Example 36 with InsufficientPermissionException
use of org.akaza.openclinica.web.InsufficientPermissionException in project OpenClinica by OpenClinica.
the class AccessFileServlet method processRequest.
@Override
public void processRequest() throws Exception {
FormProcessor fp = new FormProcessor(request);
int fileId = fp.getInt("fileId");
ArchivedDatasetFileDAO asdfdao = new ArchivedDatasetFileDAO(sm.getDataSource());
DatasetDAO dsDao = new DatasetDAO(sm.getDataSource());
ArchivedDatasetFileBean asdfBean = (ArchivedDatasetFileBean) asdfdao.findByPK(fileId);
StudyDAO studyDao = new StudyDAO(sm.getDataSource());
DatasetBean dsBean = (DatasetBean) dsDao.findByPK(asdfBean.getDatasetId());
int parentId = currentStudy.getParentStudyId();
if (//Logged in at study level
parentId == 0) {
StudyBean studyBean = (StudyBean) studyDao.findByPK(dsBean.getStudyId());
//parent id of dataset created
parentId = studyBean.getParentStudyId();
}
//logic: is parentId of the dataset created not equal to currentstudy? or is current study
if (parentId != currentStudy.getId())
if (dsBean.getStudyId() != currentStudy.getId()) {
addPageMessage(respage.getString("no_have_correct_privilege_current_study") + respage.getString("change_study_contact_sysadmin"));
// TODO
throw new InsufficientPermissionException(Page.MENU_SERVLET, resexception.getString("not_allowed_access_extract_data_servlet"), "1");
}
// asdfBean.setWebPath(WEB_DIR+
// asdfBean.getDatasetId()+
// "/"+
// asdfBean.getName());
Page finalTarget = Page.EXPORT_DATA_CUSTOM;
/*
* if (asdfBean.getExportFormatId() ==
* ExportFormatBean.EXCELFILE.getId()) { //
* response.setContentType("application/octet-stream");
* response.setHeader("Content-Disposition", "attachment; filename=" +
* asdfBean.getName()); logger.info("found file name: "+
* finalTarget.getFileName()); //
* finalTarget.setFileName(asdfBean.getWebPath()); finalTarget =
* Page.GENERATE_EXCEL_DATASET; } else {
*/
logger.debug("found file reference: " + asdfBean.getFileReference() + " and file name: " + asdfBean.getName());
if (asdfBean.getFileReference().endsWith(".zip")) {
response.setHeader("Content-disposition", "attachment; filename=\"" + asdfBean.getName() + "\";");
response.setContentType("application/zip");
// response.setContentType("application/download");
} else if (asdfBean.getFileReference().endsWith(".pdf")) {
response.setHeader("Content-disposition", "attachment; filename=\"" + asdfBean.getName() + "\";");
response.setContentType("application/pdf");
// response.setContentType("application/download; application/pdf");
} else if (asdfBean.getFileReference().endsWith(".csv")) {
response.setHeader("Content-disposition", "attachment; filename=\"" + asdfBean.getName() + "\";");
response.setContentType("text/csv");
// response.setContentType("application/download; text/csv");
} else if (asdfBean.getFileReference().endsWith(".xml")) {
response.setHeader("Content-disposition", "attachment; filename=\"" + asdfBean.getName() + "\";");
response.setContentType("text/xml");
// response.setContentType("application/download; text/xml");
} else if (asdfBean.getFileReference().endsWith(".html")) {
response.setHeader("Content-disposition", "filename=\"" + asdfBean.getName() + "\";");
response.setContentType("text/html; charset=utf-8");
} else {
// response.setContentType("text/plain");
// to ensure backwards compatability to text files shown on server
// not needed anymore? tbh 10/2010
}
finalTarget.setFileName("/WEB-INF/jsp/extract/generatedFileDataset.jsp");
// }
// finalTarget.setFileName(asdfBean.getWebPath());
request.setAttribute("generate", asdfBean.getFileReference());
response.setHeader("Pragma", "public");
forwardPage(finalTarget);
}
Also used :
ArchivedDatasetFileDAO(org.akaza.openclinica.dao.extract.ArchivedDatasetFileDAO)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
DatasetBean(org.akaza.openclinica.bean.extract.DatasetBean)
StudyBean(org.akaza.openclinica.bean.managestudy.StudyBean)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
Page(org.akaza.openclinica.view.Page)
DatasetDAO(org.akaza.openclinica.dao.extract.DatasetDAO)
StudyDAO(org.akaza.openclinica.dao.managestudy.StudyDAO)
ArchivedDatasetFileBean(org.akaza.openclinica.bean.extract.ArchivedDatasetFileBean)
Example 37 with InsufficientPermissionException
use of org.akaza.openclinica.web.InsufficientPermissionException in project OpenClinica by OpenClinica.
the class StudyAuditLogServlet method mayProceed.
/*
* (non-Javadoc) Since access to this servlet is admin-only, restricts user
* to see logs of specific users only @author thickerson
* @see org.akaza.openclinica.control.core.SecureController#mayProceed()
*/
@Override
protected void mayProceed() throws InsufficientPermissionException {
if (ub.isSysAdmin()) {
return;
}
Role r = currentRole.getRole();
if (r.equals(Role.STUDYDIRECTOR) || r.equals(Role.COORDINATOR) || r.equals(Role.MONITOR)) {
return;
}
addPageMessage(respage.getString("no_have_correct_privilege_current_study") + respage.getString("change_study_contact_sysadmin"));
throw new InsufficientPermissionException(Page.MENU_SERVLET, resexception.getString("not_director"), "1");
}
Also used :
Role(org.akaza.openclinica.bean.core.Role)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
Example 38 with InsufficientPermissionException
use of org.akaza.openclinica.web.InsufficientPermissionException in project OpenClinica by OpenClinica.
the class SignStudySubjectServlet method mayAccess.
public void mayAccess() throws InsufficientPermissionException {
FormProcessor fp = new FormProcessor(request);
StudySubjectDAO subdao = new StudySubjectDAO(sm.getDataSource());
int studySubId = fp.getInt("id", true);
if (studySubId > 0) {
if (!entityIncluded(studySubId, ub.getName(), subdao, sm.getDataSource())) {
addPageMessage(respage.getString("required_study_subject_not_belong"));
throw new InsufficientPermissionException(Page.MENU, resexception.getString("entity_not_belong_studies"), "1");
}
}
}
Also used :
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
StudySubjectDAO(org.akaza.openclinica.dao.managestudy.StudySubjectDAO)
Example 39 with InsufficientPermissionException
use of org.akaza.openclinica.web.InsufficientPermissionException in project OpenClinica by OpenClinica.
the class TestRuleServlet method mayProceed.
@Override
public void mayProceed() throws InsufficientPermissionException {
locale = LocaleResolver.getLocale(request);
if (ub.isSysAdmin()) {
return;
}
Role r = currentRole.getRole();
if (r.equals(Role.STUDYDIRECTOR) || r.equals(Role.COORDINATOR)) {
return;
}
addPageMessage(respage.getString("no_have_correct_privilege_current_study") + respage.getString("change_study_contact_sysadmin"));
throw new InsufficientPermissionException(Page.MENU_SERVLET, resexception.getString("may_not_submit_data"), "1");
}
Also used :
Role(org.akaza.openclinica.bean.core.Role)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
Example 40 with InsufficientPermissionException
use of org.akaza.openclinica.web.InsufficientPermissionException in project OpenClinica by OpenClinica.
the class TableOfContentsServlet method mayProceed.
/*
* (non-Javadoc)
*
* @see org.akaza.openclinica.control.core.SecureController#mayProceed()
*/
@Override
protected void mayProceed() throws InsufficientPermissionException {
fp = new FormProcessor(request);
getEventCRFAndAction();
Role r = currentRole.getRole();
boolean isSuper = DisplayEventCRFBean.isSuper(ub, r);
if (!SubmitDataServlet.maySubmitData(ub, currentRole)) {
String exceptionName = resexception.getString("no_permission_to_perform_data_entry");
String noAccessMessage = respage.getString("you_may_not_perform_data_entry_on_a_CRF") + " " + respage.getString("change_study_contact_study_coordinator");
addPageMessage(noAccessMessage);
throw new InsufficientPermissionException(Page.MENU, exceptionName, "1");
}
// we're creating an event crf
if (action.equals(ACTION_START_INITIAL_DATA_ENTRY)) {
return;
} else // we're editing an existing event crf
{
if (!ecb.isActive()) {
addPageMessage(respage.getString("event_CRF_not_exist_contact_study_coordinator"));
throw new InsufficientPermissionException(Page.LIST_STUDY_SUBJECTS_SERVLET, resexception.getString("event_CRF_not_belong_current_study"), "1");
}
if (action.equals(ACTION_CONTINUE_INITIAL_DATA_ENTRY)) {
if (ecb.getOwnerId() == ub.getId() || isSuper) {
return;
} else {
addPageMessage(respage.getString("not_begin_DE_on_CRF_not_resume_DE"));
throw new InsufficientPermissionException(Page.LIST_STUDY_SUBJECTS_SERVLET, resexception.getString("event_CRF_not_belong_current_user"), "1");
}
} else if (action.equals(ACTION_START_DOUBLE_DATA_ENTRY)) {
if (ecb.getOwnerId() != ub.getId()) {
return;
} else {
if (!DisplayEventCRFBean.initialDataEntryCompletedMoreThanTwelveHoursAgo(ecb) && !isSuper) {
addPageMessage(respage.getString("began_DE_on_CRF_marked_complete_less_12_not_begin_DE"));
throw new InsufficientPermissionException(Page.LIST_STUDY_SUBJECTS_SERVLET, resexception.getString("owner_attempting_DDE_12_hours"), "1");
} else {
return;
}
}
} else if (action.equals(ACTION_CONTINUE_INITIAL_DATA_ENTRY)) {
if (ecb.getValidatorId() == ub.getId() || isSuper) {
return;
} else {
addPageMessage(respage.getString("not_begin_DDE_on_CRF_not_resume_DE"));
throw new InsufficientPermissionException(Page.LIST_STUDY_SUBJECTS_SERVLET, resexception.getString("validation_event_CRF_not_begun_user"), "1");
}
} else if (action.equals(ACTION_ADMINISTRATIVE_EDITING)) {
if (isSuper) {
return;
} else {
addPageMessage(respage.getString("you_may_not_perform_administrative_editing") + " " + respage.getString("change_study_contact_study_coordinator"));
throw new InsufficientPermissionException(Page.LIST_STUDY_SUBJECTS_SERVLET, resexception.getString("no_permission_to_perform_administrative_editing"), "1");
}
}
// end else if (action.equals(ACTION_ADMINISTRATIVE_EDITING))
}
// end else (for actions other than ACTION_START_INITIAL_DATA_ENTRY
}
Also used :
Role(org.akaza.openclinica.bean.core.Role)
FormProcessor(org.akaza.openclinica.control.form.FormProcessor)
InsufficientPermissionException(org.akaza.openclinica.web.InsufficientPermissionException)
Aggregations
InsufficientPermissionException (org.akaza.openclinica.web.InsufficientPermissionException)43
Role (org.akaza.openclinica.bean.core.Role)25
FormProcessor (org.akaza.openclinica.control.form.FormProcessor)14
UserAccountBean (org.akaza.openclinica.bean.login.UserAccountBean)12
StudyUserRoleBean (org.akaza.openclinica.bean.login.StudyUserRoleBean)10
StudyBean (org.akaza.openclinica.bean.managestudy.StudyBean)10
ArrayList (java.util.ArrayList)8
StudyEventBean (org.akaza.openclinica.bean.managestudy.StudyEventBean)8
StudyEventDAO (org.akaza.openclinica.dao.managestudy.StudyEventDAO)8
StudyDAO (org.akaza.openclinica.dao.managestudy.StudyDAO)7
EventCRFBean (org.akaza.openclinica.bean.submit.EventCRFBean)6
StudySubjectDAO (org.akaza.openclinica.dao.managestudy.StudySubjectDAO)6
HttpSession (javax.servlet.http.HttpSession)5
StudyEventDefinitionBean (org.akaza.openclinica.bean.managestudy.StudyEventDefinitionBean)5
StudyEventDefinitionDAO (org.akaza.openclinica.dao.managestudy.StudyEventDefinitionDAO)5
EventCRFDAO (org.akaza.openclinica.dao.submit.EventCRFDAO)5
DateFormat (java.text.DateFormat)4
Date (java.util.Date)4
HashMap (java.util.HashMap)4
List (java.util.List)4
