Revision 9265
Added by Jing Tao over 9 years ago
| src/edu/ucsb/nceas/metacat/dataone/CNodeService.java | ||
|---|---|---|
| 257 | 257 |
Subject subject = session.getSubject(); |
| 258 | 258 |
|
| 259 | 259 |
// are we allowed to do this? |
| 260 |
boolean isAuthorized = false; |
|
| 260 |
/*boolean isAuthorized = false;
|
|
| 261 | 261 |
try {
|
| 262 | 262 |
isAuthorized = isAuthorized(session, pid, Permission.WRITE); |
| 263 | 263 |
} catch (InvalidRequest e) {
|
| ... | ... | |
| 268 | 268 |
+ " not allowed by " + subject.getValue() + " on " |
| 269 | 269 |
+ pid.getValue()); |
| 270 | 270 |
|
| 271 |
}*/ |
|
| 272 |
if(session == null) {
|
|
| 273 |
throw new NotAuthorized("4882", "Session cannot be null. It is not authorized for deleting the replication metadata of the object "+pid.getValue());
|
|
| 274 |
} else {
|
|
| 275 |
if(!isCNAdmin(session)) {
|
|
| 276 |
throw new NotAuthorized("4882", "The client -"+ session.getSubject().getValue()+ "is not a CN and is not authorized for deleting the replication metadata of the object "+pid.getValue());
|
|
| 277 |
} |
|
| 271 | 278 |
} |
| 272 | 279 |
|
| 273 | 280 |
SystemMetadata systemMetadata = null; |
| ... | ... | |
| 764 | 771 |
// cannot be called by public |
| 765 | 772 |
if (session == null) {
|
| 766 | 773 |
throw new NotAuthorized("4720", "Session cannot be null");
|
| 774 |
} else {
|
|
| 775 |
if(!isCNAdmin(session)) {
|
|
| 776 |
throw new NotAuthorized("4720", "The client -"+ session.getSubject().getValue()+ "is not a CN and is not authorized for setting the replication status of the object "+pid.getValue());
|
|
| 777 |
} |
|
| 767 | 778 |
} |
| 768 | 779 |
|
| 769 | 780 |
// do we have a valid pid? |
| ... | ... | |
| 1316 | 1327 |
//check these against the docs and correct them |
| 1317 | 1328 |
throw new NotAuthorized("4861", "No Session - could not authorize for registration." +
|
| 1318 | 1329 |
" If you are not logged in, please do so and retry the request."); |
| 1330 |
} else {
|
|
| 1331 |
//only CN is allwoed |
|
| 1332 |
if(!isCNAdmin(session)) {
|
|
| 1333 |
throw new NotAuthorized("4861", "The client -"+ session.getSubject().getValue()+ "is not a CN and is not authorized for registering the system metadata of the object "+pid.getValue());
|
|
| 1334 |
} |
|
| 1319 | 1335 |
} |
| 1320 | 1336 |
// the identifier can't be an SID |
| 1321 | 1337 |
try {
|
| ... | ... | |
| 1924 | 1940 |
Subject subject = session.getSubject(); |
| 1925 | 1941 |
|
| 1926 | 1942 |
// are we allowed to do this? |
| 1927 |
try {
|
|
| 1943 |
if(session == null) {
|
|
| 1944 |
throw new NotAuthorized("4851", "Session cannot be null. It is not authorized for updating the replication metadata of the object "+pid.getValue());
|
|
| 1945 |
} else {
|
|
| 1946 |
if(!isCNAdmin(session)) {
|
|
| 1947 |
throw new NotAuthorized("4851", "The client -"+ session.getSubject().getValue()+ "is not a CN and is not authorized for updating the replication metadata of the object "+pid.getValue());
|
|
| 1948 |
} |
|
| 1949 |
} |
|
| 1950 |
/*try {
|
|
| 1928 | 1951 |
|
| 1929 | 1952 |
// what is the controlling permission? |
| 1930 | 1953 |
if (!isAuthorized(session, pid, Permission.WRITE)) {
|
| ... | ... | |
| 1937 | 1960 |
throw new NotAuthorized("4851", "not allowed by " + subject.getValue() +
|
| 1938 | 1961 |
" on " + pid.getValue()); |
| 1939 | 1962 |
|
| 1940 |
} |
|
| 1963 |
}*/
|
|
| 1941 | 1964 |
|
| 1942 | 1965 |
SystemMetadata systemMetadata = null; |
| 1943 | 1966 |
try {
|
Also available in: Unified diff
Only CNs can call those methods:
CNCore.registerSystemMetadata()
CNCore,updateSystemMetadata()
CNReplication.setReplicationStatus()
CNReplication.updateReplicationMetadata()
CNReplication.deleteReplicationMetadata()