Mercurial > hg > LGDataverses

comparison src/main/java/edu/harvard/iq/dataverse/DataverseRoleServiceBean.java @ 10:a50cf11e5178

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Rewrite LGDataverse completely upgrading to dataverse4.0
author Zoe Hong <zhong@mpiwg-berlin.mpg.de>
date Tue, 08 Sep 2015 17:00:21 +0200
parents
children
comparison
equal deleted inserted replaced
9:5926d6419569 10:a50cf11e5178
1 package edu.harvard.iq.dataverse;
2
3 import edu.harvard.iq.dataverse.authorization.DataverseRole;
4 import edu.harvard.iq.dataverse.authorization.RoleAssignee;
5 import edu.harvard.iq.dataverse.authorization.users.User;
6 import edu.harvard.iq.dataverse.authorization.RoleAssignmentSet;
7 import edu.harvard.iq.dataverse.search.IndexResponse;
8 import edu.harvard.iq.dataverse.search.SolrIndexServiceBean;
9 import java.util.HashSet;
10 import java.util.List;
11 import java.util.Set;
12 import java.util.logging.Logger;
13 import javax.ejb.EJB;
14 import javax.ejb.Stateless;
15 import javax.inject.Named;
16 import javax.persistence.EntityManager;
17 import javax.persistence.PersistenceContext;
18 import javax.persistence.TypedQuery;
19
20 /**
21 *
22 * @author michael
23 */
24 @Stateless
25 @Named
26 public class DataverseRoleServiceBean implements java.io.Serializable {
27
28 private static final Logger logger = Logger.getLogger(IndexServiceBean.class.getCanonicalName());
29
30 @PersistenceContext(unitName = "VDCNet-ejbPU")
31 private EntityManager em;
32
33 @EJB RoleAssigneeServiceBean roleAssigneeService;
34 @EJB IndexServiceBean indexService;
35 @EJB SolrIndexServiceBean solrIndexService;
36
37 public DataverseRole save( DataverseRole aRole ) {
38 if ( aRole.getId() == null ) {
39 em.persist(aRole);
40 /**
41 * @todo Why would getId be null? Should we call
42 * indexDefinitionPoint here too?
43 * A: it's null for new roles.
44 */
45 return aRole;
46 } else {
47 DataverseRole merged = em.merge(aRole);
48 /**
49 * @todo update permissionModificationTime here.
50 */
51 IndexResponse indexDefinitionPountResult = indexDefinitionPoint(merged.getOwner());
52 logger.info("aRole getId was not null. Indexing result: " + indexDefinitionPountResult);
53 return merged;
54 }
55 }
56
57 public RoleAssignment save( RoleAssignment assignment ) {
58 if ( assignment.getId() == null ) {
59 em.persist(assignment);
60 em.flush();
61 } else {
62 assignment = em.merge( assignment );
63 }
64 /**
65 * @todo update permissionModificationTime here.
66 */
67 IndexResponse indexDefinitionPountResult = indexDefinitionPoint(assignment.getDefinitionPoint());
68 logger.fine("output from indexing operations: " + indexDefinitionPountResult);
69 return assignment;
70 }
71
72 private IndexResponse indexDefinitionPoint(DvObject definitionPoint) {
73 /**
74 * @todo Do something with the index response. Was Solr down? Is
75 * everything ok?
76 */
77 IndexResponse indexResponse = solrIndexService.indexPermissionsOnSelfAndChildren(definitionPoint);
78 return indexResponse;
79 }
80
81 public DataverseRole find( Long id ) {
82 return em.find( DataverseRole.class, id );
83 }
84
85 public List<DataverseRole> findAll() {
86 return em.createNamedQuery("DataverseRole.listAll", DataverseRole.class).getResultList();
87 }
88
89 public void delete( Long id ) {
90 em.createNamedQuery("DataverseRole.deleteById", DataverseRole.class)
91 .setParameter("id", id)
92 .executeUpdate();
93 }
94
95 public List<DataverseRole> findByOwnerId( Long ownerId ) {
96 return em.createNamedQuery("DataverseRole.findByOwnerId", DataverseRole.class)
97 .setParameter("ownerId", ownerId)
98 .getResultList();
99 }
100
101
102 public List<DataverseRole> findBuiltinRoles() {
103 return em.createNamedQuery("DataverseRole.findBuiltinRoles", DataverseRole.class)
104 .getResultList();
105 }
106
107
108 public DataverseRole findBuiltinRoleByAlias(String alias) {
109 return em.createNamedQuery("DataverseRole.findBuiltinRoleByAlias", DataverseRole.class)
110 .setParameter("alias", alias)
111 .getSingleResult();
112 }
113
114 public void revoke( Set<DataverseRole> roles, RoleAssignee assignee, DvObject defPoint ) {
115 for ( DataverseRole role : roles ) {
116 em.createNamedQuery("RoleAssignment.deleteByAssigneeIdentifier_RoleIdDefinition_PointId")
117 .setParameter("assigneeIdentifier", assignee.getIdentifier())
118 .setParameter("roleId", role.getId())
119 .setParameter("definitionPointId", defPoint.getId())
120 .executeUpdate();
121 em.refresh(role);
122 }
123 em.refresh(assignee);
124 }
125
126 public void revoke( RoleAssignment ra ) {
127 if ( ! em.contains(ra) ) {
128 ra = em.merge(ra);
129 }
130 em.remove(ra);
131 /**
132 * @todo update permissionModificationTime here.
133 */
134 IndexResponse indexDefinitionPointResult = indexDefinitionPoint(ra.getDefinitionPoint());
135 logger.fine("indexing operation results: " + indexDefinitionPointResult);
136 }
137
138 public RoleAssignmentSet roleAssignments( User user, Dataverse dv ) {
139 RoleAssignmentSet retVal = new RoleAssignmentSet(user);
140 while ( dv != null ) {
141 retVal.add( directRoleAssignments(user, dv) );
142 if ( dv.isPermissionRoot() ) break;
143 dv = dv.getOwner();
144 }
145 return retVal;
146 }
147
148 public List<RoleAssignment> roleAssignments( Long roleId ) {
149 return em.createNamedQuery("RoleAssignment.listByRoleId", RoleAssignment.class)
150 .setParameter("roleId", roleId)
151 .getResultList();
152 }
153
154 public RoleAssignmentSet assignmentsFor( final User u, final DvObject d ) {
155 return d.accept( new DvObject.Visitor<RoleAssignmentSet>() {
156
157 @Override
158 public RoleAssignmentSet visit(Dataverse dv) {
159 return roleAssignments(u, dv);
160 }
161
162 @Override
163 public RoleAssignmentSet visit(Dataset ds) {
164 RoleAssignmentSet asgn = ds.getOwner().accept(this);
165 asgn.add( directRoleAssignments(u, ds) );
166 return asgn;
167 }
168
169 @Override
170 public RoleAssignmentSet visit(DataFile df) {
171 RoleAssignmentSet asgn = df.getOwner().accept(this);
172 asgn.add( directRoleAssignments(u, df) );
173 return asgn;
174 }
175 });
176 }
177
178 public Set<RoleAssignment> rolesAssignments( DvObject dv ) {
179 Set<RoleAssignment> ras = new HashSet<>();
180 while ( !dv.isEffectivelyPermissionRoot() ) {
181 ras.addAll( em.createNamedQuery("RoleAssignment.listByDefinitionPointId", RoleAssignment.class)
182 .setParameter("definitionPointId", dv.getId() ).getResultList() );
183 dv = dv.getOwner();
184 }
185
186 ras.addAll( em.createNamedQuery("RoleAssignment.listByDefinitionPointId", RoleAssignment.class)
187 .setParameter("definitionPointId", dv.getId() ).getResultList() );
188
189 return ras;
190 }
191
192 /**
193 * Retrieves the roles assignments for {@code user}, directly on {@code dv}.
194 * No traversal on the containment hierarchy is done.
195 * @param roas the user whose roles are given
196 * @param dvo the object where the roles are defined.
197 * @return Set of roles defined for the user in the given dataverse.
198 * @see #roleAssignments(edu.harvard.iq.dataverse.DataverseUser, edu.harvard.iq.dataverse.Dataverse)
199 */
200 public List<RoleAssignment> directRoleAssignments( RoleAssignee roas, DvObject dvo ) {
201 if ( roas==null ) throw new IllegalArgumentException("RoleAssignee cannot be null");
202 TypedQuery<RoleAssignment> query = em.createNamedQuery(
203 "RoleAssignment.listByAssigneeIdentifier_DefinitionPointId",
204 RoleAssignment.class);
205 query.setParameter("assigneeIdentifier", roas.getIdentifier());
206 query.setParameter("definitionPointId", dvo.getId());
207 return query.getResultList();
208 }
209
210 /**
211 * Retrieves the roles assignments for {@code user}, directly on {@code dv}.
212 * No traversal on the containment hierarchy is done.
213 * @param dvo the object where the roles are defined.
214 * @return Set of roles defined for the user in the given dataverse.
215 * @see #roleAssignments(edu.harvard.iq.dataverse.DataverseUser, edu.harvard.iq.dataverse.Dataverse)
216 */
217 public List<RoleAssignment> directRoleAssignments( DvObject dvo ) {
218 TypedQuery<RoleAssignment> query = em.createNamedQuery(
219 "RoleAssignment.listByDefinitionPointId",
220 RoleAssignment.class);
221 query.setParameter("definitionPointId", dvo.getId());
222 return query.getResultList();
223 }
224
225 /**
226 * Get all the available roles in a given dataverse, mapped by the
227 * dataverse that defines them. Map entries are ordered by reversed hierarchy
228 * (root is always last).
229 * @param dvId The id of dataverse whose available roles we query
230 * @return map of available roles.
231 */
232 public Set<DataverseRole> availableRoles( Long dvId ) {
233 Dataverse dv = em.find(Dataverse.class, dvId);
234 Set<DataverseRole> roles = dv.getRoles();
235 roles.addAll(findBuiltinRoles());
236
237 while ( !dv.isEffectivelyPermissionRoot() ) {
238 dv = dv.getOwner();
239 roles.addAll( dv.getRoles() );
240 }
241
242 return roles;
243 }
244 }