public AuthorizationDaemon(int interval, String sessionId, CatalogManager catalogManager) throws CatalogDBException { super(interval, sessionId, catalogManager); this.studyDBAdaptor = dbAdaptorFactory.getCatalogStudyDBAdaptor(); this.authorizationManager = catalogManager.getAuthorizationManager(); }
if (!catalogManager.getAuthorizationManager().checkIsOwnerOrAdmin(study.getUid(), userId)) {
@Test public void readSampleExplicitUnshared() throws CatalogException { QueryResult<Sample> sample = catalogManager.getSampleManager().get(studyFqn, smp1.getId(), null, externalSessionId); assertEquals(1, sample.getNumResults()); catalogManager.getAuthorizationManager().removeAcls(Collections.singletonList(smp1.getUid()), Collections.singletonList(externalUser), null, Entity.SAMPLE); thrown.expect(CatalogAuthorizationException.class); catalogManager.getSampleManager().get(studyFqn, smp1.getId(), null, externalSessionId); }
long sampleUid = sample.getUid(); QueryResult<SampleAclEntry> sampleAcl = catalogManager.getAuthorizationManager().getSampleAcl(studyUid, sampleUid, "user", "user2"); assertEquals(0, sampleAcl.getNumResults()); sampleAcl = catalogManager.getAuthorizationManager().getSampleAcl(studyUid, sampleUid, "user", "user3"); assertEquals(0, sampleAcl.getNumResults());
@Test public void addExistingGroupToRole() throws CatalogException { String newUser = "newUser"; catalogManager.getUserManager().create(newUser, newUser, "email@ccc.ccc", password, "ASDF", null, Account.FULL, null, null); String group = "@newGroup"; // catalogManager.addUsersToGroup(studyFqn, group, newUser, studyAdmin1SessionId); catalogManager.getStudyManager().createGroup(studyFqn, group, newUser, studyAdmin1SessionId); Study.StudyAclParams aclParams = new Study.StudyAclParams("", AclParams.Action.ADD, AuthorizationManager.ROLE_ANALYST); catalogManager.getStudyManager().updateAcl(Arrays.asList(studyFqn), group, aclParams, studyAdmin1SessionId).get(0); QueryResult<StudyAclEntry> studyAcls = catalogManager.getAuthorizationManager().getStudyAcl(studyAdminUser1, studyUid, group); assertEquals(1, studyAcls.getNumResults()); assertEquals(group, studyAcls.first().getMember()); assertArrayEquals(AuthorizationManager.getAnalystAcls().toArray(), studyAcls.first().getPermissions().toArray()); }
@Test public void removeGroupFromRole() throws CatalogException { String group = "@newGroup"; catalogManager.getStudyManager().createGroup(studyFqn, group, studyAdminUser1 + "," + studyAdminUser2, studyAdmin1SessionId); catalogManager.getStudyManager().updateAcl(Arrays.asList(studyFqn), group, new Study.StudyAclParams("", AclParams.Action.SET, "admin"), ownerSessionId); Study study = catalogManager.getStudyManager().resolveId(studyFqn, studyAdminUser1); QueryResult<StudyAclEntry> studyAcls = catalogManager.getAuthorizationManager().getStudyAcl(studyAdminUser1, study.getUid(), group); assertEquals(1, studyAcls.getNumResults()); assertEquals(group, studyAcls.first().getMember()); assertArrayEquals(AuthorizationManager.getAdminAcls().toArray(), studyAcls.first().getPermissions().toArray()); Study.StudyAclParams aclParams = new Study.StudyAclParams(null, AclParams.Action.RESET, null); catalogManager.getStudyManager().updateAcl(Arrays.asList(studyFqn), group, aclParams, ownerSessionId).get(0); String userId = catalogManager.getUserManager().getUserId(ownerSessionId); Study studyId = catalogManager.getStudyManager().resolveId(studyFqn, userId); studyAcls = catalogManager.getAuthorizationManager().getStudyAcl(userId, study.getUid(), group); assertEquals(0, studyAcls.getNumResults()); }
Study study3 = catalogManager.getStudyManager().resolveId(studyFqn, userId1); QueryResult<StudyAclEntry> studyAcl = catalogManager.getAuthorizationManager().getStudyAcl(userId1, study3.getUid(), "user2"); assertEquals(0, studyAcl.getNumResults()); String userId = catalogManager.getUserManager().getUserId(sessionIdUser); Study study1 = catalogManager.getStudyManager().resolveId(studyFqn, userId); studyAcl = catalogManager.getAuthorizationManager().getStudyAcl(userId, study1.getUid(), "user3"); assertEquals(0, studyAcl.getNumResults()); catalogManager.getAuthorizationManager().getSampleAcl(studyUid, sample.getUid(), "user", "user2"); assertEquals(0, sampleAcl.getNumResults()); sampleAcl = catalogManager.getAuthorizationManager().getSampleAcl(studyUid, sample.getUid(), "user", "user3"); assertEquals(0, sampleAcl.getNumResults());