From a513f2e7de1cea4114b784172f8fc3625aa07c28 Mon Sep 17 00:00:00 2001 From: Benjamin Preiser Date: Thu, 18 Jan 2024 16:21:55 -0500 Subject: [PATCH] users in non-academic companies receive role api --- .../cbio/oncokb/web/rest/CompanyResource.java | 17 ++++++++++------- .../cbio/oncokb/web/rest/UserResource.java | 8 +++++++- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/src/main/java/org/mskcc/cbio/oncokb/web/rest/CompanyResource.java b/src/main/java/org/mskcc/cbio/oncokb/web/rest/CompanyResource.java index f5068daf7..e12986959 100644 --- a/src/main/java/org/mskcc/cbio/oncokb/web/rest/CompanyResource.java +++ b/src/main/java/org/mskcc/cbio/oncokb/web/rest/CompanyResource.java @@ -1,6 +1,7 @@ package org.mskcc.cbio.oncokb.web.rest; import org.mskcc.cbio.oncokb.domain.Company; +import org.mskcc.cbio.oncokb.domain.enumeration.LicenseType; import org.mskcc.cbio.oncokb.repository.CompanyRepository; import org.mskcc.cbio.oncokb.security.AuthoritiesConstants; import org.mskcc.cbio.oncokb.service.CompanyService; @@ -104,16 +105,18 @@ public ResponseEntity updateCompany(@Valid @RequestBody CompanyVM co } CompanyDTO result = companyService.updateCompany(companyVM); - List usersInCompany = userService.getCompanyUsers(result.getId()); - for (UserDTO user : usersInCompany) { - Set userAuthorities = user.getAuthorities(); - if (!userAuthorities.contains(AuthoritiesConstants.API)) { - userAuthorities.add(AuthoritiesConstants.API); - userService.updateUser(user); + + if (!result.getLicenseType().equals(LicenseType.ACADEMIC)) { + List usersInCompany = userService.getCompanyUsers(result.getId()); + for (UserDTO user : usersInCompany) { + Set userAuthorities = user.getAuthorities(); + if (!userAuthorities.contains(AuthoritiesConstants.API)) { + userAuthorities.add(AuthoritiesConstants.API); + userService.updateUser(user); + } } } - return ResponseEntity.ok() .body(result); } diff --git a/src/main/java/org/mskcc/cbio/oncokb/web/rest/UserResource.java b/src/main/java/org/mskcc/cbio/oncokb/web/rest/UserResource.java index 1e27e6fdc..653da60f1 100644 --- a/src/main/java/org/mskcc/cbio/oncokb/web/rest/UserResource.java +++ b/src/main/java/org/mskcc/cbio/oncokb/web/rest/UserResource.java @@ -6,6 +6,7 @@ import org.mskcc.cbio.oncokb.config.Constants; import org.mskcc.cbio.oncokb.domain.Token; import org.mskcc.cbio.oncokb.domain.User; +import org.mskcc.cbio.oncokb.domain.enumeration.LicenseType; import org.mskcc.cbio.oncokb.repository.UserRepository; import org.mskcc.cbio.oncokb.security.AuthoritiesConstants; import org.mskcc.cbio.oncokb.service.MailService; @@ -126,7 +127,12 @@ public ResponseEntity createUser(@Valid @RequestBody ManagedUserVM managed // Assign ROLE_USER to all new accounts // All other authorities can be updated in the user management page if (managedUserVM.getAuthorities() == null || managedUserVM.getAuthorities().isEmpty()) { - managedUserVM.setAuthorities(Collections.singleton(AuthoritiesConstants.USER)); + Set authorities = new LinkedHashSet<>(); + authorities.add(AuthoritiesConstants.USER); + if (!managedUserVM.getLicenseType().equals(LicenseType.ACADEMIC)) { + authorities.add(AuthoritiesConstants.API); + } + managedUserVM.setAuthorities(Collections.unmodifiableSet(authorities)); } User newUser = userService.createUser(managedUserVM, Optional.ofNullable(managedUserVM.getTokenValidDays()), Optional.ofNullable(managedUserVM.getTokenIsRenewable())); UserDTO newUserDTO = userMapper.userToUserDTO(newUser);