Bug #7560
Unable to update object when submitter differs from rightsHolder
100%
Description
During integration testing, there was an error when trying to update an object that had originally been submitted with the CN identity but was being updated using the rightsHolder identity.
I see that Metacat recorded the same value for these two columns in the xml_dcouments table: user_owner, user_updated. While the D1 service thinks we should be allowed to update, the legacy metacat code that actually handles the request later on threw an exception:
update failed for object (testMnUpdate_token_8_2015349144541296) with token (http://orcid.org/0000-0002-1825-0097, Jane Scientist). got ServiceFailure [500,1310] : Error inserting or updating document: <?xml version="1.0"?>User http://orcid.org/0000-0002-1825-0097 does not have permission to update XML Document #autogen.2015121514454192183.1 from GET https://mn-sandbox-ucsb-1.test.dataone.org/knb/d1/mn/v2/meta/testMnUpdate_token_8_2015349144541296
History
#1 Updated by Ben Leinfelder almost 9 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 30
added a section in older Metacat code to check the rightsHolder in addiiton to the other access policies and the xmll_documents.user_owner.
#2 Updated by Ben Leinfelder almost 9 years ago
- Status changed from In Progress to Testing
- % Done changed from 30 to 50
d1_integration test for sandbox environment passed when I put this change on the MNs running Metacat 2.5.1.
Need to run Metacat's junit tests to make sure access tests are still passing.
#3 Updated by Ben Leinfelder almost 9 years ago
- Status changed from Testing to Closed
- % Done changed from 50 to 100
modified the metacat checks to be a compromise between legacy metacat permission handling and dataone expectations - now both the d1_integration tests are passing and the original metacat unit tests.