Commit a7bf3db9 authored by Piotr Gawron's avatar Piotr Gawron
Browse files

access for public overlay data changed

parent fe5616cd
......@@ -11,6 +11,7 @@ import org.springframework.security.access.prepost.*;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.*;
import javassist.tools.rmi.ObjectNotFoundException;
import lcsb.mapviewer.api.BaseController;
import lcsb.mapviewer.api.QueryException;
import lcsb.mapviewer.model.cache.FileEntry;
......@@ -57,7 +58,8 @@ public class OverlayController extends BaseController {
@PreAuthorize("hasAuthority('IS_ADMIN')" +
" or hasAuthority('IS_CURATOR') and hasAuthority('READ_PROJECT:' + #projectId)" +
" or hasAuthority('READ_PROJECT:' + #projectId) and @layoutService.getLayoutById(#overlayId)?.creator?.login == authentication.name")
" or hasAuthority('READ_PROJECT:' + #projectId) and "+
" (@layoutService.getLayoutById(#overlayId)?.creator?.login == authentication.name or @layoutService.getLayoutById(#overlayId)?.publicLayout)")
@GetMapping(value = "/{overlayId}/models/{modelId}/bioEntities/")
public List<Map<String, Object>> getOverlayElements(
@PathVariable(value = "projectId") String projectId,
......@@ -68,28 +70,30 @@ public class OverlayController extends BaseController {
@PreAuthorize("hasAuthority('IS_ADMIN')" +
" or hasAuthority('IS_CURATOR') and hasAuthority('READ_PROJECT:' + #projectId)" +
" or hasAuthority('READ_PROJECT:' + #projectId) and @layoutService.getLayoutById(#overlayId)?.creator?.login == authentication.name")
" or hasAuthority('READ_PROJECT:' + #projectId) and "+
" (@layoutService.getLayoutById(#overlayId)?.creator?.login == authentication.name or @layoutService.getLayoutById(#overlayId)?.publicLayout)")
@GetMapping(value = "/{overlayId}/models/{modelId}/bioEntities/reactions/{reactionId}/")
public Map<String, Object> getFullReaction(
@PathVariable(value = "projectId") String projectId,
@PathVariable(value = "modelId") String modelId,
@PathVariable(value = "overlayId") String overlayId,
@PathVariable(value = "reactionId") String reactionId,
@RequestParam(value = "columns", defaultValue = "") String columns) throws QueryException {
@RequestParam(value = "columns", defaultValue = "") String columns) throws QueryException, NumberFormatException, ObjectNotFoundException {
return overlayRestImp.getOverlayElement(projectId, Integer.valueOf(modelId), Integer.valueOf(overlayId),
Integer.valueOf(reactionId), "REACTION", columns);
}
@PreAuthorize("hasAuthority('IS_ADMIN')" +
" or hasAuthority('IS_CURATOR') and hasAuthority('READ_PROJECT:' + #projectId)" +
" or hasAuthority('READ_PROJECT:' + #projectId) and @layoutService.getLayoutById(#overlayId)?.creator?.login == authentication.name")
" or hasAuthority('READ_PROJECT:' + #projectId) and "+
" (@layoutService.getLayoutById(#overlayId)?.creator?.login == authentication.name or @layoutService.getLayoutById(#overlayId)?.publicLayout)")
@GetMapping(value = "/{overlayId}/models/{modelId}/bioEntities/elements/{elementId}/")
public Map<String, Object> getFullSpecies(
@PathVariable(value = "projectId") String projectId,
@PathVariable(value = "modelId") String modelId,
@PathVariable(value = "overlayId") String overlayId,
@PathVariable(value = "elementId") String reactionId,
@RequestParam(value = "columns", defaultValue = "") String columns) throws QueryException {
@RequestParam(value = "columns", defaultValue = "") String columns) throws QueryException, NumberFormatException, ObjectNotFoundException {
return overlayRestImp.getOverlayElement(projectId, Integer.valueOf(modelId), Integer.valueOf(overlayId),
Integer.valueOf(reactionId), "ALIAS", columns);
}
......
......@@ -330,12 +330,18 @@ public class OverlayRestImpl extends BaseRestImpl {
if (ElementIdentifierType.ALIAS.getJsName().equals(elementType)) {
Pair<? extends BioEntity, ColorSchema> elementDataOverlay = layoutService.getFullAliasForLayout(model, elementId,
overlayId);
if (elementDataOverlay == null) {
throw new ObjectNotFoundException("Element data cannot be found");
}
result.put("type", ElementIdentifierType.ALIAS);
result.put("overlayContent", overlayContentToMap(elementDataOverlay, columnSet));
return result;
} else if (ElementIdentifierType.REACTION.getJsName().equals(elementType)) {
Pair<? extends BioEntity, ColorSchema> reactionDataOverlay = layoutService.getFullReactionForLayout(model,
elementId, overlayId);
if (reactionDataOverlay == null) {
throw new ObjectNotFoundException("Reaction data cannot be found");
}
result.put("type", ElementIdentifierType.REACTION);
result.put("overlayContent", overlayContentToMap(reactionDataOverlay, columnSet));
return result;
......
......@@ -930,4 +930,63 @@ public class OverlayControllerIntegrationTest extends ControllerIntegrationTest
.andExpect(status().is2xxSuccessful());
}
@Test
public void testUserCanAccessDataInPublicOverlay() throws Exception {
createUser(TEST_USER_LOGIN, TEST_USER_PASSWORD, project);
Layout overlay = createOverlay(null);
overlay.setPublicLayout(true);
layoutDao.update(overlay);
MockHttpSession session = createSession(TEST_USER_LOGIN, TEST_USER_PASSWORD);
RequestBuilder request = get(
"/projects/" + TEST_PROJECT + "/overlays/" + overlay.getId() + "/models/*/bioEntities/")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.session(session);
mockMvc.perform(request)
.andExpect(status().is2xxSuccessful());
}
@Test
public void testUserCanAccessReactionDataInPublicOverlay() throws Exception {
createUser(TEST_USER_LOGIN, TEST_USER_PASSWORD, project);
Layout overlay = createOverlay(null);
overlay.setPublicLayout(true);
layoutDao.update(overlay);
MockHttpSession session = createSession(TEST_USER_LOGIN, TEST_USER_PASSWORD);
RequestBuilder request = get(
"/projects/" + TEST_PROJECT + "/overlays/" + overlay.getId() + "/models/" + map.getId()
+ "/bioEntities/reactions/-1/")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.session(session);
mockMvc.perform(request)
.andExpect(status().isNotFound());
}
@Test
public void testUserCanAccessElementDataInPublicOverlay() throws Exception {
createUser(TEST_USER_LOGIN, TEST_USER_PASSWORD, project);
Layout overlay = createOverlay(null);
overlay.setPublicLayout(true);
layoutDao.update(overlay);
MockHttpSession session = createSession(TEST_USER_LOGIN, TEST_USER_PASSWORD);
RequestBuilder request = get(
"/projects/" + TEST_PROJECT + "/overlays/" + overlay.getId() + "/models/" + map.getId()
+ "/bioEntities/elements/-1/")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.session(session);
mockMvc.perform(request)
.andExpect(status().isNotFound());
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment