Ignore:
Timestamp:
Oct 21, 2010, 5:28:04 PM (10 years ago)
Author:
robert@…
Message:

Authentication and authorization for studies is added, according to ticket 118

Location:
trunk/grails-app/domain/dbnp
Files:
5 added
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/grails-app/domain/dbnp/studycapturing/Study.groovy

    r974 r976  
    11package dbnp.studycapturing
    22
    3 import org.nmcdsp.plugins.aaaa.SecUser
     3import dbnp.authentication.SecUser
    44
    55/**
     
    1212 */
    1313class Study extends TemplateEntity {
    14         static searchable = {
    15         [only: ['title', 'Description']] // the description field will be searched only if defined in a study template
    16     }
     14        static searchable = {
     15            [only: ['title', 'Description']] // the description field will be searched only if defined in a study template
     16        }
    1717
    1818        SecUser owner           // The owner of the study. A new study is automatically owned by its creator.
     
    2929        List assays
    3030        boolean published = false // Determines whether a study is private (only accessable by the owner and writers) or published (also visible to readers)
    31 
     31        boolean publicstudy = false  // Determines whether anonymous users are allowed to see this study. This has only effect when published = true
     32       
    3233        static hasMany = [             
    3334                subjects: Subject,
     
    3839                assays: Assay,
    3940                persons: StudyPerson,
    40                 publications: Publication
     41                publications: Publication,
     42                readers: SecUser,
     43                writers: SecUser
    4144        ]
    4245
     
    5457                // Workaround for bug http://jira.codehaus.org/browse/GRAILS-6754
    5558                templateTextFields type: 'text'
    56                 owner column: "studyowner"
    57                 title column: "studytitle"
    58                 code column: "studycode"
    59                 subjects column: "studysubjects"
    60                 events column: "studyevents"
    61                 samplingEvents column: "studysamplingevents"
    62                 eventGroups column: "studyeventgroups"
    63                 samples column: "studysamples"
    64                 assays column: "studyassays"
    6559        }
    6660
     
    407401                return msg
    408402        }
     403
     404    /**
     405     * Returns true if the given user is allowed to read this study
     406     */
     407    public boolean canRead(SecUser loggedInUser) {
     408        // Anonymous readers are only given access when published and public
     409        if( loggedInUser == null ) {
     410            return this.publicstudy && this.published;
     411        }
     412
     413        // Owners and writers are allowed to read this study
     414        if( this.owner == loggedInUser || this.writers.contains(loggedInUser) ) {
     415            return true
     416        }
     417           
     418        // Readers are allowed to read this study when it is published
     419        if( this.readers.contains(loggedInUser) && this.published ) {
     420            return true
     421        }
     422       
     423        return false
     424    }
     425
     426    /**
     427     * Returns true if the given user is allowed to write this study
     428     */
     429    public boolean canWrite(SecUser loggedInUser) {
     430        if( loggedInUser == null ) {
     431            return false;
     432        }
     433        return this.owner == loggedInUser || this.writers.contains(loggedInUser)
     434    }
     435
     436    /**
     437     * Returns true if the given user is the owner of this study
     438     */
     439    public boolean isOwner(SecUser loggedInUser) {
     440        if( loggedInUser == null ) {
     441            return false;
     442        }
     443        return this.owner == loggedInUser
     444    }
     445
    409446}
  • trunk/grails-app/domain/dbnp/studycapturing/Template.groovy

    r961 r976  
    11package dbnp.studycapturing
    22
    3 import org.nmcdsp.plugins.aaaa.SecUser
     3import dbnp.authentication.SecUser
    44
    55/**
     
    3939
    4040        static mapping = {
    41                 name column:"templatename"
    42                 description column:"templatedescription"
    43                 entity column:"templateentity"
    44                 owner column:"templateowner"
    45                 fields column:"templatefields"
    4641        }
    4742
  • trunk/grails-app/domain/dbnp/studycapturing/TemplateEntity.groovy

    r961 r976  
    7070                // Make sure that the text fields are really stored as TEXT, so that those Strings can have an arbitrary length.
    7171                templateTextFields type: 'text'
    72 
    73                 template column:"templateentitytemplate"
    7472        }
    7573
Note: See TracChangeset for help on using the changeset viewer.