diff --git a/shanoir-ng-front/src/app/datasets/shared/dataset.dto.ts b/shanoir-ng-front/src/app/datasets/shared/dataset.dto.ts index 0ffd607470..4b4b731ed2 100644 --- a/shanoir-ng-front/src/app/datasets/shared/dataset.dto.ts +++ b/shanoir-ng-front/src/app/datasets/shared/dataset.dto.ts @@ -79,8 +79,12 @@ export class DatasetDTOService { */ public toEntityList(dtos: DatasetDTO[], result?: Dataset[], mode: 'eager' | 'lazy' = 'eager'): Promise{ if (!result) result = []; + let subjectIds = new Set; if (dtos) { for (let dto of dtos ? dtos : []) { + if (dto.subjectId) { + subjectIds.add(dto.subjectId); + } let entity = DatasetUtils.getDatasetInstance(dto.type); DatasetDTOService.mapSyncFields(dto, entity); result.push(entity); @@ -94,7 +98,7 @@ export class DatasetDTOService { entity.study.name = studies.find(study => study.id == entity.study.id)?.name; } }), - this.subjectService.getSubjectsNames().then(subjects => { + this.subjectService.getSubjectsNames(subjectIds).then(subjects => { for (let entity of result) { if (entity.subject) entity.subject.name = subjects.find(subject => subject.id == entity.subject.id)?.name; diff --git a/shanoir-ng-front/src/app/studies/study/study.component.ts b/shanoir-ng-front/src/app/studies/study/study.component.ts index ef77f1caeb..9ceba3f82f 100644 --- a/shanoir-ng-front/src/app/studies/study/study.component.ts +++ b/shanoir-ng-front/src/app/studies/study/study.component.ts @@ -179,7 +179,7 @@ export class StudyComponent extends EntityComponent { return study; }); - this.getSubjects(); + this.getAllSubjects(); this.protocolFiles = []; @@ -211,7 +211,7 @@ export class StudyComponent extends EntityComponent { this.selectedCenter = null; this.protocolFiles = []; this.dataUserAgreement = null; - this.getSubjects(); + this.getAllSubjects(); this.fetchUsers().then(users => { // Add the connected user by default @@ -346,14 +346,14 @@ export class StudyComponent extends EntityComponent { }); } - private getSubjects(): void { + private getAllSubjects(): void { this.subjectService - .getSubjectsNames() + .getAllSubjectsNames() .then(subjects => { this.subjects = subjects?.sort(function(a:Subject, b:Subject){ return a.name.localeCompare(b.name); }); - }); + }); } /** Center section management **/ diff --git a/shanoir-ng-front/src/app/subjects/shared/subject.service.ts b/shanoir-ng-front/src/app/subjects/shared/subject.service.ts index 4784083a75..d5a7038bcc 100644 --- a/shanoir-ng-front/src/app/subjects/shared/subject.service.ts +++ b/shanoir-ng-front/src/app/subjects/shared/subject.service.ts @@ -24,6 +24,8 @@ import { SubjectDTO, SubjectDTOService } from './subject.dto'; import { SubjectStudyDTO } from './subject-study.dto'; import { Page, Pageable } from 'src/app/shared/components/table/pageable.model'; import {BACKEND_API_SUBJECT_URL} from "../../utils/app.utils"; +import {Dataset} from "../../datasets/shared/dataset.model"; +import {DatasetDTO} from "../../datasets/shared/dataset.dto"; @Injectable() export class SubjectService extends EntityService { @@ -36,8 +38,15 @@ export class SubjectService extends EntityService { getEntityInstance() { return new Subject(); } - getSubjectsNames(): Promise { + getAllSubjectsNames(): Promise { return this.http.get(AppUtils.BACKEND_API_SUBJECT_NAMES_URL) + .toPromise(); + } + + getSubjectsNames(subjectIds: Set): Promise { + const formData: FormData = new FormData(); + formData.set('subjectIds', Array.from(subjectIds).join(",")); + return this.http.post(AppUtils.BACKEND_API_SUBJECT_NAMES_URL, formData) .toPromise(); } diff --git a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/controler/SubjectApi.java b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/controler/SubjectApi.java index d18f72df95..fb85dd780f 100644 --- a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/controler/SubjectApi.java +++ b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/controler/SubjectApi.java @@ -93,7 +93,18 @@ ResponseEntity> findSubjects( @ApiResponse(responseCode = "500", description = "unexpected error") }) @GetMapping(value = "/names", produces = { "application/json" }) @PreAuthorize("hasAnyRole('ADMIN', 'EXPERT', 'USER')") - ResponseEntity> findSubjectsNames(); + ResponseEntity> findAllSubjectsNames(); + + @Operation(summary = "", description = "Returns id and name for the given subject ids") + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "found subjects"), + @ApiResponse(responseCode = "204", description = "no subject found"), + @ApiResponse(responseCode = "401", description = "unauthorized"), + @ApiResponse(responseCode = "403", description = "forbidden"), + @ApiResponse(responseCode = "500", description = "unexpected error") }) + @PostMapping(value = "/names", produces = { "application/json" }) + @PreAuthorize("hasAnyRole('ADMIN', 'EXPERT', 'USER')") + ResponseEntity> findSubjectsNames(@RequestParam(value = "subjectIds", required = true) List subjectIds); @Operation(summary = "", description = "If exists, returns the subject corresponding to the given id") @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "found bubject"), diff --git a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/controler/SubjectApiController.java b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/controler/SubjectApiController.java index 38514fd810..b0cf55acee 100644 --- a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/controler/SubjectApiController.java +++ b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/controler/SubjectApiController.java @@ -113,8 +113,17 @@ public ResponseEntity> findSubjects(boolean preclinical, boolea } @Override - public ResponseEntity> findSubjectsNames() { - final List subjectsNames = subjectService.findNames(); + public ResponseEntity> findAllSubjectsNames() { + final List subjectsNames = subjectService.findAllNames(); + if (subjectsNames.isEmpty()) { + return new ResponseEntity<>(HttpStatus.NO_CONTENT); + } + return new ResponseEntity<>(subjectsNames, HttpStatus.OK); + } + + @Override + public ResponseEntity> findSubjectsNames(List subjectIds) { + final List subjectsNames = subjectService.findNames(subjectIds); if (subjectsNames.isEmpty()) { return new ResponseEntity<>(HttpStatus.NO_CONTENT); } diff --git a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/repository/SubjectRepository.java b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/repository/SubjectRepository.java index e894805389..a7c8b9b313 100644 --- a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/repository/SubjectRepository.java +++ b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/repository/SubjectRepository.java @@ -71,6 +71,8 @@ public interface SubjectRepository extends CrudRepository, Subjec */ Iterable findBySubjectStudyListStudyIdIn(Iterable studyIds); + Iterable findBySubjectStudyListStudyIdInAndIdIn(Iterable studyIds, Iterable ids); + List findByPreclinical(boolean preclinical); diff --git a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/service/SubjectService.java b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/service/SubjectService.java index 5184141213..29b7da2e64 100644 --- a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/service/SubjectService.java +++ b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/service/SubjectService.java @@ -55,8 +55,10 @@ public interface SubjectService { * @return a list of subjects. */ @PreAuthorize("hasAnyRole('ADMIN', 'EXPERT', 'USER')") - List findNames(); + List findAllNames(); + @PreAuthorize("hasAnyRole('ADMIN', 'EXPERT', 'USER')") + List findNames(List subjectIds); /** * Get all the subjects of a study @@ -199,4 +201,5 @@ public interface SubjectService { List findByPreclinical(boolean preclinical); boolean existsSubjectWithName(String name); + } diff --git a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/service/SubjectServiceImpl.java b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/service/SubjectServiceImpl.java index d6ca5e40b9..049e5fbb56 100644 --- a/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/service/SubjectServiceImpl.java +++ b/shanoir-ng-studies/src/main/java/org/shanoir/ng/subject/service/SubjectServiceImpl.java @@ -129,7 +129,7 @@ public List findAll() { @Override - public List findNames() { + public List findAllNames() { Iterable subjects; if (KeycloakUtil.getTokenRoles().contains("ROLE_ADMIN")) { subjects = subjectRepository.findAll(); @@ -138,17 +138,38 @@ public List findNames() { List studyIds = studyUserRepository.findDistinctStudyIdByUserId(userId, StudyUserRight.CAN_SEE_ALL.getId()); subjects = subjectRepository.findBySubjectStudyListStudyIdIn(studyIds); } - List names = new ArrayList(); - if (subjects != null) { - for (Subject subject : subjects) { - IdName name = new IdName(subject.getId(), subject.getName()); - names.add(name); - } + return getIdNamesFromSubjects(subjects); + } + + @Override + public List findNames(List subjectIds) { + Iterable subjects; + if (KeycloakUtil.getTokenRoles().contains("ROLE_ADMIN")) { + subjects = subjectRepository.findAllById(subjectIds); + } else { + Long userId = KeycloakUtil.getTokenUserId(); + List studyIds = studyUserRepository.findDistinctStudyIdByUserId(userId, StudyUserRight.CAN_SEE_ALL.getId()); + subjects = subjectRepository.findBySubjectStudyListStudyIdInAndIdIn(studyIds, subjectIds); + } + return getIdNamesFromSubjects(subjects); + } + + + private List getIdNamesFromSubjects(Iterable subjects) { + + if (subjects == null) { + return new ArrayList<>(); + } + + List names = new ArrayList<>(); + for (Subject subject : subjects) { + IdName name = new IdName(subject.getId(), subject.getName()); + names.add(name); } return names; } - @Override + @Override public Subject findByData(final String name) { return subjectRepository.findByName(name); } diff --git a/shanoir-ng-studies/src/test/java/org/shanoir/ng/subject/SubjectApiSecurityTest.java b/shanoir-ng-studies/src/test/java/org/shanoir/ng/subject/SubjectApiSecurityTest.java index 1dbfc81f4d..cef9236713 100644 --- a/shanoir-ng-studies/src/test/java/org/shanoir/ng/subject/SubjectApiSecurityTest.java +++ b/shanoir-ng-studies/src/test/java/org/shanoir/ng/subject/SubjectApiSecurityTest.java @@ -93,7 +93,8 @@ public void setup() { public void testAsAnonymous() throws ShanoirException, RestServiceException { assertAccessDenied(api::deleteSubject, ENTITY_ID); assertAccessDenied(api::findSubjects, true, true); - assertAccessDenied(api::findSubjectsNames); + assertAccessDenied(api::findAllSubjectsNames); + assertAccessDenied(api::findSubjectsNames, List.of(ENTITY_ID)); assertAccessDenied(api::findSubjectById, ENTITY_ID); assertAccessDenied(api::saveNewSubject, mockNew, null, mockBindingResult); assertAccessDenied(api::updateSubject, ENTITY_ID, mockExisting, mockBindingResult); @@ -155,7 +156,8 @@ public void testAsExpert() throws ShanoirException, RestServiceException { public void testAsAdmin() throws ShanoirException, RestServiceException { assertAccessAuthorized(api::deleteSubject, ENTITY_ID); assertAccessAuthorized(api::findSubjects, true, true); - assertAccessAuthorized(api::findSubjectsNames); + assertAccessAuthorized(api::findAllSubjectsNames); + assertAccessAuthorized(api::findSubjectsNames, List.of(ENTITY_ID)); assertAccessAuthorized(api::findSubjectById, ENTITY_ID); assertAccessAuthorized(api::saveNewSubject, mockNew, null, mockBindingResult); assertAccessAuthorized(api::updateSubject, ENTITY_ID, mockExisting, mockBindingResult); @@ -179,7 +181,9 @@ private void testRead() throws ShanoirException { given(repository.findAll()).willReturn(Arrays.asList(subjectMockNoRights)); assertAccessAuthorized(api::findSubjects,true, true); assertEquals(null, api.findSubjects(true, true).getBody()); - assertAccessAuthorized(api::findSubjectsNames); + assertAccessAuthorized(api::findAllSubjectsNames); + assertAccessAuthorized(api::findSubjectsNames, List.of(ENTITY_ID)); + //assertNotNull(api.findSubjectsNames().getBody()); SubjectStudy subjectStudyMock = new SubjectStudy(); subjectStudyMock.setStudy(buildStudyMock(1L)); @@ -204,7 +208,8 @@ private void testRead() throws ShanoirException { given(repository.findAll()).willReturn(Arrays.asList(subjectMockWrongRights)); assertAccessAuthorized(api::findSubjects, true, true); assertEquals(null, api.findSubjects(true, true).getBody()); - assertAccessAuthorized(api::findSubjectsNames); + assertAccessAuthorized(api::findAllSubjectsNames); + assertAccessAuthorized(api::findSubjectsNames, List.of(ENTITY_ID)); //assertEquals(null, api.findSubjectsNames().getBody()); subjectStudyMock = new SubjectStudy(); subjectStudyMock.setStudy(buildStudyMock(1L)); @@ -229,7 +234,8 @@ private void testRead() throws ShanoirException { given(repository.findAllById(Arrays.asList(1L))).willReturn(Arrays.asList(subjectMockRightRights)); assertAccessAuthorized(api::findSubjects, true, true); assertEquals(1, api.findSubjects(true, true).getBody().size()); - assertAccessAuthorized(api::findSubjectsNames); + assertAccessAuthorized(api::findAllSubjectsNames); + assertAccessAuthorized(api::findSubjectsNames, List.of(ENTITY_ID)); //assertEquals(1, api.findSubjectsNames().getBody().size()); subjectStudyMock = new SubjectStudy(); subjectStudyMock.setStudy(buildStudyMock(1L));