@Override public void applyPermissionRule(long studyId, PermissionRule permissionRule, Study.Entity entry) throws CatalogException { // 1. We obtain which of those members are actually users to add them to the @members group automatically List<String> userList = permissionRule.getMembers().stream() .filter(member -> !member.startsWith("@")) .collect(Collectors.toList()); if (CollectionUtils.isNotEmpty(userList)) { // We first add the member to the @members group in case they didn't belong already studyDBAdaptor.addUsersToGroup(studyId, MEMBERS_GROUP, userList); } // 2. We can apply the permission rules aclDBAdaptor.applyPermissionRules(studyId, permissionRule, entry); }
@Override public List<QueryResult<StudyAclEntry>> addStudyAcls(List<Long> studyIds, List<String> members, List<String> permissions) throws CatalogException { // We obtain which of those members are actually users to add them to the @members group automatically List<String> userList = members.stream() .filter(member -> !member.startsWith("@")) .collect(Collectors.toList()); if (CollectionUtils.isNotEmpty(userList)) { // We first add the member to the @members group in case they didn't belong already for (Long studyId : studyIds) { studyDBAdaptor.addUsersToGroup(studyId, MEMBERS_GROUP, userList); } } aclDBAdaptor.addToMembers(studyIds, members, permissions, Entity.STUDY); return aclDBAdaptor.get(studyIds, members, Entity.STUDY); }
@Override public List<QueryResult<StudyAclEntry>> setStudyAcls(List<Long> studyIds, List<String> members, List<String> permissions) throws CatalogException { // We obtain which of those members are actually users to add them to the @members group automatically List<String> userList = members.stream() .filter(member -> !member.startsWith("@")) .collect(Collectors.toList()); if (CollectionUtils.isNotEmpty(userList)) { // We first add the member to the @members group in case they didn't belong already for (Long studyId : studyIds) { studyDBAdaptor.addUsersToGroup(studyId, MEMBERS_GROUP, userList); } } // Todo: Remove this in 1.4 List<String> allStudyPermissions = EnumSet.allOf(StudyAclEntry.StudyPermissions.class) .stream() .map(String::valueOf) .collect(Collectors.toList()); aclDBAdaptor.setToMembers(studyIds, members, permissions, allStudyPermissions, Entity.STUDY); return aclDBAdaptor.get(studyIds, members, Entity.STUDY); }
public <E extends AbstractAclEntry> List<QueryResult<E>> setAcls(long studyId, List<Long> ids, List<String> members, List<String> permissions, List<String> allPermissions, Entity entity) throws CatalogException { if (ids == null || ids.isEmpty()) { logger.warn("Missing identifiers to set acls"); return Collections.emptyList(); } // We obtain which of those members are actually users to add them to the @members group automatically List<String> userList = members.stream() .filter(member -> !member.startsWith("@")) .collect(Collectors.toList()); if (CollectionUtils.isNotEmpty(userList)) { // We first add the member to the @members group in case they didn't belong already studyDBAdaptor.addUsersToGroup(studyId, MEMBERS_GROUP, userList); } long startTime = System.currentTimeMillis(); aclDBAdaptor.setToMembers(ids, members, permissions, allPermissions, entity); int dbTime = (int) (System.currentTimeMillis() - startTime); // We store that those members have internal permissions aclDBAdaptor.setMembersHaveInternalPermissionsDefined(studyId, members, permissions, entity.name()); List<QueryResult<E>> aclResultList = getAcls(ids, members, entity); for (QueryResult<E> aclEntryQueryResult : aclResultList) { aclEntryQueryResult.setDbTime(aclEntryQueryResult.getDbTime() + dbTime); } return aclResultList; }
@Override public <E extends AbstractAclEntry> List<QueryResult<E>> addAcls(long studyId, List<Long> ids, List<String> members, List<String> permissions, Entity entity) throws CatalogException { if (ids == null || ids.isEmpty()) { logger.warn("Missing identifiers to add acls"); return Collections.emptyList(); } // We obtain which of those members are actually users to add them to the @members group automatically List<String> userList = members.stream() .filter(member -> !member.startsWith("@")) .collect(Collectors.toList()); if (CollectionUtils.isNotEmpty(userList)) { // We first add the member to the @members group in case they didn't belong already studyDBAdaptor.addUsersToGroup(studyId, MEMBERS_GROUP, userList); } long startTime = System.currentTimeMillis(); aclDBAdaptor.addToMembers(ids, members, permissions, entity); int dbTime = (int) (System.currentTimeMillis() - startTime); // We store that those members have internal permissions aclDBAdaptor.setMembersHaveInternalPermissionsDefined(studyId, members, permissions, entity.name()); List<QueryResult<E>> aclResultList = getAcls(ids, members, entity); for (QueryResult<E> aclEntryQueryResult : aclResultList) { aclEntryQueryResult.setDbTime(aclEntryQueryResult.getDbTime() + dbTime); } return aclResultList; }
public QueryResult<Group> createGroup(String studyStr, String groupId, String users, String sessionId) throws CatalogException { ParamUtils.checkParameter(groupId, "group name"); String userId = catalogManager.getUserManager().getUserId(sessionId); Study study = resolveId(studyStr, userId); // Fix the groupId if (!groupId.startsWith("@")) { groupId = "@" + groupId; } authorizationManager.checkCreateDeleteGroupPermissions(study.getUid(), userId, groupId); // Create the list of users List<String> userList; if (StringUtils.isNotEmpty(users)) { userList = Arrays.asList(users.split(",")); } else { userList = Collections.emptyList(); } // Check group exists if (existsGroup(study.getUid(), groupId)) { throw new CatalogException("The group " + groupId + " already exists."); } // Check the list of users is ok if (userList.size() > 0) { userDBAdaptor.checkIds(userList); } // Add those users to the members group studyDBAdaptor.addUsersToGroup(study.getUid(), MEMBERS, userList); // Create the group return studyDBAdaptor.createGroup(study.getUid(), new Group(groupId, userList)); }
case SET: studyDBAdaptor.setUsersToGroup(study.getUid(), groupId, users); studyDBAdaptor.addUsersToGroup(study.getUid(), MEMBERS, users); break; case ADD: studyDBAdaptor.addUsersToGroup(study.getUid(), groupId, users); if (!groupId.equals(MEMBERS)) { studyDBAdaptor.addUsersToGroup(study.getUid(), MEMBERS, users);