summaryrefslogtreecommitdiffstats
path: root/idrop-web
diff options
context:
space:
mode:
authormconway <michael.c.conway@gmail.com>2013-02-19 19:45:33 (GMT)
committer mconway <michael.c.conway@gmail.com>2013-02-19 19:45:33 (GMT)
commitdc94d9042534e918ea18d3c30961ea84e1c34ef3 (patch)
treedf8ae7d3fd79a7bb57e963673c7c4c6f61060b22 /idrop-web
parent4a6a94bf6c3962297a99f9f4c0b415b2304b4e96 (diff)
downloadQCG-Data-dc94d9042534e918ea18d3c30961ea84e1c34ef3.zip
QCG-Data-dc94d9042534e918ea18d3c30961ea84e1c34ef3.tar.gz
QCG-Data-dc94d9042534e918ea18d3c30961ea84e1c34ef3.tar.bz2
[#957] error deleting from public subdir when guest
Diffstat (limited to 'idrop-web')
-rwxr-xr-xidrop-web/grails-app/controllers/org/irods/mydrop/controller/FileController.groovy87
-rwxr-xr-xidrop-web/grails-app/controllers/org/irods/mydrop/controller/MetadataController.groovy78
-rwxr-xr-xidrop-web/grails-app/controllers/org/irods/mydrop/controller/SharingController.groovy75
-rwxr-xr-xidrop-web/grails-app/i18n/messages.properties1
-rwxr-xr-xidrop-web/release_notes.txt10
5 files changed, 171 insertions, 80 deletions
diff --git a/idrop-web/grails-app/controllers/org/irods/mydrop/controller/FileController.groovy b/idrop-web/grails-app/controllers/org/irods/mydrop/controller/FileController.groovy
index 021c093..137b225 100755
--- a/idrop-web/grails-app/controllers/org/irods/mydrop/controller/FileController.groovy
+++ b/idrop-web/grails-app/controllers/org/irods/mydrop/controller/FileController.groovy
@@ -4,6 +4,7 @@ package org.irods.mydrop.controller
import grails.converters.*
import org.irods.jargon.core.connection.IRODSAccount
+import org.irods.jargon.core.exception.CatNoAccessException
import org.irods.jargon.core.exception.DataNotFoundException
import org.irods.jargon.core.exception.JargonException
import org.irods.jargon.core.exception.NoResourceDefinedException
@@ -71,18 +72,23 @@ class FileController {
log.info("iRODS path for file is: ${fullPath}")
- IRODSFileFactory irodsFileFactory = irodsAccessObjectFactory.getIRODSFileFactory(irodsAccount)
- IRODSFileInputStream irodsFileInputStream = irodsFileFactory.instanceIRODSFileInputStream(fullPath)
- IRODSFile irodsFile = irodsFileFactory.instanceIRODSFile(fullPath)
- def length = irodsFile.length()
- log.info("file length = ${length}")
- log.info("opened input stream")
-
- response.setContentType("application/octet-stream")
- response.setContentLength((int) length)
- response.setHeader("Content-disposition", "attachment;filename=\"${irodsFile.name}\"")
-
- response.outputStream << irodsFileInputStream // Performing a binary stream copy
+ try {
+ IRODSFileFactory irodsFileFactory = irodsAccessObjectFactory.getIRODSFileFactory(irodsAccount)
+ IRODSFileInputStream irodsFileInputStream = irodsFileFactory.instanceIRODSFileInputStream(fullPath)
+ IRODSFile irodsFile = irodsFileFactory.instanceIRODSFile(fullPath)
+ def length = irodsFile.length()
+ log.info("file length = ${length}")
+ log.info("opened input stream")
+
+ response.setContentType("application/octet-stream")
+ response.setContentLength((int) length)
+ response.setHeader("Content-disposition", "attachment;filename=\"${irodsFile.name}\"")
+
+ response.outputStream << irodsFileInputStream // Performing a binary stream copy
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+ }
}
@@ -192,6 +198,9 @@ class FileController {
} catch (NoResourceDefinedException nrd) {
log.error("no resource defined exception", nrd)
response.sendError(500, message(code:"message.no.resource"))
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
} catch (Exception e) {
log.error("exception in upload transfer", e)
response.sendError(500, message(code:"message.error.in.upload"))
@@ -224,7 +233,9 @@ class FileController {
targetFile.delete()
log.info("file deleted")
render(view:"deleteResult", model:[absPath:targetFile.parent])
- //render targetFile.getParent()
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
} catch (JargonException je) {
log.error("exception on delete", je)
response.sendError(500,je.message)
@@ -298,19 +309,25 @@ class FileController {
newFolderName = newFolderName.trim()
- log.info("name for create folder:${newFolderName}")
- IRODSFileFactory irodsFileFactory = irodsAccessObjectFactory.getIRODSFileFactory(irodsAccount)
- IRODSFile targetFile = irodsFileFactory.instanceIRODSFile(parent + "/" + newFolderName)
-
- if (targetFile.exists()) {
- log.error "no name in request"
- def message = message(code:"error.duplicate.file")
- response.sendError(500,message)
- }
+ try {
+ log.info("name for create folder:${newFolderName}")
+ IRODSFileFactory irodsFileFactory = irodsAccessObjectFactory.getIRODSFileFactory(irodsAccount)
+ IRODSFile targetFile = irodsFileFactory.instanceIRODSFile(parent + "/" + newFolderName)
+
+ if (targetFile.exists()) {
+ log.error "no name in request"
+ def message = message(code:"error.duplicate.file")
+ response.sendError(500,message)
+ }
+
+ targetFile.mkdirs()
+ log.info("file created:${targetFile.absolutePath}")
+ render targetFile.getAbsolutePath()
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+ }
- targetFile.mkdirs()
- log.info("file created:${targetFile.absolutePath}")
- render targetFile.getAbsolutePath()
}
/**
@@ -349,11 +366,16 @@ class FileController {
render prevFile.absolutePath
return
}
+ try {
+ prevFile.renameTo(newFile)
+
+ // return the parent, which will be reloaded
+ render newFile.parent
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+ }
- prevFile.renameTo(newFile)
-
- // return the parent, which will be reloaded
- render newFile.parent
}
/**
@@ -380,6 +402,9 @@ class FileController {
DataTransferOperations dataTransferOperations = irodsAccessObjectFactory.getDataTransferOperations(irodsAccount)
log.info("moving ${sourceAbsPath} to ${targetAbsPath}")
dataTransferOperations.move(sourceAbsPath, targetAbsPath)
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
} catch (NoResourceDefinedException nrd) {
log.error "no default resource found for move operation"
def message = message(code:"message.no.resource")
@@ -420,8 +445,12 @@ class FileController {
log.error "no default resource found for copy operation"
def message = message(code:"message.no.resource")
response.sendError(500,message)
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
}
+
render targetAbsPath
}
diff --git a/idrop-web/grails-app/controllers/org/irods/mydrop/controller/MetadataController.groovy b/idrop-web/grails-app/controllers/org/irods/mydrop/controller/MetadataController.groovy
index 5608092..ece2f82 100755
--- a/idrop-web/grails-app/controllers/org/irods/mydrop/controller/MetadataController.groovy
+++ b/idrop-web/grails-app/controllers/org/irods/mydrop/controller/MetadataController.groovy
@@ -3,6 +3,7 @@ package org.irods.mydrop.controller
import grails.converters.JSON
import org.irods.jargon.core.connection.IRODSAccount
+import org.irods.jargon.core.exception.CatNoAccessException
import org.irods.jargon.core.exception.DataNotFoundException
import org.irods.jargon.core.exception.DuplicateDataException
import org.irods.jargon.core.exception.JargonException
@@ -74,7 +75,11 @@ class MetadataController {
} catch (org.irods.jargon.core.exception.FileNotFoundException fnf) {
log.info("file not found looking for data, show stand-in page", fnf)
render(view:"/browse/noInfo")
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
}
+
}
/**
@@ -113,6 +118,10 @@ class MetadataController {
} catch (DataNotFoundException dnf) {
log.warn "cannot find data for path"
flash.message="error.no.data.found"
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+
} catch (Exception e) {
log.warn "cannot find data for path"
flash.message="error.no.data.found"
@@ -200,7 +209,11 @@ class MetadataController {
def errorMessage = message(code:"error.duplicate.metadata")
response.sendError(500,errorMessage)
return
- }
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+ }
+
log.info("avu set successfully")
jsonData['response'] =responseData
@@ -250,6 +263,10 @@ class MetadataController {
CollectionAO collectionAO = irodsAccessObjectFactory.getCollectionAO(irodsAccount)
collectionAO.modifyAVUMetadata(cmd.absPath, currentAvuData, newAvuData)
}
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+
} catch (Exception e) {
log.error("exception updating metadata:${e}")
response.sendError(500,e.message)
@@ -305,40 +322,47 @@ class MetadataController {
AvuData avuValue
- if (attributesToDelete instanceof Object[] || attributesToDelete instanceof List) {
- log.debug "is array"
- int i = 0
- attributesToDelete.each{
- log.info "avusToDelete: ${it} has index ${i}"
-
- def thisAttr = ((List) attributesToDelete).get(i)
- def thisVal = ((List) valuesToDelete).get(i)
- def thisUnit = ((List) unitsToDelete).get(i)
-
- avuValue = new AvuData(thisAttr,thisVal,thisUnit)
- log.info("avuValue: ${avuValue}")
-
+ try {
+ if (attributesToDelete instanceof Object[] || attributesToDelete instanceof List) {
+ log.debug "is array"
+ int i = 0
+ attributesToDelete.each{
+ log.info "avusToDelete: ${it} has index ${i}"
+
+ def thisAttr = ((List) attributesToDelete).get(i)
+ def thisVal = ((List) valuesToDelete).get(i)
+ def thisUnit = ((List) unitsToDelete).get(i)
+
+ avuValue = new AvuData(thisAttr,thisVal,thisUnit)
+ log.info("avuValue: ${avuValue}")
+
+ if (isDataObject) {
+ log.info "delete as data object"
+ deleteAvuForDataObject(absPath, avuValue, dataObjectAO)
+ } else {
+ deleteAvuForCollection(absPath, avuValue, collectionAO)
+ }
+
+ i++
+ }
+
+ } else {
+ log.debug "not array"
+ log.info "deleting: ${attributesToDelete}"
+ avuValue = new AvuData(attributesToDelete, valuesToDelete, unitsToDelete)
if (isDataObject) {
log.info "delete as data object"
deleteAvuForDataObject(absPath, avuValue, dataObjectAO)
} else {
deleteAvuForCollection(absPath, avuValue, collectionAO)
}
-
- i++
}
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+ return
+ }
- } else {
- log.debug "not array"
- log.info "deleting: ${attributesToDelete}"
- avuValue = new AvuData(attributesToDelete, valuesToDelete, unitsToDelete)
- if (isDataObject) {
- log.info "delete as data object"
- deleteAvuForDataObject(absPath, avuValue, dataObjectAO)
- } else {
- deleteAvuForCollection(absPath, avuValue, collectionAO)
- }
- }
render "OK"
diff --git a/idrop-web/grails-app/controllers/org/irods/mydrop/controller/SharingController.groovy b/idrop-web/grails-app/controllers/org/irods/mydrop/controller/SharingController.groovy
index f03e988..1bda8a3 100755
--- a/idrop-web/grails-app/controllers/org/irods/mydrop/controller/SharingController.groovy
+++ b/idrop-web/grails-app/controllers/org/irods/mydrop/controller/SharingController.groovy
@@ -4,6 +4,7 @@ package org.irods.mydrop.controller
import grails.converters.JSON
import org.irods.jargon.core.connection.IRODSAccount
+import org.irods.jargon.core.exception.CatNoAccessException
import org.irods.jargon.core.exception.DataNotFoundException
import org.irods.jargon.core.exception.JargonException
import org.irods.jargon.core.protovalues.FilePermissionEnum
@@ -117,7 +118,11 @@ class SharingController {
} catch (org.irods.jargon.core.exception.FileNotFoundException fnf) {
log.info("file not found looking for data, show stand-in page", fnf)
render(view:"/browse/noInfo")
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
}
+
}
def renderAclDetailsTable = {
@@ -150,6 +155,10 @@ class SharingController {
CollectionAO collectionAO = irodsAccessObjectFactory.getCollectionAO(irodsAccount)
acls = collectionAO.listPermissionsForCollection(retObj.collectionName)
}
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+
} catch (Exception je){
log.error("exception getting acl data ${je}", je)
response.sendError(500,je.getMessage())
@@ -278,7 +287,12 @@ class SharingController {
def message = message(code:"error.duplicate.share")
response.sendError(500,message)
return
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+ return
}
+
} else {
irodsSharedFileOrCollection = sharingService.updateShare(absPath, shareName, irodsAccount)
@@ -307,7 +321,12 @@ class SharingController {
}
flash.message = message(code:"message.share.delete.successful")
- sharingService.deleteShare(absPath, irodsAccount)
+ try {
+ sharingService.deleteShare(absPath, irodsAccount)
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+ }
redirect(action: "getSharingDialogInfo", params: [absPath: absPath])
}
@@ -376,6 +395,9 @@ class SharingController {
log.info "add user to data object"
try {
updateACLValueForDataObject(theZone,absPath, acl, theUserName, dataObjectAO)
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
} catch (Exception e) {
log.error("Exception during acl processing", e)
response.sendError(500,e.message)
@@ -386,6 +408,9 @@ class SharingController {
log.info("add user to collection")
try {
updateACLValueForCollection(theZone,absPath, acl, theUserName, collectionAO)
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
} catch (Exception e) {
log.error("Exception during acl processing", e)
response.sendError(500,e.message)
@@ -403,6 +428,9 @@ class SharingController {
log.info "add user to data object"
try {
updateACLValueForDataObject(theZone,absPath, acl, theUserName, dataObjectAO)
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
} catch (Exception e) {
log.error("Exception during acl processing", e)
response.sendError(500,e.message)
@@ -413,6 +441,9 @@ class SharingController {
log.info("add user to collection")
try {
updateACLValueForCollection(theZone,absPath, acl, theUserName, collectionAO)
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
} catch (Exception e) {
log.error("Exception during acl processing", e)
response.sendError(500,e.message)
@@ -509,6 +540,7 @@ class SharingController {
def theZone = MiscIRODSUtils.getZoneInUserName(cmd.userName)
+ try {
if (isDataObject) {
DataObjectAO dataObjectAO = irodsAccessObjectFactory.getDataObjectAO(irodsAccount)
@@ -543,6 +575,10 @@ class SharingController {
return
}
}
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
+ }
log.info("acl set successfully")
responseData['message'] = message(code:"message.update.successful")
@@ -618,27 +654,32 @@ class SharingController {
log.info("aclsToDelete: ${aclsToDelete}")
- if (aclsToDelete instanceof Object[]) {
- log.debug "is array"
- aclsToDelete.each{
- log.info "selectedAcl: ${it}"
+ try {
+ if (aclsToDelete instanceof Object[]) {
+ log.debug "is array"
+ aclsToDelete.each{
+ log.info "selectedAcl: ${it}"
+ if (isDataObject) {
+ log.info "delete as data object"
+ deleteAclForDataObject(absPath, it, dataObjectAO)
+ } else {
+ deleteAclForCollection(absPath, it, collectionAO)
+ }
+ }
+
+ } else {
+ log.debug "not array"
+ log.info "deleting: ${aclsToDelete}"
if (isDataObject) {
log.info "delete as data object"
- deleteAclForDataObject(absPath, it, dataObjectAO)
+ deleteAclForDataObject(absPath, aclsToDelete, dataObjectAO)
} else {
- deleteAclForCollection(absPath, it, collectionAO)
+ deleteAclForCollection(absPath, aclsToDelete, collectionAO)
}
}
-
- } else {
- log.debug "not array"
- log.info "deleting: ${aclsToDelete}"
- if (isDataObject) {
- log.info "delete as data object"
- deleteAclForDataObject(absPath, aclsToDelete, dataObjectAO)
- } else {
- deleteAclForCollection(absPath, aclsToDelete, collectionAO)
- }
+ } catch (CatNoAccessException e) {
+ log.error("no access error", e)
+ response.sendError(500, message(code:"message.no.access"))
}
render "OK"
diff --git a/idrop-web/grails-app/i18n/messages.properties b/idrop-web/grails-app/i18n/messages.properties
index b28e78c..33ddfa1 100755
--- a/idrop-web/grails-app/i18n/messages.properties
+++ b/idrop-web/grails-app/i18n/messages.properties
@@ -217,6 +217,7 @@ message.error.in.upload=An error occurred in uploading this file. If the proble
message.password.updated=The password was successfully updated
message.resource.updated=Default storage resource updated successfully
message.update.successful=Update successful
+message.no.access=You do not have access rights to perform that operation
message.no.starred=No starred files or folders to display
message.cannot.create.profile=A profile cannot be created for this user, this may be a mis-configuration
message.no.files.to.display=No files to display
diff --git a/idrop-web/release_notes.txt b/idrop-web/release_notes.txt
index 62e42ba..4f8da51 100755
--- a/idrop-web/release_notes.txt
+++ b/idrop-web/release_notes.txt
@@ -1,15 +1,8 @@
-<<<<<<< HEAD
-*'''Project''': idrop-web version 2
-*'''Date''': 02/11/2013
-*'''Release Version''': 2.0.0-beta1
-*'''git tag''': 2.0.0-beta1
-=======
*'''Project''': idrop-web
*'''Date''': 02/13/2013
*'''Release Version''': 2.0.0-beta1
*'''git tag''': 2.0.0-beta1
->>>>>>> a0b1644912dcc14325344b3e988b0c27d146d32a
==News==
@@ -40,6 +33,9 @@ Note that the following bug and feature requests are logged in GForge with relat
*[#1157] fix ticket landing pages and error pages
**Put ticket landing pages under profile, fixed ticket table formatting
+*[#957] error deleting from public subdir when guest
+**Added better trapping of catNoAccessException and a clean message to user for operations that fail due to no access
+
==Features==
*[#984] iDrop web '2.0' redesign effort