Examples with ProjectResource edu.stanford.bmir.protege.web.server.access.ProjectResource used on opensource projects

Example 1 with ProjectResource

use of edu.stanford.bmir.protege.web.server.access.ProjectResource in project webprotege by protegeproject.

the class GetAvailableProjectsHandler method execute.

@Nonnull
@Override
public GetAvailableProjectsResult execute(@Nonnull GetAvailableProjectsAction action, @Nonnull ExecutionContext executionContext) {
    UserId userId = executionContext.getUserId();
    Optional<UserActivityRecord> userActivityRecord = userActivityManager.getUserActivityRecord(executionContext.getUserId());
    Map<ProjectId, Long> lastOpenedMap = new HashMap<>();
    userActivityRecord.ifPresent(record -> record.getRecentProjects().forEach(recent -> lastOpenedMap.put(recent.getProjectId(), recent.getTimestamp())));
    List<AvailableProject> availableProjects = projectPermissionsManager.getReadableProjects(userId).stream().map(details -> {
        Subject user = forUser(userId);
        ProjectResource projectResource = new ProjectResource(details.getProjectId());
        boolean downloadable = accessManager.hasPermission(user, projectResource, DOWNLOAD_PROJECT);
        boolean trashable = details.getOwner().equals(userId) || accessManager.hasPermission(user, projectResource, MOVE_ANY_PROJECT_TO_TRASH);
        long lastOpened = lastOpenedMap.getOrDefault(details.getProjectId(), 0L);
        return new AvailableProject(details, downloadable, trashable, lastOpened);
    }).collect(toList());
    return new GetAvailableProjectsResult(availableProjects);
}

Example 2 with ProjectResource

use of edu.stanford.bmir.protege.web.server.access.ProjectResource in project webprotege by protegeproject.

the class CreateNewProjectActionHandler method applyDefaultPermissions.

private void applyDefaultPermissions(ProjectId projectId, UserId userId) {
    ProjectResource projectResource = new ProjectResource(projectId);
    // Owner is manager
    accessManager.setAssignedRoles(forUser(userId), projectResource, asList(CAN_MANAGE.getRoleId(), PROJECT_DOWNLOADER.getRoleId()));
    // Any signed in user can edit the layout
    accessManager.setAssignedRoles(forAnySignedInUser(), projectResource, singleton(LAYOUT_EDITOR.getRoleId()));
}

Example 3 with ProjectResource

use of edu.stanford.bmir.protege.web.server.access.ProjectResource in project webprotege by protegeproject.

the class ProjectSharingSettingsManagerImpl method getProjectSharingSettings.

@Override
public ProjectSharingSettings getProjectSharingSettings(ProjectId projectId) {
    List<SharingSetting> sharingSettings = new ArrayList<>();
    ProjectResource projectResource = new ProjectResource(projectId);
    Collection<Subject> subjects = accessManager.getSubjectsWithAccessToResource(projectResource);
    subjects.stream().filter(s -> !s.isGuest()).filter(s -> s.getUserName().isPresent()).map(s -> UserId.getUserId(s.getUserName().get())).forEach(u -> {
        Collection<RoleId> roles = accessManager.getAssignedRoles(Subject.forUser(u), projectResource);
        Roles.toSharingPermission(roles).ifPresent(p -> sharingSettings.add(new SharingSetting(PersonId.of(u), p)));
    });
    Collection<RoleId> signedInUserRoles = accessManager.getAssignedRoles(forAnySignedInUser(), projectResource);
    Optional<SharingPermission> linkSharing = Roles.toSharingPermission(signedInUserRoles);
    return new ProjectSharingSettings(projectId, linkSharing, sharingSettings);
}

Example 4 with ProjectResource

use of edu.stanford.bmir.protege.web.server.access.ProjectResource in project webprotege by protegeproject.

the class ChangeManager method applyChanges.

/**
 * Applies ontology changes to the ontologies contained within a project.
 *
 * @param userId                     The userId of the user applying the changes.  Not {@code null}.
 * @param changeListGenerator        A generator which creates a list of changes (based on the state of the project at
 *                                   the time of change application).  The idea behind passing in a change generator is that the list of changes to
 *                                   be applied can be created based on the state of the project immediately before they are applied.  This is
 *                                   necessary where the changes depend on the structure/state of the ontology.  This method guarantees that no third
 *                                   party
 *                                   ontology changes will take place between the {@link ChangeListGenerator#generateChanges(ChangeGenerationContext)}
 *                                   method being called and the changes being applied.
 * @return A {@link ChangeApplicationResult} that describes the changes which took place an any renaminings.
 * @throws NullPointerException      if any parameters are {@code null}.
 * @throws PermissionDeniedException if the user identified by {@code userId} does not have permssion to write to
 *                                   ontologies in this project.
 */
@Override
public <R> ChangeApplicationResult<R> applyChanges(final UserId userId, final ChangeListGenerator<R> changeListGenerator) throws PermissionDeniedException {
    // noinspection ResultOfMethodCallIgnored
    checkNotNull(userId);
    // noinspection ResultOfMethodCallIgnored
    checkNotNull(changeListGenerator);
    // Final check of whether the user can actually edit the project
    Subject subject = forUser(userId);
    ProjectResource projectResource = new ProjectResource(projectId);
    if (!accessManager.hasPermission(subject, projectResource, EDIT_ONTOLOGY.getActionId())) {
        throw new PermissionDeniedException("You do not have permission to edit this project", userInSessionFactory.getUserInSession(userId));
    }
    final List<OWLOntologyChange> appliedChanges;
    final ChangeApplicationResult<R> finalResult;
    // with true entity IRIs
    try {
        // Compute the changes that need to take place.  We don't allow any other writes here because the
        // generation of the changes may depend upon the state of the project
        changeProcesssingLock.lock();
        final ChangeGenerationContext context = new ChangeGenerationContext(userId);
        OntologyChangeList<R> gen = changeListGenerator.generateChanges(context);
        // We have our changes
        List<OWLOntologyChange> changes = gen.getChanges();
        // We coin fresh entities for places where tmp: is the scheme - the name for the entity comes from
        // the fragment
        final Map<IRI, IRI> iriRenameMap = new HashMap<>();
        final ChangeSetEntityCrudSession session = getEntityCrudKitHandler().createChangeSetSession();
        Set<OWLOntologyChange> changesToRename = new HashSet<>();
        List<OWLOntologyChange> freshEntityChanges = new ArrayList<>();
        for (OWLOntologyChange change : changes) {
            for (OWLEntity entity : change.getSignature()) {
                if (DataFactory.isFreshEntity(entity)) {
                    if (entity.isOWLClass()) {
                        if (!accessManager.hasPermission(subject, projectResource, CREATE_CLASS.getActionId())) {
                            throw new PermissionDeniedException("You do not have permission to create new classes", userInSessionFactory.getUserInSession(userId));
                        }
                    } else if (entity.isOWLObjectProperty() || entity.isOWLDataProperty() || entity.isOWLAnnotationProperty()) {
                        if (!accessManager.hasPermission(subject, projectResource, CREATE_PROPERTY.getActionId())) {
                            throw new PermissionDeniedException("You do not have permission to create new properties", userInSessionFactory.getUserInSession(userId));
                        }
                    } else if (entity.isOWLNamedIndividual()) {
                        if (!accessManager.hasPermission(subject, projectResource, CREATE_INDIVIDUAL.getActionId())) {
                            throw new PermissionDeniedException("You do not have permission to create new individuals", userInSessionFactory.getUserInSession(userId));
                        }
                    } else if (entity.isOWLDatatype()) {
                        if (!accessManager.hasPermission(subject, projectResource, CREATE_DATATYPE.getActionId())) {
                            throw new PermissionDeniedException("You do not have permission to create new datatypes", userInSessionFactory.getUserInSession(userId));
                        }
                    }
                    changesToRename.add(change);
                    IRI currentIRI = entity.getIRI();
                    if (!iriRenameMap.containsKey(currentIRI)) {
                        String shortName = DataFactory.getFreshEntityShortName(entity);
                        OWLEntityCreator<? extends OWLEntity> creator = getEntityCreator(session, userId, shortName, (EntityType<? extends OWLEntity>) entity.getEntityType());
                        freshEntityChanges.addAll(creator.getChanges());
                        IRI replacementIRI = creator.getEntity().getIRI();
                        iriRenameMap.put(currentIRI, replacementIRI);
                    }
                }
            }
        }
        List<OWLOntologyChange> allChangesIncludingRenames = new ArrayList<>();
        final OWLObjectDuplicator duplicator = new OWLObjectDuplicator(dataFactory, iriRenameMap);
        for (OWLOntologyChange change : changes) {
            if (changesToRename.contains(change)) {
                OWLOntologyChange replacementChange = getRenamedChange(change, duplicator);
                allChangesIncludingRenames.add(replacementChange);
            } else {
                allChangesIncludingRenames.add(change);
            }
        }
        allChangesIncludingRenames.addAll(freshEntityChanges);
        List<OWLOntologyChange> minimisedChanges = getMinimisedChanges(allChangesIncludingRenames);
        final EventTranslatorManager eventTranslatorManager = eventTranslatorManagerProvider.get();
        eventTranslatorManager.prepareForOntologyChanges(minimisedChanges);
        // Now we do the actual changing, so we lock the project here.  No writes or reads can take place whilst
        // we apply the changes
        final Optional<Revision> revision;
        try {
            projectChangeWriteLock.lock();
            ProjectOWLOntologyManager manager = ((ProjectOWLOntologyManager) rootOntology.getOWLOntologyManager());
            List<OWLOntologyChange> effectiveChanges = getEffectiveChanges(minimisedChanges);
            manager.getDelegate().applyChanges(effectiveChanges);
            appliedChanges = effectiveChanges;
            final RenameMap renameMap = new RenameMap(iriRenameMap);
            R renamedResult = getRenamedResult(changeListGenerator, gen.getResult(), renameMap);
            finalResult = new ChangeApplicationResult<>(renamedResult, appliedChanges, renameMap);
            if (!appliedChanges.isEmpty()) {
                Revision rev = logAndBroadcastAppliedChanges(userId, changeListGenerator, finalResult);
                revision = Optional.of(rev);
                projectDetailsRepository.setModified(projectId, rev.getTimestamp(), userId);
            } else {
                revision = Optional.empty();
            }
        } finally {
            // Release for reads
            projectChangeWriteLock.unlock();
        }
        if (revision.isPresent() && !(changeListGenerator instanceof SilentChangeListGenerator)) {
            List<ProjectEvent<?>> highLevelEvents = new ArrayList<>();
            Revision rev = revision.get();
            eventTranslatorManager.translateOntologyChanges(rev, finalResult, highLevelEvents);
            if (changeListGenerator instanceof HasHighLevelEvents) {
                highLevelEvents.addAll(((HasHighLevelEvents) changeListGenerator).getHighLevelEvents());
            }
            projectEventManager.postEvents(highLevelEvents);
            projectChangedWebhookInvoker.invoke(userId, rev.getRevisionNumber(), rev.getTimestamp());
        }
    } finally {
        changeProcesssingLock.unlock();
    }
    return finalResult;
}

Example 5 with ProjectResource

use of edu.stanford.bmir.protege.web.server.access.ProjectResource in project webprotege by protegeproject.

the class ProjectSharingSettingsManagerImpl method setProjectSharingSettings.

@Override
public void setProjectSharingSettings(ProjectSharingSettings settings) {
    ProjectId projectId = settings.getProjectId();
    ProjectResource projectResource = new ProjectResource(projectId);
    // Remove existing assignments
    accessManager.getSubjectsWithAccessToResource(projectResource).forEach(subject -> accessManager.setAssignedRoles(subject, projectResource, Collections.emptySet()));
    Map<PersonId, SharingSetting> map = settings.getSharingSettings().stream().collect(toMap(SharingSetting::getPersonId, s -> s, (s1, s2) -> s1));
    Optional<SharingPermission> linkSharingPermission = settings.getLinkSharingPermission();
    linkSharingPermission.ifPresent(permission -> {
        Collection<RoleId> roleId = Roles.fromSharingPermission(permission);
        accessManager.setAssignedRoles(forAnySignedInUser(), projectResource, roleId);
    });
    if (!linkSharingPermission.isPresent()) {
        accessManager.setAssignedRoles(forAnySignedInUser(), projectResource, emptySet());
    }
    for (SharingSetting setting : map.values()) {
        PersonId personId = setting.getPersonId();
        Optional<UserId> userId = userLookup.getUserByUserIdOrEmail(personId.getId());
        if (userId.isPresent()) {
            ImmutableSet<RoleId> roles = Roles.fromSharingPermission(setting.getSharingPermission());
            accessManager.setAssignedRoles(forUser(userId.get()), projectResource, roles);
        } else {
            logger.info("User in sharing setting not found.  An email invitation needs to be sent");
        // TODO
        // We need to send the user an email invitation
        }
    }
}