diff --git a/frontend-js/src/main/js/ServerConnector.js b/frontend-js/src/main/js/ServerConnector.js
index 19c3339fd9c9915eb5b8554c578e0d88288d3f06..0943224d38579977b71da030eddf6008ccff4ee9 100644
--- a/frontend-js/src/main/js/ServerConnector.js
+++ b/frontend-js/src/main/js/ServerConnector.js
@@ -600,7 +600,13 @@ ServerConnector.getProject = function(projectId) {
return self.getModels(projectId);
}).then(function(models) {
project.setModel(models[0]);
- return self.getOverlays(projectId);
+ return self.getLoggedUser();
+ }).then(function(user) {
+ return self.getOverlays({
+ projectId : projectId,
+ creator : user.getLogin(),
+ publicOverlay : false,
+ });
}).then(function(overlays) {
project.getModel().addLayouts(overlays);
return project;
@@ -726,12 +732,18 @@ ServerConnector.getUser = function(login) {
});
};
-ServerConnector.getOverlays = function(projectId) {
+ServerConnector.getOverlays = function(params) {
var self = this;
+ if (params === undefined) {
+ params = {};
+ }
var queryParams = {};
- var filterParams = {};
+ var filterParams = {
+ creator : params.creator,
+ publicOverlay : params.publicOverlay,
+ };
return new Promise(function(resolve, reject) {
- self.getProjectId(projectId).then(function(result) {
+ self.getProjectId(params.projectId).then(function(result) {
queryParams.projectId = result;
return self.sendGetRequest(self.getOverlaysUrl(queryParams, filterParams));
}).then(function(content) {
diff --git a/frontend-js/src/main/js/gui/leftPanel/OverlayPanel.js b/frontend-js/src/main/js/gui/leftPanel/OverlayPanel.js
index 750b0204fbffab3b17c7259789963e037479ce4f..f7a8eb9669224ab39afa9003728c8c6bfa8cacf6 100644
--- a/frontend-js/src/main/js/gui/leftPanel/OverlayPanel.js
+++ b/frontend-js/src/main/js/gui/leftPanel/OverlayPanel.js
@@ -284,7 +284,10 @@ OverlayPanel.prototype.refresh = function() {
selectedOverlay[visibleDataOverlays[j].getId()] = true;
}
- return ServerConnector.getOverlays();
+ return ServerConnector.getOverlays({
+ publicOverlay : false,
+ creator : user.getLogin(),
+ });
}).then(
function(customOverlays) {
diff --git a/frontend-js/testFiles/apiCalls/projects/complex_model_with_images/overlays/token=MOCK_TOKEN_ID& b/frontend-js/testFiles/apiCalls/projects/complex_model_with_images/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
similarity index 100%
rename from frontend-js/testFiles/apiCalls/projects/complex_model_with_images/overlays/token=MOCK_TOKEN_ID&
rename to frontend-js/testFiles/apiCalls/projects/complex_model_with_images/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
diff --git a/frontend-js/testFiles/apiCalls/projects/complex_model_with_submaps/overlays/token=MOCK_TOKEN_ID& b/frontend-js/testFiles/apiCalls/projects/complex_model_with_submaps/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
similarity index 100%
rename from frontend-js/testFiles/apiCalls/projects/complex_model_with_submaps/overlays/token=MOCK_TOKEN_ID&
rename to frontend-js/testFiles/apiCalls/projects/complex_model_with_submaps/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
diff --git a/frontend-js/testFiles/apiCalls/projects/drug_target_sample/overlays/token=MOCK_TOKEN_ID& b/frontend-js/testFiles/apiCalls/projects/drug_target_sample/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
similarity index 100%
rename from frontend-js/testFiles/apiCalls/projects/drug_target_sample/overlays/token=MOCK_TOKEN_ID&
rename to frontend-js/testFiles/apiCalls/projects/drug_target_sample/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
diff --git a/frontend-js/testFiles/apiCalls/projects/empty/overlays/token=MOCK_TOKEN_ID& b/frontend-js/testFiles/apiCalls/projects/empty/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
similarity index 100%
rename from frontend-js/testFiles/apiCalls/projects/empty/overlays/token=MOCK_TOKEN_ID&
rename to frontend-js/testFiles/apiCalls/projects/empty/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
diff --git a/frontend-js/testFiles/apiCalls/projects/sample/overlays/token=MOCK_TOKEN_ID& b/frontend-js/testFiles/apiCalls/projects/sample/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
similarity index 100%
rename from frontend-js/testFiles/apiCalls/projects/sample/overlays/token=MOCK_TOKEN_ID&
rename to frontend-js/testFiles/apiCalls/projects/sample/overlays/creator=anonymous&publicOverlay=false&token=MOCK_TOKEN_ID&
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayController.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayController.java
index c2ac91b71fa855a848b67eec50bea82bed307d85..5fdd11869da2bbde31f78499b87c2f1656c58e1a 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayController.java
@@ -41,9 +41,11 @@ public class OverlayController extends BaseController {
@RequestMapping(value = "/projects/{projectId}/overlays/", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
public List<LayoutView> getOverlayList(//
@CookieValue(value = Configuration.AUTH_TOKEN) String token, //
- @PathVariable(value = "projectId") String projectId //
+ @PathVariable(value = "projectId") String projectId, //
+ @RequestParam(value = "creator", defaultValue = "") String creator, //
+ @RequestParam(value = "publicOverlay", defaultValue = "") String publicOverlay //
) throws SecurityException, QueryException {
- return overlayRestImp.getOverlayList(token, projectId);
+ return overlayRestImp.getOverlayList(token, projectId, creator, publicOverlay);
}
@RequestMapping(value = "/projects/{projectId}/overlays/{overlayId}/", method = { RequestMethod.GET }, produces = { MediaType.APPLICATION_JSON_VALUE })
diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayRestImpl.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayRestImpl.java
index aaa01d3ccd8f745d25d4dfaf0106133e7db8842c..b6bc43c0baca458297d1b6eccbf307a531fbb0c3 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayRestImpl.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/overlays/OverlayRestImpl.java
@@ -51,13 +51,24 @@ public class OverlayRestImpl extends BaseRestImpl {
@Autowired
private LayoutDao layoutDao;
- public List<LayoutView> getOverlayList(String token, String projectId) throws SecurityException, QueryException {
+ public List<LayoutView> getOverlayList(String token, String projectId, String creatorLogin, String publicOverlay) throws SecurityException, QueryException {
AuthenticationToken authenticationToken = getUserService().getToken(token);
Model model = getModelService().getLastModelByProjectId(projectId, authenticationToken);
if (model == null) {
- throw new QueryException("Project with given id doesn't exist");
+ throw new ObjectNotFoundException("Project with given id doesn't exist");
+ }
+ User creator = null;
+ if (creatorLogin != null && !creatorLogin.isEmpty()) {
+ creator = getUserService().getUserByLogin(creatorLogin);
+ if (creator == null) {
+ throw new ObjectNotFoundException("User with given id doesn't exist: " + creatorLogin);
+ }
+ }
+ Boolean publicData = null;
+ if (publicOverlay != null && !publicOverlay.isEmpty()) {
+ publicData = publicOverlay.equalsIgnoreCase("true");
}
- return layoutService.getCustomLayouts(model, token);
+ return layoutService.getCustomLayouts(model, token, publicData, creator);
}
/**
diff --git a/service/src/main/java/lcsb/mapviewer/services/impl/LayoutService.java b/service/src/main/java/lcsb/mapviewer/services/impl/LayoutService.java
index d59ddfb6dce2be3d1ffebc15e10e1ebd427a7439..a53089ee5c1c49a60528b6a6ec27d873367ebc02 100644
--- a/service/src/main/java/lcsb/mapviewer/services/impl/LayoutService.java
+++ b/service/src/main/java/lcsb/mapviewer/services/impl/LayoutService.java
@@ -170,14 +170,27 @@ public class LayoutService implements ILayoutService {
}
@Override
- public List<LayoutView> getCustomLayouts(Model model, User user) {
- List<LayoutView> result = new ArrayList<LayoutView>();
+ public List<LayoutView> getCustomLayouts(Model model, User user, Boolean publicOverlay, User creator) {
+ List<LayoutView> result = new ArrayList<>();
if (model == null || user == null) {
return result;
}
List<Layout> layouts = layoutDao.getLayoutsByModel(model);
for (Layout layout : layouts) {
- if (!layout.isPublicLayout() && layout.getCreator() != null) {
+ boolean toAdd = true;
+ if (creator != null) {
+ if (layout.getCreator() == null) {
+ toAdd = false;
+ } else if (!layout.getCreator().getId().equals(creator.getId())) {
+ toAdd = false;
+ }
+ }
+ if (publicOverlay != null) {
+ if (!publicOverlay.equals(layout.isPublicLayout())) {
+ toAdd = false;
+ }
+ }
+ if (toAdd) {
if (userCanViewOverlay(layout, user)) {
result.add(layoutViewFactory.create(layout));
}
@@ -1034,8 +1047,8 @@ public class LayoutService implements ILayoutService {
}
@Override
- public List<LayoutView> getCustomLayouts(Model model, String token) throws SecurityException {
- return this.getCustomLayouts(model, userService.getUserByToken(token));
+ public List<LayoutView> getCustomLayouts(Model model, String token, Boolean publicOverlay, User creator) throws SecurityException {
+ return this.getCustomLayouts(model, userService.getUserByToken(token), publicOverlay, creator);
}
@Override
diff --git a/service/src/main/java/lcsb/mapviewer/services/impl/ModelService.java b/service/src/main/java/lcsb/mapviewer/services/impl/ModelService.java
index b419e81a7e085027f9f1e1f09fb0aed89b22ebe6..4d7a63ac461d334231ef3677596db8e68046ae0e 100644
--- a/service/src/main/java/lcsb/mapviewer/services/impl/ModelService.java
+++ b/service/src/main/java/lcsb/mapviewer/services/impl/ModelService.java
@@ -380,9 +380,9 @@ public class ModelService implements IModelService {
public ModelView getModelView(Model model, User user) {
ModelView result = modelViewFactory.create(model);
if (user != null) {
- result.setCustomLayouts(layoutService.getCustomLayouts(model, user));
+ result.setCustomLayouts(layoutService.getCustomLayouts(model, user, true, user));
for (ModelView view : result.getSubmodels()) {
- view.setCustomLayouts(layoutService.getCustomLayouts(model.getSubmodelById(view.getIdObject()), user));
+ view.setCustomLayouts(layoutService.getCustomLayouts(model.getSubmodelById(view.getIdObject()), user, true, user));
}
}
return result;
diff --git a/service/src/main/java/lcsb/mapviewer/services/impl/UserService.java b/service/src/main/java/lcsb/mapviewer/services/impl/UserService.java
index 25fa736447967dcb84d4d2f063ccdb70fe10b25a..bf663ae19f13ded13a04fc934679110cc58af457 100644
--- a/service/src/main/java/lcsb/mapviewer/services/impl/UserService.java
+++ b/service/src/main/java/lcsb/mapviewer/services/impl/UserService.java
@@ -568,4 +568,17 @@ public class UserService implements IUserService {
public boolean userHasPrivilege(AuthenticationToken token, PrivilegeType type) {
return userHasPrivilege(getUserByToken(token), type);
}
+
+ @Override
+ public User getUserById(String creatorId, AuthenticationToken authenticationToken) throws SecurityException {
+ User user = getUserByToken(authenticationToken);
+ Integer id = Integer.parseInt(creatorId);
+ if (user.getId().equals(id)) {
+ return user;
+ } else if (userHasPrivilege(authenticationToken, PrivilegeType.USER_MANAGEMENT)) {
+ return getUserById(id);
+ } else {
+ throw new SecurityException("You cannot access data of other users");
+ }
+ }
}
diff --git a/service/src/main/java/lcsb/mapviewer/services/interfaces/ILayoutService.java b/service/src/main/java/lcsb/mapviewer/services/interfaces/ILayoutService.java
index cec9c0ac8c19ff86c1892ca31d24366196f28801..35e662b9231100f39736c4fb8f3d0b55a772d8a5 100644
--- a/service/src/main/java/lcsb/mapviewer/services/interfaces/ILayoutService.java
+++ b/service/src/main/java/lcsb/mapviewer/services/interfaces/ILayoutService.java
@@ -320,7 +320,7 @@ public interface ILayoutService {
* user who asks for the layouts
* @return list of custom layouts
*/
- List<LayoutView> getCustomLayouts(Model model, User user);
+ List<LayoutView> getCustomLayouts(Model model, User user, Boolean publicOverlay, User creator);
/**
* Returns list of general publically available layouts.
@@ -521,7 +521,7 @@ public interface ILayoutService {
*/
void setEmailSender(EmailSender emailSender);
- List<LayoutView> getCustomLayouts(Model model, String token) throws SecurityException;
+ List<LayoutView> getCustomLayouts(Model model, String token, Boolean publicOverlay, User creator) throws SecurityException;
LayoutView getLayoutById(Model model, int overlayId, AuthenticationToken token) throws SecurityException;
diff --git a/service/src/main/java/lcsb/mapviewer/services/interfaces/IUserService.java b/service/src/main/java/lcsb/mapviewer/services/interfaces/IUserService.java
index bc59fb9104b9321272dececad18ec75e053a8afc..ad4c6dd627f37f7dc1e86b21efdad2be1f78c4e5 100644
--- a/service/src/main/java/lcsb/mapviewer/services/interfaces/IUserService.java
+++ b/service/src/main/java/lcsb/mapviewer/services/interfaces/IUserService.java
@@ -254,4 +254,6 @@ public interface IUserService {
void logout(AuthenticationToken token);
boolean userHasPrivilege(AuthenticationToken token, PrivilegeType addMap);
+
+ User getUserById(String creatorId, AuthenticationToken authenticationToken) throws SecurityException;
}
diff --git a/service/src/test/java/lcsb/mapviewer/services/impl/LayoutServiceTest.java b/service/src/test/java/lcsb/mapviewer/services/impl/LayoutServiceTest.java
index 4978e489de6b27bc3171b316d103588a0ec26fe5..29acf5879ae1750375512eefc988ffbf2453f572 100644
--- a/service/src/test/java/lcsb/mapviewer/services/impl/LayoutServiceTest.java
+++ b/service/src/test/java/lcsb/mapviewer/services/impl/LayoutServiceTest.java
@@ -192,7 +192,7 @@ public class LayoutServiceTest extends ServiceTestFunctions {
@Test
public void testGetCustomLayouts() throws Exception {
try {
- List<LayoutView> layouts = layoutService.getCustomLayouts(model, user);
+ List<LayoutView> layouts = layoutService.getCustomLayouts(model, user, true, user);
assertNotNull(layouts);
assertEquals(0, layouts.size());
@@ -208,24 +208,24 @@ public class LayoutServiceTest extends ServiceTestFunctions {
assertNotNull(row);
assertNotNull(row.getIdObject());
- layouts = layoutService.getCustomLayouts(model, user);
+ layouts = layoutService.getCustomLayouts(model, user, true, user);
assertEquals(1, layouts.size());
- layouts = layoutService.getCustomLayouts(model, user2);
+ layouts = layoutService.getCustomLayouts(model, user2, true, user2);
assertEquals(0, layouts.size());
layoutService.addViewPrivilegeToLayout(row, user2);
- layouts = layoutService.getCustomLayouts(model, user2);
+ layouts = layoutService.getCustomLayouts(model, user2, true, user2);
assertEquals(1, layouts.size());
layoutService.dropViewPrivilegeFromLayout(row, user2);
- layouts = layoutService.getCustomLayouts(model, user2);
+ layouts = layoutService.getCustomLayouts(model, user2, true, user2);
assertEquals(0, layouts.size());
// null user shouldn't have acces to custom layouts
- layouts = layoutService.getCustomLayouts(model, (User) null);
+ layouts = layoutService.getCustomLayouts(model, (User) null, true, null);
assertEquals(0, layouts.size());
layoutService.removeLayout(row, null);
@@ -265,7 +265,7 @@ public class LayoutServiceTest extends ServiceTestFunctions {
@Test
public void testUpdateLayout() throws Exception {
try {
- List<LayoutView> layouts = layoutService.getCustomLayouts(model, user);
+ List<LayoutView> layouts = layoutService.getCustomLayouts(model, user, true, user);
assertNotNull(layouts);
assertEquals(0, layouts.size());
@@ -278,7 +278,7 @@ public class LayoutServiceTest extends ServiceTestFunctions {
user(user);
LayoutView row = layoutService.createLayout(params);
- layouts = layoutService.getCustomLayouts(model, user);
+ layouts = layoutService.getCustomLayouts(model, user, true, user);
assertEquals(1, layouts.size());
assertEquals("Test", layouts.get(0).getName());
@@ -286,7 +286,7 @@ public class LayoutServiceTest extends ServiceTestFunctions {
layoutService.updateLayout(row);
- layouts = layoutService.getCustomLayouts(model, user);
+ layouts = layoutService.getCustomLayouts(model, user, true, user);
assertEquals(1, layouts.size());
assertEquals("New name", layouts.get(0).getName());
@@ -301,7 +301,7 @@ public class LayoutServiceTest extends ServiceTestFunctions {
@Test(timeout = 15000)
public void testCreateAsyncLayout() throws Exception {
try {
- List<LayoutView> layouts = layoutService.getCustomLayouts(model, user);
+ List<LayoutView> layouts = layoutService.getCustomLayouts(model, user, true, user);
assertNotNull(layouts);
assertEquals(0, layouts.size());
@@ -325,7 +325,7 @@ public class LayoutServiceTest extends ServiceTestFunctions {
layoutDao.refresh(layoutDb);
} while (layoutDb.getStatus() != LayoutStatus.OK);
- layouts = layoutService.getCustomLayouts(model, user);
+ layouts = layoutService.getCustomLayouts(model, user, true, user);
assertEquals(1, layouts.size());
long logCounter2 = logDao.getCount();
@@ -403,7 +403,7 @@ public class LayoutServiceTest extends ServiceTestFunctions {
@Test
public void testInputDataInLayout() throws Exception {
try {
- List<LayoutView> layouts = layoutService.getCustomLayouts(model, user);
+ List<LayoutView> layouts = layoutService.getCustomLayouts(model, user, true, user);
assertNotNull(layouts);
assertEquals(0, layouts.size());
@@ -438,7 +438,7 @@ public class LayoutServiceTest extends ServiceTestFunctions {
@Test
public void testGetLayoutAliases() throws Exception {
try {
- List<LayoutView> layouts = layoutService.getCustomLayouts(model, user);
+ List<LayoutView> layouts = layoutService.getCustomLayouts(model, user, true, user);
assertNotNull(layouts);
assertEquals(0, layouts.size());
diff --git a/web/src/main/java/lcsb/mapviewer/bean/LayoutBean.java b/web/src/main/java/lcsb/mapviewer/bean/LayoutBean.java
index 6ade0bf8dc1dc09f81a145239813fff3a5d3acf9..2c866c388497b506597d22ffce6ceeb5519128c1 100644
--- a/web/src/main/java/lcsb/mapviewer/bean/LayoutBean.java
+++ b/web/src/main/java/lcsb/mapviewer/bean/LayoutBean.java
@@ -255,7 +255,7 @@ public class LayoutBean extends AbstractManagedBean implements Serializable {
public void refreshCustomLayouts(final ActionEvent actionEvent) {
User user = userBean.getLoggedUser();
Model model = getCurrentTopModel();
- customLayouts = layoutService.getCustomLayouts(model, user);
+ customLayouts = layoutService.getCustomLayouts(model, user, true, user);
generalLayouts = layoutService.getGeneralLayouts(model);
}
diff --git a/web/src/test/java/lcsb/mapviewer/bean/LayoutBeanTest.java b/web/src/test/java/lcsb/mapviewer/bean/LayoutBeanTest.java
index cd7db2f4b97adbe945e189b519eb9ee4d1afa1db..d6295ff11d0abc3dbb42f1a13ede34cbee078f7b 100644
--- a/web/src/test/java/lcsb/mapviewer/bean/LayoutBeanTest.java
+++ b/web/src/test/java/lcsb/mapviewer/bean/LayoutBeanTest.java
@@ -183,7 +183,7 @@ public class LayoutBeanTest extends WebTestFunctions {
layoutBean.addLayout(null);
// wait until layout is generated
- Integer id = Integer.valueOf(layoutService.getCustomLayouts(model, user).get(0).getIdObject());
+ Integer id = Integer.valueOf(layoutService.getCustomLayouts(model, user, true, user).get(0).getIdObject());
Layout l = layoutDao.getById(id);
do {
Thread.sleep(200);