custom overlays are invisible for guests

frontend-js/src/main/js/ServerConnector.js

@@ -6,7 +6,6 @@ var logger = require('./logger');
 
 var request = require('request');
 
-
 var Alias = require('./map/data/Alias');
 var Chemical = require('./map/data/Chemical');
 var Comment = require('./map/data/Comment');
@@ -20,6 +19,7 @@ var MiRna = require('./map/data/MiRna');
 var Project = require('./map/data/Project');
 var Reaction = require('./map/data/Reaction');
 var SessionData = require('./SessionData');
+var User = require('./map/data/User');
 
 var GuiConnector = require('./GuiConnector');
 
@@ -461,6 +461,19 @@ ServerConnector.getChemicalsByTargetUrl = function(params) {
   });
 };
 
+ServerConnector.getUserUrl = function(params) {
+  var userId = params.userId;
+  var token = params.token;
+  
+  return this.getApiUrl({type:"user",
+    method:"getUser",
+    params: {
+      userId: userId, 
+      token: token,
+      },
+  });
+};
+
 ServerConnector.getConfigurationParam = function(paramId) {
   var self = this;
   return new Promise(function(resolve, reject) {
@@ -507,28 +520,48 @@ ServerConnector.getProject = function(projectId) {
   });
 };
 
-ServerConnector.getOverlays = function(projectId) {
+ServerConnector.getLoggedUser = function() {
+  var self = this;
+  return new Promise(function(resolve, reject) {
+    if (self._loggedUser!==undefined) {
+      resolve(self._loggedUser);
+    } else {
+      self.getUser().then(function(user) {
+        self._loggedUser = user;
+        resolve(self._loggedUser);
+      }).catch(reject);
+    }
+  });
+};
+
+ServerConnector.getUser = function(userId) {
   var self = this;
-  if (projectId === undefined || projectId === null || projectId === "") {
-    return new Promise(function(resolve, reject) {
-      self.getConfigurationParam(ConfigurationType.DEFAULT_MAP).then(function(defaultMap) {
-        self.getOverlays(defaultMap).then(function(overlays) {
-          resolve(overlays);
-        }, reject);
-      }, reject);
-    });
-  }
   return new Promise(function(resolve, reject) {
     self.getToken().then(function(token) {
-      self.readFile(self.getOverlaysUrl(projectId, token)).then(function(content) {
-        var arr = JSON.parse(content);
-        var result = [];
-        for (var i = 0; i < arr.length; i++) {
-          var layout = new LayoutData(arr[i]);
-          result.push(layout);
-        }
-        resolve(result);
-      }, reject);
+      return self.readFile(self.getUserUrl({token:token, userId:userId}));
+    }).then(function(content) {
+      var obj = JSON.parse(content);
+      resolve(new User(obj));
+    }).catch(reject);
+  });
+};
+
+ServerConnector.getOverlays = function(projectId) {
+  var self = this;
+  return new Promise(function(resolve, reject) {
+    self.getProjectId(projectId).then(function(result){
+      projectId= result;
+      return self.getToken();
+    }).then(function(token) {
+      return self.readFile(self.getOverlaysUrl(projectId, token));
+    }).then(function(content) {
+      var arr = JSON.parse(content);
+      var result = [];
+      for (var i = 0; i < arr.length; i++) {
+        var layout = new LayoutData(arr[i]);
+        result.push(layout);
+      }
+      resolve(result);
     }, reject);
   });
 };

frontend-js/src/main/js/gui/OverlayPanel.js

@@ -16,6 +16,24 @@ function OverlayPanel(params) {
   self.setElement(params.element);
   self.setMap(params.customMap);
 
+  if (self.getGeneralOverlaysElement() === undefined) {
+    throw new Error("Couldn't find element: generalOverlays");
+  }
+  if (self.getGeneralOverlaysTabElement() === undefined) {
+    throw new Error("Couldn't find element: generalOverlaysTab");
+  }
+  if (self.getCustomOverlaysElement() === undefined) {
+    throw new Error("Couldn't find element: customOverlays");
+  }
+  if (self.getCustomOverlaysTitleElement() === undefined) {
+    throw new Error("Couldn't find element: customOverlaysTitle");
+  }
+  if (self.getCustomOverlaysTabElement() === undefined) {
+    throw new Error("Couldn't find element: customOverlaysTab");
+  }
+
+  self.setCustomOverlaysMessage(self.getCustomOverlaysTitleElement().innerHTML);
+
   self.refresh();
 }
 
@@ -125,7 +143,12 @@ OverlayPanel.prototype.createOverlayRow = function(overlay, checked) {
 
 OverlayPanel.prototype.refresh = function() {
   var self = this;
-  return ServerConnector.getOverlays().then(function(customOverlays) {
+  var user = null;
+
+  return ServerConnector.getLoggedUser().then(function(loggedUser) {
+    user = loggedUser;
+    return ServerConnector.getOverlays();
+  }).then(function(customOverlays) {
     var selectedOverlayIds = self.getMap().getSelectedLayouts();
     var selectedOverlay = [];
 
@@ -159,14 +182,21 @@ OverlayPanel.prototype.refresh = function() {
       body.appendChild(self.createOverlayRow(overlay, selectedOverlay[overlay.getId()]));
     }
 
-    table = self.getCustomOverlaysTabElement();
-    table.appendChild(self.createTableHeader(true));
+    var title = self.getCustomOverlaysTitleElement();
+    if (user.getLogin() === "anonymous") {
+      title.innerHTML = "YOU ARE NOT LOGGED IN. PLEASE, LOG IN TO UPLOAD AND VIEW CUSTOM OVERLAYS";
+    } else {
+      title.innerHTML = self.getCustomOverlaysMessage();
 
-    body = document.createElement("tbody");
-    table.appendChild(body);
-    for (i = 0; i < customOverlays.length; i++) {
-      overlay = customOverlays[i];
-      body.appendChild(self.createOverlayRow(overlay, selectedOverlay[overlay.getId()]));
+      table = self.getCustomOverlaysTabElement();
+      table.appendChild(self.createTableHeader(true));
+
+      body = document.createElement("tbody");
+      table.appendChild(body);
+      for (i = 0; i < customOverlays.length; i++) {
+        overlay = customOverlays[i];
+        body.appendChild(self.createOverlayRow(overlay, selectedOverlay[overlay.getId()]));
+      }
     }
     return null;
   });
@@ -183,7 +213,19 @@ OverlayPanel.prototype.getGeneralOverlaysTabElement = function() {
 OverlayPanel.prototype.getCustomOverlaysElement = function() {
   return this.getElementByName(this.getElement(), "customOverlays");
 };
+OverlayPanel.prototype.getCustomOverlaysTitleElement = function() {
+  return this.getElementByName(this.getElement(), "customOverlaysTitle");
+};
 OverlayPanel.prototype.getCustomOverlaysTabElement = function() {
   return this.getElementByName(this.getElement(), "customOverlaysTab");
 };
+
+OverlayPanel.prototype.setCustomOverlaysMessage = function(customOverlaysMessage) {
+  this._customOverlaysMessage = customOverlaysMessage;
+};
+
+OverlayPanel.prototype.getCustomOverlaysMessage = function() {
+  return this._customOverlaysMessage;
+};
+
 module.exports = OverlayPanel;

frontend-js/src/main/js/map/data/User.js

+"use strict";
+
+/* exported logger */
+
+var logger = require('../../logger');
+
+function User(javaObject) {
+  this.setLogin(javaObject.login);
+  this.setName(javaObject.name);
+  this.setSurname(javaObject.surname);
+  this.setEmail(javaObject.email);
+  this.setRemoved(javaObject.removed);
+  this.setPrivileges(javaObject.privileges);
+}
+
+User.prototype.setLogin = function(login) {
+  this._login = login;
+};
+
+User.prototype.getLogin = function() {
+  return this._login;
+};
+
+User.prototype.setName = function(name) {
+  this._name = name ;
+};
+
+User.prototype.getName = function() {
+  return this._name;
+};
+
+User.prototype.setSurname = function(surname) {
+  this._surname = surname;
+};
+
+User.prototype.getSurname = function() {
+  return this._surname;
+};
+
+User.prototype.setEmail = function(email) {
+  this._email = email;
+};
+
+User.prototype.getEmail = function() {
+  return this._email;
+};
+
+User.prototype.setRemoved = function(removed) {
+  this._removed = removed;
+};
+
+User.prototype.getRemoved = function() {
+  return this._removed;
+};
+
+User.prototype.setPrivileges = function(privileges) {
+  this._privileges = privileges;
+};
+
+User.prototype.getPrivileges = function() {
+  return this._privileges;
+};
+
+module.exports = User;

frontend-js/src/test/js/gui/OverlayPanel-test.js

@@ -6,7 +6,6 @@ require("../mocha-config.js");
 
 var OverlayPanel = require('../../../main/js/gui/OverlayPanel');
 
-
 var chai = require('chai');
 var assert = chai.assert;
 var logger = require('../logger');
@@ -39,9 +38,10 @@ describe('OverlayPanel', function() {
       element : div,
       customMap : map
     });
-    
-    return panel.refresh().then(function(){
-      assert.ok(panel.getElement().innerHTML.indexOf("testLayout")>=0);
+
+    return panel.refresh().then(function() {
+      assert.ok(panel.getElement().innerHTML.indexOf("testLayout") >= 0);
+      assert.ok(panel.getElement().innerHTML.indexOf("YOU ARE NOT LOGGED") >= 0);
     });
   });
 

frontend-js/src/test/js/helper.js

@@ -98,6 +98,10 @@ Helper.prototype.createOverlayTab = function() {
   customOverlaysTabDiv.setAttribute("name", "customOverlaysTab");
   customOverlaysDiv.appendChild(customOverlaysTabDiv);
   
+  var customOverlaysTitleDiv = document.createElement("h3");
+  customOverlaysTitleDiv.setAttribute("name", "customOverlaysTitle");
+  customOverlaysDiv.appendChild(customOverlaysTitleDiv);
+  
   return result;
 };
 

frontend-js/testFiles/apiCalls/user/getUser/token=MOCK_TOKEN_ID&

+{"privileges":[{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":15764},{"type":"VIEW_PROJECT","value":1,"objectId":16755},{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":15763},{"type":"USER_MANAGEMENT","value":0},{"type":"CONFIGURATION_MANAGE","value":0},{"type":"VIEW_PROJECT","value":1,"objectId":10},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":14897},{"type":"VIEW_PROJECT","value":1,"objectId":7},{"type":"VIEW_PROJECT","value":1,"objectId":6},{"type":"ADD_MAP","value":0},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":15764},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":15763},{"type":"VIEW_PROJECT","value":1,"objectId":22},{"type":"VIEW_PROJECT","value":1,"objectId":14898},{"type":"MANAGE_GENOMES","value":1},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":15764},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":14898},{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":14897},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":16045},{"type":"VIEW_PROJECT","value":1,"objectId":18},{"type":"VIEW_PROJECT","value":1,"objectId":15763},{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":16045},{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":14898},{"type":"VIEW_PROJECT","value":1,"objectId":11},{"type":"VIEW_PROJECT","value":1,"objectId":20},{"type":"VIEW_PROJECT","value":1,"objectId":17051},{"type":"VIEW_PROJECT","value":1,"objectId":17},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":14897},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":15764},{"type":"VIEW_PROJECT","value":1,"objectId":15764},{"type":"VIEW_PROJECT","value":1,"objectId":21},{"type":"CUSTOM_LAYOUTS","value":0},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":14897},{"type":"VIEW_PROJECT","value":1,"objectId":8},{"type":"VIEW_PROJECT","value":1,"objectId":9},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":14898},{"type":"VIEW_PROJECT","value":1,"objectId":17719},{"type":"PROJECT_MANAGEMENT","value":0},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":14898},{"type":"VIEW_PROJECT","value":1,"objectId":14897},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":15763},{"type":"VIEW_PROJECT","value":1,"objectId":1},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":15763},{"type":"VIEW_PROJECT","value":1,"objectId":19},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":16045},{"type":"VIEW_PROJECT","value":1,"objectId":16045},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":16045},{"type":"VIEW_PROJECT","value":1,"objectId":16668},{"type":"CUSTOM_LAYOUTS_AVAILABLE","value":0}],"removed":false,"surname":"","name":"","id":3,"login":"anonymous","email":""}
\ No newline at end of file

rest-api/src/main/java/lcsb/mapviewer/api/comment/CommentController.java

@@ -25,8 +25,9 @@ public class CommentController extends BaseController {
 	@RequestMapping(value = "/getCommentList", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
 	public List<Map<String, Object>> getOverlayList(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId,
 			@RequestParam(value = "columns", defaultValue = "") String columns, @RequestParam(value = "elementId", defaultValue = "") String elementId,
-			@RequestParam(value = "elementType", defaultValue = "") String elementType,@RequestParam(value = "removed", defaultValue = "") String removed) throws SecurityException, QueryException {
-		return commentController.getCommentList(token, projectId, columns, elementId, elementType,removed);
+			@RequestParam(value = "elementType", defaultValue = "") String elementType, @RequestParam(value = "removed", defaultValue = "") String removed)
+			throws SecurityException, QueryException {
+		return commentController.getCommentList(token, projectId, columns, elementId, elementType, removed);
 	}
 
 	@RequestMapping(value = "/addComment", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })

rest-api/src/main/java/lcsb/mapviewer/api/overlay/OverlayController.java

@@ -5,6 +5,7 @@ import java.util.Map;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -12,6 +13,7 @@ import org.springframework.web.bind.annotation.RestController;
 
 import lcsb.mapviewer.api.BaseController;
 import lcsb.mapviewer.api.QueryException;
+import lcsb.mapviewer.model.cache.FileEntry;
 import lcsb.mapviewer.services.SecurityException;
 import lcsb.mapviewer.services.view.LayoutView;
 
@@ -29,11 +31,21 @@ public class OverlayController extends BaseController {
 	}
 
 	@RequestMapping(value = "/getOverlayById", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
-	public LayoutView getOverlayById(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId, @RequestParam(value = "overlayId") String overlayId)
-			throws SecurityException, QueryException {
+	public LayoutView getOverlayById(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId,
+			@RequestParam(value = "overlayId") String overlayId) throws SecurityException, QueryException {
 		return overlayController.getOverlayById(token, projectId, overlayId);
 	}
 
+	@RequestMapping(value = "/getOverlaySource", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
+	public ResponseEntity<byte[]> getOverlaySource(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId,
+			@RequestParam(value = "overlayId") String overlayId) throws SecurityException, QueryException {
+
+		FileEntry file = overlayController.getOverlaySource(token, projectId, overlayId);
+		return ResponseEntity
+				.ok().contentLength(file.getFileContent().length).contentType(MediaType.APPLICATION_XML)
+				.header("Content-Disposition", "attachment; filename=somefile.xml").body(file.getFileContent());
+	}
+
 	@RequestMapping(value = "/getOverlayElements", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
 	public List<Map<String, Object>> getOverlayElements(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId,
 			@RequestParam(value = "overlayId") String overlayId, @RequestParam(value = "columns", defaultValue = "") String columns)

rest-api/src/main/java/lcsb/mapviewer/api/overlay/OverlayRestImpl.java

@@ -10,6 +10,7 @@ import org.springframework.transaction.annotation.Transactional;
 
 import lcsb.mapviewer.api.QueryException;
 import lcsb.mapviewer.model.Project;
+import lcsb.mapviewer.model.cache.FileEntry;
 import lcsb.mapviewer.model.map.model.Model;
 import lcsb.mapviewer.services.SecurityException;
 import lcsb.mapviewer.services.interfaces.ILayoutService;
@@ -128,4 +129,13 @@ public class OverlayRestImpl {
 		return layoutService.getLayoutById(model, Integer.valueOf(overlayId), authenticationToken);
 	}
 
+	public FileEntry getOverlaySource(String token, String projectId, String overlayId) throws SecurityException, QueryException {
+		AuthenticationToken authenticationToken = userService.getToken(token);
+		Model model = modelService.getLastModelByProjectId(projectId, authenticationToken);
+		if (model == null) {
+			throw new QueryException("Project with given id doesn't exist");
+		}
+		return layoutService.getLayoutDataById(Integer.valueOf(overlayId), authenticationToken).getInputData();
+	}
+
 }

service/src/main/java/lcsb/mapviewer/services/impl/LayoutService.java

@@ -903,11 +903,7 @@ public class LayoutService implements ILayoutService {
 	 * @throws SecurityException
 	 */
 	private byte[] getInputDataForLayout(int layoutId, AuthenticationToken token) throws SecurityException {
-		Layout layout = layoutDao.getById(layoutId);
-		User user = userService.getUserByToken(token);
-		if (!userCanViewOverlay(layout, user)) {
-			throw new SecurityException("User doesn't have access to overlay");
-		}
+		Layout layout = getLayoutById(layoutId, token);
 		if (layout == null) {
 			return null;
 		} else {
@@ -919,6 +915,15 @@ public class LayoutService implements ILayoutService {
 		}
 	}
 
+	private Layout getLayoutById(int layoutId, AuthenticationToken token) throws SecurityException {
+		Layout layout = layoutDao.getById(layoutId);
+		User user = userService.getUserByToken(token);
+		if (!userCanViewOverlay(layout, user)) {
+			throw new SecurityException("User doesn't have access to overlay");
+		}
+		return layout;
+	}
+
 	@Override
 	public List<LightLayoutAliasView> getAliasesForLayout(Model model, int layoutId, AuthenticationToken token) throws SecurityException {
 		try {
@@ -1030,15 +1035,12 @@ public class LayoutService implements ILayoutService {
 
 	@Override
 	public LayoutView getLayoutById(Model model, int overlayId, AuthenticationToken token) throws SecurityException {
-		User user = userService.getUserByToken(token);
-		Layout layout = layoutDao.getById(overlayId);
-		if (!layout.isPublicLayout() && layout.getCreator() != null) {
-			if (userCanViewOverlay(layout, user)) {
-				return layoutViewFactory.create(layout);
-			} else {
-				throw new SecurityException("User doesn't have access to the overlay");
-			}
-		}
+		Layout layout = getLayoutById(overlayId, token);
 		return layoutViewFactory.create(layout);
 	}
+
+	@Override
+	public Layout getLayoutDataById(int overlayId, AuthenticationToken token) throws SecurityException {
+		return getLayoutById(overlayId, token);
+	}
 }

service/src/main/java/lcsb/mapviewer/services/interfaces/ILayoutService.java

@@ -11,6 +11,7 @@ import lcsb.mapviewer.commands.CommandExecutionException;
 import lcsb.mapviewer.common.Pair;
 import lcsb.mapviewer.model.map.layout.ColorSchema;
 import lcsb.mapviewer.model.map.layout.InvalidColorSchemaException;
+import lcsb.mapviewer.model.map.layout.Layout;
 import lcsb.mapviewer.model.map.model.Model;
 import lcsb.mapviewer.model.user.User;
 import lcsb.mapviewer.services.SecurityException;
@@ -517,6 +518,8 @@ public interface ILayoutService {
 
 	List<LayoutView> getCustomLayouts(Model model, String token) throws SecurityException;
 
-	LayoutView getLayoutById(Model model, int overlayId, AuthenticationToken authenticationToken) throws SecurityException;
+	LayoutView getLayoutById(Model model, int overlayId, AuthenticationToken token) throws SecurityException;
+
+	Layout getLayoutDataById(int overlayId, AuthenticationToken authenticationToken) throws SecurityException;
 
 }

web/src/main/webapp/WEB-INF/components/map/layoutPanel.xhtml

@@ -15,7 +15,7 @@
 	</div>
 
 	<div name="customOverlays" class="searchPanel">	
-		<h5>USER-PROVIDED OVERLAYS:</h5>
+		<h5 name="customOverlaysTitle">USER-PROVIDED OVERLAYS:</h5>
 		<table cellpadding="4" name="customOverlaysTab" class="table table-bordered"  style="width:100%"/>
 	</div>