Examples with UserGroup gemma.gsec.model.UserGroup used on opensource projects

Example 6 with UserGroup

use of gemma.gsec.model.UserGroup in project Gemma by PavlidisLab.

the class UserManagerImpl method removeUserFromGroup.

@Override
public void removeUserFromGroup(String username, String groupName) {
    User user = userService.findByUserName(username);
    UserGroup group = userService.findGroupByName(groupName);
    if (user == null || group == null) {
        throw new IllegalArgumentException("User or group could not be read");
    }
    userService.removeUserFromGroup(user, group);
}

Example 7 with UserGroup

use of gemma.gsec.model.UserGroup in project Gemma by PavlidisLab.

the class UserManagerImpl method createUser.

@Override
@Secured({ "IS_AUTHENTICATED_ANONYMOUSLY", "RUN_AS_ADMIN" })
@Transactional
public void createUser(UserDetails user) {
    /*
         * UserDetails is not an entity, so this method is not directly managed by the Audit or ACL advice. However, it
         * runs in a transaction and calls two service methods which are intercepted. This means it is intercepted
         * before the transaction is flushed.
         */
    this.validateUserName(user.getUsername());
    User u = ubic.gemma.model.common.auditAndSecurity.User.Factory.newInstance();
    u.setUserName(user.getUsername());
    u.setPassword(user.getPassword());
    u.setEnabled(user.isEnabled());
    if (user instanceof UserDetailsImpl) {
        u.setSignupToken(((UserDetailsImpl) user).getSignupToken());
        u.setSignupTokenDatestamp(((UserDetailsImpl) user).getSignupTokenDatestamp());
    }
    if (user instanceof UserDetailsImpl) {
        u.setEmail(((UserDetailsImpl) user).getEmail());
    }
    try {
        u = userService.create(u);
    } catch (UserExistsException e) {
        throw new RuntimeException(e);
    }
    // Add the user to the default user group.
    UserGroup g = this.loadGroup(AuthorityConstants.USER_GROUP_NAME);
    userService.addUserToGroup(g, u);
/*
         * We don't log the user in automatically, because we require that new users click a confirmation link in an
         * email.
         */
}

Example 8 with UserGroup

use of gemma.gsec.model.UserGroup in project Gemma by PavlidisLab.

the class UserServiceImpl method delete.

@Override
public void delete(User user) {
    for (UserGroup group : this.userDao.loadGroups((ubic.gemma.model.common.auditAndSecurity.User) user)) {
        group.getGroupMembers().remove(user);
        this.userGroupDao.update((ubic.gemma.model.common.auditAndSecurity.UserGroup) group);
    }
    this.userDao.remove((ubic.gemma.model.common.auditAndSecurity.User) user);
}

Example 9 with UserGroup

use of gemma.gsec.model.UserGroup in project Gemma by PavlidisLab.

the class UserGroupServiceTest method testUpdateUserGroup.

/**
 * Tests updating the UserGroup
 */
@Test
public void testUpdateUserGroup() {
    List<GrantedAuthority> authos = new ArrayList<>();
    authos.add(new SimpleGrantedAuthority("GROUP_TESTING"));
    this.userManager.createGroup(this.groupName, authos);
    List<GrantedAuthority> findGroupAuthorities = this.userManager.findGroupAuthorities(this.groupName);
    for (GrantedAuthority grantedAuthority : findGroupAuthorities) {
        assertEquals("GROUP_TESTING", grantedAuthority.getAuthority());
    }
    /*
         * Add a user to the group
         */
    this.userManager.addUserToGroup(this.userName1, this.groupName);
    List<String> users = this.userManager.findUsersInGroup(this.groupName);
    assertTrue(users.contains(this.userName1));
    /*
         * Make sure user can see group (from bug 2822)
         */
    UserGroup group = this.userService.findGroupByName(this.groupName);
    this.securityService.isViewableByUser(group, this.userName1);
    /*
         * Remove a user from the group.
         */
    this.userManager.removeUserFromGroup(this.userName1, this.groupName);
    users = this.userManager.findUsersInGroup(this.groupName);
    assertTrue(!users.contains(this.userName1));
    super.runAsUser(this.userName1);
    /*
         * Can the user remove themselves from the group?
         */
    try {
        this.userManager.removeUserFromGroup(this.userName1, this.groupName);
        fail("Should have gotten access denied when user tried to remove themselves from a group");
    } catch (AccessDeniedException ok) {
    // expected behaviour
    }
    /*
         * Can they elevate the group authority?
         */
    try {
        this.userManager.addGroupAuthority(this.groupName, new SimpleGrantedAuthority(AuthorityConstants.ADMIN_GROUP_AUTHORITY));
        fail("Should have gotten access denied when user tried to make group ADMIN");
    } catch (AccessDeniedException ok) {
    // expected behaviour
    }
}

Example 10 with UserGroup

use of gemma.gsec.model.UserGroup in project Gemma by PavlidisLab.

the class UserGroupServiceTest method testDeleteUserGroup.

/**
 * Test for deleting a user group
 */
@Test
public void testDeleteUserGroup() {
    this.runAsAdmin();
    List<GrantedAuthority> authos = new ArrayList<>();
    authos.add(new SimpleGrantedAuthority("GROUP_TESTING"));
    this.userManager.createGroup(this.groupName, authos);
    // add another user to group
    this.userManager.addUserToGroup(this.userName1, this.groupName);
    this.userManager.addUserToGroup(this.userName2, this.groupName);
    // grant read permission to group
    ExpressionExperiment ee = this.getTestPersistentExpressionExperiment();
    UserGroup group = this.userService.findGroupByName(this.groupName);
    this.securityService.makeOwnedByUser(ee, userName1);
    this.securityService.makeOwnedByUser(group, userName1);
    this.runAsUser(userName1);
    this.securityService.makePrivate(ee);
    this.securityService.makeReadableByGroup(ee, this.groupName);
    // remove the group
    this.userManager.deleteGroup(this.groupName);
}