Fixed bug in the onAccessList method that it always assumed that a gr…

…oup name starts with "cn".
NCEAS · Feb 2, 2018 · e5a4692 · e5a4692
1 parent f56bd2b
commit e5a4692
Showing 1 changed file with 9 additions and 8 deletions.
diff --git a/src/edu/ucsb/nceas/metacat/util/AuthUtil.java b/src/edu/ucsb/nceas/metacat/util/AuthUtil.java
@@ -476,21 +476,22 @@ private static boolean onAccessList(Vector<String> accessList, String username,
 		}
 
 		// Check that the user is authenticated as an administrator account
-		for (String accessString : accessList) {
+		for (String accessString : accessList)  {
+		     // is a user dn
+            if (username != null && username.equals(accessString)) {
+                logMetacat.debug("AuthUtil.onAccessList - user "+username +" is in the access list.");
+                return true;
+            }
 			// check the given admin dn is a group dn...
-			if (groups != null && accessString.startsWith("cn=")) {
+			if (groups != null) {
 				// is a group dn
 				for (int j = 0; j < groups.length; j++) {
 					if (groups[j] != null && groups[j].equals(accessString)) {
+					    logMetacat.debug("AuthUtil.onAccessList - user "+username +" has a grouup which is in the access list.");
 						return true;
 					}
 				}
-			} else {
-				// is a user dn
-				if (username != null && username.equals(accessString)) {
-					return true;
-				}
-			}
+			} 
 		}
 		return false;
 	}