public void deleteDataset(Dataset dataset, org.hibernate.Session hibernateSession) { hibernateSession.delete(dataset); if (dataset.getFile() != null && dataset.getFile().getFileId() != null) { UUID fileId = dataset.getFile().getFileId(); @SuppressWarnings("unchecked") List<Dataset> fileDatasets = hibernateSession .createQuery("from Dataset where file=:file") .setParameter("file", dataset.getFile()) .list(); // don't care about the dataset that is being deleted // why do we still see it? fileDatasets.remove(dataset); // there isn't anymore anyone using this file and the file-broker // can delete it if (fileDatasets.isEmpty()) { // only for file-broker sessionResource.publish( SessionDb.FILES_TOPIC, new SessionEvent(sessionId, ResourceType.FILE, fileId, EventType.DELETE), hibernateSession); } } sessionResource.publish( sessionId.toString(), new SessionEvent(sessionId, ResourceType.DATASET, dataset.getDatasetId(), EventType.DELETE), hibernateSession); }
public void update(Dataset dataset, org.hibernate.Session hibernateSession) { hibernateSession.merge(dataset); sessionResource.publish( sessionId.toString(), new SessionEvent(sessionId, ResourceType.DATASET, dataset.getDatasetId(), EventType.UPDATE), hibernateSession); }
@DELETE @Path("{id}") @Transaction public Response delete(@PathParam("id") UUID datasetId, @Context SecurityContext sc) { // checks authorization Session session = sessionResource.getSessionForWriting(sc, sessionId); Dataset dataset = sessionResource.getHibernate().session().get(Dataset.class, datasetId); if (dataset == null || dataset.getSession().getSessionId() != session.getSessionId()) { throw new NotFoundException("dataset not found"); } deleteDataset(dataset, getHibernate().session()); return Response.noContent().build(); }
@GET @Produces(MediaType.APPLICATION_JSON) @Transaction public Response getAll(@Context SecurityContext sc) { Collection<Dataset> result = sessionResource.getSessionForReading(sc, sessionId).getDatasets().values(); // if nothing is found, just return 200 (OK) and an empty list return Response.ok(toJaxbList(result)).build(); }
public void create(Dataset dataset, org.hibernate.Session hibernateSession) { checkFileModification(dataset, hibernateSession); if (dataset.getFile() != null) { // why CascadeType.PERSIST isn't enough? hibernateSession.save(dataset.getFile()); } hibernateSession.save(dataset); sessionResource.publish( sessionId.toString(), new SessionEvent(sessionId, ResourceType.DATASET, dataset.getDatasetId(), EventType.CREATE), hibernateSession); }
// CRUD @GET @Path("{id}") @Produces(MediaType.APPLICATION_JSON) @Transaction public Response get(@PathParam("id") UUID datasetId, @Context SecurityContext sc) { // checks authorization Session session = sessionResource.getSessionForReading(sc, sessionId); Dataset result = getDataset(datasetId, getHibernate().session()); if (result == null || result.getSession().getSessionId() != session.getSessionId()) { throw new NotFoundException(); } return Response.ok(result).build(); }
@POST @Consumes(MediaType.APPLICATION_JSON) @Transaction public Response post(Dataset dataset, @Context UriInfo uriInfo, @Context SecurityContext sc) { if (dataset.getDatasetId() != null) { throw new BadRequestException("dataset already has an id, post not allowed"); } UUID id = RestUtils.createUUID(); dataset.setDatasetId(id); Session session = sessionResource.getSessionForWriting(sc, sessionId); // make sure a hostile client doesn't set the session dataset.setSession(session); create(dataset, getHibernate().session()); URI uri = uriInfo.getAbsolutePathBuilder().path(id.toString()).build(); return Response.created(uri).build(); }
@PUT @Path("{id}") @Consumes(MediaType.APPLICATION_JSON) @Transaction public Response put( Dataset requestDataset, @PathParam("id") UUID datasetId, @Context SecurityContext sc) { // override the url in json with the id in the url, in case a // malicious client has changed it requestDataset.setDatasetId(datasetId); /* * Checks that * - user has write authorization for the session * - the session contains this dataset */ Session session = sessionResource.getSessionForWriting(sc, sessionId); Dataset dbDataset = getHibernate().session().get(Dataset.class, datasetId); if (dbDataset == null || dbDataset.getSession().getSessionId() != session.getSessionId()) { throw new NotFoundException("dataset doesn't exist"); } if (!sc.isUserInRole(Role.FILE_BROKER)) { checkFileModification(requestDataset, getHibernate().session()); } if (requestDataset.getFile() == null || requestDataset.getFile().isEmpty()) { // if the client doesn't care about the File, simply keep the db version requestDataset.setFile(dbDataset.getFile()); } // make sure a hostile client doesn't set the session requestDataset.setSession(session); update(requestDataset, getHibernate().session()); return Response.noContent().build(); }
private HibernateUtil getHibernate() { return sessionResource.getHibernate(); }