source: trunk/grails-app/controllers/RestController.groovy @ 842

Last change on this file since 842 was 842, checked in by keesvb, 10 years ago

fix for isUser REST method

File size: 5.7 KB
Line 
1/**
2 * RestControler
3 *
4 * This controler provides a REST service.
5 * The names of the RESET resources are the same as the names of this
6 * controller's actions. E.g., the resources called getStudies simply
7 * corresponds to the action getStudies. Some of the resources are parameterized.
8 * The parameters are passed as parameters in the url and are available in the
9 * params respecting Grails' conventions. In this file, we adher to the javadoc 
10 * convention for describing parameters ("@param"), but actually we mean
11 * key-value pairs in the params object of each Grails action we comment on.
12 *
13 * @author      Jahn-Takeshi Saito
14 * @since       20100601
15 *
16 */
17
18import dbnp.studycapturing.Study
19import dbnp.studycapturing.Assay
20import grails.converters.*
21import nl.metabolomicscentre.dsp.http.BasicAuthentication
22
23
24class RestController {
25
26
27
28       /**************************************************/
29      /** Rest resources for Simple Assay Module (SAM) **/
30     /**************************************************/
31
32        def authService
33        def beforeInterceptor = [action:this.&auth,except:["isUser"]]
34        def credentials
35        def requestUser
36
37        /**
38         * Authorization closure, which is run before executing any of the REST resource actions
39         * It fetches a username/password combination from basic HTTP authentication and checks whether
40         * that is an active (nimble) account
41         * @return
42         */
43        private def auth() {
44            credentials = BasicAuthentication.credentialsFromRequest(request)
45                requestUser = authService.authUser(credentials.u,credentials.p)
46                if(!requestUser) {
47                    response.sendError(403)
48                return false
49            }
50                else {
51                        return true
52                }
53        }
54
55        /**
56        * REST resource for data modules.
57        * Username and password should be supplied via HTTP Basic Authentication.
58        * Determines whether the given user/password combination is a valid GSCF account.
59        *
60        * @return bool True when user/password is a valid GSCF account, false otherwise.
61        */
62        def isUser= {
63                boolean isUser
64                credentials = BasicAuthentication.credentialsFromRequest(request)
65                def reqUser = authService.authUser(credentials.u,credentials.p)
66                if (reqUser) {
67                        isUser = true
68                }
69                else {
70                        isUser = false
71                }
72                render isUser as JSON
73        }
74
75        /**
76        * REST resource for data modules.
77        * Username and password should be supplied via HTTP Basic Authentication.
78        * Provide a list of all studies owned by the supplied user.
79        *
80        * @return JSON object list containing 'externalStudyID', and 'name' (title) for each study
81        */
82        def getStudies = {
83                List studies = [] 
84                Study.findAllByOwner(requestUser).each { study ->
85                        studies.push( [ 'externalStudyID': study.code, 'name':study.title ] )
86                }
87                render studies as JSON
88        }
89
90
91        /**
92        * REST resource for data modules.
93        * Username and password should be supplied via HTTP Basic Authentication.
94        * Provide a list of all subjects belonging to a study.
95        *
96        * @param externalStudyID String The external study id (code) of the target GSCF Study object
97        * @return JSON object list of subject names
98        */
99        def getSubjects = {
100                List subjects = [] 
101                if( params.externalStudyID ) {
102                        def id = params.externalStudyID
103                        def study = Study.find( "from Study as s where s.code=?", [id])
104                        if(study) study.subjects.each { subjects.push it.name }
105                }
106                render subjects as JSON
107        }
108
109
110        /**
111        * REST resource for data modules.
112        * Username and password should be supplied via HTTP Basic Authentication.
113        * Provide a list of all assays for a given study
114        *
115        * Example call of the getAssays REST resource: http://localhost:8080/gscf/rest/getAssays?externalStudyID=PPSH&moduleURL=http://localhost:8182/sam
116        *
117        * @param externalStudyID String The external study id (code) of the target GSCF Study object
118        * @param moduleURL String The base URL of the calling dbNP module
119        * @return list of assays in the study as JSON object list, filtered to only contain assays for the specified module, with 'externalAssayID' and 'name' for each assay
120        */
121        def getAssays = {
122                List assays = [] 
123                if( params.externalStudyID ) {
124                        def study = Study.find( "from Study as s where s.code=?", [params.externalStudyID])
125                        if(study && study.owner == requestUser) study.assays.each{ assay ->
126                                if (assay.module.url.equals(params.moduleURL)) {
127                                def map = ['name':assay.name, 'externalAssayID':assay.externalAssayID]
128                                        assays.push( map )
129                                }
130                        }
131                }
132                render assays as JSON
133        }
134
135
136        /**
137        * REST resource for data modules.
138        * Username and password should be supplied via HTTP Basic Authentication.
139        * Provide all samples of a given Assay. The result is an enriched list with additional information for each sample.
140        *
141        * @param externalAssayID String (externalAssayID of some Assay in GSCF)
142        * @return As a JSON object list, for each sample in that assay:
143        * @return 'name' (Sample name, which is unique)
144        * @return 'material' (Sample material)
145        * @return 'subject' (The name of the subject from which the sample was taken)
146        * @return 'event' (the name of the template of the SamplingEvent describing the sampling)
147        * @return 'startTime' (the time the sample was taken relative to the start of the study, as a string)
148        */
149        def getSamples = {
150                def items = []
151                if( params.externalAssayID ) {
152                        def assay = Assay.find( "from Assay as a where externalAssayID=?",[params.externalAssayID])
153                        assay.getSamples().each { sample ->
154                                def item = [ 
155                                        'name'                : sample.name,
156                                        'material'            : sample.material.name,
157                                        'subject'             : sample.parentSubject.name,
158                                        'event'               : sample.parentEvent.template.name,
159                                        'startTime'           : sample.parentEvent.getStartTimeString()
160                                ]
161                                items.push item
162                        }
163                }
164                render items as JSON
165        }
166
167
168    /* this is just for testing! */
169    /*def test = {
170                render( dbnp.rest.common.CommunicationManager.getQueryResultWithOperator("Insulin",">",200) )
171    }*/
172}
Note: See TracBrowser for help on using the repository browser.