Example 6 with PermissionException
use of edu.harvard.iq.dataverse.engine.command.exception.PermissionException in project dataverse by IQSS.
the class ManagePermissionsPage method saveConfiguration.
public void saveConfiguration(ActionEvent e) {
// Set role (if any) for authenticatedUsers
DataverseRole roleToAssign = null;
List<String> contributorRoles = Arrays.asList(DataverseRole.FULL_CONTRIBUTOR, DataverseRole.DV_CONTRIBUTOR, DataverseRole.DS_CONTRIBUTOR);
if (!StringUtil.isEmpty(authenticatedUsersContributorRoleAlias)) {
roleToAssign = roleService.findBuiltinRoleByAlias(authenticatedUsersContributorRoleAlias);
}
// then, check current contributor role
List<RoleAssignment> aUsersRoleAssignments = roleService.directRoleAssignments(AuthenticatedUsers.get(), dvObject);
for (RoleAssignment roleAssignment : aUsersRoleAssignments) {
DataverseRole currentRole = roleAssignment.getRole();
if (contributorRoles.contains(currentRole.getAlias())) {
if (currentRole.equals(roleToAssign)) {
// found the role, so no need to assign
roleToAssign = null;
} else {
revokeRole(roleAssignment);
}
}
}
// finally, assign role, if new
if (roleToAssign != null) {
assignRole(AuthenticatedUsers.get(), roleToAssign);
}
// set dataverse default contributor role
if (dvObject instanceof Dataverse) {
Dataverse dv = (Dataverse) dvObject;
DataverseRole defaultRole = roleService.findBuiltinRoleByAlias(defaultContributorRoleAlias);
if (!defaultRole.equals(dv.getDefaultContributorRole())) {
try {
commandEngine.submit(new UpdateDataverseDefaultContributorRoleCommand(defaultRole, dvRequestService.getDataverseRequest(), dv));
JsfHelper.addSuccessMessage("The default permissions for this dataverse have been updated.");
} catch (PermissionException ex) {
JH.addMessage(FacesMessage.SEVERITY_ERROR, "Cannot assign default permissions.", "Permissions " + ex.getRequiredPermissions().toString() + " missing.");
} catch (CommandException ex) {
JH.addMessage(FacesMessage.SEVERITY_FATAL, "Cannot assign default permissions.");
logger.log(Level.SEVERE, "Error assigning default permissions: " + ex.getMessage(), ex);
}
}
}
roleAssignments = initRoleAssignments();
showConfigureMessages();
}
Also used :
PermissionException(edu.harvard.iq.dataverse.engine.command.exception.PermissionException)
UpdateDataverseDefaultContributorRoleCommand(edu.harvard.iq.dataverse.engine.command.impl.UpdateDataverseDefaultContributorRoleCommand)
CommandException(edu.harvard.iq.dataverse.engine.command.exception.CommandException)
DataverseRole(edu.harvard.iq.dataverse.authorization.DataverseRole)
Example 7 with PermissionException
use of edu.harvard.iq.dataverse.engine.command.exception.PermissionException in project dataverse by IQSS.
the class DestroyDatasetCommand method executeImpl.
@Override
protected void executeImpl(CommandContext ctxt) throws CommandException {
// first check if dataset is released, and if so, if user is a superuser
if (doomed.isReleased() && (!(getUser() instanceof AuthenticatedUser) || !getUser().isSuperuser())) {
throw new PermissionException("Destroy can only be called by superusers.", this, Collections.singleton(Permission.DeleteDatasetDraft), doomed);
}
// If there is a dedicated thumbnail DataFile, it needs to be reset
// explicitly, or we'll get a constraint violation when deleting:
doomed.setThumbnailFile(null);
final Dataset managedDoomed = ctxt.em().merge(doomed);
List<String> datasetAndFileSolrIdsToDelete = new ArrayList<>();
// files need to iterate through and remove 'by hand' to avoid
// optimistic lock issues... (plus the physical files need to be
// deleted too!)
Iterator<DataFile> dfIt = doomed.getFiles().iterator();
while (dfIt.hasNext()) {
DataFile df = dfIt.next();
// Gather potential Solr IDs of files. As of this writing deaccessioned files are never indexed.
String solrIdOfPublishedFile = IndexServiceBean.solrDocIdentifierFile + df.getId();
datasetAndFileSolrIdsToDelete.add(solrIdOfPublishedFile);
String solrIdOfDraftFile = IndexServiceBean.solrDocIdentifierFile + df.getId() + IndexServiceBean.draftSuffix;
datasetAndFileSolrIdsToDelete.add(solrIdOfDraftFile);
ctxt.engine().submit(new DeleteDataFileCommand(df, getRequest(), true));
dfIt.remove();
}
// also, lets delete the uploaded thumbnails!
deleteDatasetLogo(doomed);
// ASSIGNMENTS
for (RoleAssignment ra : ctxt.roles().directRoleAssignments(doomed)) {
ctxt.em().remove(ra);
}
// ROLES
for (DataverseRole ra : ctxt.roles().findByOwnerId(doomed.getId())) {
ctxt.em().remove(ra);
}
IdServiceBean idServiceBean = IdServiceBean.getBean(ctxt);
try {
if (idServiceBean.alreadyExists(doomed)) {
idServiceBean.deleteIdentifier(doomed);
}
} catch (Exception e) {
logger.log(Level.WARNING, "Identifier deletion was not successfull:", e.getMessage());
}
Dataverse toReIndex = managedDoomed.getOwner();
// dataset
ctxt.em().remove(managedDoomed);
// add potential Solr IDs of datasets to list for deletion
String solrIdOfPublishedDatasetVersion = IndexServiceBean.solrDocIdentifierDataset + doomed.getId();
datasetAndFileSolrIdsToDelete.add(solrIdOfPublishedDatasetVersion);
String solrIdOfDraftDatasetVersion = IndexServiceBean.solrDocIdentifierDataset + doomed.getId() + IndexServiceBean.draftSuffix;
datasetAndFileSolrIdsToDelete.add(solrIdOfDraftDatasetVersion);
String solrIdOfDeaccessionedDatasetVersion = IndexServiceBean.solrDocIdentifierDataset + doomed.getId() + IndexServiceBean.deaccessionedSuffix;
datasetAndFileSolrIdsToDelete.add(solrIdOfDeaccessionedDatasetVersion);
IndexResponse resultOfSolrDeletionAttempt = ctxt.solrIndex().deleteMultipleSolrIds(datasetAndFileSolrIdsToDelete);
logger.log(Level.FINE, "Result of attempt to delete dataset and file IDs from the search index: {0}", resultOfSolrDeletionAttempt.getMessage());
ctxt.index().indexDataverse(toReIndex);
}
Also used :
PermissionException(edu.harvard.iq.dataverse.engine.command.exception.PermissionException)
Dataset(edu.harvard.iq.dataverse.Dataset)
RoleAssignment(edu.harvard.iq.dataverse.RoleAssignment)
ArrayList(java.util.ArrayList)
AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)
Dataverse(edu.harvard.iq.dataverse.Dataverse)
PermissionException(edu.harvard.iq.dataverse.engine.command.exception.PermissionException)
CommandException(edu.harvard.iq.dataverse.engine.command.exception.CommandException)
DataverseRole(edu.harvard.iq.dataverse.authorization.DataverseRole)
DataFile(edu.harvard.iq.dataverse.DataFile)
IndexResponse(edu.harvard.iq.dataverse.search.IndexResponse)
IdServiceBean(edu.harvard.iq.dataverse.IdServiceBean)
Example 8 with PermissionException
use of edu.harvard.iq.dataverse.engine.command.exception.PermissionException in project dataverse by IQSS.
the class HarvesterServiceBean method deleteHarvestedDataset.
private void deleteHarvestedDataset(Dataset dataset, DataverseRequest request, Logger hdLogger) {
// Purge all the SOLR documents associated with this client from the
// index server:
indexService.deleteHarvestedDocuments(dataset);
try {
// DeleteFileCommand on them.
for (DataFile harvestedFile : dataset.getFiles()) {
DataFile merged = em.merge(harvestedFile);
em.remove(merged);
harvestedFile = null;
}
dataset.setFiles(null);
Dataset merged = em.merge(dataset);
engineService.submit(new DeleteDatasetCommand(request, merged));
} catch (IllegalCommandException ex) {
// TODO: log the result
} catch (PermissionException ex) {
// TODO: log the result
} catch (CommandException ex) {
// TODO: log the result
}
// TODO: log the success result
}
Also used :
DataFile(edu.harvard.iq.dataverse.DataFile)
PermissionException(edu.harvard.iq.dataverse.engine.command.exception.PermissionException)
Dataset(edu.harvard.iq.dataverse.Dataset)
DeleteDatasetCommand(edu.harvard.iq.dataverse.engine.command.impl.DeleteDatasetCommand)
IllegalCommandException(edu.harvard.iq.dataverse.engine.command.exception.IllegalCommandException)
CommandException(edu.harvard.iq.dataverse.engine.command.exception.CommandException)
IllegalCommandException(edu.harvard.iq.dataverse.engine.command.exception.IllegalCommandException)
Example 9 with PermissionException
use of edu.harvard.iq.dataverse.engine.command.exception.PermissionException in project dataverse by IQSS.
the class GrantSuperuserStatusCommand method executeImpl.
@Override
protected void executeImpl(CommandContext ctxt) throws CommandException {
if (!(getUser() instanceof AuthenticatedUser) || !getUser().isSuperuser()) {
throw new PermissionException("Revoke Superuser status command can only be called by superusers.", this, null, null);
}
try {
targetUser.setSuperuser(true);
ctxt.em().merge(targetUser);
ctxt.em().flush();
} catch (Exception e) {
throw new CommandException("Failed to grant the superuser status to user " + targetUser.getIdentifier(), this);
}
}
Also used :
PermissionException(edu.harvard.iq.dataverse.engine.command.exception.PermissionException)
CommandException(edu.harvard.iq.dataverse.engine.command.exception.CommandException)
AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)
PermissionException(edu.harvard.iq.dataverse.engine.command.exception.PermissionException)
CommandException(edu.harvard.iq.dataverse.engine.command.exception.CommandException)
Example 10 with PermissionException
use of edu.harvard.iq.dataverse.engine.command.exception.PermissionException in project dataverse by IQSS.
the class RevokeAllRolesCommand method executeImpl.
@Override
protected void executeImpl(CommandContext ctxt) throws CommandException {
if (!(getUser() instanceof AuthenticatedUser) || !getUser().isSuperuser()) {
throw new PermissionException("Revoke Superuser status command can only be called by superusers.", this, null, null);
}
try {
ctxt.roles().revokeAll(assignee);
ctxt.explicitGroups().revokeAllGroupsForAssignee(assignee);
} catch (Exception ex) {
throw new CommandException("Failed to revoke role assignments and/or group membership", this);
}
}
Also used :
PermissionException(edu.harvard.iq.dataverse.engine.command.exception.PermissionException)
CommandException(edu.harvard.iq.dataverse.engine.command.exception.CommandException)
AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)
PermissionException(edu.harvard.iq.dataverse.engine.command.exception.PermissionException)
CommandException(edu.harvard.iq.dataverse.engine.command.exception.CommandException)
Aggregations
PermissionException (edu.harvard.iq.dataverse.engine.command.exception.PermissionException)17
CommandException (edu.harvard.iq.dataverse.engine.command.exception.CommandException)15
AuthenticatedUser (edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)8
DataFile (edu.harvard.iq.dataverse.DataFile)3
Dataset (edu.harvard.iq.dataverse.Dataset)3
RevokeRoleCommand (edu.harvard.iq.dataverse.engine.command.impl.RevokeRoleCommand)3
Dataverse (edu.harvard.iq.dataverse.Dataverse)2
IdServiceBean (edu.harvard.iq.dataverse.IdServiceBean)2
DataverseRole (edu.harvard.iq.dataverse.authorization.DataverseRole)2
IllegalCommandException (edu.harvard.iq.dataverse.engine.command.exception.IllegalCommandException)2
AssignRoleCommand (edu.harvard.iq.dataverse.engine.command.impl.AssignRoleCommand)2
DvObject (edu.harvard.iq.dataverse.DvObject)1
Guestbook (edu.harvard.iq.dataverse.Guestbook)1
RoleAssignment (edu.harvard.iq.dataverse.RoleAssignment)1
ActionLogRecord (edu.harvard.iq.dataverse.actionlogging.ActionLogRecord)1
Permission (edu.harvard.iq.dataverse.authorization.Permission)1
RoleAssignee (edu.harvard.iq.dataverse.authorization.RoleAssignee)1
User (edu.harvard.iq.dataverse.authorization.users.User)1
DataCaptureModuleException (edu.harvard.iq.dataverse.datacapturemodule.DataCaptureModuleException)1
ScriptRequestResponse (edu.harvard.iq.dataverse.datacapturemodule.ScriptRequestResponse)1
