Update of user accession lists

1dc84979 · Matija Obreza · c64295a1 · 1dc84979 · 1dc84979 · 1dc84979
Commit 1dc84979 authored Nov 24, 2014 by Matija Obreza
--- a/src/main/java/org/genesys2/server/model/impl/UserAccessionList.java
+++ b/src/main/java/org/genesys2/server/model/impl/UserAccessionList.java
 package org.genesys2.server.model.impl;

+import java.io.Serializable;
 import java.util.HashSet;
 import java.util.Set;

@@ -82,7 +83,8 @@ public class UserAccessionList extends VersionedAuditedModel implements AclAware
 		}
 	}

-	public static class UserAccessionList_ {
+	public static class UserAccessionList_ implements Serializable {
+		private static final long serialVersionUID = -2092185410372557368L;
 		public long id;
 		public String title;
 		public String description;
@@ -94,5 +96,17 @@ public class UserAccessionList extends VersionedAuditedModel implements AclAware
 			ul.description = ual.getDescription();
 			return ul;
 		}
+
+		public String getTitle() {
+			return title;
+		}
+
+		public String getDescription() {
+			return description;
+		}
+
+		public long getId() {
+			return id;
+		}
 	}
 }
--- a/src/main/java/org/genesys2/server/persistence/domain/UserAccessionListRepository.java
+++ b/src/main/java/org/genesys2/server/persistence/domain/UserAccessionListRepository.java
 package org.genesys2.server.persistence.domain;

+import java.util.List;
+
 import org.genesys2.server.model.impl.UserAccessionList;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;

 public interface UserAccessionListRepository extends JpaRepository<UserAccessionList, Long> {

+	@Query("from UserAccessionList ual where ual.createdBy=?1")
+	List<UserAccessionList> listByOwner(Long userId);
+
 }
--- a/src/main/java/org/genesys2/server/service/UserAccessionListService.java
+++ b/src/main/java/org/genesys2/server/service/UserAccessionListService.java
@@ -6,11 +6,13 @@ import org.genesys2.server.model.impl.UserAccessionList;

 public interface UserAccessionListService {

-	UserAccessionList getUserAccesionListById(Long id);
+	UserAccessionList getList(Long id);

 	void save(UserAccessionList userAccessionList);

 	List<UserAccessionList> getAll();

 	void delete(UserAccessionList userAccessionList);
+
+	List<UserAccessionList> getMyLists();
 }
--- a/src/main/java/org/genesys2/server/service/impl/UserAccessionListServiceImpl.java
+++ b/src/main/java/org/genesys2/server/service/impl/UserAccessionListServiceImpl.java
@@ -4,10 +4,14 @@ import java.util.List;

 import javax.transaction.Transactional;

+import org.genesys2.server.model.impl.User;
 import org.genesys2.server.model.impl.UserAccessionList;
 import org.genesys2.server.persistence.domain.UserAccessionListRepository;
 import org.genesys2.server.service.UserAccessionListService;
+import org.genesys2.spring.SecurityContextUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PostAuthorize;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Service;

 @Service
@@ -18,21 +22,32 @@ public class UserAccessionListServiceImpl implements UserAccessionListService {
 	UserAccessionListRepository userAccessionListRepository;

 	@Override
-	public UserAccessionList getUserAccesionListById(Long id) {
+	@PostAuthorize("hasRole('ADMINISTRATOR') or hasPermission(returnObject, 'READ')")
+	public UserAccessionList getList(Long id) {
 		return userAccessionListRepository.findOne(id);
 	}

 	@Override
+	@PreAuthorize("isAuthenticated() and (#userAccessionList.id==null or hasRole('ADMINISTRATOR') or hasPermission(#userAccessionList, 'WRITE'))")
 	public void save(UserAccessionList userAccessionList) {
 		userAccessionListRepository.save(userAccessionList);
 	}

 	@Override
+	@PreAuthorize("hasRole('ADMINISTRATOR')")
 	public List<UserAccessionList> getAll() {
 		return userAccessionListRepository.findAll();
 	}

 	@Override
+	@PreAuthorize("isAuthenticated()")
+	public List<UserAccessionList> getMyLists() {
+		final User user = SecurityContextUtil.getCurrentUser();
+		return userAccessionListRepository.listByOwner(user.getId());
+	}
+
+	@Override
+	@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(returnObject, 'DELETE')")
 	public void delete(UserAccessionList userAccessionList) {
 		userAccessionListRepository.delete(userAccessionList);
 	}

--- a/src/main/java/org/genesys2/server/servlet/controller/SelectionBean.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/SelectionBean.java
@@ -67,9 +67,9 @@ public class SelectionBean implements Serializable {
 	}

 	public void setUserAccessionList(UserAccessionList_ userAccessionList) {
-		this.userAccessionList=userAccessionList;
+		this.userAccessionList = userAccessionList;
 	}
-	
+
 	public UserAccessionList_ getUserAccessionList() {
 		return userAccessionList;
 	}

--- a/src/main/java/org/genesys2/server/servlet/controller/SelectionController.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/SelectionController.java
@@ -41,6 +41,7 @@ import org.springframework.data.domain.PageRequest;
 import org.springframework.data.domain.Sort;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
@@ -75,31 +76,31 @@ public class SelectionController extends BaseController {
 		model.addAttribute("pagedData", genesysService.listAccessions(selectionBean.copy(), new PageRequest(page - 1, 50, new Sort("accessionName"))));
 		model.addAttribute("selection", selectionBean);

-		if (SecurityContextHolder.getContext().getAuthentication().isAuthenticated())
-			model.addAttribute("userAccessionLists", userAccessionListService.getAll());
-
+		// Add userAccessionLists when authenticated
+		try {
+			if (!(SecurityContextHolder.getContext().getAuthentication() instanceof AnonymousAuthenticationToken))
+				model.addAttribute("userAccessionLists", userAccessionListService.getMyLists());
+		} catch (Throwable e) {
+			_logger.error(e.getMessage(), e);
+		}
 		return "/selection/index";
 	}

-	@RequestMapping(value = "/", params = { "listId" })
+	@RequestMapping(value = "/load", params = { "listId" })
 	@PreAuthorize("isAuthenticated()")
 	public String view(ModelMap model, @RequestParam(value = "page", required = false, defaultValue = "1") int page,
 			@RequestParam(value = "listId", defaultValue = "0") long listid) {

 		if (listid != 0) {
-			UserAccessionList userAccessionList = userAccessionListService.getUserAccesionListById(listid);
+			UserAccessionList userAccessionList = userAccessionListService.getList(listid);
 			selectionBean.clear();
 			for (Long accessionId : userAccessionList.getAccessionIds()) {
 				selectionBean.add(accessionId);
 			}
 			selectionBean.setUserAccessionList(UserAccessionList.UserAccessionList_.from(userAccessionList));
 		}
-		model.addAttribute("pagedData", genesysService.listAccessions(selectionBean.copy(), new PageRequest(page - 1, 50, new Sort("accessionName"))));
-		model.addAttribute("selection", selectionBean);

-		model.addAttribute("userAccessionLists", userAccessionListService.getAll());
-
-		return "/selection/index";
+		return "redirect:/sel/";
 	}

 	@RequestMapping(value = "/map")
@@ -274,31 +275,46 @@ public class SelectionController extends BaseController {

 	@RequestMapping(value = "/userList", params = { "save" }, method = RequestMethod.POST)
 	@PreAuthorize("isAuthenticated()")
-	public String saveAccessionList(@RequestParam(value = "listId", defaultValue = "0") long listId,
+	public String saveAccessionList(@RequestParam(value = "page", required = false, defaultValue = "1") int page, @RequestParam String title,
+			@RequestParam String description, ModelMap model) {
+
+		UserAccessionList userAccessionList = new UserAccessionList();
+
+		return saveOrUpdateList(page, title, description, model, userAccessionList);
+	}
+
+	@RequestMapping(value = "/userList", params = { "update", "listId" }, method = RequestMethod.POST)
+	@PreAuthorize("isAuthenticated()")
+	public String updateAccessionList(@RequestParam(value = "listId") long listId,
 			@RequestParam(value = "page", required = false, defaultValue = "1") int page, @RequestParam String title, @RequestParam String description,
-			Model model) {
-		UserAccessionList userAccessionList = null;
+			ModelMap model) {

-		if (listId != 0) {
-			userAccessionList = userAccessionListService.getUserAccesionListById(listId);
-		}
-		if (userAccessionList == null) {
-			userAccessionList = new UserAccessionList();
-		}
+		UserAccessionList userAccessionList = userAccessionListService.getList(listId);
+
+		return saveOrUpdateList(page, title, description, model, userAccessionList);
+	}

+	/**
+	 * Update selected list and load relevant data
+	 * 
+	 * @param page
+	 * @param title
+	 * @param description
+	 * @param model
+	 * @param userAccessionList
+	 * @return
+	 */
+	private String saveOrUpdateList(int page, String title, String description, ModelMap model, UserAccessionList userAccessionList) {
 		userAccessionList.setDescription(description);
 		userAccessionList.setTitle(title);
 		userAccessionList.setAccessionIds(selectionBean.copy());

 		userAccessionListService.save(userAccessionList);
-		model.addAttribute("resultFromSave", "user.accession.list.saved-updated");
-
-		model.addAttribute("pagedData", genesysService.listAccessions(selectionBean.copy(), new PageRequest(page - 1, 50, new Sort("accessionName"))));
-		model.addAttribute("selection", selectionBean);
+		selectionBean.setUserAccessionList(UserAccessionList.UserAccessionList_.from(userAccessionList));

-		model.addAttribute("userAccessionLists", userAccessionListService.getAll());
+		model.addAttribute("resultFromSave", "user.accession.list.saved-updated");

-		return "/selection/index";
+		return view(model, page);
 	}

 	@RequestMapping(value = "/userList", params = { "delete" }, method = RequestMethod.POST)
@@ -306,15 +322,25 @@ public class SelectionController extends BaseController {
 	public String deleteAccessionList(@RequestParam(value = "listId", defaultValue = "0") long listId,
 			@RequestParam(value = "page", required = false, defaultValue = "1") int page, Model model) {

-		userAccessionListService.delete(userAccessionListService.getUserAccesionListById(listId));
+		userAccessionListService.delete(userAccessionListService.getList(listId));
+		selectionBean.setUserAccessionList(null);

 		model.addAttribute("resultFromSave", "user.accession.list.deleted");
 		model.addAttribute("pagedData", genesysService.listAccessions(selectionBean.copy(), new PageRequest(page - 1, 50, new Sort("accessionName"))));
 		model.addAttribute("selection", selectionBean);

-		model.addAttribute("userAccessionLists", userAccessionListService.getAll());
+		model.addAttribute("userAccessionLists", userAccessionListService.getMyLists());

 		return "/selection/index";
 	}

+	@RequestMapping(value = "/userList", params = { "disconnect" }, method = RequestMethod.POST)
+	@PreAuthorize("isAuthenticated()")
+	public String disconnectAccessionList(@RequestParam(value = "listId", defaultValue = "0") long listId,
+			@RequestParam(value = "page", required = false, defaultValue = "1") int page, Model model) {
+
+		selectionBean.setUserAccessionList(null);
+
+		return "redirect:/sel/";
+	}
 }
--- a/src/main/resources/content/language.properties
+++ b/src/main/resources/content/language.properties
@@ -714,3 +714,9 @@ chart.attribution-text=www.genesys-pgr.org
 chart.collections.series=Number of accessions in genebanks

 label.load-more-data=Load more...
+
+userlist.list-my-lists=Saved lists of accessions
+userlist.title=List title
+userlist.description=List description
+userlist.disconnect=Disconnect list
+userlist.update-list=Save updated list
--- a/src/main/webapp/WEB-INF/jsp/selection/index.jsp
+++ b/src/main/webapp/WEB-INF/jsp/selection/index.jsp
@@ -9,24 +9,26 @@
 <body>
 	<cms:informative-h1 title="selection.page.title" fancy="true" info="selection.page.intro" />

-	<c:if test="${pagedData == null}">
-		<div class="alert alert-info">
-			<spring:message code="selection.empty-list-warning" />
-		</div>
-	</c:if>
-
-<div class="form-group">
-    <div class="dropdown">
-        <a href="#" class="dropdown-toggle" data-toggle="dropdown"><c:out value="Browse"/> <b
-                class="caret"></b></a>
-        <ul class="dropdown-menu" role="menu" id="user-accession-lists">
-            <li><a href="<c:url value="/sel/"/>"></a></li>
-            <c:forEach items="${userAccessionLists}" var="userList">
-                <li><a href="/sel/?listId=${userList.id}">${userList.title}</a></li>
-            </c:forEach>
-        </ul>
+<c:if test="${pagedData == null}">
+    <div class="alert alert-info">
+        <spring:message code="selection.empty-list-warning"/>
    </div>
-</div>
+    
+    <security:authorize access="isAuthenticated()">
+    	<c:if test="${fn:length(userAccessionLists) gt 0}">
+		<div class="">
+			<spring:message code="userlist.list-my-lists" /> 
+	        <ul class="funny-list" role="" id="user-accession-lists">
+	            <c:forEach items="${userAccessionLists}" var="userList">
+	                <li><a href="/sel/load?listId=${userList.id}">${userList.title}</a>
+	                <div class="pull-right"><c:out value="${userList.description}" /></div>
+	                </li>
+	            </c:forEach>
+	        </ul>
+		</div>
+		</c:if>
+	</security:authorize>
+</c:if>

 <c:if test="${pagedData != null}">

@@ -56,6 +58,20 @@
 		</div>
 		</div>

+	<security:authorize access="isAuthenticated()">
+		<div class="form-group">
+		    <div class="dropdown">
+		        <a href="#" class="dropdown-toggle" data-toggle="dropdown"><spring:message code="userlist.list-my-lists" /> <b
+		                class="caret"></b></a>
+		        <ul class="dropdown-menu" role="menu" id="user-accession-lists">
+		            <c:forEach items="${userAccessionLists}" var="userList">
+	                <li><a href="/sel/load?listId=${userList.id}">${userList.title}</a></li>
+		            </c:forEach>
+		        </ul>
+		    </div>
+		</div>
+	</security:authorize>
+
 		<table class="accessions">
 			<thead>
 				<tr>
@@ -82,33 +98,37 @@
 				</c:forEach>
 			</tbody>
 		</table>
-		
-	<div class="form-group">
+
+	<security:authorize access="isAuthenticated()">
+    <div class="form-group">
        <c:if test="${resultFromSave ne null}">
            <div class="alert alert-warning"><spring:message code="${resultFromSave}" /></div>
        </c:if>
        <form method="post" action="<c:url value="/sel/userList"/>" role="form">
            <div class="form-group">
-                <label for="accessionListTitle">Title*</label>
+                <label for="accessionListTitle"><spring:message code="userlist.title" /></label>
                <input id="accessionListTitle" type="text" name="title" class="form-control"
-                       value="${userAccessionList.title}"/>
+                       value="${selection.userAccessionList.title}"/>
            </div>
            <div class="form-group">
-                <label for="accessionListDescr">Description</label>
+                <label for="accessionListDescr"><spring:message code="userlist.description" /></label>
                <textarea name="description" rows="3" id="accessionListDescr"
-                          class="form-control"><c:out value="${userAccessionList.description}"/></textarea>
+                          class="form-control"><c:out value="${selection.userAccessionList.description}"/></textarea>
            </div>
            <div class="form-group">
-                <input type="submit" class="btn btn-primary" value="<spring:message code="user.accession.list.save"/>" name="save"/>
-                <c:if test="${userAccessionList.id ne null}">
-                    <input type="hidden" name="listId" value="${userAccessionList.id}"/>
-                    <input type="submit" class="btn" value="<spring:message code="user.accession.list.delete"/>" name="delete" />
+                <c:if test="${selection.userAccessionList.id ne null}">
+                    <input type="hidden" name="listId" value="${selection.userAccessionList.id}"/>
+                    <input type="submit" class="btn btn-primary" value="<spring:message code="userlist.update-list"/>" name="update" />
+                    <input type="submit" class="btn btn-primary" value="<spring:message code="userlist.disconnect"/>" name="disconnect" />
+                    <input type="submit" class="btn" value="<spring:message code="delete"/>" name="delete" />
                </c:if>
+                <input type="submit" class="btn" value="<spring:message code="add"/>" name="save"/>
            </div>
            <!-- CSRF protection -->
            <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
        </form>
    </div>
+    </security:authorize>

 		<form method="post" action="<c:url value="/sel/order" />" class="form-vertical">
 			<div class="form-actions">