public boolean deleteHistory(String userId, long entryId, long historyId) { Entry entry = dao.get(entryId); if (entry == null) return false; authorization.expectWrite(userId, entry); Audit audit = auditDAO.get(historyId); if (audit == null) return true; auditDAO.delete(audit); return true; }
public ArrayList<History> getHistory(String userId, long entryId) { Entry entry = dao.get(entryId); if (entry == null) return null; authorization.expectWrite(userId, entry); List<Audit> list = auditDAO.getAuditsForEntry(entry); ArrayList<History> result = new ArrayList<>(); for (Audit audit : list) { History history = audit.toDataTransferObject(); if (history.isLocalUser()) { history.setAccount( accountController.getByEmail(history.getUserId()).toDataTransferObject()); } result.add(history); } return result; }
protected PartData retrieveEntryDetails(String userId, Entry entry) { // user must be able to read if not public entry if (!permissionsController.isPubliclyVisible(entry)) authorization.expectRead(userId, entry); PartData partData = ModelToInfoFactory.getInfo(entry); if (partData == null) return null; boolean hasSequence = sequenceDAO.hasSequence(entry.getId()); partData.setHasSequence(hasSequence); boolean hasOriginalSequence = sequenceDAO.hasOriginalSequence(entry.getId()); partData.setHasOriginalSequence(hasOriginalSequence); // permissions partData.setCanEdit(authorization.canWriteThoroughCheck(userId, entry)); partData.setPublicRead(permissionsController.isPubliclyVisible(entry)); // create audit event if not owner // todo : remote access check if (userId != null && authorization.getOwner(entry) != null && !authorization.getOwner(entry).equalsIgnoreCase(userId)) { try { Audit audit = new Audit(); audit.setAction(AuditType.READ.getAbbrev()); audit.setEntry(entry); audit.setUserId(userId); audit.setLocalUser(true); audit.setTime(new Date(System.currentTimeMillis())); auditDAO.create(audit); } catch (Exception e) { Logger.error(e); } } // retrieve more information about linked entries if any (default only contains id) if (partData.getLinkedParts() != null) { ArrayList<PartData> newLinks = new ArrayList<>(); for (PartData link : partData.getLinkedParts()) { Entry linkedEntry = dao.get(link.getId()); if (!authorization.canRead(userId, linkedEntry)) continue; link = ModelToInfoFactory.createTipView(linkedEntry); Sequence sequence = sequenceDAO.getByEntry(linkedEntry); if (sequence != null) { link.setBasePairCount(sequence.getSequence().length()); link.setFeatureCount(sequence.getSequenceFeatures().size()); } newLinks.add(link); } partData.getLinkedParts().clear(); partData.getLinkedParts().addAll(newLinks); } // check if there is a parent available List<Entry> parents = dao.getParents(entry.getId()); if (parents == null) return partData; for (Entry parent : parents) { if (!authorization.canRead(userId, parent)) continue; if (parent.getVisibility() != Visibility.OK.getValue() && !authorization.canWriteThoroughCheck(userId, entry)) continue; EntryType type = EntryType.nameToType(parent.getRecordType()); PartData parentData = new PartData(type); parentData.setId(parent.getId()); parentData.setName(parent.getName()); parentData.setVisibility(Visibility.valueToEnum(parent.getVisibility())); partData.getParents().add(parentData); } return partData; }