use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class SeriesServiceDatabaseImpl method deleteSeries.
/*
* (non-Javadoc)
*
* @see org.opencastproject.series.impl.SeriesServiceDatabase#deleteSeries(java.lang.String)
*/
@Override
public void deleteSeries(String seriesId) throws SeriesServiceDatabaseException, NotFoundException {
EntityManager em = emf.createEntityManager();
EntityTransaction tx = em.getTransaction();
try {
tx.begin();
SeriesEntity entity = getSeriesEntity(seriesId, em);
if (entity == null) {
throw new NotFoundException("Series with ID " + seriesId + " does not exist");
}
// Ensure this user is allowed to delete this series
String accessControlXml = entity.getAccessControl();
if (accessControlXml != null) {
AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
User currentUser = securityService.getUser();
Organization currentOrg = securityService.getOrganization();
if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.WRITE.toString())) {
throw new UnauthorizedException(currentUser + " is not authorized to update series " + seriesId);
}
}
em.remove(entity);
tx.commit();
} catch (NotFoundException e) {
throw e;
} catch (Exception e) {
logger.error("Could not delete series: {}", e.getMessage());
if (tx.isActive()) {
tx.rollback();
}
throw new SeriesServiceDatabaseException(e);
} finally {
em.close();
}
}
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class SeriesServiceDatabaseImpl method getSeries.
/**
* {@inheritDoc}
*
* @see org.opencastproject.series.impl.SeriesServiceDatabase#getSeries(java.lang.String)
*/
@Override
public DublinCoreCatalog getSeries(String seriesId) throws NotFoundException, SeriesServiceDatabaseException {
EntityManager em = emf.createEntityManager();
EntityTransaction tx = em.getTransaction();
try {
tx.begin();
SeriesEntity entity = getSeriesEntity(seriesId, em);
if (entity == null) {
throw new NotFoundException("No series with id=" + seriesId + " exists");
}
// Ensure this user is allowed to read this series
String accessControlXml = entity.getAccessControl();
if (accessControlXml != null) {
AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
User currentUser = securityService.getUser();
Organization currentOrg = securityService.getOrganization();
// There are several reasons a user may need to load a series: to read content, to edit it, or add content
if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.READ.toString()) && !AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.CONTRIBUTE.toString()) && !AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.WRITE.toString())) {
throw new UnauthorizedException(currentUser + " is not authorized to see series " + seriesId);
}
}
return dcService.load(IOUtils.toInputStream(entity.getDublinCoreXML(), "UTF-8"));
} catch (NotFoundException e) {
throw e;
} catch (Exception e) {
logger.error("Could not update series: {}", e.getMessage());
if (tx.isActive()) {
tx.rollback();
}
throw new SeriesServiceDatabaseException(e);
} finally {
em.close();
}
}
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class ServiceRegistryJpaImpl method createJob.
/**
* Creates a job on a remote host.
*/
public Job createJob(String host, String serviceType, String operation, List<String> arguments, String payload, boolean dispatchable, Job parentJob, float jobLoad) throws ServiceRegistryException {
if (StringUtils.isBlank(host)) {
throw new IllegalArgumentException("Host can't be null");
}
if (StringUtils.isBlank(serviceType)) {
throw new IllegalArgumentException("Service type can't be null");
}
if (StringUtils.isBlank(operation)) {
throw new IllegalArgumentException("Operation can't be null");
}
EntityManager em = null;
EntityTransaction tx = null;
try {
em = emf.createEntityManager();
tx = em.getTransaction();
tx.begin();
ServiceRegistrationJpaImpl creatingService = getServiceRegistration(em, serviceType, host);
if (creatingService == null) {
throw new ServiceRegistryException("No service registration exists for type '" + serviceType + "' on host '" + host + "'");
}
if (creatingService.getHostRegistration().isMaintenanceMode()) {
logger.warn("Creating a job from {}, which is currently in maintenance mode.", creatingService.getHost());
} else if (!creatingService.getHostRegistration().isActive()) {
logger.warn("Creating a job from {}, which is currently inactive.", creatingService.getHost());
}
User currentUser = securityService.getUser();
Organization currentOrganization = securityService.getOrganization();
JpaJob jpaJob = new JpaJob(currentUser, currentOrganization, creatingService, operation, arguments, payload, dispatchable, jobLoad);
// Bind the given parent job to the new job
if (parentJob != null) {
// Get the JPA instance of the parent job
JpaJob jpaParentJob;
try {
jpaParentJob = getJpaJob(parentJob.getId());
} catch (NotFoundException e) {
logger.error("{} not found in the persistence context", parentJob);
throw new ServiceRegistryException(e);
}
jpaJob.setParentJob(jpaParentJob);
// Get the JPA instance of the root job
JpaJob jpaRootJob = jpaParentJob;
if (parentJob.getRootJobId() != null) {
try {
jpaRootJob = getJpaJob(parentJob.getRootJobId());
} catch (NotFoundException e) {
logger.error("job with id {} not found in the persistence context", parentJob.getRootJobId());
throw new ServiceRegistryException(e);
}
}
jpaJob.setRootJob(jpaRootJob);
}
// if this job is not dispatchable, it must be handled by the host that has created it
if (dispatchable) {
jpaJob.setStatus(Status.QUEUED);
} else {
jpaJob.setProcessorServiceRegistration(creatingService);
}
em.persist(jpaJob);
tx.commit();
setJobUri(jpaJob);
Job job = jpaJob.toJob();
return job;
} catch (RollbackException e) {
if (tx != null && tx.isActive()) {
tx.rollback();
}
throw e;
} finally {
if (em != null)
em.close();
}
}
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class SearchServiceDatabaseImpl method getOrganizationId.
/**
* {@inheritDoc}
*
* @see org.opencastproject.search.impl.persistence.SearchServiceDatabase#getOrganizationId(String)
*/
@Override
public String getOrganizationId(String mediaPackageId) throws NotFoundException, SearchServiceDatabaseException {
EntityManager em = null;
EntityTransaction tx = null;
try {
em = emf.createEntityManager();
tx = em.getTransaction();
tx.begin();
SearchEntity searchEntity = getSearchEntity(mediaPackageId, em);
if (searchEntity == null)
throw new NotFoundException("No media package with id=" + mediaPackageId + " exists");
// Ensure this user is allowed to read this media package
String accessControlXml = searchEntity.getAccessControl();
if (accessControlXml != null) {
AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
User currentUser = securityService.getUser();
Organization currentOrg = securityService.getOrganization();
if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, READ.toString()))
throw new UnauthorizedException(currentUser + " is not authorized to read media package " + mediaPackageId);
}
return searchEntity.getOrganization();
} catch (NotFoundException e) {
throw e;
} catch (Exception e) {
logger.error("Could not get deletion date {}: {}", mediaPackageId, e.getMessage());
if (tx.isActive()) {
tx.rollback();
}
throw new SearchServiceDatabaseException(e);
} finally {
if (em != null)
em.close();
}
}
use of org.opencastproject.security.api.Organization in project opencast by opencast.
the class SeriesServiceImpl method repopulate.
@Override
public void repopulate(final String indexName) {
final String destinationId = SeriesItem.SERIES_QUEUE_PREFIX + indexName.substring(0, 1).toUpperCase() + indexName.substring(1);
try {
final int total = persistence.countSeries();
logger.info("Re-populating '{}' index with series. There are {} series to add to the index.", indexName, total);
final int responseInterval = (total < 100) ? 1 : (total / 100);
List<SeriesEntity> databaseSeries = persistence.getAllSeries();
int current = 1;
for (SeriesEntity series : databaseSeries) {
Organization organization = orgDirectory.getOrganization(series.getOrganization());
SecurityUtil.runAs(securityService, organization, SecurityUtil.createSystemUser(systemUserName, organization), new Function0.X<Void>() {
@Override
public Void xapply() throws Exception {
String id = series.getSeriesId();
logger.trace("Adding series '{}' for org '{}'", id, series.getOrganization());
DublinCoreCatalog catalog = DublinCoreXmlFormat.read(series.getDublinCoreXML());
messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, SeriesItem.updateCatalog(catalog));
AccessControlList acl = AccessControlParser.parseAcl(series.getAccessControl());
if (acl != null) {
messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, SeriesItem.updateAcl(id, acl));
}
messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, SeriesItem.updateOptOut(id, series.isOptOut()));
for (Entry<String, String> property : persistence.getSeriesProperties(id).entrySet()) {
messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, SeriesItem.updateProperty(id, property.getKey(), property.getValue()));
}
return null;
}
});
if ((current % responseInterval == 0) || (current == total)) {
logger.info("Initializing {} series index rebuild {}/{}: {} percent", indexName, current, total, current * 100 / total);
}
current++;
}
logger.info("Finished initializing '{}' index rebuild", indexName);
} catch (Exception e) {
logger.warn("Unable to index series instances:", e);
throw new ServiceException(e.getMessage());
}
Organization organization = new DefaultOrganization();
SecurityUtil.runAs(securityService, organization, SecurityUtil.createSystemUser(systemUserName, organization), new Effect0() {
@Override
protected void run() {
messageSender.sendObjectMessage(IndexProducer.RESPONSE_QUEUE, MessageSender.DestinationType.Queue, IndexRecreateObject.end(indexName, IndexRecreateObject.Service.Series));
}
});
}
Aggregations