Exemple #1
0
  public UserComment createEntryComment(String userId, long partId, UserComment newComment) {
    Entry entry = dao.get(partId);
    if (entry == null) return null;

    authorization.canRead(userId, entry);
    Account account = accountController.getByEmail(userId);
    Comment comment = new Comment();
    comment.setAccount(account);
    comment.setEntry(entry);
    comment.setBody(newComment.getMessage());
    comment.setCreationTime(new Date());
    comment = commentDAO.create(comment);

    if (newComment.getSamples() != null) {
      SampleDAO sampleDAO = DAOFactory.getSampleDAO();
      for (PartSample partSample : newComment.getSamples()) {
        Sample sample = sampleDAO.get(partSample.getId());
        if (sample == null) continue;
        comment.getSamples().add(sample);
        sample.getComments().add(comment);
      }
    }

    comment = commentDAO.update(comment);
    return comment.toDataTransferObject();
  }
Exemple #2
0
  public PartData retrieveEntryTipDetails(String userId, String id) {
    Entry entry = getEntry(id);
    if (entry == null) return null;

    if (!permissionsController.isPubliclyVisible(entry) && !authorization.canRead(userId, entry))
      return null;

    return ModelToInfoFactory.createTipView(entry);
  }
Exemple #3
0
  public UserComment updateEntryComment(
      String userId, long partId, long commentId, UserComment userComment) {
    Entry entry = dao.get(partId);
    if (entry == null) return null;

    authorization.canRead(userId, entry);
    Comment comment = commentDAO.get(commentId);
    if (comment == null) return createEntryComment(userId, partId, userComment);

    if (comment.getEntry().getId() != partId) return null;

    if (userComment.getMessage() == null || userComment.getMessage().isEmpty()) return null;

    comment.setBody(userComment.getMessage());
    comment.setModificationTime(new Date());
    return commentDAO.update(comment).toDataTransferObject();
  }
Exemple #4
0
  public long updatePart(String userId, long partId, PartData part) {
    Entry existing = dao.get(partId);
    authorization.expectWrite(userId, existing);

    Entry entry = InfoToModelFactory.updateEntryField(part, existing);
    entry.getLinkedEntries().clear();
    if (part.getLinkedParts() != null && part.getLinkedParts().size() > 0) {
      for (PartData data : part.getLinkedParts()) {
        Entry linked = dao.getByPartNumber(data.getPartId());

        // check permissions on link
        if (!authorization.canRead(userId, linked)) {
          continue;
        }

        if (!canLink(entry, linked)) continue;

        entry.getLinkedEntries().add(linked);
      }
    }

    entry.setModificationTime(Calendar.getInstance().getTime());
    if (entry.getVisibility() == Visibility.DRAFT.getValue()) {
      List<EntryField> invalidFields = EntryUtil.validates(part);
      if (invalidFields.isEmpty()) entry.setVisibility(Visibility.OK.getValue());
    }
    entry = dao.update(entry);

    // check pi email
    String piEmail = entry.getPrincipalInvestigatorEmail();
    if (StringUtils.isNotEmpty(piEmail)) {
      Account pi = DAOFactory.getAccountDAO().getByEmail(piEmail);
      if (pi != null) {
        // add write permission for the PI (method also checks to see if permission already exists)
        AccessPermission accessPermission = new AccessPermission();
        accessPermission.setArticle(AccessPermission.Article.ACCOUNT);
        accessPermission.setArticleId(pi.getId());
        accessPermission.setType(AccessPermission.Type.WRITE_ENTRY);
        accessPermission.setTypeId(entry.getId());
        permissionsController.addPermission(userId, accessPermission);
      }
    }

    return entry.getId();
  }
Exemple #5
0
  protected PartData retrieveEntryDetails(String userId, Entry entry) {
    // user must be able to read if not public entry
    if (!permissionsController.isPubliclyVisible(entry)) authorization.expectRead(userId, entry);

    PartData partData = ModelToInfoFactory.getInfo(entry);
    if (partData == null) return null;
    boolean hasSequence = sequenceDAO.hasSequence(entry.getId());

    partData.setHasSequence(hasSequence);
    boolean hasOriginalSequence = sequenceDAO.hasOriginalSequence(entry.getId());
    partData.setHasOriginalSequence(hasOriginalSequence);

    // permissions
    partData.setCanEdit(authorization.canWriteThoroughCheck(userId, entry));
    partData.setPublicRead(permissionsController.isPubliclyVisible(entry));

    // create audit event if not owner
    // todo : remote access check
    if (userId != null
        && authorization.getOwner(entry) != null
        && !authorization.getOwner(entry).equalsIgnoreCase(userId)) {
      try {
        Audit audit = new Audit();
        audit.setAction(AuditType.READ.getAbbrev());
        audit.setEntry(entry);
        audit.setUserId(userId);
        audit.setLocalUser(true);
        audit.setTime(new Date(System.currentTimeMillis()));
        auditDAO.create(audit);
      } catch (Exception e) {
        Logger.error(e);
      }
    }

    // retrieve more information about linked entries if any (default only contains id)
    if (partData.getLinkedParts() != null) {
      ArrayList<PartData> newLinks = new ArrayList<>();
      for (PartData link : partData.getLinkedParts()) {
        Entry linkedEntry = dao.get(link.getId());
        if (!authorization.canRead(userId, linkedEntry)) continue;

        link = ModelToInfoFactory.createTipView(linkedEntry);
        Sequence sequence = sequenceDAO.getByEntry(linkedEntry);
        if (sequence != null) {
          link.setBasePairCount(sequence.getSequence().length());
          link.setFeatureCount(sequence.getSequenceFeatures().size());
        }

        newLinks.add(link);
      }
      partData.getLinkedParts().clear();
      partData.getLinkedParts().addAll(newLinks);
    }

    // check if there is a parent available
    List<Entry> parents = dao.getParents(entry.getId());
    if (parents == null) return partData;

    for (Entry parent : parents) {
      if (!authorization.canRead(userId, parent)) continue;

      if (parent.getVisibility() != Visibility.OK.getValue()
          && !authorization.canWriteThoroughCheck(userId, entry)) continue;

      EntryType type = EntryType.nameToType(parent.getRecordType());
      PartData parentData = new PartData(type);
      parentData.setId(parent.getId());
      parentData.setName(parent.getName());
      parentData.setVisibility(Visibility.valueToEnum(parent.getVisibility()));
      partData.getParents().add(parentData);
    }

    return partData;
  }