Search in sources :

Example 1 with ArachneUser

use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.

the class BaseAuthenticationController method refresh.

@ApiOperation("Refresh session token.")
@RequestMapping(value = "/api/v1/auth/refresh", method = RequestMethod.POST)
public JsonResult<String> refresh(HttpServletRequest request) {
    JsonResult<String> result;
    try {
        String token = request.getHeader(this.tokenHeader);
        String username = this.tokenUtils.getUsernameFromToken(token);
        ArachneUser user = (ArachneUser) this.userDetailsService.loadUserByUsername(username);
        if (this.tokenUtils.canTokenBeRefreshed(token, user.getLastPasswordReset())) {
            String refreshedToken = this.tokenUtils.refreshToken(token);
            result = new JsonResult<>(JsonResult.ErrorCode.NO_ERROR);
            result.setResult(refreshedToken);
        } else {
            result = new JsonResult<>(JsonResult.ErrorCode.UNAUTHORIZED);
        }
    } catch (Exception ex) {
        log.error(ex.getMessage(), ex);
        result = new JsonResult<>(JsonResult.ErrorCode.UNAUTHORIZED);
    }
    return result;
}
Also used : ArachneUser(com.odysseusinc.arachne.portal.model.security.ArachneUser) SolrServerException(org.apache.solr.client.solrj.SolrServerException) AuthenticationException(org.springframework.security.core.AuthenticationException) UserNotActivatedException(com.odysseusinc.arachne.portal.exception.UserNotActivatedException) UserNotFoundException(com.odysseusinc.arachne.portal.exception.UserNotFoundException) IOException(java.io.IOException) PermissionDeniedException(com.odysseusinc.arachne.portal.exception.PermissionDeniedException) PasswordValidationException(com.odysseusinc.arachne.portal.exception.PasswordValidationException) MailSendException(org.springframework.mail.MailSendException) NotExistException(com.odysseusinc.arachne.portal.exception.NotExistException) JsonResult(com.odysseusinc.arachne.commons.api.v1.dto.util.JsonResult) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with ArachneUser

use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.

the class BaseSubmissionToBaseSubmissionDTOConverter method convert.

@Override
public DTO convert(T source) {
    DTO dto = createResultObject();
    dto.setConversionSource(source);
    dto.setId(source.getId());
    dto.setStatus(getStatusDTO(source));
    dto.setCreatedAt(source.getCreated());
    final Status status = statusConverter(source.getStatus());
    final Boolean resultConfirmed = status.isResultConfirmed();
    IDataSource dataSource = source.getDataSource();
    dto.setDataSource(conversionService.convert(dataSource, DataSourceDTO.class));
    Long loggedUserId = ((ArachneUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getId();
    final boolean isOwner = DataNodeUtils.isDataNodeOwner(dataSource.getDataNode(), loggedUserId);
    if (isOwner || (resultConfirmed != null && resultConfirmed)) {
        dto.setResultFilesCount(source.getResultFiles().size());
    }
    dto.setPermissions(conversionService.convert(source, PermissionsDTO.class));
    proceedAdditionalFields(dto, source);
    final JsonObject resultInfo = source.getResultInfo();
    final Map map = new Gson().fromJson(resultInfo, Map.class);
    dto.setResultInfo(map);
    dto.setHidden(source.getHidden());
    return dto;
}
Also used : JsonObject(com.google.gson.JsonObject) Gson(com.google.gson.Gson) ArachneUser(com.odysseusinc.arachne.portal.model.security.ArachneUser) Map(java.util.Map)

Example 3 with ArachneUser

use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.

the class ArachnePermissionEvaluator method checkPermission.

protected boolean checkPermission(Authentication authentication, Object domainObject, Object permissions) {
    if (authentication.getPrincipal() instanceof ArachneUser) {
        ArachneUser user = (ArachneUser) authentication.getPrincipal();
        List<ArachnePermission> arachnePermissions = new LinkedList<>();
        if (permissions instanceof ArachnePermission) {
            arachnePermissions.add((ArachnePermission) permissions);
        } else if (permissions instanceof List) {
            for (Object permission : (List) permissions) {
                if (permission instanceof ArachnePermission) {
                    arachnePermissions.add((ArachnePermission) permission);
                }
            }
        }
        if (!arachnePermissions.isEmpty()) {
            Set<ArachnePermission> allPermission = getAllPermissions(domainObject, user);
            return Objects.nonNull(allPermission) && allPermission.containsAll(arachnePermissions);
        }
    }
    return false;
}
Also used : LinkedList(java.util.LinkedList) List(java.util.List) PermissionDsl.domainObject(com.odysseusinc.arachne.portal.component.PermissionDsl.domainObject) ArachneUser(com.odysseusinc.arachne.portal.model.security.ArachneUser) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission) LinkedList(java.util.LinkedList)

Example 4 with ArachneUser

use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.

the class ArachnePermissionEvaluator method addPermissions.

public boolean addPermissions(ArachneUser user, HasArachnePermissions hasPermissionsObj) {
    Set<ArachnePermission> allPermissions = getAllPermissions(hasPermissionsObj, user);
    hasPermissionsObj.setPermissions(allPermissions);
    if (hasPermissionsObj instanceof Analysis) {
        final Analysis analysis = (Analysis) hasPermissionsObj;
        final List<SubmissionGroup> submissionGroups = analysis.getSubmissionGroups();
        if (!CollectionUtils.isEmpty(submissionGroups)) {
            submissionGroups.forEach(submissionGroup -> submissionGroup.getSubmissions().forEach(submission -> {
                final Set<ArachnePermission> submissionPermissions = getAllPermissions(submission, user);
                submission.setPermissions(submissionPermissions);
            }));
        }
        final List<AnalysisFile> files = analysis.getFiles();
        if (!CollectionUtils.isEmpty(files)) {
            files.forEach(file -> {
                final Set<ArachnePermission> filePermissions = getAllPermissions(file, user);
                file.setPermissions(filePermissions);
            });
        }
    }
    return true;
}
Also used : Arrays(java.util.Arrays) DomainObjectLoaderFactory(com.odysseusinc.arachne.portal.service.domain.DomainObjectLoaderFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) PermissionDsl.domainObject(com.odysseusinc.arachne.portal.component.PermissionDsl.domainObject) Submission(com.odysseusinc.arachne.portal.model.Submission) Paper(com.odysseusinc.arachne.portal.model.Paper) HashSet(java.util.HashSet) DataSource(com.odysseusinc.arachne.portal.model.DataSource) IDataSource(com.odysseusinc.arachne.portal.model.IDataSource) BaseArachneSecureService(com.odysseusinc.arachne.portal.service.BaseArachneSecureService) ParticipantRole(com.odysseusinc.arachne.portal.model.ParticipantRole) ObjectUtils(org.apache.commons.lang3.ObjectUtils) Analysis(com.odysseusinc.arachne.portal.model.Analysis) Map(java.util.Map) ArachneUser(com.odysseusinc.arachne.portal.model.security.ArachneUser) DELETE_ANALYSIS_FILES(com.odysseusinc.arachne.portal.security.ArachnePermission.DELETE_ANALYSIS_FILES) SubmissionInsight(com.odysseusinc.arachne.portal.model.SubmissionInsight) LinkedList(java.util.LinkedList) PermissionDslPredicates.analysisAuthorIs(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.analysisAuthorIs) HasArachnePermissions(com.odysseusinc.arachne.portal.security.HasArachnePermissions) User(com.odysseusinc.arachne.portal.model.User) CommentTopic(com.odysseusinc.arachne.portal.model.CommentTopic) PermissionDslPredicates.analysisFileAuthorIs(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.analysisFileAuthorIs) PublishState(com.odysseusinc.arachne.portal.model.PublishState) UserStudyGrouped(com.odysseusinc.arachne.portal.model.UserStudyGrouped) Set(java.util.Set) DELETE_DATASOURCE(com.odysseusinc.arachne.portal.security.ArachnePermission.DELETE_DATASOURCE) Page(org.springframework.data.domain.Page) PermissionEvaluator(org.springframework.security.access.PermissionEvaluator) Serializable(java.io.Serializable) Objects(java.util.Objects) AnalysisFile(com.odysseusinc.arachne.portal.model.AnalysisFile) List(java.util.List) Component(org.springframework.stereotype.Component) RawDataSource(com.odysseusinc.arachne.portal.model.RawDataSource) CollectionUtils(org.springframework.util.CollectionUtils) PermissionDslPredicates.userIsLeadInvestigator(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.userIsLeadInvestigator) DataNode(com.odysseusinc.arachne.portal.model.DataNode) PermissionDslPredicates.hasRole(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.hasRole) PermissionDslPredicates.instanceOf(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.instanceOf) Authentication(org.springframework.security.core.Authentication) SubmissionGroup(com.odysseusinc.arachne.portal.model.SubmissionGroup) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission) Collections(java.util.Collections) Study(com.odysseusinc.arachne.portal.model.Study) HashSet(java.util.HashSet) Set(java.util.Set) SubmissionGroup(com.odysseusinc.arachne.portal.model.SubmissionGroup) Analysis(com.odysseusinc.arachne.portal.model.Analysis) AnalysisFile(com.odysseusinc.arachne.portal.model.AnalysisFile) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission)

Example 5 with ArachneUser

use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.

the class UserUtils method getCurrentUser.

public static ArachneUser getCurrentUser() {
    ArachneUser user = null;
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof ArachneUser) {
        user = (ArachneUser) authentication.getPrincipal();
    }
    return user;
}
Also used : Authentication(org.springframework.security.core.Authentication) ArachneUser(com.odysseusinc.arachne.portal.model.security.ArachneUser)

Aggregations

ArachneUser (com.odysseusinc.arachne.portal.model.security.ArachneUser)8 PermissionDsl.domainObject (com.odysseusinc.arachne.portal.component.PermissionDsl.domainObject)2 IDataSource (com.odysseusinc.arachne.portal.model.IDataSource)2 User (com.odysseusinc.arachne.portal.model.User)2 ArachnePermission (com.odysseusinc.arachne.portal.security.ArachnePermission)2 LinkedList (java.util.LinkedList)2 List (java.util.List)2 Map (java.util.Map)2 Authentication (org.springframework.security.core.Authentication)2 Gson (com.google.gson.Gson)1 JsonObject (com.google.gson.JsonObject)1 CommonHealthStatus (com.odysseusinc.arachne.commons.api.v1.dto.CommonHealthStatus)1 JsonResult (com.odysseusinc.arachne.commons.api.v1.dto.util.JsonResult)1 DataNodeDTO (com.odysseusinc.arachne.portal.api.v1.dto.DataNodeDTO)1 SubmissionDTO (com.odysseusinc.arachne.portal.api.v1.dto.SubmissionDTO)1 SubmissionInsightDTO (com.odysseusinc.arachne.portal.api.v1.dto.SubmissionInsightDTO)1 PermissionDslPredicates.analysisAuthorIs (com.odysseusinc.arachne.portal.component.PermissionDslPredicates.analysisAuthorIs)1 PermissionDslPredicates.analysisFileAuthorIs (com.odysseusinc.arachne.portal.component.PermissionDslPredicates.analysisFileAuthorIs)1 PermissionDslPredicates.hasRole (com.odysseusinc.arachne.portal.component.PermissionDslPredicates.hasRole)1 PermissionDslPredicates.instanceOf (com.odysseusinc.arachne.portal.component.PermissionDslPredicates.instanceOf)1