Examples with WorkspaceACLUpdate org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate used on opensource projects

Example 1 with WorkspaceACLUpdate

use of org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate in project workbench by all-of-us.

the class WorkspaceServiceImpl method updateUserRoles.

@Override
public Workspace updateUserRoles(Workspace workspace, Set<WorkspaceUserRole> userRoleSet) {
    Map<Long, WorkspaceUserRole> userRoleMap = new HashMap<Long, WorkspaceUserRole>();
    for (WorkspaceUserRole userRole : userRoleSet) {
        userRole.setWorkspace(workspace);
        userRoleMap.put(userRole.getUser().getUserId(), userRole);
    }
    ArrayList<WorkspaceACLUpdate> updateACLRequestList = new ArrayList<WorkspaceACLUpdate>();
    Iterator<WorkspaceUserRole> dbUserRoles = workspace.getWorkspaceUserRoles().iterator();
    while (dbUserRoles.hasNext()) {
        WorkspaceUserRole currentUserRole = dbUserRoles.next();
        WorkspaceUserRole mapValue = userRoleMap.get(currentUserRole.getUser().getUserId());
        if (mapValue != null) {
            currentUserRole.setRole(mapValue.getRole());
            userRoleMap.remove(currentUserRole.getUser().getUserId());
        } else {
            // This is how to remove a user from the FireCloud ACL:
            // Pass along an update request with NO ACCESS as the given access level.
            WorkspaceACLUpdate removedUser = new WorkspaceACLUpdate();
            removedUser.setEmail(currentUserRole.getUser().getEmail());
            removedUser.setCanCompute(false);
            removedUser.setCanShare(false);
            removedUser.setAccessLevel(WorkspaceAccessLevel.NO_ACCESS.toString());
            updateACLRequestList.add(removedUser);
            dbUserRoles.remove();
        }
    }
    for (Entry<Long, WorkspaceUserRole> remainingRole : userRoleMap.entrySet()) {
        workspace.getWorkspaceUserRoles().add(remainingRole.getValue());
    }
    for (WorkspaceUserRole currentWorkspaceUser : workspace.getWorkspaceUserRoles()) {
        WorkspaceACLUpdate currentUpdate = new WorkspaceACLUpdate();
        currentUpdate.setEmail(currentWorkspaceUser.getUser().getEmail());
        currentUpdate.setCanCompute(false);
        if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.OWNER) {
            currentUpdate.setCanShare(true);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.OWNER.toString());
        } else if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.WRITER) {
            currentUpdate.setCanShare(false);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.WRITER.toString());
        } else {
            currentUpdate.setCanShare(false);
            currentUpdate.setAccessLevel(WorkspaceAccessLevel.READER.toString());
        }
        updateACLRequestList.add(currentUpdate);
    }
    try {
        WorkspaceACLUpdateResponseList fireCloudResponse = fireCloudService.updateWorkspaceACL(workspace.getWorkspaceNamespace(), workspace.getFirecloudName(), updateACLRequestList);
        if (fireCloudResponse.getUsersNotFound().size() != 0) {
            String usersNotFound = "";
            for (int i = 0; i < fireCloudResponse.getUsersNotFound().size(); i++) {
                if (i > 0) {
                    usersNotFound += ", ";
                }
                usersNotFound += fireCloudResponse.getUsersNotFound().get(i).getEmail();
            }
            throw new BadRequestException(usersNotFound);
        }
    } catch (ApiException e) {
        if (e.getCode() == 400) {
            throw new BadRequestException(e.getResponseBody());
        } else if (e.getCode() == 404) {
            throw new NotFoundException("Workspace not found.");
        } else if (e.getCode() == 500) {
            throw new ServerErrorException(e);
        } else {
            throw new ServerUnavailableException(e);
        }
    }
    return this.saveWithLastModified(workspace);
}

Example 2 with WorkspaceACLUpdate

use of org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate in project workbench by all-of-us.

the class WorkspacesControllerTest method testUnshareWorkspace.

@Test
public void testUnshareWorkspace() throws Exception {
    User writerUser = new User();
    writerUser.setEmail("writerfriend@gmail.com");
    writerUser.setUserId(124L);
    writerUser.setFreeTierBillingProjectName("TestBillingProject2");
    writerUser.setDisabled(false);
    writerUser = userDao.save(writerUser);
    User readerUser = new User();
    readerUser.setEmail("readerfriend@gmail.com");
    readerUser.setUserId(125L);
    readerUser.setFreeTierBillingProjectName("TestBillingProject3");
    readerUser.setDisabled(false);
    readerUser = userDao.save(readerUser);
    Workspace workspace = createDefaultWorkspace();
    workspace = workspacesController.createWorkspace(workspace).getBody();
    ShareWorkspaceRequest shareWorkspaceRequest = new ShareWorkspaceRequest();
    shareWorkspaceRequest.setWorkspaceEtag(workspace.getEtag());
    UserRole creator = new UserRole();
    creator.setEmail(LOGGED_IN_USER_EMAIL);
    creator.setRole(WorkspaceAccessLevel.OWNER);
    shareWorkspaceRequest.addItemsItem(creator);
    UserRole writer = new UserRole();
    writer.setEmail("writerfriend@gmail.com");
    writer.setRole(WorkspaceAccessLevel.WRITER);
    shareWorkspaceRequest.addItemsItem(writer);
    UserRole reader = new UserRole();
    reader.setEmail("readerfriend@gmail.com");
    reader.setRole(WorkspaceAccessLevel.READER);
    shareWorkspaceRequest.addItemsItem(reader);
    WorkspaceACLUpdateResponseList responseValue = new WorkspaceACLUpdateResponseList();
    responseValue.setUsersNotFound(new ArrayList<WorkspaceACLUpdate>());
    // Simulate time between API calls to trigger last-modified/@Version changes.
    CLOCK.increment(1000);
    when(fireCloudService.updateWorkspaceACL(anyString(), anyString(), anyListOf(WorkspaceACLUpdate.class))).thenReturn(responseValue);
    ShareWorkspaceResponse shareResp = workspacesController.shareWorkspace(workspace.getNamespace(), workspace.getName(), shareWorkspaceRequest).getBody();
    stubGetWorkspace(workspace.getNamespace(), workspace.getId(), workspace.getCreator(), WorkspaceAccessLevel.OWNER);
    Workspace workspace2 = workspacesController.getWorkspace(workspace.getNamespace(), workspace.getId()).getBody().getWorkspace();
    assertThat(shareResp.getWorkspaceEtag()).isEqualTo(workspace2.getEtag());
    CLOCK.increment(1000);
    shareWorkspaceRequest = new ShareWorkspaceRequest();
    shareWorkspaceRequest.setWorkspaceEtag(workspace2.getEtag());
    shareWorkspaceRequest.addItemsItem(creator);
    shareWorkspaceRequest.addItemsItem(writer);
    shareResp = workspacesController.shareWorkspace(workspace.getNamespace(), workspace.getName(), shareWorkspaceRequest).getBody();
    Workspace workspace3 = workspacesController.getWorkspace(workspace.getNamespace(), workspace.getId()).getBody().getWorkspace();
    assertThat(shareResp.getWorkspaceEtag()).isEqualTo(workspace3.getEtag());
    assertThat(workspace3.getUserRoles().size()).isEqualTo(2);
    int numOwners = 0;
    int numWriters = 0;
    int numReaders = 0;
    for (UserRole userRole : workspace3.getUserRoles()) {
        if (userRole.getRole().equals(WorkspaceAccessLevel.OWNER)) {
            assertThat(userRole.getEmail()).isEqualTo(LOGGED_IN_USER_EMAIL);
            numOwners++;
        } else if (userRole.getRole().equals(WorkspaceAccessLevel.WRITER)) {
            assertThat(userRole.getEmail()).isEqualTo("writerfriend@gmail.com");
            numWriters++;
        } else {
            assertThat(userRole.getEmail()).isEqualTo("readerfriend@gmail.com");
            numReaders++;
        }
    }
    assertThat(numOwners).isEqualTo(1);
    assertThat(numWriters).isEqualTo(1);
    assertThat(numReaders).isEqualTo(0);
    assertThat(workspace.getEtag()).isNotEqualTo(workspace2.getEtag());
    assertThat(workspace2.getEtag()).isNotEqualTo(workspace3.getEtag());
}