diff --git a/src/main/java/eu/hbp/mip/controllers/ExperimentApi.java b/src/main/java/eu/hbp/mip/controllers/ExperimentApi.java
index 0c027d4978eab28fdd61633a8b68c320598c50ec..3958d99d608fff64bfcf934ee22e5ef61a44e303 100644
--- a/src/main/java/eu/hbp/mip/controllers/ExperimentApi.java
+++ b/src/main/java/eu/hbp/mip/controllers/ExperimentApi.java
@@ -73,6 +73,10 @@ public class ExperimentApi {
@Value("#{'${services.galaxy.galaxyApiKey}'}")
private String galaxyApiKey;
+ // Enable HBP collab authentication (1) or disable it (0). Default is 1
+ @Value("#{'${hbp.authentication.enabled:1}'}")
+ private boolean authenticationIsEnabled;
+
@Autowired
private ModelRepository modelRepository;
@@ -110,39 +114,41 @@ public class ExperimentApi {
public ResponseEntity<String> runExperiment(Authentication authentication, @RequestBody ExperimentExecutionDTO experimentExecutionDTO) {
UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Run algorithm", "Running the algorithm...");
- // --- Validating proper access rights on the datasets ---
- List<String> userClaims = Arrays.asList(authentication.getAuthorities().toString().toLowerCase()
- .replaceAll("[\\s+\\]\\[]", "").split(","));
- UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "User Claims", userClaims.toString());
-
- // Don't check for dataset claims if "super" claim exists allowing everything
- if (!userClaims.contains(ClaimUtils.allDatasetsAllowedClaim())) {
- // Getting the dataset from the experiment parameters
- String experimentDatasets = null;
- for (AlgorithmExecutionParamDTO parameter : experimentExecutionDTO.getAlgorithms().get(0).getParameters()) {
- if (parameter.getName().equals("dataset")) {
- experimentDatasets = parameter.getValue();
- UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Run algorithm", "Found the dataset parameter!");
- break;
+ if(authenticationIsEnabled) {
+ // --- Validating proper access rights on the datasets ---
+ List<String> userClaims = Arrays.asList(authentication.getAuthorities().toString().toLowerCase()
+ .replaceAll("[\\s+\\]\\[]", "").split(","));
+ UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "User Claims", userClaims.toString());
+
+ // Don't check for dataset claims if "super" claim exists allowing everything
+ if (!userClaims.contains(ClaimUtils.allDatasetsAllowedClaim())) {
+ // Getting the dataset from the experiment parameters
+ String experimentDatasets = null;
+ for (AlgorithmExecutionParamDTO parameter : experimentExecutionDTO.getAlgorithms().get(0).getParameters()) {
+ if (parameter.getName().equals("dataset")) {
+ experimentDatasets = parameter.getValue();
+ UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Run algorithm", "Found the dataset parameter!");
+ break;
+ }
}
- }
- if (experimentDatasets == null || experimentDatasets.equals("")) {
- UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Run algorithm",
- "A dataset should be specified when running an algorithm.");
- return ResponseEntity.badRequest().body("A dataset should be specified when running an algorithm.");
- }
-
- for (String dataset : experimentDatasets.split(",")) {
- String datasetRole = ClaimUtils.getDatasetClaim(dataset);
- if (!userClaims.contains(datasetRole.toLowerCase())) {
+ if (experimentDatasets == null || experimentDatasets.equals("")) {
UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Run algorithm",
- "You are not allowed to use dataset: " + dataset);
- return ResponseEntity.status(HttpStatus.FORBIDDEN).body("You are not allowed to use dataset: " + dataset);
+ "A dataset should be specified when running an algorithm.");
+ return ResponseEntity.badRequest().body("A dataset should be specified when running an algorithm.");
+ }
+
+ for (String dataset : experimentDatasets.split(",")) {
+ String datasetRole = ClaimUtils.getDatasetClaim(dataset);
+ if (!userClaims.contains(datasetRole.toLowerCase())) {
+ UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Run algorithm",
+ "You are not allowed to use dataset: " + dataset);
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).body("You are not allowed to use dataset: " + dataset);
+ }
}
+ UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Run algorithm",
+ "User is authorized to use the datasets: " + experimentDatasets);
}
- UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Run algorithm",
- "User is authorized to use the datasets: " + experimentDatasets);
}
// --- Run the experiment ---
diff --git a/src/main/java/eu/hbp/mip/controllers/PathologiesApi.java b/src/main/java/eu/hbp/mip/controllers/PathologiesApi.java
index d2163e5814b09a2ff4c41a882f5fe79bf33fb411..b7914e2215693126dfed7658b9bfa7e07796dec6 100644
--- a/src/main/java/eu/hbp/mip/controllers/PathologiesApi.java
+++ b/src/main/java/eu/hbp/mip/controllers/PathologiesApi.java
@@ -14,6 +14,7 @@ import eu.hbp.mip.utils.CustomResourceLoader;
import eu.hbp.mip.utils.UserActionLogging;
import io.swagger.annotations.Api;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.io.Resource;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication;
@@ -41,6 +42,10 @@ public class PathologiesApi {
@Autowired
private UserInfo userInfo;
+ // Enable HBP collab authentication (1) or disable it (0). Default is 1
+ @Value("#{'${hbp.authentication.enabled:1}'}")
+ private boolean authenticationIsEnabled;
+
@Autowired
private CustomResourceLoader resourceLoader;
@@ -58,6 +63,11 @@ public class PathologiesApi {
return ResponseEntity.badRequest().body("The pathologies.json file could not be read.");
}
+ // If authentication is disabled return everything
+ if (!authenticationIsEnabled) {
+ return ResponseEntity.ok().body(gson.toJson(allPathologies));
+ }
+
// --- Providing only the allowed pathologies/datasets to the user ---
UserActionLogging.LogUserAction(userInfo.getUser().getUsername(),
"Load all the pathologies", "Filter out the unauthorised datasets.");