Search in sources :

Example 1 with UserGroupProjectJoin

use of ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin in project irida by phac-nml.

the class ModifyProjectPermission method customPermissionAllowed.

/**
 * {@inheritDoc}
 */
public boolean customPermissionAllowed(Authentication authentication, Project p) {
    logger.trace("Testing permission for [" + authentication + "] can modify project [" + p + "]");
    // check if the user is a project owner for this project
    User u = userRepository.loadUserByUsername(authentication.getName());
    List<Join<Project, User>> projectUsers = pujRepository.getUsersForProjectByRole(p, ProjectRole.PROJECT_OWNER);
    for (Join<Project, User> projectUser : projectUsers) {
        if (projectUser.getObject().equals(u)) {
            logger.trace("Permission GRANTED for [" + authentication + "] on project [" + p + "]");
            // this user is an owner for the project.
            return true;
        }
    }
    // if we've made it this far, then that means that the user isn't
    // directly added to the project, so check if the user is in any groups
    // added to the project.
    final Collection<UserGroupProjectJoin> groups = ugpjRepository.findGroupsByProject(p);
    for (final UserGroupProjectJoin group : groups) {
        if (group.getProjectRole().equals(ProjectRole.PROJECT_OWNER)) {
            final Collection<UserGroupJoin> groupMembers = ugRepository.findUsersInGroup(group.getObject());
            final boolean inGroup = groupMembers.stream().anyMatch(j -> j.getSubject().equals(u));
            if (inGroup) {
                logger.trace("Permission GRANTED for [" + authentication + "] on project [" + p + "] by group membership in [" + group.getLabel() + "]");
                return true;
            }
        } else {
            logger.trace("Group is not PROJECT_OWNER, checking next project.");
        }
    }
    logger.trace("Permission DENIED for [" + authentication + "] on project [" + p + "]");
    return false;
}
Also used : Project(ca.corefacility.bioinformatics.irida.model.project.Project) User(ca.corefacility.bioinformatics.irida.model.user.User) UserGroupProjectJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin) UserGroupJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupJoin) UserGroupJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupJoin) Join(ca.corefacility.bioinformatics.irida.model.joins.Join) UserGroupProjectJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin)

Example 2 with UserGroupProjectJoin

use of ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin in project irida by phac-nml.

the class ProjectEventHandler method handleUserGroupRoleSetProjectEvent.

/**
 * Create a {@link UserGroupRoleSetProjectEvent}. The method must have
 * returned a {@link UserGroupProjectJoin}
 *
 * @param event
 *            The {@link MethodEvent} that this event is being launched from
 */
private ProjectEvent handleUserGroupRoleSetProjectEvent(MethodEvent event) {
    Object returnValue = event.getReturnValue();
    if (!(returnValue instanceof UserGroupProjectJoin)) {
        throw new IllegalArgumentException("Method annotated with @LaunchesProjectEvent(UserGroupRoleSetProjectEvent.class) method must return UserGroupProjectJoin");
    }
    UserGroupProjectJoin join = (UserGroupProjectJoin) returnValue;
    return eventRepository.save(new UserGroupRoleSetProjectEvent(join));
}
Also used : UserGroupProjectJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin) UserGroupRoleSetProjectEvent(ca.corefacility.bioinformatics.irida.model.event.UserGroupRoleSetProjectEvent)

Example 3 with UserGroupProjectJoin

use of ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin in project irida by phac-nml.

the class ReadProjectPermissionTest method testGrantPermissionByGroup.

@Test
public void testGrantPermissionByGroup() {
    final String username = "fbristow";
    final User u = new User();
    u.setUsername(username);
    final Project p = new Project();
    final UserGroup g = new UserGroup("The group");
    final List<UserGroupProjectJoin> projectGroups = new ArrayList<>();
    projectGroups.add(new UserGroupProjectJoin(p, g, ProjectRole.PROJECT_USER));
    when(userRepository.loadUserByUsername(username)).thenReturn(u);
    when(projectRepository.findOne(1L)).thenReturn(p);
    when(pujRepository.getUsersForProject(p)).thenReturn(ImmutableList.of());
    when(ugpjRepository.findGroupsByProject(p)).thenReturn(projectGroups);
    when(ugRepository.findUsersInGroup(g)).thenReturn(ImmutableList.of(new UserGroupJoin(u, g, UserGroupJoin.UserGroupRole.GROUP_MEMBER)));
    Authentication auth = new UsernamePasswordAuthenticationToken("fbristow", "password1");
    assertTrue("permission should be granted by user group.", readProjectPermission.isAllowed(auth, 1L));
    verify(userRepository).loadUserByUsername(username);
    verify(projectRepository).findOne(1L);
    verify(pujRepository).getUsersForProject(p);
}
Also used : Project(ca.corefacility.bioinformatics.irida.model.project.Project) User(ca.corefacility.bioinformatics.irida.model.user.User) Authentication(org.springframework.security.core.Authentication) UserGroupProjectJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin) ArrayList(java.util.ArrayList) UserGroupJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupJoin) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) UserGroup(ca.corefacility.bioinformatics.irida.model.user.group.UserGroup) Test(org.junit.Test)

Example 4 with UserGroupProjectJoin

use of ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin in project irida by phac-nml.

the class ProjectServiceImpl method removeUserGroupFromProject.

/**
 * {@inheritDoc}
 */
@Override
@Transactional
@LaunchesProjectEvent(UserGroupRemovedProjectEvent.class)
@PreAuthorize("hasRole('ROLE_ADMIN') or hasPermission(#project, 'canManageLocalProjectSettings')")
public void removeUserGroupFromProject(Project project, UserGroup userGroup) throws ProjectWithoutOwnerException {
    final UserGroupProjectJoin j = ugpjRepository.findByProjectAndUserGroup(project, userGroup);
    if (!allowRoleChange(project, j.getProjectRole())) {
        throw new ProjectWithoutOwnerException("Removing this user group would leave the project without an owner.");
    }
    ugpjRepository.delete(j);
}
Also used : ProjectWithoutOwnerException(ca.corefacility.bioinformatics.irida.exceptions.ProjectWithoutOwnerException) UserGroupProjectJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin) LaunchesProjectEvent(ca.corefacility.bioinformatics.irida.events.annotations.LaunchesProjectEvent) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) Transactional(org.springframework.transaction.annotation.Transactional)

Example 5 with UserGroupProjectJoin

use of ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin in project irida by phac-nml.

the class ProjectServiceImplTest method testGetProjectsForUser.

@Test
public void testGetProjectsForUser() {
    final User u = new User();
    final Project p1 = new Project("p1");
    final Project p2 = new Project("p2");
    final UserGroup ug = new UserGroup("group");
    final ProjectUserJoin puj = new ProjectUserJoin(p1, u, ProjectRole.PROJECT_OWNER);
    final UserGroupProjectJoin ugpj = new UserGroupProjectJoin(p2, ug, ProjectRole.PROJECT_OWNER);
    when(pujRepository.getProjectsForUser(u)).thenReturn(ImmutableList.of(puj));
    when(ugpjRepository.findProjectsByUser(u)).thenReturn(ImmutableList.of(ugpj));
    final List<Join<Project, User>> projects = projectService.getProjectsForUser(u);
    assertEquals("User should be in 2 projects.", 2, projects.size());
    assertTrue("Should have found user project join.", projects.stream().anyMatch(p -> p.getSubject().equals(p1)));
    assertTrue("Should have found group project join.", projects.stream().anyMatch(p -> p.getSubject().equals(p2)));
}
Also used : ProjectRole(ca.corefacility.bioinformatics.irida.model.enums.ProjectRole) ProjectSampleJoinRepository(ca.corefacility.bioinformatics.irida.repositories.joins.project.ProjectSampleJoinRepository) ConstraintViolationImpl(org.hibernate.validator.internal.engine.ConstraintViolationImpl) ProjectReferenceFileJoin(ca.corefacility.bioinformatics.irida.model.project.ProjectReferenceFileJoin) ProjectService(ca.corefacility.bioinformatics.irida.service.ProjectService) DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) Path(java.nio.file.Path) ConstraintViolation(javax.validation.ConstraintViolation) ReferenceFileRepository(ca.corefacility.bioinformatics.irida.repositories.referencefile.ReferenceFileRepository) UserRepository(ca.corefacility.bioinformatics.irida.repositories.user.UserRepository) ProjectWithoutOwnerException(ca.corefacility.bioinformatics.irida.exceptions.ProjectWithoutOwnerException) SequencingObjectRepository(ca.corefacility.bioinformatics.irida.repositories.sequencefile.SequencingObjectRepository) Set(java.util.Set) Validator(javax.validation.Validator) PageRequest(org.springframework.data.domain.PageRequest) Page(org.springframework.data.domain.Page) SampleSequencingObjectJoinRepository(ca.corefacility.bioinformatics.irida.repositories.joins.sample.SampleSequencingObjectJoinRepository) Matchers.any(org.mockito.Matchers.any) ProjectUserJoinRepository(ca.corefacility.bioinformatics.irida.repositories.joins.project.ProjectUserJoinRepository) List(java.util.List) Specification(org.springframework.data.jpa.domain.Specification) Assert.assertFalse(org.junit.Assert.assertFalse) RelatedProjectJoin(ca.corefacility.bioinformatics.irida.model.joins.impl.RelatedProjectJoin) User(ca.corefacility.bioinformatics.irida.model.user.User) ProjectAnalysisSubmissionJoinRepository(ca.corefacility.bioinformatics.irida.repositories.analysis.submission.ProjectAnalysisSubmissionJoinRepository) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Authentication(org.springframework.security.core.Authentication) PageImpl(org.springframework.data.domain.PageImpl) Mockito.mock(org.mockito.Mockito.mock) ProjectServiceImpl(ca.corefacility.bioinformatics.irida.service.impl.ProjectServiceImpl) EntityExistsException(ca.corefacility.bioinformatics.irida.exceptions.EntityExistsException) EntityNotFoundException(ca.corefacility.bioinformatics.irida.exceptions.EntityNotFoundException) SampleRepository(ca.corefacility.bioinformatics.irida.repositories.sample.SampleRepository) Join(ca.corefacility.bioinformatics.irida.model.joins.Join) Mockito.verifyZeroInteractions(org.mockito.Mockito.verifyZeroInteractions) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) UserGroupProjectJoinRepository(ca.corefacility.bioinformatics.irida.repositories.joins.project.UserGroupProjectJoinRepository) Lists(com.google.common.collect.Lists) ImmutableList(com.google.common.collect.ImmutableList) ProjectReferenceFileJoinRepository(ca.corefacility.bioinformatics.irida.repositories.joins.project.ProjectReferenceFileJoinRepository) ProjectUserJoin(ca.corefacility.bioinformatics.irida.model.joins.impl.ProjectUserJoin) RelatedProjectRepository(ca.corefacility.bioinformatics.irida.repositories.joins.project.RelatedProjectRepository) ProjectRepository(ca.corefacility.bioinformatics.irida.repositories.ProjectRepository) Before(org.junit.Before) ReferenceFile(ca.corefacility.bioinformatics.irida.model.project.ReferenceFile) ProjectSampleJoin(ca.corefacility.bioinformatics.irida.model.joins.impl.ProjectSampleJoin) Files(java.nio.file.Files) Assert.assertNotNull(org.junit.Assert.assertNotNull) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) Test(org.junit.Test) Sample(ca.corefacility.bioinformatics.irida.model.sample.Sample) Mockito.when(org.mockito.Mockito.when) UserGroup(ca.corefacility.bioinformatics.irida.model.user.group.UserGroup) Project(ca.corefacility.bioinformatics.irida.model.project.Project) Mockito.verify(org.mockito.Mockito.verify) ConstraintViolationException(javax.validation.ConstraintViolationException) UserGroupProjectJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin) Assert.assertEquals(org.junit.Assert.assertEquals) Project(ca.corefacility.bioinformatics.irida.model.project.Project) User(ca.corefacility.bioinformatics.irida.model.user.User) ProjectUserJoin(ca.corefacility.bioinformatics.irida.model.joins.impl.ProjectUserJoin) UserGroupProjectJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin) ProjectReferenceFileJoin(ca.corefacility.bioinformatics.irida.model.project.ProjectReferenceFileJoin) RelatedProjectJoin(ca.corefacility.bioinformatics.irida.model.joins.impl.RelatedProjectJoin) Join(ca.corefacility.bioinformatics.irida.model.joins.Join) ProjectUserJoin(ca.corefacility.bioinformatics.irida.model.joins.impl.ProjectUserJoin) ProjectSampleJoin(ca.corefacility.bioinformatics.irida.model.joins.impl.ProjectSampleJoin) UserGroupProjectJoin(ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin) UserGroup(ca.corefacility.bioinformatics.irida.model.user.group.UserGroup) Test(org.junit.Test)

Aggregations

UserGroupProjectJoin (ca.corefacility.bioinformatics.irida.model.user.group.UserGroupProjectJoin)9 Project (ca.corefacility.bioinformatics.irida.model.project.Project)5 User (ca.corefacility.bioinformatics.irida.model.user.User)4 ProjectWithoutOwnerException (ca.corefacility.bioinformatics.irida.exceptions.ProjectWithoutOwnerException)3 Join (ca.corefacility.bioinformatics.irida.model.joins.Join)3 UserGroupJoin (ca.corefacility.bioinformatics.irida.model.user.group.UserGroupJoin)3 ArrayList (java.util.ArrayList)3 LaunchesProjectEvent (ca.corefacility.bioinformatics.irida.events.annotations.LaunchesProjectEvent)2 EntityNotFoundException (ca.corefacility.bioinformatics.irida.exceptions.EntityNotFoundException)2 ProjectUserJoin (ca.corefacility.bioinformatics.irida.model.joins.impl.ProjectUserJoin)2 UserGroup (ca.corefacility.bioinformatics.irida.model.user.group.UserGroup)2 Specification (org.springframework.data.jpa.domain.Specification)2 EntityExistsException (ca.corefacility.bioinformatics.irida.exceptions.EntityExistsException)1 ProjectRole (ca.corefacility.bioinformatics.irida.model.enums.ProjectRole)1 UserGroupRoleSetProjectEvent (ca.corefacility.bioinformatics.irida.model.event.UserGroupRoleSetProjectEvent)1 ProjectSampleJoin (ca.corefacility.bioinformatics.irida.model.joins.impl.ProjectSampleJoin)1 RelatedProjectJoin (ca.corefacility.bioinformatics.irida.model.joins.impl.RelatedProjectJoin)1 ProjectReferenceFileJoin (ca.corefacility.bioinformatics.irida.model.project.ProjectReferenceFileJoin)1 ReferenceFile (ca.corefacility.bioinformatics.irida.model.project.ReferenceFile)1 Sample (ca.corefacility.bioinformatics.irida.model.sample.Sample)1