Revision 8953
Added by ben leinfelder about 10 years ago
| lib/metacat.properties | ||
|---|---|---|
| 665 | 665 |
############# Annotator Section ########################################### |
| 666 | 666 |
annotator.sharedSecret=oursharedsecret |
| 667 | 667 |
annotator.consumerKey=myconsumerkey |
| 668 |
annotator.store.url=http://annotateit.org/api/search |
|
| 668 | 669 |
|
| 669 | 670 |
############# SOLR Search Section ########################################### |
| 670 | 671 |
#Embedded (default): |
| src/edu/ucsb/nceas/metacat/DocumentImpl.java | ||
|---|---|---|
| 3674 | 3674 |
* Check for "WRITE" permission on @docid for @user and/or @groups |
| 3675 | 3675 |
* from DB connection |
| 3676 | 3676 |
*/ |
| 3677 |
private static boolean hasWritePermission(String user, String[] groups,
|
|
| 3677 |
public static boolean hasWritePermission(String user, String[] groups,
|
|
| 3678 | 3678 |
String docid) throws SQLException, Exception |
| 3679 | 3679 |
{
|
| 3680 | 3680 |
// Check for WRITE permission on @docid for @user and/or @groups |
| ... | ... | |
| 3703 | 3703 |
* Check for "WRITE" permission on @docid for @user and/or @groups |
| 3704 | 3704 |
* from DB connection |
| 3705 | 3705 |
*/ |
| 3706 |
private static boolean hasAllPermission(String user, String[] groups,
|
|
| 3706 |
public static boolean hasAllPermission(String user, String[] groups,
|
|
| 3707 | 3707 |
String docid) throws SQLException, Exception |
| 3708 | 3708 |
{
|
| 3709 | 3709 |
// Check for WRITE permission on @docid for @user and/or @groups |
| src/edu/ucsb/nceas/metacat/MetacatHandler.java | ||
|---|---|---|
| 2654 | 2654 |
response.setContentType("text/xml");
|
| 2655 | 2655 |
out = response.getWriter(); |
| 2656 | 2656 |
|
| 2657 |
// Check that the user is authenticated as an administrator account |
|
| 2658 |
if (!AuthUtil.isAdministrator(username, groups)) {
|
|
| 2657 |
// TODO: Check that the user is allowed to reindex this object, allow everyone for open annotations |
|
| 2658 |
boolean isAuthorized = true; |
|
| 2659 |
//String docid = IdentifierManager.getInstance().getLocalId(pid[0]); |
|
| 2660 |
//isAuthorized = DocumentImpl.hasWritePermission(username, groups, docid); |
|
| 2661 |
//isAuthorized = AuthUtil.isAdministrator(username, groups); |
|
| 2662 |
|
|
| 2663 |
if (!isAuthorized) {
|
|
| 2659 | 2664 |
out.print("<error>");
|
| 2660 | 2665 |
out.print("The user \"" + username +
|
| 2661 | 2666 |
"\" is not authorized for this action."); |
| ... | ... | |
| 2721 | 2726 |
} |
| 2722 | 2727 |
results.append("</results>\n");
|
| 2723 | 2728 |
} |
| 2724 |
} catch (IOException e) {
|
|
| 2725 |
logMetacat.error("MetacatHandler.handleBuildIndexAction - " +
|
|
| 2726 |
"Could not open http response for writing: " + |
|
| 2729 |
} catch (Exception e) {
|
|
| 2730 |
logMetacat.error("MetacatHandler.handleReindex action - " +
|
|
| 2727 | 2731 |
e.getMessage()); |
| 2728 | 2732 |
e.printStackTrace(); |
| 2729 |
} catch (MetacatUtilException ue) {
|
|
| 2730 |
logMetacat.error("MetacatHandler.handleBuildIndexAction - " +
|
|
| 2731 |
"Could not determine if user is administrator: " + |
|
| 2732 |
ue.getMessage()); |
|
| 2733 |
ue.printStackTrace(); |
|
| 2734 | 2733 |
} finally {
|
| 2735 | 2734 |
if(out != null) {
|
| 2736 | 2735 |
out.print(results.toString()); |
Also available in: Unified diff
allow per-document reindexing to be initiated by any user (to support third-party annotations)