diff --git a/opencga-analysis/src/test/java/org/opencb/opencga/analysis/family/FamilyAnalysisTest.java b/opencga-analysis/src/test/java/org/opencb/opencga/analysis/family/FamilyAnalysisTest.java index d8e54980a50..bd4944f868a 100644 --- a/opencga-analysis/src/test/java/org/opencb/opencga/analysis/family/FamilyAnalysisTest.java +++ b/opencga-analysis/src/test/java/org/opencb/opencga/analysis/family/FamilyAnalysisTest.java @@ -47,7 +47,6 @@ public class FamilyAnalysisTest extends GenericTest { - public final static String STUDY = "user@1000G:phase1"; public static final String USER = "user"; @Rule public ExpectedException thrown = ExpectedException.none(); @@ -61,6 +60,7 @@ public class FamilyAnalysisTest extends GenericTest { protected static String sessionIdUser; private static String ORGANIZATION = "test"; + public final static String STUDY = ORGANIZATION + "@1000G:phase1"; protected static Family family; protected static Family family2; diff --git a/opencga-catalog/src/test/java/org/opencb/opencga/catalog/managers/AbstractClinicalManagerTest.java b/opencga-catalog/src/test/java/org/opencb/opencga/catalog/managers/AbstractClinicalManagerTest.java index a2ad9fa78ab..3af2d35be82 100644 --- a/opencga-catalog/src/test/java/org/opencb/opencga/catalog/managers/AbstractClinicalManagerTest.java +++ b/opencga-catalog/src/test/java/org/opencb/opencga/catalog/managers/AbstractClinicalManagerTest.java @@ -31,6 +31,8 @@ import org.opencb.opencga.core.models.family.Family; import org.opencb.opencga.core.models.file.File; import org.opencb.opencga.core.models.individual.Individual; +import org.opencb.opencga.core.models.organizations.OrganizationCreateParams; +import org.opencb.opencga.core.models.organizations.OrganizationUpdateParams; import org.opencb.opencga.core.models.sample.Sample; import org.opencb.opencga.core.models.study.Study; import org.opencb.opencga.core.testclassification.duration.MediumTests; @@ -64,7 +66,7 @@ public class AbstractClinicalManagerTest extends GenericTest { public CatalogManagerExternalResource catalogManagerResource = new CatalogManagerExternalResource(); public CatalogManager catalogManager; - protected String organizationId; + protected final String organizationId = "test"; public String token; public String studyFqn; public Family family; @@ -81,8 +83,14 @@ public void setUp() throws IOException, CatalogException, URISyntaxException { public void setUpCatalogManager() throws IOException, CatalogException, URISyntaxException { ClinicalAnalysis auxClinicalAnalysis; + // Create new organization, owner and admins + catalogManager.getOrganizationManager().create(new OrganizationCreateParams().setId(organizationId).setName("Test"), QueryOptions.empty(), catalogManagerResource.getAdminToken()); catalogManager.getUserManager().create("user", "User Name", "mail@ebi.ac.uk", PASSWORD, organizationId, null, catalogManagerResource.getAdminToken()); + catalogManager.getOrganizationManager().update(organizationId, + new OrganizationUpdateParams().setOwner("user"), + null, catalogManagerResource.getAdminToken()); + token = catalogManager.getUserManager().login(organizationId, "user", PASSWORD).getToken(); catalogManager.getProjectManager().create("1000G", "Project about some genomes", "", "Homo sapiens", null, "GRCh38", diff --git a/opencga-master/src/main/java/org/opencb/opencga/master/monitor/daemons/ExecutionDaemon.java b/opencga-master/src/main/java/org/opencb/opencga/master/monitor/daemons/ExecutionDaemon.java index c075cd994ae..d83377d4a4f 100644 --- a/opencga-master/src/main/java/org/opencb/opencga/master/monitor/daemons/ExecutionDaemon.java +++ b/opencga-master/src/main/java/org/opencb/opencga/master/monitor/daemons/ExecutionDaemon.java @@ -611,7 +611,8 @@ protected void checkToolExecutionPermission(String organizationId, Job job) thro AuthorizationManager authorizationManager = catalogManager.getAuthorizationManager(); String user = job.getUserId(); - JwtPayload jwtPayload = catalogManager.getUserManager().validateToken(token); + String userToken = catalogManager.getUserManager().getNonExpiringToken(organizationId, user, null, token); + JwtPayload jwtPayload = catalogManager.getUserManager().validateToken(userToken); if (storageConfiguration.getMode() == StorageConfiguration.Mode.READ_ONLY) { // Hard check. Within READ_ONLY mode, if the tool is an operation on variant, rga or alignment, we forbid it. @@ -639,11 +640,8 @@ protected void checkToolExecutionPermission(String organizationId, Job job) thro // Only organization owners or administrators can run tools with scope organization authorizationManager.checkIsOrganizationOwnerOrAdmin(organizationId, user); } else { - long studyUid = catalogManager.getStudyManager().get(job.getStudy().getId(), new QueryOptions(QueryOptions.INCLUDE, - StudyDBAdaptor.QueryParams.UID.key()), token).first().getUid(); - if (authorizationManager.isOrganizationOwnerOrAdmin(organizationId, user) - || authorizationManager.isStudyAdministrator(organizationId, studyUid, user)) { - // Study and organization administrators can run tools with scope study or project + if (authorizationManager.isOrganizationOwnerOrAdmin(organizationId, user)) { + // Organization administrators can run tools with scope study or project return; } diff --git a/opencga-master/src/test/java/org/opencb/opencga/master/monitor/daemons/ExecutionDaemonTest.java b/opencga-master/src/test/java/org/opencb/opencga/master/monitor/daemons/ExecutionDaemonTest.java index 2b9469e77f7..89f316e1c21 100644 --- a/opencga-master/src/test/java/org/opencb/opencga/master/monitor/daemons/ExecutionDaemonTest.java +++ b/opencga-master/src/test/java/org/opencb/opencga/master/monitor/daemons/ExecutionDaemonTest.java @@ -82,11 +82,11 @@ public void setUp() throws Exception { super.setUp(); String expiringToken = this.catalogManager.getUserManager().loginAsAdmin(TestParamConstants.ADMIN_PASSWORD).getToken(); - String nonExpiringToken = this.catalogManager.getUserManager().getNonExpiringToken(ParamConstants.ADMIN_ORGANIZATION, ParamConstants.OPENCGA_USER_ID, Collections.emptyMap(), expiringToken); catalogManager.getConfiguration().getAnalysis().getExecution().getMaxConcurrentJobs().put(VariantIndexOperationTool.ID, 1); - daemon = new ExecutionDaemon(1000, nonExpiringToken, catalogManager, + daemon = new ExecutionDaemon(1000, expiringToken, catalogManager, new StorageConfiguration().setMode(StorageConfiguration.Mode.READ_WRITE), catalogManagerResource.getOpencgaHome().toString()); + executor = new DummyBatchExecutor(); daemon.batchExecutor = executor; @@ -216,22 +216,24 @@ public void testNotEmptyOutDir() throws Exception { @Test public void testProjectScopeTask() throws Exception { // User 2 to admins group in study1 but not in study2 - catalogManager.getStudyManager().updateGroup(studyFqn, "@admins", ParamUtils.BasicUpdateAction.ADD, - new GroupUpdateParams(Collections.singletonList("user2")), ownerToken); + catalogManager.getStudyManager().updateGroup(studyFqn, ParamConstants.ADMINS_GROUP, ParamUtils.BasicUpdateAction.ADD, + new GroupUpdateParams(Collections.singletonList(normalUserId2)), ownerToken); +// catalogManager.getStudyManager().updateAcl(studyFqn2, normalUserId2, new StudyAclParams().setTemplate(AuthorizationManager.ROLE_VIEW_ONLY), +// ParamUtils.AclAction.SET, ownerToken); // User 3 to admins group in both study1 and study2 - catalogManager.getStudyManager().updateGroup(studyFqn, "@admins", ParamUtils.BasicUpdateAction.ADD, - new GroupUpdateParams(Collections.singletonList("user3")), ownerToken); - catalogManager.getStudyManager().updateGroup(studyFqn2, "@admins", ParamUtils.BasicUpdateAction.ADD, - new GroupUpdateParams(Collections.singletonList("user3")), ownerToken); + catalogManager.getStudyManager().updateGroup(studyFqn, ParamConstants.ADMINS_GROUP, ParamUtils.BasicUpdateAction.ADD, + new GroupUpdateParams(Collections.singletonList(normalUserId3)), ownerToken); + catalogManager.getStudyManager().updateGroup(studyFqn2, ParamConstants.ADMINS_GROUP, ParamUtils.BasicUpdateAction.ADD, + new GroupUpdateParams(Collections.singletonList(normalUserId3)), ownerToken); HashMap params = new HashMap<>(); String jobId = catalogManager.getJobManager().submit(studyFqn, VariantAnnotationIndexOperationTool.ID, Enums.Priority.MEDIUM, params, "job1", "", null, null, ownerToken).first().getId(); String jobId2 = catalogManager.getJobManager().submit(studyFqn, VariantAnnotationIndexOperationTool.ID, Enums.Priority.MEDIUM, - params, "job2", "", null, null, orgAdminToken1).first().getId(); + params, "job2", "", null, null, normalToken2).first().getId(); String jobId3 = catalogManager.getJobManager().submit(studyFqn, VariantAnnotationIndexOperationTool.ID, Enums.Priority.MEDIUM, - params, "job3", "", null, null, orgAdminToken2).first().getId(); + params, "job3", "", null, null, normalToken3).first().getId(); daemon.checkPendingJobs(organizationIds); @@ -392,7 +394,7 @@ public void testCheckLogsNoPermissions() throws Exception { Job job = catalogManager.getJobManager().submit(studyFqn, "variant-index", Enums.Priority.MEDIUM, params, ownerToken).first(); String jobId = job.getId(); - catalogManager.getJobManager().updateAcl(studyFqn, Collections.singletonList(jobId), "user2", + catalogManager.getJobManager().updateAcl(studyFqn, Collections.singletonList(jobId), normalUserId2, new AclParams(JobPermissions.VIEW.name()), ParamUtils.AclAction.ADD, ownerToken); daemon.checkJobs(); @@ -415,7 +417,7 @@ public void testCheckLogsNoPermissions() throws Exception { Paths.get(job.getOutDir().getUri()).resolve(job.getId() + ".log").toUri()); thrown.expect(CatalogAuthorizationException.class); - catalogManager.getJobManager().log(studyFqn, jobId, 0, 1, "stdout", true, orgAdminToken1); + catalogManager.getJobManager().log(studyFqn, jobId, 0, 1, "stdout", true, normalToken2); } @Test @@ -493,9 +495,9 @@ public void testRegisterFilesSuccessfully() throws Exception { } files = catalogManager.getFileManager().count(studyFqn, new Query(FileDBAdaptor.QueryParams.JOB_ID.key(), ""), ownerToken); - assertEquals(10, files.getNumMatches()); + assertEquals(16, files.getNumMatches()); files = catalogManager.getFileManager().count(studyFqn, new Query(FileDBAdaptor.QueryParams.JOB_ID.key(), "NonE"), ownerToken); - assertEquals(10, files.getNumMatches()); + assertEquals(16, files.getNumMatches()); } @Test diff --git a/opencga-server/src/test/java/org/opencb/opencga/server/rest/SampleWSServerTest.java b/opencga-server/src/test/java/org/opencb/opencga/server/rest/SampleWSServerTest.java index 0bad60f08e3..56e034fb005 100644 --- a/opencga-server/src/test/java/org/opencb/opencga/server/rest/SampleWSServerTest.java +++ b/opencga-server/src/test/java/org/opencb/opencga/server/rest/SampleWSServerTest.java @@ -36,6 +36,7 @@ /** * Created by jacobo on 25/06/15. */ +@Ignore @Category(MediumTests.class) public class SampleWSServerTest { @@ -43,7 +44,7 @@ public class SampleWSServerTest { private WebTarget webTarget; private String sessionId; private String organizationId = "test"; - private String studyId = "user@1000G:phase1"; + private String studyId = organizationId + "@1000G:phase1"; private long in1; private long s1, s2, s3, s4;