Search in sources :

Example 1 with EnumerateDatasetModel

use of bio.terra.model.EnumerateDatasetModel in project jade-data-repo by DataBiosphere.

the class DatasetConnectedTest method testExcludeLockedFromDatasetLookups.

@Test
public void testExcludeLockedFromDatasetLookups() throws Exception {
    // check that the dataset metadata row is unlocked
    UUID datasetId = UUID.fromString(summaryModel.getId());
    String exclusiveLock = datasetDao.getExclusiveLock(datasetId);
    assertNull("dataset row is not exclusively locked", exclusiveLock);
    String[] sharedLocks = datasetDao.getSharedLocks(datasetId);
    assertEquals("dataset row has no shared lock", 0, sharedLocks.length);
    // retrieve the dataset and check that it finds it
    DatasetModel datasetModel = connectedOperations.getDataset(summaryModel.getId());
    assertEquals("Lookup unlocked dataset succeeds", summaryModel.getName(), datasetModel.getName());
    // enumerate datasets and check that this dataset is included in the set
    EnumerateDatasetModel enumerateDatasetModel = connectedOperations.enumerateDatasets(summaryModel.getName());
    List<DatasetSummaryModel> enumeratedDatasets = enumerateDatasetModel.getItems();
    boolean foundDatasetWithMatchingId = false;
    for (DatasetSummaryModel enumeratedDataset : enumeratedDatasets) {
        if (enumeratedDataset.getId().equals(summaryModel.getId())) {
            foundDatasetWithMatchingId = true;
            break;
        }
    }
    assertTrue("Unlocked included in enumeration", foundDatasetWithMatchingId);
    // NO ASSERTS inside the block below where hang is enabled to reduce chance of failing before disabling the hang
    // ====================================================
    // enable hang in DeleteDatasetPrimaryDataStep
    configService.setFault(ConfigEnum.DATASET_DELETE_LOCK_CONFLICT_STOP_FAULT.name(), true);
    // kick off a request to delete the dataset. this should hang before unlocking the dataset object.
    MvcResult deleteResult = mvc.perform(delete("/api/repository/v1/datasets/" + summaryModel.getId())).andReturn();
    // give the flight time to launch
    TimeUnit.SECONDS.sleep(5);
    // check that the dataset metadata row has an exclusive lock
    // note: asserts are below outside the hang block
    exclusiveLock = datasetDao.getExclusiveLock(datasetId);
    sharedLocks = datasetDao.getSharedLocks(datasetId);
    // retrieve the dataset, should return not found
    // note: asserts are below outside the hang block
    MvcResult retrieveResult = mvc.perform(get("/api/repository/v1/datasets/" + datasetId)).andReturn();
    // enumerate datasets, this dataset should not be included in the set
    // note: asserts are below outside the hang block
    MvcResult enumerateResult = connectedOperations.enumerateDatasetsRaw(summaryModel.getName());
    // disable hang in DeleteDatasetPrimaryDataStep
    configService.setFault(ConfigEnum.DATASET_DELETE_LOCK_CONFLICT_CONTINUE_FAULT.name(), true);
    // ====================================================
    // check that the dataset metadata row has an exclusive lock after kicking off the delete
    assertNotNull("dataset row is exclusively locked", exclusiveLock);
    assertEquals("dataset row has no shared lock", 0, sharedLocks.length);
    // check that the retrieve request returned not found
    connectedOperations.handleFailureCase(retrieveResult.getResponse(), HttpStatus.NOT_FOUND);
    // check that the enumerate request returned successfully and that this dataset is not included in the set
    enumerateDatasetModel = connectedOperations.handleSuccessCase(enumerateResult.getResponse(), EnumerateDatasetModel.class);
    enumeratedDatasets = enumerateDatasetModel.getItems();
    foundDatasetWithMatchingId = false;
    for (DatasetSummaryModel enumeratedDataset : enumeratedDatasets) {
        if (enumeratedDataset.getId().equals(summaryModel.getId())) {
            foundDatasetWithMatchingId = true;
            break;
        }
    }
    assertFalse("Exclusively locked not included in enumeration", foundDatasetWithMatchingId);
    // check the response from the delete request
    MockHttpServletResponse deleteResponse = connectedOperations.validateJobModelAndWait(deleteResult);
    DeleteResponseModel deleteResponseModel = connectedOperations.handleSuccessCase(deleteResponse, DeleteResponseModel.class);
    assertEquals("Dataset delete returned successfully", DeleteResponseModel.ObjectStateEnum.DELETED, deleteResponseModel.getObjectState());
    // try to fetch the dataset again and confirm nothing is returned
    connectedOperations.getDatasetExpectError(summaryModel.getId(), HttpStatus.NOT_FOUND);
}
Also used : DatasetSummaryModel(bio.terra.model.DatasetSummaryModel) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) UUID(java.util.UUID) MvcResult(org.springframework.test.web.servlet.MvcResult) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel) DatasetModel(bio.terra.model.DatasetModel) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) DeleteResponseModel(bio.terra.model.DeleteResponseModel) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 2 with EnumerateDatasetModel

use of bio.terra.model.EnumerateDatasetModel in project jade-data-repo by DataBiosphere.

the class DatasetIntegrationTest method datasetUnauthorizedPermissionsTest.

@Test
public void datasetUnauthorizedPermissionsTest() throws Exception {
    dataRepoFixtures.createDatasetError(custodian(), "dataset-minimal.json", HttpStatus.UNAUTHORIZED);
    dataRepoFixtures.createDatasetError(reader(), "dataset-minimal.json", HttpStatus.UNAUTHORIZED);
    EnumerateDatasetModel enumDatasetsResp = dataRepoFixtures.enumerateDatasets(reader());
    List<DatasetSummaryModel> items = enumDatasetsResp.getItems();
    if (items != null) {
        for (DatasetSummaryModel datasetModel : items) {
            logger.info(String.format("found dataset for reader: %s, created: %s", datasetModel.getId(), datasetModel.getCreatedDate()));
        }
    }
    assertThat("Reader does not have access to datasets", enumDatasetsResp.getTotal(), equalTo(0));
    DatasetSummaryModel summaryModel = null;
    summaryModel = dataRepoFixtures.createDataset(steward(), "dataset-minimal.json");
    datasetId = summaryModel.getId();
    DataRepoResponse<DatasetModel> getDatasetResp = dataRepoFixtures.getDatasetRaw(reader(), summaryModel.getId());
    assertThat("Reader is not authorized to get dataset", getDatasetResp.getStatusCode(), equalTo(HttpStatus.UNAUTHORIZED));
    // make sure reader cannot delete dataset
    DataRepoResponse<JobModel> deleteResp1 = dataRepoFixtures.deleteDatasetLaunch(reader(), summaryModel.getId());
    assertThat("Reader is not authorized to delete datasets", deleteResp1.getStatusCode(), equalTo(HttpStatus.UNAUTHORIZED));
    // right now the authorization for dataset delete is done directly in the controller.
    // so we need to check the response to the delete request for the unauthorized failure
    // once we move the authorization for dataset delete into a separate step,
    // then the check will need two parts, as below:
    // check job launched successfully, check job result is failure with unauthorized
    // DataRepoResponse<JobModel> jobResp1 = dataRepoFixtures.deleteDatasetLaunch(
    // reader(), summaryModel.getId());
    // assertTrue("dataset delete launch succeeded", jobResp1.getStatusCode().is2xxSuccessful());
    // assertTrue("dataset delete launch response is present", jobResp1.getResponseObject().isPresent());
    // DataRepoResponse<ErrorModel> deleteResp1 = dataRepoClient.waitForResponse(
    // reader(), jobResp1, ErrorModel.class);
    // assertThat("Reader is not authorized to delete datasets",
    // deleteResp1.getStatusCode(),
    // equalTo(HttpStatus.UNAUTHORIZED));
    // make sure custodian cannot delete dataset
    DataRepoResponse<JobModel> deleteResp2 = dataRepoFixtures.deleteDatasetLaunch(custodian(), summaryModel.getId());
    assertThat("Custodian is not authorized to delete datasets", deleteResp2.getStatusCode(), equalTo(HttpStatus.UNAUTHORIZED));
// same comment as above for the reader() delete
// DataRepoResponse<JobModel> jobResp2 = dataRepoFixtures.deleteDatasetLaunch(
// custodian(), summaryModel.getId());
// assertTrue("dataset delete launch succeeded", jobResp2.getStatusCode().is2xxSuccessful());
// assertTrue("dataset delete launch response is present", jobResp2.getResponseObject().isPresent());
// DataRepoResponse<ErrorModel> deleteResp2 = dataRepoClient.waitForResponse(
// custodian(), jobResp2, ErrorModel.class);
// assertThat("Custodian is not authorized to delete datasets",
// deleteResp2.getStatusCode(),
// equalTo(HttpStatus.UNAUTHORIZED));
}
Also used : DatasetSummaryModel(bio.terra.model.DatasetSummaryModel) JobModel(bio.terra.model.JobModel) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel) DatasetModel(bio.terra.model.DatasetModel) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 3 with EnumerateDatasetModel

use of bio.terra.model.EnumerateDatasetModel in project jade-data-repo by DataBiosphere.

the class DatasetIntegrationTest method datasetHappyPath.

@Test
public void datasetHappyPath() throws Exception {
    DatasetSummaryModel summaryModel = dataRepoFixtures.createDataset(steward(), "it-dataset-omop.json");
    datasetId = summaryModel.getId();
    logger.info("dataset id is " + summaryModel.getId());
    assertThat(summaryModel.getName(), startsWith(omopDatasetName));
    assertThat(summaryModel.getDescription(), equalTo(omopDatasetDesc));
    DatasetModel datasetModel = dataRepoFixtures.getDataset(steward(), summaryModel.getId());
    assertThat(datasetModel.getName(), startsWith(omopDatasetName));
    assertThat(datasetModel.getDescription(), equalTo(omopDatasetDesc));
    // There is a delay from when a resource is created in SAM to when it is available in an enumerate call.
    boolean metExpectation = TestUtils.eventualExpect(5, 60, true, () -> {
        EnumerateDatasetModel enumerateDatasetModel = dataRepoFixtures.enumerateDatasets(steward());
        boolean found = false;
        for (DatasetSummaryModel oneDataset : enumerateDatasetModel.getItems()) {
            if (oneDataset.getId().equals(datasetModel.getId())) {
                assertThat(oneDataset.getName(), startsWith(omopDatasetName));
                assertThat(oneDataset.getDescription(), equalTo(omopDatasetDesc));
                found = true;
                break;
            }
        }
        return found;
    });
    assertTrue("dataset was found in enumeration", metExpectation);
    // test allowable permissions
    dataRepoFixtures.addDatasetPolicyMember(steward(), summaryModel.getId(), IamRole.CUSTODIAN, custodian().getEmail());
    DataRepoResponse<EnumerateDatasetModel> enumDatasets = dataRepoFixtures.enumerateDatasetsRaw(custodian());
    assertThat("Custodian is authorized to enumerate datasets", enumDatasets.getStatusCode(), equalTo(HttpStatus.OK));
}
Also used : DatasetSummaryModel(bio.terra.model.DatasetSummaryModel) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel) DatasetModel(bio.terra.model.DatasetModel) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 4 with EnumerateDatasetModel

use of bio.terra.model.EnumerateDatasetModel in project jade-data-repo by DataBiosphere.

the class RepositoryApiController method enumerateDatasets.

@Override
public ResponseEntity<EnumerateDatasetModel> enumerateDatasets(@Valid @RequestParam(value = "offset", required = false, defaultValue = "0") Integer offset, @Valid @RequestParam(value = "limit", required = false, defaultValue = "10") Integer limit, @Valid @RequestParam(value = "sort", required = false, defaultValue = "created_date") String sort, @Valid @RequestParam(value = "direction", required = false, defaultValue = "asc") String direction, @Valid @RequestParam(value = "filter", required = false) String filter) {
    ControllerUtils.validateEnumerateParams(offset, limit, sort, direction);
    List<UUID> resources = iamService.listAuthorizedResources(getAuthenticatedInfo(), IamResourceType.DATASET);
    EnumerateDatasetModel esm = datasetService.enumerate(offset, limit, sort, direction, filter, resources);
    return new ResponseEntity<>(esm, HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) UUID(java.util.UUID) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel)

Example 5 with EnumerateDatasetModel

use of bio.terra.model.EnumerateDatasetModel in project jade-data-repo by DataBiosphere.

the class AccessTest method checkShared.

@Test
public void checkShared() throws Exception {
    makeIngestTestDataset();
    IngestRequestModel request = dataRepoFixtures.buildSimpleIngest("participant", "ingest-test/ingest-test-participant.json");
    dataRepoFixtures.ingestJsonData(steward(), datasetId, request);
    request = dataRepoFixtures.buildSimpleIngest("sample", "ingest-test/ingest-test-sample.json");
    dataRepoFixtures.ingestJsonData(steward(), datasetId, request);
    DatasetModel dataset = dataRepoFixtures.getDataset(steward(), datasetId);
    String datasetBqSnapshotName = "datarepo_" + dataset.getName();
    BigQuery custodianBigQuery = BigQueryFixtures.getBigQuery(dataset.getDataProject(), custodianToken);
    try {
        BigQueryFixtures.datasetExists(custodianBigQuery, dataset.getDataProject(), datasetBqSnapshotName);
        fail("custodian shouldn't be able to access bq dataset before it is shared with them");
    } catch (IllegalStateException e) {
        assertThat("checking message for pdao exception error", e.getMessage(), equalTo("existence check failed for " + datasetBqSnapshotName));
    }
    dataRepoFixtures.addDatasetPolicyMember(steward(), datasetId, IamRole.CUSTODIAN, custodian().getEmail());
    DataRepoResponse<EnumerateDatasetModel> enumDatasets = dataRepoFixtures.enumerateDatasetsRaw(custodian());
    assertThat("Custodian is authorized to enumerate datasets", enumDatasets.getStatusCode(), equalTo(HttpStatus.OK));
    boolean custodianHasAccess = BigQueryFixtures.hasAccess(custodianBigQuery, dataset.getDataProject(), datasetBqSnapshotName);
    assertThat("custodian can access the bq snapshot after it has been shared", custodianHasAccess, equalTo(true));
    SnapshotSummaryModel snapshotSummaryModel = dataRepoFixtures.createSnapshot(custodian(), datasetSummaryModel, "ingest-test-snapshot.json");
    SnapshotModel snapshotModel = dataRepoFixtures.getSnapshot(custodian(), snapshotSummaryModel.getId());
    BigQuery bigQuery = BigQueryFixtures.getBigQuery(snapshotModel.getDataProject(), readerToken);
    try {
        BigQueryFixtures.datasetExists(bigQuery, snapshotModel.getDataProject(), snapshotModel.getName());
        fail("reader shouldn't be able to access bq dataset before it is shared with them");
    } catch (IllegalStateException e) {
        assertThat("checking message for exception error", e.getMessage(), equalTo("existence check failed for ".concat(snapshotSummaryModel.getName())));
    }
    dataRepoFixtures.addSnapshotPolicyMember(custodian(), snapshotSummaryModel.getId(), IamRole.READER, reader().getEmail());
    AuthenticatedUserRequest authenticatedReaderRequest = new AuthenticatedUserRequest().email(reader().getEmail()).token(Optional.of(readerToken));
    assertThat("correctly added reader", iamService.isAuthorized(authenticatedReaderRequest, IamResourceType.DATASNAPSHOT, snapshotSummaryModel.getId(), IamAction.READ_DATA), equalTo(true));
    boolean readerHasAccess = BigQueryFixtures.hasAccess(bigQuery, snapshotModel.getDataProject(), snapshotModel.getName());
    assertThat("reader can access the snapshot after it has been shared", readerHasAccess, equalTo(true));
}
Also used : BigQuery(com.google.cloud.bigquery.BigQuery) SnapshotSummaryModel(bio.terra.model.SnapshotSummaryModel) IngestRequestModel(bio.terra.model.IngestRequestModel) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel) DatasetModel(bio.terra.model.DatasetModel) SnapshotModel(bio.terra.model.SnapshotModel) EnumerateDatasetModel(bio.terra.model.EnumerateDatasetModel) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Aggregations

EnumerateDatasetModel (bio.terra.model.EnumerateDatasetModel)7 DatasetModel (bio.terra.model.DatasetModel)5 Test (org.junit.Test)5 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)5 DatasetSummaryModel (bio.terra.model.DatasetSummaryModel)4 IngestRequestModel (bio.terra.model.IngestRequestModel)2 BigQuery (com.google.cloud.bigquery.BigQuery)2 UUID (java.util.UUID)2 DeleteResponseModel (bio.terra.model.DeleteResponseModel)1 JobModel (bio.terra.model.JobModel)1 SnapshotModel (bio.terra.model.SnapshotModel)1 SnapshotSummaryModel (bio.terra.model.SnapshotSummaryModel)1 TableResult (com.google.cloud.bigquery.TableResult)1 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)1 ResponseEntity (org.springframework.http.ResponseEntity)1 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1 MvcResult (org.springframework.test.web.servlet.MvcResult)1