Skip to content
Permalink
Browse files

full implementation of D1AuthorizationDelegate for consolidating

authorization schemes, through extraction of authorization methods from
D1NodeService, and creation of several schemes (combinations of atomic
types of checks).
  • Loading branch information
rnahf
rnahf committed Jan 16, 2019
1 parent 975b6ac commit bcdcce17746dedce7e949169842fd14bc3b0eb51
@@ -45,6 +45,7 @@
import edu.ucsb.nceas.metacat.accesscontrol.AccessControlList;
import edu.ucsb.nceas.metacat.database.DBConnection;
import edu.ucsb.nceas.metacat.database.DBConnectionPool;
import edu.ucsb.nceas.metacat.dataone.D1AuthorizationDelegate;
import edu.ucsb.nceas.metacat.dataone.D1NodeService;
import edu.ucsb.nceas.metacat.dataone.hazelcast.HazelcastService;
import edu.ucsb.nceas.metacat.properties.PropertyService;
@@ -156,7 +157,7 @@ public boolean hasPermission(String user, String[]groups, String myPermission)
SystemMetadata sysMeta = HazelcastService.getInstance().getSystemMetadataMap().get(pid);
isOwner = (sysMeta.getRightsHolder().equals(subject));
if(!isOwner) {
isOwner = D1NodeService.expandRightsHolder(sysMeta.getRightsHolder(), subject);
isOwner = D1AuthorizationDelegate.expandRightsHolder(sysMeta.getRightsHolder(), subject);
}
} catch (Exception e) {
logMetacat.warn("Error checking for DataONE permissions: " + e.getMessage(), e);

Large diffs are not rendered by default.

0 comments on commit bcdcce1

Please sign in to comment.
You can’t perform that action at this time.