source: trunk/grails-app/controllers/RestController.groovy @ 843

Last change on this file since 843 was 843, checked in by keesvb, 13 years ago

second fix for isUser REST method
File size: 5.7 KB
Line 
1/**
2 * RestControler
3 *
4 * This controler provides a REST service.
5 * The names of the RESET resources are the same as the names of this
6 * controller's actions. E.g., the resources called getStudies simply
7 * corresponds to the action getStudies. Some of the resources are parameterized.
8 * The parameters are passed as parameters in the url and are available in the
9 * params respecting Grails' conventions. In this file, we adher to the javadoc 
10 * convention for describing parameters ("@param"), but actually we mean
11 * key-value pairs in the params object of each Grails action we comment on.
12 *
13 * @author      Jahn-Takeshi Saito
14 * @since       20100601
15 *
16 */
17
18import dbnp.studycapturing.Study
19import dbnp.studycapturing.Assay
20import grails.converters.*
21import nl.metabolomicscentre.dsp.http.BasicAuthentication
22
23
24class RestController {
25
26
27
28       /**************************************************/
29      /** Rest resources for Simple Assay Module (SAM) **/
30     /**************************************************/
31
32        def authService
33        def beforeInterceptor = [action:this.&auth,except:["isUser"]]
34        def credentials
35        def requestUser
36
37        /**
38         * Authorization closure, which is run before executing any of the REST resource actions
39         * It fetches a username/password combination from basic HTTP authentication and checks whether
40         * that is an active (nimble) account
41         * @return
42         */
43        private def auth() {
44            credentials = BasicAuthentication.credentialsFromRequest(request)
45                requestUser = authService.authUser(credentials.u,credentials.p)
46                if(!requestUser) {
47                    response.sendError(403)
48                return false
49            }
50                else {
51                        return true
52                }
53        }
54
55        /**
56        * REST resource for data modules.
57        * Username and password should be supplied via HTTP Basic Authentication.
58        * Determines whether the given user/password combination is a valid GSCF account.
59        *
60        * @return bool {"authenticated":true} when user/password is a valid GSCF account, {"authenticated":false} otherwise.
61        */
62        def isUser= {
63                boolean isUser
64                credentials = BasicAuthentication.credentialsFromRequest(request)
65                def reqUser = authService.authUser(credentials.u,credentials.p)
66                if (reqUser) {
67                        isUser = true
68                }
69                else {
70                        isUser = false
71                }
72                def reply = ['authenticated':isUser]
73                render reply as JSON
74        }
75
76        /**
77        * REST resource for data modules.
78        * Username and password should be supplied via HTTP Basic Authentication.
79        * Provide a list of all studies owned by the supplied user.
80        *
81        * @return JSON object list containing 'externalStudyID', and 'name' (title) for each study
82        */
83        def getStudies = {
84                List studies = [] 
85                Study.findAllByOwner(requestUser).each { study ->
86                        studies.push( [ 'externalStudyID': study.code, 'name':study.title ] )
87                }
88                render studies as JSON
89        }
90
91
92        /**
93        * REST resource for data modules.
94        * Username and password should be supplied via HTTP Basic Authentication.
95        * Provide a list of all subjects belonging to a study.
96        *
97        * @param externalStudyID String The external study id (code) of the target GSCF Study object
98        * @return JSON object list of subject names
99        */
100        def getSubjects = {
101                List subjects = [] 
102                if( params.externalStudyID ) {
103                        def id = params.externalStudyID
104                        def study = Study.find( "from Study as s where s.code=?", [id])
105                        if(study) study.subjects.each { subjects.push it.name }
106                }
107                render subjects as JSON
108        }
109
110
111        /**
112        * REST resource for data modules.
113        * Username and password should be supplied via HTTP Basic Authentication.
114        * Provide a list of all assays for a given study
115        *
116        * Example call of the getAssays REST resource: http://localhost:8080/gscf/rest/getAssays?externalStudyID=PPSH&moduleURL=http://localhost:8182/sam
117        *
118        * @param externalStudyID String The external study id (code) of the target GSCF Study object
119        * @param moduleURL String The base URL of the calling dbNP module
120        * @return list of assays in the study as JSON object list, filtered to only contain assays for the specified module, with 'externalAssayID' and 'name' for each assay
121        */
122        def getAssays = {
123                List assays = [] 
124                if( params.externalStudyID ) {
125                        def study = Study.find( "from Study as s where s.code=?", [params.externalStudyID])
126                        if(study && study.owner == requestUser) study.assays.each{ assay ->
127                                if (assay.module.url.equals(params.moduleURL)) {
128                                def map = ['name':assay.name, 'externalAssayID':assay.externalAssayID]
129                                        assays.push( map )
130                                }
131                        }
132                }
133                render assays as JSON
134        }
135
136
137        /**
138        * REST resource for data modules.
139        * Username and password should be supplied via HTTP Basic Authentication.
140        * Provide all samples of a given Assay. The result is an enriched list with additional information for each sample.
141        *
142        * @param externalAssayID String (externalAssayID of some Assay in GSCF)
143        * @return As a JSON object list, for each sample in that assay:
144        * @return 'name' (Sample name, which is unique)
145        * @return 'material' (Sample material)
146        * @return 'subject' (The name of the subject from which the sample was taken)
147        * @return 'event' (the name of the template of the SamplingEvent describing the sampling)
148        * @return 'startTime' (the time the sample was taken relative to the start of the study, as a string)
149        */
150        def getSamples = {
151                def items = []
152                if( params.externalAssayID ) {
153                        def assay = Assay.find( "from Assay as a where externalAssayID=?",[params.externalAssayID])
154                        assay.getSamples().each { sample ->
155                                def item = [ 
156                                        'name'                : sample.name,
157                                        'material'            : sample.material.name,
158                                        'subject'             : sample.parentSubject.name,
159                                        'event'               : sample.parentEvent.template.name,
160                                        'startTime'           : sample.parentEvent.getStartTimeString()
161                                ]
162                                items.push item
163                        }
164                }
165                render items as JSON
166        }
167
168
169    /* this is just for testing! */
170    /*def test = {
171                render( dbnp.rest.common.CommunicationManager.getQueryResultWithOperator("Insulin",">",200) )
172    }*/
173}
Note: See TracBrowser for help on using the repository browser.