@Test
public void testAddWorkspace() {
int startingVertexCount = graph.getAllVertices().size();
int startingEdgeCount = graph.getAllEdges().size();
String workspaceId = "testWorkspaceId";
idGenerator.push(workspaceId);
idGenerator.push(workspaceId + "_to_" + user1.getUserId());
Workspace workspace = workspaceRepository.add("workspace1", user1);
assertTrue(
authorizationRepository
.getGraphAuthorizations()
.contains(WorkspaceRepository.WORKSPACE_ID_PREFIX + workspaceId));
assertEquals(
startingVertexCount + 1, graph.getAllVertices().size()); // +1 = the workspace vertex
assertEquals(
startingEdgeCount + 1,
graph.getAllEdges().size()); // +1 = the edge between workspace and user1
assertNull(
"Should not have access", graph.getVertex(workspace.getId(), new InMemoryAuthorizations()));
InMemoryAuthorizations authorizations =
new InMemoryAuthorizations(WorkspaceRepository.VISIBILITY_STRING, workspace.getId());
assertNotNull("Should have access", graph.getVertex(workspace.getId(), authorizations));
Workspace foundWorkspace = workspaceRepository.findById(workspace.getId(), user1);
assertEquals(workspace.getId(), foundWorkspace.getId());
}
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, HandlerChain chain)
throws Exception {
final String artifactId = getRequiredParameter(request, "artifactId");
final String propertyKey = getRequiredParameter(request, "propertyKey");
final long mentionStart = getRequiredParameterAsLong(request, "mentionStart");
final long mentionEnd = getRequiredParameterAsLong(request, "mentionEnd");
final String title = getRequiredParameter(request, "sign");
final String conceptId = getRequiredParameter(request, "conceptId");
final String visibilitySource = getRequiredParameter(request, "visibilitySource");
final String resolvedVertexId = getOptionalParameter(request, "resolvedVertexId");
final String justificationText = getOptionalParameter(request, "justificationText");
final String sourceInfo = getOptionalParameter(request, "sourceInfo");
String termMentionRowKeyString = getOptionalParameter(request, "rowKey");
User user = getUser(request);
String workspaceId = getActiveWorkspaceId(request);
Workspace workspace = workspaceRepository.findById(workspaceId, user);
Authorizations authorizations = getAuthorizations(request, user);
JSONObject visibilityJson =
GraphUtil.updateVisibilitySourceAndAddWorkspaceId(null, visibilitySource, workspaceId);
LumifyVisibility visibility = this.visibilityTranslator.toVisibility(visibilityJson);
if (!graph.isVisibilityValid(visibility.getVisibility(), authorizations)) {
LOGGER.warn(
"%s is not a valid visibility for %s user", visibilitySource, user.getDisplayName());
respondWithBadRequest(response, "visibilitySource", STRINGS.getString("visibility.invalid"));
chain.next(request, response);
return;
}
Object id = resolvedVertexId == null ? graph.getIdGenerator().nextId() : resolvedVertexId;
Concept concept = ontologyRepository.getConceptByIRI(conceptId);
final Vertex artifactVertex = graph.getVertex(artifactId, authorizations);
LumifyVisibility lumifyVisibility = visibilityTranslator.toVisibility(visibilityJson);
Map<String, Object> metadata = new HashMap<String, Object>();
LumifyVisibilityProperties.VISIBILITY_JSON_PROPERTY.setMetadata(metadata, visibilityJson);
ElementMutation<Vertex> vertexMutation;
Vertex vertex;
if (resolvedVertexId != null) {
vertex = graph.getVertex(id, authorizations);
vertexMutation = vertex.prepareMutation();
} else {
vertexMutation = graph.prepareVertex(id, lumifyVisibility.getVisibility());
GraphUtil.addJustificationToMutation(
vertexMutation, justificationText, sourceInfo, lumifyVisibility);
CONCEPT_TYPE.setProperty(
vertexMutation, conceptId, metadata, lumifyVisibility.getVisibility());
TITLE.addPropertyValue(
vertexMutation, MULTI_VALUE_KEY, title, metadata, lumifyVisibility.getVisibility());
vertex = vertexMutation.save(authorizations);
auditRepository.auditVertexElementMutation(
AuditAction.UPDATE, vertexMutation, vertex, "", user, lumifyVisibility.getVisibility());
LumifyVisibilityProperties.VISIBILITY_JSON_PROPERTY.setProperty(
vertexMutation, visibilityJson, metadata, lumifyVisibility.getVisibility());
this.graph.flush();
workspaceRepository.updateEntityOnWorkspace(
workspace, vertex.getId(), false, null, null, user);
}
// TODO: a better way to check if the same edge exists instead of looking it up every time?
Edge edge =
graph.addEdge(
artifactVertex,
vertex,
this.artifactHasEntityIri,
lumifyVisibility.getVisibility(),
authorizations);
LumifyVisibilityProperties.VISIBILITY_JSON_PROPERTY.setProperty(
edge, visibilityJson, metadata, lumifyVisibility.getVisibility(), authorizations);
auditRepository.auditRelationship(
AuditAction.CREATE,
artifactVertex,
vertex,
edge,
"",
"",
user,
lumifyVisibility.getVisibility());
TermMentionRowKey termMentionRowKey;
if (termMentionRowKeyString != null) {
termMentionRowKey = new TermMentionRowKey(RowKeyHelper.jsonDecode(termMentionRowKeyString));
} else {
termMentionRowKey =
new TermMentionRowKey(
artifactId, propertyKey, mentionStart, mentionEnd, edge.getId().toString());
}
TermMentionModel termMention = new TermMentionModel(termMentionRowKey);
termMention
.getMetadata()
.setSign(title, lumifyVisibility.getVisibility())
.setOntologyClassUri(concept.getDisplayName(), lumifyVisibility.getVisibility())
.setConceptGraphVertexId(concept.getTitle(), lumifyVisibility.getVisibility())
.setVertexId(vertex.getId().toString(), lumifyVisibility.getVisibility())
.setEdgeId(edge.getId().toString(), lumifyVisibility.getVisibility());
termMentionRepository.save(termMention);
vertexMutation.addPropertyValue(
graph.getIdGenerator().nextId().toString(),
LumifyProperties.ROW_KEY.getPropertyName(),
termMentionRowKey.toString(),
metadata,
lumifyVisibility.getVisibility());
vertexMutation.save(authorizations);
this.graph.flush();
workQueueRepository.pushTextUpdated(artifactId);
workQueueRepository.pushElement(edge);
JSONObject result = new JSONObject();
result.put("success", true);
respondWithJson(response, result);
}
@Test
public void testEntities() {
int startingVertexCount = graph.getAllVertices().size();
int startingEdgeCount = graph.getAllEdges().size();
String workspaceId = "testWorkspaceId";
idGenerator.push(workspaceId);
idGenerator.push(workspaceId + "_to_" + user1.getUserId());
Workspace workspace = workspaceRepository.add("workspace1", user1);
assertEquals(
startingVertexCount + 1, graph.getAllVertices().size()); // +1 = the workspace vertex
assertEquals(
startingEdgeCount + 1,
graph.getAllEdges().size()); // +1 = the edges between workspaces and users
try {
workspaceRepository.updateEntityOnWorkspace(
workspace, entity1Vertex.getId(), true, 100, 100, user2);
fail("user2 should not have write access to workspace");
} catch (LumifyAccessDeniedException ex) {
assertEquals(user2, ex.getUser());
assertEquals(workspace.getId(), ex.getResourceId());
}
idGenerator.push(workspaceId + "_to_" + entity1Vertex.getId());
workspaceRepository.updateEntityOnWorkspace(
workspace, entity1Vertex.getId(), true, 100, 200, user1);
assertEquals(
startingVertexCount + 1, graph.getAllVertices().size()); // +1 = the workspace vertex
assertEquals(
startingEdgeCount + 2,
graph.getAllEdges().size()); // +2 = the edges between workspaces, users, and entities
workspaceRepository.updateEntityOnWorkspace(
workspace, entity1Vertex.getId(), true, 200, 300, user1);
assertEquals(
startingVertexCount + 1, graph.getAllVertices().size()); // +1 = the workspace vertex
assertEquals(
startingEdgeCount + 2,
graph.getAllEdges().size()); // +2 = the edges between workspaces, users, and entities
List<WorkspaceEntity> entities = workspaceRepository.findEntities(workspace, user1);
assertEquals(1, entities.size());
assertEquals(entity1Vertex.getId(), entities.get(0).getEntityVertexId());
assertEquals(200, entities.get(0).getGraphPositionX().intValue());
assertEquals(300, entities.get(0).getGraphPositionY().intValue());
try {
workspaceRepository.findEntities(workspace, user2);
fail("user2 should not have read access to workspace");
} catch (LumifyAccessDeniedException ex) {
assertEquals(user2, ex.getUser());
assertEquals(workspace.getId(), ex.getResourceId());
}
try {
workspaceRepository.softDeleteEntityFromWorkspace(workspace, entity1Vertex.getId(), user2);
fail("user2 should not have write access to workspace");
} catch (LumifyAccessDeniedException ex) {
assertEquals(user2, ex.getUser());
assertEquals(workspace.getId(), ex.getResourceId());
}
workspaceRepository.softDeleteEntityFromWorkspace(workspace, entity1Vertex.getId(), user1);
assertEquals(
startingVertexCount + 1, graph.getAllVertices().size()); // +1 = the workspace vertex
Map<String, InMemoryEdge> edgesAfterDelete = graph.getAllEdges();
assertEquals(
startingEdgeCount + 2, edgesAfterDelete.size()); // +1 = the edges between workspaces, users
boolean foundRemovedEdge = false;
for (InMemoryEdge edge : edgesAfterDelete.values()) {
if (edge.getLabel().equals(workspaceToEntityRelationship.getIRI())) {
assertEquals(
false, WorkspaceLumifyProperties.WORKSPACE_TO_ENTITY_VISIBLE.getPropertyValue(edge));
foundRemovedEdge = true;
}
}
assertTrue(foundRemovedEdge);
}
@Test
public void testAccessControl() {
int startingVertexCount = graph.getAllVertices().size();
int startingEdgeCount = graph.getAllEdges().size();
String workspace1Id = "testWorkspace1Id";
String workspace1Title = "workspace1";
idGenerator.push(workspace1Id);
idGenerator.push(workspace1Id + "_to_" + user1.getUserId());
workspaceRepository.add(workspace1Title, user1);
String workspace2Id = "testWorkspace2Id";
String workspace2Title = "workspace2";
idGenerator.push(workspace2Id);
idGenerator.push(workspace2Id + "_to_" + user1.getUserId());
workspaceRepository.add(workspace2Title, user1);
String workspace3Id = "testWorkspace3Id";
String workspace3Title = "workspace3";
idGenerator.push(workspace3Id);
idGenerator.push(workspace3Id + "_to_" + user2.getUserId());
workspaceRepository.add(workspace3Title, user2);
assertEquals(
startingVertexCount + 3, graph.getAllVertices().size()); // +3 = the workspace vertices
assertEquals(
startingEdgeCount + 3,
graph.getAllEdges().size()); // +3 = the edges between workspaces and users
List<Workspace> user1Workspaces = toList(workspaceRepository.findAll(user1));
assertEquals(2, user1Workspaces.size());
boolean foundWorkspace1 = false;
boolean foundWorkspace2 = false;
for (Workspace workspace : user1Workspaces) {
if (workspace.getDisplayTitle().equals(workspace1Title)) {
foundWorkspace1 = true;
} else if (workspace.getDisplayTitle().equals(workspace2Title)) {
foundWorkspace2 = true;
}
}
assertTrue("foundWorkspace1", foundWorkspace1);
assertTrue("foundWorkspace2", foundWorkspace2);
List<Workspace> user2Workspaces = toList(workspaceRepository.findAll(user2));
assertEquals(1, user2Workspaces.size());
assertEquals(workspace3Title, user2Workspaces.get(0).getDisplayTitle());
try {
workspaceRepository.updateUserOnWorkspace(
user2Workspaces.get(0), user1.getUserId(), WorkspaceAccess.READ, user1);
fail("user1 should not have access to user2's workspace");
} catch (LumifyAccessDeniedException ex) {
assertEquals(user1, ex.getUser());
assertEquals(user2Workspaces.get(0).getId(), ex.getResourceId());
}
idGenerator.push(workspace3Id + "to" + user2.getUserId());
workspaceRepository.updateUserOnWorkspace(
user2Workspaces.get(0), user1.getUserId(), WorkspaceAccess.READ, user2);
assertEquals(
startingVertexCount + 3, graph.getAllVertices().size()); // +3 = the workspace vertices
assertEquals(
startingEdgeCount + 4,
graph.getAllEdges().size()); // +4 = the edges between workspaces and users
List<WorkspaceUser> usersWithAccess =
workspaceRepository.findUsersWithAccess(user2Workspaces.get(0).getId(), user2);
boolean foundUser1 = false;
boolean foundUser2 = false;
for (WorkspaceUser userWithAccess : usersWithAccess) {
if (userWithAccess.getUserId().equals(user1.getUserId())) {
assertEquals(WorkspaceAccess.READ, userWithAccess.getWorkspaceAccess());
foundUser1 = true;
} else if (userWithAccess.getUserId().equals(user2.getUserId())) {
assertEquals(WorkspaceAccess.WRITE, userWithAccess.getWorkspaceAccess());
foundUser2 = true;
} else {
fail("Unexpected user " + userWithAccess.getUserId());
}
}
assertTrue("could not find user1", foundUser1);
assertTrue("could not find user2", foundUser2);
try {
workspaceRepository.deleteUserFromWorkspace(user2Workspaces.get(0), user1.getUserId(), user1);
fail("user1 should not have write access to user2's workspace");
} catch (LumifyAccessDeniedException ex) {
assertEquals(user1, ex.getUser());
assertEquals(user2Workspaces.get(0).getId(), ex.getResourceId());
}
try {
workspaceRepository.delete(user2Workspaces.get(0), user1);
fail("user1 should not have write access to user2's workspace");
} catch (LumifyAccessDeniedException ex) {
assertEquals(user1, ex.getUser());
assertEquals(user2Workspaces.get(0).getId(), ex.getResourceId());
}
workspaceRepository.updateUserOnWorkspace(
user2Workspaces.get(0), user1.getUserId(), WorkspaceAccess.WRITE, user2);
assertEquals(
startingVertexCount + 3, graph.getAllVertices().size()); // +3 = the workspace vertices
assertEquals(
startingEdgeCount + 4,
graph.getAllEdges().size()); // +4 = the edges between workspaces and users
workspaceRepository.deleteUserFromWorkspace(user2Workspaces.get(0), user1.getUserId(), user2);
assertEquals(
startingVertexCount + 3, graph.getAllVertices().size()); // +3 = the workspace vertices
assertEquals(
startingEdgeCount + 3,
graph.getAllEdges().size()); // +3 = the edges between workspaces and users
workspaceRepository.delete(user2Workspaces.get(0), user2);
assertEquals(
startingVertexCount + 2, graph.getAllVertices().size()); // +2 = the workspace vertices
assertEquals(
startingEdgeCount + 2,
graph.getAllEdges().size()); // +2 = the edges between workspaces and users
}
private TermMentionWithGraphVertex saveTermMention(
Vertex artifactGraphVertex,
TermMention termMention,
String workspaceId,
String visibilitySource) {
LOGGER.debug(
"Saving term mention '%s':%s:%s (%d:%d)",
termMention.getSign(),
termMention.getOntologyClassUri(),
termMention.getPropertyKey(),
termMention.getStart(),
termMention.getEnd());
Vertex vertex = null;
if (visibilitySource == null) {
visibilitySource = termMention.getVisibility().getVisibilityString();
}
JSONObject visibilityJson = new JSONObject();
visibilityJson.put(VisibilityTranslator.JSON_SOURCE, visibilitySource);
Visibility visibility = visibilityTranslator.toVisibility(visibilityJson).getVisibility();
Visibility visibilityWithWorkspaceId;
JSONObject visibilityJsonWithWorkspaceId;
if (!workspaceId.equals("")) {
visibilityJsonWithWorkspaceId =
GraphUtil.updateVisibilitySourceAndAddWorkspaceId(null, visibilitySource, workspaceId);
visibilityWithWorkspaceId =
visibilityTranslator.toVisibility(visibilityJsonWithWorkspaceId).getVisibility();
} else {
visibilityWithWorkspaceId = visibility;
visibilityJsonWithWorkspaceId = visibilityJson;
}
TermMentionRowKey termMentionRowKey =
new TermMentionRowKey(
artifactGraphVertex.getId().toString(),
termMention.getPropertyKey(),
termMention.getStart(),
termMention.getEnd());
TermMentionModel termMentionModel = new TermMentionModel(termMentionRowKey);
termMentionModel.getMetadata().setSign(termMention.getSign(), visibility);
termMentionModel
.getMetadata()
.setOntologyClassUri(termMention.getOntologyClassUri(), visibility);
if (termMention.getProcess() != null && !termMention.getProcess().equals("")) {
termMentionModel.getMetadata().setAnalyticProcess(termMention.getProcess(), visibility);
}
Concept concept = ontologyRepository.getConceptByIRI(termMention.getOntologyClassUri());
if (concept == null) {
LOGGER.error("Could not find ontology graph vertex '%s'", termMention.getOntologyClassUri());
return null;
}
termMentionModel.getMetadata().setConceptGraphVertexId(concept.getTitle(), visibility);
if (termMention.isResolved()) {
String title = termMention.getSign();
ElementMutation<Vertex> vertexElementMutation;
if (termMention.getUseExisting()) {
graph.flush(); // make sure the previous term mentions have made it into the graph
if (termMention.getId() != null) {
vertex = graph.getVertex(termMention.getId(), getAuthorizations());
} else {
vertex =
singleOrDefault(
graph
.query(getAuthorizations())
.has(LumifyProperties.TITLE.getPropertyName(), title)
.has(LumifyProperties.CONCEPT_TYPE.getPropertyName(), concept.getTitle())
.vertices(),
null);
}
}
Map<String, Object> metadata = new HashMap<String, Object>();
LumifyVisibilityProperties.VISIBILITY_JSON_PROPERTY.setMetadata(
metadata, visibilityJsonWithWorkspaceId);
if (vertex == null) {
if (termMention.getId() != null) {
vertexElementMutation =
graph.prepareVertex(termMention.getId(), visibilityWithWorkspaceId);
} else {
vertexElementMutation = graph.prepareVertex(visibilityWithWorkspaceId);
}
LumifyProperties.TITLE.setProperty(
vertexElementMutation, title, metadata, visibilityWithWorkspaceId);
LumifyProperties.CONCEPT_TYPE.setProperty(
vertexElementMutation, concept.getTitle(), metadata, visibilityWithWorkspaceId);
} else {
vertexElementMutation = vertex.prepareMutation();
}
for (TermMention.TermMentionProperty termMentionProperty : termMention.getNewProperties()) {
vertexElementMutation.addPropertyValue(
termMentionProperty.getKey(),
termMentionProperty.getName(),
termMentionProperty.getValue(),
metadata,
visibilityWithWorkspaceId);
}
LumifyVisibilityProperties.VISIBILITY_JSON_PROPERTY.setProperty(
vertexElementMutation,
visibilityJsonWithWorkspaceId,
metadata,
visibilityWithWorkspaceId);
vertexElementMutation.addPropertyValue(
graph.getIdGenerator().nextId(),
LumifyProperties.ROW_KEY.getPropertyName(),
termMentionRowKey.toString(),
metadata,
visibilityWithWorkspaceId);
if (!(vertexElementMutation instanceof ExistingElementMutation)) {
vertex = vertexElementMutation.save(getAuthorizations());
auditRepository.auditVertexElementMutation(
AuditAction.UPDATE,
vertexElementMutation,
vertex,
termMention.getProcess(),
getUser(),
visibilityWithWorkspaceId);
} else {
auditRepository.auditVertexElementMutation(
AuditAction.UPDATE,
vertexElementMutation,
vertex,
termMention.getProcess(),
getUser(),
visibilityWithWorkspaceId);
vertex = vertexElementMutation.save(getAuthorizations());
}
// TODO: a better way to check if the same edge exists instead of looking it up every time?
Edge edge =
singleOrDefault(
artifactGraphVertex.getEdges(
vertex, Direction.OUT, artifactHasEntityIri, getAuthorizations()),
null);
if (edge == null) {
edge =
graph.addEdge(
artifactGraphVertex, vertex, artifactHasEntityIri, visibility, getAuthorizations());
LumifyVisibilityProperties.VISIBILITY_JSON_PROPERTY.setProperty(
edge,
visibilityJsonWithWorkspaceId,
metadata,
visibilityWithWorkspaceId,
getAuthorizations());
auditRepository.auditRelationship(
AuditAction.CREATE,
artifactGraphVertex,
vertex,
edge,
termMention.getProcess(),
"",
getUser(),
visibilityWithWorkspaceId);
}
graph.flush();
if (workspaceId != null && !workspaceId.equals("")) {
Workspace workspace = workspaceRepository.findById(workspaceId, getUser());
workspaceRepository.updateEntityOnWorkspace(
workspace, vertex.getId(), null, null, null, getUser());
}
termMentionModel
.getMetadata()
.setVertexId(vertex.getId().toString(), visibility)
.setEdgeId(edge.getId().toString(), visibility);
}
getTermMentionRepository().save(termMentionModel, FlushFlag.NO_FLUSH);
return new TermMentionWithGraphVertex(termMentionModel, vertex);
}
