diff --git a/src/main/java/org/genesys2/server/api/v1/SubsetController.java b/src/main/java/org/genesys2/server/api/v1/SubsetController.java index d8e9f27e7002c8a0365273b7459cebb7dc5c3290..13429d1c9c664a5d64cd6c4b2217efba890d7ccb 100644 --- a/src/main/java/org/genesys2/server/api/v1/SubsetController.java +++ b/src/main/java/org/genesys2/server/api/v1/SubsetController.java @@ -135,6 +135,33 @@ public class SubsetController { return new FilteredPage<>(filterCode, filter, subsetService.list(filter, new PageRequest(page, Integer.min(pageSize, 100), direction, sort))); } + /** + * My subsets. + * + * @param page the page + * @param pageSize the page size + * @param direction the direction + * @param sort the sort + * @param filter the descriptor filter + * @return the page + * @throws IOException + */ + @PostMapping(value = "/list-mine") + public FilteredPage mySubsets(@RequestParam(name = "p", required = false, defaultValue = "0") final int page, + @RequestParam(name = "l", required = false, defaultValue = "50") final int pageSize, + @RequestParam(name = "d", required = false, defaultValue = "DESC") final Sort.Direction direction, + @RequestParam(name = "s", required = false, defaultValue = "lastModifiedDate") final String[] sort, + @RequestParam(name = "f", required = false) String filterCode, + @RequestBody(required = false) SubsetFilter filter) throws IOException { + + if (filterCode != null) { + filter = shortFilterService.filterByCode(filterCode, SubsetFilter.class); + } else { + filterCode = shortFilterService.getCode(filter); + } + return new FilteredPage<>(filterCode, filter, subsetService.listSubsetsForCurrentUser(filter, new PageRequest(page, Integer.min(pageSize, 100), direction, sort))); + } + /** * Remove accessions form subset. * diff --git a/src/main/java/org/genesys2/server/service/SubsetService.java b/src/main/java/org/genesys2/server/service/SubsetService.java index 88233afa1e80e7811d022c5384e2796760b0f311..834514c984a921f0cea56c23983582d58dd5c425 100644 --- a/src/main/java/org/genesys2/server/service/SubsetService.java +++ b/src/main/java/org/genesys2/server/service/SubsetService.java @@ -40,6 +40,15 @@ public interface SubsetService { */ Page list(SubsetFilter filter, Pageable page); + /** + * List current user's subsets matching the filter. + * + * @param filter filter data + * @param page Pageable + * @return list of Subset + */ + Page listSubsetsForCurrentUser(SubsetFilter filter, Pageable page); + /** * Method creating Subset. * diff --git a/src/main/java/org/genesys2/server/service/impl/SubsetServiceImpl.java b/src/main/java/org/genesys2/server/service/impl/SubsetServiceImpl.java index 305ee57165c00b939c151a070fbb230d5e38acd2..bf33be3eb24795ef6e1a89a93e8defe8012cb234 100644 --- a/src/main/java/org/genesys2/server/service/impl/SubsetServiceImpl.java +++ b/src/main/java/org/genesys2/server/service/impl/SubsetServiceImpl.java @@ -16,12 +16,14 @@ package org.genesys2.server.service.impl; +import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.UUID; import java.util.stream.Collectors; import org.genesys.catalog.exceptions.InvalidApiUsageException; +import org.genesys.catalog.model.Partner; import org.genesys2.server.exception.NotFoundElement; import org.genesys2.server.model.PublishState; import org.genesys2.server.model.UserRole; @@ -35,14 +37,17 @@ import org.genesys2.server.persistence.SubsetRepository; import org.genesys2.server.security.SecurityUtils; import org.genesys2.server.service.SubsetService; import org.genesys2.server.service.filter.SubsetFilter; +import org.genesys2.util.JPAUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.dao.ConcurrencyFailureException; import org.springframework.data.domain.Page; +import org.springframework.data.domain.PageImpl; import org.springframework.data.domain.Pageable; import org.springframework.security.access.prepost.PostAuthorize; import org.springframework.security.access.prepost.PreAuthorize; +import org.springframework.security.acls.domain.BasePermission; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -84,11 +89,27 @@ public class SubsetServiceImpl implements SubsetService { return subsetRepository.findAll(published, page); } + @Override + @PreAuthorize("hasRole('ADMINISTRATOR') or isAuthenticated()") + public Page listSubsetsForCurrentUser(SubsetFilter filter, Pageable page) { + if (securityUtils.hasRole(UserRole.ADMINISTRATOR)) { + Pageable markdownSortPageRequest = JPAUtils.toMarkdownSort(page, "title"); + Page res = subsetRepository.findAll(filter.buildQuery(), markdownSortPageRequest); + return new PageImpl(res.getContent(), page, res.getTotalElements()); + } else { + final HashSet partners = new HashSet<>(securityUtils.listObjectIdentityIdsForCurrentUser(Partner.class, BasePermission.WRITE)); + Pageable markdownSortPageRequest = JPAUtils.toMarkdownSort(page, "title"); + Page res = subsetRepository.findAll(QSubset.subset.createdBy.in(partners).and(filter.buildQuery()), markdownSortPageRequest); + return new PageImpl(res.getContent(), page, res.getTotalElements()); + } + } + /** * {@inheritDoc} */ @Override @Transactional + @PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#source, 'WRITE')") public Subset create(final Subset source) { LOG.info("Create Subset."); final Subset subset = new Subset(); @@ -197,6 +218,7 @@ public class SubsetServiceImpl implements SubsetService { */ @Override @Transactional + @PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#source, 'WRITE')") public Subset update(final Subset source) { LOG.info("Update Subset."); final Subset subset = loadSubset(source); @@ -213,6 +235,7 @@ public class SubsetServiceImpl implements SubsetService { */ @Override @Transactional + @PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#subset, 'WRITE')") public Subset delete(final Subset subset) { subsetRepository.delete(subset); subset.setId(null); @@ -224,6 +247,7 @@ public class SubsetServiceImpl implements SubsetService { */ @Override @Transactional + @PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'WRITE')") public Subset removeAccessions(final Subset input, final Set accessionsUuids) { LOG.info("Remove accessions of subset {}.", input); final Subset subset = loadSubset(input); @@ -246,6 +270,7 @@ public class SubsetServiceImpl implements SubsetService { */ @Override @Transactional + @PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#input, 'WRITE')") public Subset addAccessions(final Subset input, final Set accessionsUuids) { LOG.info("Add accessions to Subset. Input accessions {}", input); final Subset subset = loadSubset(input);