Search in sources :

Example 11 with Account

use of org.jbei.ice.storage.model.Account in project ice by JBEI.

the class Groups method addGroup.

/**
     * Adds group to the list of groups for current user
     *
     * @param userGroup information about group to be added, including members (local and remote)
     * @return added group
     */
public UserGroup addGroup(UserGroup userGroup) {
    if (userGroup.getType() == null)
        userGroup.setType(GroupType.PRIVATE);
    if (userGroup.getType() == GroupType.PUBLIC && !accountController.isAdministrator(userId)) {
        String errMsg = "Non admin '" + userId + "' attempting to create public group";
        Logger.error(errMsg);
        throw new PermissionException(errMsg);
    }
    Account account = accountDAO.getByEmail(userId);
    Group group = new Group();
    group.setUuid(Utils.generateUUID());
    group.setLabel(userGroup.getLabel());
    group.setDescription(userGroup.getDescription() == null ? "" : userGroup.getDescription());
    group.setType(userGroup.getType());
    group.setOwner(account);
    group.setAutoJoin(userGroup.isAutoJoin());
    group.setCreationTime(new Date());
    group = dao.create(group);
    // add local members
    if (userGroup.getMembers() != null && !userGroup.getMembers().isEmpty()) {
        for (AccountTransfer accountTransfer : userGroup.getMembers()) {
            Account memberAccount = accountDAO.getByEmail(accountTransfer.getEmail());
            if (memberAccount == null)
                continue;
            group.getMembers().add(memberAccount);
            memberAccount.getGroups().add(group);
            accountDAO.update(memberAccount);
        }
    }
    // add remote members
    for (RemoteUser remoteUser : userGroup.getRemoteMembers()) {
        RegistryPartner partner = remoteUser.getPartner();
        if (partner == null)
            continue;
        RemotePartner remotePartner = remotePartnerDAO.get(partner.getId());
        if (remotePartner == null)
            continue;
        AccountTransfer accountTransfer = remoteUser.getUser();
        if (accountTransfer == null || StringUtils.isEmpty(accountTransfer.getEmail()))
            continue;
        String email = accountTransfer.getEmail();
        RemoteClientModel remoteClientModel = remoteClientModelDAO.getModel(email, remotePartner);
        if (remoteClientModel == null) {
            remoteClientModel = new RemoteClientModel();
            remoteClientModel.setEmail(email);
            remoteClientModel.setRemotePartner(remotePartner);
            remoteClientModel = remoteClientModelDAO.create(remoteClientModel);
        }
        remoteClientModel.getGroups().add(group);
        remoteClientModelDAO.update(remoteClientModel);
    }
    return group.toDataTransferObject();
}
Also used : PermissionException(org.jbei.ice.lib.access.PermissionException) Account(org.jbei.ice.storage.model.Account) Group(org.jbei.ice.storage.model.Group) UserGroup(org.jbei.ice.lib.dto.group.UserGroup) RemoteUser(org.jbei.ice.lib.dto.web.RemoteUser) RegistryPartner(org.jbei.ice.lib.dto.web.RegistryPartner) RemotePartner(org.jbei.ice.storage.model.RemotePartner) RemoteClientModel(org.jbei.ice.storage.model.RemoteClientModel) AccountTransfer(org.jbei.ice.lib.account.AccountTransfer)

Example 12 with Account

use of org.jbei.ice.storage.model.Account in project ice by JBEI.

the class AccountDAO method getAccounts.

/**
     * Retrieves list of pageable accounts, matching the parameter values
     *
     * @param offset offset to start retrieving matching accounts
     * @param limit  maximum number of accounts to retrieve
     * @param sort   sort order for retrieval
     * @param asc    whether to sort in ascending or descending order
     * @param filter optional filter to for matching text against firstName, lastName or email fields of accounts
     * @return list of matching accounts
     * @throws DAOException on {@link HibernateException} retrieving accounts
     */
public List<Account> getAccounts(int offset, int limit, String sort, boolean asc, String filter) {
    try {
        CriteriaQuery<Account> query = getBuilder().createQuery(Account.class);
        Root<Account> from = query.from(Account.class);
        if (filter != null && !filter.isEmpty()) {
            filter = filter.toLowerCase();
            query.where(getBuilder().or(getBuilder().like(getBuilder().lower(from.get("firstName")), "%" + filter + "%"), getBuilder().like(getBuilder().lower(from.get("lastName")), "%" + filter + "%"), getBuilder().like(getBuilder().lower(from.get("email")), "%" + filter + "%")));
        }
        query.distinct(true).orderBy(asc ? getBuilder().asc(from.get(sort)) : getBuilder().desc(from.get(sort)));
        return currentSession().createQuery(query).setMaxResults(limit).setFirstResult(offset).list();
    } catch (HibernateException he) {
        Logger.error(he);
        throw new DAOException(he);
    }
}
Also used : DAOException(org.jbei.ice.storage.DAOException) Account(org.jbei.ice.storage.model.Account) HibernateException(org.hibernate.HibernateException)

Example 13 with Account

use of org.jbei.ice.storage.model.Account in project ice by JBEI.

the class AccountDAO method getAccountsCount.

/**
     * Retrieves maximum number of distinct accounts available and, if specified, whose firstName, lastName and email
     * fields match the filter token. This is intended to be used for paging.
     *
     * @param filter optional token used to match against the firstName, lastName and email fields of accounts
     * @return number of accounts that match the optional filter.
     * @throws DAOException on {@link HibernateException} retrieving the number
     */
public long getAccountsCount(String filter) {
    try {
        CriteriaQuery<Long> query = getBuilder().createQuery(Long.class);
        Root<Account> from = query.from(Account.class);
        if (filter != null && !filter.isEmpty()) {
            filter = filter.toLowerCase();
            query.where(getBuilder().or(getBuilder().like(getBuilder().lower(from.get("firstName")), "%" + filter + "%"), getBuilder().like(getBuilder().lower(from.get("lastName")), "%" + filter + "%"), getBuilder().like(getBuilder().lower(from.get("email")), "%" + filter + "%")));
        }
        query.select(getBuilder().countDistinct(from.get("id")));
        return currentSession().createQuery(query).uniqueResult();
    } catch (HibernateException he) {
        Logger.error(he);
        throw new DAOException(he);
    }
}
Also used : DAOException(org.jbei.ice.storage.DAOException) Account(org.jbei.ice.storage.model.Account) HibernateException(org.hibernate.HibernateException)

Example 14 with Account

use of org.jbei.ice.storage.model.Account in project ice by JBEI.

the class EntryAuthorization method canRead.

@Override
public boolean canRead(String userId, Entry entry) {
    // super checks for owner or admin
    if (userId == null) {
        return new PermissionsController().isPubliclyVisible(entry);
    }
    if (super.canRead(userId, entry) || super.canWrite(userId, entry))
        return true;
    Account account = getAccount(userId);
    // get groups for account. if account is null, this will return everyone group
    List<Group> accountGroups = groupController.getAllGroups(account);
    // ie. belongs to group that has read privileges for entry (or a group whose parent group does)
    if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, true, false))
        return true;
    if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, false, true))
        return true;
    // check explicit read permission
    if (permissionDAO.hasPermissionMulti(entry, null, account, null, true, false))
        return true;
    Set<Folder> entryFolders = entry.getFolders();
    // is in a public folder
    for (Folder folder : entryFolders) {
        if (folder.getType() == FolderType.PUBLIC)
            return true;
    }
    // can any group that account belongs to read any folder that entry is contained in?
    if (permissionDAO.hasPermissionMulti(null, entryFolders, null, accountGroups, true, false))
        return true;
    // can account read any folder that entry is contained in?
    return permissionDAO.hasPermissionMulti(null, entryFolders, account, null, true, false) || canWrite(userId, entry);
}
Also used : Account(org.jbei.ice.storage.model.Account) Group(org.jbei.ice.storage.model.Group) Folder(org.jbei.ice.storage.model.Folder) PermissionsController(org.jbei.ice.lib.access.PermissionsController)

Example 15 with Account

use of org.jbei.ice.storage.model.Account in project ice by JBEI.

the class EntryAuthorization method canWrite.

/**
     * Determine if the referenced userId has write permissions for the entry.
     * <br> Checks if:
     * <ol>
     * <li>User has explicit write permissions for entry</li>
     * <li>User belongs to a group that has write permissions for entry</li>
     * <li>Entry is in a folder that account has write privileges on</li>
     * <li>Entry is in a folder that a group that the account belongs to has write privileges on</li>
     * </ol>
     *
     * @param userId unique user identifier
     * @param entry  entry being checked
     * @return true if user has write privileges, false otherwise
     */
@Override
public boolean canWrite(String userId, Entry entry) {
    if (userId == null)
        return false;
    // super checks for admin or owner
    if (super.canWrite(userId, entry))
        return true;
    Account account = getAccount(userId);
    // check write accounts for entry
    if (permissionDAO.hasPermission(entry, null, null, account, null, false, true))
        return true;
    // get groups for account
    List<Group> accountGroups = groupController.getAllGroups(account);
    // check group permissions
    if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, false, true))
        return true;
    Set<Folder> entryFolders = entry.getFolders();
    if (entryFolders == null || entryFolders.isEmpty())
        return false;
    // can any group that account belongs to read any folder that entry is contained in?
    if (permissionDAO.hasPermissionMulti(null, entryFolders, null, accountGroups, false, true))
        return true;
    // can account read any folder that entry is contained in?
    return permissionDAO.hasPermissionMulti(null, entryFolders, account, null, false, true);
}
Also used : Account(org.jbei.ice.storage.model.Account) Group(org.jbei.ice.storage.model.Group) Folder(org.jbei.ice.storage.model.Folder)

Aggregations

Account (org.jbei.ice.storage.model.Account)153 Test (org.junit.Test)71 Group (org.jbei.ice.storage.model.Group)24 Entry (org.jbei.ice.storage.model.Entry)21 Strain (org.jbei.ice.storage.model.Strain)20 PartData (org.jbei.ice.lib.dto.entry.PartData)18 Folder (org.jbei.ice.storage.model.Folder)18 ArrayList (java.util.ArrayList)16 UserGroup (org.jbei.ice.lib.dto.group.UserGroup)16 PermissionException (org.jbei.ice.lib.access.PermissionException)11 EntryCreator (org.jbei.ice.lib.entry.EntryCreator)10 Plasmid (org.jbei.ice.storage.model.Plasmid)10 AccountTransfer (org.jbei.ice.lib.account.AccountTransfer)8 AccessPermission (org.jbei.ice.lib.dto.access.AccessPermission)8 FolderDetails (org.jbei.ice.lib.dto.folder.FolderDetails)8 DAOException (org.jbei.ice.storage.DAOException)8 RemotePartner (org.jbei.ice.storage.model.RemotePartner)8 HibernateException (org.hibernate.HibernateException)7 HashSet (java.util.HashSet)6 Part (org.jbei.ice.storage.model.Part)6