From 2f4523c1be17dfd4e80d70177663bdab559070b1 Mon Sep 17 00:00:00 2001 From: "Fathis, Zaqi" Date: Tue, 20 May 2025 15:18:18 +0200 Subject: [PATCH 1/3] Update authorization check in ServiceImpl Update reflects on the access type: - ADMIN: Full access to all features - User: Admin functions restricted to selected project(s) - read_only: View-only access, editing disabled --- .../actions/AddProjectDatabaseAction.java | 3 + .../AddUserToProjectDatabaseAction.java | 107 ++++++++++++------ ...BranchToExistingProjectDatabaseAction.java | 82 +++++++------- .../BranchToNewProjectDatabaseAction.java | 10 +- .../CloneToNewProjectDatabaseAction.java | 9 +- .../actions/DeleteProjectDatabaseAction.java | 67 +++++------ ...uthorizedUsersOfProjectDatabaseAction.java | 38 ++++--- .../GetAllCheckoutsByUserDatabaseAction.java | 41 ++++--- ...etAllCheckoutsOfProjectDatabaseAction.java | 77 +++++++------ ...tAllCheckoutsOfRevisionDatabaseAction.java | 44 +++---- .../GetAllProjectsSmallDatabaseAction.java | 5 +- .../GetAllRelatedProjectsDatabaseAction.java | 5 +- .../GetGeometryInfoDatabaseAction.java | 14 ++- .../RemoveUserFromProjectDatabaseAction.java | 91 ++++++++------- .../actions/SetRevisionTagDatabaseAction.java | 63 ++++++----- .../UndeleteProjectDatabaseAction.java | 57 +++++----- .../webservices/impl/ServiceImpl.java | 44 ++++--- 17 files changed, 430 insertions(+), 327 deletions(-) diff --git a/BimServer/src/org/bimserver/database/actions/AddProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddProjectDatabaseAction.java index f5574bddf6..567259a3ab 100644 --- a/BimServer/src/org/bimserver/database/actions/AddProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddProjectDatabaseAction.java @@ -66,6 +66,9 @@ public Project execute() throws UserException, BimserverDatabaseException, Bimse } final Project project = getDatabaseSession().create(Project.class); Project parentProject = null; + if (actingUser.getUserType() == UserType.READ_ONLY){ + throw new UserException("Read-only users cannot create projects/subprojects"); + } if (parentPoid != -1) { parentProject = getProjectByPoid(parentPoid); project.setParent(parentProject); diff --git a/BimServer/src/org/bimserver/database/actions/AddUserToProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddUserToProjectDatabaseAction.java index 4a037cb3b1..41ff26a3c5 100644 --- a/BimServer/src/org/bimserver/database/actions/AddUserToProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddUserToProjectDatabaseAction.java @@ -17,7 +17,9 @@ * along with this program. If not, see {@literal}. *****************************************************************************/ +import java.util.ArrayList; import java.util.Date; +import java.util.List; import org.bimserver.BimServer; import org.bimserver.BimserverDatabaseException; @@ -25,54 +27,85 @@ import org.bimserver.database.DatabaseSession; import org.bimserver.database.PostCommitAction; import org.bimserver.interfaces.SConverter; +import org.bimserver.interfaces.objects.SProjectSmall; import org.bimserver.models.log.AccessMethod; import org.bimserver.models.log.UserAddedToProject; import org.bimserver.models.store.Project; import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; import org.bimserver.shared.exceptions.UserException; import org.bimserver.webservices.authorization.Authorization; - -public class AddUserToProjectDatabaseAction extends BimDatabaseAction { - - private final long uoid; + +public class AddUserToProjectDatabaseAction extends BimDatabaseAction { + + private final long uoid; private final long poid; private Authorization authorization; - private BimServer bimServer; - - public AddUserToProjectDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long uoid, - long poid) { + private BimServer bimServer; + + public AddUserToProjectDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long uoid, + long poid) { super(databaseSession, accessMethod); this.bimServer = bimServer; - this.authorization = authorization; - this.uoid = uoid; - this.poid = poid; - } - - @Override + this.authorization = authorization; + this.uoid = uoid; + this.poid = poid; + } + + @Override public Boolean execute() throws UserException, BimserverDatabaseException, BimserverLockConflictException { final Project project = getProjectByPoid(poid); - User actingUser = getUserByUoid(authorization.getUoid()); - if (authorization.hasRightsOnProject(actingUser, project)) { - User user = getUserByUoid(uoid); - project.getHasAuthorizedUsers().add(user); - user.getHasRightsOn().add(project); - final UserAddedToProject userAddedToProject = getDatabaseSession().create(UserAddedToProject.class); - userAddedToProject.setExecutor(actingUser); - userAddedToProject.setDate(new Date()); - userAddedToProject.setAccessMethod(getAccessMethod()); - userAddedToProject.setUser(user); - userAddedToProject.setProject(project); - getDatabaseSession().addPostCommitAction(new PostCommitAction() { - @Override - public void execute() throws UserException { - bimServer.getNotificationsManager().notify(new SConverter().convertToSObject(userAddedToProject)); + User actingUser = getUserByUoid(authorization.getUoid()); + User user = getUserByUoid(uoid); + if (actingUser.getUserType() != UserType.READ_ONLY) { + if (authorization.hasRightsOnProject(actingUser, project)) { + if (user.getUserType() == UserType.USER) { + Project rootProject = getRootProject(project); + getSubProjects(rootProject, actingUser, user); + } else { + addUserToProject(project, actingUser, user); } - }); - getDatabaseSession().store(user); - getDatabaseSession().store(project); - return true; - } else { - throw new UserException("User has no rights to grant permission on '" + project.getName() + "'"); - } - } + return true; + } else { + throw new UserException("User has no rights on project '" + project.getName() + "'"); + } + } else { + throw new UserException("User has no rights to grant permission on '" + project.getName() + "'"); + } + } + + private Project getRootProject(Project project) { + if (project.getParent() != null) { + return getRootProject(project.getParent()); + } else { + return project; + } + } + + private void getSubProjects(Project project, User actingUser, User user) throws BimserverDatabaseException { + addUserToProject(project, actingUser, user); + List subProjects = new ArrayList(project.getSubProjects()); + for (Project subProject : subProjects) { + getSubProjects(subProject, actingUser, user); + } + } + + private void addUserToProject( Project project, User actingUser, User user) throws BimserverDatabaseException { + project.getHasAuthorizedUsers().add(user); + user.getHasRightsOn().add(project); + final UserAddedToProject userAddedToProject = getDatabaseSession().create(UserAddedToProject.class); + userAddedToProject.setExecutor(actingUser); + userAddedToProject.setDate(new Date()); + userAddedToProject.setAccessMethod(getAccessMethod()); + userAddedToProject.setUser(user); + userAddedToProject.setProject(project); + getDatabaseSession().addPostCommitAction(new PostCommitAction() { + @Override + public void execute() throws UserException { + bimServer.getNotificationsManager().notify(new SConverter().convertToSObject(userAddedToProject)); + } + }); + getDatabaseSession().store(user); + getDatabaseSession().store(project); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/BranchToExistingProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/BranchToExistingProjectDatabaseAction.java index d5b60d293c..2162ddee92 100644 --- a/BimServer/src/org/bimserver/database/actions/BranchToExistingProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/BranchToExistingProjectDatabaseAction.java @@ -28,32 +28,28 @@ import org.bimserver.ifc.BasicIfcModel; import org.bimserver.ifc.IfcModel; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ConcreteRevision; -import org.bimserver.models.store.Project; -import org.bimserver.models.store.Revision; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; +import org.bimserver.models.store.*; import org.bimserver.plugins.IfcModelSet; import org.bimserver.plugins.ModelHelper; import org.bimserver.plugins.modelmerger.MergeException; import org.bimserver.shared.exceptions.UserException; import org.bimserver.webservices.authorization.Authorization; - -public class BranchToExistingProjectDatabaseAction extends AbstractBranchDatabaseAction { - private final Long roid; - private final Long destPoid; - private final String comment; - private final BimServer bimServer; - private Authorization authorization; - - public BranchToExistingProjectDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, BimServer bimServer, Authorization authorization, Long roid, Long destPoid, String comment) { - super(databaseSession, accessMethod); + +public class BranchToExistingProjectDatabaseAction extends AbstractBranchDatabaseAction { + private final Long roid; + private final Long destPoid; + private final String comment; + private final BimServer bimServer; + private Authorization authorization; + + public BranchToExistingProjectDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, BimServer bimServer, Authorization authorization, Long roid, Long destPoid, String comment) { + super(databaseSession, accessMethod); this.bimServer = bimServer; - this.authorization = authorization; - this.roid = roid; - this.destPoid = destPoid; - this.comment = comment; - } + this.authorization = authorization; + this.roid = roid; + this.destPoid = destPoid; + this.comment = comment; + } public Long getRoid() { return roid; @@ -63,34 +59,38 @@ public Long getRoid() { public Long getPoid() { return destPoid; } - - @Override - public ConcreteRevision execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - Revision oldRevision = getDatabaseSession().get(StorePackage.eINSTANCE.getRevision(), roid, OldQuery.getDefault()); - Project oldProject = oldRevision.getProject(); - User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - if (!authorization.hasRightsOnProjectOrSuperProjectsOrSubProjects(user, oldProject)) { - throw new UserException("User has insufficient rights to download revisions from this project"); - } + + @Override + public ConcreteRevision execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + Revision oldRevision = getDatabaseSession().get(StorePackage.eINSTANCE.getRevision(), roid, OldQuery.getDefault()); + Project oldProject = oldRevision.getProject(); + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + User actingUser = getUserByUoid(authorization.getUoid()); + if (actingUser.getUserType() == UserType.READ_ONLY) { + throw new UserException("User '" + actingUser.getName() + "' is read only and cannot branch projects"); + } + if (!authorization.hasRightsOnProjectOrSuperProjectsOrSubProjects(user, oldProject)) { + throw new UserException("User has insufficient rights to download revisions from this project"); + } IfcModelSet ifcModelSet = new IfcModelSet(); - PackageMetaData lastMetaData = null; + PackageMetaData lastMetaData = null; for (ConcreteRevision subRevision : oldRevision.getConcreteRevisions()) { - PackageMetaData packageMetaData = bimServer.getMetaDataManager().getPackageMetaData(subRevision.getProject().getSchema()); - IfcModel subModel = new BasicIfcModel(packageMetaData, null); - getDatabaseSession().getMap(subModel, new OldQuery(packageMetaData, subRevision.getProject().getId(), subRevision.getId(), -1, Deep.YES)); - subModel.getModelMetaData().setDate(subRevision.getDate()); + PackageMetaData packageMetaData = bimServer.getMetaDataManager().getPackageMetaData(subRevision.getProject().getSchema()); + IfcModel subModel = new BasicIfcModel(packageMetaData, null); + getDatabaseSession().getMap(subModel, new OldQuery(packageMetaData, subRevision.getProject().getId(), subRevision.getId(), -1, Deep.YES)); + subModel.getModelMetaData().setDate(subRevision.getDate()); ifcModelSet.add(subModel); - lastMetaData = packageMetaData; - } + lastMetaData = packageMetaData; + } IfcModelInterface model = new BasicIfcModel(lastMetaData, null); try { - model = bimServer.getMergerFactory().createMerger(getDatabaseSession(), authorization.getUoid()) + model = bimServer.getMergerFactory().createMerger(getDatabaseSession(), authorization.getUoid()) .merge(oldRevision.getProject(), ifcModelSet, new ModelHelper(bimServer.getMetaDataManager(), model)); } catch (MergeException e) { throw new UserException(e); - } - model.resetOids(); - CheckinDatabaseAction checkinDatabaseAction = new CheckinDatabaseAction(bimServer, getDatabaseSession(), getAccessMethod(), destPoid, authorization, model, comment, comment, false, -1, -1); // TODO + } + model.resetOids(); + CheckinDatabaseAction checkinDatabaseAction = new CheckinDatabaseAction(bimServer, getDatabaseSession(), getAccessMethod(), destPoid, authorization, model, comment, comment, false, -1, -1); // TODO return checkinDatabaseAction.execute(); - } + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/BranchToNewProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/BranchToNewProjectDatabaseAction.java index b0a42a1018..f0cbb77766 100644 --- a/BimServer/src/org/bimserver/database/actions/BranchToNewProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/BranchToNewProjectDatabaseAction.java @@ -28,11 +28,7 @@ import org.bimserver.ifc.BasicIfcModel; import org.bimserver.ifc.IfcModel; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ConcreteRevision; -import org.bimserver.models.store.Project; -import org.bimserver.models.store.Revision; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; +import org.bimserver.models.store.*; import org.bimserver.plugins.IfcModelSet; import org.bimserver.plugins.ModelHelper; import org.bimserver.plugins.modelmerger.MergeException; @@ -71,6 +67,10 @@ public ConcreteRevision execute() throws UserException, BimserverLockConflictExc Revision oldRevision = getDatabaseSession().get(StorePackage.eINSTANCE.getRevision(), roid, OldQuery.getDefault()); Project oldProject = oldRevision.getProject(); final User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + User actingUser = getUserByUoid(authorization.getUoid()); + if (actingUser.getUserType() == UserType.READ_ONLY) { + throw new UserException("User '" + actingUser.getName() + "' is read only and cannot branch projects"); + } if (!authorization.hasRightsOnProjectOrSuperProjectsOrSubProjects(user, oldProject)) { throw new UserException("User has insufficient rights to download revisions from this project"); } diff --git a/BimServer/src/org/bimserver/database/actions/CloneToNewProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/CloneToNewProjectDatabaseAction.java index 743af1b8b2..fbc3533ac2 100644 --- a/BimServer/src/org/bimserver/database/actions/CloneToNewProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/CloneToNewProjectDatabaseAction.java @@ -36,11 +36,7 @@ import org.bimserver.database.queries.om.SpecialQueryType; import org.bimserver.emf.PackageMetaData; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ConcreteRevision; -import org.bimserver.models.store.Project; -import org.bimserver.models.store.Revision; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; +import org.bimserver.models.store.*; import org.bimserver.shared.HashMapVirtualObject; import org.bimserver.shared.QueryContext; import org.bimserver.shared.exceptions.UserException; @@ -71,6 +67,9 @@ public ConcreteRevision execute() throws UserException, BimserverLockConflictExc Revision oldRevision = getDatabaseSession().get(StorePackage.eINSTANCE.getRevision(), roid, OldQuery.getDefault()); Project oldProject = oldRevision.getProject(); final User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User '" + user.getName() + "' is read-only and cannot create a new project"); + } if (!authorization.hasRightsOnProjectOrSuperProjectsOrSubProjects(user, oldProject)) { throw new UserException("User has insufficient rights to download revisions from this project"); } diff --git a/BimServer/src/org/bimserver/database/actions/DeleteProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeleteProjectDatabaseAction.java index 84c9f34771..cd7a9c5ba0 100644 --- a/BimServer/src/org/bimserver/database/actions/DeleteProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeleteProjectDatabaseAction.java @@ -33,30 +33,33 @@ import org.bimserver.models.store.UserType; import org.bimserver.shared.exceptions.UserException; import org.bimserver.webservices.authorization.Authorization; - -public class DeleteProjectDatabaseAction extends BimDatabaseAction { - + +public class DeleteProjectDatabaseAction extends BimDatabaseAction { + private final long poid; private Authorization authorization; - private BimServer bimServer; - - public DeleteProjectDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long poid, Authorization authorization) { + private BimServer bimServer; + + public DeleteProjectDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long poid, Authorization authorization) { super(databaseSession, accessMethod); this.bimServer = bimServer; this.poid = poid; - this.authorization = authorization; - } - - @Override - public Boolean execute() throws UserException, BimserverDatabaseException, BimserverLockConflictException { - User actingUser = getUserByUoid(authorization.getUoid()); - final Project project = getProjectByPoid(poid); - if (actingUser.getUserType() == UserType.ADMIN || (actingUser.getHasRightsOn().contains(project) && bimServer.getServerSettingsCache().getServerSettings().isAllowUsersToCreateTopLevelProjects())) { - delete(project); - final ProjectDeleted projectDeleted = getDatabaseSession().create(ProjectDeleted.class); - projectDeleted.setAccessMethod(getAccessMethod()); - projectDeleted.setDate(new Date()); - projectDeleted.setExecutor(actingUser); + this.authorization = authorization; + } + + @Override + public Boolean execute() throws UserException, BimserverDatabaseException, BimserverLockConflictException { + User actingUser = getUserByUoid(authorization.getUoid()); + final Project project = getProjectByPoid(poid); + if (actingUser.getUserType() == UserType.READ_ONLY){ + throw new UserException("No rights to delete this project"); + } + if (actingUser.getUserType() == UserType.ADMIN || (actingUser.getHasRightsOn().contains(project) && bimServer.getServerSettingsCache().getServerSettings().isAllowUsersToCreateTopLevelProjects())) { + delete(project); + final ProjectDeleted projectDeleted = getDatabaseSession().create(ProjectDeleted.class); + projectDeleted.setAccessMethod(getAccessMethod()); + projectDeleted.setDate(new Date()); + projectDeleted.setExecutor(actingUser); projectDeleted.setProject(project); getDatabaseSession().addPostCommitAction(new PostCommitAction() { @Override @@ -64,17 +67,17 @@ public void execute() throws UserException { bimServer.getNotificationsManager().notify(new SConverter().convertToSObject(projectDeleted)); } }); - getDatabaseSession().store(project); - return true; - } else { - throw new UserException("No rights to delete this project"); - } - } - - private void delete(Project project) { - project.setState(ObjectState.DELETED); - for (Project subProject : project.getSubProjects()) { - delete(subProject); - } - } + getDatabaseSession().store(project); + return true; + } else { + throw new UserException("No rights to delete this project"); + } + } + + private void delete(Project project) { + project.setState(ObjectState.DELETED); + for (Project subProject : project.getSubProjects()) { + delete(subProject); + } + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/GetAllAuthorizedUsersOfProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetAllAuthorizedUsersOfProjectDatabaseAction.java index c88d89cc0f..858b514dc0 100644 --- a/BimServer/src/org/bimserver/database/actions/GetAllAuthorizedUsersOfProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetAllAuthorizedUsersOfProjectDatabaseAction.java @@ -25,21 +25,29 @@ import org.bimserver.database.DatabaseSession; import org.bimserver.models.log.AccessMethod; import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; import org.eclipse.emf.common.util.EList; - -public class GetAllAuthorizedUsersOfProjectDatabaseAction extends BimDatabaseAction>{ - - private final long poid; - - public GetAllAuthorizedUsersOfProjectDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long poid) { - super(databaseSession, accessMethod); - this.poid = poid; - } - - @Override - public Set execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - EList users = getProjectByPoid(poid).getHasAuthorizedUsers(); - return new HashSet(users); - } + +public class GetAllAuthorizedUsersOfProjectDatabaseAction extends BimDatabaseAction>{ + + private final long poid; + private Authorization authorization; + + public GetAllAuthorizedUsersOfProjectDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long poid, Authorization authorization) { + super(databaseSession, accessMethod); + this.poid = poid; + this.authorization = authorization; + } + + @Override + public Set execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User actingUser = getUserByUoid(authorization.getUoid()); + if (actingUser.getUserType() == UserType.READ_ONLY){ + throw new UserException("No rights to get all authorized users of a project"); + } + EList users = getProjectByPoid(poid).getHasAuthorizedUsers(); + return new HashSet(users); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsByUserDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsByUserDatabaseAction.java index d2368f216d..633456718f 100644 --- a/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsByUserDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsByUserDatabaseAction.java @@ -30,24 +30,29 @@ import org.bimserver.models.store.Checkout; import org.bimserver.models.store.StorePackage; import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; import org.bimserver.shared.exceptions.UserException; import org.bimserver.utils.CollectionUtils; - -public class GetAllCheckoutsByUserDatabaseAction extends BimDatabaseAction> { - - private final long uoid; - - public GetAllCheckoutsByUserDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long uoid) { - super(databaseSession, accessMethod); - this.uoid = uoid; - } - - @Override - public List execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - User user = getUserByUoid(uoid); - Condition condition = new HasReferenceToCondition(StorePackage.eINSTANCE.getCheckout_User(), user); -// condition = condition.and(new AttributeCondition(StorePackage.eINSTANCE.getCheckout_Active(), new BooleanLiteral(true))); - Map query = getDatabaseSession().query(condition, Checkout.class, OldQuery.getDefault()); - return CollectionUtils.mapToList(query); - } +import org.bimserver.webservices.authorization.Authorization; + +public class GetAllCheckoutsByUserDatabaseAction extends BimDatabaseAction> { + + private final long uoid; + + public GetAllCheckoutsByUserDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long uoid) { + super(databaseSession, accessMethod); + this.uoid = uoid; + } + + @Override + public List execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getUserByUoid(uoid); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only user does not have access to this method"); + } + Condition condition = new HasReferenceToCondition(StorePackage.eINSTANCE.getCheckout_User(), user); +// condition = condition.and(new AttributeCondition(StorePackage.eINSTANCE.getCheckout_Active(), new BooleanLiteral(true))); + Map query = getDatabaseSession().query(condition, Checkout.class, OldQuery.getDefault()); + return CollectionUtils.mapToList(query); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsOfProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsOfProjectDatabaseAction.java index 259299aae8..4cfc692d87 100644 --- a/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsOfProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsOfProjectDatabaseAction.java @@ -30,43 +30,48 @@ import org.bimserver.database.query.conditions.Condition; import org.bimserver.database.query.conditions.HasReferenceToInCondition; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.Checkout; -import org.bimserver.models.store.Project; -import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.*; import org.bimserver.shared.exceptions.UserException; import org.bimserver.utils.CollectionUtils; - -public class GetAllCheckoutsOfProjectDatabaseAction extends BimDatabaseAction> { - - private final long poid; - private final boolean checkSubProjects; - - public GetAllCheckoutsOfProjectDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long poid, boolean checkSubProjects) { - super(databaseSession, accessMethod); - this.poid = poid; - this.checkSubProjects = checkSubProjects; - } - - @Override - public List execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - Project project = getProjectByPoid(poid); - Set projects = new HashSet(); - if (checkSubProjects) { - getSubProjects(project, projects); - } else { - projects.add(project); - } - Condition condition = new HasReferenceToInCondition(StorePackage.eINSTANCE.getCheckout_Project(), projects); +import org.bimserver.webservices.authorization.Authorization; + +public class GetAllCheckoutsOfProjectDatabaseAction extends BimDatabaseAction> { + + private final long poid; + private final boolean checkSubProjects; + private Authorization authorization; + + public GetAllCheckoutsOfProjectDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long poid, boolean checkSubProjects, Authorization authorization) { + super(databaseSession, accessMethod); + this.poid = poid; + this.checkSubProjects = checkSubProjects; + this.authorization = authorization; + } + + @Override + public List execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User actingUser = getUserByUoid(authorization.getUoid()); + Project project = getProjectByPoid(poid); + if (!authorization.hasRightsOnProject(actingUser, project)) { + throw new UserException("User does not have rights on project"); + } + Set projects = new HashSet(); + if (checkSubProjects) { + getSubProjects(project, projects); + } else { + projects.add(project); + } + Condition condition = new HasReferenceToInCondition(StorePackage.eINSTANCE.getCheckout_Project(), projects); Map query = getDatabaseSession().query(condition, Checkout.class, OldQuery.getDefault()); - return CollectionUtils.mapToList(query); - } - - private void getSubProjects(Project project, Set projects) { - projects.add(project); - Iterator iterator = project.getSubProjects().iterator(); - while (iterator.hasNext()) { - Project subProject = iterator.next(); - getSubProjects(subProject, projects); - } - } + return CollectionUtils.mapToList(query); + } + + private void getSubProjects(Project project, Set projects) { + projects.add(project); + Iterator iterator = project.getSubProjects().iterator(); + while (iterator.hasNext()) { + Project subProject = iterator.next(); + getSubProjects(subProject, projects); + } + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsOfRevisionDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsOfRevisionDatabaseAction.java index 8a3e8b010d..0360f32587 100644 --- a/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsOfRevisionDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetAllCheckoutsOfRevisionDatabaseAction.java @@ -26,25 +26,31 @@ import org.bimserver.database.query.conditions.Condition; import org.bimserver.database.query.conditions.HasReferenceToCondition; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.Checkout; -import org.bimserver.models.store.Revision; -import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.*; import org.bimserver.shared.exceptions.UserException; import org.bimserver.utils.CollectionUtils; - -public class GetAllCheckoutsOfRevisionDatabaseAction extends BimDatabaseAction> { - - private final long roid; - - public GetAllCheckoutsOfRevisionDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long roid) { - super(databaseSession, accessMethod); - this.roid = roid; - } - - @Override - public List execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - Revision revision = getRevisionByRoid(roid); - Condition condition = new HasReferenceToCondition(StorePackage.eINSTANCE.getCheckout_Revision(), revision); - return CollectionUtils.mapToList(getDatabaseSession().query(condition, Checkout.class, OldQuery.getDefault())); - } +import org.bimserver.webservices.authorization.Authorization; + +public class GetAllCheckoutsOfRevisionDatabaseAction extends BimDatabaseAction> { + + private final long roid; + private Authorization authorization; + + public GetAllCheckoutsOfRevisionDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long roid, Authorization authorization) { + super(databaseSession, accessMethod); + this.roid = roid; + this.authorization = authorization; + } + + @Override + public List execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User actingUser = getUserByUoid(authorization.getUoid()); + Revision revision = getRevisionByRoid(roid); + Project project = revision.getProject(); + if (!authorization.hasRightsOnProject(actingUser, project)) { + throw new UserException("User does not have rights on project"); + } + Condition condition = new HasReferenceToCondition(StorePackage.eINSTANCE.getCheckout_Revision(), revision); + return CollectionUtils.mapToList(getDatabaseSession().query(condition, Checkout.class, OldQuery.getDefault())); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/GetAllProjectsSmallDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetAllProjectsSmallDatabaseAction.java index 811b97b1f5..5d0281f54f 100644 --- a/BimServer/src/org/bimserver/database/actions/GetAllProjectsSmallDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetAllProjectsSmallDatabaseAction.java @@ -77,7 +77,10 @@ private void addProjects(List list, Project project, User user) { if (project.getState() == ObjectState.DELETED && !(authorization instanceof AdminAuthorization)) { return; } - list.add(createSmallProject(authorization, bimServer, project, user)); + if (authorization.hasRightsOnProject(user, project)) { + list.add(createSmallProject(authorization, bimServer, project, user)); + } + List subProjects = new ArrayList(project.getSubProjects()); Collections.sort(subProjects, new Comparator(){ @Override diff --git a/BimServer/src/org/bimserver/database/actions/GetAllRelatedProjectsDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetAllRelatedProjectsDatabaseAction.java index c5e87d5f27..4884fcb5c6 100644 --- a/BimServer/src/org/bimserver/database/actions/GetAllRelatedProjectsDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetAllRelatedProjectsDatabaseAction.java @@ -72,7 +72,10 @@ private void addProjects(List list, Project project, User user) { if (project.getState() == ObjectState.DELETED && !(authorization instanceof AdminAuthorization)) { return; } - list.add(GetAllProjectsSmallDatabaseAction.createSmallProject(authorization, bimServer, project, user)); + if (authorization.hasRightsOnProject(user, project)) { + list.add(GetAllProjectsSmallDatabaseAction.createSmallProject(authorization, bimServer, project, user)); + } + List subProjects = new ArrayList(project.getSubProjects()); Collections.sort(subProjects, new Comparator(){ @Override diff --git a/BimServer/src/org/bimserver/database/actions/GetGeometryInfoDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetGeometryInfoDatabaseAction.java index 80668e6663..a5c42b74fc 100644 --- a/BimServer/src/org/bimserver/database/actions/GetGeometryInfoDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetGeometryInfoDatabaseAction.java @@ -29,29 +29,35 @@ import org.bimserver.models.log.AccessMethod; import org.bimserver.models.store.Project; import org.bimserver.models.store.Revision; +import org.bimserver.models.store.User; import org.bimserver.shared.exceptions.UserException; import org.bimserver.webservices.authorization.Authorization; import org.eclipse.emf.ecore.EStructuralFeature; - -public class GetGeometryInfoDatabaseAction extends BimDatabaseAction { - + +public class GetGeometryInfoDatabaseAction extends BimDatabaseAction { + private BimServer bimServer; private long roid; private long oid; + private Authorization authorization; public GetGeometryInfoDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long roid, long oid, Authorization authorization) { super(databaseSession, accessMethod); this.bimServer = bimServer; this.roid = roid; this.oid = oid; + this.authorization = authorization; } @Override public SGeometryInfo execute() throws UserException, BimserverDatabaseException, BimserverLockConflictException { Revision revision = getDatabaseSession().get(roid, OldQuery.getDefault()); Project project = revision.getProject(); + User actingUser = getUserByUoid(authorization.getUoid()); + if (!authorization.hasRightsOnProject(actingUser, project)) { + throw new UserException("Only user who has access to the project can get geometry information"); + } PackageMetaData packageMetaData = bimServer.getMetaDataManager().getPackageMetaData(project.getSchema()); - IdEObject ifcProduct = getDatabaseSession().get(oid, new OldQuery(packageMetaData, project.getId(), revision.getId(), revision.getOid())); if (ifcProduct == null) { throw new UserException("Object with oid " + oid + " not found"); diff --git a/BimServer/src/org/bimserver/database/actions/RemoveUserFromProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/RemoveUserFromProjectDatabaseAction.java index 673e59ea94..e8937cd99a 100644 --- a/BimServer/src/org/bimserver/database/actions/RemoveUserFromProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/RemoveUserFromProjectDatabaseAction.java @@ -1,51 +1,51 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import java.util.Date; - -import org.bimserver.BimServer; -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.PostCommitAction; -import org.bimserver.interfaces.SConverter; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.log.UserRemovedFromProject; -import org.bimserver.models.store.Project; -import org.bimserver.models.store.User; -import org.bimserver.models.store.UserType; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.webservices.authorization.Authorization; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import java.util.Date; + +import org.bimserver.BimServer; +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.PostCommitAction; +import org.bimserver.interfaces.SConverter; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.log.UserRemovedFromProject; +import org.bimserver.models.store.Project; +import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class RemoveUserFromProjectDatabaseAction extends BimDatabaseAction { private final long uoid; - private final long poid; - private Authorization authorization; + private final long poid; + private Authorization authorization; private BimServer bimServer; public RemoveUserFromProjectDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long uoid, long poid, Authorization authorization) { - super(databaseSession, accessMethod); + super(databaseSession, accessMethod); this.bimServer = bimServer; this.uoid = uoid; - this.poid = poid; + this.poid = poid; this.authorization = authorization; } @@ -67,6 +67,9 @@ public Boolean execute() throws UserException, BimserverDatabaseException, Bimse "User cannot be removed from this project because it is the only admin user with authorization on this project"); } } + if (user.getUserType() == UserType.READ_ONLY){ + throw new UserException("Read-only user has no rights to remove users from project"); + } project.getHasAuthorizedUsers().remove(user); user.getHasRightsOn().remove(project); final UserRemovedFromProject userRemovedFromProject = getDatabaseSession().create(UserRemovedFromProject.class); @@ -74,12 +77,12 @@ public Boolean execute() throws UserException, BimserverDatabaseException, Bimse userRemovedFromProject.setExecutor(actingUser); userRemovedFromProject.setAccessMethod(getAccessMethod()); userRemovedFromProject.setProject(project); - userRemovedFromProject.setUser(user); - getDatabaseSession().addPostCommitAction(new PostCommitAction() { - @Override - public void execute() throws UserException { - bimServer.getNotificationsManager().notify(new SConverter().convertToSObject(userRemovedFromProject)); - } + userRemovedFromProject.setUser(user); + getDatabaseSession().addPostCommitAction(new PostCommitAction() { + @Override + public void execute() throws UserException { + bimServer.getNotificationsManager().notify(new SConverter().convertToSObject(userRemovedFromProject)); + } }); getDatabaseSession().store(user); getDatabaseSession().store(project); diff --git a/BimServer/src/org/bimserver/database/actions/SetRevisionTagDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/SetRevisionTagDatabaseAction.java index 946c5a2e0c..e641d07093 100644 --- a/BimServer/src/org/bimserver/database/actions/SetRevisionTagDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/SetRevisionTagDatabaseAction.java @@ -1,40 +1,41 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ConcreteRevision; -import org.bimserver.models.store.Project; -import org.bimserver.models.store.Revision; -import org.bimserver.shared.exceptions.UserException; -import org.eclipse.emf.common.util.EList; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.*; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; +import org.eclipse.emf.common.util.EList; public class SetRevisionTagDatabaseAction extends BimDatabaseAction { private final Long roid; private final String tag; + private Authorization authorization; - public SetRevisionTagDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Long roid, String tag) { + public SetRevisionTagDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Long roid, String tag, Authorization authorization) { super(databaseSession, accessMethod); this.roid = roid; this.tag = tag; + this.authorization = authorization; } @Override @@ -42,6 +43,10 @@ public String execute() throws UserException, BimserverLockConflictException, Bi Revision revision = getRevisionByRoid(roid); String trimmedTag = tag.trim(); Project project = revision.getProject(); + User actingUser = getUserByUoid(authorization.getUoid()); + if (actingUser.getUserType() == UserType.READ_ONLY) { + throw new UserException("User not allowed to set a tag on a revision"); + } if (project.getParent() != null) { throw new UserException("Revision is not contained by a top project."); } diff --git a/BimServer/src/org/bimserver/database/actions/UndeleteProjectDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/UndeleteProjectDatabaseAction.java index 4e2e587f52..2cf9eb8de6 100644 --- a/BimServer/src/org/bimserver/database/actions/UndeleteProjectDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/UndeleteProjectDatabaseAction.java @@ -33,44 +33,47 @@ import org.bimserver.models.store.UserType; import org.bimserver.shared.exceptions.UserException; import org.bimserver.webservices.authorization.Authorization; - -public class UndeleteProjectDatabaseAction extends BimDatabaseAction { - + +public class UndeleteProjectDatabaseAction extends BimDatabaseAction { + private final long poid; private Authorization authorization; - private BimServer bimServer; - - public UndeleteProjectDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long poid, Authorization authorization) { + private BimServer bimServer; + + public UndeleteProjectDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long poid, Authorization authorization) { super(databaseSession, accessMethod); - this.bimServer = bimServer; + this.bimServer = bimServer; this.poid = poid; - this.authorization = authorization; - } - - @Override - public Boolean execute() throws UserException, BimserverDatabaseException, BimserverLockConflictException { - User actingUser = getUserByUoid(authorization.getUoid()); + this.authorization = authorization; + } + + @Override + public Boolean execute() throws UserException, BimserverDatabaseException, BimserverLockConflictException { + User actingUser = getUserByUoid(authorization.getUoid()); final Project project = getProjectByPoid(poid); if (project == null) { throw new UserException("No Project with oid " + poid + " found"); - } - if (actingUser.getUserType() == UserType.ADMIN || actingUser.getHasRightsOn().contains(project)) { - project.setState(ObjectState.ACTIVE); - final ProjectUndeleted projectUndeleted = getDatabaseSession().create(ProjectUndeleted.class); - projectUndeleted.setAccessMethod(getAccessMethod()); - projectUndeleted.setDate(new Date()); - projectUndeleted.setExecutor(actingUser); + } + if (actingUser.getUserType() == UserType.READ_ONLY){ + throw new UserException("No rights to undelete this project"); + } + if (actingUser.getUserType() == UserType.ADMIN || actingUser.getHasRightsOn().contains(project)) { + project.setState(ObjectState.ACTIVE); + final ProjectUndeleted projectUndeleted = getDatabaseSession().create(ProjectUndeleted.class); + projectUndeleted.setAccessMethod(getAccessMethod()); + projectUndeleted.setDate(new Date()); + projectUndeleted.setExecutor(actingUser); projectUndeleted.setProject(project); getDatabaseSession().addPostCommitAction(new PostCommitAction() { @Override public void execute() throws UserException { bimServer.getNotificationsManager().notify(new SConverter().convertToSObject(projectUndeleted)); } - }); - getDatabaseSession().store(project); - return true; - } else { - throw new UserException("No rights to undelete this project"); - } - } + }); + getDatabaseSession().store(project); + return true; + } else { + throw new UserException("No rights to undelete this project"); + } + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/webservices/impl/ServiceImpl.java b/BimServer/src/org/bimserver/webservices/impl/ServiceImpl.java index b98097fa7b..0ab286e7c3 100644 --- a/BimServer/src/org/bimserver/webservices/impl/ServiceImpl.java +++ b/BimServer/src/org/bimserver/webservices/impl/ServiceImpl.java @@ -353,6 +353,7 @@ public void terminateLongRunningAction(Long topicId) throws ServerException, Use @Override public SDownloadResult getDownloadData(final Long topicId) throws ServerException, UserException { + requireRealUserAuthentication(); LongAction longAction = getBimServer().getLongActionManager().getLongAction(topicId); if (longAction == null) { throw new UserException("No data found for topicId " + topicId); @@ -1048,6 +1049,9 @@ public Long initiateCheckin(Long poid, Long deserializerOid) throws ServerExcept try { User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); Project project = session.get(poid, OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User '" + user.getName() + "' is read only and cannot checkin models to the project"); + } if (!getAuthorization().hasRightsOnProjectOrSuperProjects(user, project)) { throw new UserException("User has no rights to checkin models to this project"); } @@ -1077,6 +1081,9 @@ public SLongCheckinActionState checkinInitiatedInternal(Long topicId, final Long String userUsername = "Unknown"; try { User user = (User) readOnlySession.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User '" + user.getName() + "' is read only and cannot checkin models to the project"); + } Project project = readOnlySession.get(poid, OldQuery.getDefault()); if (project == null) { throw new UserException("No project found with poid " + poid); @@ -1311,6 +1318,9 @@ public SLongCheckinActionState checkinFromUrlSync(Long poid, String comment, Lon Long topicId = initiateCheckin(poid, deserializerOid); User user = (User) readOnlySession.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User '" + user.getName() + "' is read only and cannot checkin models to the project"); + } username = user.getName(); userUsername = user.getUsername(); @@ -1365,6 +1375,9 @@ public Long checkinFromUrlAsync(Long poid, String comment, Long deserializerOid, Long topicId = initiateCheckin(poid, deserializerOid); User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User '" + user.getName() + "' is read only and cannot checkin models to the project"); + } username = user.getName(); userUsername = user.getUsername(); Path homeDirIncoming = getBimServer().getHomeDir().resolve("incoming"); @@ -1457,7 +1470,7 @@ public SUser addUser(String username, String name, SUserType type, Boolean selfR if (selfRegistration) { requireSelfregistrationAllowed(); } else if (!getBimServer().getServerSettingsCache().getServerSettings().getAllowSelfRegistration()) { - requireRealUserAuthentication(); + requireAdminAuthentication(); } BimDatabaseAction action = new AddUserDatabaseAction(getBimServer(), session, getInternalAccessMethod(), username, name, getBimServer().getSConverter().convertFromSObject(type), getAuthorization(), selfRegistration, resetUrl); @@ -1476,7 +1489,7 @@ public SUser addUserWithPassword(String username, String password, String name, if (selfRegistration) { requireSelfregistrationAllowed(); } else if (!getBimServer().getServerSettingsCache().getServerSettings().getAllowSelfRegistration()) { - requireRealUserAuthentication(); + requireAdminAuthentication(); } BimDatabaseAction action = new AddUserDatabaseAction(getBimServer(), session, getInternalAccessMethod(), username, password, name, getBimServer().getSConverter().convertFromSObject(type), getAuthorization(), selfRegistration, resetUrl); @@ -1539,7 +1552,7 @@ public List getAllCheckoutsOfProject(Long poid) throws ServerExceptio requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { - BimDatabaseAction> action = new GetAllCheckoutsOfProjectDatabaseAction(session, getInternalAccessMethod(), poid, false); + BimDatabaseAction> action = new GetAllCheckoutsOfProjectDatabaseAction(session, getInternalAccessMethod(), poid, false, getAuthorization()); List list = session.executeAndCommitAction(action); Collections.sort(list, new CheckoutComparator()); return getBimServer().getSConverter().convertToSListCheckout(list); @@ -1555,7 +1568,7 @@ public List getAllCheckoutsOfProjectAndSubProjects(Long poid) throws requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { - BimDatabaseAction> action = new GetAllCheckoutsOfProjectDatabaseAction(session, getInternalAccessMethod(), poid, true); + BimDatabaseAction> action = new GetAllCheckoutsOfProjectDatabaseAction(session, getInternalAccessMethod(), poid, true, getAuthorization()); List list = session.executeAndCommitAction(action); Collections.sort(list, new CheckoutComparator()); return getBimServer().getSConverter().convertToSListCheckout(list); @@ -1624,7 +1637,7 @@ public List getAllCheckoutsOfRevision(Long roid) throws ServerExcepti requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { - BimDatabaseAction> action = new GetAllCheckoutsOfRevisionDatabaseAction(session, getInternalAccessMethod(), roid); + BimDatabaseAction> action = new GetAllCheckoutsOfRevisionDatabaseAction(session, getInternalAccessMethod(), roid, getAuthorization()); List list = session.executeAndCommitAction(action); Collections.sort(list, new CheckoutComparator()); return getBimServer().getSConverter().convertToSListCheckout(list); @@ -1636,6 +1649,7 @@ public List getAllCheckoutsOfRevision(Long roid) throws ServerExcepti } public void cleanupLongAction(Long topicId) throws UserException, ServerException { + requireAuthentication(); getBimServer().getLongActionManager().remove(topicId); } @@ -1712,7 +1726,7 @@ public List getAvailableClasses() throws ServerException, UserException @Override public List getAllNonAuthorizedProjectsOfUser(Long uoid) throws ServerException, UserException { - requireRealUserAuthentication(); + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { BimDatabaseAction> action = new GetAllNonAuthorizedProjectsOfUserDatabaseAction(session, getInternalAccessMethod(), uoid); @@ -1726,7 +1740,7 @@ public List getAllNonAuthorizedProjectsOfUser(Long uoid) throws Server @Override public SUser getUserByUserName(String username) throws ServerException, UserException { - requireRealUserAuthentication(); + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { BimDatabaseAction action = new GetUserByUserNameDatabaseAction(session, getInternalAccessMethod(), username); @@ -1744,7 +1758,7 @@ public SUser getUserByUserName(String username) throws ServerException, UserExce @Override public Boolean undeleteUser(Long uoid) throws ServerException, UserException { - requireRealUserAuthentication(); + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { BimDatabaseAction action = new UndeleteUserDatabaseAction(getBimServer(), session, getInternalAccessMethod(), getAuthorization(), uoid); @@ -1948,7 +1962,7 @@ public List getAllAuthorizedUsersOfProject(Long poid) throws ServerExcept requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { - BimDatabaseAction> action = new GetAllAuthorizedUsersOfProjectDatabaseAction(session, getInternalAccessMethod(), poid); + BimDatabaseAction> action = new GetAllAuthorizedUsersOfProjectDatabaseAction(session, getInternalAccessMethod(), poid, getAuthorization()); return new ArrayList(getBimServer().getSConverter().convertToSSetUser(session.executeAndCommitAction(action))); } catch (Exception e) { return handleException(e); @@ -1976,7 +1990,7 @@ public void setRevisionTag(Long roid, String tag) throws ServerException, UserEx requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new SetRevisionTagDatabaseAction(session, getInternalAccessMethod(), roid, tag); + BimDatabaseAction action = new SetRevisionTagDatabaseAction(session, getInternalAccessMethod(), roid, tag, getAuthorization()); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -2117,7 +2131,7 @@ public Long addExtendedDataSchema(SExtendedDataSchema extendedDataSchema) throws @Override public void addUserToExtendedDataSchema(Long uoid, Long edsid) throws ServerException, UserException { - requireAuthenticationAndRunningServer(); + requireAdminAuthenticationAndRunningServer(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { BimDatabaseAction action = new AddUserToExtendedDataSchemaDatabaseAction(session, getInternalAccessMethod(), uoid, edsid); @@ -2131,7 +2145,7 @@ public void addUserToExtendedDataSchema(Long uoid, Long edsid) throws ServerExce @Override public void removeUserFromExtendedDataSchema(Long uoid, Long edsid) throws ServerException, UserException { - requireAuthenticationAndRunningServer(); + requireAdminAuthenticationAndRunningServer(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { BimDatabaseAction action = new RemoveUserFromExtendedDataSchemaDatabaseAction(session, getInternalAccessMethod(), uoid, edsid); @@ -2402,7 +2416,7 @@ public Long addServiceToProject(Long poid, org.bimserver.interfaces.objects.SSer @Override public void deleteService(Long oid) throws ServerException, UserException { - requireRealUserAuthentication(); + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { BimDatabaseAction action = new DeleteServiceDatabaseAction(session, getInternalAccessMethod(), oid); @@ -2500,6 +2514,7 @@ public SExtendedDataSchema getExtendedDataSchemaFromRepository(String namespace) @Override public SFile getFile(Long fileId) throws ServerException, UserException { + requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { org.bimserver.models.store.File file = (org.bimserver.models.store.File) session.get(StorePackage.eINSTANCE.getFile(), fileId, OldQuery.getDefault()); @@ -2513,6 +2528,7 @@ public SFile getFile(Long fileId) throws ServerException, UserException { @Override public SFile getFileMeta(Long fileId) throws ServerException, UserException { + requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { org.bimserver.models.store.File file = (org.bimserver.models.store.File) session.get(StorePackage.eINSTANCE.getFile(), fileId, OldQuery.getDefault()); @@ -2731,6 +2747,7 @@ public SUserSettings getUserSettings() throws ServerException, UserException { @Override public List getAllRelatedProjects(Long poid) throws ServerException, UserException { + requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { GetAllRelatedProjectsDatabaseAction action = new GetAllRelatedProjectsDatabaseAction(getBimServer(), session, getAuthorization(), getInternalAccessMethod(), poid); @@ -2744,6 +2761,7 @@ public List getAllRelatedProjects(Long poid) throws ServerExcepti @Override public List getUserRelatedLogs(Long uoid) throws ServerException, UserException { + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { List logActions = new ArrayList(); From fdd9493ec1cc582e58093e0ae170c0476365334a Mon Sep 17 00:00:00 2001 From: "Fathis, Zaqi" Date: Mon, 2 Jun 2025 16:52:21 +0200 Subject: [PATCH 2/3] Update authorization check in NewServiceImpl and LowLevelServiceImpl --- .../changes/RemoveAttributeChange.java | 6 +- .../GetDataObjectByGuidDatabaseAction.java | 74 ++++---- .../GetDataObjectByOidDatabaseAction.java | 161 +++++++++--------- .../actions/GetDataObjectsDatabaseAction.java | 96 ++++++----- .../webservices/impl/LowLevelServiceImpl.java | 89 +++++++--- .../webservices/impl/NewServicesImpl.java | 8 +- 6 files changed, 250 insertions(+), 184 deletions(-) diff --git a/BimServer/src/org/bimserver/changes/RemoveAttributeChange.java b/BimServer/src/org/bimserver/changes/RemoveAttributeChange.java index fba6c75ecf..fadc1555d7 100644 --- a/BimServer/src/org/bimserver/changes/RemoveAttributeChange.java +++ b/BimServer/src/org/bimserver/changes/RemoveAttributeChange.java @@ -23,11 +23,16 @@ import org.bimserver.BimserverDatabaseException; import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; import org.bimserver.database.queries.QueryObjectProvider; import org.bimserver.database.queries.om.Query; import org.bimserver.database.queries.om.QueryException; import org.bimserver.database.queries.om.QueryPart; import org.bimserver.emf.PackageMetaData; +import org.bimserver.models.store.Project; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.User; import org.bimserver.shared.HashMapVirtualObject; import org.bimserver.shared.exceptions.UserException; import org.eclipse.emf.ecore.EAttribute; @@ -49,7 +54,6 @@ public RemoveAttributeChange(long oid, String attributeName, int index) { @Override public void execute(Transaction transaction) throws UserException, BimserverLockConflictException, BimserverDatabaseException, IOException, QueryException { PackageMetaData packageMetaData = transaction.getDatabaseSession().getMetaDataManager().getPackageMetaData(transaction.getProject().getSchema()); - HashMapVirtualObject object = transaction.get(oid); if (object == null) { Query query = new Query(packageMetaData); diff --git a/BimServer/src/org/bimserver/database/actions/GetDataObjectByGuidDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetDataObjectByGuidDatabaseAction.java index 3b2611afd4..d32ac64002 100644 --- a/BimServer/src/org/bimserver/database/actions/GetDataObjectByGuidDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetDataObjectByGuidDatabaseAction.java @@ -23,44 +23,48 @@ import org.bimserver.database.DatabaseSession; import org.bimserver.database.ObjectIdentifier; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ConcreteRevision; -import org.bimserver.models.store.DataObject; -import org.bimserver.models.store.Revision; +import org.bimserver.models.store.*; import org.bimserver.shared.exceptions.UserException; import org.bimserver.webservices.authorization.Authorization; - -public class GetDataObjectByGuidDatabaseAction extends BimDatabaseAction{ - - private final String guid; - private final long roid; + +public class GetDataObjectByGuidDatabaseAction extends BimDatabaseAction{ + + private final String guid; + private final long roid; private final BimServer bimServer; - private Authorization authorization; - - public GetDataObjectByGuidDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long roid, String guid, Authorization authorization) { - super(databaseSession, accessMethod); - this.bimServer = bimServer; - this.roid = roid; + private Authorization authorization; + + public GetDataObjectByGuidDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long roid, String guid, Authorization authorization) { + super(databaseSession, accessMethod); + this.bimServer = bimServer; + this.roid = roid; this.guid = guid; this.authorization = authorization; - } - - @Override - public DataObject execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - Revision virtualRevision = getRevisionByRoid(roid); - ObjectIdentifier objectIdentifier = null; - for (ConcreteRevision concreteRevision : virtualRevision.getConcreteRevisions()) { - objectIdentifier = getDatabaseSession().getOidOfGuid(concreteRevision.getProject().getSchema(), guid, concreteRevision.getProject().getId(), concreteRevision.getId()); - if (objectIdentifier != null) { - long oidOfGuid = objectIdentifier.getOid(); - if (oidOfGuid != -1) { - break; - } - } - } - if (objectIdentifier == null) { - throw new UserException("Guid " + guid + " not found in this revision/project"); - } - - return new GetDataObjectByOidDatabaseAction(bimServer, getDatabaseSession(), getAccessMethod(), roid, objectIdentifier.getOid(), authorization).execute(); - } + } + + @Override + public DataObject execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + Revision virtualRevision = getRevisionByRoid(roid); + ObjectIdentifier objectIdentifier = null; + Project project = virtualRevision.getProject(); + User user = getUserByUoid(authorization.getUoid()); + if (!authorization.hasRightsOnProjectOrSuperProjectsOrSubProjects(user, project)) { + throw new UserException("User does not have rights on project"); + } + + for (ConcreteRevision concreteRevision : virtualRevision.getConcreteRevisions()) { + objectIdentifier = getDatabaseSession().getOidOfGuid(concreteRevision.getProject().getSchema(), guid, concreteRevision.getProject().getId(), concreteRevision.getId()); + if (objectIdentifier != null) { + long oidOfGuid = objectIdentifier.getOid(); + if (oidOfGuid != -1) { + break; + } + } + } + if (objectIdentifier == null) { + throw new UserException("Guid " + guid + " not found in this revision/project"); + } + + return new GetDataObjectByOidDatabaseAction(bimServer, getDatabaseSession(), getAccessMethod(), roid, objectIdentifier.getOid(), authorization).execute(); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/GetDataObjectByOidDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetDataObjectByOidDatabaseAction.java index 274bc3f57c..be7ed2c9a5 100644 --- a/BimServer/src/org/bimserver/database/actions/GetDataObjectByOidDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetDataObjectByOidDatabaseAction.java @@ -35,13 +35,7 @@ import org.bimserver.ifc.IfcModel; import org.bimserver.models.ifc2x3tc1.IfcRoot; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ConcreteRevision; -import org.bimserver.models.store.DataObject; -import org.bimserver.models.store.ListDataValue; -import org.bimserver.models.store.ReferenceDataValue; -import org.bimserver.models.store.Revision; -import org.bimserver.models.store.SimpleDataValue; -import org.bimserver.models.store.StoreFactory; +import org.bimserver.models.store.*; import org.bimserver.plugins.IfcModelSet; import org.bimserver.plugins.ModelHelper; import org.bimserver.plugins.modelmerger.MergeException; @@ -56,40 +50,47 @@ import com.google.common.base.Charsets; import com.google.common.collect.BiMap; - -public class GetDataObjectByOidDatabaseAction extends AbstractDownloadDatabaseAction { - private final long oid; - private final long roid; - - public GetDataObjectByOidDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long roid, long oid, Authorization authorization) { - super(bimServer, databaseSession, accessMethod, authorization); - this.roid = roid; - this.oid = oid; - } - - @Override +public class GetDataObjectByOidDatabaseAction extends AbstractDownloadDatabaseAction { + + private final long oid; + private final long roid; + private Authorization authorization; + + public GetDataObjectByOidDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, long roid, long oid, Authorization authorization) { + super(bimServer, databaseSession, accessMethod, authorization); + this.roid = roid; + this.oid = oid; + this.authorization = authorization; + } + + @Override public DataObject execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - Revision virtualRevision = getRevisionByRoid(roid); - EObject eObject = null; + Revision virtualRevision = getRevisionByRoid(roid); + Project project = virtualRevision.getProject(); + User user = getUserByUoid(authorization.getUoid()); + if (!authorization.hasRightsOnProjectOrSuperProjectsOrSubProjects(user, project)) { + throw new UserException("User does not have rights on project"); + } + EObject eObject = null; IfcModelSet ifcModelSet = new IfcModelSet(); PackageMetaData lastPackageMetaData = null; Map pidRoidMap = new HashMap<>(); - pidRoidMap.put(virtualRevision.getProject().getId(), virtualRevision.getOid()); + pidRoidMap.put(virtualRevision.getProject().getId(), virtualRevision.getOid()); for (ConcreteRevision concreteRevision : virtualRevision.getConcreteRevisions()) { - PackageMetaData packageMetaData = getBimServer().getMetaDataManager().getPackageMetaData(concreteRevision.getProject().getSchema()); + PackageMetaData packageMetaData = getBimServer().getMetaDataManager().getPackageMetaData(concreteRevision.getProject().getSchema()); lastPackageMetaData = packageMetaData; - IfcModel subModel = new BasicIfcModel(packageMetaData, pidRoidMap); + IfcModel subModel = new BasicIfcModel(packageMetaData, pidRoidMap); int highestStopId = findHighestStopRid(concreteRevision.getProject(), concreteRevision); OldQuery query = new OldQuery(packageMetaData, concreteRevision.getProject().getId(), concreteRevision.getId(), virtualRevision.getOid(), Deep.NO, highestStopId); - eObject = getDatabaseSession().get(null, oid, subModel, query); - subModel.getModelMetaData().setDate(concreteRevision.getDate()); - ifcModelSet.add(subModel); - if (eObject != null) { - break; + eObject = getDatabaseSession().get(null, oid, subModel, query); + subModel.getModelMetaData().setDate(concreteRevision.getDate()); + ifcModelSet.add(subModel); + if (eObject != null) { + break; } } - + IfcModelInterface ifcModel = new BasicIfcModel(lastPackageMetaData, pidRoidMap); if (ifcModelSet.size() > 1) { try { @@ -100,34 +101,34 @@ public DataObject execute() throws UserException, BimserverLockConflictException } else { ifcModel = ifcModelSet.iterator().next(); } - - if (eObject == null) { - throw new UserException("Object not found in this project/revision"); - } - DataObject dataObject = null; - if (eObject instanceof IfcRoot) { - IfcRoot ifcRoot = (IfcRoot) eObject; - String guid = ifcRoot.getGlobalId() != null ? ifcRoot.getGlobalId() : ""; - String name = ifcRoot.getName() != null ? ifcRoot.getName() : ""; - dataObject = StoreFactory.eINSTANCE.createDataObject(); - dataObject.setType(eObject.eClass().getName()); - ((IdEObjectImpl)dataObject).setOid(oid); - dataObject.setGuid(guid); - dataObject.setName(name); - } else { - dataObject = StoreFactory.eINSTANCE.createDataObject(); - dataObject.setType(eObject.eClass().getName()); - ((IdEObjectImpl)dataObject).setOid(oid); - dataObject.setName(""); + + if (eObject == null) { + throw new UserException("Object not found in this project/revision"); + } + DataObject dataObject = null; + if (eObject instanceof IfcRoot) { + IfcRoot ifcRoot = (IfcRoot) eObject; + String guid = ifcRoot.getGlobalId() != null ? ifcRoot.getGlobalId() : ""; + String name = ifcRoot.getName() != null ? ifcRoot.getName() : ""; + dataObject = StoreFactory.eINSTANCE.createDataObject(); + dataObject.setType(eObject.eClass().getName()); + ((IdEObjectImpl)dataObject).setOid(oid); + dataObject.setGuid(guid); + dataObject.setName(name); + } else { + dataObject = StoreFactory.eINSTANCE.createDataObject(); + dataObject.setType(eObject.eClass().getName()); + ((IdEObjectImpl)dataObject).setOid(oid); + dataObject.setName(""); dataObject.setGuid(""); } - fillDataObject(ifcModel.getObjects(), eObject, dataObject); - return dataObject; - } - - @SuppressWarnings({ "unchecked", "rawtypes" }) + fillDataObject(ifcModel.getObjects(), eObject, dataObject); + return dataObject; + } + + @SuppressWarnings({ "unchecked", "rawtypes" }) public static void fillDataObject(BiMap mapResult, EObject eObject, DataObject dataObject) { - for (EStructuralFeature eStructuralFeature : eObject.eClass().getEAllStructuralFeatures()) { + for (EStructuralFeature eStructuralFeature : eObject.eClass().getEAllStructuralFeatures()) { Object eGet = eObject.eGet(eStructuralFeature); if (eStructuralFeature.getEAnnotation("hidden") == null && !eStructuralFeature.isDerived()) { if (eStructuralFeature instanceof EAttribute) { @@ -165,12 +166,12 @@ public static void fillDataObject(BiMap mapRe } else { dataValue.setStringValue(eGet.toString()); } - } else { - dataValue.setStringValue(null); - } - dataValue.setFieldName(eStructuralFeature.getName()); + } else { + dataValue.setStringValue(null); + } + dataValue.setFieldName(eStructuralFeature.getName()); dataObject.getValues().add(dataValue); - } + } } else if (eStructuralFeature instanceof EReference) { if (eStructuralFeature.isMany()) { if (eStructuralFeature.getEType() == EcorePackage.eINSTANCE.getEDouble() || eStructuralFeature.getEType() == EcorePackage.eINSTANCE.getEDoubleObject()) { @@ -209,41 +210,41 @@ public static void fillDataObject(BiMap mapRe } } } else { - EObject eObject2 = (EObject) eGet; - if (eObject2 != null) { - if (eObject2.eClass().getEAnnotation("wrapped") != null) { + EObject eObject2 = (EObject) eGet; + if (eObject2 != null) { + if (eObject2.eClass().getEAnnotation("wrapped") != null) { EObject referenceEObject = (EObject) eGet; - SimpleDataValue e = StoreFactory.eINSTANCE.createSimpleDataValue(); + SimpleDataValue e = StoreFactory.eINSTANCE.createSimpleDataValue(); EStructuralFeature wrappedValueFeature = referenceEObject.eClass().getEStructuralFeature("wrappedValue"); Object eGet2 = referenceEObject.eGet(wrappedValueFeature); // if (wrappedValueFeature.getEType() == EcorePackage.eINSTANCE.getEDoubleObject() || wrappedValueFeature.getEType() == EcorePackage.eINSTANCE.getEDouble()) { // e.setStringValue((String)referenceEObject.eGet(referenceEObject.eClass().getEStructuralFeature("wrappedValueAsString"))); // } else { if (eGet2 != null) { - e.setStringValue(eGet2.toString()); - } else { - e.setStringValue(null); + e.setStringValue(eGet2.toString()); + } else { + e.setStringValue(null); } - // } - e.setFieldName(eStructuralFeature.getName()); - dataObject.getValues().add(e); + // } + e.setFieldName(eStructuralFeature.getName()); + dataObject.getValues().add(e); } else { Long oid = ((IdEObject)eObject2).getOid(); ReferenceDataValue reference = StoreFactory.eINSTANCE.createReferenceDataValue(); if (eObject2 instanceof IfcRoot) { IfcRoot ifcRoot = (IfcRoot)eObject2; String guid = ifcRoot.getGlobalId(); - reference.setGuid(guid); - } - reference.setTypeName(eObject2.eClass().getName()); - ((IdEObjectImpl)reference).setOid(oid); - reference.setFieldName(eStructuralFeature.getName()); + reference.setGuid(guid); + } + reference.setTypeName(eObject2.eClass().getName()); + ((IdEObjectImpl)reference).setOid(oid); + reference.setFieldName(eStructuralFeature.getName()); dataObject.getValues().add(reference); - } + } } - } - } + } + } } - } - } + } + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/GetDataObjectsDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/GetDataObjectsDatabaseAction.java index b1b247efd0..453cbde294 100644 --- a/BimServer/src/org/bimserver/database/actions/GetDataObjectsDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/GetDataObjectsDatabaseAction.java @@ -34,74 +34,78 @@ import org.bimserver.ifc.IfcModel; import org.bimserver.models.ifc2x3tc1.IfcRoot; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ConcreteRevision; -import org.bimserver.models.store.DataObject; -import org.bimserver.models.store.Revision; -import org.bimserver.models.store.StoreFactory; +import org.bimserver.models.store.*; import org.bimserver.plugins.IfcModelSet; import org.bimserver.plugins.ModelHelper; import org.bimserver.plugins.modelmerger.MergeException; import org.bimserver.shared.exceptions.UserException; import org.bimserver.webservices.authorization.Authorization; import org.eclipse.emf.ecore.EObject; - -public class GetDataObjectsDatabaseAction extends AbstractDownloadDatabaseAction> { - - private final long roid; - - public GetDataObjectsDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, BimServer bimServer, long roid, Authorization authorization) { - super(bimServer, databaseSession, accessMethod, authorization); + +public class GetDataObjectsDatabaseAction extends AbstractDownloadDatabaseAction> { + + private final long roid; + private Authorization authorization; + + public GetDataObjectsDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, BimServer bimServer, long roid, Authorization authorization) { + super(bimServer, databaseSession, accessMethod, authorization); this.roid = roid; - } - - @Override - public List execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - Revision virtualRevision = getRevisionByRoid(roid); + this.authorization = authorization; + } + + @Override + public List execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + Revision virtualRevision = getRevisionByRoid(roid); + Project project = virtualRevision.getProject(); + User user = getUserByUoid(authorization.getUoid()); + if (!authorization.hasRightsOnProjectOrSuperProjectsOrSubProjects(user, project)) { + throw new UserException("User does not have rights on project"); + } IfcModelSet ifcModelSet = new IfcModelSet(); PackageMetaData lastPackageMetaData = null; - Map pidRoidMap = new HashMap<>(); + Map pidRoidMap = new HashMap<>(); pidRoidMap.put(virtualRevision.getProject().getId(), virtualRevision.getOid()); for (ConcreteRevision concreteRevision : virtualRevision.getConcreteRevisions()) { int highestStopId = findHighestStopRid(concreteRevision.getProject(), concreteRevision); PackageMetaData packageMetaData = getBimServer().getMetaDataManager().getPackageMetaData(concreteRevision.getProject().getSchema()); lastPackageMetaData = packageMetaData; - IfcModel subModel = getDatabaseSession().createServerModel(packageMetaData, pidRoidMap); + IfcModel subModel = getDatabaseSession().createServerModel(packageMetaData, pidRoidMap); OldQuery query = new OldQuery(packageMetaData, concreteRevision.getProject().getId(), concreteRevision.getId(), virtualRevision.getOid(), Deep.YES, highestStopId); - getDatabaseSession().getMap(subModel, query); - subModel.getModelMetaData().setDate(concreteRevision.getDate()); - ifcModelSet.add(subModel); - } + getDatabaseSession().getMap(subModel, query); + subModel.getModelMetaData().setDate(concreteRevision.getDate()); + ifcModelSet.add(subModel); + } IfcModelInterface ifcModel = getDatabaseSession().createServerModel(lastPackageMetaData, pidRoidMap); try { ifcModel = getBimServer().getMergerFactory().createMerger(getDatabaseSession(), getAuthorization().getUoid()).merge(virtualRevision.getProject(), ifcModelSet, new ModelHelper(getBimServer().getMetaDataManager(), ifcModel)); } catch (MergeException e) { throw new UserException(e); - } - List dataObjects = new ArrayList(); - for (Long oid : ifcModel.keySet()) { + } + List dataObjects = new ArrayList(); + for (Long oid : ifcModel.keySet()) { EObject eObject = ifcModel.get(oid); if (eObject.eClass().getEAnnotation("hidden") == null) { - DataObject dataObject = null; - if (eObject instanceof IfcRoot) { - IfcRoot ifcRoot = (IfcRoot)eObject; - String guid = ifcRoot.getGlobalId() != null ? ifcRoot.getGlobalId() : ""; - String name = ifcRoot.getName() != null ? ifcRoot.getName() : ""; - dataObject = StoreFactory.eINSTANCE.createDataObject(); - dataObject.setType(eObject.eClass().getName()); - ((IdEObjectImpl)dataObject).setOid(oid); - dataObject.setGuid(guid); - dataObject.setName(name); - } else { - dataObject = StoreFactory.eINSTANCE.createDataObject(); - dataObject.setType(eObject.eClass().getName()); - ((IdEObjectImpl)dataObject).setOid(oid); - dataObject.setGuid(""); - dataObject.setName(""); + DataObject dataObject = null; + if (eObject instanceof IfcRoot) { + IfcRoot ifcRoot = (IfcRoot)eObject; + String guid = ifcRoot.getGlobalId() != null ? ifcRoot.getGlobalId() : ""; + String name = ifcRoot.getName() != null ? ifcRoot.getName() : ""; + dataObject = StoreFactory.eINSTANCE.createDataObject(); + dataObject.setType(eObject.eClass().getName()); + ((IdEObjectImpl)dataObject).setOid(oid); + dataObject.setGuid(guid); + dataObject.setName(name); + } else { + dataObject = StoreFactory.eINSTANCE.createDataObject(); + dataObject.setType(eObject.eClass().getName()); + ((IdEObjectImpl)dataObject).setOid(oid); + dataObject.setGuid(""); + dataObject.setName(""); } - GetDataObjectByOidDatabaseAction.fillDataObject(ifcModel.getObjects(), eObject, dataObject); - dataObjects.add(dataObject); - } + GetDataObjectByOidDatabaseAction.fillDataObject(ifcModel.getObjects(), eObject, dataObject); + dataObjects.add(dataObject); + } } - return dataObjects; - } + return dataObjects; + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/webservices/impl/LowLevelServiceImpl.java b/BimServer/src/org/bimserver/webservices/impl/LowLevelServiceImpl.java index 096e33f8f5..4ed4cff821 100644 --- a/BimServer/src/org/bimserver/webservices/impl/LowLevelServiceImpl.java +++ b/BimServer/src/org/bimserver/webservices/impl/LowLevelServiceImpl.java @@ -46,10 +46,7 @@ import org.bimserver.database.actions.GetDataObjectsDatabaseAction; import org.bimserver.emf.IdEObject; import org.bimserver.interfaces.objects.SDataObject; -import org.bimserver.models.store.ConcreteRevision; -import org.bimserver.models.store.DataObject; -import org.bimserver.models.store.Project; -import org.bimserver.models.store.Revision; +import org.bimserver.models.store.*; import org.bimserver.shared.exceptions.ServerException; import org.bimserver.shared.exceptions.UserException; import org.bimserver.shared.interfaces.LowLevelInterface; @@ -64,7 +61,19 @@ public class LowLevelServiceImpl extends GenericServiceImpl implements LowLevelInterface { private static final Logger LOGGER = LoggerFactory.getLogger(LowLevelServiceImpl.class); - + + private void checkWritePermission() throws UserException { + try (DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY)) { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User is read only and not allowed to invoke this method."); + } + } catch (BimserverDatabaseException e) { + throw new RuntimeException(e); + } + } + + public LowLevelServiceImpl(ServiceMap serviceMap) { super(serviceMap); } @@ -81,6 +90,10 @@ public Long startTransaction(Long poid) throws UserException, ServerException { if (project == null) { throw new UserException("No project found with poid " + poid); } + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (!getAuthorization().hasRightsOnProjectOrSuperProjectsOrSubProjects(user, project)) { + throw new UserException("User has no rights on project with poid " + poid); + } pid = project.getId(); if (project.getLastRevision() != null) { Revision revision = project.getLastRevision(); @@ -135,66 +148,73 @@ public void abortTransaction(Long tid) throws UserException, ServerException { public void addStringAttribute(Long tid, Long oid, String attributeName, String value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new AddAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void addIntegerAttribute(Long tid, Long oid, String attributeName, Integer value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new AddAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void addDoubleAttribute(Long tid, Long oid, String attributeName, Double value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new AddAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void setDoubleAttributes(Long tid, Long oid, String attributeName, List values) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, values)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void setDoubleAttributeAtIndex(Long tid, Long oid, String attributeName, Integer index, Double value) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChangeAtIndex(oid, attributeName, index, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void setBooleanAttributeAtIndex(Long tid, Long oid, String attributeName, Integer index, Boolean value) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChangeAtIndex(oid, attributeName, index, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void setIntegerAttributes(Long tid, Long oid, String attributeName, List values) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, values)); } catch (NoTransactionException e) { handleException(e); @@ -205,6 +225,7 @@ public void setIntegerAttributes(Long tid, Long oid, String attributeName, List< public void setIntegerAttributeAtIndex(Long tid, Long oid, String attributeName, Integer index, Integer value) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChangeAtIndex(oid, attributeName, index, value)); } catch (NoTransactionException e) { handleException(e); @@ -215,6 +236,7 @@ public void setIntegerAttributeAtIndex(Long tid, Long oid, String attributeName, public void setLongAttributes(Long tid, Long oid, String attributeName, List values) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, values)); } catch (NoTransactionException e) { handleException(e); @@ -225,36 +247,40 @@ public void setLongAttributes(Long tid, Long oid, String attributeName, List values) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, values)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void addBooleanAttribute(Long tid, Long oid, String attributeName, Boolean value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new AddAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void addReference(Long tid, Long oid, String referenceName, Long referenceOid) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new AddReferenceChange(oid, referenceName, referenceOid)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public Long createObject(Long tid, String className, Boolean generateGuid) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); LongTransaction longTransaction = getBimServer().getLongTransactionManager().get(tid); if (longTransaction == null) { throw new UserException("No transaction with tid " + tid + " was found"); @@ -278,41 +304,45 @@ public Long createObject(Long tid, String className, Boolean generateGuid) throw public void removeAttribute(Long tid, Long oid, String attributeName, Integer index) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new RemoveAttributeChange(oid, attributeName, index)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void removeObject(Long tid, Long oid) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new RemoveObjectChange(oid)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void removeReference(Long tid, Long oid, String referenceName, Integer index) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new RemoveReferenceChange(oid, referenceName, index)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void removeReferenceByOid(Long tid, Long oid, String referenceName, Long referencedOid) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new RemoveReferenceChange(oid, referenceName, referencedOid)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void removeAllReferences(Long tid, Long oid, String referenceName) throws ServerException, UserException { @@ -328,6 +358,7 @@ public void removeAllReferences(Long tid, Long oid, String referenceName) throws public void setStringAttribute(Long tid, Long oid, String attributeName, String value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); @@ -338,6 +369,7 @@ public void setStringAttribute(Long tid, Long oid, String attributeName, String public void setStringAttributeAtIndex(Long tid, Long oid, String attributeName, Integer index, String value) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChangeAtIndex(oid, attributeName, index, value)); } catch (NoTransactionException e) { handleException(e); @@ -349,6 +381,7 @@ public void setWrappedStringAttribute(Long tid, Long oid, String attributeName, throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetWrappedAttributeChange(oid, attributeName, type, value)); } catch (NoTransactionException e) { handleException(e); @@ -365,16 +398,18 @@ public String getStringAttribute(Long tid, Long oid, String attributeName) throw public void setIntegerAttribute(Long tid, Long oid, String attributeName, Integer value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void setWrappedIntegerAttribute(Long tid, Long oid, String attributeName, String type, Integer value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetWrappedAttributeChange(oid, attributeName, type, value)); } catch (NoTransactionException e) { handleException(e); @@ -385,16 +420,18 @@ public void setWrappedIntegerAttribute(Long tid, Long oid, String attributeName, public void setByteArrayAttribute(Long tid, Long oid, String attributeName, Byte[] value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public void setLongAttribute(Long tid, Long oid, String attributeName, Long value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); @@ -405,6 +442,7 @@ public void setLongAttribute(Long tid, Long oid, String attributeName, Long valu public void setLongAttributeAtIndex(Long tid, Long oid, String attributeName, Integer index,Long value) throws ServerException, UserException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChangeAtIndex(oid, attributeName, index, value)); } catch (NoTransactionException e) { handleException(e); @@ -415,6 +453,7 @@ public void setLongAttributeAtIndex(Long tid, Long oid, String attributeName, In public void setWrappedLongAttribute(Long tid, Long oid, String attributeName, String type, Long value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetWrappedAttributeChange(oid, attributeName, type, value)); } catch (NoTransactionException e) { handleException(e); @@ -440,6 +479,7 @@ public Long getLongAttributeAtIndex(Long tid, Long oid, String attributeName, In @Override public void setBooleanAttribute(Long tid, Long oid, String attributeName, Boolean value) throws UserException, ServerException { try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); @@ -449,6 +489,7 @@ public void setBooleanAttribute(Long tid, Long oid, String attributeName, Boolea @Override public void setWrappedBooleanAttribute(Long tid, Long oid, String attributeName, String type, Boolean value) throws UserException, ServerException { try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetWrappedAttributeChange(oid, attributeName, type, value)); } catch (NoTransactionException e) { handleException(e); @@ -468,6 +509,7 @@ public Boolean getBooleanAttributeAtIndex(Long tid, Long oid, String attributeNa @Override public void setDoubleAttribute(Long tid, Long oid, String attributeName, Double value) throws UserException, ServerException { try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); @@ -477,6 +519,7 @@ public void setDoubleAttribute(Long tid, Long oid, String attributeName, Double @Override public void setWrappedDoubleAttribute(Long tid, Long oid, String attributeName, String type, Double value) throws UserException, ServerException { try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetWrappedAttributeChange(oid, attributeName, type, value)); } catch (NoTransactionException e) { handleException(e); @@ -587,11 +630,12 @@ private Object getAttributeAtIndex(Long tid, Long oid, String attributeName, int public void setEnumAttribute(Long tid, Long oid, String attributeName, String value) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, value)); } catch (NoTransactionException e) { handleException(e); } - } + } @Override public String getEnumAttribute(Long tid, Long oid, String attributeName) throws ServerException, UserException { @@ -603,6 +647,7 @@ public String getEnumAttribute(Long tid, Long oid, String attributeName) throws public void setReference(Long tid, Long oid, String referenceName, Long referenceOid) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetReferenceChange(oid, referenceName, referenceOid)); } catch (NoTransactionException e) { handleException(e); @@ -663,6 +708,7 @@ public List getReferences(Long tid, Long oid, String referenceName) throws public void unsetAttribute(Long tid, Long oid, String attributeName) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetAttributeChange(oid, attributeName, null)); } catch (NoTransactionException e) { handleException(e); @@ -673,6 +719,7 @@ public void unsetAttribute(Long tid, Long oid, String attributeName) throws User public void unsetReference(Long tid, Long oid, String referenceName) throws UserException, ServerException { requireAuthenticationAndRunningServer(); try { + checkWritePermission(); getBimServer().getLongTransactionManager().get(tid).add(new SetReferenceChange(oid, referenceName, -1)); } catch (NoTransactionException e) { handleException(e); diff --git a/BimServer/src/org/bimserver/webservices/impl/NewServicesImpl.java b/BimServer/src/org/bimserver/webservices/impl/NewServicesImpl.java index 9b88cac549..367ce74f8a 100644 --- a/BimServer/src/org/bimserver/webservices/impl/NewServicesImpl.java +++ b/BimServer/src/org/bimserver/webservices/impl/NewServicesImpl.java @@ -58,6 +58,8 @@ import org.bimserver.interfaces.objects.SSerializerPluginConfiguration; import org.bimserver.models.store.PluginDescriptor; import org.bimserver.models.store.Project; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.User; import org.bimserver.plugins.Plugin; import org.bimserver.plugins.serializers.StreamingSerializerPlugin; import org.bimserver.shared.exceptions.ServerException; @@ -149,13 +151,17 @@ public List listAvailableOutputFormats(Long poid) throws S Map outputs = new HashMap<>(); try (DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY)) { Project project = session.get(poid, OldQuery.getDefault()); + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (!getAuthorization().hasRightsOnProject(user, project)) { + throw new UserException("User has no rights on project"); + } try { List allSerializersForPoids = getServiceMap().get(PluginInterface.class).getAllSerializersForPoids(true, Collections.singleton(poid)); for (SSerializerPluginConfiguration pluginConfiguration : allSerializersForPoids) { PluginDescriptor pluginDescriptor = session.get(pluginConfiguration.getPluginDescriptorId(), OldQuery.getDefault()); Plugin plugin = getBimServer().getPluginManager().getPlugin(pluginDescriptor.getIdentifier(), true); String outputFormat = null; - + // TODO For now only streaming serializers if (plugin instanceof StreamingSerializerPlugin) { outputFormat = ((StreamingSerializerPlugin)plugin).getOutputFormat(Schema.valueOf(project.getSchema().toUpperCase())); From ee7a29631f68150c20e291507cc09af5ef67d586 Mon Sep 17 00:00:00 2001 From: "Fathis, Zaqi" Date: Wed, 4 Jun 2025 16:49:42 +0200 Subject: [PATCH 3/3] Update authorization in SettingsServiceImpl, MetaServiceImpl, and PluginServiceImpl --- .../AddDeserializerDatabaseAction.java | 86 ++++++------ .../AddInternalServiceDatabaseAction.java | 100 +++++++------- .../AddModelCompareDatabaseAction.java | 86 ++++++------ .../actions/AddModelMergerDatabaseAction.java | 86 ++++++------ .../actions/AddQueryEngineDatabaseAction.java | 86 ++++++------ .../AddRenderEngineDatabaseAction.java | 86 ++++++------ .../actions/AddSerializerDatabaseAction.java | 102 ++++++++------- .../DeleteDeserializerDatabaseAction.java | 81 ++++++------ .../DeleteInternalServiceDatabaseAction.java | 81 ++++++------ .../DeleteModelCompareDatabaseAction.java | 81 ++++++------ .../DeleteModelMergerDatabaseAction.java | 79 ++++++------ ...letePluginConfigurationDatabaseAction.java | 69 +++++----- .../DeleteQueryEngineDatabaseAction.java | 81 ++++++------ .../DeleteRenderEngineDatabaseAction.java | 81 ++++++------ .../DeleteSerializerDatabaseAction.java | 13 +- .../actions/SetUserSettingDatabaseAction.java | 35 ++--- .../webservices/impl/MetaServiceImpl.java | 122 ++++++++++-------- .../webservices/impl/PluginServiceImpl.java | 120 ++++++++++++++--- .../webservices/impl/SettingsServiceImpl.java | 3 + 19 files changed, 818 insertions(+), 660 deletions(-) diff --git a/BimServer/src/org/bimserver/database/actions/AddDeserializerDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddDeserializerDatabaseAction.java index adf84c6d5f..d2b582d02f 100644 --- a/BimServer/src/org/bimserver/database/actions/AddDeserializerDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddDeserializerDatabaseAction.java @@ -1,47 +1,51 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.DeserializerPluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.webservices.authorization.Authorization; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.DeserializerPluginConfiguration; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class AddDeserializerDatabaseAction extends AddDatabaseAction { - private Authorization authorization; - + private Authorization authorization; + public AddDeserializerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, DeserializerPluginConfiguration deserializer) { - super(databaseSession, accessMethod, deserializer); + super(databaseSession, accessMethod, deserializer); this.authorization = authorization; - } - - @Override - public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - user.getUserSettings().getDeserializers().add(getIdEObject()); - getDatabaseSession().store(user.getUserSettings()); - return super.execute(); - } + } + + @Override + public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + user.getUserSettings().getDeserializers().add(getIdEObject()); + getDatabaseSession().store(user.getUserSettings()); + return super.execute(); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/AddInternalServiceDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddInternalServiceDatabaseAction.java index 142e90d1e0..c3c3a933cc 100644 --- a/BimServer/src/org/bimserver/database/actions/AddInternalServiceDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddInternalServiceDatabaseAction.java @@ -1,57 +1,57 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimServer; -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.InternalServicePluginConfiguration; -import org.bimserver.models.store.ObjectType; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; -import org.bimserver.plugins.Plugin; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.webservices.authorization.Authorization; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimServer; +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.*; +import org.bimserver.plugins.Plugin; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class AddInternalServiceDatabaseAction extends AddDatabaseAction { - private Authorization authorization; - private BimServer bimServer; - + private Authorization authorization; + private BimServer bimServer; + public AddInternalServiceDatabaseAction(BimServer bimServer, DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, InternalServicePluginConfiguration eService) { - super(databaseSession, accessMethod, eService); - this.bimServer = bimServer; + super(databaseSession, accessMethod, eService); + this.bimServer = bimServer; this.authorization = authorization; - } - - @Override - public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - InternalServicePluginConfiguration idEObject = getIdEObject(); - idEObject.setUserSettings(user.getUserSettings()); - Plugin plugin = bimServer.getPluginManager().getPlugin(idEObject.getPluginDescriptor().getIdentifier(), true); - ObjectType settings = bimServer.convertSettings(getDatabaseSession(), plugin.getUserSettingsDefinition()); - user.getUserSettings().getServices().add(idEObject); - idEObject.setSettings(settings); - getDatabaseSession().store(user.getUserSettings()); - return super.execute(); + } + + @Override + public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + InternalServicePluginConfiguration idEObject = getIdEObject(); + idEObject.setUserSettings(user.getUserSettings()); + Plugin plugin = bimServer.getPluginManager().getPlugin(idEObject.getPluginDescriptor().getIdentifier(), true); + ObjectType settings = bimServer.convertSettings(getDatabaseSession(), plugin.getUserSettingsDefinition()); + user.getUserSettings().getServices().add(idEObject); + idEObject.setSettings(settings); + getDatabaseSession().store(user.getUserSettings()); + return super.execute(); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/AddModelCompareDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddModelCompareDatabaseAction.java index 936f326857..6368e69ea7 100644 --- a/BimServer/src/org/bimserver/database/actions/AddModelCompareDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddModelCompareDatabaseAction.java @@ -1,47 +1,51 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ModelComparePluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.webservices.authorization.Authorization; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.ModelComparePluginConfiguration; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class AddModelCompareDatabaseAction extends AddDatabaseAction { - private Authorization authorization; - + private Authorization authorization; + public AddModelCompareDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, ModelComparePluginConfiguration modelCompare) { - super(databaseSession, accessMethod, modelCompare); + super(databaseSession, accessMethod, modelCompare); this.authorization = authorization; - } - - @Override - public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - user.getUserSettings().getModelCompares().add(getIdEObject()); - getDatabaseSession().store(user.getUserSettings()); - return super.execute(); - } + } + + @Override + public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + user.getUserSettings().getModelCompares().add(getIdEObject()); + getDatabaseSession().store(user.getUserSettings()); + return super.execute(); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/AddModelMergerDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddModelMergerDatabaseAction.java index 46094c684d..f201b9c553 100644 --- a/BimServer/src/org/bimserver/database/actions/AddModelMergerDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddModelMergerDatabaseAction.java @@ -1,47 +1,51 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ModelMergerPluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.webservices.authorization.Authorization; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.ModelMergerPluginConfiguration; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class AddModelMergerDatabaseAction extends AddDatabaseAction { - private Authorization authorization; - + private Authorization authorization; + public AddModelMergerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, ModelMergerPluginConfiguration modelMerger) { - super(databaseSession, accessMethod, modelMerger); + super(databaseSession, accessMethod, modelMerger); this.authorization = authorization; - } - - @Override - public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - user.getUserSettings().getModelMergers().add(getIdEObject()); - getDatabaseSession().store(user.getUserSettings()); - return super.execute(); - } + } + + @Override + public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + user.getUserSettings().getModelMergers().add(getIdEObject()); + getDatabaseSession().store(user.getUserSettings()); + return super.execute(); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/AddQueryEngineDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddQueryEngineDatabaseAction.java index eb8cc52010..f84b4b27b7 100644 --- a/BimServer/src/org/bimserver/database/actions/AddQueryEngineDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddQueryEngineDatabaseAction.java @@ -1,47 +1,51 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.QueryEnginePluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.webservices.authorization.Authorization; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.QueryEnginePluginConfiguration; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class AddQueryEngineDatabaseAction extends AddDatabaseAction { - private Authorization authorization; - + private Authorization authorization; + public AddQueryEngineDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, QueryEnginePluginConfiguration queryEngine) { - super(databaseSession, accessMethod, queryEngine); + super(databaseSession, accessMethod, queryEngine); this.authorization = authorization; - } - - @Override - public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - user.getUserSettings().getQueryEngines().add(getIdEObject()); - getDatabaseSession().store(user.getUserSettings()); - return super.execute(); - } + } + + @Override + public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + user.getUserSettings().getQueryEngines().add(getIdEObject()); + getDatabaseSession().store(user.getUserSettings()); + return super.execute(); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/AddRenderEngineDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddRenderEngineDatabaseAction.java index f60f6b47f8..b5b2f8eb66 100644 --- a/BimServer/src/org/bimserver/database/actions/AddRenderEngineDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddRenderEngineDatabaseAction.java @@ -1,47 +1,51 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.RenderEnginePluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.webservices.authorization.Authorization; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.RenderEnginePluginConfiguration; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class AddRenderEngineDatabaseAction extends AddDatabaseAction { - private Authorization authorization; - + private Authorization authorization; + public AddRenderEngineDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, RenderEnginePluginConfiguration renderEngine) { - super(databaseSession, accessMethod, renderEngine); + super(databaseSession, accessMethod, renderEngine); this.authorization = authorization; - } - - @Override - public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - user.getUserSettings().getRenderEngines().add(getIdEObject()); - getDatabaseSession().store(user.getUserSettings()); - return super.execute(); - } + } + + @Override + public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + user.getUserSettings().getRenderEngines().add(getIdEObject()); + getDatabaseSession().store(user.getUserSettings()); + return super.execute(); + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/AddSerializerDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/AddSerializerDatabaseAction.java index 190f658dac..b3dcb8ad37 100644 --- a/BimServer/src/org/bimserver/database/actions/AddSerializerDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/AddSerializerDatabaseAction.java @@ -1,56 +1,60 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.SerializerPluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.User; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.webservices.authorization.Authorization; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.SerializerPluginConfiguration; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class AddSerializerDatabaseAction extends AddDatabaseAction { - private Authorization authorization; - + private Authorization authorization; + public AddSerializerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, SerializerPluginConfiguration serializer) { - super(databaseSession, accessMethod, serializer); + super(databaseSession, accessMethod, serializer); this.authorization = authorization; - } - - @Override - public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - Long execute = super.execute(); - // Make sure the backreferences are stored as well, someday this should be automatic - if (getIdEObject().getRenderEngine() != null) { - getDatabaseSession().store(getIdEObject().getRenderEngine()); - } - if (getIdEObject().getObjectIDM() != null) { - getDatabaseSession().store(getIdEObject().getObjectIDM()); - } - User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - user.getUserSettings().getSerializers().add(getIdEObject()); - getDatabaseSession().store(user.getUserSettings()); - - return execute; + } + + @Override + public Long execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + Long execute = super.execute(); + // Make sure the backreferences are stored as well, someday this should be automatic + if (getIdEObject().getRenderEngine() != null) { + getDatabaseSession().store(getIdEObject().getRenderEngine()); + } + if (getIdEObject().getObjectIDM() != null) { + getDatabaseSession().store(getIdEObject().getObjectIDM()); + } + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + user.getUserSettings().getSerializers().add(getIdEObject()); + getDatabaseSession().store(user.getUserSettings()); + + return execute; } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/DeleteDeserializerDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeleteDeserializerDatabaseAction.java index 50a1db9a92..fafca14fc6 100644 --- a/BimServer/src/org/bimserver/database/actions/DeleteDeserializerDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeleteDeserializerDatabaseAction.java @@ -1,44 +1,49 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.DeserializerPluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.UserSettings; -import org.bimserver.shared.exceptions.UserException; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.*; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class DeleteDeserializerDatabaseAction extends DeleteDatabaseAction { + private Authorization authorization; - public DeleteDeserializerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long sid) { + public DeleteDeserializerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long sid) { super(databaseSession, accessMethod, StorePackage.eINSTANCE.getDeserializerPluginConfiguration(), sid); - } - - @Override - public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - DeserializerPluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); - UserSettings settings = object.getUserSettings(); - settings.getDeserializers().remove(object); - getDatabaseSession().store(settings); - return super.execute(); + this.authorization = authorization; + } + + @Override + public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + DeserializerPluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); + UserSettings settings = object.getUserSettings(); + settings.getDeserializers().remove(object); + getDatabaseSession().store(settings); + return super.execute(); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/DeleteInternalServiceDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeleteInternalServiceDatabaseAction.java index a46e933c1c..8e2cd5a154 100644 --- a/BimServer/src/org/bimserver/database/actions/DeleteInternalServiceDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeleteInternalServiceDatabaseAction.java @@ -1,44 +1,49 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.InternalServicePluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.UserSettings; -import org.bimserver.shared.exceptions.UserException; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.*; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class DeleteInternalServiceDatabaseAction extends DeleteDatabaseAction { + private Authorization authorization; - public DeleteInternalServiceDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long ifid) { + public DeleteInternalServiceDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long ifid) { super(databaseSession, accessMethod, StorePackage.eINSTANCE.getInternalServicePluginConfiguration(), ifid); - } - - @Override - public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - InternalServicePluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); - UserSettings settings = object.getUserSettings(); - settings.getServices().remove(object); - getDatabaseSession().store(settings); - return super.execute(); + this.authorization = authorization; + } + + @Override + public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + InternalServicePluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); + UserSettings settings = object.getUserSettings(); + settings.getServices().remove(object); + getDatabaseSession().store(settings); + return super.execute(); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/DeleteModelCompareDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeleteModelCompareDatabaseAction.java index 49e556ce3a..c9c4696afb 100644 --- a/BimServer/src/org/bimserver/database/actions/DeleteModelCompareDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeleteModelCompareDatabaseAction.java @@ -1,44 +1,49 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ModelComparePluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.UserSettings; -import org.bimserver.shared.exceptions.UserException; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.*; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class DeleteModelCompareDatabaseAction extends DeleteDatabaseAction { + private Authorization authorization; - public DeleteModelCompareDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long iid) { + public DeleteModelCompareDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long iid) { super(databaseSession, accessMethod, StorePackage.eINSTANCE.getModelComparePluginConfiguration(), iid); - } - - @Override - public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - ModelComparePluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); - UserSettings settings = object.getUserSettings(); - settings.getModelCompares().remove(object); - getDatabaseSession().store(settings); - return super.execute(); + this.authorization = authorization; + } + + @Override + public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + ModelComparePluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); + UserSettings settings = object.getUserSettings(); + settings.getModelCompares().remove(object); + getDatabaseSession().store(settings); + return super.execute(); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/DeleteModelMergerDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeleteModelMergerDatabaseAction.java index b44d0aa114..122ee8ac4f 100644 --- a/BimServer/src/org/bimserver/database/actions/DeleteModelMergerDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeleteModelMergerDatabaseAction.java @@ -1,44 +1,47 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.ModelMergerPluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.UserSettings; -import org.bimserver.shared.exceptions.UserException; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.ModelMergerPluginConfiguration; +import org.bimserver.models.store.StorePackage; +import org.bimserver.models.store.UserSettings; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class DeleteModelMergerDatabaseAction extends DeleteDatabaseAction { + private Authorization authorization; - public DeleteModelMergerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long iid) { + public DeleteModelMergerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long iid) { super(databaseSession, accessMethod, StorePackage.eINSTANCE.getModelMergerPluginConfiguration(), iid); - } - - @Override - public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - ModelMergerPluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); - UserSettings settings = object.getUserSettings(); - settings.getModelMergers().remove(object); - getDatabaseSession().store(settings); - return super.execute(); + this.authorization = authorization; + } + + @Override + public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + ModelMergerPluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); + UserSettings settings = object.getUserSettings(); + settings.getModelMergers().remove(object); + getDatabaseSession().store(settings); + return super.execute(); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/DeletePluginConfigurationDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeletePluginConfigurationDatabaseAction.java index ecebd1f562..ed6f01eff5 100644 --- a/BimServer/src/org/bimserver/database/actions/DeletePluginConfigurationDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeletePluginConfigurationDatabaseAction.java @@ -1,48 +1,53 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import java.util.List; - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.PluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.UserSettings; -import org.bimserver.shared.exceptions.ServerException; -import org.bimserver.shared.exceptions.UserException; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import java.util.List; + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.*; +import org.bimserver.shared.exceptions.ServerException; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; import org.eclipse.emf.ecore.EReference; public class DeletePluginConfigurationDatabaseAction extends BimDatabaseAction{ private long oid; + private Authorization authorization; - public DeletePluginConfigurationDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long oid) { + public DeletePluginConfigurationDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long oid) { super(databaseSession, accessMethod); this.oid = oid; + this.authorization = authorization; } @SuppressWarnings("rawtypes") @Override public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException, ServerException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } PluginConfiguration pluginConfiguration = getDatabaseSession().get(StorePackage.eINSTANCE.getPluginConfiguration(), oid, OldQuery.getDefault()); UserSettings settings = (UserSettings) pluginConfiguration.eGet(pluginConfiguration.eClass().getEStructuralFeature("userSettings")); if (settings == null) { diff --git a/BimServer/src/org/bimserver/database/actions/DeleteQueryEngineDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeleteQueryEngineDatabaseAction.java index da54713d22..d15a8262e2 100644 --- a/BimServer/src/org/bimserver/database/actions/DeleteQueryEngineDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeleteQueryEngineDatabaseAction.java @@ -1,44 +1,49 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.QueryEnginePluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.UserSettings; -import org.bimserver.shared.exceptions.UserException; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.*; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class DeleteQueryEngineDatabaseAction extends DeleteDatabaseAction { + private Authorization authorization; - public DeleteQueryEngineDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long iid) { + public DeleteQueryEngineDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long iid) { super(databaseSession, accessMethod, StorePackage.eINSTANCE.getQueryEnginePluginConfiguration(), iid); - } - - @Override - public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - QueryEnginePluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); - UserSettings settings = object.getUserSettings(); - settings.getQueryEngines().remove(object); - getDatabaseSession().store(settings); - return super.execute(); + this.authorization = authorization; + } + + @Override + public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + QueryEnginePluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); + UserSettings settings = object.getUserSettings(); + settings.getQueryEngines().remove(object); + getDatabaseSession().store(settings); + return super.execute(); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/DeleteRenderEngineDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeleteRenderEngineDatabaseAction.java index 526f7074f5..b72e2178e5 100644 --- a/BimServer/src/org/bimserver/database/actions/DeleteRenderEngineDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeleteRenderEngineDatabaseAction.java @@ -1,44 +1,49 @@ -package org.bimserver.database.actions; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import org.bimserver.BimserverDatabaseException; -import org.bimserver.database.BimserverLockConflictException; -import org.bimserver.database.DatabaseSession; -import org.bimserver.database.OldQuery; -import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.RenderEnginePluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.UserSettings; -import org.bimserver.shared.exceptions.UserException; +package org.bimserver.database.actions; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import org.bimserver.BimserverDatabaseException; +import org.bimserver.database.BimserverLockConflictException; +import org.bimserver.database.DatabaseSession; +import org.bimserver.database.OldQuery; +import org.bimserver.models.log.AccessMethod; +import org.bimserver.models.store.*; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class DeleteRenderEngineDatabaseAction extends DeleteDatabaseAction { + private Authorization authorization; - public DeleteRenderEngineDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long iid) { + public DeleteRenderEngineDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long iid) { super(databaseSession, accessMethod, StorePackage.eINSTANCE.getRenderEnginePluginConfiguration(), iid); - } - - @Override - public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { - RenderEnginePluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); - UserSettings settings = object.getUserSettings(); - settings.getRenderEngines().remove(object); - getDatabaseSession().store(settings); - return super.execute(); + this.authorization = authorization; + } + + @Override + public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } + RenderEnginePluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); + UserSettings settings = object.getUserSettings(); + settings.getRenderEngines().remove(object); + getDatabaseSession().store(settings); + return super.execute(); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/database/actions/DeleteSerializerDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/DeleteSerializerDatabaseAction.java index 96f65cbc43..d80443f907 100644 --- a/BimServer/src/org/bimserver/database/actions/DeleteSerializerDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/DeleteSerializerDatabaseAction.java @@ -22,19 +22,24 @@ import org.bimserver.database.DatabaseSession; import org.bimserver.database.OldQuery; import org.bimserver.models.log.AccessMethod; -import org.bimserver.models.store.SerializerPluginConfiguration; -import org.bimserver.models.store.StorePackage; -import org.bimserver.models.store.UserSettings; +import org.bimserver.models.store.*; import org.bimserver.shared.exceptions.UserException; +import org.bimserver.webservices.authorization.Authorization; public class DeleteSerializerDatabaseAction extends DeleteDatabaseAction { + private Authorization authorization; - public DeleteSerializerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, long sid) { + public DeleteSerializerDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, long sid) { super(databaseSession, accessMethod, StorePackage.eINSTANCE.getSerializerPluginConfiguration(), sid); + this.authorization = authorization; } @Override public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("User has no rights for this call"); + } SerializerPluginConfiguration object = getDatabaseSession().get(geteClass(), getOid(), OldQuery.getDefault()); UserSettings settings = object.getUserSettings(); settings.getSerializers().remove(object); diff --git a/BimServer/src/org/bimserver/database/actions/SetUserSettingDatabaseAction.java b/BimServer/src/org/bimserver/database/actions/SetUserSettingDatabaseAction.java index 25c411091d..4f7fbf7e92 100644 --- a/BimServer/src/org/bimserver/database/actions/SetUserSettingDatabaseAction.java +++ b/BimServer/src/org/bimserver/database/actions/SetUserSettingDatabaseAction.java @@ -24,24 +24,29 @@ import org.bimserver.models.log.AccessMethod; import org.bimserver.models.store.StorePackage; import org.bimserver.models.store.User; +import org.bimserver.models.store.UserType; import org.bimserver.shared.exceptions.UserException; import org.bimserver.webservices.authorization.Authorization; - -public class SetUserSettingDatabaseAction extends BimDatabaseAction { + +public class SetUserSettingDatabaseAction extends BimDatabaseAction { + private UserSettingsSetter userSettingsSetter; - private Authorization authorization; - - public SetUserSettingDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, UserSettingsSetter userSettingsSetter) { + private Authorization authorization; + + public SetUserSettingDatabaseAction(DatabaseSession databaseSession, AccessMethod accessMethod, Authorization authorization, UserSettingsSetter userSettingsSetter) { super(databaseSession, accessMethod); - this.authorization = authorization; - this.userSettingsSetter = userSettingsSetter; - } - - @Override - public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { + this.authorization = authorization; + this.userSettingsSetter = userSettingsSetter; + } + + @Override + public Void execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException { User user = getDatabaseSession().get(StorePackage.eINSTANCE.getUser(), authorization.getUoid(), OldQuery.getDefault()); - userSettingsSetter.set(user.getUserSettings()); - getDatabaseSession().store(user.getUserSettings()); - return null; - } + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot set user settings"); + } + userSettingsSetter.set(user.getUserSettings()); + getDatabaseSession().store(user.getUserSettings()); + return null; + } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/webservices/impl/MetaServiceImpl.java b/BimServer/src/org/bimserver/webservices/impl/MetaServiceImpl.java index f207896b5f..56a92b7dda 100644 --- a/BimServer/src/org/bimserver/webservices/impl/MetaServiceImpl.java +++ b/BimServer/src/org/bimserver/webservices/impl/MetaServiceImpl.java @@ -1,54 +1,55 @@ -package org.bimserver.webservices.impl; - -/****************************************************************************** - * Copyright (C) 2009-2019 BIMserver.org - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see {@literal}. - *****************************************************************************/ - -import java.util.ArrayList; -import java.util.Collections; -import java.util.Comparator; -import java.util.List; - -import org.bimserver.interfaces.objects.SServiceField; -import org.bimserver.interfaces.objects.SServiceInterface; -import org.bimserver.interfaces.objects.SServiceMethod; -import org.bimserver.interfaces.objects.SServiceParameter; -import org.bimserver.interfaces.objects.SServiceSimpleType; -import org.bimserver.interfaces.objects.SServiceType; -import org.bimserver.shared.exceptions.ServerException; -import org.bimserver.shared.exceptions.UserException; -import org.bimserver.shared.interfaces.MetaInterface; -import org.bimserver.shared.meta.SClass; -import org.bimserver.shared.meta.SField; -import org.bimserver.shared.meta.SMethod; -import org.bimserver.shared.meta.SParameter; -import org.bimserver.shared.meta.SService; -import org.bimserver.webservices.ServiceMap; - -import com.fasterxml.jackson.databind.ObjectMapper; +package org.bimserver.webservices.impl; + +/****************************************************************************** + * Copyright (C) 2009-2019 BIMserver.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see {@literal}. + *****************************************************************************/ + +import java.util.ArrayList; +import java.util.Collections; +import java.util.Comparator; +import java.util.List; + +import org.bimserver.interfaces.objects.SServiceField; +import org.bimserver.interfaces.objects.SServiceInterface; +import org.bimserver.interfaces.objects.SServiceMethod; +import org.bimserver.interfaces.objects.SServiceParameter; +import org.bimserver.interfaces.objects.SServiceSimpleType; +import org.bimserver.interfaces.objects.SServiceType; +import org.bimserver.shared.exceptions.ServerException; +import org.bimserver.shared.exceptions.UserException; +import org.bimserver.shared.interfaces.MetaInterface; +import org.bimserver.shared.meta.SClass; +import org.bimserver.shared.meta.SField; +import org.bimserver.shared.meta.SMethod; +import org.bimserver.shared.meta.SParameter; +import org.bimserver.shared.meta.SService; +import org.bimserver.webservices.ServiceMap; + +import com.fasterxml.jackson.databind.ObjectMapper; public class MetaServiceImpl extends GenericServiceImpl implements MetaInterface { - private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper(); - + private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper(); + public MetaServiceImpl(ServiceMap serviceMap) { super(serviceMap); } @Override public List getServiceInterfaces() throws ServerException, UserException { + requireAuthentication(); List sServiceInterfaces = new ArrayList(); for (String name : getBimServer().getServicesMap().keySetName()) { SServiceInterface sServiceInterface = convertServiceInterface(name); @@ -65,15 +66,16 @@ public int compare(SServiceInterface o1, SServiceInterface o2) { private SServiceInterface convertServiceInterface(String name) { SServiceInterface sServiceInterface = new SServiceInterface(); - SService byName = getBimServer().getServicesMap().getByName(name); + SService byName = getBimServer().getServicesMap().getByName(name); sServiceInterface.setName(name); - sServiceInterface.setNameSpace(byName.getNameSpace()); + sServiceInterface.setNameSpace(byName.getNameSpace()); sServiceInterface.setSimpleName(byName.getSimpleName()); return sServiceInterface; } @Override public List getServiceMethods(String serviceInterfaceName) throws ServerException, UserException { + requireAuthentication(); List sServiceMethods = new ArrayList(); SService sService = getBimServer().getServicesMap().getByName(serviceInterfaceName); if (sService == null) { @@ -97,14 +99,16 @@ private SServiceMethod convertMethod(SMethod sMethod) { @Override public List getServiceTypes() throws ServerException, UserException { + requireAuthentication(); List sServiceTypes = new ArrayList(); - for (SClass sType : getBimServer().getServicesMap().getTypes()) { + for (SClass sType : getBimServer().getServicesMap().getTypes()) { sServiceTypes.add(createSServiceType(sType, false)); } - return sServiceTypes; + return sServiceTypes; } public List getEnumLiterals(String enumName) throws UserException { + requireAuthentication(); List result = new ArrayList(); SClass type = getBimServer().getServicesMap().getType(enumName); for (Object enumConstant : type.getInstanceClass().getEnumConstants()) { @@ -122,12 +126,12 @@ public SServiceType createSServiceType(SClass sClass, boolean recurse) throws Us sServiceType.setName(sClass.getName()); sServiceType.setSimpleName(sClass.getSimpleName()); sServiceType.setSimpleType(SServiceSimpleType.valueOf(sClass.getSimpleType().name())); - for (SField field : sClass.getOwnFields()) { + for (SField field : sClass.getOwnFields()) { SServiceField sServiceField = new SServiceField(); - sServiceField.setName(field.getName()); - if (recurse) { + sServiceField.setName(field.getName()); + if (recurse) { sServiceField.setType(createSServiceType(field.getType(), recurse)); - sServiceField.setGenericType(createSServiceType(field.getGenericType(), recurse)); + sServiceField.setGenericType(createSServiceType(field.getGenericType(), recurse)); } sServiceField.setDoc(field.getDoc()); sServiceType.getFields().add(sServiceField); @@ -137,6 +141,7 @@ public SServiceType createSServiceType(SClass sClass, boolean recurse) throws Us @Override public List getServiceMethodParameters(String serviceInterfaceName, String serviceMethodName) throws ServerException, UserException { + requireAuthentication(); List sServiceParameters = new ArrayList(); SService serviceInterface = getBimServer().getServicesMap().getByName(serviceInterfaceName); if (serviceInterface == null) { @@ -146,7 +151,7 @@ public List getServiceMethodParameters(String serviceInterfac if (sMethod == null) { throw new UserException("Method \"" + serviceMethodName + "\" not found in \"" + serviceInterfaceName + "\""); } - for (SParameter sParameter : sMethod.getParameters()) { + for (SParameter sParameter : sMethod.getParameters()) { SServiceParameter sServiceParameter = new SServiceParameter(); sServiceParameter.setName(sParameter.getName()); sServiceParameter.setDoc(sParameter.getDoc()); @@ -159,20 +164,23 @@ public List getServiceMethodParameters(String serviceInterfac @Override public SServiceInterface getServiceInterface(String serviceInterfaceName) throws ServerException, UserException { + requireAuthentication(); return convertServiceInterface(serviceInterfaceName); } @Override public SServiceMethod getServiceMethod(String serviceInterfaceName, String methodName) throws ServerException, UserException { + requireAuthentication(); SService sService = getBimServer().getServicesMap().getByName(serviceInterfaceName); if (sService == null) { throw new UserException("Service \"" + serviceInterfaceName + "\" not found"); } return convertMethod(sService.getMethod(methodName)); - } - - @Override - public String getAllAsJson() throws ServerException, UserException { - return getBimServer().getServicesMap().toJson(OBJECT_MAPPER).toString(); + } + + @Override + public String getAllAsJson() throws ServerException, UserException { + requireAuthentication(); + return getBimServer().getServicesMap().toJson(OBJECT_MAPPER).toString(); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/webservices/impl/PluginServiceImpl.java b/BimServer/src/org/bimserver/webservices/impl/PluginServiceImpl.java index 8731f86dc3..c430a9b303 100644 --- a/BimServer/src/org/bimserver/webservices/impl/PluginServiceImpl.java +++ b/BimServer/src/org/bimserver/webservices/impl/PluginServiceImpl.java @@ -131,6 +131,10 @@ public void updateSerializer(SSerializerPluginConfiguration serializer) throws S requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot update plugins"); + } SerializerPluginConfiguration convert = session.get(serializer.getOid(), OldQuery.getDefault()); getBimServer().getSConverter().convertFromSObject(serializer, convert, session); session.executeAndCommitAction(new UpdateSerializerDatabaseAction(session, getInternalAccessMethod(), convert)); @@ -146,6 +150,10 @@ public void updateDeserializer(SDeserializerPluginConfiguration deserializer) th requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot update plugins"); + } DeserializerPluginConfiguration convert = session.get(deserializer.getOid(), OldQuery.getDefault()); getBimServer().getSConverter().convertFromSObject(deserializer, convert, session); session.executeAndCommitAction(new UpdateDeserializerDatabaseAction(session, getInternalAccessMethod(), convert)); @@ -187,7 +195,7 @@ public void deleteSerializer(Long sid) throws ServerException, UserException { requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new DeleteSerializerDatabaseAction(session, getInternalAccessMethod(), sid); + BimDatabaseAction action = new DeleteSerializerDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), sid); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -201,7 +209,7 @@ public void deletePluginConfiguration(Long oid) throws ServerException, UserExce requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new DeletePluginConfigurationDatabaseAction(session, getInternalAccessMethod(), oid); + BimDatabaseAction action = new DeletePluginConfigurationDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), oid); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -215,7 +223,7 @@ public void deleteDeserializer(Long sid) throws ServerException, UserException { requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new DeleteDeserializerDatabaseAction(session, getInternalAccessMethod(), sid); + BimDatabaseAction action = new DeleteDeserializerDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), sid); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -420,6 +428,10 @@ public void updateRenderEngine(SRenderEnginePluginConfiguration renderEngine) th requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot update plugins"); + } RenderEnginePluginConfiguration convert = session.get(renderEngine.getOid(), OldQuery.getDefault()); getBimServer().getSConverter().convertFromSObject(renderEngine, convert, session); session.executeAndCommitAction(new UpdateRenderEngineDatabaseAction(session, getInternalAccessMethod(), convert)); @@ -435,6 +447,10 @@ public void updateQueryEngine(SQueryEnginePluginConfiguration queryEngine) throw requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot update plugins"); + } QueryEnginePluginConfiguration convert = session.get(queryEngine.getOid(), OldQuery.getDefault()); getBimServer().getSConverter().convertFromSObject(queryEngine, convert, session); session.executeAndCommitAction(new UpdateQueryEngineDatabaseAction(session, getInternalAccessMethod(), convert)); @@ -450,6 +466,10 @@ public void updateModelCompare(SModelComparePluginConfiguration modelCompare) th requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot update plugins"); + } ModelComparePluginConfiguration convert = session.get(modelCompare.getOid(), OldQuery.getDefault()); getBimServer().getSConverter().convertFromSObject(modelCompare, convert, session); session.executeAndCommitAction(new UpdateModelCompareDatabaseAction(session, getInternalAccessMethod(), convert)); @@ -465,6 +485,10 @@ public void updateModelMerger(SModelMergerPluginConfiguration modelMerger) throw requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot update plugins"); + } ModelMergerPluginConfiguration convert = session.get(modelMerger.getOid(), OldQuery.getDefault()); getBimServer().getSConverter().convertFromSObject(modelMerger, convert, session); session.executeAndCommitAction(new UpdateModelMergerDatabaseAction(session, getInternalAccessMethod(), convert)); @@ -480,7 +504,7 @@ public void deleteRenderEngine(Long iid) throws ServerException, UserException { requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new DeleteRenderEngineDatabaseAction(session, getInternalAccessMethod(), iid); + BimDatabaseAction action = new DeleteRenderEngineDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), iid); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -494,7 +518,7 @@ public void deleteQueryEngine(Long iid) throws ServerException, UserException { requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new DeleteQueryEngineDatabaseAction(session, getInternalAccessMethod(), iid); + BimDatabaseAction action = new DeleteQueryEngineDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), iid); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -508,7 +532,7 @@ public void deleteModelCompare(Long iid) throws ServerException, UserException { requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new DeleteModelCompareDatabaseAction(session, getInternalAccessMethod(), iid); + BimDatabaseAction action = new DeleteModelCompareDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), iid); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -522,7 +546,7 @@ public void deleteModelChecker(Long iid) throws ServerException, UserException { requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new DeleteModelCompareDatabaseAction(session, getInternalAccessMethod(), iid); + BimDatabaseAction action = new DeleteModelCompareDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), iid); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -536,7 +560,7 @@ public void deleteModelMerger(Long iid) throws ServerException, UserException { requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - BimDatabaseAction action = new DeleteModelMergerDatabaseAction(session, getInternalAccessMethod(), iid); + BimDatabaseAction action = new DeleteModelMergerDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), iid); session.executeAndCommitAction(action); } catch (Exception e) { handleException(e); @@ -724,6 +748,14 @@ public SObjectDefinition getPluginSystemObjectDefinition(Long oid) throws Server @Override public void setPluginSettings(Long poid, SObjectType settings) throws ServerException, UserException { try (DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE)) { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + Project project = session.get(StorePackage.eINSTANCE.getProject(), poid, OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot install plugins"); + } + if (!getAuthorization().hasRightsOnProject(user, project)) { + throw new UserException("User has no rights to this project"); + } ObjectType convertedSettings = getBimServer().getSConverter().convertFromSObject(settings, session); SetPluginSettingsDatabaseAction action = new SetPluginSettingsDatabaseAction(getBimServer(), session, getInternalAccessMethod(), poid, convertedSettings); session.executeAndCommitAction(action); @@ -748,6 +780,14 @@ public void setPluginSettings(Long poid, SObjectType settings) throws ServerExce @Override public void setPluginSystemSettings(Long poid, SObjectType settings) throws ServerException, UserException { try (DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE)) { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + Project project = session.get(StorePackage.eINSTANCE.getProject(), poid, OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot install plugins"); + } + if (!getAuthorization().hasRightsOnProject(user, project)) { + throw new UserException("User has no rights to this project"); + } ObjectType convertedSettings = getBimServer().getSConverter().convertFromSObject(settings, session); SetPluginSystemSettingsDatabaseAction action = new SetPluginSystemSettingsDatabaseAction(getBimServer(), session, getInternalAccessMethod(), poid, convertedSettings); session.executeAndCommitAction(action); @@ -908,9 +948,15 @@ public SObjectIDMPluginConfiguration getDefaultObjectIDM() throws ServerExceptio } public SObjectType getPluginSettings(Long poid) throws ServerException, UserException { + requireRealUserAuthentication(); // TODO possibly use PluginSettingsCache DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + Project project = session.get(StorePackage.eINSTANCE.getProject(), poid, OldQuery.getDefault()); + if (!getAuthorization().hasRightsOnProject(user, project)) { + throw new UserException("User has no rights to this project"); + } PluginConfiguration pluginConfiguration = session.get(StorePackage.eINSTANCE.getPluginConfiguration(), poid, OldQuery.getDefault()); ObjectType settings = pluginConfiguration.getSettings(); return getBimServer().getSConverter().convertToSObject(settings); @@ -970,7 +1016,12 @@ public void set(UserSettings userSettings) { public void setDefaultWebModule(final Long oid) throws ServerException, UserException { requireRealUserAuthentication(); + DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot install plugins"); + } getBimServer().getWebModuleManager().setDefault(oid); } catch (Exception e) { handleException(e); @@ -984,8 +1035,10 @@ public List getAllSerializersForPoids(Boolean on try { Set uniqueSchemas = new HashSet<>(); for (Long poid : poids) { - Project project = session.get(poid, OldQuery.getDefault()); - uniqueSchemas.add(Schema.valueOf(project.getSchema().toUpperCase())); + Project project = session.get(poid, OldQuery.getDefault());User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (getAuthorization().hasRightsOnProject(user, project)){ + uniqueSchemas.add(Schema.valueOf(project.getSchema().toUpperCase())); + } } Set schemaOr = new HashSet<>(); @@ -1064,8 +1117,12 @@ public List getAllSerializersForRoids(Boolean on Set poids = new HashSet<>(); for (Long roid : roids) { Revision revision = session.get(roid, OldQuery.getDefault()); - for (ConcreteRevision concreteRevision : revision.getConcreteRevisions()) { - poids.add(concreteRevision.getProject().getOid()); + Project project = revision.getProject(); + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (getAuthorization().hasRightsOnProject(user, project)){ + for (ConcreteRevision concreteRevision : revision.getConcreteRevisions()) { + poids.add(concreteRevision.getProject().getOid()); + } } } return getAllSerializersForPoids(onlyEnabled, poids); @@ -1234,6 +1291,10 @@ public void updateInternalService(SInternalServicePluginConfiguration internalSe requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot update plugins"); + } InternalServicePluginConfiguration convertFromSObject = session.get(internalService.getOid(), OldQuery.getDefault()); getBimServer().getSConverter().convertFromSObject(internalService, convertFromSObject, session); session.executeAndCommitAction(new UpdateDatabaseAction(session, getInternalAccessMethod(), convertFromSObject)); @@ -1263,7 +1324,7 @@ public void deleteInternalService(Long oid) throws ServerException, UserExceptio requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { - session.executeAndCommitAction(new DeleteInternalServiceDatabaseAction(session, getInternalAccessMethod(), oid)); + session.executeAndCommitAction(new DeleteInternalServiceDatabaseAction(session, getInternalAccessMethod(), getAuthorization(), oid)); } catch (Exception e) { handleException(e); } finally { @@ -1328,7 +1389,10 @@ public List getAllDeserializersForProject(Bool DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { Project project = session.get(poid, OldQuery.getDefault()); - + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (!getAuthorization().hasRightsOnProject(user, project)){ + throw new UserException("User has no rights on project"); + } UserSettings userSettings = getUserSettings(session); EList deserializers = userSettings.getDeserializers(); List sDeserializers = new ArrayList(); @@ -1377,7 +1441,7 @@ public List getAvailablePluginBundles() throws UserException, Ser } public void installPluginBundle(String repository, String groupId, String artifactId, String version, List plugins) throws UserException, ServerException { - requireRealUserAuthentication(); + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { session.executeAndCommitAction(new InstallPluginBundle(session, getInternalAccessMethod(), getBimServer(), repository, groupId, artifactId, version, plugins)); @@ -1389,7 +1453,7 @@ public void installPluginBundle(String repository, String groupId, String artifa } public void installPluginBundleFromFile(DataHandler file, Boolean installAllPluginsForAllUsers, Boolean installAllPluginsForNewUsers) throws UserException, ServerException { - requireRealUserAuthentication(); + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); @@ -1404,7 +1468,7 @@ public void installPluginBundleFromFile(DataHandler file, Boolean installAllPlug } public void installPluginBundleFromUrl(String url, Boolean installAllPluginsForAllUsers, Boolean installAllPluginsForNewUsers) throws UserException, ServerException { - requireRealUserAuthentication(); + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { byte[] data = NetUtils.getContentAsBytes(new URL(url), 5000); @@ -1420,6 +1484,10 @@ public void updatePluginBundle(String repository, String groupId, String artifac requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot update plugins"); + } session.executeAndCommitAction(new UpdatePluginBundle(session, getInternalAccessMethod(), getBimServer(), repository, groupId, artifactId, version)); } catch (Exception e) { handleException(e); @@ -1445,7 +1513,7 @@ public List getInstalledPluginBundles() throws UserException, Ser @Override public void uninstallPluginBundle(String repository, String groupId, String artifactId, String version) throws UserException, ServerException { - requireRealUserAuthentication(); + requireAdminAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { session.executeAndCommitAction(new UninstallPluginBundle(session, getInternalAccessMethod(), getBimServer(), repository, groupId, artifactId, version)); @@ -1510,6 +1578,7 @@ public SPluginBundleVersion getPluginBundleVersionById(Long pbid) throws UserExc @Override public void clearMavenCache() throws UserException, ServerException { + requireAuthentication(); try { getBimServer().getMavenPluginRepository().clearCache(); } catch (IOException e) { @@ -1519,6 +1588,7 @@ public void clearMavenCache() throws UserException, ServerException { @Override public List listPluginsInBundle(Long pluginBundleVersionOid) throws ServerException, UserException { + requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { return getBimServer().getSConverter() @@ -1532,6 +1602,7 @@ public List listPluginsInBundle(Long pluginBundleVersionOid) @Override public List getAllInternalServicesOfService(String name, Boolean onlyEnabled) throws UserException, ServerException { + requireRealUserAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { return getBimServer().getSConverter().convertToSListInternalServicePluginConfiguration( @@ -1550,10 +1621,16 @@ public Boolean hasPreBuiltPlugins() throws UserException { @Override public void installPreBuiltPlugins(List artifacts) throws UserException { + requireRealUserAuthentication(); + DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); Set set = new HashSet<>(artifacts); ResourceFetcher resourceFetcher = getBimServer().getResourceFetcher(); Set listKeys = resourceFetcher.listKeys("pre"); try { + User user = (User) session.get(StorePackage.eINSTANCE.getUser(), getAuthorization().getUoid(), OldQuery.getDefault()); + if (user.getUserType() == UserType.READ_ONLY) { + throw new UserException("Read-only users cannot install plugins"); + } for (String filename : listKeys) { if (filename.endsWith(".jar")) { if (filename.contains("-")) { @@ -1571,11 +1648,14 @@ public void installPreBuiltPlugins(List artifacts) throws UserException throw new UserException(e); } catch (ServerException e) { throw new UserException(e); - } - } + } catch (BimserverDatabaseException e) { + throw new RuntimeException(e); + } + } @Override public SPluginDescriptor getDefaultRenderEnginePluginDescriptor() throws ServerException, UserException { + requireRealUserAuthentication(); return getBimServer().getSConverter().convertToSObject(getBimServer().getServerSettingsCache().getServerSettings().getDefaultRenderEnginePlugin()); } } \ No newline at end of file diff --git a/BimServer/src/org/bimserver/webservices/impl/SettingsServiceImpl.java b/BimServer/src/org/bimserver/webservices/impl/SettingsServiceImpl.java index b83d274a2c..02e5917b94 100644 --- a/BimServer/src/org/bimserver/webservices/impl/SettingsServiceImpl.java +++ b/BimServer/src/org/bimserver/webservices/impl/SettingsServiceImpl.java @@ -185,6 +185,7 @@ public void set(ServerSettings serverSettings) { @Override public Boolean isAllowSelfRegistration() throws ServerException, UserException { + requireAuthentication(); return getBimServer().getServerSettingsCache().getServerSettings().getAllowSelfRegistration(); } @@ -365,6 +366,7 @@ public void set(ServerSettings serverSettings) { @Override public SServerSettings getServerSettings() throws ServerException, UserException { + requireAuthentication(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.READ_ONLY); try { IfcModelInterface allOfType = session.getAllOfType(StorePackage.eINSTANCE.getServerSettings(), OldQuery.getDefault()); @@ -378,6 +380,7 @@ public SServerSettings getServerSettings() throws ServerException, UserException @Override public void setWhiteListedDomains(final List domains) throws ServerException, UserException { + requireAdminAuthenticationAndRunningServer(); DatabaseSession session = getBimServer().getDatabase().createSession(OperationType.POSSIBLY_WRITE); try { SetServerSettingDatabaseAction action = new SetServerSettingDatabaseAction(getBimServer(), session, getInternalAccessMethod(), new ServerSettingsSetter() {