Search in sources :

Example 1 with WorkspaceACLUpdate

use of org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate in project workbench by all-of-us.

the class WorkspaceServiceImpl method updateUserRoles.

@Override
public Workspace updateUserRoles(Workspace workspace, Set<WorkspaceUserRole> userRoleSet) {
    Map<Long, WorkspaceUserRole> userRoleMap = new HashMap<Long, WorkspaceUserRole>();
    for (WorkspaceUserRole userRole : userRoleSet) {
        userRole.setWorkspace(workspace);
        userRoleMap.put(userRole.getUser().getUserId(), userRole);
    }
    ArrayList<WorkspaceACLUpdate> updateACLRequestList = new ArrayList<WorkspaceACLUpdate>();
    Iterator<WorkspaceUserRole> dbUserRoles = workspace.getWorkspaceUserRoles().iterator();
    while (dbUserRoles.hasNext()) {
        WorkspaceUserRole currentUserRole = dbUserRoles.next();
        WorkspaceUserRole mapValue = userRoleMap.get(currentUserRole.getUser().getUserId());
        if (mapValue != null) {
            currentUserRole.setRole(mapValue.getRole());
            userRoleMap.remove(currentUserRole.getUser().getUserId());
        } else {
            // This is how to remove a user from the FireCloud ACL:
            // Pass along an update request with NO ACCESS as the given access level.
            WorkspaceACLUpdate removedUser = new WorkspaceACLUpdate();
            removedUser.setEmail(currentUserRole.getUser().getEmail());
            removedUser.setCanCompute(false);
            removedUser.setCanShare(false);
            removedUser.setAccessLevel(WorkspaceAccessLevel.NO_ACCESS.toString());
            updateACLRequestList.add(removedUser);
            dbUserRoles.remove();
        }
    }
    for (Entry<Long, WorkspaceUserRole> remainingRole : userRoleMap.entrySet()) {
        workspace.getWorkspaceUserRoles().add(remainingRole.getValue());
    }
    for (WorkspaceUserRole currentWorkspaceUser : workspace.getWorkspaceUserRoles()) {
        WorkspaceACLUpdate currentUpdate = new WorkspaceACLUpdate();
        currentUpdate.setEmail(currentWorkspaceUser.getUser().getEmail());
        currentUpdate.setCanCompute(false);
        if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.OWNER) {
            currentUpdate.setCanShare(true);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.OWNER.toString());
        } else if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.WRITER) {
            currentUpdate.setCanShare(false);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.WRITER.toString());
        } else {
            currentUpdate.setCanShare(false);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.READER.toString());
        }
        updateACLRequestList.add(currentUpdate);
    }
    try {
        WorkspaceACLUpdateResponseList fireCloudResponse = fireCloudService.updateWorkspaceACL(workspace.getWorkspaceNamespace(), workspace.getFirecloudName(), updateACLRequestList);
        if (fireCloudResponse.getUsersNotFound().size() != 0) {
            String usersNotFound = "";
            for (int i = 0; i < fireCloudResponse.getUsersNotFound().size(); i++) {
                if (i > 0) {
                    usersNotFound += ", ";
                }
                usersNotFound += fireCloudResponse.getUsersNotFound().get(i).getEmail();
            }
            throw new BadRequestException(usersNotFound);
        }
    } catch (ApiException e) {
        if (e.getCode() == 400) {
            throw new BadRequestException(e.getResponseBody());
        } else if (e.getCode() == 404) {
            throw new NotFoundException("Workspace not found.");
        } else if (e.getCode() == 500) {
            throw new ServerErrorException(e);
        } else {
            throw new ServerUnavailableException(e);
        }
    }
    return this.saveWithLastModified(workspace);
}
Also used : HashMap(java.util.HashMap) WorkspaceACLUpdateResponseList(org.pmiops.workbench.firecloud.model.WorkspaceACLUpdateResponseList) ArrayList(java.util.ArrayList) ServerUnavailableException(org.pmiops.workbench.exceptions.ServerUnavailableException) NotFoundException(org.pmiops.workbench.exceptions.NotFoundException) WorkspaceUserRole(org.pmiops.workbench.db.model.WorkspaceUserRole) BadRequestException(org.pmiops.workbench.exceptions.BadRequestException) ServerErrorException(org.pmiops.workbench.exceptions.ServerErrorException) WorkspaceACLUpdate(org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate) ApiException(org.pmiops.workbench.firecloud.ApiException)

Example 2 with WorkspaceACLUpdate

use of org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate in project workbench by all-of-us.

the class WorkspacesControllerTest method testUnshareWorkspace.

@Test
public void testUnshareWorkspace() throws Exception {
    User writerUser = new User();
    writerUser.setEmail("writerfriend@gmail.com");
    writerUser.setUserId(124L);
    writerUser.setFreeTierBillingProjectName("TestBillingProject2");
    writerUser.setDisabled(false);
    writerUser = userDao.save(writerUser);
    User readerUser = new User();
    readerUser.setEmail("readerfriend@gmail.com");
    readerUser.setUserId(125L);
    readerUser.setFreeTierBillingProjectName("TestBillingProject3");
    readerUser.setDisabled(false);
    readerUser = userDao.save(readerUser);
    Workspace workspace = createDefaultWorkspace();
    workspace = workspacesController.createWorkspace(workspace).getBody();
    ShareWorkspaceRequest shareWorkspaceRequest = new ShareWorkspaceRequest();
    shareWorkspaceRequest.setWorkspaceEtag(workspace.getEtag());
    UserRole creator = new UserRole();
    creator.setEmail(LOGGED_IN_USER_EMAIL);
    creator.setRole(WorkspaceAccessLevel.OWNER);
    shareWorkspaceRequest.addItemsItem(creator);
    UserRole writer = new UserRole();
    writer.setEmail("writerfriend@gmail.com");
    writer.setRole(WorkspaceAccessLevel.WRITER);
    shareWorkspaceRequest.addItemsItem(writer);
    UserRole reader = new UserRole();
    reader.setEmail("readerfriend@gmail.com");
    reader.setRole(WorkspaceAccessLevel.READER);
    shareWorkspaceRequest.addItemsItem(reader);
    WorkspaceACLUpdateResponseList responseValue = new WorkspaceACLUpdateResponseList();
    responseValue.setUsersNotFound(new ArrayList<WorkspaceACLUpdate>());
    // Simulate time between API calls to trigger last-modified/@Version changes.
    CLOCK.increment(1000);
    when(fireCloudService.updateWorkspaceACL(anyString(), anyString(), anyListOf(WorkspaceACLUpdate.class))).thenReturn(responseValue);
    ShareWorkspaceResponse shareResp = workspacesController.shareWorkspace(workspace.getNamespace(), workspace.getName(), shareWorkspaceRequest).getBody();
    stubGetWorkspace(workspace.getNamespace(), workspace.getId(), workspace.getCreator(), WorkspaceAccessLevel.OWNER);
    Workspace workspace2 = workspacesController.getWorkspace(workspace.getNamespace(), workspace.getId()).getBody().getWorkspace();
    assertThat(shareResp.getWorkspaceEtag()).isEqualTo(workspace2.getEtag());
    CLOCK.increment(1000);
    shareWorkspaceRequest = new ShareWorkspaceRequest();
    shareWorkspaceRequest.setWorkspaceEtag(workspace2.getEtag());
    shareWorkspaceRequest.addItemsItem(creator);
    shareWorkspaceRequest.addItemsItem(writer);
    shareResp = workspacesController.shareWorkspace(workspace.getNamespace(), workspace.getName(), shareWorkspaceRequest).getBody();
    Workspace workspace3 = workspacesController.getWorkspace(workspace.getNamespace(), workspace.getId()).getBody().getWorkspace();
    assertThat(shareResp.getWorkspaceEtag()).isEqualTo(workspace3.getEtag());
    assertThat(workspace3.getUserRoles().size()).isEqualTo(2);
    int numOwners = 0;
    int numWriters = 0;
    int numReaders = 0;
    for (UserRole userRole : workspace3.getUserRoles()) {
        if (userRole.getRole().equals(WorkspaceAccessLevel.OWNER)) {
            assertThat(userRole.getEmail()).isEqualTo(LOGGED_IN_USER_EMAIL);
            numOwners++;
        } else if (userRole.getRole().equals(WorkspaceAccessLevel.WRITER)) {
            assertThat(userRole.getEmail()).isEqualTo("writerfriend@gmail.com");
            numWriters++;
        } else {
            assertThat(userRole.getEmail()).isEqualTo("readerfriend@gmail.com");
            numReaders++;
        }
    }
    assertThat(numOwners).isEqualTo(1);
    assertThat(numWriters).isEqualTo(1);
    assertThat(numReaders).isEqualTo(0);
    assertThat(workspace.getEtag()).isNotEqualTo(workspace2.getEtag());
    assertThat(workspace2.getEtag()).isNotEqualTo(workspace3.getEtag());
}
Also used : ShareWorkspaceResponse(org.pmiops.workbench.model.ShareWorkspaceResponse) User(org.pmiops.workbench.db.model.User) UserRole(org.pmiops.workbench.model.UserRole) WorkspaceACLUpdateResponseList(org.pmiops.workbench.firecloud.model.WorkspaceACLUpdateResponseList) ShareWorkspaceRequest(org.pmiops.workbench.model.ShareWorkspaceRequest) Workspace(org.pmiops.workbench.model.Workspace) WorkspaceACLUpdate(org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate) DataJpaTest(org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest) Test(org.junit.Test)

Aggregations

WorkspaceACLUpdate (org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate)2 WorkspaceACLUpdateResponseList (org.pmiops.workbench.firecloud.model.WorkspaceACLUpdateResponseList)2 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 Test (org.junit.Test)1 User (org.pmiops.workbench.db.model.User)1 WorkspaceUserRole (org.pmiops.workbench.db.model.WorkspaceUserRole)1 BadRequestException (org.pmiops.workbench.exceptions.BadRequestException)1 NotFoundException (org.pmiops.workbench.exceptions.NotFoundException)1 ServerErrorException (org.pmiops.workbench.exceptions.ServerErrorException)1 ServerUnavailableException (org.pmiops.workbench.exceptions.ServerUnavailableException)1 ApiException (org.pmiops.workbench.firecloud.ApiException)1 ShareWorkspaceRequest (org.pmiops.workbench.model.ShareWorkspaceRequest)1 ShareWorkspaceResponse (org.pmiops.workbench.model.ShareWorkspaceResponse)1 UserRole (org.pmiops.workbench.model.UserRole)1 Workspace (org.pmiops.workbench.model.Workspace)1 DataJpaTest (org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest)1