r4553 - trunk/src/perl
walbridge at ecoinformatics.org
walbridge at ecoinformatics.org
Mon Nov 10 18:21:09 PST 2008
Author: walbridge
Date: 2008-11-10 18:21:09 -0800 (Mon, 10 Nov 2008)
New Revision: 4553
Modified:
trunk/src/perl/register-dataset.cgi
Log:
Editing documents should check for ACL elements under //access now instead of //dataset/access
Modified: trunk/src/perl/register-dataset.cgi
===================================================================
--- trunk/src/perl/register-dataset.cgi 2008-11-11 02:07:57 UTC (rev 4552)
+++ trunk/src/perl/register-dataset.cgi 2008-11-11 02:21:09 UTC (rev 4553)
@@ -2474,43 +2474,43 @@
dontOccur($doc, "./project", "project");
############ Code for checking ACL #####################
- dontOccur($doc, "//dataset/access/deny", "dataset/access/deny");
+ dontOccur($doc, "//access/deny", "access/deny");
- $results = $doc->findnodes('//dataset/access/allow');
+ $results = $doc->findnodes('//access/allow');
my $accessError = 0;
- foreach $node ($results->get_nodelist) {
- my @children = $node->childNodes;
- my $principal = "";
- my $permission = "";
- for (my $i = 0; $i < scalar(@children); $i++) {
- my $child = $children[$i];
- if ($child->nodeName eq 'principal') {
- $principal = $child->textContent();
- } elsif ($child->nodeName eq 'permission') {
- $permission = $child->textContent();
- }
+ foreach $node ($results->get_nodelist) {
+ my @children = $node->childNodes;
+ my $principal = "";
+ my $permission = "";
+ for (my $i = 0; $i < scalar(@children); $i++) {
+ my $child = $children[$i];
+ if ($child->nodeName eq 'principal') {
+ $principal = $child->textContent();
+ } elsif ($child->nodeName eq 'permission') {
+ $permission = $child->textContent();
}
-
- if ($principal eq 'public' && $permission ne 'read') { $accessError = 1; }
- if ($principal eq $username && $permission ne 'all') { $accessError = 2; }
- if ($principal ne 'public' && $principal ne $username && $principal ne $moderators && $permission ne 'all') { $accessError = 3; }
- if ($accessError == 3){
- my $session = CGI::Session->load();
- if ( !$session->is_empty ) {
- my $username = $session->param("username");
- my $password = $session->param("password");
- if($principal eq $username){
- $accessError = 0;
- }
+ }
+
+ if ($principal eq 'public' && $permission ne 'read') { $accessError = 1; }
+ if ($principal eq $username && $permission ne 'all') { $accessError = 2; }
+ if ($principal ne 'public' && $principal ne $username && $principal ne $moderators && $permission ne 'all') { $accessError = 3; }
+ if ($accessError == 3){
+ my $session = CGI::Session->load();
+ if ( !$session->is_empty ) {
+ my $username = $session->param("username");
+ my $password = $session->param("password");
+ if($principal eq $username){
+ $accessError = 0;
}
}
- }
-
- if ($accessError != 0) {
- my $error ="The ACL for this document has been changed outside the registry. Please use Morpho to edit this document";
- push(@errorMessages, $error."\n");
- }
-
+ }
+ }
+
+ if ($accessError != 0) {
+ my $error ="The ACL for this document has been changed outside the registry. Please use Morpho to edit this document";
+ push(@errorMessages, $error."\n");
+ }
+
########################################################
@@ -2896,7 +2896,7 @@
if($isMod < 0){
return;
}
- # change the access rules
+ # change the access rules
## create the access block
my $accessblock = '';
$accessblock .= "<access authSystem=\"knb\" order=\"denyFirst\">\n";
@@ -2906,12 +2906,12 @@
$accessblock .= "</allow>\n";
foreach(split(":",$moderators)){
- $accessblock .= "<allow>\n";
- $accessblock .= "<principal>".$_."</principal>\n";
- $accessblock .= "<permission>all</permission>\n";
- $accessblock .= "</allow>\n";
+ $accessblock .= "<allow>\n";
+ $accessblock .= "<principal>".$_."</principal>\n";
+ $accessblock .= "<permission>all</permission>\n";
+ $accessblock .= "</allow>\n";
}
-
+
$accessblock .= "<allow>\n";
$accessblock .= "<principal>public</principal>\n";
$accessblock .= "<permission>read</permission>\n";
More information about the Metacat-cvs
mailing list