Examples with DifferentialExpressionEvidence - ubic.gemma.model.association.phenotype.DifferentialExpressionEvidence

Example 1 with DifferentialExpressionEvidence

use of ubic.gemma.model.association.phenotype.DifferentialExpressionEvidence in project Gemma by PavlidisLab.

the class SecurityControllerImpl method updatePermission.

@Override
public SecurityInfoValueObject updatePermission(SecurityInfoValueObject settings) {
    EntityDelegator sd = new EntityDelegator();
    sd.setId(settings.getEntityId());
    sd.setClassDelegatingFor(settings.getEntityClazz());
    Securable s = this.getSecurable(sd);
    if (settings.isPubliclyReadable()) {
        securityService.makePublic(s);
    } else {
        securityService.makePrivate(s);
    }
    try {
        if (settings.getOwner().isPrincipal()) {
            securityService.makeOwnedByUser(s, settings.getOwner().getAuthority());
        } else {
            // this warning is not even worth issuing if we are not an administrator.
            if (SecurityUtil.isUserAdmin())
                SecurityControllerImpl.log.warn("Can't make groupauthority " + settings.getOwner().getAuthority() + " owner, not implemented");
        }
    } catch (AccessDeniedException e) {
        SecurityControllerImpl.log.warn("Non-administrators cannot change the owner of an entity");
    // okay, only works if you are administrator.
    }
    /*
         * This works in one of two ways. If settings.currentGroup is non-null, we just update the permissions for that
         * group - this may leave them unchanged. Otherwise, we update them all based on
         * groupsThatCanRead/groupsThatCanWrite
         */
    String currentGroupName = settings.getCurrentGroup();
    if (StringUtils.isNotBlank(currentGroupName) && !(currentGroupName.equals(AuthorityConstants.ADMIN_GROUP_NAME) || currentGroupName.equals(AuthorityConstants.AGENT_GROUP_NAME))) {
        // this test only makes sense for changing the group's name, not for changing the permissions
        // of potentially shared entities
        // if ( !getGroupsUserCanEdit().contains( currentGroupName ) ) {
        // throw new AccessDeniedException( "Access denied to permissions for group=" + currentGroupName );
        // }
        Boolean readable = settings.isCurrentGroupCanRead();
        Boolean writeable = settings.isCurrentGroupCanWrite();
        if (readable) {
            securityService.makeReadableByGroup(s, currentGroupName);
        } else {
            securityService.makeUnreadableByGroup(s, currentGroupName);
        }
        if (writeable) {
            // if writable should be readable
            securityService.makeReadableByGroup(s, currentGroupName);
            securityService.makeWriteableByGroup(s, currentGroupName);
        } else {
            securityService.makeUnwriteableByGroup(s, currentGroupName);
        }
    } else {
        /*
             * Remove all group permissions - we'll set them back to what was requested. Exception: we don't allow
             * changes to admin or agent permissions by this route.
             */
        for (String groupName : this.getGroupsUserCanEdit()) {
            if (groupName.equals(AuthorityConstants.ADMIN_GROUP_NAME) || groupName.equals(AuthorityConstants.AGENT_GROUP_NAME)) {
                // never changes this.
                continue;
            }
            securityService.makeUnreadableByGroup(s, groupName);
            securityService.makeUnwriteableByGroup(s, groupName);
        }
        /*
             * Add selected ones back
             */
        for (String reader : settings.getGroupsThatCanRead()) {
            if (reader.equals(AuthorityConstants.ADMIN_GROUP_NAME) || reader.equals(AuthorityConstants.AGENT_GROUP_NAME)) {
                // never changes this.
                continue;
            }
            securityService.makeReadableByGroup(s, reader);
        }
        for (String writer : settings.getGroupsThatCanWrite()) {
            if (writer.equals(AuthorityConstants.ADMIN_GROUP_NAME) || writer.equals(AuthorityConstants.AGENT_GROUP_NAME)) {
                // never changes this.
                continue;
            }
            // when it is writable it should be readable
            securityService.makeReadableByGroup(s, writer);
            securityService.makeWriteableByGroup(s, writer);
        }
    }
    // special case for Phenocarta, changing the meta analysis, changes the permissions of all evidence linked
    if (s instanceof GeneDifferentialExpressionMetaAnalysis) {
        Collection<DifferentialExpressionEvidence> differentialExpressionEvidence = this.phenotypeAssociationService.loadEvidenceWithGeneDifferentialExpressionMetaAnalysis(s.getId(), -1);
        for (DifferentialExpressionEvidence d : differentialExpressionEvidence) {
            settings.setEntityId(d.getId());
            settings.setEntityClazz(d.getClass().getName());
            this.updatePermission(settings);
        }
    }
    SecurityControllerImpl.log.info("Updated permissions on " + s);
    return this.securable2VO(s);
}

Also used : DifferentialExpressionEvidence(ubic.gemma.model.association.phenotype.DifferentialExpressionEvidence) Securable(gemma.gsec.model.Securable) AccessDeniedException(org.springframework.security.access.AccessDeniedException) GeneDifferentialExpressionMetaAnalysis(ubic.gemma.model.analysis.expression.diff.GeneDifferentialExpressionMetaAnalysis) EntityDelegator(ubic.gemma.web.remote.EntityDelegator)

Aggregations

Securable (gemma.gsec.model.Securable)1 AccessDeniedException (org.springframework.security.access.AccessDeniedException)1 GeneDifferentialExpressionMetaAnalysis (ubic.gemma.model.analysis.expression.diff.GeneDifferentialExpressionMetaAnalysis)1 DifferentialExpressionEvidence (ubic.gemma.model.association.phenotype.DifferentialExpressionEvidence)1 EntityDelegator (ubic.gemma.web.remote.EntityDelegator)1