Commit 959a9347 authored by Piotr Gawron's avatar Piotr Gawron
Browse files

custom overlays are invisible for guests

parent 0891d242
......@@ -6,7 +6,6 @@ var logger = require('./logger');
var request = require('request');
var Alias = require('./map/data/Alias');
var Chemical = require('./map/data/Chemical');
var Comment = require('./map/data/Comment');
......@@ -20,6 +19,7 @@ var MiRna = require('./map/data/MiRna');
var Project = require('./map/data/Project');
var Reaction = require('./map/data/Reaction');
var SessionData = require('./SessionData');
var User = require('./map/data/User');
var GuiConnector = require('./GuiConnector');
......@@ -461,6 +461,19 @@ ServerConnector.getChemicalsByTargetUrl = function(params) {
});
};
ServerConnector.getUserUrl = function(params) {
var userId = params.userId;
var token = params.token;
return this.getApiUrl({type:"user",
method:"getUser",
params: {
userId: userId,
token: token,
},
});
};
ServerConnector.getConfigurationParam = function(paramId) {
var self = this;
return new Promise(function(resolve, reject) {
......@@ -507,28 +520,48 @@ ServerConnector.getProject = function(projectId) {
});
};
ServerConnector.getOverlays = function(projectId) {
ServerConnector.getLoggedUser = function() {
var self = this;
return new Promise(function(resolve, reject) {
if (self._loggedUser!==undefined) {
resolve(self._loggedUser);
} else {
self.getUser().then(function(user) {
self._loggedUser = user;
resolve(self._loggedUser);
}).catch(reject);
}
});
};
ServerConnector.getUser = function(userId) {
var self = this;
if (projectId === undefined || projectId === null || projectId === "") {
return new Promise(function(resolve, reject) {
self.getConfigurationParam(ConfigurationType.DEFAULT_MAP).then(function(defaultMap) {
self.getOverlays(defaultMap).then(function(overlays) {
resolve(overlays);
}, reject);
}, reject);
});
}
return new Promise(function(resolve, reject) {
self.getToken().then(function(token) {
self.readFile(self.getOverlaysUrl(projectId, token)).then(function(content) {
var arr = JSON.parse(content);
var result = [];
for (var i = 0; i < arr.length; i++) {
var layout = new LayoutData(arr[i]);
result.push(layout);
}
resolve(result);
}, reject);
return self.readFile(self.getUserUrl({token:token, userId:userId}));
}).then(function(content) {
var obj = JSON.parse(content);
resolve(new User(obj));
}).catch(reject);
});
};
ServerConnector.getOverlays = function(projectId) {
var self = this;
return new Promise(function(resolve, reject) {
self.getProjectId(projectId).then(function(result){
projectId= result;
return self.getToken();
}).then(function(token) {
return self.readFile(self.getOverlaysUrl(projectId, token));
}).then(function(content) {
var arr = JSON.parse(content);
var result = [];
for (var i = 0; i < arr.length; i++) {
var layout = new LayoutData(arr[i]);
result.push(layout);
}
resolve(result);
}, reject);
});
};
......
......@@ -16,6 +16,24 @@ function OverlayPanel(params) {
self.setElement(params.element);
self.setMap(params.customMap);
if (self.getGeneralOverlaysElement() === undefined) {
throw new Error("Couldn't find element: generalOverlays");
}
if (self.getGeneralOverlaysTabElement() === undefined) {
throw new Error("Couldn't find element: generalOverlaysTab");
}
if (self.getCustomOverlaysElement() === undefined) {
throw new Error("Couldn't find element: customOverlays");
}
if (self.getCustomOverlaysTitleElement() === undefined) {
throw new Error("Couldn't find element: customOverlaysTitle");
}
if (self.getCustomOverlaysTabElement() === undefined) {
throw new Error("Couldn't find element: customOverlaysTab");
}
self.setCustomOverlaysMessage(self.getCustomOverlaysTitleElement().innerHTML);
self.refresh();
}
......@@ -125,7 +143,12 @@ OverlayPanel.prototype.createOverlayRow = function(overlay, checked) {
OverlayPanel.prototype.refresh = function() {
var self = this;
return ServerConnector.getOverlays().then(function(customOverlays) {
var user = null;
return ServerConnector.getLoggedUser().then(function(loggedUser) {
user = loggedUser;
return ServerConnector.getOverlays();
}).then(function(customOverlays) {
var selectedOverlayIds = self.getMap().getSelectedLayouts();
var selectedOverlay = [];
......@@ -159,14 +182,21 @@ OverlayPanel.prototype.refresh = function() {
body.appendChild(self.createOverlayRow(overlay, selectedOverlay[overlay.getId()]));
}
table = self.getCustomOverlaysTabElement();
table.appendChild(self.createTableHeader(true));
var title = self.getCustomOverlaysTitleElement();
if (user.getLogin() === "anonymous") {
title.innerHTML = "YOU ARE NOT LOGGED IN. PLEASE, LOG IN TO UPLOAD AND VIEW CUSTOM OVERLAYS";
} else {
title.innerHTML = self.getCustomOverlaysMessage();
body = document.createElement("tbody");
table.appendChild(body);
for (i = 0; i < customOverlays.length; i++) {
overlay = customOverlays[i];
body.appendChild(self.createOverlayRow(overlay, selectedOverlay[overlay.getId()]));
table = self.getCustomOverlaysTabElement();
table.appendChild(self.createTableHeader(true));
body = document.createElement("tbody");
table.appendChild(body);
for (i = 0; i < customOverlays.length; i++) {
overlay = customOverlays[i];
body.appendChild(self.createOverlayRow(overlay, selectedOverlay[overlay.getId()]));
}
}
return null;
});
......@@ -183,7 +213,19 @@ OverlayPanel.prototype.getGeneralOverlaysTabElement = function() {
OverlayPanel.prototype.getCustomOverlaysElement = function() {
return this.getElementByName(this.getElement(), "customOverlays");
};
OverlayPanel.prototype.getCustomOverlaysTitleElement = function() {
return this.getElementByName(this.getElement(), "customOverlaysTitle");
};
OverlayPanel.prototype.getCustomOverlaysTabElement = function() {
return this.getElementByName(this.getElement(), "customOverlaysTab");
};
OverlayPanel.prototype.setCustomOverlaysMessage = function(customOverlaysMessage) {
this._customOverlaysMessage = customOverlaysMessage;
};
OverlayPanel.prototype.getCustomOverlaysMessage = function() {
return this._customOverlaysMessage;
};
module.exports = OverlayPanel;
"use strict";
/* exported logger */
var logger = require('../../logger');
function User(javaObject) {
this.setLogin(javaObject.login);
this.setName(javaObject.name);
this.setSurname(javaObject.surname);
this.setEmail(javaObject.email);
this.setRemoved(javaObject.removed);
this.setPrivileges(javaObject.privileges);
}
User.prototype.setLogin = function(login) {
this._login = login;
};
User.prototype.getLogin = function() {
return this._login;
};
User.prototype.setName = function(name) {
this._name = name ;
};
User.prototype.getName = function() {
return this._name;
};
User.prototype.setSurname = function(surname) {
this._surname = surname;
};
User.prototype.getSurname = function() {
return this._surname;
};
User.prototype.setEmail = function(email) {
this._email = email;
};
User.prototype.getEmail = function() {
return this._email;
};
User.prototype.setRemoved = function(removed) {
this._removed = removed;
};
User.prototype.getRemoved = function() {
return this._removed;
};
User.prototype.setPrivileges = function(privileges) {
this._privileges = privileges;
};
User.prototype.getPrivileges = function() {
return this._privileges;
};
module.exports = User;
......@@ -6,7 +6,6 @@ require("../mocha-config.js");
var OverlayPanel = require('../../../main/js/gui/OverlayPanel');
var chai = require('chai');
var assert = chai.assert;
var logger = require('../logger');
......@@ -39,9 +38,10 @@ describe('OverlayPanel', function() {
element : div,
customMap : map
});
return panel.refresh().then(function(){
assert.ok(panel.getElement().innerHTML.indexOf("testLayout")>=0);
return panel.refresh().then(function() {
assert.ok(panel.getElement().innerHTML.indexOf("testLayout") >= 0);
assert.ok(panel.getElement().innerHTML.indexOf("YOU ARE NOT LOGGED") >= 0);
});
});
......
......@@ -98,6 +98,10 @@ Helper.prototype.createOverlayTab = function() {
customOverlaysTabDiv.setAttribute("name", "customOverlaysTab");
customOverlaysDiv.appendChild(customOverlaysTabDiv);
var customOverlaysTitleDiv = document.createElement("h3");
customOverlaysTitleDiv.setAttribute("name", "customOverlaysTitle");
customOverlaysDiv.appendChild(customOverlaysTitleDiv);
return result;
};
......
{"privileges":[{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":15764},{"type":"VIEW_PROJECT","value":1,"objectId":16755},{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":15763},{"type":"USER_MANAGEMENT","value":0},{"type":"CONFIGURATION_MANAGE","value":0},{"type":"VIEW_PROJECT","value":1,"objectId":10},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":14897},{"type":"VIEW_PROJECT","value":1,"objectId":7},{"type":"VIEW_PROJECT","value":1,"objectId":6},{"type":"ADD_MAP","value":0},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":15764},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":15763},{"type":"VIEW_PROJECT","value":1,"objectId":22},{"type":"VIEW_PROJECT","value":1,"objectId":14898},{"type":"MANAGE_GENOMES","value":1},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":15764},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":14898},{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":14897},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":16045},{"type":"VIEW_PROJECT","value":1,"objectId":18},{"type":"VIEW_PROJECT","value":1,"objectId":15763},{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":16045},{"type":"EDIT_MISSING_CONNECTIONS_PROJECT","value":0,"objectId":14898},{"type":"VIEW_PROJECT","value":1,"objectId":11},{"type":"VIEW_PROJECT","value":1,"objectId":20},{"type":"VIEW_PROJECT","value":1,"objectId":17051},{"type":"VIEW_PROJECT","value":1,"objectId":17},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":14897},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":15764},{"type":"VIEW_PROJECT","value":1,"objectId":15764},{"type":"VIEW_PROJECT","value":1,"objectId":21},{"type":"CUSTOM_LAYOUTS","value":0},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":14897},{"type":"VIEW_PROJECT","value":1,"objectId":8},{"type":"VIEW_PROJECT","value":1,"objectId":9},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":14898},{"type":"VIEW_PROJECT","value":1,"objectId":17719},{"type":"PROJECT_MANAGEMENT","value":0},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":14898},{"type":"VIEW_PROJECT","value":1,"objectId":14897},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":15763},{"type":"VIEW_PROJECT","value":1,"objectId":1},{"type":"EDIT_COMMENTS_PROJECT","value":0,"objectId":15763},{"type":"VIEW_PROJECT","value":1,"objectId":19},{"type":"LAYOUT_MANAGEMENT","value":0,"objectId":16045},{"type":"VIEW_PROJECT","value":1,"objectId":16045},{"type":"DRUG_TARGETING_ADVANCED_VIEW_PROJECT","value":0,"objectId":16045},{"type":"VIEW_PROJECT","value":1,"objectId":16668},{"type":"CUSTOM_LAYOUTS_AVAILABLE","value":0}],"removed":false,"surname":"","name":"","id":3,"login":"anonymous","email":""}
\ No newline at end of file
......@@ -25,8 +25,9 @@ public class CommentController extends BaseController {
@RequestMapping(value = "/getCommentList", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getOverlayList(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId,
@RequestParam(value = "columns", defaultValue = "") String columns, @RequestParam(value = "elementId", defaultValue = "") String elementId,
@RequestParam(value = "elementType", defaultValue = "") String elementType,@RequestParam(value = "removed", defaultValue = "") String removed) throws SecurityException, QueryException {
return commentController.getCommentList(token, projectId, columns, elementId, elementType,removed);
@RequestParam(value = "elementType", defaultValue = "") String elementType, @RequestParam(value = "removed", defaultValue = "") String removed)
throws SecurityException, QueryException {
return commentController.getCommentList(token, projectId, columns, elementId, elementType, removed);
}
@RequestMapping(value = "/addComment", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
......
......@@ -5,6 +5,7 @@ import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
......@@ -12,6 +13,7 @@ import org.springframework.web.bind.annotation.RestController;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
import lcsb.mapviewer.model.cache.FileEntry;
import lcsb.mapviewer.services.SecurityException;
import lcsb.mapviewer.services.view.LayoutView;
......@@ -29,11 +31,21 @@ public class OverlayController extends BaseController {
}
@RequestMapping(value = "/getOverlayById", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
public LayoutView getOverlayById(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId, @RequestParam(value = "overlayId") String overlayId)
throws SecurityException, QueryException {
public LayoutView getOverlayById(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId,
@RequestParam(value = "overlayId") String overlayId) throws SecurityException, QueryException {
return overlayController.getOverlayById(token, projectId, overlayId);
}
@RequestMapping(value = "/getOverlaySource", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
public ResponseEntity<byte[]> getOverlaySource(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId,
@RequestParam(value = "overlayId") String overlayId) throws SecurityException, QueryException {
FileEntry file = overlayController.getOverlaySource(token, projectId, overlayId);
return ResponseEntity
.ok().contentLength(file.getFileContent().length).contentType(MediaType.APPLICATION_XML)
.header("Content-Disposition", "attachment; filename=somefile.xml").body(file.getFileContent());
}
@RequestMapping(value = "/getOverlayElements", method = { RequestMethod.GET, RequestMethod.POST }, produces = { MediaType.APPLICATION_JSON_VALUE })
public List<Map<String, Object>> getOverlayElements(@RequestParam(value = "token") String token, @RequestParam(value = "projectId") String projectId,
@RequestParam(value = "overlayId") String overlayId, @RequestParam(value = "columns", defaultValue = "") String columns)
......
......@@ -10,6 +10,7 @@ import org.springframework.transaction.annotation.Transactional;
import lcsb.mapviewer.api.QueryException;
import lcsb.mapviewer.model.Project;
import lcsb.mapviewer.model.cache.FileEntry;
import lcsb.mapviewer.model.map.model.Model;
import lcsb.mapviewer.services.SecurityException;
import lcsb.mapviewer.services.interfaces.ILayoutService;
......@@ -128,4 +129,13 @@ public class OverlayRestImpl {
return layoutService.getLayoutById(model, Integer.valueOf(overlayId), authenticationToken);
}
public FileEntry getOverlaySource(String token, String projectId, String overlayId) throws SecurityException, QueryException {
AuthenticationToken authenticationToken = userService.getToken(token);
Model model = modelService.getLastModelByProjectId(projectId, authenticationToken);
if (model == null) {
throw new QueryException("Project with given id doesn't exist");
}
return layoutService.getLayoutDataById(Integer.valueOf(overlayId), authenticationToken).getInputData();
}
}
......@@ -903,11 +903,7 @@ public class LayoutService implements ILayoutService {
* @throws SecurityException
*/
private byte[] getInputDataForLayout(int layoutId, AuthenticationToken token) throws SecurityException {
Layout layout = layoutDao.getById(layoutId);
User user = userService.getUserByToken(token);
if (!userCanViewOverlay(layout, user)) {
throw new SecurityException("User doesn't have access to overlay");
}
Layout layout = getLayoutById(layoutId, token);
if (layout == null) {
return null;
} else {
......@@ -919,6 +915,15 @@ public class LayoutService implements ILayoutService {
}
}
private Layout getLayoutById(int layoutId, AuthenticationToken token) throws SecurityException {
Layout layout = layoutDao.getById(layoutId);
User user = userService.getUserByToken(token);
if (!userCanViewOverlay(layout, user)) {
throw new SecurityException("User doesn't have access to overlay");
}
return layout;
}
@Override
public List<LightLayoutAliasView> getAliasesForLayout(Model model, int layoutId, AuthenticationToken token) throws SecurityException {
try {
......@@ -1030,15 +1035,12 @@ public class LayoutService implements ILayoutService {
@Override
public LayoutView getLayoutById(Model model, int overlayId, AuthenticationToken token) throws SecurityException {
User user = userService.getUserByToken(token);
Layout layout = layoutDao.getById(overlayId);
if (!layout.isPublicLayout() && layout.getCreator() != null) {
if (userCanViewOverlay(layout, user)) {
return layoutViewFactory.create(layout);
} else {
throw new SecurityException("User doesn't have access to the overlay");
}
}
Layout layout = getLayoutById(overlayId, token);
return layoutViewFactory.create(layout);
}
@Override
public Layout getLayoutDataById(int overlayId, AuthenticationToken token) throws SecurityException {
return getLayoutById(overlayId, token);
}
}
......@@ -11,6 +11,7 @@ import lcsb.mapviewer.commands.CommandExecutionException;
import lcsb.mapviewer.common.Pair;
import lcsb.mapviewer.model.map.layout.ColorSchema;
import lcsb.mapviewer.model.map.layout.InvalidColorSchemaException;
import lcsb.mapviewer.model.map.layout.Layout;
import lcsb.mapviewer.model.map.model.Model;
import lcsb.mapviewer.model.user.User;
import lcsb.mapviewer.services.SecurityException;
......@@ -517,6 +518,8 @@ public interface ILayoutService {
List<LayoutView> getCustomLayouts(Model model, String token) throws SecurityException;
LayoutView getLayoutById(Model model, int overlayId, AuthenticationToken authenticationToken) throws SecurityException;
LayoutView getLayoutById(Model model, int overlayId, AuthenticationToken token) throws SecurityException;
Layout getLayoutDataById(int overlayId, AuthenticationToken authenticationToken) throws SecurityException;
}
......@@ -15,7 +15,7 @@
</div>
<div name="customOverlays" class="searchPanel">
<h5>USER-PROVIDED OVERLAYS:</h5>
<h5 name="customOverlaysTitle">USER-PROVIDED OVERLAYS:</h5>
<table cellpadding="4" name="customOverlaysTab" class="table table-bordered" style="width:100%"/>
</div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment