r4606 - trunk/src/perl
walbridge at ecoinformatics.org
walbridge at ecoinformatics.org
Thu Nov 20 17:31:29 PST 2008
Author: walbridge
Date: 2008-11-20 17:31:29 -0800 (Thu, 20 Nov 2008)
New Revision: 4606
Modified:
trunk/src/perl/register-dataset.cgi
Log:
Further ESA fixes: More 2.1.0 compliance, fix security issue
Modified: trunk/src/perl/register-dataset.cgi
===================================================================
--- trunk/src/perl/register-dataset.cgi 2008-11-21 00:54:43 UTC (rev 4605)
+++ trunk/src/perl/register-dataset.cgi 2008-11-21 01:31:29 UTC (rev 4606)
@@ -2901,13 +2901,13 @@
my $userDN = '';
# Log into metacat
my $response = $metacat->login($modUsername, $modPassword);
+ my $docid = $FORM::docid;
if (!$response) {
# Could not login
$errorMessage = $errorMessage." Failed during moderator login.";
} else {
# read the document and get the contact name and address
- my $docid = $FORM::docid;
$response = $metacat->read($docid);
my $docFromMetacat = $response->content();
my $xmldoc = $parser->parse_string($docFromMetacat);
@@ -3001,7 +3001,7 @@
# send notification to the user and the moderator
if ($errorMessage eq '') {
- modSendNotification($title, $contactEmailAddress, $contactName, 'Document '.$FORM::docid.' Accepted');
+ modSendNotification($title, $contactEmailAddress, $contactName, "Document $docid Accepted");
if ($FORM::review ne '') {
$errorMessage = modStoreReview('accept', $metacat, $userDN);
if ($errorMessage ne '') {
@@ -3026,6 +3026,7 @@
my $errorMessage = '';
my $userDN = '';
my $metacat = Metacat->new($metacatUrl);
+ my $docid = $FORM::docid;
print "Content-type: text/html\n\n";
@@ -3050,7 +3051,6 @@
} else {
# read the document and get the contact name and address
my $parser = XML::LibXML->new();
- my $docid = $FORM::docid;
$response = $metacat->read($docid);
my $doc = $response->content();
@@ -3090,9 +3090,9 @@
$title = '';
}
- $findNodes = $xmldoc->findnodes('//dataset/access/allow');
+ $findNodes = $xmldoc->findnodes('//access/allow');
if ($findNodes->size() > 0) {
- # found title
+ # found allow
my $node = '';
foreach $node ($findNodes->get_nodelist) {
my $perm = findValue($node,'permission');
@@ -3116,7 +3116,7 @@
}
if ($errorMessage eq '') {
- modSendNotification($title, $contactEmailAddress, $contactName, 'Document '.$FORM::docid.' Rejected');
+ modSendNotification($title, $contactEmailAddress, $contactName, "Document $docid Rejected");
if ($FORM::review ne '') {
$errorMessage = modStoreReview('decline', $metacat, $userDN);
if ($errorMessage ne '') {
@@ -3139,6 +3139,7 @@
sub handleModRevise(){
my $errorMessage = '';
my $metacat = Metacat->new($metacatUrl);
+ my $docid = $FORM::docid;
print "Content-type: text/html\n\n";
@@ -3165,7 +3166,6 @@
} else {
# read the document and get the contact name and address
my $parser = XML::LibXML->new();
- my $docid = $FORM::docid;
$response = $metacat->read($docid);
my $doc = $response->content();
@@ -3207,7 +3207,7 @@
$title = '';
}
- $findNodes = $xmldoc->findnodes('//dataset/access/allow');
+ $findNodes = $xmldoc->findnodes('//access/allow');
if ($findNodes->size() > 0) {
# found title
my $node = '';
@@ -3221,13 +3221,12 @@
$userDN = '';
}
}
-
+ # SCW TODO FIX THIS
my ($emldoc, $temp) = split('</dataset>', $doc);
$emldoc .= "</dataset>\n<additionalMetadata>\n<moderatorComment>Revision Requested</moderatorComment>\n</additionalMetadata>";
$emldoc .= "\n</eml:eml>\n";
#debug("Document created by handleModAccept is " . $emldoc);
# update the document
- my $docid = $FORM::docid;
my $newDocid = incrementRevision($docid);
$emldoc =~ s/packageId=\"$docid\"/packageId=\"$newDocid\"/;
@@ -3240,7 +3239,7 @@
}
if ($errorMessage eq '') {
- modSendNotification($title, $contactEmailAddress, $contactName, "Revise document: ".$FORM::docid);
+ modSendNotification($title, $contactEmailAddress, $contactName, "Revise document: $docid");
if ($FORM::review ne '') {
$errorMessage = modStoreReview('revise', $metacat, $userDN);
if ($errorMessage ne '') {
@@ -3325,25 +3324,34 @@
#insert a new document
my $id = newAccessionNumber('esa_reviews');
my $reviewDoc = '';
+ my $failMessage = " Unable to insert the review on Metacat for the docid:".$docid;
+
$reviewDoc .= "<?xml version=\"1.0\"?>";
$reviewDoc .= "<reviewHistory registryName=\"".$skinName."\">";
$reviewDoc .= $review;
$reviewDoc .= "</reviewHistory>";
$response = $metacat->insert($id, $reviewDoc);
+
if ($response != '1') {
- return " Unable to insert the review on Metacat for the docid:".$docid;
+ return $failMessage;
} else {
# set access
$response = $metacat->setaccess($id, $userDN, "read", "allow", "denyFirst");
if ($response != '1') {
- return " Unable to set access for the review document in Metacat for the docid:".$docid;
+ return $failMessage;
}
foreach (split(":",$moderators)) {
$response = $metacat->setaccess($id, $_, "all", "allow", "denyFirst");
if ($response != '1') {
- return " Unable to set access for the review document in Metacat for the docid:".$docid;
+ return $failMessage;
}
}
+ # DENY all public access to these documents
+ $response = $metacat->setaccess($id, 'public', "all", "deny", "denyFirst");
+ if ($response != '1') {
+ return $failMessage;
+ }
+
}
}
}
More information about the Metacat-cvs
mailing list