiceFailure, NotAuthorized, NotFound, NotImplemented {
-            leinfelder
+	  // check that it is CN/admin
-            leinfelder
+	  boolean allowed = isAdminAuthorized(session);
             leinfelder
-            leinfelder
+	  if (!allowed) {
 		  String msg = "The subject is not allowed to call delete() on a Coordinating Node.";
 		  logMetacat.info(msg);
 		  throw new NotAuthorized("1320", msg);
+	  }
-            leinfelder
+	  // defer to superclass implementation
-            leinfelder
+	  Identifier retId =  super.delete(session, pid);
 	  // notify the replicas
 	  SystemMetadata systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
 	  if (systemMetadata.getReplicaList() != null) {
 		  for (Replica replica: systemMetadata.getReplicaList()) {
 			  NodeReference replicaNode = replica.getReplicaMemberNode();
 			  try {
 				  Identifier mnRetId = D1Client.getMN(replicaNode).delete(null, pid);
 			  } catch (Exception e) {
 				  // all we can really do is log errors and carry on with life
 				  logMetacat.error("Error deleting pid: " +  pid.getValue() + " from replica MN: " + replicaNode.getValue(), e);
+			}
+		  }
+	  }
 	  return retId;
             leinfelder
   /**
-            leinfelder
+   * Deletes an object from the Coordinating Node, where the object is a
    * a science metadata object.
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - The object identifier to be deleted
+   *
    * @return pid - the identifier of the object used for the deletion
+   *
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotAuthorized
    * @throws NotFound
    * @throws NotImplemented
    * @throws InvalidRequest
    */
   @Override
   public Identifier archive(Session session, Identifier pid)
       throws InvalidToken, ServiceFailure, NotAuthorized, NotFound, NotImplemented {
 	  // check that it is CN/admin
 	  boolean allowed = isAdminAuthorized(session);
 	  if (!allowed) {
 		  String msg = "The subject is not allowed to call delete() on a Coordinating Node.";
 		  logMetacat.info(msg);
 		  throw new NotAuthorized("1320", msg);
+	  }
 	  // defer to superclass implementation
 	  Identifier retId =  super.archive(session, pid);
 	  // notify the replicas
 	  SystemMetadata systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
 	  if (systemMetadata.getReplicaList() != null) {
 		  for (Replica replica: systemMetadata.getReplicaList()) {
 			  NodeReference replicaNode = replica.getReplicaMemberNode();
 			  try {
 				  // TODO: implement in the clients
 				  //Identifier mnRetId = D1Client.getMN(replicaNode).archive(null, pid);
 			  } catch (Exception e) {
 				  // all we can really do is log errors and carry on with life
 				  logMetacat.error("Error archiving pid: " +  pid.getValue() + " from replica MN: " + replicaNode.getValue(), e);
+			}
+		  }
+	  }
 	  return retId;
+  }
   /**
-            leinfelder
+   * Set the obsoletedBy attribute in System Metadata
    * @param session
    * @param pid
    * @param obsoletedByPid
    * @param serialVersion
    * @return
    * @throws NotImplemented
    * @throws NotFound
    * @throws NotAuthorized
    * @throws ServiceFailure
    * @throws InvalidRequest
    * @throws InvalidToken
    * @throws VersionMismatch
    */
-            leinfelder
+  @Override
-            leinfelder
+  public boolean setObsoletedBy(Session session, Identifier pid,
 			Identifier obsoletedByPid, long serialVersion)
 			throws NotImplemented, NotFound, NotAuthorized, ServiceFailure,
 			InvalidRequest, InvalidToken, VersionMismatch {
 		// The lock to be used for this identifier
 		Lock lock = null;
 		// get the subject
 		Subject subject = session.getSubject();
 		// are we allowed to do this?
-            cjones
+		if (!isAuthorized(session, pid, Permission.WRITE)) {
 			throw new NotAuthorized("4881", Permission.WRITE
 					+ " not allowed by " + subject.getValue() + " on "
 					+ pid.getValue());
             leinfelder
+		}
             cjones
-            leinfelder
+		SystemMetadata systemMetadata = null;
 		try {
 			lock = HazelcastService.getInstance().getLock(pid.getValue());
 			lock.lock();
 			logMetacat.debug("Locked identifier " + pid.getValue());
 			try {
 				if (HazelcastService.getInstance().getSystemMetadataMap().containsKey(pid)) {
 					systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
+				}
 				// did we get it correctly?
 				if (systemMetadata == null) {
 					throw new NotFound("4884", "Couldn't find an object identified by " + pid.getValue());
+				}
 				// does the request have the most current system metadata?
 				if (systemMetadata.getSerialVersion().longValue() != serialVersion) {
 					String msg = "The requested system metadata version number "
 							+ serialVersion
 							+ " differs from the current version at "
 							+ systemMetadata.getSerialVersion().longValue()
 							+ ". Please get the latest copy in order to modify it.";
 					throw new VersionMismatch("4886", msg);
+				}
 			} catch (RuntimeException e) { // Catch is generic since HZ throws RuntimeException
 				throw new NotFound("4884", "No record found for: " + pid.getValue());
+			}
 			// set the new policy
 			systemMetadata.setObsoletedBy(obsoletedByPid);
 			// update the metadata
 			try {
 				systemMetadata.setSerialVersion(systemMetadata.getSerialVersion().add(BigInteger.ONE));
 				systemMetadata.setDateSysMetadataModified(Calendar.getInstance().getTime());
 				HazelcastService.getInstance().getSystemMetadataMap().put(systemMetadata.getIdentifier(), systemMetadata);
 			} catch (RuntimeException e) {
 				throw new ServiceFailure("4882", e.getMessage());
+			}
 		} catch (RuntimeException e) {
 			throw new ServiceFailure("4882", e.getMessage());
 		} finally {
 			lock.unlock();
 			logMetacat.debug("Unlocked identifier " + pid.getValue());
+		}
 		return true;
+	}
             leinfelder
             leinfelder
-            leinfelder
+  /**
-            cjones
+   * Set the replication status for an object given the object identifier
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - the object identifier for the given object
    * @param status - the replication status to be applied
+   *
    * @return true or false
+   *
    * @throws NotImplemented
    * @throws NotAuthorized
    * @throws ServiceFailure
    * @throws InvalidRequest
    * @throws InvalidToken
    * @throws NotFound
+   *
    */
-            jones
+  @Override
-            cjones
+  public boolean setReplicationStatus(Session session, Identifier pid,
-            cjones
+      NodeReference targetNode, ReplicationStatus status, BaseException failure)
-            cjones
+      throws ServiceFailure, NotImplemented, InvalidToken, NotAuthorized,
       InvalidRequest, NotFound {
             leinfelder
 	  // cannot be called by public
 	  if (session == null) {
 		  throw new NotAuthorized("4720", "Session cannot be null");
+	  }
             cjones
-            cjones
+      // The lock to be used for this identifier
-            cjones
+      Lock lock = null;
             cjones
-            cjones
+      boolean allowed = false;
       int replicaEntryIndex = -1;
       List<Replica> replicas = null;
       // get the subject
       Subject subject = session.getSubject();
-            cjones
+      logMetacat.debug("ReplicationStatus for identifier " + pid.getValue() +
           " is " + status.toString());
             cjones
       SystemMetadata systemMetadata = null;
             cjones
       try {
-            cjones
+          lock = HazelcastService.getInstance().getLock(pid.getValue());
-            cjones
+          lock.lock();
-            cjones
+          logMetacat.debug("Locked identifier " + pid.getValue());
-            cjones
+          try {
               systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
             cjones
-            cjones
+              // did we get it correctly?
-            cjones
+              if ( systemMetadata == null ) {
                   logMetacat.debug("systemMetadata is null for " + pid.getValue());
-            cjones
+                  throw new NotFound("4740", "Couldn't find an object identified by " + pid.getValue());
             cjones
+              }
               replicas = systemMetadata.getReplicaList();
               int count = 0;
             cjones
-            cjones
+              // was there a failure? log it
               if ( failure != null && status == ReplicationStatus.FAILED ) {
                  String msg = "The replication request of the object identified by " +
                      pid.getValue() + " failed.  The error message was " +
                      failure.getMessage() + ".";
             cjones
             cjones
-            cjones
+              if (replicas.size() > 0 && replicas != null) {
                   // find the target replica index in the replica list
                   for (Replica replica : replicas) {
                       String replicaNodeStr = replica.getReplicaMemberNode()
                               .getValue();
                       String targetNodeStr = targetNode.getValue();
                       logMetacat.debug("Comparing " + replicaNodeStr + " to "
                               + targetNodeStr);
             cjones
-            cjones
+                      if (replicaNodeStr.equals(targetNodeStr)) {
                           replicaEntryIndex = count;
                           logMetacat.debug("replica entry index is: "
                                   + replicaEntryIndex);
                           break;
+                      }
                       count++;
             cjones
+                  }
+              }
               // are we allowed to do this? only CNs and target MNs are allowed
               CNode cn = D1Client.getCN();
               List<Node> nodes = cn.listNodes().getNodeList();
             cjones
-            cjones
+              // find the node in the node list
               for ( Node node : nodes ) {
                   NodeReference nodeReference = node.getIdentifier();
                   logMetacat.debug("In setReplicationStatus(), Node reference is: " + nodeReference.getValue());
-            cjones
+                  // allow target MN certs
                   if (targetNode.getValue().equals(nodeReference.getValue()) &&
-            cjones
+                      node.getType() == NodeType.MN) {
-            cjones
+                      List<Subject> nodeSubjects = node.getSubjectList();
                       // check if the session subject is in the node subject list
                       for (Subject nodeSubject : nodeSubjects) {
-            cjones
+                          logMetacat.debug("In setReplicationStatus(), comparing subjects: " +
                                   nodeSubject.getValue() + " and " + subject.getValue());
-            cjones
+                          if ( nodeSubject.equals(subject) ) { // subject of session == target node subject
             cjones
-            cjones
+                              // lastly limit to COMPLETED, INVALIDATED,
                               // and FAILED status updates from MNs only
-            cjones
+                              if ( status == ReplicationStatus.COMPLETED ||
-            cjones
+                                   status == ReplicationStatus.INVALIDATED ||
-            cjones
+                                   status == ReplicationStatus.FAILED) {
-            cjones
+                                  allowed = true;
                                   break;
+                              }
             cjones
+                      }
+                  }
+              }
             cjones
-            cjones
+              if ( !allowed ) {
                   //check for CN admin access
                   allowed = isAuthorized(session, pid, Permission.WRITE);
             cjones
             cjones
               if ( !allowed ) {
                   String msg = "The subject identified by "
                           + subject.getValue()
                           + " does not have permission to set the replication status for "
                           + "the replica identified by "
                           + targetNode.getValue() + ".";
                   logMetacat.info(msg);
                   throw new NotAuthorized("4720", msg);
             cjones
             cjones
-            cjones
+          } catch (RuntimeException e) { // Catch is generic since HZ throws RuntimeException
             throw new NotFound("4740", "No record found for: " + pid.getValue() +
                 " : " + e.getMessage());
             cjones
-            cjones
+          Replica targetReplica = new Replica();
-            cjones
+          // set the status for the replica
           if ( replicaEntryIndex != -1 ) {
-            cjones
+              targetReplica = replicas.get(replicaEntryIndex);
             cjones
               // don't allow status to change from COMPLETED to anything other
               // than INVALIDATED: prevents overwrites from race conditions
               if ( targetReplica.getReplicationStatus() == ReplicationStatus.COMPLETED &&
             	   status != ReplicationStatus.INVALIDATED) {
             	  throw new InvalidRequest("4730", "Status state change from " +
             			  targetReplica.getReplicationStatus() + " to " +
             			  status.toString() + "is prohibited for identifier " +
             			  pid.getValue() + " and target node " +
             			  targetReplica.getReplicaMemberNode().getValue());
+              }
-            cjones
+              targetReplica.setReplicationStatus(status);
               logMetacat.debug("Set the replication status for " +
                   targetReplica.getReplicaMemberNode().getValue() + " to " +
-            cjones
+                  targetReplica.getReplicationStatus() + " for identifier " +
                   pid.getValue());
             cjones
-            cjones
+          } else {
-            cjones
+              // this is a new entry, create it
               targetReplica.setReplicaMemberNode(targetNode);
               targetReplica.setReplicationStatus(status);
               targetReplica.setReplicaVerified(Calendar.getInstance().getTime());
               replicas.add(targetReplica);
             cjones
-            cjones
+          systemMetadata.setReplicaList(replicas);
           // update the metadata
           try {
               systemMetadata.setSerialVersion(systemMetadata.getSerialVersion().add(BigInteger.ONE));
               systemMetadata.setDateSysMetadataModified(Calendar.getInstance().getTime());
               HazelcastService.getInstance().getSystemMetadataMap().put(systemMetadata.getIdentifier(), systemMetadata);
             cjones
               if ( status != ReplicationStatus.QUEUED && status != ReplicationStatus.REQUESTED) {
                 logMetacat.trace("METRICS:\tREPLICATION:\tEND REQUEST:\tPID:\t" + pid.getValue() +
                           "\tNODE:\t" + targetNode.getValue() +
                           "\tSIZE:\t" + systemMetadata.getSize().intValue());
                 logMetacat.trace("METRICS:\tREPLICATION:\t" + status.toString().toUpperCase() +
                           "\tPID:\t"  + pid.getValue() +
                           "\tNODE:\t" + targetNode.getValue() +
                           "\tSIZE:\t" + systemMetadata.getSize().intValue());
+              }
-            cjones
+              if ( status == ReplicationStatus.FAILED && failure != null ) {
                   logMetacat.warn("Replication failed for identifier " + pid.getValue() +
                       " on target node " + targetNode + ". The exception was: " +
                       failure.getMessage());
+              }
-            cjones
+          } catch (RuntimeException e) {
-            cjones
+              throw new ServiceFailure("4700", e.getMessage());
             cjones
-            cjones
+    } catch (RuntimeException e) {
         String msg = "There was a RuntimeException getting the lock for " +
             pid.getValue();
         logMetacat.info(msg);
     } finally {
-            cjones
+        lock.unlock();
         logMetacat.debug("Unlocked identifier " + pid.getValue());
             cjones
             cjones
             cjones
-            cjones
+      return true;
             cjones
   /**
    * Return the checksum of the object given the identifier
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - the object identifier for the given object
+   *
    * @return checksum - the checksum of the object
+   *
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotAuthorized
    * @throws NotFound
    * @throws NotImplemented
    */
-            jones
+  @Override
-            cjones
+  public Checksum getChecksum(Session session, Identifier pid)
     throws InvalidToken, ServiceFailure, NotAuthorized, NotFound,
-            leinfelder
+    NotImplemented {
             leinfelder
 	boolean isAuthorized = false;
 	try {
 		isAuthorized = isAuthorized(session, pid, Permission.READ);
 	} catch (InvalidRequest e) {
 		throw new ServiceFailure("1410", e.getDescription());
+	}
     if (!isAuthorized) {
-            cjones
+        throw new NotAuthorized("1400", Permission.READ + " not allowed on " + pid.getValue());
             cjones
             cjones
-            cjones
+    SystemMetadata systemMetadata = null;
-            cjones
+    Checksum checksum = null;
-            cjones
+    try {
-            cjones
+        systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
         if (systemMetadata == null ) {
             throw new NotFound("1420", "Couldn't find an object identified by " + pid.getValue());
+        }
-            cjones
+        checksum = systemMetadata.getChecksum();
             cjones
     } catch (RuntimeException e) {
-            cjones
+        throw new ServiceFailure("1410", "An error occurred getting the checksum for " +
             pid.getValue() + ". The error message was: " + e.getMessage());
             cjones
     return checksum;
+  }
             cjones
-            cjones
+  /**
    * Resolve the location of a given object
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - the object identifier for the given object
+   *
    * @return objectLocationList - the list of nodes known to contain the object
+   *
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotAuthorized
    * @throws NotFound
    * @throws NotImplemented
    */
-            jones
+  @Override
-            cjones
+  public ObjectLocationList resolve(Session session, Identifier pid)
-            leinfelder
+    throws InvalidToken, ServiceFailure, NotAuthorized,
-            cjones
+    NotFound, NotImplemented {
             cjones
-            cjones
+    throw new NotImplemented("4131", "resolve not implemented");
             leinfelder
             cjones
             cjones
-            cjones
+  /**
    * Search the metadata catalog for identifiers that match the criteria
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param queryType - An identifier for the type of query expression
    *                    provided in the query
    * @param query -  The criteria for matching the characteristics of the
    *                 metadata objects of interest
+   *
    * @return objectList - the list of objects matching the criteria
+   *
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotAuthorized
    * @throws InvalidRequest
    * @throws NotImplemented
    */
-            jones
+  @Override
-            cjones
+  public ObjectList search(Session session, String queryType, String query)
     throws InvalidToken, ServiceFailure, NotAuthorized, InvalidRequest,
     NotImplemented {
             cjones
-            cjones
+    ObjectList objectList = null;
     try {
         objectList =
           IdentifierManager.getInstance().querySystemMetadata(
               null, //startTime,
               null, //endTime,
               null, //objectFormat,
               false, //replicaStatus,
 , //start,
               -1 //count
               );
     } catch (Exception e) {
       throw new ServiceFailure("4310", "Error querying system metadata: " + e.getMessage());
+    }
             leinfelder
-            cjones
+      return objectList;
     //throw new NotImplemented("4281", "search not implemented");
     // the code block below is from an older implementation
     /*  This block commented out because of the EcoGrid circular dependency.
-            leinfelder
+         *  For now, query will not be supported until the circularity can be
          *  resolved, probably by moving the ecogrid query syntax transformers
          *  directly into the Metacat codebase.  MBJ 2010-02-03
         try {
             EcogridQueryParser parser = new EcogridQueryParser(request
                     .getReader());
             parser.parseXML();
             QueryType queryType = parser.getEcogridQuery();
             EcogridJavaToMetacatJavaQueryTransformer queryTransformer =
                 new EcogridJavaToMetacatJavaQueryTransformer();
             QuerySpecification metacatQuery = queryTransformer
                     .transform(queryType);
             leinfelder
-            leinfelder
+            DBQuery metacat = new DBQuery();
             boolean useXMLIndex = (new Boolean(PropertyService
                     .getProperty("database.usexmlindex"))).booleanValue();
             String xmlquery = "query"; // we don't care the query in resultset,
             // the query can be anything
             PrintWriter out = null; // we don't want metacat result, so set out null
             // parameter: queryspecification, user, group, usingIndexOrNot
             StringBuffer result = metacat.createResultDocument(xmlquery,
                     metacatQuery, out, username, groupNames, useXMLIndex);
             // create result set transfer
             String saxparser = PropertyService.getProperty("xml.saxparser");
             MetacatResultsetParser metacatResultsetParser = new MetacatResultsetParser(
                     new StringReader(result.toString()), saxparser, queryType
                             .getNamespace().get_value());
             ResultsetType records = metacatResultsetParser.getEcogridResult();
             System.out
                     .println(EcogridResultsetTransformer.toXMLString(records));
             response.setContentType("text/xml");
             out = response.getWriter();
             out.print(EcogridResultsetTransformer.toXMLString(records));
         } catch (Exception e) {
             e.printStackTrace();
         }*/
             cjones
             leinfelder
             cjones
   /**
    * Returns the object format registered in the DataONE Object Format
    * Vocabulary for the given format identifier
+   *
    * @param fmtid - the identifier of the format requested
+   *
    * @return objectFormat - the object format requested
+   *
    * @throws ServiceFailure
    * @throws NotFound
    * @throws InsufficientResources
    * @throws NotImplemented
    */
-            jones
+  @Override
-            cjones
+  public ObjectFormat getFormat(ObjectFormatIdentifier fmtid)
-            leinfelder
+    throws ServiceFailure, NotFound, NotImplemented {
             cjones
       return ObjectFormatService.getInstance().getFormat(fmtid);
+  }
             cjones
-            cjones
+  /**
-            cjones
+   * Returns a list of all object formats registered in the DataONE Object
    * Format Vocabulary
             cjones
    * @return objectFormatList - The list of object formats registered in
    *                            the DataONE Object Format Vocabulary
+   *
    * @throws ServiceFailure
    * @throws NotImplemented
    * @throws InsufficientResources
    */
-            jones
+  @Override
-            cjones
+  public ObjectFormatList listFormats()
-            leinfelder
+    throws ServiceFailure, NotImplemented {
             cjones
-            cjones
+    return ObjectFormatService.getInstance().listFormats();
+  }
             cjones
-            cjones
+  /**
-            cjones
+   * Returns a list of nodes that have been registered with the DataONE infrastructure
             cjones
    * @return nodeList - List of nodes from the registry
+   *
    * @throws ServiceFailure
    * @throws NotImplemented
    */
-            jones
+  @Override
-            cjones
+  public NodeList listNodes()
     throws NotImplemented, ServiceFailure {
             cjones
-            cjones
+    throw new NotImplemented("4800", "listNodes not implemented");
+  }
             cjones
-            cjones
+  /**
-            cjones
+   * Provides a mechanism for adding system metadata independently of its
    * associated object, such as when adding system metadata for data objects.
             cjones
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - The identifier of the object to register the system metadata against
    * @param sysmeta - The system metadata to be registered
+   *
    * @return true if the registration succeeds
+   *
    * @throws NotImplemented
    * @throws NotAuthorized
    * @throws ServiceFailure
    * @throws InvalidRequest
    * @throws InvalidSystemMetadata
    */
-            jones
+  @Override
-            cjones
+  public Identifier registerSystemMetadata(Session session, Identifier pid,
       SystemMetadata sysmeta)
       throws NotImplemented, NotAuthorized, ServiceFailure, InvalidRequest,
       InvalidSystemMetadata {
             cjones
-            cjones
+      // The lock to be used for this identifier
-            cjones
+      Lock lock = null;
             cjones
-            cjones
+      // TODO: control who can call this?
       if (session == null) {
           //TODO: many of the thrown exceptions do not use the correct error codes
           //check these against the docs and correct them
           throw new NotAuthorized("4861", "No Session - could not authorize for registration." +
                   "  If you are not logged in, please do so and retry the request.");
+      }
       // verify that guid == SystemMetadata.getIdentifier()
       logMetacat.debug("Comparing guid|sysmeta_guid: " + pid.getValue() +
           "|" + sysmeta.getIdentifier().getValue());
       if (!pid.getValue().equals(sysmeta.getIdentifier().getValue())) {
           throw new InvalidRequest("4863",
               "The identifier in method call (" + pid.getValue() +
               ") does not match identifier in system metadata (" +
               sysmeta.getIdentifier().getValue() + ").");
+      }
             leinfelder
-            cjones
+      try {
-            cjones
+          lock = HazelcastService.getInstance().getLock(sysmeta.getIdentifier().getValue());
-            cjones
+          lock.lock();
-            cjones
+          logMetacat.debug("Locked identifier " + pid.getValue());
-            cjones
+          logMetacat.debug("Checking if identifier exists...");
           // Check that the identifier does not already exist
           if (HazelcastService.getInstance().getSystemMetadataMap().containsKey(pid)) {
               throw new InvalidRequest("4863",
                   "The identifier is already in use by an existing object.");
             cjones
             cjones
           // insert the system metadata into the object store
           logMetacat.debug("Starting to insert SystemMetadata...");
           try {
               sysmeta.setSerialVersion(BigInteger.ONE);
               sysmeta.setDateSysMetadataModified(Calendar.getInstance().getTime());
               HazelcastService.getInstance().getSystemMetadataMap().put(sysmeta.getIdentifier(), sysmeta);
-            cjones
+          } catch (RuntimeException e) {
-            cjones
+            logMetacat.error("Problem registering system metadata: " + pid.getValue(), e);
               throw new ServiceFailure("4862", "Error inserting system metadata: " +
                   e.getClass() + ": " + e.getMessage());
+          }
-            cjones
+      } catch (RuntimeException e) {
-            cjones
+          throw new ServiceFailure("4862", "Error inserting system metadata: " +
-            cjones
+                  e.getClass() + ": " + e.getMessage());
             cjones
-            cjones
+      }  finally {
           lock.unlock();
           logMetacat.debug("Unlocked identifier " + pid.getValue());
+      }
             cjones
             cjones
       logMetacat.debug("Returning from registerSystemMetadata");
       EventLog.getInstance().log(request.getRemoteAddr(),
           request.getHeader("User-Agent"), session.getSubject().getValue(),
           pid.getValue(), "registerSystemMetadata");
       return pid;
             cjones
   /**
-            cjones
+   * Given an optional scope and format, reserves and returns an identifier
    * within that scope and format that is unique and will not be
    * used by any other sessions.
             cjones
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - The identifier of the object to register the system metadata against
    * @param scope - An optional string to be used to qualify the scope of
    *                the identifier namespace, which is applied differently
    *                depending on the format requested. If scope is not
    *                supplied, a default scope will be used.
    * @param format - The optional name of the identifier format to be used,
    *                  drawn from a DataONE-specific vocabulary of identifier
    *                 format names, including several common syntaxes such
    *                 as DOI, LSID, UUID, and LSRN, among others. If the
    *                 format is not supplied by the caller, the CN service
    *                 will use a default identifier format, which may change
    *                 over time.
+   *
    * @return true if the registration succeeds
+   *
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotAuthorized
    * @throws IdentifierNotUnique
    * @throws NotImplemented
    */
-            jones
+  @Override
-            leinfelder
+  public Identifier reserveIdentifier(Session session, Identifier pid)
-            cjones
+  throws InvalidToken, ServiceFailure,
-            leinfelder
+        NotAuthorized, IdentifierNotUnique, NotImplemented, InvalidRequest {
             cjones
-            cjones
+    throw new NotImplemented("4191", "reserveIdentifier not implemented on this node");
+  }
-            jones
+  @Override
-            cjones
+  public Identifier generateIdentifier(Session session, String scheme, String fragment)
   throws InvalidToken, ServiceFailure,
-            leinfelder
+        NotAuthorized, NotImplemented, InvalidRequest {
-            cjones
+    throw new NotImplemented("4191", "generateIdentifier not implemented on this node");
+  }
   /**
     * Checks whether the pid is reserved by the subject in the session param
     * If the reservation is held on the pid by the subject, we return true.
+    *
    * @param session - the Session object containing the Subject
    * @param pid - The identifier to check
+   *
    * @return true if the reservation exists for the subject/pid
+   *
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotFound - when the pid is not found (in use or in reservation)
    * @throws NotAuthorized - when the subject does not hold a reservation on the pid
    * @throws IdentifierNotUnique - when the pid is in use
    * @throws NotImplemented
    */
             cjones
-            jones
+  @Override
-            leinfelder
+  public boolean hasReservation(Session session, Subject subject, Identifier pid)
-            cjones
+      throws InvalidToken, ServiceFailure, NotFound, NotAuthorized, IdentifierNotUnique,
       NotImplemented, InvalidRequest {
       throw new NotImplemented("4191", "hasReservation not implemented on this node");
+  }
             leinfelder
-            cjones
+  /**
-            cjones
+   * Changes ownership (RightsHolder) of the specified object to the
    * subject specified by userId
             cjones
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - Identifier of the object to be modified
    * @param userId - The subject that will be taking ownership of the specified object.
+   *
    * @return pid - the identifier of the modified object
+   *
    * @throws ServiceFailure
    * @throws InvalidToken
    * @throws NotFound
    * @throws NotAuthorized
    * @throws NotImplemented
    * @throws InvalidRequest
    */
-            jones
+  @Override
-            leinfelder
+  public Identifier setRightsHolder(Session session, Identifier pid, Subject userId,
-            cjones
+      long serialVersion)
       throws InvalidToken, ServiceFailure, NotFound, NotAuthorized,
-            cjones
+      NotImplemented, InvalidRequest, VersionMismatch {
             cjones
-            cjones
+      // The lock to be used for this identifier
-            cjones
+      Lock lock = null;
             cjones
-            cjones
+      // get the subject
       Subject subject = session.getSubject();
       // are we allowed to do this?
-            cjones
+      if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
           throw new NotAuthorized("4440", "not allowed by "
                   + subject.getValue() + " on " + pid.getValue());
             cjones
       SystemMetadata systemMetadata = null;
-            cjones
+      try {
-            cjones
+          lock = HazelcastService.getInstance().getLock(pid.getValue());
-            cjones
+          logMetacat.debug("Locked identifier " + pid.getValue());
-            cjones
+          try {
               systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
               // does the request have the most current system metadata?
               if ( systemMetadata.getSerialVersion().longValue() != serialVersion ) {
                  String msg = "The requested system metadata version number " +
                      serialVersion + " differs from the current version at " +
                      systemMetadata.getSerialVersion().longValue() +
                      ". Please get the latest copy in order to modify it.";
-            cjones
+                 throw new VersionMismatch("4443", msg);
             cjones
-            cjones
+          } catch (RuntimeException e) { // Catch is generic since HZ throws RuntimeException
-            cjones
+              throw new NotFound("4460", "No record found for: " + pid.getValue());
             cjones
             cjones
           // set the new rights holder
           systemMetadata.setRightsHolder(userId);
             cjones
-            cjones
+          // update the metadata
           try {
               systemMetadata.setSerialVersion(systemMetadata.getSerialVersion().add(BigInteger.ONE));
               systemMetadata.setDateSysMetadataModified(Calendar.getInstance().getTime());
               HazelcastService.getInstance().getSystemMetadataMap().put(pid, systemMetadata);
-            cjones
+              notifyReplicaNodes(systemMetadata);
             cjones
-            cjones
+          } catch (RuntimeException e) {
               throw new ServiceFailure("4490", e.getMessage());
             cjones
             cjones
             cjones
-            cjones
+      } catch (RuntimeException e) {
-            cjones
+          throw new ServiceFailure("4490", e.getMessage());
             cjones
       } finally {
-            cjones
+          lock.unlock();
-            cjones
+          logMetacat.debug("Unlocked identifier " + pid.getValue());
             cjones
             cjones
-            cjones
+      return pid;
             cjones
             cjones
-            cjones
+  /**
    * Verify that a replication task is authorized by comparing the target node's
    * Subject (from the X.509 certificate-derived Session) with the list of
    * subjects in the known, pending replication tasks map.
+   *
    * @param originatingNodeSession - Session information that contains the
    *                                 identity of the calling user
    * @param targetNodeSubject - Subject identifying the target node
    * @param pid - the identifier of the object to be replicated
    * @param replicatePermission - the execute permission to be granted
+   *
    * @throws ServiceFailure
    * @throws NotImplemented
    * @throws InvalidToken
    * @throws NotAuthorized
    * @throws InvalidRequest
    * @throws NotFound
    */
-            jones
+  @Override
-            cjones
+  public boolean isNodeAuthorized(Session originatingNodeSession,
-            leinfelder
+    Subject targetNodeSubject, Identifier pid)
-            cjones
+    throws NotImplemented, NotAuthorized, InvalidToken, ServiceFailure,
     NotFound, InvalidRequest {
             cjones
-            cjones
+    boolean isAllowed = false;
     SystemMetadata sysmeta = null;
-            cjones
+    NodeReference targetNode = null;
-            cjones
+    try {
       // get the target node reference from the nodes list
       CNode cn = D1Client.getCN();
       List<Node> nodes = cn.listNodes().getNodeList();
             cjones
-            cjones
+      if ( nodes != null ) {
         for (Node node : nodes) {
             cjones
-            leinfelder
+        	if (node.getSubjectList() != null) {
 	            for (Subject nodeSubject : node.getSubjectList()) {
 	                if ( nodeSubject.equals(targetNodeSubject) ) {
 	                    targetNode = node.getIdentifier();
 	                    logMetacat.debug("targetNode is : " + targetNode.getValue());
 	                    break;
+	                }
+	            }
+        	}
             cjones
-            cjones
+            if ( targetNode != null) { break; }
             cjones
       } else {
           String msg = "Couldn't get the node list from the CN";
           logMetacat.debug(msg);
           throw new ServiceFailure("4872", msg);
             cjones
             cjones
       // can't find a node listed with the given subject
       if ( targetNode == null ) {
           String msg = "There is no Member Node registered with a node subject " +
               "matching " + targetNodeSubject.getValue();
           logMetacat.info(msg);
-            leinfelder
+          throw new NotAuthorized("4871", msg);
             cjones
+      }
-            cjones
+      logMetacat.debug("Getting system metadata for identifier " + pid.getValue());
-            cjones
+      sysmeta = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
             cjones
-            cjones
+      if ( sysmeta != null ) {
           List<Replica> replicaList = sysmeta.getReplicaList();
           if ( replicaList != null ) {
               // find the replica with the status set to 'requested'
               for (Replica replica : replicaList) {
                   ReplicationStatus status = replica.getReplicationStatus();
                   NodeReference listedNode = replica.getReplicaMemberNode();
-            cjones
+                  if ( listedNode != null && targetNode != null ) {
                       logMetacat.debug("Comparing " + listedNode.getValue()
                               + " to " + targetNode.getValue());
                       if (listedNode.getValue().equals(targetNode.getValue())
                               && status.equals(ReplicationStatus.REQUESTED)) {
                           isAllowed = true;
                           break;
             cjones
             cjones
             cjones
+              }
             cjones
-            cjones
+          logMetacat.debug("The " + targetNode.getValue() + " is allowed " +
               "to replicate: " + isAllowed + " for " + pid.getValue());
             cjones
       } else {
           logMetacat.debug("System metadata for identifier " + pid.getValue() +
           " is null.");
-            cjones
+          throw new NotFound("4874", "Couldn't find an object identified by " + pid.getValue());
             cjones
             cjones
             cjones
-            cjones
+    } catch (RuntimeException e) {
-            cjones
+    	  ServiceFailure sf = new ServiceFailure("4872",
                 "Runtime Exception: Couldn't determine if node is allowed: " +
-            leinfelder
+                e.getMessage());
-            cjones
+    	  sf.initCause(e);
-            leinfelder
+        throw sf;
             cjones
             cjones
     return isAllowed;
             cjones
             cjones
-            cjones
+  /**
-            cjones
+   * Adds a new object to the Node, where the object is a science metadata object.
             cjones
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - The object identifier to be created
    * @param object - the object bytes
    * @param sysmeta - the system metadata that describes the object
+   *
    * @return pid - the object identifier created
+   *
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotAuthorized
    * @throws IdentifierNotUnique
    * @throws UnsupportedType
    * @throws InsufficientResources
    * @throws InvalidSystemMetadata
    * @throws NotImplemented
    * @throws InvalidRequest
    */
   public Identifier create(Session session, Identifier pid, InputStream object,
     SystemMetadata sysmeta)
     throws InvalidToken, ServiceFailure, NotAuthorized, IdentifierNotUnique,
     UnsupportedType, InsufficientResources, InvalidSystemMetadata,
     NotImplemented, InvalidRequest {
             cjones
-            cjones
+      // The lock to be used for this identifier
-            cjones
+      Lock lock = null;
             cjones
-            cjones
+      try {
-            cjones
+          lock = HazelcastService.getInstance().getLock(pid.getValue());
           // are we allowed?
-            cjones
+          boolean isAllowed = false;
-            leinfelder
+          isAllowed = isAdminAuthorized(session);
             cjones
           // proceed if we're called by a CN
           if ( isAllowed ) {
               // create the coordinating node version of the document
-            cjones
+              lock.lock();
-            cjones
+              logMetacat.debug("Locked identifier " + pid.getValue());
-            cjones
+              sysmeta.setSerialVersion(BigInteger.ONE);
               sysmeta.setDateSysMetadataModified(Calendar.getInstance().getTime());
-            cjones
+              sysmeta.setArchived(false); // this is a create op, not update
               // the CN should have set the origin and authoritative member node fields
               try {
                   sysmeta.getOriginMemberNode().getValue();
                   sysmeta.getAuthoritativeMemberNode().getValue();
               } catch (NullPointerException npe) {
                   throw new InvalidSystemMetadata("4896",
                       "Both the origin and authoritative member node identifiers need to be set.");
+              }
-            cjones
+              pid = super.create(session, pid, object, sysmeta);
           } else {
               String msg = "The subject listed as " + session.getSubject().getValue() +
                   " isn't allowed to call create() on a Coordinating Node.";
               logMetacat.info(msg);
               throw new NotAuthorized("1100", msg);
+          }
-            cjones
+      } catch (RuntimeException e) {
-            cjones
+          // Convert Hazelcast runtime exceptions to service failures
           String msg = "There was a problem creating the object identified by " +
               pid.getValue() + ". There error message was: " + e.getMessage();
-            cjones
+          throw new ServiceFailure("4893", msg);
             cjones
       } finally {
-            leinfelder
+    	  if (lock != null) {
 	          lock.unlock();
 	          logMetacat.debug("Unlocked identifier " + pid.getValue());
+    	  }
             cjones
-            cjones
+      return pid;
+  }
-            cjones
+  /**
    * Set access for a given object using the object identifier and a Subject
    * under a given Session.
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - the object identifier for the given object to apply the policy
    * @param policy - the access policy to be applied
+   *
    * @return true if the application of the policy succeeds
    * @throws InvalidToken
    * @throws ServiceFailure
    * @throws NotFound
    * @throws NotAuthorized
    * @throws NotImplemented
    * @throws InvalidRequest
    */
   public boolean setAccessPolicy(Session session, Identifier pid,
-            cjones
+      AccessPolicy accessPolicy, long serialVersion)
-            cjones
+      throws InvalidToken, ServiceFailure, NotFound, NotAuthorized,
-            cjones
+      NotImplemented, InvalidRequest, VersionMismatch {
             cjones
-            cjones
+      // The lock to be used for this identifier
-            cjones
+      Lock lock = null;
-            cjones
+      SystemMetadata systemMetadata = null;
             cjones
-            cjones
+      boolean success = false;
       // get the subject
       Subject subject = session.getSubject();
-            cjones
+      // are we allowed to do this?
       if (!isAuthorized(session, pid, Permission.CHANGE_PERMISSION)) {
           throw new NotAuthorized("4420", "not allowed by "
                   + subject.getValue() + " on " + pid.getValue());
             cjones
       try {
-            cjones
+          lock = HazelcastService.getInstance().getLock(pid.getValue());
-            cjones
+          lock.lock();
-            cjones
+          logMetacat.debug("Locked identifier " + pid.getValue());
-            cjones
+          try {
               systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
             cjones
-            cjones
+              if ( systemMetadata == null ) {
                   throw new NotFound("4400", "Couldn't find an object identified by " + pid.getValue());
+              }
-            cjones
+              // does the request have the most current system metadata?
               if ( systemMetadata.getSerialVersion().longValue() != serialVersion ) {
                  String msg = "The requested system metadata version number " +
                      serialVersion + " differs from the current version at " +
                      systemMetadata.getSerialVersion().longValue() +
                      ". Please get the latest copy in order to modify it.";
-            cjones
+                 throw new VersionMismatch("4402", msg);
             cjones
-            cjones
+          } catch (RuntimeException e) {
-            cjones
+              // convert Hazelcast RuntimeException to NotFound
               throw new NotFound("4400", "No record found for: " + pid);
             cjones
             cjones
           // set the access policy
           systemMetadata.setAccessPolicy(accessPolicy);
             cjones
-            cjones
+          // update the system metadata
           try {
               systemMetadata.setSerialVersion(systemMetadata.getSerialVersion().add(BigInteger.ONE));
               systemMetadata.setDateSysMetadataModified(Calendar.getInstance().getTime());
               HazelcastService.getInstance().getSystemMetadataMap().put(systemMetadata.getIdentifier(), systemMetadata);
-            cjones
+              notifyReplicaNodes(systemMetadata);
-            cjones
+          } catch (RuntimeException e) {
-            cjones
+              // convert Hazelcast RuntimeException to ServiceFailure
               throw new ServiceFailure("4430", e.getMessage());
+          }
             cjones
-            cjones
+      } catch (RuntimeException e) {
-            cjones
+          throw new ServiceFailure("4430", e.getMessage());
             cjones
-            cjones
+      } finally {
-            cjones
+          lock.unlock();
-            cjones
+          logMetacat.debug("Unlocked identifier " + pid.getValue());
             cjones
+      }
             cjones
             cjones
     // TODO: how do we know if the map was persisted?
     success = true;
     return success;
+  }
-            cjones
+  /**
    * Full replacement of replication metadata in the system metadata for the
    * specified object, changes date system metadata modified
+   *
    * @param session - the Session object containing the credentials for the Subject
    * @param pid - the object identifier for the given object to apply the policy
    * @param replica - the replica to be updated
    * @return
    * @throws NotImplemented
    * @throws NotAuthorized
    * @throws ServiceFailure
    * @throws InvalidRequest
    * @throws NotFound
-            cjones
+   * @throws VersionMismatch
-            cjones
+   */
-            cjones
+  @Override
-            cjones
+  public boolean updateReplicationMetadata(Session session, Identifier pid,
-            cjones
+      Replica replica, long serialVersion)
-            cjones
+      throws NotImplemented, NotAuthorized, ServiceFailure, InvalidRequest,
-            cjones
+      NotFound, VersionMismatch {
             cjones
-            cjones
+      // The lock to be used for this identifier
-            cjones
+      Lock lock = null;
             cjones
-            cjones
+      // get the subject
       Subject subject = session.getSubject();
       // are we allowed to do this?
       try {
             cjones
           // what is the controlling permission?
           if (!isAuthorized(session, pid, Permission.WRITE)) {
               throw new NotAuthorized("4851", "not allowed by "
                       + subject.getValue() + " on " + pid.getValue());
+          }
             cjones
       } catch (InvalidToken e) {
           throw new NotAuthorized("4851", "not allowed by " + subject.getValue() +
                   " on " + pid.getValue());
+      }
       SystemMetadata systemMetadata = null;
-            cjones
+      try {
-            cjones
+          lock = HazelcastService.getInstance().getLock(pid.getValue());
-            cjones
+          lock.lock();
-            cjones
+          logMetacat.debug("Locked identifier " + pid.getValue());
             cjones
-            cjones
+          try {
               systemMetadata = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
               // does the request have the most current system metadata?
               if ( systemMetadata.getSerialVersion().longValue() != serialVersion ) {
                  String msg = "The requested system metadata version number " +
                      serialVersion + " differs from the current version at " +
                      systemMetadata.getSerialVersion().longValue() +
                      ". Please get the latest copy in order to modify it.";
-            cjones
+                 throw new VersionMismatch("4855", msg);
             cjones
-            cjones
+          } catch (RuntimeException e) { // Catch is generic since HZ throws RuntimeException
               throw new NotFound("4854", "No record found for: " + pid.getValue() +
                   " : " + e.getMessage());
             cjones
             cjones
             cjones
           // set the status for the replica
           List<Replica> replicas = systemMetadata.getReplicaList();
           NodeReference replicaNode = replica.getReplicaMemberNode();
-            cjones
+          ReplicationStatus replicaStatus = replica.getReplicationStatus();
-            cjones
+          int index = 0;
           for (Replica listedReplica: replicas) {
               // remove the replica that we are replacing
               if ( replicaNode.getValue().equals(listedReplica.getReplicaMemberNode().getValue())) {
-            cjones
+                      // don't allow status to change from COMPLETED to anything other
                       // than INVALIDATED: prevents overwrites from race conditions
                 	  if ( listedReplica.getReplicationStatus() == ReplicationStatus.COMPLETED &&
             		    replicaStatus != ReplicationStatus.INVALIDATED ) {
                 	  throw new InvalidRequest("4853", "Status state change from " +
                 			  listedReplica.getReplicationStatus() + " to " +
                 			  replicaStatus.toString() + "is prohibited for identifier " +
                 			  pid.getValue() + " and target node " +
                 			  listedReplica.getReplicaMemberNode().getValue());
+            	  }
-            cjones
+                  replicas.remove(index);
                   break;
+              }
               index++;
+          }
             cjones
-            cjones
+          // add the new replica item
           replicas.add(replica);
           systemMetadata.setReplicaList(replicas);
             cjones
-            cjones
+          // update the metadata
           try {
               systemMetadata.setSerialVersion(systemMetadata.getSerialVersion().add(BigInteger.ONE));
               systemMetadata.setDateSysMetadataModified(Calendar.getInstance().getTime());
               HazelcastService.getInstance().getSystemMetadataMap().put(systemMetadata.getIdentifier(), systemMetadata);
-            cjones
+          } catch (RuntimeException e) {
               logMetacat.info("Unknown RuntimeException thrown: " + e.getCause().getMessage());
-            cjones
+              throw new ServiceFailure("4852", e.getMessage());
             cjones
+          }
             cjones
-            cjones
+      } catch (RuntimeException e) {
           logMetacat.info("Unknown RuntimeException thrown: " + e.getCause().getMessage());
           throw new ServiceFailure("4852", e.getMessage());
       } finally {
           lock.unlock();
           logMetacat.debug("Unlocked identifier " + pid.getValue());
+      }
             cjones
       return true;
+  }
             leinfelder
-            cjones
+  /**
+   *
    */
   @Override
-            cjones
+  public ObjectList listObjects(Session session, Date startTime,
       Date endTime, ObjectFormatIdentifier formatid, Boolean replicaStatus,
       Integer start, Integer count)
-            cjones
+      throws InvalidRequest, InvalidToken, NotAuthorized, NotImplemented,
       ServiceFailure {
       ObjectList objectList = null;
-            leinfelder
+        try {
             objectList = IdentifierManager.getInstance().querySystemMetadata(startTime, endTime, formatid, replicaStatus, start, count);
         } catch (Exception e) {
             throw new ServiceFailure("1580", "Error querying system metadata: " + e.getMessage());
+        }
         return objectList;
             cjones
             leinfelder
             cjones
  	/**
  	 * Returns a list of checksum algorithms that are supported by DataONE.
  	 * @return cal  the list of checksum algorithms
+ 	 *
  	 * @throws ServiceFailure
  	 * @throws NotImplemented
  	 */
-            cjones
+  @Override
-            cjones
+  public ChecksumAlgorithmList listChecksumAlgorithms()
-            leinfelder
+			throws ServiceFailure, NotImplemented {
 		ChecksumAlgorithmList cal = new ChecksumAlgorithmList();
 		cal.addAlgorithm("MD5");
 		cal.addAlgorithm("SHA-1");
-            cjones
+		return cal;
             leinfelder
             cjones
   /**
    * Notify replica Member Nodes of system metadata changes for a given pid
+   *
    * @param currentSystemMetadata - the up to date system metadata
    */
   public void notifyReplicaNodes(SystemMetadata currentSystemMetadata) {
       Session session = null;
       List<Replica> replicaList = currentSystemMetadata.getReplicaList();
       MNode mn = null;
       NodeReference replicaNodeRef = null;
       CNode cn = null;
       NodeType nodeType = null;
       List<Node> nodeList = null;
       try {
           cn = D1Client.getCN();
           nodeList = cn.listNodes().getNodeList();
       } catch (Exception e) { // handle BaseException and other I/O issues
           // swallow errors since the call is not critical
           logMetacat.error("Can't inform MNs of system metadata changes due " +
               "to communication issues with the CN: " + e.getMessage());
+      }
       if ( replicaList != null ) {
           // iterate through the replicas and inform  MN replica nodes
           for (Replica replica : replicaList) {
               replicaNodeRef = replica.getReplicaMemberNode();
               try {
                   if (nodeList != null) {
                       // find the node type
                       for (Node node : nodeList) {
                           if (node.getIdentifier().getValue() ==
                               replicaNodeRef.getValue()) {
                               nodeType = node.getType();
                               break;
+                          }
+                      }
+                  }
                   // notify only MNs
                   if (nodeType != null && nodeType == NodeType.MN) {
                       mn = D1Client.getMN(replicaNodeRef);
                       mn.systemMetadataChanged(session,
                           currentSystemMetadata.getIdentifier(),
                           currentSystemMetadata.getSerialVersion().longValue(),
                           currentSystemMetadata.getDateSysMetadataModified());
+                  }
               } catch (Exception e) { // handle BaseException and other I/O issues
                   // swallow errors since the call is not critical
                   logMetacat.error("Can't inform "
                           + replicaNodeRef.getValue()
                           + " of system metadata changes due "
                           + "to communication issues with the CN: "
                           + e.getMessage());
+              }
+          }
+      }
+  }
             leinfelder
 	@Override
 	public boolean isAuthorized(Identifier pid, Permission permission)
 			throws ServiceFailure, InvalidToken, NotFound, NotAuthorized,
 			NotImplemented, InvalidRequest {
 		return isAuthorized(null, pid, permission);
+	}
 	@Override
 	public boolean setAccessPolicy(Identifier pid, AccessPolicy accessPolicy, long serialVersion)
 			throws InvalidToken, NotFound, NotImplemented, NotAuthorized,
 			ServiceFailure, InvalidRequest, VersionMismatch {
 		return setAccessPolicy(null, pid, accessPolicy, serialVersion);
+	}
 	@Override
 	public Identifier setRightsHolder(Identifier pid, Subject userId, long serialVersion)
 			throws InvalidToken, ServiceFailure, NotFound, NotAuthorized,
 			NotImplemented, InvalidRequest, VersionMismatch {
 		return setRightsHolder(null, pid, userId, serialVersion);
+	}
 	@Override
 	public Identifier create(Identifier pid, InputStream object, SystemMetadata sysmeta)
 			throws InvalidToken, ServiceFailure, NotAuthorized,
 			IdentifierNotUnique, UnsupportedType, InsufficientResources,
 			InvalidSystemMetadata, NotImplemented, InvalidRequest {
 		return create(null, pid, object, sysmeta);
+	}
 	@Override
 	public Identifier delete(Identifier pid) throws InvalidToken, ServiceFailure,
-            leinfelder
+			NotAuthorized, NotFound, NotImplemented {
             leinfelder
 		return delete(null, pid);
+	}
 	@Override
 	public Identifier generateIdentifier(String scheme, String fragment)
 			throws InvalidToken, ServiceFailure, NotAuthorized, NotImplemented,
 			InvalidRequest {
 		return generateIdentifier(null, scheme, fragment);
+	}
 	@Override
 	public Log getLogRecords(Date fromDate, Date toDate, Event event, String pidFilter,
 			Integer start, Integer count) throws InvalidToken, InvalidRequest,
 			ServiceFailure, NotAuthorized, NotImplemented, InsufficientResources {
 		return getLogRecords(null, fromDate, toDate, event, pidFilter, start, count);
+	}
 	@Override
 	public boolean hasReservation(Subject subject, Identifier pid)
 			throws InvalidToken, ServiceFailure, NotFound, NotAuthorized,
 			NotImplemented, InvalidRequest, IdentifierNotUnique {
 		return hasReservation(null, subject, pid);
+	}
 	@Override
 	public Identifier registerSystemMetadata(Identifier pid, SystemMetadata sysmeta)
 			throws NotImplemented, NotAuthorized, ServiceFailure, InvalidRequest,
 			InvalidSystemMetadata, InvalidToken {
 		return registerSystemMetadata(null, pid, sysmeta);
+	}
 	@Override
 	public Identifier reserveIdentifier(Identifier pid) throws InvalidToken,
 			ServiceFailure, NotAuthorized, IdentifierNotUnique, NotImplemented,
 			InvalidRequest {
 		return reserveIdentifier(null, pid);
+	}
 	@Override
 	public boolean setObsoletedBy(Identifier pid, Identifier obsoletedByPid, long serialVersion)
 			throws NotImplemented, NotFound, NotAuthorized, ServiceFailure,
 			InvalidRequest, InvalidToken, VersionMismatch {
 		return setObsoletedBy(null, pid, obsoletedByPid, serialVersion);
+	}
 	@Override
 	public DescribeResponse describe(Identifier pid) throws InvalidToken,
 			NotAuthorized, NotImplemented, ServiceFailure, NotFound {
 		return describe(null, pid);
+	}
 	@Override
 	public InputStream get(Identifier pid) throws InvalidToken, ServiceFailure,
 			NotAuthorized, NotFound, NotImplemented {
 		return get(null, pid);
+	}
 	@Override
 	public Checksum getChecksum(Identifier pid) throws InvalidToken,
 			ServiceFailure, NotAuthorized, NotFound, NotImplemented {
 		return getChecksum(null, pid);
+	}
 	@Override
 	public SystemMetadata getSystemMetadata(Identifier pid) throws InvalidToken,
 			ServiceFailure, NotAuthorized, NotFound, NotImplemented {
 		return getSystemMetadata(null, pid);
+	}
 	@Override
 	public ObjectList listObjects(Date startTime, Date endTime,
 			ObjectFormatIdentifier formatid, Boolean replicaStatus, Integer start, Integer count)
 			throws InvalidRequest, InvalidToken, NotAuthorized, NotImplemented,
 			ServiceFailure {
 		return listObjects(null, startTime, endTime, formatid, replicaStatus, start, count);
+	}
 	@Override
 	public ObjectLocationList resolve(Identifier pid) throws InvalidToken,
 			ServiceFailure, NotAuthorized, NotFound, NotImplemented {
 		return resolve(null, pid);
+	}
 	@Override
 	public ObjectList search(String queryType, String query) throws InvalidToken,
 			ServiceFailure, NotAuthorized, InvalidRequest, NotImplemented {
 		return search(null, queryType, query);
+	}
 	@Override
 	public boolean deleteReplicationMetadata(Identifier pid, NodeReference nodeId,
 			long serialVersion) throws InvalidToken, InvalidRequest, ServiceFailure,
 			NotAuthorized, NotFound, NotImplemented, VersionMismatch {
 		return deleteReplicationMetadata(null, pid, nodeId, serialVersion);
+	}
 	@Override
 	public boolean isNodeAuthorized(Subject targetNodeSubject, Identifier pid)
 			throws NotImplemented, NotAuthorized, InvalidToken, ServiceFailure,
 			NotFound, InvalidRequest {
 		return isNodeAuthorized(null, targetNodeSubject, pid);
+	}
 	@Override
 	public boolean setReplicationPolicy(Identifier pid, ReplicationPolicy policy,
 			long serialVersion) throws NotImplemented, NotFound, NotAuthorized,
 			ServiceFailure, InvalidRequest, InvalidToken, VersionMismatch {
 		return setReplicationPolicy(null, pid, policy, serialVersion);
+	}
 	@Override
 	public boolean setReplicationStatus(Identifier pid, NodeReference targetNode,
 			ReplicationStatus status, BaseException failure) throws ServiceFailure,
 			NotImplemented, InvalidToken, NotAuthorized, InvalidRequest, NotFound {
 		return setReplicationStatus(null, pid, targetNode, status, failure);
+	}
 	@Override
 	public boolean updateReplicationMetadata(Identifier pid, Replica replica,
 			long serialVersion) throws NotImplemented, NotAuthorized, ServiceFailure,
 			NotFound, InvalidRequest, InvalidToken, VersionMismatch {
 		return updateReplicationMetadata(null, pid, replica, serialVersion);
+	}
             cjones

Project

General

Profile

Metacat