use of org.jbei.ice.storage.model.Folder in project ice by JBEI.
the class EntryAuthorization method canRead.
@Override
public boolean canRead(String userId, Entry entry) {
// super checks for owner or admin
if (userId == null) {
return new PermissionsController().isPubliclyVisible(entry);
}
if (super.canRead(userId, entry) || super.canWrite(userId, entry))
return true;
Account account = getAccount(userId);
// get groups for account. if account is null, this will return everyone group
List<Group> accountGroups = groupController.getAllGroups(account);
// ie. belongs to group that has read privileges for entry (or a group whose parent group does)
if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, true, false))
return true;
if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, false, true))
return true;
// check explicit read permission
if (permissionDAO.hasPermissionMulti(entry, null, account, null, true, false))
return true;
Set<Folder> entryFolders = entry.getFolders();
// is in a public folder
for (Folder folder : entryFolders) {
if (folder.getType() == FolderType.PUBLIC)
return true;
}
// can any group that account belongs to read any folder that entry is contained in?
if (permissionDAO.hasPermissionMulti(null, entryFolders, null, accountGroups, true, false))
return true;
// can account read any folder that entry is contained in?
return permissionDAO.hasPermissionMulti(null, entryFolders, account, null, true, false) || canWrite(userId, entry);
}
use of org.jbei.ice.storage.model.Folder in project ice by JBEI.
the class EntryAuthorization method canWrite.
/**
* Determine if the referenced userId has write permissions for the entry.
* <br> Checks if:
* <ol>
* <li>User has explicit write permissions for entry</li>
* <li>User belongs to a group that has write permissions for entry</li>
* <li>Entry is in a folder that account has write privileges on</li>
* <li>Entry is in a folder that a group that the account belongs to has write privileges on</li>
* </ol>
*
* @param userId unique user identifier
* @param entry entry being checked
* @return true if user has write privileges, false otherwise
*/
@Override
public boolean canWrite(String userId, Entry entry) {
if (userId == null)
return false;
// super checks for admin or owner
if (super.canWrite(userId, entry))
return true;
Account account = getAccount(userId);
// check write accounts for entry
if (permissionDAO.hasPermission(entry, null, null, account, null, false, true))
return true;
// get groups for account
List<Group> accountGroups = groupController.getAllGroups(account);
// check group permissions
if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, false, true))
return true;
Set<Folder> entryFolders = entry.getFolders();
if (entryFolders == null || entryFolders.isEmpty())
return false;
// can any group that account belongs to read any folder that entry is contained in?
if (permissionDAO.hasPermissionMulti(null, entryFolders, null, accountGroups, false, true))
return true;
// can account read any folder that entry is contained in?
return permissionDAO.hasPermissionMulti(null, entryFolders, account, null, false, true);
}
use of org.jbei.ice.storage.model.Folder in project ice by JBEI.
the class FolderAuthorization method canWrite.
public boolean canWrite(String userId, Folder folder) {
Account account = getAccount(userId);
if (account == null)
return false;
if (super.canWrite(userId, folder))
return true;
// now check actual permissions
Set<Folder> folders = new HashSet<>();
folders.add(folder);
return controller.groupHasWritePermission(new ArrayList<>(account.getGroups()), folders) || controller.accountHasWritePermission(account, folders);
}
use of org.jbei.ice.storage.model.Folder in project ice by JBEI.
the class TransferTask method execute.
public void execute() {
RemoteTransfer transfer = new RemoteTransfer();
Account account = DAOFactory.getAccountDAO().getByEmail(userId);
if (account.getType() != AccountType.ADMIN)
return;
Entries retriever = new Entries(account.getEmail());
List<Long> entries = retriever.getEntriesFromSelectionContext(entrySelection);
Logger.info(userId + ": requesting transfer to " + remoteId);
List<PartData> dataList = transfer.getPartsForTransfer(entries);
List<Long> remoteIds = transfer.transferEntries(remoteId, dataList);
// check folder
if (StringUtils.isEmpty(this.entrySelection.getFolderId()))
return;
// create remoteFolder
long folderId = Long.decode(this.entrySelection.getFolderId());
Folder folder = DAOFactory.getFolderDAO().get(folderId);
Logger.info("Adding " + remoteIds.size() + " transferred entries to remote folder");
transfer.transferFolder(remoteId, folder.toDataTransferObject(), remoteIds);
}
use of org.jbei.ice.storage.model.Folder in project ice by JBEI.
the class FolderController method createPersonalFolder.
public FolderDetails createPersonalFolder(String userId, FolderDetails folderDetails) {
if (folderDetails.getName() == null)
return null;
Folder folder = new Folder(folderDetails.getName());
AccountTransfer owner = folderDetails.getOwner();
if (owner != null && !StringUtils.isEmpty(owner.getEmail()) && accountController.isAdministrator(userId))
folder.setOwnerEmail(owner.getEmail());
else
folder.setOwnerEmail(userId);
folder.setType(FolderType.PRIVATE);
folder.setCreationTime(new Date());
folder = dao.create(folder);
FolderDetails details = folder.toDataTransferObject();
details.setCanEdit(true);
return details;
}
Aggregations