Revision 9455
Added by ben leinfelder almost 9 years ago
| src/edu/ucsb/nceas/metacat/PermissionController.java | ||
|---|---|---|
| 39 | 39 |
import org.dataone.service.types.v1.Permission; |
| 40 | 40 |
import org.dataone.service.types.v1.Session; |
| 41 | 41 |
import org.dataone.service.types.v1.Subject; |
| 42 |
import org.dataone.service.types.v2.SystemMetadata; |
|
| 42 | 43 |
|
| 43 | 44 |
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlList; |
| 44 | 45 |
import edu.ucsb.nceas.metacat.database.DBConnection; |
| 45 | 46 |
import edu.ucsb.nceas.metacat.database.DBConnectionPool; |
| 46 | 47 |
import edu.ucsb.nceas.metacat.dataone.D1NodeService; |
| 48 |
import edu.ucsb.nceas.metacat.dataone.hazelcast.HazelcastService; |
|
| 47 | 49 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
| 48 | 50 |
import edu.ucsb.nceas.metacat.service.SessionService; |
| 49 | 51 |
import edu.ucsb.nceas.metacat.shared.MetacatUtilException; |
| ... | ... | |
| 149 | 151 |
userSession.setSubject(subject); |
| 150 | 152 |
Identifier pid = new Identifier(); |
| 151 | 153 |
pid.setValue(guid); |
| 152 |
isOwner = D1NodeService.userHasPermission(userSession, pid, Permission.CHANGE_PERMISSION); |
|
| 154 |
//isOwner = D1NodeService.userHasPermission(userSession, pid, Permission.CHANGE_PERMISSION); |
|
| 155 |
SystemMetadata sysMeta = HazelcastService.getInstance().getSystemMetadataMap().get(pid); |
|
| 156 |
isOwner = (sysMeta.getRightsHolder().equals(subject)); |
|
| 153 | 157 |
} catch (Exception e) {
|
| 154 | 158 |
logMetacat.warn("Error checking for DataONE permissions: " + e.getMessage(), e);
|
| 155 | 159 |
isOwner = false; |
Also available in: Unified diff
merge from branch: only check for d1 rightsholder when checking permissions in original metacat code base, otherwise legacy access control tests in metcat begin to fail. https://redmine.dataone.org/issues/7560