use of org.jbei.ice.storage.model.Group in project ice by JBEI.
the class Messages method get.
public Results<MessageInfo> get(int start, int limit) {
Account account = accountDAO.getByEmail(this.userId);
List<Group> groups = DAOFactory.getGroupDAO().retrieveMemberGroups(account);
List<Message> messages = new ArrayList<>(dao.retrieveMessages(account, groups, start, limit));
Results<MessageInfo> results = new Results<>();
for (Message message : messages) {
Account from = accountDAO.getByEmail(message.getFromEmail());
if (from == null)
continue;
MessageInfo info = new MessageInfo();
info.setId(message.getId());
info.setFrom(message.getFromEmail());
info.setTitle(message.getTitle());
info.setRead(message.isRead());
info.setSent(message.getDateSent().getTime());
results.getData().add(info);
}
int totalSize = dao.retrieveMessageCount(account, groups);
results.setResultCount(totalSize);
return results;
}
use of org.jbei.ice.storage.model.Group in project ice by JBEI.
the class Groups method addGroup.
/**
* Adds group to the list of groups for current user
*
* @param userGroup information about group to be added, including members (local and remote)
* @return added group
*/
public UserGroup addGroup(UserGroup userGroup) {
if (userGroup.getType() == null)
userGroup.setType(GroupType.PRIVATE);
if (userGroup.getType() == GroupType.PUBLIC && !accountController.isAdministrator(userId)) {
String errMsg = "Non admin '" + userId + "' attempting to create public group";
Logger.error(errMsg);
throw new PermissionException(errMsg);
}
Account account = accountDAO.getByEmail(userId);
Group group = new Group();
group.setUuid(Utils.generateUUID());
group.setLabel(userGroup.getLabel());
group.setDescription(userGroup.getDescription() == null ? "" : userGroup.getDescription());
group.setType(userGroup.getType());
group.setOwner(account);
group.setAutoJoin(userGroup.isAutoJoin());
group.setCreationTime(new Date());
group = dao.create(group);
// add local members
if (userGroup.getMembers() != null && !userGroup.getMembers().isEmpty()) {
for (AccountTransfer accountTransfer : userGroup.getMembers()) {
Account memberAccount = accountDAO.getByEmail(accountTransfer.getEmail());
if (memberAccount == null)
continue;
group.getMembers().add(memberAccount);
memberAccount.getGroups().add(group);
accountDAO.update(memberAccount);
}
}
// add remote members
for (RemoteUser remoteUser : userGroup.getRemoteMembers()) {
RegistryPartner partner = remoteUser.getPartner();
if (partner == null)
continue;
RemotePartner remotePartner = remotePartnerDAO.get(partner.getId());
if (remotePartner == null)
continue;
AccountTransfer accountTransfer = remoteUser.getUser();
if (accountTransfer == null || StringUtils.isEmpty(accountTransfer.getEmail()))
continue;
String email = accountTransfer.getEmail();
RemoteClientModel remoteClientModel = remoteClientModelDAO.getModel(email, remotePartner);
if (remoteClientModel == null) {
remoteClientModel = new RemoteClientModel();
remoteClientModel.setEmail(email);
remoteClientModel.setRemotePartner(remotePartner);
remoteClientModel = remoteClientModelDAO.create(remoteClientModel);
}
remoteClientModel.getGroups().add(group);
remoteClientModelDAO.update(remoteClientModel);
}
return group.toDataTransferObject();
}
use of org.jbei.ice.storage.model.Group in project ice by JBEI.
the class EntryAuthorization method canRead.
@Override
public boolean canRead(String userId, Entry entry) {
// super checks for owner or admin
if (userId == null) {
return new PermissionsController().isPubliclyVisible(entry);
}
if (super.canRead(userId, entry) || super.canWrite(userId, entry))
return true;
Account account = getAccount(userId);
// get groups for account. if account is null, this will return everyone group
List<Group> accountGroups = groupController.getAllGroups(account);
// ie. belongs to group that has read privileges for entry (or a group whose parent group does)
if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, true, false))
return true;
if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, false, true))
return true;
// check explicit read permission
if (permissionDAO.hasPermissionMulti(entry, null, account, null, true, false))
return true;
Set<Folder> entryFolders = entry.getFolders();
// is in a public folder
for (Folder folder : entryFolders) {
if (folder.getType() == FolderType.PUBLIC)
return true;
}
// can any group that account belongs to read any folder that entry is contained in?
if (permissionDAO.hasPermissionMulti(null, entryFolders, null, accountGroups, true, false))
return true;
// can account read any folder that entry is contained in?
return permissionDAO.hasPermissionMulti(null, entryFolders, account, null, true, false) || canWrite(userId, entry);
}
use of org.jbei.ice.storage.model.Group in project ice by JBEI.
the class EntryAuthorization method canWrite.
/**
* Determine if the referenced userId has write permissions for the entry.
* <br> Checks if:
* <ol>
* <li>User has explicit write permissions for entry</li>
* <li>User belongs to a group that has write permissions for entry</li>
* <li>Entry is in a folder that account has write privileges on</li>
* <li>Entry is in a folder that a group that the account belongs to has write privileges on</li>
* </ol>
*
* @param userId unique user identifier
* @param entry entry being checked
* @return true if user has write privileges, false otherwise
*/
@Override
public boolean canWrite(String userId, Entry entry) {
if (userId == null)
return false;
// super checks for admin or owner
if (super.canWrite(userId, entry))
return true;
Account account = getAccount(userId);
// check write accounts for entry
if (permissionDAO.hasPermission(entry, null, null, account, null, false, true))
return true;
// get groups for account
List<Group> accountGroups = groupController.getAllGroups(account);
// check group permissions
if (permissionDAO.hasPermissionMulti(entry, null, null, accountGroups, false, true))
return true;
Set<Folder> entryFolders = entry.getFolders();
if (entryFolders == null || entryFolders.isEmpty())
return false;
// can any group that account belongs to read any folder that entry is contained in?
if (permissionDAO.hasPermissionMulti(null, entryFolders, null, accountGroups, false, true))
return true;
// can account read any folder that entry is contained in?
return permissionDAO.hasPermissionMulti(null, entryFolders, account, null, false, true);
}
use of org.jbei.ice.storage.model.Group in project ice by JBEI.
the class Entries method updateVisibility.
public boolean updateVisibility(List<Long> entryIds, Visibility visibility) {
Account account = accountDAO.getByEmail(userId);
List<Group> accountGroups = new GroupController().getAllGroups(account);
if (!new AccountController().isAdministrator(userId) && !permissionDAO.canWrite(account, accountGroups, entryIds))
return false;
for (long entryId : entryIds) {
Entry entry = dao.get(entryId);
if (entry.getVisibility() == visibility.getValue())
continue;
entry.setVisibility(visibility.getValue());
dao.update(entry);
}
return true;
}
Aggregations