use of org.activityinfo.shared.exception.IllegalAccessCommandException in project activityinfo by bedatadriven.
the class AddPartnerHandler method execute.
@Override
@SuppressWarnings("unchecked")
public CommandResult execute(AddPartner cmd, User user) throws CommandException {
UserDatabase db = em.find(UserDatabase.class, cmd.getDatabaseId());
if (db.getOwner().getId() != user.getId()) {
UserPermission perm = db.getPermissionByUser(user);
if (perm == null || !perm.isAllowManageAllUsers()) {
throw new IllegalAccessCommandException("The user does not have the manageAllUsers permission.");
}
}
// first check to see if an organization by this name is already
// a partner
Set<Partner> dbPartners = db.getPartners();
for (Partner partner : dbPartners) {
if (partner.getName().equals(cmd.getPartner().getName())) {
return new DuplicateCreateResult();
}
}
// now try to match this partner by name
List<Partner> allPartners = em.createQuery("select p from Partner p where p.name = ?1").setParameter(1, cmd.getPartner().getName()).getResultList();
if (allPartners.size() != 0) {
db.getPartners().add(allPartners.get(0));
return new CreateResult(allPartners.get(0).getId());
}
// nope, have to create a new record
Partner newPartner = new Partner();
newPartner.setName(cmd.getPartner().getName());
newPartner.setFullName(cmd.getPartner().getFullName());
em.persist(newPartner);
db.setLastSchemaUpdate(new Date());
em.persist(db);
db.getPartners().add(newPartner);
return new CreateResult(newPartner.getId());
}
use of org.activityinfo.shared.exception.IllegalAccessCommandException in project activityinfo by bedatadriven.
the class RemovePartnerHandler method execute.
@Override
public CommandResult execute(RemovePartner cmd, User user) throws CommandException {
// verify the current user has access to this site
UserDatabase db = em.find(UserDatabase.class, cmd.getDatabaseId());
if (db.getOwner().getId() != user.getId()) {
UserPermission perm = db.getPermissionByUser(user);
if (perm == null || !perm.isAllowDesign()) {
throw new IllegalAccessCommandException();
}
}
// check to see if there are already sites associated with this partner
int siteCount = ((Number) em.createQuery("select count(s) " + "from Site s " + "where s.activity.id in (select a.id from Activity a where a.database.id = :dbId) " + "and s.partner.id = :partnerId " + "and s.dateDeleted is null").setParameter("dbId", cmd.getDatabaseId()).setParameter("partnerId", cmd.getPartnerId()).getSingleResult()).intValue();
if (siteCount > 0) {
return new RemoveFailedResult();
}
db.getPartners().remove(em.getReference(Partner.class, cmd.getPartnerId()));
db.setLastSchemaUpdate(new Date());
return new RemoveResult();
}
use of org.activityinfo.shared.exception.IllegalAccessCommandException in project activityinfo by bedatadriven.
the class UpdateReportModelHandler method execute.
@Override
public CommandResult execute(final UpdateReportModel cmd, final User user) throws CommandException {
Query query = em.createQuery("select r from ReportDefinition r where r.id in (:id)").setParameter("id", cmd.getModel().getId());
ReportDefinition result = (ReportDefinition) query.getSingleResult();
if (result.getOwner().getId() != user.getId()) {
throw new IllegalAccessCommandException("Current user does not have the right to edit this report");
}
result.setTitle(cmd.getModel().getTitle());
// result.setJson(cmd.getReportJsonModel());
try {
result.setXml(ReportParserJaxb.createXML(cmd.getModel()));
} catch (JAXBException e) {
throw new UnexpectedCommandException(e);
}
em.persist(result);
return null;
}
Aggregations