use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.
the class BaseAuthenticationController method refresh.
@ApiOperation("Refresh session token.")
@RequestMapping(value = "/api/v1/auth/refresh", method = RequestMethod.POST)
public JsonResult<String> refresh(HttpServletRequest request) {
JsonResult<String> result;
try {
String token = request.getHeader(this.tokenHeader);
String username = this.tokenUtils.getUsernameFromToken(token);
ArachneUser user = (ArachneUser) this.userDetailsService.loadUserByUsername(username);
if (this.tokenUtils.canTokenBeRefreshed(token, user.getLastPasswordReset())) {
String refreshedToken = this.tokenUtils.refreshToken(token);
result = new JsonResult<>(JsonResult.ErrorCode.NO_ERROR);
result.setResult(refreshedToken);
} else {
result = new JsonResult<>(JsonResult.ErrorCode.UNAUTHORIZED);
}
} catch (Exception ex) {
log.error(ex.getMessage(), ex);
result = new JsonResult<>(JsonResult.ErrorCode.UNAUTHORIZED);
}
return result;
}
use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.
the class BaseSubmissionToBaseSubmissionDTOConverter method convert.
@Override
public DTO convert(T source) {
DTO dto = createResultObject();
dto.setConversionSource(source);
dto.setId(source.getId());
dto.setStatus(getStatusDTO(source));
dto.setCreatedAt(source.getCreated());
final Status status = statusConverter(source.getStatus());
final Boolean resultConfirmed = status.isResultConfirmed();
IDataSource dataSource = source.getDataSource();
dto.setDataSource(conversionService.convert(dataSource, DataSourceDTO.class));
Long loggedUserId = ((ArachneUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getId();
final boolean isOwner = DataNodeUtils.isDataNodeOwner(dataSource.getDataNode(), loggedUserId);
if (isOwner || (resultConfirmed != null && resultConfirmed)) {
dto.setResultFilesCount(source.getResultFiles().size());
}
dto.setPermissions(conversionService.convert(source, PermissionsDTO.class));
proceedAdditionalFields(dto, source);
final JsonObject resultInfo = source.getResultInfo();
final Map map = new Gson().fromJson(resultInfo, Map.class);
dto.setResultInfo(map);
dto.setHidden(source.getHidden());
return dto;
}
use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.
the class ArachnePermissionEvaluator method checkPermission.
protected boolean checkPermission(Authentication authentication, Object domainObject, Object permissions) {
if (authentication.getPrincipal() instanceof ArachneUser) {
ArachneUser user = (ArachneUser) authentication.getPrincipal();
List<ArachnePermission> arachnePermissions = new LinkedList<>();
if (permissions instanceof ArachnePermission) {
arachnePermissions.add((ArachnePermission) permissions);
} else if (permissions instanceof List) {
for (Object permission : (List) permissions) {
if (permission instanceof ArachnePermission) {
arachnePermissions.add((ArachnePermission) permission);
}
}
}
if (!arachnePermissions.isEmpty()) {
Set<ArachnePermission> allPermission = getAllPermissions(domainObject, user);
return Objects.nonNull(allPermission) && allPermission.containsAll(arachnePermissions);
}
}
return false;
}
use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.
the class ArachnePermissionEvaluator method addPermissions.
public boolean addPermissions(ArachneUser user, HasArachnePermissions hasPermissionsObj) {
Set<ArachnePermission> allPermissions = getAllPermissions(hasPermissionsObj, user);
hasPermissionsObj.setPermissions(allPermissions);
if (hasPermissionsObj instanceof Analysis) {
final Analysis analysis = (Analysis) hasPermissionsObj;
final List<SubmissionGroup> submissionGroups = analysis.getSubmissionGroups();
if (!CollectionUtils.isEmpty(submissionGroups)) {
submissionGroups.forEach(submissionGroup -> submissionGroup.getSubmissions().forEach(submission -> {
final Set<ArachnePermission> submissionPermissions = getAllPermissions(submission, user);
submission.setPermissions(submissionPermissions);
}));
}
final List<AnalysisFile> files = analysis.getFiles();
if (!CollectionUtils.isEmpty(files)) {
files.forEach(file -> {
final Set<ArachnePermission> filePermissions = getAllPermissions(file, user);
file.setPermissions(filePermissions);
});
}
}
return true;
}
use of com.odysseusinc.arachne.portal.model.security.ArachneUser in project ArachneCentralAPI by OHDSI.
the class UserUtils method getCurrentUser.
public static ArachneUser getCurrentUser() {
ArachneUser user = null;
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof ArachneUser) {
user = (ArachneUser) authentication.getPrincipal();
}
return user;
}
Aggregations