Example 21 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class RemoteEntries method transferEntries.
/**
* Schedules a task to handle the transfer
*
* @param userId identifier of user making request
* @param remoteId local unique identifier for partner to transfer to
* @param selection context for generating entries to transfer or list of entries
* @throws PermissionException if user making request is not an administrator
*/
public void transferEntries(String userId, long remoteId, EntrySelection selection) {
AccountController accountController = new AccountController();
if (!accountController.isAdministrator(userId))
throw new PermissionException("Administrative privileges required to transfer entries");
TransferTask task = new TransferTask(userId, remoteId, selection);
IceExecutorService.getInstance().runTask(task);
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
TransferTask(org.jbei.ice.lib.executor.TransferTask)
AccountController(org.jbei.ice.lib.account.AccountController)
Example 22 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class WebPartners method updateAPIKey.
/**
* Refreshes the API key for the referenced partner
*
* @param userId identifier for user making request. Must have administrative privileges
* @param id unique (local) identifier for remote partner whose API key is being refreshed
* @return null if this instance is not in web of registries
* @throws PermissionException if user making request does not have administrative privileges
* @throws IllegalArgumentException if the partner identifier is invalid (cannot be used to retrieve a valid
* partner)
*/
public RegistryPartner updateAPIKey(String userId, long id) {
if (!isInWebOfRegistries())
return null;
if (!accountController.isAdministrator(userId))
throw new PermissionException(userId + " is not an admin");
RemotePartner partner = dao.get(id);
if (partner == null) {
throw new IllegalArgumentException("Cannot retrieve partner with id " + id);
}
RegistryPartner thisPartner = getThisInstanceWithNewApiKey();
if (thisPartner == null) {
Logger.error("Cannot exchange api token with remote host due to invalid local url");
return null;
}
// contact partner (with new key) to refresh its api key for this partner
RegistryPartner remotePartner = remoteContact.refreshPartnerKey(thisPartner, partner.getUrl(), partner.getApiKey());
if (remotePartner == null) {
// contact failed (keeping existing key)
Logger.error("Remote contact of partner " + partner.getUrl() + " to update api key failed");
return null;
}
// contact succeeded with return of api key, generate new salt
partner.setSalt(tokenHash.generateSalt());
String hash = tokenHash.encrypt(thisPartner.getApiKey() + remotePartner.getUrl(), partner.getSalt());
partner.setAuthenticationToken(hash);
// todo : check api key (validate?)
partner.setApiKey(remotePartner.getApiKey());
partner = dao.update(partner);
return partner.toDataTransferObject();
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
RemotePartner(org.jbei.ice.storage.model.RemotePartner)
RegistryPartner(org.jbei.ice.lib.dto.web.RegistryPartner)
Example 23 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class WebPartners method removeRemotePartner.
/**
* Delete the partner information specified by the url in the param
*
* @param id unique local identifier of the partner making request.
* @param url url of partner being deleted
* @return true if specified partner is successfully removed, false otherwise
*/
public boolean removeRemotePartner(long id, String url) {
RemotePartner requester = dao.get(id);
if (requester == null)
throw new IllegalArgumentException("Could not retrieve partner with local id " + id);
if (!requester.getUrl().equalsIgnoreCase(url)) {
throw new PermissionException("Cannot delete another partner's record");
}
dao.delete(requester);
return true;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
RemotePartner(org.jbei.ice.storage.model.RemotePartner)
Example 24 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class Experiments method deleteStudy.
/**
* Deletes a study associated with the specified part and with the specified unique identifier.
* User making request must have created the study ({@see createOrUpdateStudy()}) or must have write
* permissions for the part that the study is associated with
*
* @param studyId id of study to be deleted
* @return true if study is found and deleted successfully, false otherwise
*/
public boolean deleteStudy(long studyId) {
Experiment experiment = dao.get(studyId);
if (experiment == null)
return false;
if (!userId.equalsIgnoreCase(experiment.getOwnerEmail()) && !entryAuthorization.canWrite(userId, entry)) {
throw new PermissionException("Cannot delete experiment");
}
dao.delete(experiment);
return true;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
Experiment(org.jbei.ice.storage.model.Experiment)
Example 25 with PermissionException
use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.
the class FolderContents method remotelyAddEntrySelection.
// adds a specified entry to a folder. The entry was transferred earlier so already exists
public boolean remotelyAddEntrySelection(String remoteUserId, long folderId, String remoteUserToken, EntrySelection selection, RegistryPartner requestingPartner) {
// folder that the entry is contained in
Folder folder = folderDAO.get(folderId);
if (folder == null)
return false;
RemotePartner remotePartner = DAOFactory.getRemotePartnerDAO().getByUrl(requestingPartner.getUrl());
// check that the remote user has the right token
Permission shareModel = permissionDAO.get(remoteUserId, remotePartner, folder);
if (shareModel == null) {
Logger.error("Could not retrieve share model");
return false;
}
if (shareModel.getFolder().getId() != folderId || !shareModel.isCanWrite()) {
throw new PermissionException("permission could not be verified");
}
// validate access token
TokenHash tokenHash = new TokenHash();
String secret = tokenHash.encrypt(remotePartner.getUrl() + remoteUserId, remoteUserToken);
if (!secret.equals(shareModel.getSecret())) {
throw new PermissionException("Secret does not match");
}
List<Long> entries = selection.getEntries();
DAOFactory.getEntryDAO().setEntryVisibility(entries, Visibility.OK);
// good to go?
FolderDetails details = addEntriesToTransferredFolder(entries, folder);
return details != null;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
AccessPermission(org.jbei.ice.lib.dto.access.AccessPermission)
FolderDetails(org.jbei.ice.lib.dto.folder.FolderDetails)
TokenHash(org.jbei.ice.lib.account.TokenHash)
Aggregations
PermissionException (org.jbei.ice.lib.access.PermissionException)49
Account (org.jbei.ice.storage.model.Account)10
AccountController (org.jbei.ice.lib.account.AccountController)7
RemotePartner (org.jbei.ice.storage.model.RemotePartner)6
FolderDetails (org.jbei.ice.lib.dto.folder.FolderDetails)5
TokenHash (org.jbei.ice.lib.account.TokenHash)4
Results (org.jbei.ice.lib.dto.common.Results)4
UserGroup (org.jbei.ice.lib.dto.group.UserGroup)4
Configuration (org.jbei.ice.storage.model.Configuration)4
Group (org.jbei.ice.storage.model.Group)4
ArrayList (java.util.ArrayList)3
AccountTransfer (org.jbei.ice.lib.account.AccountTransfer)3
DNAFeature (org.jbei.ice.lib.dto.DNAFeature)3
PartData (org.jbei.ice.lib.dto.entry.PartData)3
RegistryPartner (org.jbei.ice.lib.dto.web.RegistryPartner)3
HasEntry (org.jbei.ice.lib.entry.HasEntry)3
Annotations (org.jbei.ice.lib.entry.sequence.annotation.Annotations)3
ApiKey (org.jbei.ice.storage.model.ApiKey)3
IOException (java.io.IOException)2
InputStream (java.io.InputStream)2
