public void loadPermissions(org.hibernate.Session session) { if (groupPermissionsMap != null) { for (Map.Entry<Long, Permissions> entry : groupPermissionsMap.entrySet()) { if (entry.getValue() == null) { Long id = entry.getKey(); ExperimenterGroup g = (ExperimenterGroup) session.get(ExperimenterGroup.class, id); entry.setValue(g.getDetails().getPermissions()); } } } }
@Override public ExperimenterGroup mapRow(ResultSet arg0, int arg1) throws SQLException { ExperimenterGroup group = new ExperimenterGroup(); group.setId(arg0.getLong(1)); group.setName(arg0.getString(2)); Permissions p = Utils.toPermissions(arg0.getLong(3)); group.getDetails().setPermissions(p); return group; } }, id);
@Override public void noteDetails(Session session, IObject object, String realClass, long id) { if (!(object instanceof ExperimenterGroup)) { /* This is a small object and should typically hit the ORM cache but if still too slow then we could exploit that * GraphTraversal.planning.detailsNoted already has the details object cached. */ final String hql = "SELECT details FROM " + realClass + " WHERE id = " + id; final ome.model.internal.Details details = (ome.model.internal.Details) session.createQuery(hql).uniqueResult(); if (details == null) { return; } object = details.getGroup(); if (object == null) { return; } } final Long groupId = object.getId(); if (!groupPermissions.containsKey(groupId)) { final ExperimenterGroup group = (ExperimenterGroup) session.get(ExperimenterGroup.class, groupId); final Permissions permissions = group.getDetails().getPermissions(); groupPermissions.put(groupId, permissions.toString()); } }
public long createGroup(ExperimenterGroup group) { group = copyGroup(group); if (group.getDetails().getPermissions() == null) { group.getDetails().setPermissions(Permissions.USER_PRIVATE); } final Session session = sf.getSession(); ExperimenterGroup g = sec.doAction(new SecureMerge(session), group); return g.getId(); }
public Permissions getCurrentGroupPermissions() { return session.getDetails().getGroup().getDetails().getPermissions(); }
return getDescription(); } else if (field.equals(DETAILS)) { return getDetails(); } else { if (_dynamicFields != null) {
/** * Main constructor. */ public ExperimenterGroup (Long id, boolean loaded) { setId(id); if (loaded) { getDetails().setContext(this); } else { if (this.id == null) { throw new ApiUsageException("Id cannot be null for a proxy"); } unload(); } }
protected ExperimenterGroup copyGroup(ExperimenterGroup g) { if (g.getName() == null) { throw new ValidationException("Group name may not be null."); } ExperimenterGroup copy = new ExperimenterGroup(); copy.setDescription(g.getDescription()); copy.setName(g.getName()); copy.setLdap(g.getLdap()); copy.setConfig(g.getConfig()); copy.getDetails().copy(sec.newTransientDetails(g)); copy.getDetails().setPermissions(g.getDetails().getPermissions()); // TODO see shallow copy comment on copy user return copy; }
private void handleGroupChange(IObject obj, Permissions newPerms) { final ExperimenterGroup group = load(obj); if (newPerms == null) { throw new ApiUsageException("PERMS cannot be null"); } final Permissions oldPerms = group.getDetails().getPermissions(); if (oldPerms.sameRights(newPerms)) { log.debug(String.format("Ignoring unchanged permissions: %s", newPerms)); return; } final Long internal = (Long) Utils.internalForm(newPerms); sql.changeGroupPermissions(obj.getId(), internal); log.info(String.format("Changed permissions for %s to %s", obj.getId(), internal)); eventlog(obj.getId(), newPerms.toString()); }
} else { ExperimenterGroup g = admin.groupProxy(gid); setGroup(g, g.getDetails().getPermissions());
PermDrop(ExperimenterGroup trusted, String permissions) { oldPerms = trusted.getDetails().getPermissions(); newPerms = Permissions.parseString(permissions); if (!newPerms.isGranted(u, r)) { throw new GroupSecurityViolation("Cannot remove user read: " + trusted); } if (oldPerms.isGranted(g, r) && !newPerms.isGranted(g, r)) { reduceGroup = true; } else { reduceGroup = false; } }
Permissions p = group.getDetails().getPermissions(); group.getDetails().setPermissions(p); log.warn(String.format( "Forced to reload permissions for group %s: %s", g, p));
throw helper.cancel(new ERR(), e, "bad-group"); final Permissions permissions = group.getDetails().getPermissions(); isFromGroupReadable = permissions.isGranted(Permissions.Role.GROUP, Permissions.Right.READ); readableByGroupId.put(groupId, isFromGroupReadable);
Permissions p = g.getDetails().getPermissions(); if (p == null) { log.warn(String.format("Permissions null for group %s " +
ExperimenterGroup group) { adminOrPiOfGroups(adminPrivileges.getPrivilege(AdminPrivilege.VALUE_MODIFY_GROUP), group); Permissions p = group.getDetails().getPermissions(); if (p != null) {
final Permissions destinationGroupPermissions = destinationGroup.getDetails().getPermissions(); final boolean isToGroupReadable = destinationGroupPermissions.isGranted(Permissions.Role.GROUP, Permissions.Right.READ);
public long createGroup(String name, Permissions perms, boolean strict, boolean isLdap) { Session s = sf.getSession(); ExperimenterGroup g = groupByName(name, s); if (g == null) { g = new ExperimenterGroup(); g.setName(name); g.setLdap(isLdap); if (perms == null) { perms = Permissions.USER_PRIVATE; // ticket:1434 } g.getDetails().setPermissions(perms); g = (ExperimenterGroup) s.merge(g); } else { if (strict) { throw new ValidationException("Group already exists: " + name); } } return g.getId(); }
public Object doInHibernate(Session session) throws HibernateException, SQLException { BasicEventContext c = cd.current(); boolean wasAdmin = c.isCurrentUserAdmin(); final Set<AdminPrivilege> oldAdminPrivileges = c.getAdminPrivileges(); ExperimenterGroup oldGroup = c.getGroup(); try { c.setAdmin(true); c.setAdminPrivileges(LightAdminPrivileges.getAllPrivileges()); if (group != null) { c.setGroup(group, group.getDetails().getPermissions()); } disable(MergeEventListener.MERGE_EVENT); enableReadFilter(session); action.runAsAdmin(); } finally { c.setAdmin(wasAdmin); c.setAdminPrivileges(oldAdminPrivileges); if (group != null) { c.setGroup(oldGroup, oldGroup.getDetails().getPermissions()); } enable(MergeEventListener.MERGE_EVENT); enableReadFilter(session); // Now as non-admin } return null; } });
ExperimenterGroup g = details.getGroup(); gid = g.getId(); perms = g.getDetails().getPermissions(); } catch (NullPointerException npe) { throw new SecurityViolation("isGraphCriticalCheck: not enough context");
callGroup = admin.groupProxy(groupId); eventGroup = callGroup; callPerms = callGroup.getDetails().getPermissions();