Example #1
0
  public boolean deleteHistory(String userId, long entryId, long historyId) {
    Entry entry = dao.get(entryId);
    if (entry == null) return false;

    authorization.expectWrite(userId, entry);
    Audit audit = auditDAO.get(historyId);
    if (audit == null) return true;

    auditDAO.delete(audit);
    return true;
  }
Example #2
0
  public ArrayList<History> getHistory(String userId, long entryId) {
    Entry entry = dao.get(entryId);
    if (entry == null) return null;

    authorization.expectWrite(userId, entry);
    List<Audit> list = auditDAO.getAuditsForEntry(entry);
    ArrayList<History> result = new ArrayList<>();
    for (Audit audit : list) {
      History history = audit.toDataTransferObject();
      if (history.isLocalUser()) {
        history.setAccount(
            accountController.getByEmail(history.getUserId()).toDataTransferObject());
      }
      result.add(history);
    }
    return result;
  }
Example #3
0
  protected PartData retrieveEntryDetails(String userId, Entry entry) {
    // user must be able to read if not public entry
    if (!permissionsController.isPubliclyVisible(entry)) authorization.expectRead(userId, entry);

    PartData partData = ModelToInfoFactory.getInfo(entry);
    if (partData == null) return null;
    boolean hasSequence = sequenceDAO.hasSequence(entry.getId());

    partData.setHasSequence(hasSequence);
    boolean hasOriginalSequence = sequenceDAO.hasOriginalSequence(entry.getId());
    partData.setHasOriginalSequence(hasOriginalSequence);

    // permissions
    partData.setCanEdit(authorization.canWriteThoroughCheck(userId, entry));
    partData.setPublicRead(permissionsController.isPubliclyVisible(entry));

    // create audit event if not owner
    // todo : remote access check
    if (userId != null
        && authorization.getOwner(entry) != null
        && !authorization.getOwner(entry).equalsIgnoreCase(userId)) {
      try {
        Audit audit = new Audit();
        audit.setAction(AuditType.READ.getAbbrev());
        audit.setEntry(entry);
        audit.setUserId(userId);
        audit.setLocalUser(true);
        audit.setTime(new Date(System.currentTimeMillis()));
        auditDAO.create(audit);
      } catch (Exception e) {
        Logger.error(e);
      }
    }

    // retrieve more information about linked entries if any (default only contains id)
    if (partData.getLinkedParts() != null) {
      ArrayList<PartData> newLinks = new ArrayList<>();
      for (PartData link : partData.getLinkedParts()) {
        Entry linkedEntry = dao.get(link.getId());
        if (!authorization.canRead(userId, linkedEntry)) continue;

        link = ModelToInfoFactory.createTipView(linkedEntry);
        Sequence sequence = sequenceDAO.getByEntry(linkedEntry);
        if (sequence != null) {
          link.setBasePairCount(sequence.getSequence().length());
          link.setFeatureCount(sequence.getSequenceFeatures().size());
        }

        newLinks.add(link);
      }
      partData.getLinkedParts().clear();
      partData.getLinkedParts().addAll(newLinks);
    }

    // check if there is a parent available
    List<Entry> parents = dao.getParents(entry.getId());
    if (parents == null) return partData;

    for (Entry parent : parents) {
      if (!authorization.canRead(userId, parent)) continue;

      if (parent.getVisibility() != Visibility.OK.getValue()
          && !authorization.canWriteThoroughCheck(userId, entry)) continue;

      EntryType type = EntryType.nameToType(parent.getRecordType());
      PartData parentData = new PartData(type);
      parentData.setId(parent.getId());
      parentData.setName(parent.getName());
      parentData.setVisibility(Visibility.valueToEnum(parent.getVisibility()));
      partData.getParents().add(parentData);
    }

    return partData;
  }