Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Metadata template field security #57

Open
wants to merge 1 commit into
base: metadata-field-security
Choose a base branch
from
Open

Metadata template field security #57

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 9 additions & 24 deletions src/main/java/ca/corefacility/bioinformatics/irida/ria/web/linelist/LineListController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ public List<UISampleMetadata> getProjectSamplesMetadataEntries(@RequestParam lon
List<Long> lockedSamplesInProject = sampleService.getLockedSamplesInProject(project);

List<MetadataTemplateField> metadataTemplateFields = metadataTemplateService.getPermittedFieldsForCurrentUser(
project);
project, true);

Map<Long, Set<MetadataEntry>> metadataForProject;

Expand Down Expand Up @@ -238,11 +238,13 @@ private List<AgGridColumn> formatTemplateForUI(MetadataTemplate template, List<A
4. Create an AgGridColumn for the field and add it to the template.
*/
for (MetadataTemplateField field : template.getFields()) {
int index = allFieldsLabels.indexOf(field.getFieldKey());
allFieldsAgGridColumns.remove(index);
allFieldsLabels.remove(index);
// Need to add parameter for if they have permissions to edit.
templateAgGridColumns.add(mapFieldToColumn(field, canEdit));
if(allFieldsLabels.contains(field.getFieldKey())) {
int index = allFieldsLabels.indexOf(field.getFieldKey());
allFieldsAgGridColumns.remove(index);
allFieldsLabels.remove(index);
// Need to add parameter for if they have permissions to edit.
templateAgGridColumns.add(mapFieldToColumn(field, canEdit));
}
}

// Add the "icon" to the template columns
Expand Down Expand Up @@ -325,14 +327,11 @@ public List<AgGridColumn> getProjectMetadataTemplateFields(@RequestParam long pr
Project project = projectService.read(projectId);

List<MetadataTemplateField> permittedFieldsForCurrentUser = metadataTemplateService.getPermittedFieldsForCurrentUser(
project);
project, true);

Set<MetadataTemplateField> fieldSet = permittedFieldsForCurrentUser.stream()
.collect(Collectors.toSet());

// Need to get all the fields from the templates too!
List<ProjectMetadataTemplateJoin> templateJoins = metadataTemplateService.getMetadataTemplatesForProject(
project);

/*
IGNORED TEMPLATE FIELDS:
Expand All @@ -343,20 +342,6 @@ public List<AgGridColumn> getProjectMetadataTemplateFields(@RequestParam long pr
*/
List<StaticMetadataTemplateField> staticMetadataFields = metadataTemplateService.getStaticMetadataFields();

//TODO: fields in templates here will be added to the fields list even if a user isn't permitted to read them. Needs refactored
/*
Get all unique fields from the templates.
*/
for (ProjectMetadataTemplateJoin join : templateJoins) {
MetadataTemplate template = join.getObject();
List<MetadataTemplateField> templateFields = template.getFields();
for (MetadataTemplateField field : templateFields) {
if (!staticMetadataFields.contains(field)) {
fieldSet.add(field);
}
}
}

List<AgGridColumn> fields = fieldSet.stream()
.map(f -> new UIMetadataField(f, false, true))
.sorted((f1, f2) -> f1.getHeaderName()
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/ca/corefacility/bioinformatics/irida/ria/web/services/UIMetadataService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ public String deleteMetadataTemplate(Long templateId, Long projectId, Locale loc
*/
public List<ProjectMetadataField> getMetadataFieldsForProject(Long projectId) {
Project project = projectService.read(projectId);
List<MetadataTemplateField> fields = templateService.getPermittedFieldsForCurrentUser(project);
List<MetadataTemplateField> fields = templateService.getPermittedFieldsForCurrentUser(project, true);
return addRestrictionsToMetadataFields(project, fields);
}

Expand Down
23 changes: 20 additions & 3 deletions ...ca/corefacility/bioinformatics/irida/service/impl/sample/MetadataTemplateServiceImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -239,10 +239,25 @@ public MetadataRestriction setMetadataRestriction(Project project, MetadataTempl
*/
@PreAuthorize("hasPermission(#project, 'isProjectOwner')")
@Override
public List<MetadataTemplateField> getPermittedFieldsForRole(Project project, ProjectRole role) {
public List<MetadataTemplateField> getPermittedFieldsForRole(Project project, ProjectRole role,
boolean includeTemplateFields) {
//get all fields for the project
List<MetadataTemplateField> metadataFieldsForProject = fieldRepository.getMetadataFieldsForProject(project);

if (includeTemplateFields) {
//add all the metadata template fields to the list of fields to restrict
List<ProjectMetadataTemplateJoin> templatesForProject = getMetadataTemplatesForProject(project);
for (ProjectMetadataTemplateJoin join : templatesForProject) {
MetadataTemplate template = join.getObject();
List<MetadataTemplateField> templateFields = template.getFields();
for (MetadataTemplateField field : templateFields) {
if (!metadataFieldsForProject.contains(field)) {
metadataFieldsForProject.add(field);
}
}
}
}

//get all restrictions for the project
List<MetadataRestriction> restrictionForProject = metadataRestrictionRepository.getRestrictionForProject(
project);
Expand Down Expand Up @@ -282,7 +297,8 @@ public List<MetadataTemplateField> getPermittedFieldsForRole(Project project, Pr
*/
@PreAuthorize("hasPermission(#project, 'canReadProject')")
@Override
public List<MetadataTemplateField> getPermittedFieldsForCurrentUser(Project project) {
public List<MetadataTemplateField> getPermittedFieldsForCurrentUser(Project project,
boolean includeTemplateFields) {
final UserDetails loggedInDetails = (UserDetails) SecurityContextHolder.getContext()
.getAuthentication()
.getPrincipal();
Expand All @@ -300,7 +316,8 @@ public List<MetadataTemplateField> getPermittedFieldsForCurrentUser(Project proj
projectRole = projectJoinForUser.getProjectRole();
}

List<MetadataTemplateField> permittedFieldsForRole = getPermittedFieldsForRole(project, projectRole);
List<MetadataTemplateField> permittedFieldsForRole = getPermittedFieldsForRole(project, projectRole,
includeTemplateFields);

return permittedFieldsForRole;
}
Expand Down
13 changes: 8 additions & 5 deletions ...ain/java/ca/corefacility/bioinformatics/irida/service/sample/MetadataTemplateService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,17 +146,20 @@ public interface MetadataTemplateService extends CRUDService<Long, MetadataTempl
/**
* Get all {@link MetadataTemplateField} that are permitted to be read by a given {@link ProjectRole}
*
* @param project the {@link Project} to get fields for
* @param role the {@link ProjectRole} to request
* @param project the {@link Project} to get fields for
* @param role the {@link ProjectRole} to request
* @param includeTemplateFields whether to include metadata template fields in the allowed fields
* @return the {@link MetadataTemplateField} the given role can read
*/
public List<MetadataTemplateField> getPermittedFieldsForRole(Project project, ProjectRole role);
public List<MetadataTemplateField> getPermittedFieldsForRole(Project project, ProjectRole role,
boolean includeTemplateFields);

/**
* Get all {@link MetadataTemplateField} that the currently logged in user is allowed to read
*
* @param project the {@link Project} to request fields from
* @param project the {@link Project} to request fields from
* @param includeTemplateFields whether to include metadata template fields in the allowed fields
* @return a list of {@link MetadataTemplateField} collecting the allowed {@link MetadataTemplateField}
*/
public List<MetadataTemplateField> getPermittedFieldsForCurrentUser(Project project);
public List<MetadataTemplateField> getPermittedFieldsForCurrentUser(Project project, boolean includeTemplateFields);
}
2 changes: 1 addition & 1 deletion ...acility/bioinformatics/irida/web/controller/api/samples/RESTSampleMetadataController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ public ModelMap getProjectSampleMetadata(final @PathVariable Long projectId) {
Project project = projectService.read(projectId);

List<MetadataTemplateField> metadataTemplateFields = metadataTemplateService.getPermittedFieldsForCurrentUser(
project);
project, true);

List<Sample> samples = sampleService.getSamplesForProjectShallow(project);
ProjectMetadataResponse metadataResponse = sampleService.getMetadataForProject(project,
Expand Down
4 changes: 2 additions & 2 deletions src/test/java/ca/corefacility/bioinformatics/irida/ria/unit/web/LineListControllerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ public void testGetProjectMetadataTemplateFields() {
long projectId = 1L;
lineListController.getProjectMetadataTemplateFields(projectId, Locale.ENGLISH);
verify(projectService, times(1)).read(projectId);
verify(metadataTemplateService, times(1)).getPermittedFieldsForCurrentUser(any(Project.class));
verify(metadataTemplateService, times(1)).getPermittedFieldsForCurrentUser(any(Project.class), true);
}

@Test
Expand All @@ -77,7 +77,7 @@ public void testGetAllProjectMetadataEntries() {
when(projectService.read(projectId)).thenReturn(project);
when(sampleService.getMetadataForProject(project, fieldList)).thenReturn(new ProjectMetadataResponse(project,metadata));
when(sampleService.getSamplesForProjectShallow(project)).thenReturn(Lists.newArrayList(s1, s2));
when(metadataTemplateService.getPermittedFieldsForCurrentUser(project)).thenReturn(fieldList);
when(metadataTemplateService.getPermittedFieldsForCurrentUser(project, true)).thenReturn(fieldList);
List<UISampleMetadata> projectSamplesMetadataEntries = lineListController.getProjectSamplesMetadataEntries(
projectId);

Expand Down
2 changes: 1 addition & 1 deletion ...orefacility/bioinformatics/irida/service/impl/integration/sample/SampleServiceImplIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -484,7 +484,7 @@ public void testGetPartialMetadataAsUser() {
Project project = projectService.read(1L);

List<MetadataTemplateField> permittedFieldsForCurrentUser = metadataTemplateService.getPermittedFieldsForCurrentUser(
project);
project, true);

ProjectMetadataResponse metadataForProject = sampleService.getMetadataForProject(project,
permittedFieldsForCurrentUser);
Expand Down
2 changes: 1 addition & 1 deletion ...oinformatics/irida/web/controller/test/unit/samples/RESTSampleMetadataControllerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ public void testReadProjectSampleMetadata() {

when(projectService.read(p1.getId())).thenReturn(p1);
when(sampleService.getSamplesForProjectShallow(p1)).thenReturn(Lists.newArrayList(s1, s2));
when(metadataTemplateService.getPermittedFieldsForCurrentUser(p1)).thenReturn(fieldList);
when(metadataTemplateService.getPermittedFieldsForCurrentUser(p1, true)).thenReturn(fieldList);
when(sampleService.getMetadataForProject(p1, fieldList)).thenReturn(new ProjectMetadataResponse(p1,metadata));

ModelMap modelMap = metadataController.getProjectSampleMetadata(p1.getId());
Expand Down