private Job secureSave(Job job) { job = sec.doAction(new SecureAction() { public <T extends IObject> T updateObject(T... objs) { T result = iUpdate.saveAndReturnObject(objs[0]); iUpdate.flush(); // was commit return result; } }, job); return job; }
private void secureFlush(final IObject copy) { getSecuritySystem().doAction(new SecureAction(){ public <T extends IObject> T updateObject(T... objs) { iUpdate.flush(); return null; }}, copy); }
public <T extends IObject> T doAction(SecureAction action, T... objs) { return choose().doAction(action, objs); }
protected void storeShareData(long shareId, ShareData data) { // This should reload the object already in the first-cache Share share = iQuery.get(Share.class, shareId); this.sec.doAction(new SecureStore(data), share); adminFlush(); }
/** * Saves an object as admin. * * Due to the disabling of the MergeEventListener, it is necessary to * jump through several hoops to get non-admin saving of system types * to work properly. */ private void reallySafeSave(final IObject obj) { final Session session = osf.getSession(); sec.doAction(new SecureMerge(session), obj); sec.runAsAdmin(new AdminAction(){ public void runAsAdmin() { session.flush(); }}); }
/** * */ public void startProcess(final ServiceFactory sf, final long jobId) { Process p = null; for (Processor proc : processors) { p = proc.process(jobId); // Take first processor if (p != null) { break; } } if (p == null) { if (log.isWarnEnabled()) { log.warn("No processor found for job:" + jobId); } Job job = job(sf, jobId); job.setStatus(getWaitingStatus(sf)); job.setMessage("No processor found for job."); sec.doAction(new SecureAction() { public <T extends IObject> T updateObject(T... objs) { return sf.getUpdateService().saveAndReturnObject( objs[0]); } }, job); } else { procMap.put(jobId, p); } }
public void setGroupOwner(Experimenter user, ExperimenterGroup group, boolean value) { Session session = sf.getSession(); Experimenter foundUser = userById(user.getId(), session); ExperimenterGroup foundGroup = groupById(group.getId(), session); Set<GroupExperimenterMap> foundMaps = foundUser .findGroupExperimenterMap(foundGroup); if (foundMaps.size() < 1) { throw new ApiUsageException("Group " + group.getId() + " was not " + "found for user " + user.getId()); } else if (foundMaps.size() > 1) { log.warn(foundMaps.size() + " copies of " + foundGroup + " found for " + foundUser); } else { // May throw an exception GroupExperimenterMap newDef = foundMaps.iterator().next(); log.info(String.format("Seeting ownership flag on user %s to %s for %s", foundUser.getId(), value, group.getId())); newDef.setOwner(value); sec.doAction(new SecureMerge(session), newDef); } }
public void setDefaultGroup(Experimenter user, ExperimenterGroup group) { Session session = sf.getSession(); Experimenter foundUser = userById(user.getId(), session); ExperimenterGroup foundGroup = groupById(group.getId(), session); Set<GroupExperimenterMap> foundMaps = foundUser .findGroupExperimenterMap(foundGroup); if (foundMaps.size() < 1) { throw new ApiUsageException("Group " + group.getId() + " was not " + "found for user " + user.getId()); } else if (foundMaps.size() > 1) { log.warn(foundMaps.size() + " copies of " + foundGroup + " found for " + foundUser); } else { // May throw an exception GroupExperimenterMap newDef = foundMaps.iterator().next(); log.info(String.format("Changing default group for user %s to %s", foundUser.getId(), group.getId())); foundUser.setPrimaryGroupExperimenterMap(newDef); } // TODO: May want to move this outside the loop // and after the !newDefaultSet check. sec.doAction(new SecureMerge(session), foundUser); }
@RolesAllowed("user") @Transactional(readOnly = false) public <T extends IEnum> T createEnumeration(T newEnum) { final LocalUpdate up = iUpdate; // TODO should this belong to root? Details d = getSecuritySystem().newTransientDetails(newEnum); newEnum.getDetails().copy(d); worldReadable(newEnum); return getSecuritySystem().doAction(new SecureAction() { public IObject updateObject(IObject... iObjects) { return up.saveAndReturnObject(iObjects[0]); } }, newEnum); }
Experimenter c = userById(cId, session); p.unlinkExperimenter(c); sec.doAction(new SecureAction(){ public <T extends IObject> T updateObject(T... objs) { for (T t : objs) {
this.sec.doAction(new SecureShare() { @Override void doUpdate(Share share) {
public long createGroup(ExperimenterGroup group) { group = copyGroup(group); if (group.getDetails().getPermissions() == null) { group.getDetails().setPermissions(Permissions.USER_PRIVATE); } final Session session = sf.getSession(); ExperimenterGroup g = sec.doAction(new SecureMerge(session), group); return g.getId(); }
public long createExperimenter(Experimenter experimenter, ExperimenterGroup defaultGroup, ExperimenterGroup... otherGroups) { Session session = sf.getSession(); SecureAction action = new SecureMerge(session); Experimenter e = copyUser(experimenter); if (isIgnoreCaseLookup()) { e.setOmeName(e.getOmeName().toLowerCase()); } e.getDetails().copy(sec.newTransientDetails(e)); e = sec.doAction(action, e); session.flush(); linkGroupAndUser(defaultGroup, e, false); if (null != otherGroups) { for (ExperimenterGroup group : otherGroups) { linkGroupAndUser(group, e, false); } } return e.getId(); }
protected GroupExperimenterMap linkGroupAndUser(ExperimenterGroup group, Experimenter e, boolean owned) { if (group == null || group.getId() == null) { throw new ApiUsageException("Group must be persistent."); } group = new ExperimenterGroup(group.getId(), false); // ticket:1021 - check for already added groups for (GroupExperimenterMap link : e.unmodifiableGroupExperimenterMap()) { ExperimenterGroup test = link.parent(); if (test.getId().equals(group.getId())) { return link; // EARLY EXIT! } } GroupExperimenterMap link = e.linkExperimenterGroup(group); // ticket:1434 link.setOwner(owned); link.getDetails().copy(sec.newTransientDetails(link)); Session session = sf.getSession(); sec.<IObject> doAction(new SecureMerge(session), userById(e.getId(), session), link); session.flush(); return link; }