Merge pull request #533 from OHDSI/Release-1.12.2

Release 1.12.2

pom.xml

@@ -6,7 +6,7 @@
 
     <artifactId>portal</artifactId>
     <groupId>com.odysseusinc.arachne</groupId>
-    <version>1.12.1</version>
+    <version>1.12.2</version>
     <packaging>jar</packaging>
 
     <parent>
@@ -24,7 +24,7 @@
         <java.version>1.8</java.version>
         <jjwt.version>0.6.0</jjwt.version>
         <ehcache.version>1.3.0</ehcache.version>
-        <postgresql.version>9.1-901-1.jdbc4</postgresql.version>
+        <postgresql.version>42.2.1</postgresql.version>
         <flyway.version>4.2.0</flyway.version>
         <gson.version>2.7</gson.version>
         <commons.lang3.version>3.5</commons.lang3.version>
@@ -117,6 +117,12 @@
             <version>${project.version}</version>
             <type>jar</type>
         </dependency>
+        <dependency>
+            <groupId>com.odysseusinc.arachne</groupId>
+            <artifactId>arachne-no-handler-found-exception-util</artifactId>
+            <version>${project.version}</version>
+            <type>jar</type>
+        </dependency>
         <dependency>
             <artifactId>arachne-sys-settings</artifactId>
             <groupId>com.odysseusinc.arachne</groupId>
@@ -185,7 +191,7 @@
             <!--<version>${ehcache.version}</version>-->
         <!--</dependency>-->
         <dependency>
-            <groupId>postgresql</groupId>
+            <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>
             <version>${postgresql.version}</version>
         </dependency>

solr_config/conf/managed-schema

@@ -147,6 +147,7 @@
     <dynamicField name="*_fs" type="pfloats"  indexed="true"  stored="true"/>
     <dynamicField name="*_d"  type="pdouble" indexed="true"  stored="true"/>
     <dynamicField name="*_ds" type="pdoubles" indexed="true"  stored="true"/>
+    <dynamicField name="*_sortable" type="text_not_split" indexed="true" stored="true"/>
 
     <!-- Type used for data-driven schema, to add a string copy for each text field -->
     <dynamicField name="*_str" type="strings" stored="false" docValues="true" indexed="false" />

src/main/docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM hub.arachnenetwork.com/portal_env:1.0.9
+FROM hub.arachnenetwork.com/portal_env:1.0.12
 MAINTAINER [email protected]
 USER root
 VOLUME /tmp

src/main/java/com/odysseusinc/arachne/portal/api/v1/controller/BaseAnalysisController.java

@@ -31,6 +31,7 @@
 import static org.springframework.web.bind.annotation.RequestMethod.POST;
 import static org.springframework.web.bind.annotation.RequestMethod.PUT;
 
+import com.google.common.collect.ImmutableMap;
 import com.odysseusinc.arachne.commons.api.v1.dto.CommonAnalysisType;
 import com.odysseusinc.arachne.commons.api.v1.dto.CommonEntityRequestDTO;
 import com.odysseusinc.arachne.commons.api.v1.dto.OptionDTO;
@@ -53,6 +54,7 @@
 import com.odysseusinc.arachne.portal.api.v1.dto.SubmissionInsightUpdateDTO;
 import com.odysseusinc.arachne.portal.api.v1.dto.UpdateNotificationDTO;
 import com.odysseusinc.arachne.portal.api.v1.dto.UploadFileDTO;
+import com.odysseusinc.arachne.portal.api.v1.dto.UploadFilesDTO;
 import com.odysseusinc.arachne.portal.api.v1.dto.converters.FileDtoContentHandler;
 import com.odysseusinc.arachne.portal.exception.AlreadyExistException;
 import com.odysseusinc.arachne.portal.exception.NotEmptyException;
@@ -100,6 +102,7 @@
 import java.util.Set;
 import java.util.UUID;
 import java.util.stream.Collectors;
+import java.util.stream.Stream;
 import java.util.stream.StreamSupport;
 import java.util.zip.ZipOutputStream;
 import javax.jms.JMSException;
@@ -345,24 +348,15 @@ public JsonResult addCommonEntityToAnalysis(@PathVariable("analysisId") Long ana
         final T analysis = analysisService.getById(analysisId);
         final DataReference dataReference = dataReferenceService.addOrUpdate(entityReference.getEntityGuid(), dataNode);
         final List<MultipartFile> entityFiles = getEntityFiles(entityReference, dataNode, analysisType);
-        doAddCommonEntityToAnalysis(analysis, dataReference, user, analysisType, entityFiles);
-        return new JsonResult(NO_ERROR);
+        return doAddCommonEntityToAnalysis(analysis, dataReference, user, analysisType, entityFiles);
     }
 
-    protected void doAddCommonEntityToAnalysis(T analysis, DataReference dataReference, IUser user,
-                                               CommonAnalysisType analysisType,
-                                               List<MultipartFile> files) throws IOException {
-
-        files.stream()
-                .filter(f -> !CommonAnalysisType.COHORT.equals(analysisType) || !f.getName().endsWith(CommonFileUtils.OHDSI_JSON_EXT))
-                .forEach(f -> {
-                            try {
-                                analysisService.saveFile(f, user, analysis, f.getName(), detectExecutable(analysisType, f), dataReference);
-                            } catch (IOException e) {
-                                LOGGER.error("Failed to save file", e);
-                            }
-                        }
-                );
+    protected JsonResult doAddCommonEntityToAnalysis(T analysis, DataReference dataReference, IUser user,
+                                                     CommonAnalysisType analysisType,
+                                                     List<MultipartFile> files) throws IOException {
+
+        JsonResult result = new JsonResult(NO_ERROR);
+        analysisService.saveFiles(files, user, analysis, analysisType, dataReference);
         if (analysisType.equals(CommonAnalysisType.COHORT)) {
             final ByteArrayOutputStream out = new ByteArrayOutputStream();
             class StringContainer {
@@ -404,13 +398,13 @@ class StringContainer {
             String fileName = generatedFileName.value + ".zip";
             final MultipartFile sqlArchive = new MockMultipartFile(fileName, fileName, "application/zip",
                     out.toByteArray());
-            analysisService.saveFile(sqlArchive, user, analysis, fileName, false, dataReference);
+            try {
+                analysisService.saveFile(sqlArchive, user, analysis, fileName, false, dataReference);
+            } catch (AlreadyExistException e) {
+                LOGGER.error("Failed to save file", e);
+            }
         }
-    }
-
-    protected boolean detectExecutable(CommonAnalysisType type, MultipartFile file) {
-
-        return false;
+        return result;
     }
 
     @ApiOperation("update common entity in analysis")
@@ -444,30 +438,22 @@ public JsonResult updateCommonEntityInAnalysis(@PathVariable("analysisId") Long
     @ApiOperation("Upload file to attach to analysis.")
     @RequestMapping(value = "/api/v1/analysis-management/analyses/{analysisId}/upload", method = POST)
     public JsonResult<List<AnalysisFileDTO>> uploadFile(Principal principal,
-                                                        @Valid UploadFileDTO uploadFileDTO,
+                                                        @Valid UploadFilesDTO uploadFilesLinks,
                                                         @PathVariable("analysisId") Long id)
             throws PermissionDeniedException, NotExistException, IOException {
 
         IUser user = getUser(principal);
         T analysis = analysisService.getById(id);
+        List<UploadFileDTO> files = Stream.concat(uploadFilesLinks.getFiles().stream(), uploadFilesLinks.getLinks().stream()).collect(Collectors.toList());
+        return saveFiles(files, user, analysis);
+    }
 
-        JsonResult<List<AnalysisFileDTO>> result = new JsonResult<>(NO_ERROR);
+    private JsonResult<List<AnalysisFileDTO>> saveFiles(List<UploadFileDTO> files, IUser user, T analysis) throws IOException {
 
         List<AnalysisFileDTO> createdFiles = new ArrayList<>();
-
-        if (uploadFileDTO.getFile() != null) {
-            AnalysisFile createdFile = analysisService.saveFile(uploadFileDTO.getFile(), user, analysis, uploadFileDTO.getLabel(), uploadFileDTO.getExecutable(), null);
-            createdFiles.add(conversionService.convert(createdFile, AnalysisFileDTO.class));
-        } else {
-            if (StringUtils.hasText(uploadFileDTO.getLink())) {
-                AnalysisFile createdFile = analysisService.saveFile(uploadFileDTO.getLink(), user, analysis, uploadFileDTO.getLabel(), uploadFileDTO.getExecutable());
-                createdFiles.add(conversionService.convert(createdFile, AnalysisFileDTO.class));
-            } else {
-                result.setErrorCode(VALIDATION_ERROR.getCode());
-            }
-
-        }
-
+        JsonResult<List<AnalysisFileDTO>> result = new JsonResult<>(NO_ERROR);
+        analysisService.saveFiles(files, user, analysis)
+                .forEach(createdFile -> createdFiles.add(conversionService.convert(createdFile, AnalysisFileDTO.class)));
         result.setResult(createdFiles);
         return result;
     }

src/main/java/com/odysseusinc/arachne/portal/api/v1/controller/BaseAuthenticationController.java

@@ -31,6 +31,7 @@
 import com.odysseusinc.arachne.portal.api.v1.dto.RemindPasswordDTO;
 import com.odysseusinc.arachne.portal.api.v1.dto.ResetPasswordDTO;
 import com.odysseusinc.arachne.portal.api.v1.dto.UserInfoDTO;
+import com.odysseusinc.arachne.portal.exception.NoDefaultTenantException;
 import com.odysseusinc.arachne.portal.exception.NotExistException;
 import com.odysseusinc.arachne.portal.exception.PasswordValidationException;
 import com.odysseusinc.arachne.portal.exception.PermissionDeniedException;
@@ -59,8 +60,8 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.mail.MailSendException;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -127,8 +128,8 @@ public JsonResult<CommonAuthenticationResponse> login(@RequestBody CommonAuthent
 
         try {
             checkIfUserBlocked(username);
-            Authentication authentication = authenticate(authenticationRequest);
-            SecurityContextHolder.getContext().setAuthentication(authentication);
+            checkIfUserHasTenant(username);
+            authenticate(authenticationRequest);
             String token = this.tokenUtils.generateToken(username);
             CommonAuthenticationResponse authenticationResponse = new CommonAuthenticationResponse(token);
             jsonResult = new JsonResult<>(JsonResult.ErrorCode.NO_ERROR, authenticationResponse);
@@ -163,19 +164,27 @@ private void checkIfUserBlocked(String username) throws PermissionDeniedExceptio
         }
     }
 
-    private Authentication authenticate(CommonAuthenticationRequest authenticationRequest) {
+    protected void checkIfUserHasTenant(String email) throws AuthenticationException {
 
-        return this.authenticationManager.authenticate(
+        IUser user = userService.getByEmailInAnyTenant(email);
+        if (user == null) {
+            throw new BadCredentialsException("Bad credentials");
+        }
+        if (user.getTenants() == null || user.getTenants().isEmpty()) {
+            throw new NoDefaultTenantException("Request admin to add you into a tenant.");
+        }
+    }
+
+    protected Authentication authenticate(CommonAuthenticationRequest authenticationRequest) {
+
+        Authentication authentication = this.authenticationManager.authenticate(
                 new UsernamePasswordAuthenticationToken(
                         authenticationRequest.getUsername(),
                         authenticationRequest.getPassword()
                 )
         );
-    }
-
-    protected IUser getUser(String userName) {
-
-        return userService.getByUsername(userName);
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+        return authentication;
     }
 
     @ApiOperation("Logout.")

src/main/java/com/odysseusinc/arachne/portal/api/v1/controller/BaseDataSourceController.java

@@ -38,6 +38,7 @@
 import com.odysseusinc.arachne.portal.exception.NotExistException;
 import com.odysseusinc.arachne.portal.exception.PermissionDeniedException;
 import com.odysseusinc.arachne.portal.exception.ValidationException;
+import com.odysseusinc.arachne.portal.model.DataSourceFields;
 import com.odysseusinc.arachne.portal.model.IDataSource;
 import com.odysseusinc.arachne.portal.model.IUser;
 import com.odysseusinc.arachne.portal.service.BaseDataSourceService;
@@ -55,7 +56,6 @@
 import org.springframework.core.convert.support.GenericConversionService;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
-import org.springframework.data.domain.Sort;
 import org.springframework.validation.BindingResult;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -75,6 +75,7 @@ public abstract class BaseDataSourceController<
     protected final ArachneConverterUtils converterUtils;
     protected final StudyDataSourceService studyDataSourceService;
 
+
     public BaseDataSourceController(GenericConversionService conversionService,
                                     BaseDataSourceService<DS> dataSourceService,
                                     ArachneConverterUtils converterUtils,
@@ -114,7 +115,7 @@ private JsonResult<DTO> updateDataSource(Principal principal, Long dataSourceId,
             result = setValidationErrors(bindingResult);
         } else {
             IUser user = getUser(principal);
-            final DS exist = dataSourceService.getNotDeletedByIdInAnyTenant(dataSourceId);
+            final DS exist = dataSourceService.getByIdInAnyTenant(dataSourceId);
             DS dataSource = convertDTOToDataSource(commonDataSourceDTO);
             dataSource.setId(dataSourceId);
             dataSource.setDataNode(exist.getDataNode());
@@ -153,8 +154,7 @@ public JsonResult<Page<DS_DTO>> suggestDataSource(Principal principal,
             throw new javax.validation.ValidationException();
         }
         final IUser user = getUser(principal);
-        PageRequest pageRequest = getPageRequest(pageDTO);
-
+        PageRequest pageRequest = dataSourceService.getPageRequest(pageDTO);
         Page<DS> dataSources = dataSourceService.suggestDataSource(query, studyId, user.getId(), pageRequest);
         List<DS_DTO> dataSourceDTOs = converterUtils.convertList(dataSources.getContent(), getDataSourceDTOClass());
         CustomPageImpl<DS_DTO> resultPage =
@@ -179,23 +179,18 @@ public JsonResult<R> list(Principal principal,
     @RequestMapping(value = "/api/v1/data-sources/my", method = RequestMethod.GET)
     public Page<DS_DTO> getUserDataSources(Principal principal,
                                            @RequestParam(name = "query", required = false, defaultValue = "") String query,
+                                           @RequestParam(name = "sort", required = false, defaultValue = DataSourceFields.UI_NAME) String sortBy,
+                                           @RequestParam(name = "order", required = false, defaultValue = "asc") String order,
                                            @ModelAttribute PageDTO pageDTO
     ) throws PermissionDeniedException {
 
         final IUser user = getUser(principal);
-        PageRequest pageRequest = getPageRequest(pageDTO);
-
+        PageRequest pageRequest = dataSourceService.getPageRequest(pageDTO, sortBy, order);
         Page<DS> dataSources = dataSourceService.getUserDataSources(query, user.getId(), pageRequest);
         List<DS_DTO> dataSourceDTOs = converterUtils.convertList(dataSources.getContent(), getDataSourceDTOClass());
         return new CustomPageImpl<>(dataSourceDTOs, pageRequest, dataSources.getTotalElements());
     }
 
-    private PageRequest getPageRequest(PageDTO pageDTO) throws PermissionDeniedException {
-
-        Sort sort = new Sort(Sort.Direction.ASC, "name");
-        return new PageRequest(pageDTO.getPage() - 1, pageDTO.getPageSize(), sort);
-    }
-
     @RequestMapping(value = "/api/v1/data-sources/byuuid/{uuid}", method = RequestMethod.GET)
     public JsonResult<DTO> getByUuid(@PathVariable("uuid") String dataSourceUuid) throws NotExistException {
 
@@ -245,9 +240,9 @@ public void unpublishDataSource(@PathVariable("id") Long dataSourceId) throws IO
     @ApiOperation("Publish data source")
     @RequestMapping(value = "/api/v1/data-sources/{id}/registration", method = RequestMethod.POST)
     public JsonResult<DTO> publishDataSource(Principal principal,
-                                 @PathVariable("id") Long dataSourceId,
-                                 @RequestBody @Valid DTO commonDataSourceDTO,
-                                 BindingResult bindingResult
+                                             @PathVariable("id") Long dataSourceId,
+                                             @RequestBody @Valid DTO commonDataSourceDTO,
+                                             BindingResult bindingResult
     ) throws NotExistException,
             PermissionDeniedException,
             FieldException,
@@ -279,7 +274,7 @@ public JsonResult<List<CommonCDMVersionDTO>> getCDMVersions() {
     @RequestMapping(value = "/api/v1/data-sources/{id}/complete", method = RequestMethod.GET)
     public JsonResult<DS_DTO> getWhole(@PathVariable("id") Long dataSourceId) throws NotExistException {
 
-        DS dataSource = dataSourceService.getNotDeletedByIdInAnyTenant(dataSourceId);
+        DS dataSource = dataSourceService.getByIdInAnyTenant(dataSourceId);
         return new JsonResult<>(NO_ERROR, conversionService.convert(dataSource, getDataSourceDTOClass()));
     }
 

src/main/java/com/odysseusinc/arachne/portal/api/v1/controller/BaseUserController.java

@@ -103,6 +103,7 @@
 import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
+import java.util.UUID;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 import javax.servlet.http.HttpServletRequest;
@@ -733,17 +734,17 @@ public JsonResult<List<CommonUserDTO>> relinkAllUsersToDataNode(@PathVariable("d
     ) throws NotExistException {
 
         final DN dataNode = baseDataNodeService.getById(dataNodeId);
-        
+
         final Set<DataNodeUser> users = linkUserToDataNodes.stream()
                 .map(link -> new DataNodeUser(userService.getByUnverifiedEmailInAnyTenant(link.getUserName()), dataNode))
                 .collect(Collectors.toSet());
-        
+
         baseDataNodeService.relinkAllUsersToDataNode(dataNode, users);
-        
+
         final List<CommonUserDTO> userDTOs = users.stream()
                 .map(user -> conversionService.convert(user.getUser(), CommonUserDTO.class))
                 .collect(Collectors.toList());
-        
+
         return new JsonResult<>(NO_ERROR, userDTOs);
     }
 
@@ -775,6 +776,9 @@ public CommonUserDTO confirmEmail(@PathVariable("uuid") String userUuid,
 
         U user = userService.getByIdInAnyTenantAndInitializeCollections(UserIdUtils.uuidToId(userUuid));
         user.setEmailConfirmed(confirm);
+        if (!confirm) {
+            user.setRegistrationCode(UUID.randomUUID().toString());
+        }
         userService.updateInAnyTenant(user);
         return conversionService.convert(user, CommonUserDTO.class);
     }