use of org.sagebionetworks.bridge.AuthEvaluatorField.USER_ID in project BridgeServer2 by Sage-Bionetworks.
the class AccountService method getAccount.
/**
* Get an account in the context of a app by the user's ID, email address, health code,
* or phone number. Returns null if the account cannot be found, or the caller does not have
* the correct permissions to access the account. The account’s enrollments will be filtered
* so the caller can only see the enrollments in studies they have access to.
*/
public Optional<Account> getAccount(AccountId accountId) {
checkNotNull(accountId);
Optional<Account> optional = accountDao.getAccount(accountId);
if (!optional.isPresent()) {
return optional;
}
if (!canAccessAccount(optional.get())) {
return Optional.empty();
}
Account account = optional.get();
if (CAN_READ_PARTICIPANTS.check(USER_ID, account.getId(), ORG_ID, account.getOrgMembership())) {
return optional;
}
// This was accessed through study rights, so remove the other studies from what the caller
// can see.
RequestContext context = RequestContext.get();
Set<String> callerStudies = context.getOrgSponsoredStudies();
Set<Enrollment> removals = account.getEnrollments().stream().filter(en -> !callerStudies.contains(en.getStudyId())).collect(toSet());
account.getEnrollments().removeAll(removals);
return optional;
}
Aggregations