Examples with EntityTypeIdentity org.molgenis.data.security.EntityTypeIdentity used on opensource projects

Example 1 with EntityTypeIdentity

use of org.molgenis.data.security.EntityTypeIdentity in project molgenis by molgenis.

the class DataExplorerController method getModule.

@GetMapping("/module/{moduleId}")
public String getModule(@PathVariable("moduleId") String moduleId, @RequestParam("entity") String entityTypeId, Model model) {
    EntityType selectedEntityType;
    Map<String, GenomeBrowserTrack> entityTracks;
    switch(moduleId) {
        case MOD_DATA:
            selectedEntityType = dataService.getMeta().getEntityTypeById(entityTypeId);
            entityTracks = genomeBrowserService.getGenomeBrowserTracks(selectedEntityType);
            model.addAttribute("genomeTracks", getTracksJson(entityTracks));
            // if multiple tracks are available we assume chrom and pos attribute are the same
            if (!entityTracks.isEmpty()) {
                // FIXME: how to do this cleaner
                GenomeBrowserTrack track = entityTracks.entrySet().iterator().next().getValue();
                model.addAttribute("pos_attr", track.getGenomeBrowserAttrs().getPos());
                model.addAttribute("chrom_attr", track.getGenomeBrowserAttrs().getChrom());
            }
            model.addAttribute("showDirectoryButton", directoryController.showDirectoryButton(entityTypeId));
            model.addAttribute("NegotiatorEnabled", directoryController.showDirectoryButton(entityTypeId));
            break;
        case MOD_ENTITIESREPORT:
            // TODO: figure out if we need to know pos and chrom attrs here
            selectedEntityType = dataService.getMeta().getEntityTypeById(entityTypeId);
            entityTracks = genomeBrowserService.getGenomeBrowserTracks(selectedEntityType);
            model.addAttribute("genomeTracks", getTracksJson(entityTracks));
            model.addAttribute("showDirectoryButton", directoryController.showDirectoryButton(entityTypeId));
            model.addAttribute("NegotiatorEnabled", directoryController.showDirectoryButton(entityTypeId));
            model.addAttribute("datasetRepository", dataService.getRepository(entityTypeId));
            model.addAttribute("viewName", dataExplorerSettings.getEntityReport(entityTypeId));
            break;
        case MOD_ANNOTATORS:
            // self-explanatory
            if (!permissionService.hasPermission(new EntityTypeIdentity(entityTypeId), EntityTypePermission.WRITEMETA)) {
                throw new MolgenisDataAccessException("No " + Permission.WRITEMETA + " permission on entity [" + entityTypeId + "], this permission is necessary run the annotators.");
            }
            Entity annotationRun = dataService.findOne(ANNOTATION_JOB_EXECUTION, new QueryImpl<>().eq(AnnotationJobExecutionMetaData.TARGET_NAME, entityTypeId).sort(new Sort(JobExecutionMetaData.START_DATE, Sort.Direction.DESC)));
            model.addAttribute("annotationRun", annotationRun);
            model.addAttribute("entityTypeId", entityTypeId);
            break;
    }
    // TODO bad request in case of invalid module id
    return "view-dataexplorer-mod-" + moduleId;
}

Example 2 with EntityTypeIdentity

use of org.molgenis.data.security.EntityTypeIdentity in project molgenis by molgenis.

the class EntityTypeRepositorySecurityDecoratorTest method countQuery.

@WithMockUser(username = USERNAME)
@Test
public void countQuery() {
    String entityType0Name = "entity0";
    EntityType entityType0 = when(mock(EntityType.class).getId()).thenReturn(entityType0Name).getMock();
    String entityType1Name = "entity1";
    EntityType entityType1 = when(mock(EntityType.class).getId()).thenReturn(entityType1Name).getMock();
    Query q = new QueryImpl<>();
    @SuppressWarnings("unchecked") ArgumentCaptor<Query> queryCaptor = forClass(Query.class);
    when(delegateRepository.findAll(queryCaptor.capture())).thenReturn(Stream.of(entityType0, entityType1));
    doReturn(false).when(permissionService).hasPermission(new EntityTypeIdentity(entityType0Name), EntityTypePermission.COUNT);
    doReturn(true).when(permissionService).hasPermission(new EntityTypeIdentity(entityType1Name), EntityTypePermission.COUNT);
    assertEquals(repo.count(q), 1L);
    assertEquals(queryCaptor.getValue().getOffset(), 0);
    assertEquals(queryCaptor.getValue().getPageSize(), Integer.MAX_VALUE);
}

Example 3 with EntityTypeIdentity

use of org.molgenis.data.security.EntityTypeIdentity in project molgenis by molgenis.

the class EntityTypeRepositorySecurityDecoratorTest method findOneQueryUserPermissionAllowed.

@WithMockUser(username = USERNAME)
@Test
public void findOneQueryUserPermissionAllowed() {
    String entityType0Name = "entity0";
    EntityType entityType0 = when(mock(EntityType.class).getId()).thenReturn(entityType0Name).getMock();
    @SuppressWarnings("unchecked") Query q = mock(Query.class);
    when(delegateRepository.findOne(q)).thenReturn(entityType0);
    when(permissionService.hasPermission(new EntityTypeIdentity(entityType0Name), EntityTypePermission.COUNT)).thenReturn(true);
    assertEquals(repo.findOne(q), entityType0);
}

Example 4 with EntityTypeIdentity

use of org.molgenis.data.security.EntityTypeIdentity in project molgenis by molgenis.

the class EntityTypeRepositorySecurityDecoratorTest method findOneByIdUserPermissionAllowed.

@WithMockUser(username = USERNAME)
@Test
public void findOneByIdUserPermissionAllowed() {
    String entityType0Name = "entity0";
    EntityType entityType0 = mock(EntityType.class);
    when(delegateRepository.findOneById("entity0")).thenReturn(entityType0);
    when(permissionService.hasPermission(new EntityTypeIdentity(entityType0Name), EntityTypePermission.COUNT)).thenReturn(true);
    assertEquals(repo.findOneById("entity0"), entityType0);
}

Example 5 with EntityTypeIdentity

use of org.molgenis.data.security.EntityTypeIdentity in project molgenis by molgenis.

the class EntityTypeRepositorySecurityDecoratorTest method findAllQueryUserOffsetLimit.

@WithMockUser(username = USERNAME)
@Test
public void findAllQueryUserOffsetLimit() {
    String entityType0Name = "entity0";
    EntityType entityType0 = when(mock(EntityType.class).getId()).thenReturn(entityType0Name).getMock();
    String entityType1Name = "entity1";
    EntityType entityType1 = when(mock(EntityType.class).getId()).thenReturn(entityType1Name).getMock();
    String entityType2Name = "entity2";
    EntityType entityType2 = when(mock(EntityType.class).getId()).thenReturn(entityType2Name).getMock();
    @SuppressWarnings("unchecked") Query q = mock(Query.class);
    when(q.getOffset()).thenReturn(1);
    when(q.getPageSize()).thenReturn(1);
    @SuppressWarnings("unchecked") ArgumentCaptor<Query<EntityType>> queryCaptor = forClass(Query.class);
    when(delegateRepository.findAll(queryCaptor.capture())).thenReturn(Stream.of(entityType0, entityType1, entityType2));
    doReturn(true).when(permissionService).hasPermission(new EntityTypeIdentity(entityType0Name), EntityTypePermission.COUNT);
    doReturn(false).when(permissionService).hasPermission(new EntityTypeIdentity(entityType1Name), EntityTypePermission.COUNT);
    doReturn(true).when(permissionService).hasPermission(new EntityTypeIdentity(entityType2Name), EntityTypePermission.COUNT);
    assertEquals(repo.findAll(q).collect(toList()), singletonList(entityType2));
    Query<EntityType> decoratedQ = queryCaptor.getValue();
    assertEquals(decoratedQ.getOffset(), 0);
    assertEquals(decoratedQ.getPageSize(), Integer.MAX_VALUE);
}