use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.
the class ArachnePermissionEvaluator method checkPermission.
protected boolean checkPermission(Authentication authentication, Object domainObject, Object permissions) {
if (authentication.getPrincipal() instanceof ArachneUser) {
ArachneUser user = (ArachneUser) authentication.getPrincipal();
List<ArachnePermission> arachnePermissions = new LinkedList<>();
if (permissions instanceof ArachnePermission) {
arachnePermissions.add((ArachnePermission) permissions);
} else if (permissions instanceof List) {
for (Object permission : (List) permissions) {
if (permission instanceof ArachnePermission) {
arachnePermissions.add((ArachnePermission) permission);
}
}
}
if (!arachnePermissions.isEmpty()) {
Set<ArachnePermission> allPermission = getAllPermissions(domainObject, user);
return Objects.nonNull(allPermission) && allPermission.containsAll(arachnePermissions);
}
}
return false;
}
use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.
the class ArachnePermissionEvaluator method addPermissions.
public boolean addPermissions(ArachneUser user, HasArachnePermissions hasPermissionsObj) {
Set<ArachnePermission> allPermissions = getAllPermissions(hasPermissionsObj, user);
hasPermissionsObj.setPermissions(allPermissions);
if (hasPermissionsObj instanceof Analysis) {
final Analysis analysis = (Analysis) hasPermissionsObj;
final List<SubmissionGroup> submissionGroups = analysis.getSubmissionGroups();
if (!CollectionUtils.isEmpty(submissionGroups)) {
submissionGroups.forEach(submissionGroup -> submissionGroup.getSubmissions().forEach(submission -> {
final Set<ArachnePermission> submissionPermissions = getAllPermissions(submission, user);
submission.setPermissions(submissionPermissions);
}));
}
final List<AnalysisFile> files = analysis.getFiles();
if (!CollectionUtils.isEmpty(files)) {
files.forEach(file -> {
final Set<ArachnePermission> filePermissions = getAllPermissions(file, user);
file.setPermissions(filePermissions);
});
}
} else if (hasPermissionsObj instanceof Study) {
final Study study = (Study) hasPermissionsObj;
for (final Analysis analysis : study.getAnalyses()) {
analysis.setPermissions(getAllPermissions(analysis, user));
}
}
return true;
}
use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.
the class AnalysisHelperTest method prepareAnalysis.
private Analysis prepareAnalysis(IUser author, Study study) throws Exception {
List<Analysis> exists = analysisRepository.findByTitleAndStudyId("AnalysisHelperTest#test", study.getId());
if (!exists.isEmpty()) {
analysisRepository.deleteAll(exists);
}
Analysis analysis = new Analysis();
analysis.setTitle("AnalysisHelperTest#test");
analysis.setFiles(new ArrayList<>());
analysis.setAuthor(author);
analysis.setStudy(study);
analysis.setType(CommonAnalysisType.COHORT_CHARACTERIZATION);
Set<ArachnePermission> permissions = new HashSet<>();
permissions.add(ArachnePermission.CREATE_SUBMISSION);
permissions.add(ArachnePermission.CREATE_ANALYSIS);
analysis.setPermissions(permissions);
analysis = analysisService.create(analysis);
AnalysisFile file = new AnalysisFile();
file.setUuid(UUID.randomUUID().toString());
file.setAnalysis(analysis);
file.setContentType("text/plain");
file.setLabel("");
file.setAuthor(author);
file.setUpdatedBy(author);
file.setExecutable(Boolean.TRUE);
file.setRealName("test.sql");
Date created = new Date();
file.setCreated(created);
file.setUpdated(created);
file.setVersion(1);
file = analysisFileRepository.save(file);
analysis.getFiles().add(file);
Path dir = Paths.get(analysisHelper.getStoreFilesPath(), study.getId().toString(), analysis.getId().toString());
Files.createDirectories(dir);
Path path = dir.resolve(file.getUuid());
Files.write(path, "test".getBytes());
return analysis;
}
use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.
the class HasArachnePermissionsToPermissionDTOConverter method convert.
@Override
public PermissionsDTO convert(HasArachnePermissions hasArachnePermissions) {
PermissionsDTO permissionsDTO = new PermissionsDTO();
Set<ArachnePermission> permissions = hasArachnePermissions.getPermissions();
if (permissions != null) {
Arrays.stream(ArachnePermission.values()).filter(arachnePermission -> Stream.of(arachnePermission.getApplicableClass()).anyMatch(clazz -> clazz.isAssignableFrom(hasArachnePermissions.getClass()))).forEach(ap -> permissionsDTO.put(ap, permissions.contains(ap)));
}
return permissionsDTO;
}
use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.
the class ArachnePermissionEvaluator method addPermissions.
public boolean addPermissions(ArachneUser user, Page<UserStudyGrouped> userStudyLinks) {
for (UserStudyGrouped userStudyLink : userStudyLinks) {
Study study = userStudyLink.getStudy();
Set<ArachnePermission> allPermissions = getAllPermissions(study, user);
study.setPermissions(allPermissions);
}
return true;
}
Aggregations