Examples with PermissionException org.jbei.ice.lib.access.PermissionException used on opensource projects

Example 26 with PermissionException

use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.

the class ConfigurationController method updateSetting.

public Setting updateSetting(String userId, Setting setting, String url) {
    AccountController accountController = new AccountController();
    if (!accountController.isAdministrator(userId))
        throw new PermissionException("Cannot update system setting without admin privileges");
    ConfigurationKey key = ConfigurationKey.valueOf(setting.getKey());
    if (key == null)
        throw new IllegalArgumentException("Invalid system key " + setting.getKey());
    Configuration configuration = setPropertyValue(key, setting.getValue());
    // check if the setting being updated is related to the web of registries
    if (key == ConfigurationKey.JOIN_WEB_OF_REGISTRIES) {
        WoRController woRController = new WoRController();
        boolean enable = "yes".equalsIgnoreCase(setting.getValue()) || "true".equalsIgnoreCase(setting.getValue());
        woRController.setEnable(userId, enable, url);
    }
    return configuration.toDataTransferObject();
}

Example 27 with PermissionException

use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.

the class BulkUploadController method deleteDraftById.

/**
     * Deletes a bulk import draft referenced by a unique identifier. only owners of the bulk import
     * or administrators are permitted to delete bulk imports
     *
     * @param userId  account of user making the request
     * @param draftId unique identifier for bulk import
     * @return deleted bulk import
     * @throws PermissionException
     */
public BulkUploadInfo deleteDraftById(String userId, long draftId) throws PermissionException {
    BulkUpload draft = dao.get(draftId);
    if (draft == null)
        return null;
    Account draftAccount = draft.getAccount();
    if (!userId.equals(draftAccount.getEmail()) && !accountController.isAdministrator(userId))
        throw new PermissionException("No permissions to delete draft " + draftId);
    BulkUploadDeleteTask task = new BulkUploadDeleteTask(userId, draftId);
    IceExecutorService.getInstance().runTask(task);
    BulkUploadInfo draftInfo = draft.toDataTransferObject();
    AccountTransfer accountTransfer = draft.getAccount().toDataTransferObject();
    draftInfo.setAccount(accountTransfer);
    return draftInfo;
}

Example 28 with PermissionException

use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.

the class SequenceController method getRequestedSequence.

// responds to remote requested entry sequence
public FeaturedDNASequence getRequestedSequence(RegistryPartner requestingPartner, String remoteUserId, String token, String entryId, long folderId) {
    Entry entry = getEntry(entryId);
    if (entry == null)
        return null;
    // see folderContents.getRemoteSharedContents
    // folder that the entry is contained in
    Folder folder = DAOFactory.getFolderDAO().get(folderId);
    RemotePartner remotePartner = DAOFactory.getRemotePartnerDAO().getByUrl(requestingPartner.getUrl());
    // check that the remote user has the right token
    RemoteShareModel shareModel = DAOFactory.getRemoteShareModelDAO().get(remoteUserId, remotePartner, folder);
    if (shareModel == null) {
        Logger.error("Could not retrieve share model");
        return null;
    }
    // folder must match
    Permission permission = shareModel.getPermission();
    if (permission.getFolder().getId() != folderId) {
        String msg = "Shared folder does not match folder being requested";
        Logger.error(msg);
        throw new PermissionException(msg);
    }
    // validate access token
    TokenHash tokenHash = new TokenHash();
    String secret = tokenHash.encrypt(folderId + remotePartner.getUrl() + remoteUserId, token);
    if (!secret.equals(shareModel.getSecret())) {
        throw new PermissionException("Secret does not match");
    }
    // check that entry id is contained in folder
    return getFeaturedSequence(entry, permission.isCanWrite());
}

Example 29 with PermissionException

use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.

the class CollectionEntries method getPersonalEntries.

/**
     * Retrieves entries owned by user
     *
     * @param field  sort field
     * @param asc    sort order
     * @param offset paging start
     * @param limit  maximum number of entries to retrieve
     * @param filter optional text to filter entries by
     * @return wrapper around list of parts that conform to the parameters and the maximum number
     * of such entries that are available
     * @throws PermissionException on null user id which is required for owner entries
     */
protected Results<PartData> getPersonalEntries(ColumnField field, boolean asc, int offset, int limit, String filter) {
    if (userId == null || userId.isEmpty())
        throw new PermissionException("User id is required to retrieve owner entries");
    OwnerEntries ownerEntries = new OwnerEntries(userId, userId);
    final List<PartData> entries = ownerEntries.retrieveOwnerEntries(field, asc, offset, limit, filter);
    final long count = ownerEntries.getNumberOfOwnerEntries();
    Results<PartData> results = new Results<>();
    results.setResultCount(count);
    results.setData(entries);
    return results;
}

Example 30 with PermissionException

use of org.jbei.ice.lib.access.PermissionException in project ice by JBEI.

the class RequestRetriever method getFolderRequests.

public UserSamples getFolderRequests(String userId, int start, int limit, String sort, boolean asc, String folderNameFilter) {
    // admin feature
    if (!new AccountController().isAdministrator(userId))
        throw new PermissionException("Admin privileges required for this action");
    List<SampleCreateModel> models = DAOFactory.getSampleCreateModelDAO().list(start, limit, sort, asc, folderNameFilter);
    UserSamples result = new UserSamples();
    for (SampleCreateModel model : models) {
        SampleRequest request = new SampleRequest();
        request.setId(model.getId());
        request.setStatus(model.getStatus());
        FolderDetails details = model.getFolder().toDataTransferObject();
        details.setCount(DAOFactory.getFolderDAO().getFolderSize(details.getId(), null, true));
        request.setFolderDetails(details);
        request.setRequester(model.getAccount().toDataTransferObject());
        request.setRequestTime(model.getRequested().getTime());
        request.setUpdateTime(model.getUpdated().getTime());
        result.getRequests().add(request);
    }
    long available = DAOFactory.getSampleCreateModelDAO().availableCount(folderNameFilter);
    result.setCount(Long.valueOf(available).intValue());
    return result;
}