Search in sources :

Example 16 with DataAccessRequest

use of org.obiba.mica.access.domain.DataAccessRequest in project mica2 by obiba.

the class CsvReportGenerator method writeEachDataAccessRequest.

private void writeEachDataAccessRequest(CSVWriter writer) {
    writer.writeNext(toArray(extractTranslatedField(GENERIC_TANSLATION_PREFIX + ".detailedOverview")));
    Set<String> tableKeys = csvSchema.read("table", Map.class).keySet();
    writer.writeNext(tableKeys.stream().map(key -> extractTranslatedField("table.['" + key + "']")).toArray(String[]::new));
    for (DataAccessRequest dataAccessRequestDto : dataAccessRequestDtos) {
        DocumentContext dataAccessRequestContent = JsonPath.parse(dataAccessRequestDto.getContent());
        addGenericVariablesInDocumentContext(dataAccessRequestDto, dataAccessRequestContent);
        writer.writeNext(tableKeys.stream().map(key -> extractValueFromDataAccessRequest(dataAccessRequestContent, key)).toArray(String[]::new));
    }
}
Also used : DataAccessRequest(org.obiba.mica.access.domain.DataAccessRequest) DocumentContext(com.jayway.jsonpath.DocumentContext) HashMap(java.util.HashMap) Map(java.util.Map)

Example 17 with DataAccessRequest

use of org.obiba.mica.access.domain.DataAccessRequest in project mica2 by obiba.

the class DataAccessRequestResource method submit.

// 
// Private methods
// 
private Response submit(String id) {
    DataAccessRequest request = dataAccessRequestService.findById(id);
    boolean fromOpened = request.getStatus() == DataAccessRequest.Status.OPENED;
    boolean fromConditionallyApproved = request.getStatus() == DataAccessRequest.Status.CONDITIONALLY_APPROVED;
    if (fromOpened && !subjectAclService.isCurrentUser(request.getApplicant())) {
        // only applicant can submit an opened request
        throw new ForbiddenException();
    }
    dataAccessRequestService.updateStatus(id, DataAccessRequest.Status.SUBMITTED);
    if (fromOpened || fromConditionallyApproved) {
        // applicant cannot edit, nor delete request anymore + status cannot be changed
        subjectAclService.removePermission("/data-access-request", "EDIT,DELETE", id);
        subjectAclService.removePermission("/data-access-request/" + id, "EDIT", "_status");
        // data access officers can change the status of this request
        subjectAclService.addGroupPermission(Roles.MICA_DAO, "/data-access-request/" + id, "EDIT", "_status");
    }
    return Response.noContent().build();
}
Also used : ForbiddenException(javax.ws.rs.ForbiddenException) DataAccessRequest(org.obiba.mica.access.domain.DataAccessRequest)

Example 18 with DataAccessRequest

use of org.obiba.mica.access.domain.DataAccessRequest in project mica2 by obiba.

the class DataAccessRequestResource method getAttachment.

@GET
@Timed
@Path("/attachments/{attachmentId}/_download")
public Response getAttachment(@PathParam("id") String id, @PathParam("attachmentId") String attachmentId) throws IOException {
    subjectAclService.checkPermission("/data-access-request", "VIEW", id);
    DataAccessRequest request = dataAccessRequestService.findById(id);
    Optional<Attachment> r = request.getAttachments().stream().filter(a -> a.getId().equals(attachmentId)).findFirst();
    if (!r.isPresent())
        throw NoSuchEntityException.withId(Attachment.class, attachmentId);
    return Response.ok(fileStoreService.getFile(r.get().getFileReference())).header("Content-Disposition", "attachment; filename=\"" + r.get().getName() + "\"").build();
}
Also used : Comment(org.obiba.mica.core.domain.Comment) PathParam(javax.ws.rs.PathParam) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) Roles(org.obiba.mica.security.Roles) Path(javax.ws.rs.Path) DataAccessRequestService(org.obiba.mica.access.service.DataAccessRequestService) FileStoreService(org.obiba.mica.file.FileStoreService) Inject(javax.inject.Inject) EventBus(com.google.common.eventbus.EventBus) Strings(com.google.common.base.Strings) ResourceDeletedEvent(org.obiba.mica.security.event.ResourceDeletedEvent) QueryParam(javax.ws.rs.QueryParam) LanguageTag(sun.util.locale.LanguageTag) Map(java.util.Map) JSONUtils(org.obiba.mica.JSONUtils) Mica(org.obiba.mica.web.model.Mica) DataAccessRequest(org.obiba.mica.access.domain.DataAccessRequest) BadRequestException(javax.ws.rs.BadRequestException) DataAccessRequestCommentMailNotification(org.obiba.mica.access.notification.DataAccessRequestCommentMailNotification) Dtos(org.obiba.mica.web.model.Dtos) CommentsService(org.obiba.mica.core.service.CommentsService) DELETE(javax.ws.rs.DELETE) POST(javax.ws.rs.POST) Attachment(org.obiba.mica.file.Attachment) SubjectAclService(org.obiba.mica.security.service.SubjectAclService) ForbiddenException(javax.ws.rs.ForbiddenException) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) NoSuchEntityException(org.obiba.mica.NoSuchEntityException) NoSuchDataAccessRequestException(org.obiba.mica.access.NoSuchDataAccessRequestException) Timed(com.codahale.metrics.annotation.Timed) List(java.util.List) Component(org.springframework.stereotype.Component) Response(javax.ws.rs.core.Response) Optional(java.util.Optional) PUT(javax.ws.rs.PUT) SecurityUtils(org.apache.shiro.SecurityUtils) DataAccessRequest(org.obiba.mica.access.domain.DataAccessRequest) Attachment(org.obiba.mica.file.Attachment) Path(javax.ws.rs.Path) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET)

Example 19 with DataAccessRequest

use of org.obiba.mica.access.domain.DataAccessRequest in project mica2 by obiba.

the class DataAccessRequestResource method open.

private Response open(@PathParam("id") String id) {
    DataAccessRequest request = dataAccessRequestService.updateStatus(id, DataAccessRequest.Status.OPENED);
    // restore applicant permissions
    subjectAclService.addUserPermission(request.getApplicant(), "/data-access-request", "VIEW,EDIT,DELETE", id);
    subjectAclService.addUserPermission(request.getApplicant(), "/data-access-request/" + id, "EDIT", "_status");
    // data access officers cannot change the status of this request anymore
    subjectAclService.removeGroupPermission(Roles.MICA_DAO, "/data-access-request/" + id, "EDIT", "_status");
    return Response.noContent().build();
}
Also used : DataAccessRequest(org.obiba.mica.access.domain.DataAccessRequest)

Example 20 with DataAccessRequest

use of org.obiba.mica.access.domain.DataAccessRequest in project mica2 by obiba.

the class DataAccessRequestResource method conditionallyApprove.

private Response conditionallyApprove(@PathParam("id") String id) {
    DataAccessRequest request = dataAccessRequestService.updateStatus(id, DataAccessRequest.Status.CONDITIONALLY_APPROVED);
    // restore applicant permissions
    subjectAclService.addUserPermission(request.getApplicant(), "/data-access-request", "VIEW,EDIT,DELETE", id);
    subjectAclService.addUserPermission(request.getApplicant(), "/data-access-request/" + id, "EDIT", "_status");
    // data access officers cannot change the status of this request anymore
    subjectAclService.removeGroupPermission(Roles.MICA_DAO, "/data-access-request/" + id, "EDIT", "_status");
    return updateStatus(id, DataAccessRequest.Status.CONDITIONALLY_APPROVED);
}
Also used : DataAccessRequest(org.obiba.mica.access.domain.DataAccessRequest)

Aggregations

DataAccessRequest (org.obiba.mica.access.domain.DataAccessRequest)25 Timed (com.codahale.metrics.annotation.Timed)6 DateTime (org.joda.time.DateTime)5 ByteArrayOutputStream (java.io.ByteArrayOutputStream)3 IOException (java.io.IOException)3 Map (java.util.Map)3 NotNull (javax.validation.constraints.NotNull)3 BadRequestException (javax.ws.rs.BadRequestException)3 Attachment (org.obiba.mica.file.Attachment)3 DataAccessForm (org.obiba.mica.micaConfig.domain.DataAccessForm)3 Strings (com.google.common.base.Strings)2 EventBus (com.google.common.eventbus.EventBus)2 DocumentException (com.itextpdf.text.DocumentException)2 List (java.util.List)2 Collectors (java.util.stream.Collectors)2 Inject (javax.inject.Inject)2 ForbiddenException (javax.ws.rs.ForbiddenException)2 PUT (javax.ws.rs.PUT)2 SecurityUtils (org.apache.shiro.SecurityUtils)2 NoSuchDataAccessRequestException (org.obiba.mica.access.NoSuchDataAccessRequestException)2