Example 1 with WorkspaceUserRole
use of org.pmiops.workbench.db.model.WorkspaceUserRole in project workbench by all-of-us.
the class WorkspaceServiceImpl method updateUserRoles.
@Override
public Workspace updateUserRoles(Workspace workspace, Set<WorkspaceUserRole> userRoleSet) {
Map<Long, WorkspaceUserRole> userRoleMap = new HashMap<Long, WorkspaceUserRole>();
for (WorkspaceUserRole userRole : userRoleSet) {
userRole.setWorkspace(workspace);
userRoleMap.put(userRole.getUser().getUserId(), userRole);
}
ArrayList<WorkspaceACLUpdate> updateACLRequestList = new ArrayList<WorkspaceACLUpdate>();
Iterator<WorkspaceUserRole> dbUserRoles = workspace.getWorkspaceUserRoles().iterator();
while (dbUserRoles.hasNext()) {
WorkspaceUserRole currentUserRole = dbUserRoles.next();
WorkspaceUserRole mapValue = userRoleMap.get(currentUserRole.getUser().getUserId());
if (mapValue != null) {
currentUserRole.setRole(mapValue.getRole());
userRoleMap.remove(currentUserRole.getUser().getUserId());
} else {
// This is how to remove a user from the FireCloud ACL:
// Pass along an update request with NO ACCESS as the given access level.
WorkspaceACLUpdate removedUser = new WorkspaceACLUpdate();
removedUser.setEmail(currentUserRole.getUser().getEmail());
removedUser.setCanCompute(false);
removedUser.setCanShare(false);
removedUser.setAccessLevel(WorkspaceAccessLevel.NO_ACCESS.toString());
updateACLRequestList.add(removedUser);
dbUserRoles.remove();
}
}
for (Entry<Long, WorkspaceUserRole> remainingRole : userRoleMap.entrySet()) {
workspace.getWorkspaceUserRoles().add(remainingRole.getValue());
}
for (WorkspaceUserRole currentWorkspaceUser : workspace.getWorkspaceUserRoles()) {
WorkspaceACLUpdate currentUpdate = new WorkspaceACLUpdate();
currentUpdate.setEmail(currentWorkspaceUser.getUser().getEmail());
currentUpdate.setCanCompute(false);
if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.OWNER) {
currentUpdate.setCanShare(true);
currentUpdate.setAccessLevel(WorkspaceAccessLevel.OWNER.toString());
} else if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.WRITER) {
currentUpdate.setCanShare(false);
currentUpdate.setAccessLevel(WorkspaceAccessLevel.WRITER.toString());
} else {
currentUpdate.setCanShare(false);
currentUpdate.setAccessLevel(WorkspaceAccessLevel.READER.toString());
}
updateACLRequestList.add(currentUpdate);
}
try {
WorkspaceACLUpdateResponseList fireCloudResponse = fireCloudService.updateWorkspaceACL(workspace.getWorkspaceNamespace(), workspace.getFirecloudName(), updateACLRequestList);
if (fireCloudResponse.getUsersNotFound().size() != 0) {
String usersNotFound = "";
for (int i = 0; i < fireCloudResponse.getUsersNotFound().size(); i++) {
if (i > 0) {
usersNotFound += ", ";
}
usersNotFound += fireCloudResponse.getUsersNotFound().get(i).getEmail();
}
throw new BadRequestException(usersNotFound);
}
} catch (ApiException e) {
if (e.getCode() == 400) {
throw new BadRequestException(e.getResponseBody());
} else if (e.getCode() == 404) {
throw new NotFoundException("Workspace not found.");
} else if (e.getCode() == 500) {
throw new ServerErrorException(e);
} else {
throw new ServerUnavailableException(e);
}
}
return this.saveWithLastModified(workspace);
}
Also used :
HashMap(java.util.HashMap)
WorkspaceACLUpdateResponseList(org.pmiops.workbench.firecloud.model.WorkspaceACLUpdateResponseList)
ArrayList(java.util.ArrayList)
ServerUnavailableException(org.pmiops.workbench.exceptions.ServerUnavailableException)
NotFoundException(org.pmiops.workbench.exceptions.NotFoundException)
WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole)
BadRequestException(org.pmiops.workbench.exceptions.BadRequestException)
ServerErrorException(org.pmiops.workbench.exceptions.ServerErrorException)
WorkspaceACLUpdate(org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate)
ApiException(org.pmiops.workbench.firecloud.ApiException)
Example 2 with WorkspaceUserRole
use of org.pmiops.workbench.db.model.WorkspaceUserRole in project workbench by all-of-us.
the class WorkspacesController method getWorkspaces.
@Override
public ResponseEntity<WorkspaceResponseListResponse> getWorkspaces() {
// TODO: use FireCloud to determine what workspaces to return, instead of just returning
// workspaces from our database.
User user = userProvider.get();
List<WorkspaceResponse> responseList = new ArrayList<WorkspaceResponse>();
if (user != null) {
for (WorkspaceUserRole userRole : user.getWorkspaceUserRoles()) {
// TODO: Use FireCloud to determine access roles, not our DB
WorkspaceResponse currentWorkspace = new WorkspaceResponse();
currentWorkspace.setWorkspace(TO_CLIENT_WORKSPACE.apply(userRole.getWorkspace()));
currentWorkspace.setAccessLevel(userRole.getRole());
responseList.add(currentWorkspace);
}
}
WorkspaceResponseListResponse response = new WorkspaceResponseListResponse();
response.setItems(responseList);
return ResponseEntity.ok(response);
}
Also used :
ShareWorkspaceResponse(org.pmiops.workbench.model.ShareWorkspaceResponse)
CloneWorkspaceResponse(org.pmiops.workbench.model.CloneWorkspaceResponse)
WorkspaceResponse(org.pmiops.workbench.model.WorkspaceResponse)
User(org.pmiops.workbench.db.model.User)
WorkspaceResponseListResponse(org.pmiops.workbench.model.WorkspaceResponseListResponse)
ArrayList(java.util.ArrayList)
WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole)
Example 3 with WorkspaceUserRole
use of org.pmiops.workbench.db.model.WorkspaceUserRole in project workbench by all-of-us.
the class WorkspacesController method shareWorkspace.
@Override
public ResponseEntity<ShareWorkspaceResponse> shareWorkspace(String workspaceNamespace, String workspaceId, ShareWorkspaceRequest request) {
if (Strings.isNullOrEmpty(request.getWorkspaceEtag())) {
throw new BadRequestException("Missing required update field 'workspaceEtag'");
}
org.pmiops.workbench.db.model.Workspace dbWorkspace = workspaceService.getRequired(workspaceNamespace, workspaceId);
int version = Etags.toVersion(request.getWorkspaceEtag());
if (dbWorkspace.getVersion() != version) {
throw new ConflictException("Attempted to modify user roles with outdated workspace etag");
}
Set<WorkspaceUserRole> dbUserRoles = new HashSet<WorkspaceUserRole>();
for (UserRole user : request.getItems()) {
WorkspaceUserRole newUserRole = new WorkspaceUserRole();
User newUser = userDao.findUserByEmail(user.getEmail());
if (newUser == null) {
throw new BadRequestException(String.format("User %s doesn't exist", user.getEmail()));
}
newUserRole.setUser(newUser);
newUserRole.setRole(user.getRole());
dbUserRoles.add(newUserRole);
}
// This automatically enforces owner role.
dbWorkspace = workspaceService.updateUserRoles(dbWorkspace, dbUserRoles);
ShareWorkspaceResponse resp = new ShareWorkspaceResponse();
resp.setWorkspaceEtag(Etags.fromVersion(dbWorkspace.getVersion()));
return ResponseEntity.ok(resp);
}
Also used :
ShareWorkspaceResponse(org.pmiops.workbench.model.ShareWorkspaceResponse)
User(org.pmiops.workbench.db.model.User)
ConflictException(org.pmiops.workbench.exceptions.ConflictException)
WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole)
WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole)
UserRole(org.pmiops.workbench.model.UserRole)
BadRequestException(org.pmiops.workbench.exceptions.BadRequestException)
HashSet(java.util.HashSet)
Aggregations
WorkspaceUserRole (org.pmiops.workbench.db.model.WorkspaceUserRole)3
ArrayList (java.util.ArrayList)2
User (org.pmiops.workbench.db.model.User)2
BadRequestException (org.pmiops.workbench.exceptions.BadRequestException)2
ShareWorkspaceResponse (org.pmiops.workbench.model.ShareWorkspaceResponse)2
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
ConflictException (org.pmiops.workbench.exceptions.ConflictException)1
NotFoundException (org.pmiops.workbench.exceptions.NotFoundException)1
ServerErrorException (org.pmiops.workbench.exceptions.ServerErrorException)1
ServerUnavailableException (org.pmiops.workbench.exceptions.ServerUnavailableException)1
ApiException (org.pmiops.workbench.firecloud.ApiException)1
WorkspaceACLUpdate (org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate)1
WorkspaceACLUpdateResponseList (org.pmiops.workbench.firecloud.model.WorkspaceACLUpdateResponseList)1
CloneWorkspaceResponse (org.pmiops.workbench.model.CloneWorkspaceResponse)1
UserRole (org.pmiops.workbench.model.UserRole)1
WorkspaceResponse (org.pmiops.workbench.model.WorkspaceResponse)1
WorkspaceResponseListResponse (org.pmiops.workbench.model.WorkspaceResponseListResponse)1
