Example 11 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class UserApiKeys method deleteKey.
/**
* Deletes an api key
*
* @param id unique database identifier for the key
* @param secret unique key secret
* @return true if the key is successfully deleted. false otherwise, including if the key cannot be found
* @throws PermissionException if the key being deleted does not belong to user and user does not have
* administrative privileges
*/
public boolean deleteKey(long id, String secret) {
ApiKey key = apiKeyDAO.get(id);
if (key == null)
return false;
if (!key.getSecret().equalsIgnoreCase(secret))
return false;
if (!this.userId.equalsIgnoreCase(key.getOwnerEmail())) {
AccountController accountController = new AccountController();
boolean isAdmin = accountController.isAdministrator(this.userId);
if (!isAdmin)
throw new PermissionException("Cannot delete key you did not create without administrative privileges");
}
apiKeyDAO.delete(key);
return true;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
ApiKey(org.jbei.ice.storage.model.ApiKey)
Example 12 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class Accounts method getAvailableAccounts.
/**
* Retrieves the user records available.
*
* @param userId requesting userid
* @param offset start
* @param limit account count upper limit
* @param asc sort order
* @param sort account sort type
* @return wrapper around list of retrieved requested records and number available for retrieval
*/
public AccountResults getAvailableAccounts(String userId, int offset, int limit, boolean asc, String sort, String filter) {
Account account = accountDAO.getByEmail(userId);
if (!isAdministrator(account))
throw new PermissionException(userId + " does not have the privilege to access all accounts");
AccountResults results = new AccountResults();
List<Account> accounts = accountDAO.getAccounts(offset, limit, sort, asc, filter);
for (Account userAccount : accounts) {
AccountTransfer info = userAccount.toDataTransferObject();
long entryCount = getNumberOfOwnerEntries(account, userAccount.getEmail());
info.setUserEntryCount(entryCount);
info.setAdmin(isAdministrator(userAccount));
results.getResults().add(info);
}
long count = accountDAO.getAccountsCount(filter);
results.setResultCount(count);
return results;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
Account(org.jbei.ice.storage.model.Account)
AccountResults(org.jbei.ice.lib.dto.AccountResults)
Example 13 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class UserSessions method getUserAccount.
/**
* Retrieves the account object associated with the session identifier.
* If the requesting user is not the same as the user associated with the session, then the requesting
* user is required to have administrative privileges on their account
*
* @param requestingUser unique identifier for user making request
* @param token unique session identifier
* @return account associated with the session token/identifier or null if no account is located
* @throws PermissionException if the user Id associated with the session token is not the same as the requesting
* user but the requesting user's account does not have administrative privileges
*/
public static AccountTransfer getUserAccount(String requestingUser, String token) {
String userId = getUserIdBySession(token);
if (StringUtils.isEmpty(userId))
return null;
Account account = DAOFactory.getAccountDAO().getByEmail(userId);
if (account == null) {
Logger.error("Account for userId returned by session (\"" + userId + "\") cannot be found");
return null;
}
AccountController accountController = new AccountController();
if (!requestingUser.equalsIgnoreCase(userId) && !accountController.isAdministrator(requestingUser))
throw new PermissionException();
AccountTransfer accountTransfer = account.toDataTransferObject();
accountTransfer.setAdmin(accountController.isAdministrator(userId));
return accountTransfer;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
Account(org.jbei.ice.storage.model.Account)
Example 14 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class GroupResource method createGroup.
@POST
@Produces(MediaType.APPLICATION_JSON)
public Response createGroup(UserGroup userGroup) {
try {
String userId = requireUserId();
Groups groups = new Groups(userId);
return super.respond(groups.addGroup(userGroup));
} catch (PermissionException pe) {
return super.respond(Response.Status.FORBIDDEN);
}
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
Groups(org.jbei.ice.lib.group.Groups)
Example 15 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class ICEExceptionMapper method toResponse.
@Override
public Response toResponse(Exception exception) {
Response response;
if (exception instanceof WebApplicationException) {
WebApplicationException webEx = (WebApplicationException) exception;
response = webEx.getResponse();
} else if (exception instanceof PermissionException) {
response = Response.status(Response.Status.FORBIDDEN).build();
} else {
response = Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
// Handle logging based on response HTTP codes
final int status = response.getStatus();
// find where the exception came from
final StackTraceElement[] traces = exception.getStackTrace();
final String where;
if (traces.length > 0) {
where = traces[0].toString();
} else {
where = "Unknown trace location";
}
final String info = "HTTP " + status + " thrown from " + where;
// anything 1xx or 2xx using an Exception is weird; log as WARNING
if (status < 300) {
Logger.warn(info);
}
// log all 3xx HTTP errors as INFO
if (300 <= status && status < 400) {
Logger.info(info);
} else // log all 4xx HTTP errors as WARNING
if (400 <= status && status < 500) {
Logger.warn(info);
} else // log all other HTTP errors as ERROR; generates email by default
{
Logger.error(info, exception);
}
return response;
}
Also used :
Response(javax.ws.rs.core.Response)
PermissionException(org.jbei.ice.lib.access.PermissionException)
WebApplicationException(javax.ws.rs.WebApplicationException)
Aggregations
PermissionException (org.jbei.ice.lib.access.PermissionException)49
Account (org.jbei.ice.storage.model.Account)10
AccountController (org.jbei.ice.lib.account.AccountController)7
RemotePartner (org.jbei.ice.storage.model.RemotePartner)6
FolderDetails (org.jbei.ice.lib.dto.folder.FolderDetails)5
TokenHash (org.jbei.ice.lib.account.TokenHash)4
Results (org.jbei.ice.lib.dto.common.Results)4
UserGroup (org.jbei.ice.lib.dto.group.UserGroup)4
Configuration (org.jbei.ice.storage.model.Configuration)4
Group (org.jbei.ice.storage.model.Group)4
ArrayList (java.util.ArrayList)3
AccountTransfer (org.jbei.ice.lib.account.AccountTransfer)3
DNAFeature (org.jbei.ice.lib.dto.DNAFeature)3
PartData (org.jbei.ice.lib.dto.entry.PartData)3
RegistryPartner (org.jbei.ice.lib.dto.web.RegistryPartner)3
HasEntry (org.jbei.ice.lib.entry.HasEntry)3
Annotations (org.jbei.ice.lib.entry.sequence.annotation.Annotations)3
ApiKey (org.jbei.ice.storage.model.ApiKey)3
IOException (java.io.IOException)2
InputStream (java.io.InputStream)2
