Commit 1658eedd authored by Matija Obreza's avatar Matija Obreza

Updated Subsets API and ACL

parent 503eda63
......@@ -32,6 +32,7 @@ import javax.persistence.PrePersist;
import javax.persistence.PreUpdate;
import javax.persistence.Table;
import org.genesys.blocks.model.JsonViews;
import org.genesys.blocks.model.SelfCleaning;
import org.genesys.blocks.model.UuidModel;
import org.genesys.blocks.security.model.AclAwareModel;
......@@ -41,6 +42,7 @@ import org.hibernate.annotations.Type;
import com.fasterxml.jackson.annotation.JsonIdentityReference;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonView;
// TODO: Auto-generated Javadoc
/**
......@@ -82,8 +84,7 @@ public class Subset extends UuidModel implements AclAwareModel, SelfCleaning {
/** The institute. */
@ManyToOne(cascade = {}, optional = false)
@JoinColumn(name = "institute_id", updatable = false)
// @JsonView({ JsonViews.Public.class })
@JsonIgnore
@JsonView({ JsonViews.Public.class })
private FaoInstitute institute;
/** The accessions. */
......
......@@ -23,12 +23,12 @@ import java.util.UUID;
import java.util.stream.Collectors;
import org.genesys.catalog.exceptions.InvalidApiUsageException;
import org.genesys.catalog.model.Partner;
import org.genesys2.server.exception.NotFoundElement;
import org.genesys2.server.model.PublishState;
import org.genesys2.server.model.UserRole;
import org.genesys2.server.model.genesys.AccessionData;
import org.genesys2.server.model.genesys.AccessionId;
import org.genesys2.server.model.impl.FaoInstitute;
import org.genesys2.server.model.impl.QSubset;
import org.genesys2.server.model.impl.Subset;
import org.genesys2.server.persistence.AccessionRepository;
......@@ -92,15 +92,15 @@ public class SubsetServiceImpl implements SubsetService {
@Override
@PreAuthorize("hasRole('ADMINISTRATOR') or isAuthenticated()")
public Page<Subset> listSubsetsForCurrentUser(SubsetFilter filter, Pageable page) {
Pageable markdownSortPageRequest = JPAUtils.toMarkdownSort(page, "title");
if (securityUtils.hasRole(UserRole.ADMINISTRATOR)) {
Pageable markdownSortPageRequest = JPAUtils.toMarkdownSort(page, "title");
Page res = subsetRepository.findAll(filter.buildQuery(), markdownSortPageRequest);
return new PageImpl<Subset>(res.getContent(), page, res.getTotalElements());
Page<Subset> res = subsetRepository.findAll(filter.buildQuery(), markdownSortPageRequest);
return new PageImpl<>(res.getContent(), page, res.getTotalElements());
} else {
final HashSet<Long> partners = new HashSet<>(securityUtils.listObjectIdentityIdsForCurrentUser(Partner.class, BasePermission.WRITE));
Pageable markdownSortPageRequest = JPAUtils.toMarkdownSort(page, "title");
Page res = subsetRepository.findAll(QSubset.subset.createdBy.in(partners).and(filter.buildQuery()), markdownSortPageRequest);
return new PageImpl<Subset>(res.getContent(), page, res.getTotalElements());
final HashSet<Long> instituteIds = new HashSet<>(securityUtils.listObjectIdentityIdsForCurrentUser(FaoInstitute.class, BasePermission.WRITE));
Page<Subset> res = subsetRepository.findAll(QSubset.subset.institute.id.in(instituteIds).and(filter.buildQuery()), markdownSortPageRequest);
return new PageImpl<>(res.getContent(), page, res.getTotalElements());
}
}
......
......@@ -184,6 +184,7 @@ public class SubsetRestControllerTest extends AbstractApiTest {
storedSubset.getAccessionIds().add(accessionId);
assertThat(storedSubset.getAccessionIds().size(), is(1));
storedSubset.getInstitute().setSettings(null);
final String s = verboseMapper.writeValueAsString(storedSubset);
/*@formatter:off*/
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment