Search in sources :

Example 1 with AttributeValueException

use of com.runwaysdk.dataaccess.attributes.AttributeValueException in project geoprism-registry by terraframe.

the class UserInfo method applyUserWithRoles.

@Transaction
public static JSONObject applyUserWithRoles(JsonObject account, String[] roleNameArray, boolean isUserInvite) {
    GeoprismUser geoprismUser = deserialize(account);
    if (roleNameArray != null && roleNameArray.length == 0) {
        // TODO : Better Error
        throw new AttributeValueException("You're attempting to apply a user with zero roles?", "");
    }
    /*
     * Make sure they have permissions to all these new roles they want to
     * assign
     */
    if (!isUserInvite && Session.getCurrentSession() != null && Session.getCurrentSession().getUser() != null) {
        Set<RoleDAOIF> myRoles = Session.getCurrentSession().getUser().authorizedRoles();
        boolean hasSRA = false;
        for (RoleDAOIF myRole : myRoles) {
            if (RegistryRole.Type.isSRA_Role(myRole.getRoleName())) {
                hasSRA = true;
            }
        }
        if (!hasSRA && roleNameArray != null) {
            for (String roleName : roleNameArray) {
                boolean hasPermission = false;
                if (RegistryRole.Type.isOrgRole(roleName) && !RegistryRole.Type.isRootOrgRole(roleName)) {
                    String orgCodeArg = RegistryRole.Type.parseOrgCode(roleName);
                    for (RoleDAOIF myRole : myRoles) {
                        if (RegistryRole.Type.isRA_Role(myRole.getRoleName())) {
                            String myOrgCode = RegistryRole.Type.parseOrgCode(myRole.getRoleName());
                            if (myOrgCode.equals(orgCodeArg)) {
                                hasPermission = true;
                                break;
                            }
                        }
                    }
                } else if (RegistryRole.Type.isSRA_Role(roleName)) {
                    SRAException ex = new SRAException();
                    throw ex;
                } else {
                    hasPermission = true;
                }
                if (!hasPermission) {
                    OrganizationRAException ex = new OrganizationRAException();
                    throw ex;
                }
            }
        }
    }
    // They're not allowed to change the admin username
    if (!geoprismUser.isNew()) {
        GeoprismUser adminUser = getAdminUser();
        if (adminUser != null && adminUser.getOid().equals(geoprismUser.getOid()) && !geoprismUser.getUsername().equals(RegistryConstants.ADMIN_USER_NAME)) {
            // TODO : Better Error
            throw new AttributeValueException("You can't change the admin username", RegistryConstants.ADMIN_USER_NAME);
        }
    }
    geoprismUser.apply();
    if (roleNameArray != null) {
        List<Roles> newRoles = new LinkedList<Roles>();
        Set<String> roleIdSet = new HashSet<String>();
        for (String roleName : roleNameArray) {
            Roles role = Roles.findRoleByName(roleName);
            roleIdSet.add(role.getOid());
            newRoles.add(role);
        }
        List<ConfigurationIF> configurations = ConfigurationService.getConfigurations();
        for (ConfigurationIF configuration : configurations) {
            configuration.configureUserRoles(roleIdSet);
        }
        UserDAOIF user = UserDAO.get(geoprismUser.getOid());
        // Remove existing roles.
        Set<RoleDAOIF> userRoles = user.assignedRoles();
        for (RoleDAOIF roleDAOIF : userRoles) {
            RoleDAO roleDAO = RoleDAO.get(roleDAOIF.getOid()).getBusinessDAO();
            if (!(geoprismUser.getUsername().equals(RegistryConstants.ADMIN_USER_NAME) && (roleDAO.getRoleName().equals(RegistryConstants.REGISTRY_SUPER_ADMIN_ROLE) || roleDAO.getRoleName().equals(DefaultConfiguration.ADMIN)))) {
                roleDAO.deassignMember(user);
            }
        }
        // Delete existing relationships with Organizations.
        QueryFactory qf = new QueryFactory();
        OrganizationUserQuery q = new OrganizationUserQuery(qf);
        q.WHERE(q.childOid().EQ(geoprismUser.getOid()));
        OIterator<? extends OrganizationUser> i = q.getIterator();
        i.forEach(r -> r.delete());
        /*
       * Assign roles and associate with the user
       */
        Set<String> organizationSet = new HashSet<String>();
        for (Roles role : newRoles) {
            RoleDAO roleDAO = (RoleDAO) BusinessFacade.getEntityDAO(role);
            roleDAO.assignMember(user);
            RegistryRole registryRole = new RegistryRoleConverter().build(role);
            if (registryRole != null) {
                String organizationCode = registryRole.getOrganizationCode();
                if (organizationCode != null && !organizationCode.equals("") && !organizationSet.contains(organizationCode)) {
                    Organization organization = Organization.getByCode(organizationCode);
                    organization.addUsers(geoprismUser).apply();
                    organizationSet.add(organizationCode);
                }
            }
        }
    }
    UserInfo info = getByUser(geoprismUser);
    if (info == null) {
        info = new UserInfo();
        info.setGeoprismUser(geoprismUser);
    } else {
        info.lock();
    }
    if (account.has(UserInfo.ALTFIRSTNAME)) {
        info.setAltFirstName(account.get(UserInfo.ALTFIRSTNAME).getAsString());
    } else {
        info.setAltFirstName("");
    }
    if (account.has(UserInfo.ALTLASTNAME)) {
        info.setAltLastName(account.get(UserInfo.ALTLASTNAME).getAsString());
    } else {
        info.setAltLastName("");
    }
    if (account.has(UserInfo.ALTPHONENUMBER)) {
        info.setAltPhoneNumber(account.get(UserInfo.ALTPHONENUMBER).getAsString());
    } else {
        info.setAltPhoneNumber("");
    }
    if (account.has(UserInfo.POSITION)) {
        info.setPosition(account.get(UserInfo.POSITION).getAsString());
    } else {
        info.setPosition("");
    }
    if (account.has(UserInfo.DEPARTMENT)) {
        info.setDepartment(account.get(UserInfo.DEPARTMENT).getAsString());
    } else {
        info.setDepartment("");
    }
    if (account.has(UserInfo.EXTERNALSYSTEMOID)) {
        info.setExternalSystemOid(account.get(UserInfo.EXTERNALSYSTEMOID).getAsString());
    } else {
        info.setExternalSystemOid("");
    }
    info.apply();
    return serialize(geoprismUser, info);
}
Also used : RegistryRole(org.commongeoregistry.adapter.metadata.RegistryRole) QueryFactory(com.runwaysdk.query.QueryFactory) Roles(com.runwaysdk.system.Roles) AttributeValueException(com.runwaysdk.dataaccess.attributes.AttributeValueException) LinkedList(java.util.LinkedList) ConfigurationIF(net.geoprism.ConfigurationIF) RegistryRoleConverter(net.geoprism.registry.conversion.RegistryRoleConverter) RoleDAO(com.runwaysdk.business.rbac.RoleDAO) GeoprismUser(net.geoprism.GeoprismUser) RoleDAOIF(com.runwaysdk.business.rbac.RoleDAOIF) UserDAOIF(com.runwaysdk.business.rbac.UserDAOIF) HashSet(java.util.HashSet) Transaction(com.runwaysdk.dataaccess.transaction.Transaction)

Example 2 with AttributeValueException

use of com.runwaysdk.dataaccess.attributes.AttributeValueException in project geoprism-registry by terraframe.

the class ServerHierarchyTypeBuilder method createHierarchyType.

@Transaction
public ServerHierarchyType createHierarchyType(HierarchyType hierarchyType) {
    if (hierarchyType.getOrganizationCode() == null || hierarchyType.getOrganizationCode().equals("")) {
        // TODO : A better exception
        throw new AttributeValueException("Organization code cannot be null.", hierarchyType.getOrganizationCode());
    }
    Organization organization = Organization.getByCode(hierarchyType.getOrganizationCode());
    String addons = new String(RegistryConstants.UNIVERSAL_RELATIONSHIP_POST + "AllPathsTable");
    if (hierarchyType.getCode().length() > (64 - addons.length())) {
        // Initializing the Universal allpaths strategy creates this limitation.
        CodeLengthException ex = new CodeLengthException();
        ex.setLength(64 - addons.length());
        throw ex;
    }
    RoleDAO maintainer = RoleDAO.findRole(RegistryConstants.REGISTRY_MAINTAINER_ROLE).getBusinessDAO();
    RoleDAO consumer = RoleDAO.findRole(RegistryConstants.API_CONSUMER_ROLE).getBusinessDAO();
    RoleDAO contributor = RoleDAO.findRole(RegistryConstants.REGISTRY_CONTRIBUTOR_ROLE).getBusinessDAO();
    InitializationStrategyIF strategy = new InitializationStrategyIF() {

        @Override
        public void preApply(MdBusinessDAO mdBusiness) {
            mdBusiness.setValue(MdBusinessInfo.GENERATE_SOURCE, MdAttributeBooleanInfo.FALSE);
        }

        @Override
        public void postApply(MdBusinessDAO mdBusiness) {
            RoleDAO adminRole = RoleDAO.findRole(DefaultConfiguration.ADMIN).getBusinessDAO();
            adminRole.grantPermission(Operation.READ, mdBusiness.getOid());
            adminRole.grantPermission(Operation.READ_ALL, mdBusiness.getOid());
            adminRole.grantPermission(Operation.WRITE, mdBusiness.getOid());
            adminRole.grantPermission(Operation.WRITE_ALL, mdBusiness.getOid());
            adminRole.grantPermission(Operation.CREATE, mdBusiness.getOid());
            adminRole.grantPermission(Operation.DELETE, mdBusiness.getOid());
            maintainer.grantPermission(Operation.READ, mdBusiness.getOid());
            maintainer.grantPermission(Operation.READ_ALL, mdBusiness.getOid());
            maintainer.grantPermission(Operation.WRITE, mdBusiness.getOid());
            maintainer.grantPermission(Operation.WRITE_ALL, mdBusiness.getOid());
            maintainer.grantPermission(Operation.CREATE, mdBusiness.getOid());
            maintainer.grantPermission(Operation.DELETE, mdBusiness.getOid());
            consumer.grantPermission(Operation.READ, mdBusiness.getOid());
            consumer.grantPermission(Operation.READ_ALL, mdBusiness.getOid());
            contributor.grantPermission(Operation.READ, mdBusiness.getOid());
            contributor.grantPermission(Operation.READ_ALL, mdBusiness.getOid());
        }
    };
    try {
        MdTermRelationship mdTermRelUniversal = this.newHierarchyToMdTermRelForUniversals(hierarchyType);
        mdTermRelUniversal.apply();
        this.grantWritePermissionsOnMdTermRel(mdTermRelUniversal);
        this.grantWritePermissionsOnMdTermRel(maintainer, mdTermRelUniversal);
        this.grantReadPermissionsOnMdTermRel(consumer, mdTermRelUniversal);
        this.grantReadPermissionsOnMdTermRel(contributor, mdTermRelUniversal);
        Universal.getStrategy().initialize(mdTermRelUniversal.definesType(), strategy);
        MdEdge mdEdge = this.createMdEdge(hierarchyType);
        this.grantWritePermissionsOnMdTermRel(mdEdge);
        this.grantWritePermissionsOnMdTermRel(maintainer, mdEdge);
        this.grantReadPermissionsOnMdTermRel(consumer, mdEdge);
        this.grantReadPermissionsOnMdTermRel(contributor, mdEdge);
        HierarchicalRelationshipType hierarchicalRelationship = new HierarchicalRelationshipType();
        hierarchicalRelationship.setCode(hierarchyType.getCode());
        hierarchicalRelationship.setOrganization(organization);
        populate(hierarchicalRelationship.getDisplayLabel(), hierarchyType.getLabel());
        populate(hierarchicalRelationship.getDescription(), hierarchyType.getDescription());
        hierarchicalRelationship.setMdTermRelationship(mdTermRelUniversal);
        hierarchicalRelationship.setMdEdge(mdEdge);
        hierarchicalRelationship.setAbstractDescription(hierarchyType.getAbstractDescription());
        hierarchicalRelationship.setAcknowledgement(hierarchyType.getAcknowledgement());
        hierarchicalRelationship.setDisclaimer(hierarchyType.getDisclaimer());
        hierarchicalRelationship.setContact(hierarchyType.getContact());
        hierarchicalRelationship.setPhoneNumber(hierarchyType.getPhoneNumber());
        hierarchicalRelationship.setEmail(hierarchyType.getEmail());
        hierarchicalRelationship.setProgress(hierarchyType.getProgress());
        hierarchicalRelationship.setAccessConstraints(hierarchyType.getAccessConstraints());
        hierarchicalRelationship.setUseConstraints(hierarchyType.getUseConstraints());
        hierarchicalRelationship.apply();
        return this.get(hierarchicalRelationship);
    } catch (DuplicateDataException ex) {
        DuplicateHierarchyTypeException ex2 = new DuplicateHierarchyTypeException();
        ex2.setDuplicateValue(hierarchyType.getCode());
        throw ex2;
    }
}
Also used : Organization(net.geoprism.registry.Organization) MdEdge(com.runwaysdk.system.metadata.MdEdge) DuplicateDataException(com.runwaysdk.dataaccess.DuplicateDataException) RoleDAO(com.runwaysdk.business.rbac.RoleDAO) MdBusinessDAO(com.runwaysdk.dataaccess.metadata.MdBusinessDAO) DuplicateHierarchyTypeException(net.geoprism.registry.DuplicateHierarchyTypeException) InitializationStrategyIF(com.runwaysdk.business.ontology.InitializationStrategyIF) HierarchicalRelationshipType(net.geoprism.registry.HierarchicalRelationshipType) AttributeValueException(com.runwaysdk.dataaccess.attributes.AttributeValueException) MdTermRelationship(com.runwaysdk.system.metadata.MdTermRelationship) CodeLengthException(net.geoprism.registry.CodeLengthException) Transaction(com.runwaysdk.dataaccess.transaction.Transaction)

Example 3 with AttributeValueException

use of com.runwaysdk.dataaccess.attributes.AttributeValueException in project geoprism-registry by terraframe.

the class RegistryAccountUtil method initiateInTrans.

@Transaction
public static void initiateInTrans(String sInvite, String roleIds) {
    if (roleIds == null || roleIds.length() == 0 || JsonParser.parseString(roleIds).getAsJsonArray().size() == 0) {
        // TODO : Better Error
        throw new AttributeValueException("You're attempting to invite a user with zero roles?", "");
    }
    JSONObject joInvite = new JSONObject(sInvite);
    String email = joInvite.getString("email");
    UserInvite invite = new UserInvite();
    invite.setEmail(email);
    UserInviteQuery query = new UserInviteQuery(new QueryFactory());
    query.WHERE(query.getEmail().EQi(invite.getEmail()));
    OIterator<? extends UserInvite> it = query.getIterator();
    while (it.hasNext()) {
        it.next().delete();
    }
    invite.setStartTime(new Date());
    invite.setToken(generateEncryptedToken(invite.getEmail()));
    invite.setRoleIds(roleIds);
    invite.apply();
    RegistryAccountUtil.sendEmail(invite, roleIds);
}
Also used : UserInvite(net.geoprism.account.UserInvite) QueryFactory(com.runwaysdk.query.QueryFactory) JSONObject(org.json.JSONObject) UserInviteQuery(net.geoprism.account.UserInviteQuery) AttributeValueException(com.runwaysdk.dataaccess.attributes.AttributeValueException) Date(java.util.Date) Transaction(com.runwaysdk.dataaccess.transaction.Transaction)

Aggregations

AttributeValueException (com.runwaysdk.dataaccess.attributes.AttributeValueException)3 Transaction (com.runwaysdk.dataaccess.transaction.Transaction)3 RoleDAO (com.runwaysdk.business.rbac.RoleDAO)2 QueryFactory (com.runwaysdk.query.QueryFactory)2 InitializationStrategyIF (com.runwaysdk.business.ontology.InitializationStrategyIF)1 RoleDAOIF (com.runwaysdk.business.rbac.RoleDAOIF)1 UserDAOIF (com.runwaysdk.business.rbac.UserDAOIF)1 DuplicateDataException (com.runwaysdk.dataaccess.DuplicateDataException)1 MdBusinessDAO (com.runwaysdk.dataaccess.metadata.MdBusinessDAO)1 Roles (com.runwaysdk.system.Roles)1 MdEdge (com.runwaysdk.system.metadata.MdEdge)1 MdTermRelationship (com.runwaysdk.system.metadata.MdTermRelationship)1 Date (java.util.Date)1 HashSet (java.util.HashSet)1 LinkedList (java.util.LinkedList)1 ConfigurationIF (net.geoprism.ConfigurationIF)1 GeoprismUser (net.geoprism.GeoprismUser)1 UserInvite (net.geoprism.account.UserInvite)1 UserInviteQuery (net.geoprism.account.UserInviteQuery)1 CodeLengthException (net.geoprism.registry.CodeLengthException)1