Search in sources :

Example 1 with ArachnePermission

use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.

the class ArachnePermissionEvaluator method checkPermission.

protected boolean checkPermission(Authentication authentication, Object domainObject, Object permissions) {
    if (authentication.getPrincipal() instanceof ArachneUser) {
        ArachneUser user = (ArachneUser) authentication.getPrincipal();
        List<ArachnePermission> arachnePermissions = new LinkedList<>();
        if (permissions instanceof ArachnePermission) {
            arachnePermissions.add((ArachnePermission) permissions);
        } else if (permissions instanceof List) {
            for (Object permission : (List) permissions) {
                if (permission instanceof ArachnePermission) {
                    arachnePermissions.add((ArachnePermission) permission);
                }
            }
        }
        if (!arachnePermissions.isEmpty()) {
            Set<ArachnePermission> allPermission = getAllPermissions(domainObject, user);
            return Objects.nonNull(allPermission) && allPermission.containsAll(arachnePermissions);
        }
    }
    return false;
}
Also used : List(java.util.List) LinkedList(java.util.LinkedList) PermissionDsl.domainObject(com.odysseusinc.arachne.portal.component.PermissionDsl.domainObject) ArachneUser(com.odysseusinc.arachne.portal.model.security.ArachneUser) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission) LinkedList(java.util.LinkedList)

Example 2 with ArachnePermission

use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.

the class ArachnePermissionEvaluator method addPermissions.

public boolean addPermissions(ArachneUser user, HasArachnePermissions hasPermissionsObj) {
    Set<ArachnePermission> allPermissions = getAllPermissions(hasPermissionsObj, user);
    hasPermissionsObj.setPermissions(allPermissions);
    if (hasPermissionsObj instanceof Analysis) {
        final Analysis analysis = (Analysis) hasPermissionsObj;
        final List<SubmissionGroup> submissionGroups = analysis.getSubmissionGroups();
        if (!CollectionUtils.isEmpty(submissionGroups)) {
            submissionGroups.forEach(submissionGroup -> submissionGroup.getSubmissions().forEach(submission -> {
                final Set<ArachnePermission> submissionPermissions = getAllPermissions(submission, user);
                submission.setPermissions(submissionPermissions);
            }));
        }
        final List<AnalysisFile> files = analysis.getFiles();
        if (!CollectionUtils.isEmpty(files)) {
            files.forEach(file -> {
                final Set<ArachnePermission> filePermissions = getAllPermissions(file, user);
                file.setPermissions(filePermissions);
            });
        }
    } else if (hasPermissionsObj instanceof Study) {
        final Study study = (Study) hasPermissionsObj;
        for (final Analysis analysis : study.getAnalyses()) {
            analysis.setPermissions(getAllPermissions(analysis, user));
        }
    }
    return true;
}
Also used : Arrays(java.util.Arrays) PermissionDslPredicates(com.odysseusinc.arachne.portal.component.PermissionDslPredicates) AnalysisPredicates.analysisAuthorIs(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.AnalysisPredicates.analysisAuthorIs) DomainObjectLoaderFactory(com.odysseusinc.arachne.portal.service.domain.DomainObjectLoaderFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) Paper(com.odysseusinc.arachne.portal.model.Paper) IDataSource(com.odysseusinc.arachne.portal.model.IDataSource) BaseArachneSecureService(com.odysseusinc.arachne.portal.service.BaseArachneSecureService) Analysis(com.odysseusinc.arachne.portal.model.Analysis) Map(java.util.Map) DELETE_ANALYSIS_FILES(com.odysseusinc.arachne.portal.security.ArachnePermission.DELETE_ANALYSIS_FILES) User(com.odysseusinc.arachne.portal.model.User) AnalysisFilePredicates.analysisFileAuthorIs(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.AnalysisFilePredicates.analysisFileAuthorIs) PublishState(com.odysseusinc.arachne.portal.model.PublishState) Set(java.util.Set) DELETE_DATASOURCE(com.odysseusinc.arachne.portal.security.ArachnePermission.DELETE_DATASOURCE) RawUser(com.odysseusinc.arachne.portal.model.RawUser) Page(org.springframework.data.domain.Page) IUser(com.odysseusinc.arachne.portal.model.IUser) Serializable(java.io.Serializable) Objects(java.util.Objects) List(java.util.List) RawDataSource(com.odysseusinc.arachne.portal.model.RawDataSource) CollectionUtils(org.springframework.util.CollectionUtils) Authentication(org.springframework.security.core.Authentication) Study(com.odysseusinc.arachne.portal.model.Study) HashMap(java.util.HashMap) PermissionDsl.domainObject(com.odysseusinc.arachne.portal.component.PermissionDsl.domainObject) Organization(com.odysseusinc.arachne.portal.model.Organization) Submission(com.odysseusinc.arachne.portal.model.Submission) HashSet(java.util.HashSet) DataSource(com.odysseusinc.arachne.portal.model.DataSource) ParticipantRole(com.odysseusinc.arachne.portal.model.ParticipantRole) ObjectUtils(org.apache.commons.lang3.ObjectUtils) ArachneUser(com.odysseusinc.arachne.portal.model.security.ArachneUser) SubmissionInsight(com.odysseusinc.arachne.portal.model.SubmissionInsight) LinkedList(java.util.LinkedList) HasArachnePermissions(com.odysseusinc.arachne.portal.security.HasArachnePermissions) CommentTopic(com.odysseusinc.arachne.portal.model.CommentTopic) UserStudyGrouped(com.odysseusinc.arachne.portal.model.UserStudyGrouped) PermissionEvaluator(org.springframework.security.access.PermissionEvaluator) AnalysisFile(com.odysseusinc.arachne.portal.model.AnalysisFile) Component(org.springframework.stereotype.Component) DataNode(com.odysseusinc.arachne.portal.model.DataNode) PermissionDslPredicates.hasRole(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.hasRole) PermissionDslPredicates.instanceOf(com.odysseusinc.arachne.portal.component.PermissionDslPredicates.instanceOf) SubmissionGroup(com.odysseusinc.arachne.portal.model.SubmissionGroup) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission) Collections(java.util.Collections) Study(com.odysseusinc.arachne.portal.model.Study) Set(java.util.Set) HashSet(java.util.HashSet) SubmissionGroup(com.odysseusinc.arachne.portal.model.SubmissionGroup) Analysis(com.odysseusinc.arachne.portal.model.Analysis) AnalysisFile(com.odysseusinc.arachne.portal.model.AnalysisFile) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission)

Example 3 with ArachnePermission

use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.

the class AnalysisHelperTest method prepareAnalysis.

private Analysis prepareAnalysis(IUser author, Study study) throws Exception {
    List<Analysis> exists = analysisRepository.findByTitleAndStudyId("AnalysisHelperTest#test", study.getId());
    if (!exists.isEmpty()) {
        analysisRepository.deleteAll(exists);
    }
    Analysis analysis = new Analysis();
    analysis.setTitle("AnalysisHelperTest#test");
    analysis.setFiles(new ArrayList<>());
    analysis.setAuthor(author);
    analysis.setStudy(study);
    analysis.setType(CommonAnalysisType.COHORT_CHARACTERIZATION);
    Set<ArachnePermission> permissions = new HashSet<>();
    permissions.add(ArachnePermission.CREATE_SUBMISSION);
    permissions.add(ArachnePermission.CREATE_ANALYSIS);
    analysis.setPermissions(permissions);
    analysis = analysisService.create(analysis);
    AnalysisFile file = new AnalysisFile();
    file.setUuid(UUID.randomUUID().toString());
    file.setAnalysis(analysis);
    file.setContentType("text/plain");
    file.setLabel("");
    file.setAuthor(author);
    file.setUpdatedBy(author);
    file.setExecutable(Boolean.TRUE);
    file.setRealName("test.sql");
    Date created = new Date();
    file.setCreated(created);
    file.setUpdated(created);
    file.setVersion(1);
    file = analysisFileRepository.save(file);
    analysis.getFiles().add(file);
    Path dir = Paths.get(analysisHelper.getStoreFilesPath(), study.getId().toString(), analysis.getId().toString());
    Files.createDirectories(dir);
    Path path = dir.resolve(file.getUuid());
    Files.write(path, "test".getBytes());
    return analysis;
}
Also used : Path(java.nio.file.Path) Analysis(com.odysseusinc.arachne.portal.model.Analysis) AnalysisFile(com.odysseusinc.arachne.portal.model.AnalysisFile) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission) Date(java.util.Date) HashSet(java.util.HashSet)

Example 4 with ArachnePermission

use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.

the class HasArachnePermissionsToPermissionDTOConverter method convert.

@Override
public PermissionsDTO convert(HasArachnePermissions hasArachnePermissions) {
    PermissionsDTO permissionsDTO = new PermissionsDTO();
    Set<ArachnePermission> permissions = hasArachnePermissions.getPermissions();
    if (permissions != null) {
        Arrays.stream(ArachnePermission.values()).filter(arachnePermission -> Stream.of(arachnePermission.getApplicableClass()).anyMatch(clazz -> clazz.isAssignableFrom(hasArachnePermissions.getClass()))).forEach(ap -> permissionsDTO.put(ap, permissions.contains(ap)));
    }
    return permissionsDTO;
}
Also used : Arrays(java.util.Arrays) Component(org.springframework.stereotype.Component) Stream(java.util.stream.Stream) Set(java.util.Set) BaseConversionServiceAwareConverter(com.odysseusinc.arachne.portal.api.v1.dto.converters.BaseConversionServiceAwareConverter) PermissionsDTO(com.odysseusinc.arachne.portal.api.v1.dto.PermissionsDTO) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission) HasArachnePermissions(com.odysseusinc.arachne.portal.security.HasArachnePermissions) PermissionsDTO(com.odysseusinc.arachne.portal.api.v1.dto.PermissionsDTO) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission)

Example 5 with ArachnePermission

use of com.odysseusinc.arachne.portal.security.ArachnePermission in project ArachneCentralAPI by OHDSI.

the class ArachnePermissionEvaluator method addPermissions.

public boolean addPermissions(ArachneUser user, Page<UserStudyGrouped> userStudyLinks) {
    for (UserStudyGrouped userStudyLink : userStudyLinks) {
        Study study = userStudyLink.getStudy();
        Set<ArachnePermission> allPermissions = getAllPermissions(study, user);
        study.setPermissions(allPermissions);
    }
    return true;
}
Also used : Study(com.odysseusinc.arachne.portal.model.Study) UserStudyGrouped(com.odysseusinc.arachne.portal.model.UserStudyGrouped) ArachnePermission(com.odysseusinc.arachne.portal.security.ArachnePermission)

Aggregations

ArachnePermission (com.odysseusinc.arachne.portal.security.ArachnePermission)5 PermissionDsl.domainObject (com.odysseusinc.arachne.portal.component.PermissionDsl.domainObject)2 Analysis (com.odysseusinc.arachne.portal.model.Analysis)2 AnalysisFile (com.odysseusinc.arachne.portal.model.AnalysisFile)2 Study (com.odysseusinc.arachne.portal.model.Study)2 UserStudyGrouped (com.odysseusinc.arachne.portal.model.UserStudyGrouped)2 ArachneUser (com.odysseusinc.arachne.portal.model.security.ArachneUser)2 HasArachnePermissions (com.odysseusinc.arachne.portal.security.HasArachnePermissions)2 Arrays (java.util.Arrays)2 HashSet (java.util.HashSet)2 LinkedList (java.util.LinkedList)2 List (java.util.List)2 PermissionsDTO (com.odysseusinc.arachne.portal.api.v1.dto.PermissionsDTO)1 BaseConversionServiceAwareConverter (com.odysseusinc.arachne.portal.api.v1.dto.converters.BaseConversionServiceAwareConverter)1 PermissionDslPredicates (com.odysseusinc.arachne.portal.component.PermissionDslPredicates)1 AnalysisFilePredicates.analysisFileAuthorIs (com.odysseusinc.arachne.portal.component.PermissionDslPredicates.AnalysisFilePredicates.analysisFileAuthorIs)1 AnalysisPredicates.analysisAuthorIs (com.odysseusinc.arachne.portal.component.PermissionDslPredicates.AnalysisPredicates.analysisAuthorIs)1 PermissionDslPredicates.hasRole (com.odysseusinc.arachne.portal.component.PermissionDslPredicates.hasRole)1 PermissionDslPredicates.instanceOf (com.odysseusinc.arachne.portal.component.PermissionDslPredicates.instanceOf)1 CommentTopic (com.odysseusinc.arachne.portal.model.CommentTopic)1