Commit 2bd737a7 authored by Piotr Gawron's avatar Piotr Gawron
Browse files

rest api for modifying/removing plugins + privilege type for that

parent 78222e79
......@@ -54,12 +54,17 @@ public enum PrivilegeType {
/**
* User can manage layouts of all users in the project.
*/
LAYOUT_MANAGEMENT(ObjectPrivilege.class, Project.class, "Manage overlays"), //
LAYOUT_MANAGEMENT(ObjectPrivilege.class, Project.class, "Manage overlays"),
/**
* User can manage reference genomes.
*/
MANAGE_GENOMES(BasicPrivilege.class, null, "Manage genomes");
MANAGE_GENOMES(BasicPrivilege.class, null, "Manage genomes"),
/**
* User can manage preferences
*/
MANAGE_PLUGINS(BasicPrivilege.class, null, "Manage plugins");
/**
* Type of privilege (basic or privilege to the object).
......
......@@ -58,6 +58,15 @@ public class PluginController extends BaseController {
return pluginRest.getPlugin(token, hash);
}
@RequestMapping(value = "/plugins/{hash}", method = { RequestMethod.DELETE }, produces = {
MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> removePlugin(//
@CookieValue(value = Configuration.AUTH_TOKEN) String token, //
@PathVariable(value = "hash") String hash //
) throws SecurityException, ObjectNotFoundException {
return pluginRest.removePlugin(token, hash);
}
@RequestMapping(value = "/plugins/{hash}/data/users/{login}/{key}", method = { RequestMethod.POST }, produces = {
MediaType.APPLICATION_JSON_VALUE })
public Map<String, Object> createPluginDataEntry(//
......
......@@ -13,6 +13,7 @@ import lcsb.mapviewer.api.BaseRestImpl;
import lcsb.mapviewer.api.ObjectNotFoundException;
import lcsb.mapviewer.model.plugin.Plugin;
import lcsb.mapviewer.model.plugin.PluginDataEntry;
import lcsb.mapviewer.model.user.PrivilegeType;
import lcsb.mapviewer.model.user.User;
import lcsb.mapviewer.persist.dao.plugin.PluginDao;
import lcsb.mapviewer.persist.dao.plugin.PluginDataEntryDao;
......@@ -28,10 +29,17 @@ public class PluginRestImpl extends BaseRestImpl {
private PluginDataEntryDao pluginDataEntryDao;
public Map<String, Object> createPlugin(String token, String hash, String name, String version, String url,
String isPublic) {
String isPublic) throws SecurityException {
if (isPublic.equalsIgnoreCase("true")) {
if (!getUserService().userHasPrivilege(token, PrivilegeType.MANAGE_PLUGINS)) {
throw new SecurityException("You have no privileges to manage plugins");
}
}
Plugin plugin = pluginDao.getByHash(hash);
if (plugin != null) {
plugin.getUrls().add(url);
plugin.setPublic(plugin.isPublic() || isPublic.equalsIgnoreCase("true"));
pluginDao.update(plugin);
} else {
plugin = new Plugin();
......@@ -141,4 +149,18 @@ public class PluginRestImpl extends BaseRestImpl {
return result;
}
public Map<String, Object> removePlugin(String token, String hash) throws ObjectNotFoundException, SecurityException {
Plugin plugin = pluginDao.getByHash(hash);
if (!getUserService().userHasPrivilege(token, PrivilegeType.MANAGE_PLUGINS)) {
throw new SecurityException("You have no privileges to manage plugins");
}
if (plugin != null) {
plugin.setPublic(false);
pluginDao.update(plugin);
} else {
throw new ObjectNotFoundException("Plugin doesn't exist");
}
return getPlugin(token, hash);
}
}
......@@ -9,15 +9,17 @@ import lcsb.mapviewer.api.convert.AllConvertTests;
import lcsb.mapviewer.api.files.AllFileTests;
import lcsb.mapviewer.api.genomics.AllGenomicsTests;
import lcsb.mapviewer.api.mesh.AllMeshTests;
import lcsb.mapviewer.api.plugins.AllPluginsTests;
import lcsb.mapviewer.api.projects.AllProjectTests;
import lcsb.mapviewer.api.users.AllUserTests;
@RunWith(Suite.class)
@SuiteClasses({ AllConfigurationTests.class, //
AllConvertTests.class, //
AllFileTests.class, //
AllConvertTests.class, //
AllFileTests.class, //
AllGenomicsTests.class, //
AllMeshTests.class, //
AllPluginsTests.class, //
AllProjectTests.class, //
AllUserTests.class,//
})
......
package lcsb.mapviewer.api.plugins;
import org.junit.runner.RunWith;
import org.junit.runners.Suite;
import org.junit.runners.Suite.SuiteClasses;
@RunWith(Suite.class)
@SuiteClasses({ PluginRestImplTest.class })
public class AllPluginsTests {
}
package lcsb.mapviewer.api.plugins;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
import lcsb.mapviewer.api.RestTestFunctions;
import lcsb.mapviewer.model.user.BasicPrivilege;
import lcsb.mapviewer.model.user.PrivilegeType;
import lcsb.mapviewer.model.user.User;
public class PluginRestImplTest extends RestTestFunctions {
@Autowired
PluginRestImpl pluginRestImpl;
@Test(expected = lcsb.mapviewer.services.SecurityException.class)
public void testCreatePluginWithoutAccess() throws Exception {
pluginRestImpl.createPlugin(token, "x", "x", "x", "x", "true");
}
@Test
public void testCreatePlugin() throws Exception {
try {
User admin = userService.getUserByToken(adminToken);
userService.setUserPrivilege(admin, new BasicPrivilege(1, PrivilegeType.MANAGE_PLUGINS, admin));
pluginRestImpl.createPlugin(adminToken, "x", "x", "x", "x", "true");
} catch (Exception e) {
e.printStackTrace();
throw e;
}
}
@Test
public void testRemovePlugin() throws Exception {
try {
User admin = userService.getUserByToken(adminToken);
userService.setUserPrivilege(admin, new BasicPrivilege(1, PrivilegeType.MANAGE_PLUGINS, admin));
pluginRestImpl.createPlugin(adminToken, "x", "x", "x", "x", "true");
pluginRestImpl.removePlugin(adminToken, "x");
} catch (Exception e) {
e.printStackTrace();
throw e;
}
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment