From 40e3136bb1489c4744dc977febdd031789f70d12 Mon Sep 17 00:00:00 2001
From: Jing Tao <tao@nceas.ucsb.edu>
Date: Fri, 17 Dec 2021 12:45:30 -0800
Subject: [PATCH 1/5] Remove the exception in the register method if the doi
 service is disabled. ref:https://github.com/NCEAS/metacat/issues/1542

---
 src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java b/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
index 02d6a0a6d..4693260b1 100644
--- a/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
+++ b/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
@@ -243,10 +243,7 @@ public boolean registerDOI(SystemMetadata sysMeta) throws InvalidRequest, DOIExc
 			        throw new DOIException(e.getMessage());
 			    }
 			}
-		} else {
-		    throw new InvalidRequest("2193", "DOI scheme is not enabled at this node.");
-		}
-
+		} 
 		return true;
 	}
 

From b2dcba537ab545919262bc6ba5e8fc17574333ac Mon Sep 17 00:00:00 2001
From: Jing Tao <tao@nceas.ucsb.edu>
Date: Sat, 18 Dec 2021 18:20:36 -0800
Subject: [PATCH 2/5] Bump log4j2 version to 2.17.0. Ref:
 https://github.com/NCEAS/metacat/issues/1544

---
 metacat-common/pom.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/metacat-common/pom.xml b/metacat-common/pom.xml
index a17777073..a02eb54b8 100644
--- a/metacat-common/pom.xml
+++ b/metacat-common/pom.xml
@@ -219,17 +219,17 @@
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-1.2-api</artifactId>
-            <version>2.16.0</version>
+            <version>2.17.0</version>
         </dependency>
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-core</artifactId>
-            <version>2.16.0</version>
+            <version>2.17.0</version>
         </dependency>
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-jcl</artifactId>
-            <version>2.16.0</version>
+            <version>2.17.0</version>
         </dependency>
         <dependency>
             <groupId>commons-logging</groupId>

From 501a91643ec5f647a6338080d4283cddae30824c Mon Sep 17 00:00:00 2001
From: Jing Tao <tao@nceas.ucsb.edu>
Date: Sat, 18 Dec 2021 21:04:22 -0800
Subject: [PATCH 3/5] Add the method to test the create and update methods when
 the doi services is forced to be disabled. Ref:
 https://github.com/NCEAS/metacat/issues/1542

---
 .../ucsb/nceas/metacat/doi/DOIService.java    |  7 +++
 .../metacat/doi/ezid/EzidDOIService.java      |  9 +++
 .../metacat/dataone/MNodeServiceTest.java     | 61 ++++++++++++++++++-
 3 files changed, 76 insertions(+), 1 deletion(-)

diff --git a/src/edu/ucsb/nceas/metacat/doi/DOIService.java b/src/edu/ucsb/nceas/metacat/doi/DOIService.java
index 3e9e2ff9c..be34afa42 100644
--- a/src/edu/ucsb/nceas/metacat/doi/DOIService.java
+++ b/src/edu/ucsb/nceas/metacat/doi/DOIService.java
@@ -25,6 +25,7 @@
 import org.dataone.service.types.v2.SystemMetadata;
 
 import edu.ucsb.nceas.ezid.EZIDException;
+import edu.ucsb.nceas.utilities.PropertyNotFoundException;
 
 /**
  * An interface for the DOI service
@@ -51,4 +52,10 @@ public boolean registerDOI(SystemMetadata sysMeta) throws InvalidRequest, DOIExc
      * @throws InvalidRequest
      */
     public Identifier generateDOI() throws DOIException, InvalidRequest;
+    
+    /**
+     * Refresh the status (enable or disable) of the DOI service from property file
+     * @throws PropertyNotFoundException 
+     */
+    public void refreshStatus() throws PropertyNotFoundException;
 }
diff --git a/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java b/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
index 4693260b1..6d31d56cf 100644
--- a/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
+++ b/src/edu/ucsb/nceas/metacat/doi/ezid/EzidDOIService.java
@@ -369,5 +369,14 @@ public Identifier generateDOI() throws DOIException, InvalidRequest {
 	    }
 		return identifier;
 	}
+	
+
+    /**
+     * Refresh the status (enable or disable) of the DOI service from property file
+     * @throws PropertyNotFoundException 
+     */
+    public void refreshStatus() throws PropertyNotFoundException {
+        doiEnabled = new Boolean(PropertyService.getProperty("guid.ezid.enabled")).booleanValue();
+    }
 
 }
diff --git a/test/edu/ucsb/nceas/metacat/dataone/MNodeServiceTest.java b/test/edu/ucsb/nceas/metacat/dataone/MNodeServiceTest.java
index 8e461c77c..757109db7 100644
--- a/test/edu/ucsb/nceas/metacat/dataone/MNodeServiceTest.java
+++ b/test/edu/ucsb/nceas/metacat/dataone/MNodeServiceTest.java
@@ -33,6 +33,7 @@
 import edu.ucsb.nceas.metacat.database.DBConnectionPool;
 import edu.ucsb.nceas.metacat.dataone.CNodeService;
 import edu.ucsb.nceas.metacat.dataone.MNodeService;
+import edu.ucsb.nceas.metacat.doi.DOIServiceFactory;
 import edu.ucsb.nceas.metacat.object.handler.JsonLDHandlerTest;
 import edu.ucsb.nceas.metacat.object.handler.NonXMLMetadataHandlers;
 import edu.ucsb.nceas.metacat.properties.PropertyService;
@@ -215,6 +216,7 @@ public static Test suite() {
     suite.addTest(new MNodeServiceTest("testInsertJson_LD"));
     suite.addTest(new MNodeServiceTest("testCreateAndUpdateEventLog"));
     suite.addTest(new MNodeServiceTest("testUpdateSystemMetadataPermission"));
+    suite.addTest(new MNodeServiceTest("testCreateAndUpdateWithDoiDisabled"));
     return suite;
     
   }
@@ -1977,7 +1979,7 @@ else if (entry.getName().contains("data.2")) {
           // clean up
           bagFile.delete();
           Identifier doi = MNodeService.getInstance(request).publish(session, metadataId);
-          Thread.sleep(60000);
+          Thread.sleep(80000);
           System.out.println("+++++++++++++++++++ the metadataId on the ore package is "+metadataId.getValue());
           List<Identifier> oreIds = MNodeService.getInstance(request).lookupOreFor(session, doi, true);
           assertTrue(oreIds.size() == 1);
@@ -4068,5 +4070,62 @@ private ResultSet getEventLogs(Identifier guid) throws Exception {
         }
         return result;
     }
+    
+    
+    /**
+     * Test to create and update object when DOI setting is disabled
+     */
+    public void testCreateAndUpdateWithDoiDisabled() throws Exception {
+        printTestHeader("testCreateAndUpdateWithDoiDisabled");
+        String originDOIstatusStr = PropertyService.getInstance().getProperty("guid.ezid.enabled");
+        System.out.println("the dois status is ++++++++++++++ " + originDOIstatusStr);
+        try {
+            Session session = getTestSession();
+            PropertyService.getInstance().setPropertyNoPersist("guid.ezid.enabled", "false");//disable doi
+            DOIServiceFactory.getDOIService().refreshStatus();
+            try {
+                //make sure the service of doi is disabled
+                MNodeService.getInstance(request).generateIdentifier(session, "doi", null);
+                fail("we shouldn't get here since generating doi should fail when the feature is disabled");
+            } catch (Exception e) {
+                assertTrue(e instanceof ServiceFailure);
+                assertTrue(e.getMessage().contains("DOI scheme is not enabled at this node"));
+            }
+            Identifier guid = new Identifier();
+            guid.setValue("testCreateAndUpdateWithDoiDisabled." + System.currentTimeMillis());
+            InputStream object = new ByteArrayInputStream("test".getBytes("UTF-8"));
+            SystemMetadata sysmeta = createSystemMetadata(guid, session.getSubject(), object);
+            Identifier newPid = new Identifier();
+            newPid.setValue("testCreateAndUpdateWithDoiDisabled-2." + (System.currentTimeMillis() + 1)); // ensure it is different from original
+            Identifier pid = 
+              MNodeService.getInstance(request).create(session, guid, object, sysmeta);
+            SystemMetadata getSysMeta = 
+                    MNodeService.getInstance(request).getSystemMetadata(session, pid);
+            assertEquals(pid.getValue(), getSysMeta.getIdentifier().getValue());
+            
+            object = new ByteArrayInputStream("test".getBytes("UTF-8"));
+            SystemMetadata newSysMeta = createSystemMetadata(newPid, session.getSubject(), object);
+            // do the update
+            Identifier updatedPid = 
+              MNodeService.getInstance(request).update(session, pid, object, newPid, newSysMeta);
+            
+            // get the updated system metadata
+            SystemMetadata updatedSysMeta = 
+              MNodeService.getInstance(request).getSystemMetadata(session, updatedPid);
+            assertEquals(updatedPid.getValue(), updatedSysMeta.getIdentifier().getValue());
+            
+            try {
+                //publish will fail too
+                MNodeService.getInstance(request).publish(session, updatedPid);
+                fail("we shouldn't get here since publishing should fail when the feature is disabled");
+            } catch (Exception e) {
+                assertTrue(e instanceof ServiceFailure);
+                assertTrue(e.getMessage().contains("DOI scheme is not enabled at this node"));
+            }
+        } finally {
+            PropertyService.getInstance().setPropertyNoPersist("guid.ezid.enabled", originDOIstatusStr);
+            DOIServiceFactory.getDOIService().refreshStatus();
+        }
+    }
 }
 

From f7e5aedc56b7f134669ace7f6df191fe4cfc7ca5 Mon Sep 17 00:00:00 2001
From: Jing Tao <tao@nceas.ucsb.edu>
Date: Sun, 19 Dec 2021 12:08:07 -0800
Subject: [PATCH 4/5] Bump Metacat to 2.16.1

---
 README.md                             |  9 +++++++--
 build.properties                      |  2 +-
 lib/metacat.properties                |  3 ++-
 metacat-common/pom.xml                |  2 +-
 metacat-index/pom.xml                 |  4 ++--
 pom.xml                               |  4 ++--
 src/loaddtdschema-postgres.sql        |  2 +-
 src/upgrade-db-to-2.16.1-postgres.sql | 13 +++++++++++++
 8 files changed, 29 insertions(+), 10 deletions(-)
 create mode 100644 src/upgrade-db-to-2.16.1-postgres.sql

diff --git a/README.md b/README.md
index 9a1578390..1d6c54323 100755
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Metacat: Data Preservation and Discovery System
 
-Version: 2.16.0 Release
+Version: 2.16.1 Release
 
 Send feedback and bugs to: metacat-dev@ecoinformatics.org
                            http://github.com/NCEAS/metacat
@@ -67,9 +67,14 @@ for the next release.
 
 ## Release Notes
 
+### Release Notes for 2.16.1
+Bugs fixed in this release:
+* Upgrade some library jar files to fix critical severe vulnerabilities
+* Metacat cannot create objects without DOI setting enabled
+
 ### Release Notes for 2.16.0
 New features and bugs fixed in this release:
-* Upgrade some library jar files to fix critical security threats
+* Upgrade some library jar files to fix critical security vulnerabilities
 * Refactor the DOI service to use the plug-in architecture
 * CN subjects cannot query private objects
 * Users with the write permission cannot update system metadata
diff --git a/build.properties b/build.properties
index 5048b6006..27f886169 100755
--- a/build.properties
+++ b/build.properties
@@ -2,7 +2,7 @@
 
 #Version of this build.  This needs to be a dotted numeric version.  For
 #instance 1.9.1 is okay.  1.9.1_rc1 is not.
-metacat.version=2.16.0
+metacat.version=2.16.1
 
 #This is for packaging purposes.  leave it blank for final production release.
 metacat.releaseCandidate=
diff --git a/lib/metacat.properties b/lib/metacat.properties
index 7fe60383b..dfa873ce7 100755
--- a/lib/metacat.properties
+++ b/lib/metacat.properties
@@ -34,7 +34,7 @@ server.internalPort=80
 ############### Application Values ############
 
 ## one of the few places where we use ANT tokens
-application.metacatVersion=2.16.0
+application.metacatVersion=2.16.1
 application.metacatReleaseInfo=-1
 application.readOnlyMode=false
 
@@ -136,6 +136,7 @@ database.upgradeVersion.2.14.1=upgrade-db-to-2.14.1
 database.upgradeVersion.2.15.0=upgrade-db-to-2.15.0
 database.upgradeVersion.2.15.1=upgrade-db-to-2.15.1
 database.upgradeVersion.2.16.0=upgrade-db-to-2.16.0
+database.upgradeVersion.2.16.1=upgrade-db-to-2.16.1
 
 ## for running java-based utilities
 database.upgradeUtility.1.5.0=edu.ucsb.nceas.metacat.admin.upgrade.Upgrade1_5_0
diff --git a/metacat-common/pom.xml b/metacat-common/pom.xml
index a02eb54b8..48770bc69 100644
--- a/metacat-common/pom.xml
+++ b/metacat-common/pom.xml
@@ -4,7 +4,7 @@
 	<groupId>edu.ucsb.nceas.metacat.common</groupId>
 	<artifactId>metacat-common</artifactId>
 	<packaging>jar</packaging>
-	<version>2.16.0</version>
+	<version>2.16.1</version>
 	<name>metacat-common</name>
 	<url>http://maven.apache.org</url>
 	<properties>
diff --git a/metacat-index/pom.xml b/metacat-index/pom.xml
index 0b78dbf4e..0c6c86668 100644
--- a/metacat-index/pom.xml
+++ b/metacat-index/pom.xml
@@ -4,13 +4,13 @@
 	<groupId>edu.ucsb.nceas.metacat.index</groupId>
 	<artifactId>metacat-index</artifactId>
 	<packaging>war</packaging>
-	<version>2.16.0</version>
+	<version>2.16.1</version>
 	<name>metacat-index</name>
 	<url>http://maven.apache.org</url>
 	
 	<properties>
         <d1_cn_index_processor_version>2.3.14</d1_cn_index_processor_version>
-        <metacat_common_version>2.16.0</metacat_common_version>
+        <metacat_common_version>2.16.1</metacat_common_version>
     </properties>
 	
 	<repositories>
diff --git a/pom.xml b/pom.xml
index 6721dbc19..898a1ae85 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.ecoinformatics</groupId>
     <artifactId>metacat</artifactId>
-    <version>2.16.0</version>
+    <version>2.16.1</version>
     <name>metacat</name>
     <packaging>war</packaging>
     <url>http://maven.apache.org</url>
@@ -12,7 +12,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <d1_libclient_version>2.3.1</d1_libclient_version>
         <d1_portal_version>2.3.2</d1_portal_version>
-        <metacat_common_version>2.16.0</metacat_common_version>
+        <metacat_common_version>2.16.1</metacat_common_version>
     </properties>
     <repositories>
         <repository>
diff --git a/src/loaddtdschema-postgres.sql b/src/loaddtdschema-postgres.sql
index 4d86af86c..be2d515ab 100755
--- a/src/loaddtdschema-postgres.sql
+++ b/src/loaddtdschema-postgres.sql
@@ -217,4 +217,4 @@ INSERT INTO xml_catalog (entry_type, public_id, system_id) SELECT 'Schema', 'htt
 INSERT INTO xml_catalog (entry_type, public_id, format_id) SELECT 'NonXML', 'science-on-schema.org/Dataset;ld+json', 'science-on-schema.org/Dataset;ld+json'  WHERE NOT EXISTS (SELECT * FROM xml_catalog WHERE public_id='science-on-schema.org/Dataset;ld+json');
 
 INSERT INTO db_version (version, status, date_created) 
-  VALUES ('2.16.0',1,CURRENT_DATE);
+  VALUES ('2.16.1',1,CURRENT_DATE);
diff --git a/src/upgrade-db-to-2.16.1-postgres.sql b/src/upgrade-db-to-2.16.1-postgres.sql
new file mode 100644
index 000000000..b16765dd7
--- /dev/null
+++ b/src/upgrade-db-to-2.16.1-postgres.sql
@@ -0,0 +1,13 @@
+/*
+ * Ensure xml_catalog sequence is at table max
+ */
+
+SELECT setval('xml_catalog_id_seq', (SELECT max(catalog_id) from xml_catalog));
+
+/*
+ * update the database version
+ */
+UPDATE db_version SET status=0;
+
+INSERT INTO db_version (version, status, date_created)
+  VALUES ('2.16.1', 1, CURRENT_DATE);

From 7615b62992934512f48738cdaa0b954f1788821b Mon Sep 17 00:00:00 2001
From: Jing Tao <tao@nceas.ucsb.edu>
Date: Mon, 20 Dec 2021 09:53:59 -0800
Subject: [PATCH 5/5] Fixed a typo in the release note.

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 1d6c54323..0ab852df2 100755
--- a/README.md
+++ b/README.md
@@ -69,7 +69,7 @@ for the next release.
 
 ### Release Notes for 2.16.1
 Bugs fixed in this release:
-* Upgrade some library jar files to fix critical severe vulnerabilities
+* Upgrade some library jar files to fix severe security vulnerabilities
 * Metacat cannot create objects without DOI setting enabled
 
 ### Release Notes for 2.16.0