use of org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate in project workbench by all-of-us.
the class WorkspaceServiceImpl method updateUserRoles.
@Override
public Workspace updateUserRoles(Workspace workspace, Set<WorkspaceUserRole> userRoleSet) {
Map<Long, WorkspaceUserRole> userRoleMap = new HashMap<Long, WorkspaceUserRole>();
for (WorkspaceUserRole userRole : userRoleSet) {
userRole.setWorkspace(workspace);
userRoleMap.put(userRole.getUser().getUserId(), userRole);
}
ArrayList<WorkspaceACLUpdate> updateACLRequestList = new ArrayList<WorkspaceACLUpdate>();
Iterator<WorkspaceUserRole> dbUserRoles = workspace.getWorkspaceUserRoles().iterator();
while (dbUserRoles.hasNext()) {
WorkspaceUserRole currentUserRole = dbUserRoles.next();
WorkspaceUserRole mapValue = userRoleMap.get(currentUserRole.getUser().getUserId());
if (mapValue != null) {
currentUserRole.setRole(mapValue.getRole());
userRoleMap.remove(currentUserRole.getUser().getUserId());
} else {
// This is how to remove a user from the FireCloud ACL:
// Pass along an update request with NO ACCESS as the given access level.
WorkspaceACLUpdate removedUser = new WorkspaceACLUpdate();
removedUser.setEmail(currentUserRole.getUser().getEmail());
removedUser.setCanCompute(false);
removedUser.setCanShare(false);
removedUser.setAccessLevel(WorkspaceAccessLevel.NO_ACCESS.toString());
updateACLRequestList.add(removedUser);
dbUserRoles.remove();
}
}
for (Entry<Long, WorkspaceUserRole> remainingRole : userRoleMap.entrySet()) {
workspace.getWorkspaceUserRoles().add(remainingRole.getValue());
}
for (WorkspaceUserRole currentWorkspaceUser : workspace.getWorkspaceUserRoles()) {
WorkspaceACLUpdate currentUpdate = new WorkspaceACLUpdate();
currentUpdate.setEmail(currentWorkspaceUser.getUser().getEmail());
currentUpdate.setCanCompute(false);
if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.OWNER) {
currentUpdate.setCanShare(true);
currentUpdate.setAccessLevel(WorkspaceAccessLevel.OWNER.toString());
} else if (currentWorkspaceUser.getRole() == WorkspaceAccessLevel.WRITER) {
currentUpdate.setCanShare(false);
currentUpdate.setAccessLevel(WorkspaceAccessLevel.WRITER.toString());
} else {
currentUpdate.setCanShare(false);
currentUpdate.setAccessLevel(WorkspaceAccessLevel.READER.toString());
}
updateACLRequestList.add(currentUpdate);
}
try {
WorkspaceACLUpdateResponseList fireCloudResponse = fireCloudService.updateWorkspaceACL(workspace.getWorkspaceNamespace(), workspace.getFirecloudName(), updateACLRequestList);
if (fireCloudResponse.getUsersNotFound().size() != 0) {
String usersNotFound = "";
for (int i = 0; i < fireCloudResponse.getUsersNotFound().size(); i++) {
if (i > 0) {
usersNotFound += ", ";
}
usersNotFound += fireCloudResponse.getUsersNotFound().get(i).getEmail();
}
throw new BadRequestException(usersNotFound);
}
} catch (ApiException e) {
if (e.getCode() == 400) {
throw new BadRequestException(e.getResponseBody());
} else if (e.getCode() == 404) {
throw new NotFoundException("Workspace not found.");
} else if (e.getCode() == 500) {
throw new ServerErrorException(e);
} else {
throw new ServerUnavailableException(e);
}
}
return this.saveWithLastModified(workspace);
}
use of org.pmiops.workbench.firecloud.model.WorkspaceACLUpdate in project workbench by all-of-us.
the class WorkspacesControllerTest method testUnshareWorkspace.
@Test
public void testUnshareWorkspace() throws Exception {
User writerUser = new User();
writerUser.setEmail("writerfriend@gmail.com");
writerUser.setUserId(124L);
writerUser.setFreeTierBillingProjectName("TestBillingProject2");
writerUser.setDisabled(false);
writerUser = userDao.save(writerUser);
User readerUser = new User();
readerUser.setEmail("readerfriend@gmail.com");
readerUser.setUserId(125L);
readerUser.setFreeTierBillingProjectName("TestBillingProject3");
readerUser.setDisabled(false);
readerUser = userDao.save(readerUser);
Workspace workspace = createDefaultWorkspace();
workspace = workspacesController.createWorkspace(workspace).getBody();
ShareWorkspaceRequest shareWorkspaceRequest = new ShareWorkspaceRequest();
shareWorkspaceRequest.setWorkspaceEtag(workspace.getEtag());
UserRole creator = new UserRole();
creator.setEmail(LOGGED_IN_USER_EMAIL);
creator.setRole(WorkspaceAccessLevel.OWNER);
shareWorkspaceRequest.addItemsItem(creator);
UserRole writer = new UserRole();
writer.setEmail("writerfriend@gmail.com");
writer.setRole(WorkspaceAccessLevel.WRITER);
shareWorkspaceRequest.addItemsItem(writer);
UserRole reader = new UserRole();
reader.setEmail("readerfriend@gmail.com");
reader.setRole(WorkspaceAccessLevel.READER);
shareWorkspaceRequest.addItemsItem(reader);
WorkspaceACLUpdateResponseList responseValue = new WorkspaceACLUpdateResponseList();
responseValue.setUsersNotFound(new ArrayList<WorkspaceACLUpdate>());
// Simulate time between API calls to trigger last-modified/@Version changes.
CLOCK.increment(1000);
when(fireCloudService.updateWorkspaceACL(anyString(), anyString(), anyListOf(WorkspaceACLUpdate.class))).thenReturn(responseValue);
ShareWorkspaceResponse shareResp = workspacesController.shareWorkspace(workspace.getNamespace(), workspace.getName(), shareWorkspaceRequest).getBody();
stubGetWorkspace(workspace.getNamespace(), workspace.getId(), workspace.getCreator(), WorkspaceAccessLevel.OWNER);
Workspace workspace2 = workspacesController.getWorkspace(workspace.getNamespace(), workspace.getId()).getBody().getWorkspace();
assertThat(shareResp.getWorkspaceEtag()).isEqualTo(workspace2.getEtag());
CLOCK.increment(1000);
shareWorkspaceRequest = new ShareWorkspaceRequest();
shareWorkspaceRequest.setWorkspaceEtag(workspace2.getEtag());
shareWorkspaceRequest.addItemsItem(creator);
shareWorkspaceRequest.addItemsItem(writer);
shareResp = workspacesController.shareWorkspace(workspace.getNamespace(), workspace.getName(), shareWorkspaceRequest).getBody();
Workspace workspace3 = workspacesController.getWorkspace(workspace.getNamespace(), workspace.getId()).getBody().getWorkspace();
assertThat(shareResp.getWorkspaceEtag()).isEqualTo(workspace3.getEtag());
assertThat(workspace3.getUserRoles().size()).isEqualTo(2);
int numOwners = 0;
int numWriters = 0;
int numReaders = 0;
for (UserRole userRole : workspace3.getUserRoles()) {
if (userRole.getRole().equals(WorkspaceAccessLevel.OWNER)) {
assertThat(userRole.getEmail()).isEqualTo(LOGGED_IN_USER_EMAIL);
numOwners++;
} else if (userRole.getRole().equals(WorkspaceAccessLevel.WRITER)) {
assertThat(userRole.getEmail()).isEqualTo("writerfriend@gmail.com");
numWriters++;
} else {
assertThat(userRole.getEmail()).isEqualTo("readerfriend@gmail.com");
numReaders++;
}
}
assertThat(numOwners).isEqualTo(1);
assertThat(numWriters).isEqualTo(1);
assertThat(numReaders).isEqualTo(0);
assertThat(workspace.getEtag()).isNotEqualTo(workspace2.getEtag());
assertThat(workspace2.getEtag()).isNotEqualTo(workspace3.getEtag());
}
Aggregations