public UserComment createEntryComment(String userId, long partId, UserComment newComment) {
Entry entry = dao.get(partId);
if (entry == null) return null;
authorization.canRead(userId, entry);
Account account = accountController.getByEmail(userId);
Comment comment = new Comment();
comment.setAccount(account);
comment.setEntry(entry);
comment.setBody(newComment.getMessage());
comment.setCreationTime(new Date());
comment = commentDAO.create(comment);
if (newComment.getSamples() != null) {
SampleDAO sampleDAO = DAOFactory.getSampleDAO();
for (PartSample partSample : newComment.getSamples()) {
Sample sample = sampleDAO.get(partSample.getId());
if (sample == null) continue;
comment.getSamples().add(sample);
sample.getComments().add(comment);
}
}
comment = commentDAO.update(comment);
return comment.toDataTransferObject();
}
public PartData retrieveEntryTipDetails(String userId, String id) {
Entry entry = getEntry(id);
if (entry == null) return null;
if (!permissionsController.isPubliclyVisible(entry) && !authorization.canRead(userId, entry))
return null;
return ModelToInfoFactory.createTipView(entry);
}
public UserComment updateEntryComment(
String userId, long partId, long commentId, UserComment userComment) {
Entry entry = dao.get(partId);
if (entry == null) return null;
authorization.canRead(userId, entry);
Comment comment = commentDAO.get(commentId);
if (comment == null) return createEntryComment(userId, partId, userComment);
if (comment.getEntry().getId() != partId) return null;
if (userComment.getMessage() == null || userComment.getMessage().isEmpty()) return null;
comment.setBody(userComment.getMessage());
comment.setModificationTime(new Date());
return commentDAO.update(comment).toDataTransferObject();
}
public long updatePart(String userId, long partId, PartData part) {
Entry existing = dao.get(partId);
authorization.expectWrite(userId, existing);
Entry entry = InfoToModelFactory.updateEntryField(part, existing);
entry.getLinkedEntries().clear();
if (part.getLinkedParts() != null && part.getLinkedParts().size() > 0) {
for (PartData data : part.getLinkedParts()) {
Entry linked = dao.getByPartNumber(data.getPartId());
// check permissions on link
if (!authorization.canRead(userId, linked)) {
continue;
}
if (!canLink(entry, linked)) continue;
entry.getLinkedEntries().add(linked);
}
}
entry.setModificationTime(Calendar.getInstance().getTime());
if (entry.getVisibility() == Visibility.DRAFT.getValue()) {
List<EntryField> invalidFields = EntryUtil.validates(part);
if (invalidFields.isEmpty()) entry.setVisibility(Visibility.OK.getValue());
}
entry = dao.update(entry);
// check pi email
String piEmail = entry.getPrincipalInvestigatorEmail();
if (StringUtils.isNotEmpty(piEmail)) {
Account pi = DAOFactory.getAccountDAO().getByEmail(piEmail);
if (pi != null) {
// add write permission for the PI (method also checks to see if permission already exists)
AccessPermission accessPermission = new AccessPermission();
accessPermission.setArticle(AccessPermission.Article.ACCOUNT);
accessPermission.setArticleId(pi.getId());
accessPermission.setType(AccessPermission.Type.WRITE_ENTRY);
accessPermission.setTypeId(entry.getId());
permissionsController.addPermission(userId, accessPermission);
}
}
return entry.getId();
}
protected PartData retrieveEntryDetails(String userId, Entry entry) {
// user must be able to read if not public entry
if (!permissionsController.isPubliclyVisible(entry)) authorization.expectRead(userId, entry);
PartData partData = ModelToInfoFactory.getInfo(entry);
if (partData == null) return null;
boolean hasSequence = sequenceDAO.hasSequence(entry.getId());
partData.setHasSequence(hasSequence);
boolean hasOriginalSequence = sequenceDAO.hasOriginalSequence(entry.getId());
partData.setHasOriginalSequence(hasOriginalSequence);
// permissions
partData.setCanEdit(authorization.canWriteThoroughCheck(userId, entry));
partData.setPublicRead(permissionsController.isPubliclyVisible(entry));
// create audit event if not owner
// todo : remote access check
if (userId != null
&& authorization.getOwner(entry) != null
&& !authorization.getOwner(entry).equalsIgnoreCase(userId)) {
try {
Audit audit = new Audit();
audit.setAction(AuditType.READ.getAbbrev());
audit.setEntry(entry);
audit.setUserId(userId);
audit.setLocalUser(true);
audit.setTime(new Date(System.currentTimeMillis()));
auditDAO.create(audit);
} catch (Exception e) {
Logger.error(e);
}
}
// retrieve more information about linked entries if any (default only contains id)
if (partData.getLinkedParts() != null) {
ArrayList<PartData> newLinks = new ArrayList<>();
for (PartData link : partData.getLinkedParts()) {
Entry linkedEntry = dao.get(link.getId());
if (!authorization.canRead(userId, linkedEntry)) continue;
link = ModelToInfoFactory.createTipView(linkedEntry);
Sequence sequence = sequenceDAO.getByEntry(linkedEntry);
if (sequence != null) {
link.setBasePairCount(sequence.getSequence().length());
link.setFeatureCount(sequence.getSequenceFeatures().size());
}
newLinks.add(link);
}
partData.getLinkedParts().clear();
partData.getLinkedParts().addAll(newLinks);
}
// check if there is a parent available
List<Entry> parents = dao.getParents(entry.getId());
if (parents == null) return partData;
for (Entry parent : parents) {
if (!authorization.canRead(userId, parent)) continue;
if (parent.getVisibility() != Visibility.OK.getValue()
&& !authorization.canWriteThoroughCheck(userId, entry)) continue;
EntryType type = EntryType.nameToType(parent.getRecordType());
PartData parentData = new PartData(type);
parentData.setId(parent.getId());
parentData.setName(parent.getName());
parentData.setVisibility(Visibility.valueToEnum(parent.getVisibility()));
partData.getParents().add(parentData);
}
return partData;
}