Example 1 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class RequestRetriever method updateStatus.
public SampleRequest updateStatus(String userId, long requestId, SampleRequestStatus newStatus) {
Request request = dao.get(requestId);
if (request == null)
return null;
Account account = DAOFactory.getAccountDAO().getByEmail(userId);
if (!request.getAccount().getEmail().equalsIgnoreCase(userId) && account.getType() != AccountType.ADMIN) {
throw new PermissionException("No permissions for request");
}
if (request.getStatus() == newStatus)
return request.toDataTransferObject();
request.setStatus(newStatus);
request.setUpdated(new Date());
return dao.update(request).toDataTransferObject();
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
Account(org.jbei.ice.storage.model.Account)
Request(org.jbei.ice.storage.model.Request)
Example 2 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class ConfigurationController method autoUpdateSetting.
// update the setting automatically. Currently works only for blast installations
public Setting autoUpdateSetting(String userId, Setting setting) {
AccountController accountController = new AccountController();
if (!accountController.isAdministrator(userId))
throw new PermissionException("Cannot auto update system setting without admin privileges");
Configuration configuration = dao.get(setting.getKey());
if (configuration == null) {
Logger.error("Could not retrieve setting " + setting.getKey());
return null;
}
String osName = System.getProperty("os.name").replaceAll("\\s+", "").toLowerCase();
String blast = "ncbi-blast-2.6.0+-x64-" + osName + ".tar.gz";
Path path = Paths.get(dao.get(ConfigurationKey.TEMPORARY_DIRECTORY).getValue(), blast);
Path dest = Paths.get(dao.get(ConfigurationKey.DATA_DIRECTORY).getValue());
if (!Files.exists(dest)) {
Logger.error("Cannot access access dir : " + dest.toString());
return null;
}
try (InputStream is = (new URL(BLAST_FTP_DIR + blast)).openStream()) {
Files.copy(is, path.toAbsolutePath(), StandardCopyOption.REPLACE_EXISTING);
Archiver archiver = ArchiverFactory.createArchiver("tar", "gz");
archiver.extract(path.toFile(), dest.toFile());
Path valuePath = Paths.get(dest.toString(), "ncbi-blast-2.6.0+", "bin");
configuration.setValue(valuePath.toString());
Files.list(valuePath).forEach(dirPath -> {
try {
Files.setPosixFilePermissions(dirPath, PosixFilePermissions.fromString("rwxrwxrwx"));
} catch (IOException e) {
Logger.error(e);
}
});
return dao.update(configuration).toDataTransferObject();
} catch (Exception e) {
Logger.error(e);
return null;
}
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
Path(java.nio.file.Path)
Configuration(org.jbei.ice.storage.model.Configuration)
InputStream(java.io.InputStream)
IOException(java.io.IOException)
Archiver(org.rauschig.jarchivelib.Archiver)
URL(java.net.URL)
IOException(java.io.IOException)
PermissionException(org.jbei.ice.lib.access.PermissionException)
AccountController(org.jbei.ice.lib.account.AccountController)
Example 3 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class BulkUploads method deleteDraftById.
/**
* Deletes a bulk import draft referenced by a unique identifier. only owners of the bulk import
* or administrators are permitted to delete bulk imports
*
* @param userId account of user making the request
* @param draftId unique identifier for bulk import
* @return deleted bulk import
* @throws PermissionException if lacking permissions
*/
public BulkUploadInfo deleteDraftById(String userId, long draftId) throws PermissionException {
BulkUpload draft = dao.get(draftId);
if (draft == null)
return null;
Account draftAccount = draft.getAccount();
if (!userId.equals(draftAccount.getEmail()) && !accountController.isAdministrator(userId))
throw new PermissionException("No permissions to delete draft " + draftId);
BulkUploadDeleteTask task = new BulkUploadDeleteTask(userId, draftId);
IceExecutorService.getInstance().runTask(task);
BulkUploadInfo draftInfo = draft.toDataTransferObject();
AccountTransfer accountTransfer = draft.getAccount().toDataTransferObject();
draftInfo.setAccount(accountTransfer);
return draftInfo;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
AccountTransfer(org.jbei.ice.lib.account.AccountTransfer)
Example 4 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class EntryController method getRequestedEntry.
public PartData getRequestedEntry(String remoteUserId, String token, String entryId, long folderId, RegistryPartner requestingPartner) {
Entry entry = getEntry(entryId);
if (entry == null)
return null;
// see folderContents.getRemoteSharedContents
// folder that the entry is contained in
Folder folder = DAOFactory.getFolderDAO().get(folderId);
if (folder == null) {
// must be a public entry (todo : move to separate method
if (!permissionsController.isPubliclyVisible(entry))
throw new PermissionException("Not a public entry");
return retrieveEntryDetails(null, entry);
}
RemotePartner remotePartner = DAOFactory.getRemotePartnerDAO().getByUrl(requestingPartner.getUrl());
// check that the remote user has the right token
Permission shareModel = DAOFactory.getPermissionDAO().get(remoteUserId, remotePartner, folder);
if (shareModel == null) {
Logger.error("Could not retrieve share model");
return null;
}
// validate access token
TokenHash tokenHash = new TokenHash();
String secret = tokenHash.encrypt(folderId + remotePartner.getUrl() + remoteUserId, token);
if (!secret.equals(shareModel.getSecret())) {
throw new PermissionException("Secret does not match");
}
// check that entry id is contained in folder
return retrieveEntryDetails(null, entry);
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
TokenHash(org.jbei.ice.lib.account.TokenHash)
Example 5 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class Sequences method bulkUpdate.
/**
* Bulk update sequences based on uploaded zip file
* containing sequences, where the sequence name is the (unique) part number of the entry.
* If there is an existing sequence associated with the entry, it is deleted.
*
* @param userId userId of user making request
* @param fileInputStream input stream of zip file
*/
public List<String> bulkUpdate(String userId, InputStream fileInputStream) throws IOException {
if (!new AccountController().isAdministrator(userId))
throw new PermissionException("Must have admin privileges to use this feature");
List<String> errors = new ArrayList<>();
Logger.info("Starting bulk update of sequences");
try (ZipInputStream stream = new ZipInputStream(fileInputStream)) {
ZipEntry zipEntry;
while ((zipEntry = stream.getNextEntry()) != null) {
if (zipEntry.isDirectory())
continue;
String name = zipEntry.getName();
if (name.contains("/"))
name = name.substring(name.lastIndexOf("/") + 1);
if (name.startsWith(".") || name.startsWith("_"))
continue;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int len;
byte[] data = new byte[1024];
while ((len = stream.read(data)) > 0) {
out.write(data, 0, len);
}
stream.closeEntry();
String entryName = name.substring(0, name.indexOf('.'));
Entry entry = DAOFactory.getEntryDAO().getByPartNumber(entryName);
if (entry == null) {
errors.add(name);
continue;
}
String sequenceString = new String(out.toByteArray());
FeaturedDNASequence dnaSequence = GeneralParser.parse(sequenceString);
if (dnaSequence == null) {
Logger.error("Could not parse sequence for " + name);
errors.add(name);
continue;
}
Logger.info("Updating sequence for entry " + entry.getPartNumber() + " as part of bulk update");
PartSequence partSequence = new PartSequence(userId, entry.getPartNumber());
partSequence.delete();
partSequence.save(dnaSequence);
}
}
Logger.info("Completed bulk upload of sequences with " + errors.size() + " errors");
return errors;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
ZipEntry(java.util.zip.ZipEntry)
ArrayList(java.util.ArrayList)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
FeaturedDNASequence(org.jbei.ice.lib.dto.FeaturedDNASequence)
ZipInputStream(java.util.zip.ZipInputStream)
ZipEntry(java.util.zip.ZipEntry)
HasEntry(org.jbei.ice.lib.entry.HasEntry)
AccountController(org.jbei.ice.lib.account.AccountController)
Aggregations
PermissionException (org.jbei.ice.lib.access.PermissionException)49
Account (org.jbei.ice.storage.model.Account)10
AccountController (org.jbei.ice.lib.account.AccountController)7
RemotePartner (org.jbei.ice.storage.model.RemotePartner)6
FolderDetails (org.jbei.ice.lib.dto.folder.FolderDetails)5
TokenHash (org.jbei.ice.lib.account.TokenHash)4
Results (org.jbei.ice.lib.dto.common.Results)4
UserGroup (org.jbei.ice.lib.dto.group.UserGroup)4
Configuration (org.jbei.ice.storage.model.Configuration)4
Group (org.jbei.ice.storage.model.Group)4
ArrayList (java.util.ArrayList)3
AccountTransfer (org.jbei.ice.lib.account.AccountTransfer)3
DNAFeature (org.jbei.ice.lib.dto.DNAFeature)3
PartData (org.jbei.ice.lib.dto.entry.PartData)3
RegistryPartner (org.jbei.ice.lib.dto.web.RegistryPartner)3
HasEntry (org.jbei.ice.lib.entry.HasEntry)3
Annotations (org.jbei.ice.lib.entry.sequence.annotation.Annotations)3
ApiKey (org.jbei.ice.storage.model.ApiKey)3
IOException (java.io.IOException)2
InputStream (java.io.InputStream)2
