protected void adminFlush() { getSecuritySystem().runAsAdmin(new AdminAction() { public void runAsAdmin() { iUpdate.flush(); } }); }
public void runAsAdmin(ExperimenterGroup group, AdminAction action) { choose().runAsAdmin(group, action); }
public void runAsAdmin(AdminAction action) { choose().runAsAdmin(action); }
/** * Uses the locally defined query to load an {@link Image} and calls * {@link #collect(UnloadedCollector, Image)} in order to define a list of * what will be deleted. * * This method fulfills the {@link #previewImageDelete(long, boolean)} * contract and as such is used by {@link #deleteImage(long, boolean)} in * order to fulfill its contract. */ protected void getImageAndCount(final Image[] images, final long id, final UnloadedCollector delete) { sec.runAsAdmin(new AdminAction() { public void runAsAdmin() { images[0] = iQuery.findByQuery(IMAGE_QUERY, new Parameters() .addId(id)); if (images[0] == null) { throw new ApiUsageException("Cannot find image: " + id); } collect(delete, images[0]); } }); }
throw new IllegalArgumentException("Unexpected null e-mail."); sec.runAsAdmin(new AdminAction() { public void runAsAdmin() { Experimenter e = iQuery.findByString(Experimenter.class,
@RolesAllowed("user") public List<IObject> checkImageDelete(final long id, final boolean force) { final QueryConstraints constraints = new QueryConstraints(admin, iQuery, id, force); sec.runAsAdmin(constraints); return constraints.getResults(); }
@Transactional(readOnly = false) public Object doWork(final Session session, final ServiceFactory sf) { final ome.model.jobs.ParseJob parseJob = sf.getQueryService().get( ome.model.jobs.ParseJob.class, job.getId().getValue()); secSys.runAsAdmin(new AdminAction(){ public void runAsAdmin() { session.delete(parseJob); session.flush(); }}); return null; } });
/** * Saves an object as admin. * * Due to the disabling of the MergeEventListener, it is necessary to * jump through several hoops to get non-admin saving of system types * to work properly. */ private void reallySafeSave(final IObject obj) { final Session session = osf.getSession(); sec.doAction(new SecureMerge(session), obj); sec.runAsAdmin(new AdminAction(){ public void runAsAdmin() { session.flush(); }}); }
@Transactional(readOnly = false) public Object doWork(final Session session, final ServiceFactory sf) { ome.model.jobs.ParseJob parseJob = sf.getQueryService().get( ome.model.jobs.ParseJob.class, job.getId().getValue()); parseJob.setParams(data); secSys.runAsAdmin(new AdminAction(){ public void runAsAdmin() { session.flush(); }}); return null; } });
@RolesAllowed("user") @Transactional(readOnly = false) public void deleteGroup(ExperimenterGroup group) { adminOrPiOfGroups(adminPrivileges.getPrivilege(AdminPrivilege.VALUE_MODIFY_GROUP), group); final ExperimenterGroup g = groupProxy(group.getId()); getSecuritySystem().runAsAdmin(new AdminAction() { public void runAsAdmin() { iUpdate.deleteObject(g); } }); getBeanHelper().getLogger().info("Deleted group: " + g.getName()); }
ss.runAsAdmin(new AdminAction() { public void runAsAdmin() { List<SessionAnnotationLink> links = sf
@RolesAllowed("user") @Transactional(readOnly = false) public CommentAnnotation addComment(final long shareId, @NotNull final String commentText) { getShareIfAccessible(shareId); ExperimenterGroup group = iQuery.get(Share.class, shareId).getGroup(); final CommentAnnotation[] rv = new CommentAnnotation[1]; sec.runAsAdmin(group, new AdminAction(){ public void runAsAdmin() { final Share share = iQuery.get(Share.class, shareId); CommentAnnotation comment = new CommentAnnotation(); comment.setTextValue(commentText); comment.setNs(NS_COMMENT); share.linkAnnotation(comment); iUpdate.flush(); rv[0] = iQuery.get(CommentAnnotation.class, comment.getId()); }}); return rv[0]; }
@RolesAllowed("user") public void deleteSettings(final long imageId) { Image i = iQuery.get(Image.class, imageId); throwSecurityViolationIfNotAllowed(i); final Session session = sf.getSession(); sec.runAsAdmin(new AdminAction() { public void runAsAdmin() { List<Object[]> rdefs = iQuery.projection( SETTINGSID_QUERY, new Parameters().addId(imageId)); for (Object[] rv: rdefs) { Long rid = (Long) rv[0]; Long qid = (Long) rv[1]; Query q = session.createQuery("delete ChannelBinding cb where cb.renderingDef.id = :rid"); q.setParameter("rid", rid); q.executeUpdate(); q = session.createQuery("delete RenderingDef r where r.id = :rid"); q.setParameter("rid", rid); q.executeUpdate(); q = session.createQuery("delete QuantumDef q where q.id = :qid"); q.setParameter("qid", qid); q.executeUpdate(); } } }); }
@RolesAllowed("user") @Transactional(readOnly = false) public void deleteExperimenter(Experimenter user) { adminOrPiOfUser(user); final Experimenter e = userProxy(user.getId()); int count = sql.removePassword(e.getId()); if (count == 0) { getBeanHelper().getLogger().info( "No password found for user " + e.getOmeName() + ". Cannot delete."); } getSecuritySystem().runAsAdmin(new AdminAction() { public void runAsAdmin() { iUpdate.deleteObject(e); } }); getBeanHelper().getLogger().info("Deleted user: " + e.getOmeName()); }
@RolesAllowed("user") public void deleteChannels(final long imageId) { Image i = iQuery.get(Image.class, imageId); throwSecurityViolationIfNotAllowed(i); final Session session = sf.getSession(); sec.runAsAdmin(new AdminAction() { public void runAsAdmin() { List<Object[]> channels = iQuery.projection( CHANNELID_QUERY, new Parameters().addId(imageId)); for (Object[] rv: channels) { Long chid = (Long) rv[0]; Long siid = (Long) rv[1]; Long lcid = (Long) rv[2]; execute(session, chid, "delete Channel ch where ch.id = :id"); execute(session, siid, "delete StatsInfo si where si.id = :id"); List<Object[]> remainingChannels = iQuery.projection( "select ch.id from LogicalChannel lc join lc.channels ch " + "where lc.id = :id", new Parameters().addId(lcid)); if (remainingChannels.size() == 0) { execute(session, lcid, "delete LogicalChannel lc where lc.id = :id"); } } } }); }
getSecuritySystem().runAsAdmin(new AdminAction() { public void runAsAdmin() { iUpdate.flush();
@RolesAllowed("user") @Transactional(readOnly = false) public void updateSelf(@NotNull Experimenter e) { EventContext ec = getSecuritySystem().getEventContext(); final Experimenter self = getExperimenter(ec.getCurrentUserId()); self.setFirstName(e.getFirstName()); self.setMiddleName(e.getMiddleName()); self.setLastName(e.getLastName()); self.setEmail(e.getEmail()); self.setInstitution(e.getInstitution()); getSecuritySystem().runAsAdmin(new AdminAction() { public void runAsAdmin() { iUpdate.flush(); } }); getBeanHelper().getLogger().info( "Updated own user info: " + self.getOmeName()); }
sec.runAsAdmin(new AdminAction(){ public void runAsAdmin() { iQuery.execute(new HibernateCallback<Object>() {
protected Session updateSession() { Session s = helper.getServiceFactory().getQueryService() .findByQuery("select s from Session s where s.uuid = :uuid", new Parameters().addString("uuid", session)); if (s == null) { // we assume that if the session is visible, then // the current user should be able to edit it. throw helper.cancel(new ERR(), null, "no-session"); } boolean isAdmin = current.getCurrentEventContext().isCurrentUserAdmin(); updated |= updateField(s, Session.TIMETOLIVE, timeToLive, isAdmin); updated |= updateField(s, Session.TIMETOIDLE, timeToIdle, isAdmin); if (updated) { security.runAsAdmin(new AdminAction(){ @Override public void runAsAdmin() { update.flush(); }}); return s; } else { throw helper.cancel(new ERR(), null, "no-update-performed", "session", session); } }
session.clear(); sec.runAsAdmin(new AdminAction() { public void runAsAdmin() { clearRois(session, i);