Skip to content

Commit

Permalink
add function to check if the user can edit calls and display snpclust…
Browse files Browse the repository at this point in the history
… button also for reader role
  • Loading branch information
aliceboizet committed Sep 3, 2024
1 parent 8353d85 commit b67d338
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 5 deletions.
42 changes: 42 additions & 0 deletions src/main/java/fr/cirad/tools/security/TokenManager.java
Original file line number Diff line number Diff line change
Expand Up @@ -436,4 +436,46 @@ public String generateToken(Authentication auth/*, int nMaxInactiveSeconds*/) th
updateToken(token, System.currentTimeMillis());
return token;
}

@Override
public boolean canUserEditCallsInProject(String token, String sModule, int projectId) {
Authentication authentication = getAuthenticationFromToken(token);
boolean fResult = canUserEditCallsInProject(authentication == null ? null : userDao.getUserAuthorities(authentication), sModule, projectId);
if (fResult)
updateToken(token, System.currentTimeMillis());
return fResult;
}

@Override
public boolean canUserEditCallsInProject(Collection<? extends GrantedAuthority> authorities, String sModule, int projectId) {
if (authorities != null && authorities.contains(new SimpleGrantedAuthority(IRoleDefinition.ROLE_ADMIN)))
return true;

if (authorities == null)
return false;

if (userDao.getSupervisedModules(authorities).contains(sModule))
return true;

Map<String, Map<String, Collection<Comparable>>> customRolesByEntityType = userDao.getCustomRolesByModuleAndEntityType(authorities).get(sModule);
if (customRolesByEntityType != null) {
Map<String, Collection<Comparable>> customRolesOnProjects = customRolesByEntityType.get(ENTITY_PROJECT);
if (customRolesOnProjects != null) {
Collection<Comparable> snpClustEditionRoles = customRolesOnProjects.get(ENTITY_SNPCLUST_EDITOR_ROLE);
if (snpClustEditionRoles == null)
snpClustEditionRoles = customRolesOnProjects.get(IRoleDefinition.ENTITY_MANAGER_ROLE);
if (snpClustEditionRoles != null && snpClustEditionRoles.contains(projectId))
return true;
}
}

Map<String, Collection<Comparable>> managedEntitesByType = userDao.getManagedEntitiesByModuleAndType(authorities).get(sModule);
if (managedEntitesByType != null) {
Collection<Comparable> managedProjects = managedEntitesByType.get(ENTITY_PROJECT);
if (managedProjects != null && managedProjects.contains(projectId))
return true;
}

return false;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -1471,10 +1471,11 @@ public ModelAndView setupImportPage()
@GetMapping(value = BASE_URL + snpclustEditionURL)
public @ResponseBody String snpclustEditionURL(HttpServletRequest request, @RequestParam("module") final String sModule, @RequestParam("project") final int projId) {
Authentication auth = tokenManager.getAuthenticationFromToken(tokenManager.readToken(request));
if (auth != null && (auth.getAuthorities().contains(new SimpleGrantedAuthority(IRoleDefinition.ROLE_ADMIN)) || auth.getAuthorities().contains(new SimpleGrantedAuthority(sModule + UserPermissionController.ROLE_STRING_SEPARATOR + IRoleDefinition.ROLE_DB_SUPERVISOR)) || auth.getAuthorities().contains(new SimpleGrantedAuthority(sModule + UserPermissionController.ROLE_STRING_SEPARATOR + TokenManager.ENTITY_PROJECT + UserPermissionController.ROLE_STRING_SEPARATOR + TokenManager.ENTITY_SNPCLUST_EDITOR_ROLE + UserPermissionController.ROLE_STRING_SEPARATOR + projId)))) {
String url = appConfig.get("snpclustLink");
if (url == null)
return "";
// if (auth != null && (auth.getAuthorities().contains(new SimpleGrantedAuthority(IRoleDefinition.ROLE_ADMIN)) || auth.getAuthorities().contains(new SimpleGrantedAuthority(sModule + UserPermissionController.ROLE_STRING_SEPARATOR + IRoleDefinition.ROLE_DB_SUPERVISOR))
// || auth.getAuthorities().contains(new SimpleGrantedAuthority(sModule + UserPermissionController.ROLE_STRING_SEPARATOR + TokenManager.ENTITY_PROJECT + UserPermissionController.ROLE_STRING_SEPARATOR + TokenManager.ENTITY_SNPCLUST_EDITOR_ROLE + UserPermissionController.ROLE_STRING_SEPARATOR + projId)))) {
String url = appConfig.get("snpclustLink");
if (url == null)
return "";

MongoTemplate mongoTemplate = MongoTemplateManager.get(sModule);
Query q = new Query(Criteria.where("_id." + VariantRunDataId.FIELDNAME_PROJECT_ID).is(projId));
Expand All @@ -1490,7 +1491,7 @@ public ModelAndView setupImportPage()
if (VariantData.GT_FIELD_FI.equals(aiKey)/* && !Number.class.isAssignableFrom(annotationMap.get(aiKey).getClass())*/)
return url;
}
}

return "";
}

Expand Down

0 comments on commit b67d338

Please sign in to comment.