Search in sources :

Example 1 with WorkspaceUserRole

use of org.pmiops.workbench.db.model.WorkspaceUserRole in project workbench by all-of-us.

the class WorkspaceServiceImpl method updateUserRoles.

@Override
public Workspace updateUserRoles(Workspace workspace, Set<WorkspaceUserRole> userRoleSet) {
    Map<Long, WorkspaceUserRole> userRoleMap = new HashMap<Long, WorkspaceUserRole>();
    for (WorkspaceUserRole userRole : userRoleSet) {
        userRole.setWorkspace(workspace);
        userRoleMap.put(userRole.getUser().getUserId(), userRole);
    }
    ArrayList<WorkspaceACLUpdate> updateACLRequestList = new ArrayList<WorkspaceACLUpdate>();
    Iterator<WorkspaceUserRole> dbUserRoles = workspace.getWorkspaceUserRoles().iterator();
    while (dbUserRoles.hasNext()) {
        WorkspaceUserRole currentUserRole = dbUserRoles.next();
        WorkspaceUserRole mapValue = userRoleMap.get(currentUserRole.getUser().getUserId());
        if (mapValue != null) {
            currentUserRole.setRole(mapValue.getRole());
            userRoleMap.remove(currentUserRole.getUser().getUserId());
        } else {
            // This is how to remove a user from the FireCloud ACL:
            // Pass along an update request with NO ACCESS as the given access level.
            WorkspaceACLUpdate removedUser = new WorkspaceACLUpdate();
            removedUser.setEmail(currentUserRole.getUser().getEmail());
            removedUser.setCanCompute(false);
            removedUser.setCanShare(false);
            removedUser.setAccessLevel(WorkspaceAccessLevel.NO_ACCESS.toString());
            updateACLRequestList.add(removedUser);
            dbUserRoles.remove();
        }
    }
    for (Entry<Long, WorkspaceUserRole> remainingRole : userRoleMap.entrySet()) {
        workspace.getWorkspaceUserRoles().add(remainingRole.getValue());
    }
    for (WorkspaceUserRole currentWorkspaceUser : workspace.getWorkspaceUserRoles()) {
        WorkspaceACLUpdate currentUpdate = new WorkspaceACLUpdate();
        currentUpdate.setEmail(currentWorkspaceUser.getUser().getEmail());
        currentUpdate.setCanCompute(false);
        if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.OWNER) {
            currentUpdate.setCanShare(true);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.OWNER.toString());
        } else if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.WRITER) {
            currentUpdate.setCanShare(false);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.WRITER.toString());
        } else {
            currentUpdate.setCanShare(false);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.READER.toString());
        }
        updateACLRequestList.add(currentUpdate);
    }
    try {
        WorkspaceACLUpdateResponseList fireCloudResponse = fireCloudService.updateWorkspaceACL(workspace.getWorkspaceNamespace(), workspace.getFirecloudName(), updateACLRequestList);
        if (fireCloudResponse.getUsersNotFound().size() != 0) {
            String usersNotFound = "";
            for (int i = 0; i < fireCloudResponse.getUsersNotFound().size(); i++) {
                if (i > 0) {
                    usersNotFound += ", ";
                }
                usersNotFound += fireCloudResponse.getUsersNotFound().get(i).getEmail();
            }
            throw new BadRequestException(usersNotFound);
        }
    } catch (ApiException e) {
        if (e.getCode() == 400) {
            throw new BadRequestException(e.getResponseBody());
        } else if (e.getCode() == 404) {
            throw new NotFoundException("Workspace not found.");
        } else if (e.getCode() == 500) {
            throw new ServerErrorException(e);
        } else {
            throw new ServerUnavailableException(e);
        }
    }
    return this.saveWithLastModified(workspace);
}
Also used : HashMap(java.util.HashMap) WorkspaceACLUpdateResponseList(org.pmiops.workbench.firecloud.model.WorkspaceACLUpdateResponseList) ArrayList(java.util.ArrayList) ServerUnavailableException(org.pmiops.workbench.exceptions.ServerUnavailableException) NotFoundException(org.pmiops.workbench.exceptions.NotFoundException) WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole) BadRequestException(org.pmiops.workbench.exceptions.BadRequestException) ServerErrorException(org.pmiops.workbench.exceptions.ServerErrorException) WorkspaceACLUpdate(org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate) ApiException(org.pmiops.workbench.firecloud.ApiException)

Example 2 with WorkspaceUserRole

use of org.pmiops.workbench.db.model.WorkspaceUserRole in project workbench by all-of-us.

the class WorkspacesController method getWorkspaces.

@Override
public ResponseEntity<WorkspaceResponseListResponse> getWorkspaces() {
    // TODO: use FireCloud to determine what workspaces to return, instead of just returning
    // workspaces from our database.
    User user = userProvider.get();
    List<WorkspaceResponse> responseList = new ArrayList<WorkspaceResponse>();
    if (user != null) {
        for (WorkspaceUserRole userRole : user.getWorkspaceUserRoles()) {
            // TODO: Use FireCloud to determine access roles, not our DB
            WorkspaceResponse currentWorkspace = new WorkspaceResponse();
            currentWorkspace.setWorkspace(TO_CLIENT_WORKSPACE.apply(userRole.getWorkspace()));
            currentWorkspace.setAccessLevel(userRole.getRole());
            responseList.add(currentWorkspace);
        }
    }
    WorkspaceResponseListResponse response = new WorkspaceResponseListResponse();
    response.setItems(responseList);
    return ResponseEntity.ok(response);
}
Also used : ShareWorkspaceResponse(org.pmiops.workbench.model.ShareWorkspaceResponse) CloneWorkspaceResponse(org.pmiops.workbench.model.CloneWorkspaceResponse) WorkspaceResponse(org.pmiops.workbench.model.WorkspaceResponse) User(org.pmiops.workbench.db.model.User) WorkspaceResponseListResponse(org.pmiops.workbench.model.WorkspaceResponseListResponse) ArrayList(java.util.ArrayList) WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole)

Example 3 with WorkspaceUserRole

use of org.pmiops.workbench.db.model.WorkspaceUserRole in project workbench by all-of-us.

the class WorkspacesController method shareWorkspace.

@Override
public ResponseEntity<ShareWorkspaceResponse> shareWorkspace(String workspaceNamespace, String workspaceId, ShareWorkspaceRequest request) {
    if (Strings.isNullOrEmpty(request.getWorkspaceEtag())) {
        throw new BadRequestException("Missing required update field 'workspaceEtag'");
    }
    org.pmiops.workbench.db.model.Workspace dbWorkspace = workspaceService.getRequired(workspaceNamespace, workspaceId);
    int version = Etags.toVersion(request.getWorkspaceEtag());
    if (dbWorkspace.getVersion() != version) {
        throw new ConflictException("Attempted to modify user roles with outdated workspace etag");
    }
    Set<WorkspaceUserRole> dbUserRoles = new HashSet<WorkspaceUserRole>();
    for (UserRole user : request.getItems()) {
        WorkspaceUserRole newUserRole = new WorkspaceUserRole();
        User newUser = userDao.findUserByEmail(user.getEmail());
        if (newUser == null) {
            throw new BadRequestException(String.format("User %s doesn't exist", user.getEmail()));
        }
        newUserRole.setUser(newUser);
        newUserRole.setRole(user.getRole());
        dbUserRoles.add(newUserRole);
    }
    // This automatically enforces owner role.
    dbWorkspace = workspaceService.updateUserRoles(dbWorkspace, dbUserRoles);
    ShareWorkspaceResponse resp = new ShareWorkspaceResponse();
    resp.setWorkspaceEtag(Etags.fromVersion(dbWorkspace.getVersion()));
    return ResponseEntity.ok(resp);
}
Also used : ShareWorkspaceResponse(org.pmiops.workbench.model.ShareWorkspaceResponse) User(org.pmiops.workbench.db.model.User) ConflictException(org.pmiops.workbench.exceptions.ConflictException) WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole) WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole) UserRole(org.pmiops.workbench.model.UserRole) BadRequestException(org.pmiops.workbench.exceptions.BadRequestException) HashSet(java.util.HashSet)

Aggregations

WorkspaceUserRole (org.pmiops.workbench.db.model.WorkspaceUserRole)3 ArrayList (java.util.ArrayList)2 User (org.pmiops.workbench.db.model.User)2 BadRequestException (org.pmiops.workbench.exceptions.BadRequestException)2 ShareWorkspaceResponse (org.pmiops.workbench.model.ShareWorkspaceResponse)2 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 ConflictException (org.pmiops.workbench.exceptions.ConflictException)1 NotFoundException (org.pmiops.workbench.exceptions.NotFoundException)1 ServerErrorException (org.pmiops.workbench.exceptions.ServerErrorException)1 ServerUnavailableException (org.pmiops.workbench.exceptions.ServerUnavailableException)1 ApiException (org.pmiops.workbench.firecloud.ApiException)1 WorkspaceACLUpdate (org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate)1 WorkspaceACLUpdateResponseList (org.pmiops.workbench.firecloud.model.WorkspaceACLUpdateResponseList)1 CloneWorkspaceResponse (org.pmiops.workbench.model.CloneWorkspaceResponse)1 UserRole (org.pmiops.workbench.model.UserRole)1 WorkspaceResponse (org.pmiops.workbench.model.WorkspaceResponse)1 WorkspaceResponseListResponse (org.pmiops.workbench.model.WorkspaceResponseListResponse)1