diff --git a/README.md b/README.md
index 9a1578390..0ab852df2 100755
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
# Metacat: Data Preservation and Discovery System
-Version: 2.16.0 Release
+Version: 2.16.1 Release
Send feedback and bugs to: metacat-dev@ecoinformatics.org
http://github.com/NCEAS/metacat
@@ -67,9 +67,14 @@ for the next release.
## Release Notes
+### Release Notes for 2.16.1
+Bugs fixed in this release:
+* Upgrade some library jar files to fix severe security vulnerabilities
+* Metacat cannot create objects without DOI setting enabled
+
### Release Notes for 2.16.0
New features and bugs fixed in this release:
-* Upgrade some library jar files to fix critical security threats
+* Upgrade some library jar files to fix critical security vulnerabilities
* Refactor the DOI service to use the plug-in architecture
* CN subjects cannot query private objects
* Users with the write permission cannot update system metadata
diff --git a/build.properties b/build.properties
index 5048b6006..27f886169 100755
--- a/build.properties
+++ b/build.properties
@@ -2,7 +2,7 @@
#Version of this build. This needs to be a dotted numeric version. For
#instance 1.9.1 is okay. 1.9.1_rc1 is not.
-metacat.version=2.16.0
+metacat.version=2.16.1
#This is for packaging purposes. leave it blank for final production release.
metacat.releaseCandidate=
diff --git a/lib/metacat.properties b/lib/metacat.properties
index 7fe60383b..dfa873ce7 100755
--- a/lib/metacat.properties
+++ b/lib/metacat.properties
@@ -34,7 +34,7 @@ server.internalPort=80
############### Application Values ############
## one of the few places where we use ANT tokens
-application.metacatVersion=2.16.0
+application.metacatVersion=2.16.1
application.metacatReleaseInfo=-1
application.readOnlyMode=false
@@ -136,6 +136,7 @@ database.upgradeVersion.2.14.1=upgrade-db-to-2.14.1
database.upgradeVersion.2.15.0=upgrade-db-to-2.15.0
database.upgradeVersion.2.15.1=upgrade-db-to-2.15.1
database.upgradeVersion.2.16.0=upgrade-db-to-2.16.0
+database.upgradeVersion.2.16.1=upgrade-db-to-2.16.1
## for running java-based utilities
database.upgradeUtility.1.5.0=edu.ucsb.nceas.metacat.admin.upgrade.Upgrade1_5_0
diff --git a/metacat-common/pom.xml b/metacat-common/pom.xml
index a17777073..48770bc69 100644
--- a/metacat-common/pom.xml
+++ b/metacat-common/pom.xml
@@ -4,7 +4,7 @@
edu.ucsb.nceas.metacat.common
metacat-common
jar
- 2.16.0
+ 2.16.1
metacat-common
http://maven.apache.org
@@ -219,17 +219,17 @@
org.apache.logging.log4j
log4j-1.2-api
- 2.16.0
+ 2.17.0
org.apache.logging.log4j
log4j-core
- 2.16.0
+ 2.17.0
org.apache.logging.log4j
log4j-jcl
- 2.16.0
+ 2.17.0
commons-logging
diff --git a/metacat-index/pom.xml b/metacat-index/pom.xml
index 0b78dbf4e..0c6c86668 100644
--- a/metacat-index/pom.xml
+++ b/metacat-index/pom.xml
@@ -4,13 +4,13 @@
edu.ucsb.nceas.metacat.index
metacat-index
war
- 2.16.0
+ 2.16.1
metacat-index
http://maven.apache.org
2.3.14
- 2.16.0
+ 2.16.1
diff --git a/pom.xml b/pom.xml
index 6721dbc19..898a1ae85 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
4.0.0
org.ecoinformatics
metacat
- 2.16.0
+ 2.16.1
metacat
war
http://maven.apache.org
@@ -12,7 +12,7 @@
UTF-8
2.3.1
2.3.2
- 2.16.0
+ 2.16.1
diff --git a/src/edu/ucsb/nceas/metacat/doi/DOIService.java b/src/edu/ucsb/nceas/metacat/doi/DOIService.java
index 3e9e2ff9c..be34afa42 100644
--- a/src/edu/ucsb/nceas/metacat/doi/DOIService.java
+++ b/src/edu/ucsb/nceas/metacat/doi/DOIService.java
@@ -25,6 +25,7 @@
import org.dataone.service.types.v2.SystemMetadata;
import edu.ucsb.nceas.ezid.EZIDException;
+import edu.ucsb.nceas.utilities.PropertyNotFoundException;
/**
* An interface for the DOI service
@@ -51,4 +52,10 @@ public boolean registerDOI(SystemMetadata sysMeta) throws InvalidRequest, DOIExc
* @throws InvalidRequest
*/
public Identifier generateDOI() throws DOIException, InvalidRequest;
+
+ /**
+ * Refresh the status (enable or disable) of the DOI service from property file
+ * @throws PropertyNotFoundException
+ */
+ public void refreshStatus() throws PropertyNotFoundException;
}
diff --git a/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java b/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
index 02d6a0a6d..6d31d56cf 100644
--- a/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
+++ b/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
@@ -243,10 +243,7 @@ public boolean registerDOI(SystemMetadata sysMeta) throws InvalidRequest, DOIExc
throw new DOIException(e.getMessage());
}
}
- } else {
- throw new InvalidRequest("2193", "DOI scheme is not enabled at this node.");
- }
-
+ }
return true;
}
@@ -372,5 +369,14 @@ public Identifier generateDOI() throws DOIException, InvalidRequest {
}
return identifier;
}
+
+
+ /**
+ * Refresh the status (enable or disable) of the DOI service from property file
+ * @throws PropertyNotFoundException
+ */
+ public void refreshStatus() throws PropertyNotFoundException {
+ doiEnabled = new Boolean(PropertyService.getProperty("guid.ezid.enabled")).booleanValue();
+ }
}
diff --git a/src/loaddtdschema-postgres.sql b/src/loaddtdschema-postgres.sql
index 4d86af86c..be2d515ab 100755
--- a/src/loaddtdschema-postgres.sql
+++ b/src/loaddtdschema-postgres.sql
@@ -217,4 +217,4 @@ INSERT INTO xml_catalog (entry_type, public_id, system_id) SELECT 'Schema', 'htt
INSERT INTO xml_catalog (entry_type, public_id, format_id) SELECT 'NonXML', 'science-on-schema.org/Dataset;ld+json', 'science-on-schema.org/Dataset;ld+json' WHERE NOT EXISTS (SELECT * FROM xml_catalog WHERE public_id='science-on-schema.org/Dataset;ld+json');
INSERT INTO db_version (version, status, date_created)
- VALUES ('2.16.0',1,CURRENT_DATE);
+ VALUES ('2.16.1',1,CURRENT_DATE);
diff --git a/src/upgrade-db-to-2.16.1-postgres.sql b/src/upgrade-db-to-2.16.1-postgres.sql
new file mode 100644
index 000000000..b16765dd7
--- /dev/null
+++ b/src/upgrade-db-to-2.16.1-postgres.sql
@@ -0,0 +1,13 @@
+/*
+ * Ensure xml_catalog sequence is at table max
+ */
+
+SELECT setval('xml_catalog_id_seq', (SELECT max(catalog_id) from xml_catalog));
+
+/*
+ * update the database version
+ */
+UPDATE db_version SET status=0;
+
+INSERT INTO db_version (version, status, date_created)
+ VALUES ('2.16.1', 1, CURRENT_DATE);
diff --git a/test/edu/ucsb/nceas/metacat/dataone/MNodeServiceTest.java b/test/edu/ucsb/nceas/metacat/dataone/MNodeServiceTest.java
index 8e461c77c..757109db7 100644
--- a/test/edu/ucsb/nceas/metacat/dataone/MNodeServiceTest.java
+++ b/test/edu/ucsb/nceas/metacat/dataone/MNodeServiceTest.java
@@ -33,6 +33,7 @@
import edu.ucsb.nceas.metacat.database.DBConnectionPool;
import edu.ucsb.nceas.metacat.dataone.CNodeService;
import edu.ucsb.nceas.metacat.dataone.MNodeService;
+import edu.ucsb.nceas.metacat.doi.DOIServiceFactory;
import edu.ucsb.nceas.metacat.object.handler.JsonLDHandlerTest;
import edu.ucsb.nceas.metacat.object.handler.NonXMLMetadataHandlers;
import edu.ucsb.nceas.metacat.properties.PropertyService;
@@ -215,6 +216,7 @@ public static Test suite() {
suite.addTest(new MNodeServiceTest("testInsertJson_LD"));
suite.addTest(new MNodeServiceTest("testCreateAndUpdateEventLog"));
suite.addTest(new MNodeServiceTest("testUpdateSystemMetadataPermission"));
+ suite.addTest(new MNodeServiceTest("testCreateAndUpdateWithDoiDisabled"));
return suite;
}
@@ -1977,7 +1979,7 @@ else if (entry.getName().contains("data.2")) {
// clean up
bagFile.delete();
Identifier doi = MNodeService.getInstance(request).publish(session, metadataId);
- Thread.sleep(60000);
+ Thread.sleep(80000);
System.out.println("+++++++++++++++++++ the metadataId on the ore package is "+metadataId.getValue());
List oreIds = MNodeService.getInstance(request).lookupOreFor(session, doi, true);
assertTrue(oreIds.size() == 1);
@@ -4068,5 +4070,62 @@ private ResultSet getEventLogs(Identifier guid) throws Exception {
}
return result;
}
+
+
+ /**
+ * Test to create and update object when DOI setting is disabled
+ */
+ public void testCreateAndUpdateWithDoiDisabled() throws Exception {
+ printTestHeader("testCreateAndUpdateWithDoiDisabled");
+ String originDOIstatusStr = PropertyService.getInstance().getProperty("guid.ezid.enabled");
+ System.out.println("the dois status is ++++++++++++++ " + originDOIstatusStr);
+ try {
+ Session session = getTestSession();
+ PropertyService.getInstance().setPropertyNoPersist("guid.ezid.enabled", "false");//disable doi
+ DOIServiceFactory.getDOIService().refreshStatus();
+ try {
+ //make sure the service of doi is disabled
+ MNodeService.getInstance(request).generateIdentifier(session, "doi", null);
+ fail("we shouldn't get here since generating doi should fail when the feature is disabled");
+ } catch (Exception e) {
+ assertTrue(e instanceof ServiceFailure);
+ assertTrue(e.getMessage().contains("DOI scheme is not enabled at this node"));
+ }
+ Identifier guid = new Identifier();
+ guid.setValue("testCreateAndUpdateWithDoiDisabled." + System.currentTimeMillis());
+ InputStream object = new ByteArrayInputStream("test".getBytes("UTF-8"));
+ SystemMetadata sysmeta = createSystemMetadata(guid, session.getSubject(), object);
+ Identifier newPid = new Identifier();
+ newPid.setValue("testCreateAndUpdateWithDoiDisabled-2." + (System.currentTimeMillis() + 1)); // ensure it is different from original
+ Identifier pid =
+ MNodeService.getInstance(request).create(session, guid, object, sysmeta);
+ SystemMetadata getSysMeta =
+ MNodeService.getInstance(request).getSystemMetadata(session, pid);
+ assertEquals(pid.getValue(), getSysMeta.getIdentifier().getValue());
+
+ object = new ByteArrayInputStream("test".getBytes("UTF-8"));
+ SystemMetadata newSysMeta = createSystemMetadata(newPid, session.getSubject(), object);
+ // do the update
+ Identifier updatedPid =
+ MNodeService.getInstance(request).update(session, pid, object, newPid, newSysMeta);
+
+ // get the updated system metadata
+ SystemMetadata updatedSysMeta =
+ MNodeService.getInstance(request).getSystemMetadata(session, updatedPid);
+ assertEquals(updatedPid.getValue(), updatedSysMeta.getIdentifier().getValue());
+
+ try {
+ //publish will fail too
+ MNodeService.getInstance(request).publish(session, updatedPid);
+ fail("we shouldn't get here since publishing should fail when the feature is disabled");
+ } catch (Exception e) {
+ assertTrue(e instanceof ServiceFailure);
+ assertTrue(e.getMessage().contains("DOI scheme is not enabled at this node"));
+ }
+ } finally {
+ PropertyService.getInstance().setPropertyNoPersist("guid.ezid.enabled", originDOIstatusStr);
+ DOIServiceFactory.getDOIService().refreshStatus();
+ }
+ }
}