Package org.fao.geonet.repository

Examples of org.fao.geonet.repository.UserGroupRepository


    if (myUserId.equals(id)) {
      throw new IllegalArgumentException("You cannot delete yourself from the user database");
    }

        final UserGroupRepository userGroupRepository = context.getBean(UserGroupRepository.class);
        int iId = Integer.parseInt(id);

    if (myProfile == Profile.Administrator || myProfile == Profile.UserAdmin)  {

      if (myProfile ==  Profile.UserAdmin) {
                final Integer iMyUserId = Integer.valueOf(myUserId);
                final List<Integer> groupIds = userGroupRepository.findGroupIds(where(hasUserId(iMyUserId)).or(hasUserId(iId)));
                if (groupIds.isEmpty()) {
          throw new IllegalArgumentException("You don't have rights to delete this user because the user is not part of your group");
        }
      }

      // Before processing DELETE check that the user is not referenced
      // elsewhere in the GeoNetwork database - an exception is thrown if
      // this is the case
      if (dataMan.isUserMetadataOwner(iId)) {
        throw new IllegalArgumentException("Cannot delete a user that is also a metadata owner");
      }

      if (dataMan.isUserMetadataStatus(iId)) {
        throw new IllegalArgumentException("Cannot delete a user that has set a metadata status");
      }

            userGroupRepository.deleteAllByIdAttribute(UserGroupId_.userId, Arrays.asList(iId));
            context.getBean(UserRepository.class).delete(iId);
    } else {
      throw new IllegalArgumentException("You don't have rights to delete this user");
    }
View Full Code Here


    Profile myProfile = usrSess.getProfile();
    String      myUserId  = usrSess.getUserId();

        final UserRepository userRepository = context.getBean(UserRepository.class);
        final GroupRepository groupRepository = context.getBean(GroupRepository.class);
        final UserGroupRepository userGroupRepository = context.getBean(UserGroupRepository.class);

        if (myProfile == Profile.Administrator || myProfile == Profile.UserAdmin || myUserId.equals(id)) {

      // -- get the profile of the user id supplied
            User user = userRepository.findOne(Integer.valueOf(id));
      if (user == null) {
        throw new IllegalArgumentException("user "+id+" doesn't exist");
            }

      String  theProfile = user.getProfile().name();

      //--- retrieve user groups of the user id supplied
      Element elGroups = new Element(Geonet.Elem.GROUPS);
      List<Group> theGroups;
            List<UserGroup> userGroups;

            if (myProfile == Profile.Administrator && theProfile.equals(Profile.Administrator.name())) {
                theGroups = groupRepository.findAll();

                for (Group group : theGroups) {
                    final Element element = group.asXml();
                    element.addContent(new Element("profile").setText(Profile.Administrator.name()));
                    elGroups.addContent(element);
                }
            } else {
                userGroups = userGroupRepository.findAll(UserGroupSpecs.hasUserId(Integer.valueOf(id)));

                for (UserGroup userGroup : userGroups) {
                    final Element element = userGroup.getGroup().asXml();
                    element.addContent(new Element("profile").setText(userGroup.getProfile().name()));
                    elGroups.addContent(element);
                }
            }

      if (!(myUserId.equals(id)) && myProfile == Profile.UserAdmin) {
     
    //--- retrieve session user groups and check to see whether this user is
    //--- allowed to get this info
                List<Integer> adminList = userGroupRepository.findGroupIds(where(UserGroupSpecs.hasUserId(Integer.valueOf(myUserId)))
                        .or(UserGroupSpecs.hasUserId(Integer.valueOf(id))));
        if (adminList.isEmpty()) {
          throw new OperationNotAllowedEx("You don't have rights to do this because the user you want is not part of your group");
        }
      }
View Full Code Here

     * @param opId
     * @return
     */
    public Optional<OperationAllowed> getOperationAllowedToAdd(final ServiceContext context, final int mdId, final int grpId, final int opId) {
        OperationAllowedRepository opAllowedRepo = _applicationContext.getBean(OperationAllowedRepository.class);
        UserGroupRepository userGroupRepo = _applicationContext.getBean(UserGroupRepository.class);
        final OperationAllowed operationAllowed = opAllowedRepo
                .findOneById_GroupIdAndId_MetadataIdAndId_OperationId(grpId, mdId, opId);

        if (operationAllowed == null) {
            // Check user privileges
            // Session may not be defined when a harvester is running
            if (context.getUserSession() != null) {
                Profile userProfile = context.getUserSession().getProfile();
                if (!(userProfile == Profile.Administrator || userProfile == Profile.UserAdmin)) {
                    int userId = Integer.parseInt(context.getUserSession().getUserId());
                    // Reserved groups
                    if (ReservedGroup.isReserved(grpId)) {

                        Specification<UserGroup> hasUserIdAndProfile = where(UserGroupSpecs.hasProfile(Profile.Reviewer))
                                .and(UserGroupSpecs.hasUserId(userId));
                        List<Integer> groupIds = userGroupRepo.findGroupIds(hasUserIdAndProfile);

                        if (groupIds.isEmpty()) {
                            throw new ServiceNotAllowedEx("User can't set operation for group " + grpId + " because the user in not a "
                                                          + "Reviewer of any group.");
                        }
                    } else {
                        String userGroupsOnly = settingMan.getValue("system/metadataprivs/usergrouponly");
                        if (userGroupsOnly.equals("true")) {
                            // If user is member of the group, user can set operation

                            if (userGroupRepo.exists(new UserGroupId().setGroupId(grpId).setUserId(userId))) {
                                throw new ServiceNotAllowedEx("User can't set operation for group " + grpId + " because the user in not"
                                                              + " member of this group.");
                            }
                        }
                    }
View Full Code Here

TOP

Related Classes of org.fao.geonet.repository.UserGroupRepository

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.