Examples with Organization org.opencastproject.security.api.Organization used on opensource projects
Example 11 with Organization
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class SeriesServiceDatabaseImpl method deleteSeries.
/*
* (non-Javadoc)
*
* @see org.opencastproject.series.impl.SeriesServiceDatabase#deleteSeries(java.lang.String)
*/
@Override
public void deleteSeries(String seriesId) throws SeriesServiceDatabaseException, NotFoundException {
EntityManager em = emf.createEntityManager();
EntityTransaction tx = em.getTransaction();
try {
tx.begin();
SeriesEntity entity = getSeriesEntity(seriesId, em);
if (entity == null) {
throw new NotFoundException("Series with ID " + seriesId + " does not exist");
}
// Ensure this user is allowed to delete this series
String accessControlXml = entity.getAccessControl();
if (accessControlXml != null) {
AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
User currentUser = securityService.getUser();
Organization currentOrg = securityService.getOrganization();
if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.WRITE.toString())) {
throw new UnauthorizedException(currentUser + " is not authorized to update series " + seriesId);
}
}
em.remove(entity);
tx.commit();
} catch (NotFoundException e) {
throw e;
} catch (Exception e) {
logger.error("Could not delete series: {}", e.getMessage());
if (tx.isActive()) {
tx.rollback();
}
throw new SeriesServiceDatabaseException(e);
} finally {
em.close();
}
}
Also used :
AccessControlList(org.opencastproject.security.api.AccessControlList)
EntityTransaction(javax.persistence.EntityTransaction)
EntityManager(javax.persistence.EntityManager)
User(org.opencastproject.security.api.User)
Organization(org.opencastproject.security.api.Organization)
SeriesServiceDatabaseException(org.opencastproject.series.impl.SeriesServiceDatabaseException)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
NotFoundException(org.opencastproject.util.NotFoundException)
NoResultException(javax.persistence.NoResultException)
SeriesServiceDatabaseException(org.opencastproject.series.impl.SeriesServiceDatabaseException)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
NotFoundException(org.opencastproject.util.NotFoundException)
IOException(java.io.IOException)
AccessControlParsingException(org.opencastproject.security.api.AccessControlParsingException)
Example 12 with Organization
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class SeriesServiceDatabaseImpl method getSeries.
/**
* {@inheritDoc}
*
* @see org.opencastproject.series.impl.SeriesServiceDatabase#getSeries(java.lang.String)
*/
@Override
public DublinCoreCatalog getSeries(String seriesId) throws NotFoundException, SeriesServiceDatabaseException {
EntityManager em = emf.createEntityManager();
EntityTransaction tx = em.getTransaction();
try {
tx.begin();
SeriesEntity entity = getSeriesEntity(seriesId, em);
if (entity == null) {
throw new NotFoundException("No series with id=" + seriesId + " exists");
}
// Ensure this user is allowed to read this series
String accessControlXml = entity.getAccessControl();
if (accessControlXml != null) {
AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
User currentUser = securityService.getUser();
Organization currentOrg = securityService.getOrganization();
// There are several reasons a user may need to load a series: to read content, to edit it, or add content
if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.READ.toString()) && !AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.CONTRIBUTE.toString()) && !AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.WRITE.toString())) {
throw new UnauthorizedException(currentUser + " is not authorized to see series " + seriesId);
}
}
return dcService.load(IOUtils.toInputStream(entity.getDublinCoreXML(), "UTF-8"));
} catch (NotFoundException e) {
throw e;
} catch (Exception e) {
logger.error("Could not update series: {}", e.getMessage());
if (tx.isActive()) {
tx.rollback();
}
throw new SeriesServiceDatabaseException(e);
} finally {
em.close();
}
}
Also used :
AccessControlList(org.opencastproject.security.api.AccessControlList)
EntityTransaction(javax.persistence.EntityTransaction)
EntityManager(javax.persistence.EntityManager)
User(org.opencastproject.security.api.User)
Organization(org.opencastproject.security.api.Organization)
SeriesServiceDatabaseException(org.opencastproject.series.impl.SeriesServiceDatabaseException)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
NotFoundException(org.opencastproject.util.NotFoundException)
NoResultException(javax.persistence.NoResultException)
SeriesServiceDatabaseException(org.opencastproject.series.impl.SeriesServiceDatabaseException)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
NotFoundException(org.opencastproject.util.NotFoundException)
IOException(java.io.IOException)
AccessControlParsingException(org.opencastproject.security.api.AccessControlParsingException)
Example 13 with Organization
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class ServiceRegistryJpaImpl method createJob.
/**
* Creates a job on a remote host.
*/
public Job createJob(String host, String serviceType, String operation, List<String> arguments, String payload, boolean dispatchable, Job parentJob, float jobLoad) throws ServiceRegistryException {
if (StringUtils.isBlank(host)) {
throw new IllegalArgumentException("Host can't be null");
}
if (StringUtils.isBlank(serviceType)) {
throw new IllegalArgumentException("Service type can't be null");
}
if (StringUtils.isBlank(operation)) {
throw new IllegalArgumentException("Operation can't be null");
}
EntityManager em = null;
EntityTransaction tx = null;
try {
em = emf.createEntityManager();
tx = em.getTransaction();
tx.begin();
ServiceRegistrationJpaImpl creatingService = getServiceRegistration(em, serviceType, host);
if (creatingService == null) {
throw new ServiceRegistryException("No service registration exists for type '" + serviceType + "' on host '" + host + "'");
}
if (creatingService.getHostRegistration().isMaintenanceMode()) {
logger.warn("Creating a job from {}, which is currently in maintenance mode.", creatingService.getHost());
} else if (!creatingService.getHostRegistration().isActive()) {
logger.warn("Creating a job from {}, which is currently inactive.", creatingService.getHost());
}
User currentUser = securityService.getUser();
Organization currentOrganization = securityService.getOrganization();
JpaJob jpaJob = new JpaJob(currentUser, currentOrganization, creatingService, operation, arguments, payload, dispatchable, jobLoad);
// Bind the given parent job to the new job
if (parentJob != null) {
// Get the JPA instance of the parent job
JpaJob jpaParentJob;
try {
jpaParentJob = getJpaJob(parentJob.getId());
} catch (NotFoundException e) {
logger.error("{} not found in the persistence context", parentJob);
throw new ServiceRegistryException(e);
}
jpaJob.setParentJob(jpaParentJob);
// Get the JPA instance of the root job
JpaJob jpaRootJob = jpaParentJob;
if (parentJob.getRootJobId() != null) {
try {
jpaRootJob = getJpaJob(parentJob.getRootJobId());
} catch (NotFoundException e) {
logger.error("job with id {} not found in the persistence context", parentJob.getRootJobId());
throw new ServiceRegistryException(e);
}
}
jpaJob.setRootJob(jpaRootJob);
}
// if this job is not dispatchable, it must be handled by the host that has created it
if (dispatchable) {
jpaJob.setStatus(Status.QUEUED);
} else {
jpaJob.setProcessorServiceRegistration(creatingService);
}
em.persist(jpaJob);
tx.commit();
setJobUri(jpaJob);
Job job = jpaJob.toJob();
return job;
} catch (RollbackException e) {
if (tx != null && tx.isActive()) {
tx.rollback();
}
throw e;
} finally {
if (em != null)
em.close();
}
}
Also used :
EntityTransaction(javax.persistence.EntityTransaction)
EntityManager(javax.persistence.EntityManager)
User(org.opencastproject.security.api.User)
Organization(org.opencastproject.security.api.Organization)
NotFoundException(org.opencastproject.util.NotFoundException)
ServiceRegistrationJpaImpl(org.opencastproject.serviceregistry.impl.jpa.ServiceRegistrationJpaImpl)
JpaJob(org.opencastproject.job.jpa.JpaJob)
JpaJob.fnToJob(org.opencastproject.job.jpa.JpaJob.fnToJob)
Job(org.opencastproject.job.api.Job)
JpaJob(org.opencastproject.job.jpa.JpaJob)
RollbackException(javax.persistence.RollbackException)
ServiceRegistryException(org.opencastproject.serviceregistry.api.ServiceRegistryException)
Example 14 with Organization
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class SearchServiceDatabaseImpl method getOrganizationId.
/**
* {@inheritDoc}
*
* @see org.opencastproject.search.impl.persistence.SearchServiceDatabase#getOrganizationId(String)
*/
@Override
public String getOrganizationId(String mediaPackageId) throws NotFoundException, SearchServiceDatabaseException {
EntityManager em = null;
EntityTransaction tx = null;
try {
em = emf.createEntityManager();
tx = em.getTransaction();
tx.begin();
SearchEntity searchEntity = getSearchEntity(mediaPackageId, em);
if (searchEntity == null)
throw new NotFoundException("No media package with id=" + mediaPackageId + " exists");
// Ensure this user is allowed to read this media package
String accessControlXml = searchEntity.getAccessControl();
if (accessControlXml != null) {
AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
User currentUser = securityService.getUser();
Organization currentOrg = securityService.getOrganization();
if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, READ.toString()))
throw new UnauthorizedException(currentUser + " is not authorized to read media package " + mediaPackageId);
}
return searchEntity.getOrganization();
} catch (NotFoundException e) {
throw e;
} catch (Exception e) {
logger.error("Could not get deletion date {}: {}", mediaPackageId, e.getMessage());
if (tx.isActive()) {
tx.rollback();
}
throw new SearchServiceDatabaseException(e);
} finally {
if (em != null)
em.close();
}
}
Also used :
AccessControlList(org.opencastproject.security.api.AccessControlList)
EntityTransaction(javax.persistence.EntityTransaction)
EntityManager(javax.persistence.EntityManager)
User(org.opencastproject.security.api.User)
Organization(org.opencastproject.security.api.Organization)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
NotFoundException(org.opencastproject.util.NotFoundException)
NoResultException(javax.persistence.NoResultException)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
NotFoundException(org.opencastproject.util.NotFoundException)
Example 15 with Organization
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class SeriesServiceImpl method repopulate.
@Override
public void repopulate(final String indexName) {
final String destinationId = SeriesItem.SERIES_QUEUE_PREFIX + indexName.substring(0, 1).toUpperCase() + indexName.substring(1);
try {
final int total = persistence.countSeries();
logger.info("Re-populating '{}' index with series. There are {} series to add to the index.", indexName, total);
final int responseInterval = (total < 100) ? 1 : (total / 100);
List<SeriesEntity> databaseSeries = persistence.getAllSeries();
int current = 1;
for (SeriesEntity series : databaseSeries) {
Organization organization = orgDirectory.getOrganization(series.getOrganization());
SecurityUtil.runAs(securityService, organization, SecurityUtil.createSystemUser(systemUserName, organization), new Function0.X<Void>() {
@Override
public Void xapply() throws Exception {
String id = series.getSeriesId();
logger.trace("Adding series '{}' for org '{}'", id, series.getOrganization());
DublinCoreCatalog catalog = DublinCoreXmlFormat.read(series.getDublinCoreXML());
messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, SeriesItem.updateCatalog(catalog));
AccessControlList acl = AccessControlParser.parseAcl(series.getAccessControl());
if (acl != null) {
messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, SeriesItem.updateAcl(id, acl));
}
messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, SeriesItem.updateOptOut(id, series.isOptOut()));
for (Entry<String, String> property : persistence.getSeriesProperties(id).entrySet()) {
messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, SeriesItem.updateProperty(id, property.getKey(), property.getValue()));
}
return null;
}
});
if ((current % responseInterval == 0) || (current == total)) {
logger.info("Initializing {} series index rebuild {}/{}: {} percent", indexName, current, total, current * 100 / total);
}
current++;
}
logger.info("Finished initializing '{}' index rebuild", indexName);
} catch (Exception e) {
logger.warn("Unable to index series instances:", e);
throw new ServiceException(e.getMessage());
}
Organization organization = new DefaultOrganization();
SecurityUtil.runAs(securityService, organization, SecurityUtil.createSystemUser(systemUserName, organization), new Effect0() {
@Override
protected void run() {
messageSender.sendObjectMessage(IndexProducer.RESPONSE_QUEUE, MessageSender.DestinationType.Queue, IndexRecreateObject.end(indexName, IndexRecreateObject.Service.Series));
}
});
}
Also used :
AccessControlList(org.opencastproject.security.api.AccessControlList)
Organization(org.opencastproject.security.api.Organization)
DefaultOrganization(org.opencastproject.security.api.DefaultOrganization)
SeriesEntity(org.opencastproject.series.impl.persistence.SeriesEntity)
Function0(org.opencastproject.util.data.Function0)
ServiceException(org.osgi.framework.ServiceException)
SeriesException(org.opencastproject.series.api.SeriesException)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
NotFoundException(org.opencastproject.util.NotFoundException)
FunctionException(org.opencastproject.util.data.FunctionException)
Entry(java.util.Map.Entry)
ServiceException(org.osgi.framework.ServiceException)
Effect0(org.opencastproject.util.data.Effect0)
DublinCoreCatalog(org.opencastproject.metadata.dublincore.DublinCoreCatalog)
DefaultOrganization(org.opencastproject.security.api.DefaultOrganization)
Aggregations
Organization (org.opencastproject.security.api.Organization)135
User (org.opencastproject.security.api.User)60
DefaultOrganization (org.opencastproject.security.api.DefaultOrganization)46
NotFoundException (org.opencastproject.util.NotFoundException)43
JaxbOrganization (org.opencastproject.security.api.JaxbOrganization)29
SecurityService (org.opencastproject.security.api.SecurityService)29
IOException (java.io.IOException)24
Before (org.junit.Before)24
ArrayList (java.util.ArrayList)23
AccessControlList (org.opencastproject.security.api.AccessControlList)22
OrganizationDirectoryService (org.opencastproject.security.api.OrganizationDirectoryService)22
UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)22
JaxbRole (org.opencastproject.security.api.JaxbRole)21
MediaPackage (org.opencastproject.mediapackage.MediaPackage)20
JaxbUser (org.opencastproject.security.api.JaxbUser)20
UserDirectoryService (org.opencastproject.security.api.UserDirectoryService)19
File (java.io.File)18
HashMap (java.util.HashMap)17
WorkflowInstance (org.opencastproject.workflow.api.WorkflowInstance)17
Test (org.junit.Test)15
