use of org.jbei.ice.storage.model.Permission in project ice by JBEI.
the class EntryPermissions method getEntryPermissions.
/**
* Retrieves permissions associated with a part. Requires that the requesting user has write permissions
* on the specified part
*
* @return list of available permissions for the specified part
* @throws PermissionException if the requesting user does not have write permissions for the part
*/
public List<AccessPermission> getEntryPermissions() {
// viewing permissions requires write permissions
authorization.expectWrite(userId, entry);
ArrayList<AccessPermission> accessPermissions = new ArrayList<>();
List<Permission> permissions = permissionDAO.getEntryPermissions(entry);
GroupController groupController = new GroupController();
Group publicGroup = groupController.createOrRetrievePublicGroup();
for (Permission permission : permissions) {
if (permission.getAccount() == null && permission.getGroup() == null)
continue;
if (permission.getGroup() != null && permission.getGroup() == publicGroup)
continue;
accessPermissions.add(permission.toDataTransferObject());
}
return accessPermissions;
}
use of org.jbei.ice.storage.model.Permission in project ice by JBEI.
the class RemoteAccessModelDAO method getByFolder.
public RemoteAccessModel getByFolder(Account account, Folder folder) {
try {
CriteriaQuery<RemoteAccessModel> query = getBuilder().createQuery(RemoteAccessModel.class);
Root<RemoteAccessModel> from = query.from(RemoteAccessModel.class);
Join<RemoteAccessModel, Permission> permission = from.join("permission");
query.where(getBuilder().equal(permission.get("folder"), folder), getBuilder().equal(permission.get("account"), account));
List<RemoteAccessModel> result = currentSession().createQuery(query).list();
if (result.size() > 1) {
Logger.warn("Found " + result.size() + " access models for folder " + folder.getId());
return result.get(0);
}
return null;
} catch (HibernateException he) {
Logger.error(he);
throw new DAOException(he);
}
}
use of org.jbei.ice.storage.model.Permission in project ice by JBEI.
the class PermissionEntryBridge method set.
@Override
public void set(String name, Object value, Document document, LuceneOptions luceneOptions) {
if (value == null)
return;
Permission permission = (Permission) value;
if (permission.getEntry() == null && permission.getFolder() == null)
return;
String fieldName;
if (permission.isCanRead() || permission.isCanWrite()) {
fieldName = "canRead";
} else
return;
// account
if (permission.getAccount() != null) {
String existingFieldValue = document.get(fieldName);
if (!permission.getAccount().getEmail().equalsIgnoreCase(existingFieldValue))
luceneOptions.addFieldToDocument(fieldName, permission.getAccount().getEmail(), document);
}
// group
if (permission.getGroup() != null) {
String existingFieldValue = document.get(fieldName);
if (!permission.getGroup().getUuid().equalsIgnoreCase(existingFieldValue))
luceneOptions.addFieldToDocument(fieldName, permission.getGroup().getUuid(), document);
}
// TODO: adding entries to a folder that has permission granted to someone does not trigger this
// bridge until an entry is edited.
}
use of org.jbei.ice.storage.model.Permission in project ice by JBEI.
the class EntryPermissionTask method addPermissions.
protected void addPermissions(Entry entry) {
for (AccessPermission access : permissions) {
// account or group
Account account = null;
Group group = null;
switch(access.getArticle()) {
case ACCOUNT:
default:
account = accountDAO.get(access.getArticleId());
break;
case GROUP:
group = groupDAO.get(access.getArticleId());
break;
}
// does the permissions already exists
if (permissionDAO.hasPermission(entry, null, null, account, group, access.isCanRead(), access.isCanWrite()))
return;
// add the permission if not
Permission permission = new Permission();
permission.setEntry(entry);
entry.getPermissions().add(permission);
permission.setGroup(group);
permission.setFolder(null);
permission.setUpload(null);
permission.setAccount(account);
permission.setCanRead(access.isCanRead());
permission.setCanWrite(access.isCanWrite());
permissionDAO.create(permission);
}
}
use of org.jbei.ice.storage.model.Permission in project ice by JBEI.
the class EntryPermissions method add.
/**
* Adds a new permission to the specified entry. If the entry does not exist, a new one is created
*
* @param access permissions to be added to the entry
* @return created permission if successful, null otherwise
* @throws PermissionException if the requesting user does not have write permissions on the entry
*/
public AccessPermission add(AccessPermission access) {
if (access == null)
return null;
authorization.expectWrite(userId, entry);
Permission permission = addPermission(access, entry, null, null);
if (permission == null)
return null;
return permission.toDataTransferObject();
}
Aggregations