@Override public String getConsolidatorToken(PerunSession sess) throws PerunException { Map<String, Object> value = new HashMap<String, Object>(); String actor = sess.getPerunPrincipal().getActor(); String extSourceName = sess.getPerunPrincipal().getExtSourceName(); String extSourceType = sess.getPerunPrincipal().getExtSourceType(); Integer extSourceLoa = sess.getPerunPrincipal().getExtSourceLoa(); User user = sess.getPerunPrincipal().getUser(); value.put("actor", actor); value.put("extSourceName", extSourceName); value.put("extSourceType", extSourceType); value.put("extSourceLoa", extSourceLoa); value.put("user", user); value.put("additionalInformation", sess.getPerunPrincipal().getAdditionalInformations()); // create token from actual properties String token = registrarManager.getMailManager().getMessageAuthenticationCode(System.currentTimeMillis() + actor + extSourceName + extSourceType + extSourceLoa); requestCache.putIfAbsent(token, value); return token; }
/** * Forcefully marks application as VERIFIED * (only if was in NEW state before) * * @param sess session info to use for modified_by * @param appId ID of application to verify. */ private void markApplicationVerified(PerunSession sess, int appId) { try { if (jdbc.update("update application set state=?, modified_at=" + Compatibility.getSysdate() + ", modified_by=? where id=? and state=?", AppState.VERIFIED.toString(), sess.getPerunPrincipal().getActor(), appId, AppState.NEW.toString()) > 0) { log.info("Application {} marked as VERIFIED", appId); } else { log.info("Application {} not marked VERIFIED, was not in state NEW", appId); } } catch (InternalErrorException ex) { log.error("Application {} NOT marked as VERIFIED due to error {}", appId, ex); } }
@Override public void deleteAuthorship(PerunSession sess, Authorship authorship) throws InternalErrorException, CabinetException, PrivilegeException { if (!AuthzResolver.isAuthorized(sess, Role.PERUNADMIN) && !authorship.getCreatedBy().equalsIgnoreCase(sess.getPerunPrincipal().getActor()) && !authorship.getUserId().equals(sess.getPerunPrincipal().getUser().getId()) && authorship.getCreatedByUid() != sess.getPerunPrincipal().getUserId()) { throw new PrivilegeException("You are not allowed to delete authorships you didn't created or which doesn't concern you."); } getAuthorshipManagerBl().deleteAuthorship(sess, authorship); }
@Override public void deleteThanks(PerunSession sess, Thanks thanks) throws InternalErrorException, CabinetException, PrivilegeException { if (!AuthzResolver.isAuthorized(sess, Role.PERUNADMIN) && (!thanks.getCreatedBy().equalsIgnoreCase(sess.getPerunPrincipal().getActor())) && (thanks.getCreatedByUid() !=(sess.getPerunPrincipal().getUserId()))) { throw new PrivilegeException("deleteThanks"); } getThanksManagerBl().deleteThanks(sess, thanks); }
@Override public void deletePublication(PerunSession sess, Publication publication) throws CabinetException, InternalErrorException, PrivilegeException { if (!AuthzResolver.isAuthorized(sess, Role.PERUNADMIN) && !publication.getCreatedBy().equalsIgnoreCase(sess.getPerunPrincipal().getActor()) && publication.getCreatedByUid() != sess.getPerunPrincipal().getUserId()) { // not perun admin or author of record throw new PrivilegeException("You are not allowed to delete publications you didn't created. If you wish, you can remove yourself from authors instead."); } getPublicationManagerBl().deletePublication(sess, publication); }
@Override public Authorship createAuthorship(PerunSession sess, Authorship authorship) throws InternalErrorException { try { // Set the new Authorship id int newId = Utils.getNewId(jdbc, "cabinet_authorships_id_seq"); jdbc.update("insert into cabinet_authorships (id, userId, publicationId, createdBy, createdDate, created_by_uid, modified_by_uid)" + " values (?,?,?,?," + Compatibility.getSysdate() + ",?,?)", newId, authorship.getUserId(), authorship.getPublicationId(), sess.getPerunPrincipal().getActor(), sess.getPerunPrincipal().getUserId(), sess.getPerunPrincipal().getUserId()); authorship.setId(newId); } catch (RuntimeException e) { throw new InternalErrorException(e); } return authorship; }
@Override public Thanks createThanks(PerunSession sess, Thanks thanks) throws InternalErrorException, CabinetException { try { // Set the new Thanks id int newId = Utils.getNewId(jdbc, "cabinet_thanks_id_seq"); jdbc.update("insert into cabinet_thanks (id, ownerId, publicationId, createdBy, createdDate, created_by_uid, modified_by_uid)" + " values (?,?,?,?,"+ Compatibility.getSysdate()+",?,?)", newId, thanks.getOwnerId(), thanks.getPublicationId(), sess.getPerunPrincipal().getActor(), sess.getPerunPrincipal().getUserId(), sess.getPerunPrincipal().getUserId()); thanks.setId(newId); } catch (RuntimeException e) { throw new InternalErrorException(e); } return thanks; }
@Override public List<Identity> checkForSimilarUsers(PerunSession sess, List<ApplicationFormItemData> formItems) throws PerunException { if (sess.getPerunPrincipal().getUser() != null || formItems == null) { return new ArrayList<Identity>(); } Set<RichUser> res = new HashSet<RichUser>(); List<String> attrNames = new ArrayList<String>(); attrNames.add("urn:perun:user:attribute-def:def:preferredMail"); attrNames.add("urn:perun:user:attribute-def:def:organization"); for (ApplicationFormItemData item : formItems) { String value = item.getValue(); if (item.getFormItem().getType().equals(ApplicationFormItem.Type.VALIDATED_EMAIL)) { // search by email if (value != null && !value.isEmpty()) res.addAll(perun.getUsersManager().findRichUsersWithAttributesByExactMatch(registrarSession, value, attrNames)); } if (Objects.equals(item.getFormItem().getPerunDestinationAttribute(), "urn:perun:user:attribute-def:core:displayName")) { // search by name if (value != null && !value.isEmpty()) res.addAll(perun.getUsersManager().findRichUsersWithAttributesByExactMatch(registrarSession, value, attrNames)); } } return convertToIdentities(new ArrayList<RichUser>(res)); }
@Override public Category createCategory(PerunSession sess, Category category) throws InternalErrorException, CabinetException { try { // Set the new Category id int newId = Utils.getNewId(jdbc, "cabinet_categories_id_seq"); jdbc.update("insert into cabinet_categories (id, name, rank, created_by_uid, modified_by_uid)" + " values (?,?,?,?,?)", newId, category.getName(), category.getRank(), sess.getPerunPrincipal().getUserId(), sess.getPerunPrincipal().getUserId()); category.setId(newId); } catch (RuntimeException e) { throw new InternalErrorException(e); } return category; }
@Override public Publication updatePublication(PerunSession sess, Publication publication) throws CabinetException, InternalErrorException, PrivilegeException { if (!AuthzResolver.isAuthorized(sess, Role.PERUNADMIN) && !publication.getCreatedBy().equalsIgnoreCase(sess.getPerunPrincipal().getActor()) && publication.getCreatedByUid() != sess.getPerunPrincipal().getUserId()) { // not perun admin or author of record try { getAuthorsByPublicationId(sess, publication.getId()); } catch (PrivilegeException ex) { throw new PrivilegeException("You are not allowed to update publications you didn't created."); } } return getPublicationManagerBl().updatePublication(sess, publication); }
@Override public List<Author> getAuthorsByPublicationId(PerunSession session, int id) throws InternalErrorException, PrivilegeException, CabinetException { List<Author> authors = getAuthorshipManagerBl().getAuthorsByPublicationId(id); boolean oneOfAuthors = false; for (Author author : authors) { if (author.getId() == session.getPerunPrincipal().getUserId()) { oneOfAuthors = true; break; } } if (AuthzResolver.isAuthorized(session, Role.PERUNADMIN)) oneOfAuthors = true; if (!oneOfAuthors) { // not author, but check if user created publication, then he can list current authors Publication publication = getPublicationManagerBl().getPublicationById(id); if ((publication.getCreatedByUid() != session.getPerunPrincipal().getUserId()) && !(Objects.equals(publication.getCreatedBy(), session.getPerunPrincipal().getActor()))) { throw new PrivilegeException("You are not allowed to see authors of publications you didn't created."); } } return authors; }
@Override public List<Application> getApplicationsForUser(PerunSession sess) { try { PerunPrincipal pp = sess.getPerunPrincipal(); if (pp.getUser() != null) { return jdbc.query(APP_SELECT + " where user_id=? or (a.created_by=? and extsourcename=?) order by a.id desc", APP_MAPPER, pp.getUserId(), pp.getActor(), pp.getExtSourceName()); } else { // sort by ID which respect latest applications return jdbc.query(APP_SELECT + " where a.created_by=? and extsourcename=? order by a.id desc", APP_MAPPER, pp.getActor(), pp.getExtSourceName()); } } catch (EmptyResultDataAccessException ex) { return new ArrayList<Application>(); } }
@Override public PublicationSystem createPublicationSystem(PerunSession session, PublicationSystem ps) throws InternalErrorException { try { // Set the new PS id int newId = Utils.getNewId(jdbc, "cabinet_pub_sys_id_seq"); jdbc.update("insert into cabinet_publication_systems (id, friendlyName, type, url, username, password, loginNamespace, created_by_uid, modified_by_uid)" + " values (?,?,?,?,?,?,?,?,?)", newId, ps.getFriendlyName(), ps.getType(), ps.getUrl(), ps.getUsername(), ps.getPassword(), ps.getLoginNamespace(), session.getPerunPrincipal().getUserId(), session.getPerunPrincipal().getUserId()); ps.setId(newId); } catch (RuntimeException e) { throw new InternalErrorException(e); } return ps; }
public void updateApplicationUser(PerunSession sess, Application app) throws InternalErrorException { jdbc.update("update application set user_id=?, modified_at=" + Compatibility.getSysdate() + ", modified_by=? where id=?", (app.getUser() != null) ? app.getUser().getId() : null, sess.getPerunPrincipal().getActor(), app.getId()); }
@Override public Publication createPublication(PerunSession sess, Publication publication) throws InternalErrorException { try { // Set the new Category id int newId = Utils.getNewId(jdbc, "cabinet_publications_id_seq"); jdbc.update("insert into cabinet_publications (id, externalId, publicationSystemId, title, year, main," + " isbn, categoryId, createdBy, createdDate, rank, doi, locked, created_by_uid, modified_by_uid)" + " values (?,?,?,?,?,?,?,?,?,"+ Compatibility.getSysdate()+",?,?,?,?,?)", newId, (publication.getExternalId() == 0) ? newId : publication.getExternalId(), publication.getPublicationSystemId(), publication.getTitle(), publication.getYear(), publication.getMain(), publication.getIsbn(), publication.getCategoryId(), sess.getPerunPrincipal().getActor(), publication.getRank(), publication.getDoi(), (publication.getLocked()) ? 1 : 0, sess.getPerunPrincipal().getUserId(), sess.getPerunPrincipal().getUserId()); publication.setId(newId); } catch (RuntimeException e) { throw new InternalErrorException(e); } return publication; }
@Override public Category updateCategory(PerunSession sess, Category category) throws InternalErrorException, CabinetException { try { int numAffected = jdbc.update("update cabinet_categories set name=?,rank=?,modified_by_uid=?" + " where id=?", category.getName(), category.getRank(), sess.getPerunPrincipal().getUserId(), category.getId()); if (numAffected == 0) throw new CabinetException(ErrorCodes.CATEGORY_NOT_EXISTS); if (numAffected > 1) throw new ConsistencyErrorException("There are multiple Categories with same id: " + category.getId()); } catch (RuntimeException err) { throw new InternalErrorException(err); } return category; }
@Override public Publication createPublication(PerunSession sess, Publication p) throws CabinetException, InternalErrorException { if (p.getCreatedDate() == null) p.setCreatedDate(new Date()); p.setCreatedByUid(sess.getPerunPrincipal().getUserId()); // check existence if (publicationExists(p)) { throw new CabinetException("Cannot create duplicate publication: "+p, ErrorCodes.PUBLICATION_ALREADY_EXISTS); } Publication createdPublication; if (p.getExternalId() == 0 && p.getPublicationSystemId() == 0) { // get internal pub. system PublicationSystem ps = getPublicationSystemManagerBl().getPublicationSystemByName("INTERNAL"); // There is only one internal system so, get(0) is safe p.setPublicationSystemId(ps.getId()); } stripLongParams(p); createdPublication = getPublicationManagerDao().createPublication(sess, p); log.debug("{} created.", createdPublication); return createdPublication; }
User user = session.getPerunPrincipal().getUser(); if (user == null) { throw new CantBeSubmittedException("This module can be set only for registration to Group.");
@Override public PublicationSystem updatePublicationSystem(PerunSession session, PublicationSystem ps) throws CabinetException, InternalErrorException { try { int numAffected = jdbc.update("update cabinet_publication_systems set friendlyName=?,type=?,url=?,loginNamespace=?,modified_by_uid=?" + " where id=?", ps.getFriendlyName(), ps.getType(), ps.getUrl(), ps.getLoginNamespace(), session.getPerunPrincipal().getUserId(), ps.getId()); if(numAffected == 0) throw new CabinetException(ErrorCodes.PUBLICATION_SYSTEM_NOT_EXISTS); if (numAffected > 1) throw new ConsistencyErrorException("There are multiple PS with same id: " + ps.getId()); } catch (RuntimeException err) { throw new InternalErrorException(err); } return ps; }
@Override public Authorship createAuthorship(PerunSession sess, Authorship authorship) throws CabinetException, InternalErrorException { if (authorshipExists(authorship)) throw new CabinetException(ErrorCodes.AUTHORSHIP_ALREADY_EXISTS); if (authorship.getCreatedDate() == null) { authorship.setCreatedDate(new Date()); } if (authorship.getCreatedByUid() == 0) { authorship.setCreatedByUid(sess.getPerunPrincipal().getUserId()); } try { getAuthorshipManagerDao().createAuthorship(sess, authorship); } catch (DataIntegrityViolationException e) { throw new CabinetException(ErrorCodes.USER_NOT_EXISTS, e); } log.debug("{} created.", authorship); synchronized (CabinetManagerBlImpl.class) { getCabinetManagerBl().updatePriorityCoefficient(sess, authorship.getUserId(), calculateNewRank(authorship.getUserId())); } synchronized (ThanksManagerBlImpl.class) { getCabinetManagerBl().setThanksAttribute(authorship.getUserId()); } // log perun.getAuditer().log(sess,new AuthorshipCreated(authorship)); return authorship; }