diff --git a/src/MGRAST/lib/Auth.pm b/src/MGRAST/lib/Auth.pm index a7c8432c..9bf81d04 100644 --- a/src/MGRAST/lib/Auth.pm +++ b/src/MGRAST/lib/Auth.pm @@ -22,31 +22,68 @@ sub authenticate { $key =~ s/^mggo4711//; use MIME::Base64; + use LWP::UserAgent; + use Conf; my ($u,$p) = split(/\:/, decode_base64($key)); my $us = $master->User->init( { login => $u } ); if (ref $us and crypt($p, $us->password) eq $us->password) { my $pref = $master->Preferences->get_objects( { name => 'WebServiceKeyTdate', user => $us } ); - if (scalar(@$pref)) { + if (scalar(@$pref)) { if ($pref->[0]->value < time) { $pref->[0]->value(time + 1209600); } $pref = $master->Preferences->get_objects( { name => 'WebServicesKey', user => $us } ); - my $cgi = new CGI; - my $verbose = ""; - if ($cgi->param('verbosity') && $cgi->param('verbosity') eq 'verbose') { - $verbose = ', "login": "'.$us->{login}.'", "firstname": "'.$us->{firstname}.'", "lastname": "'.$us->{lastname}.'", "email": "'.$us->{email}.'"'; - } + my $cgi = new CGI; + my $verbose = ""; + if ($cgi->param('verbosity') && $cgi->param('verbosity') eq 'verbose') { + $verbose = ', "login": "'.$us->{login}.'", "firstname": "'.$us->{firstname}.'", "lastname": "'.$us->{lastname}.'", "email": "'.$us->{email}.'"'; + + # SHOCK preferences + my $prefs = $master->Preferences->get_objects({ user => $us, name => "shock_pref_node" }); + if (scalar(@$prefs)) { + my $nodeid = $prefs->[0]->{value}; + my $response = undef; + my $json = new JSON; + $json = $json->utf8(); + $json->max_size(0); + $json->allow_nonref; + my $agent = LWP::UserAgent->new; + eval { + my @args = ('Authorization', "mgrast ".$pref->[0]->{value}); + my $url = $Conf::shock_url.'/node/'.$nodeid; + my $get = $agent->get($url, @args); + $response = $json->decode( $get->content ); + }; + if ($@ || (! ref($response))) { + print $cgi->header(-type => 'application/json', + -status => 500, + -charset => 'UTF-8', + -Access_Control_Allow_Origin => '*' ); + print $json->encode({"ERROR" => "Unable to GET node $nodeid from Shock: ".$response->{error}[0]}, $response->{status} ); + exit; + } elsif (exists($response->{error}) && $response->{error}) { + print $cgi->header(-type => 'application/json', + -status => 500, + -charset => 'UTF-8', + -Access_Control_Allow_Origin => '*' ); + print $json->encode({"ERROR" => "Unable to GET node $nodeid from Shock: ".$response->{error}[0]}, $response->{status} ); + exit; + } else { + $verbose.=', "preferences": '.$json->encode($response->{data}->{attributes}->{pref}); + } + } + } print $cgi->header(-type => 'application/json', -status => 200, - -charset => 'UTF-8', + -charset => 'UTF-8', -Access_Control_Allow_Origin => '*' ); print '{ "token": "'.$pref->[0]->value.'"'.$verbose.' }'; exit; } else { - return (undef, "api access not enabled for this user"); - } + return (undef, "api access not enabled for this user"); + } } else { - return (undef, "invalid MG-RAST credentials"); + return (undef, "invalid MG-RAST credentials"); } } diff --git a/src/MGRAST/lib/WebPage/Analysis.pm b/src/MGRAST/lib/WebPage/Analysis.pm index ade8a0f4..4f67d646 100644 --- a/src/MGRAST/lib/WebPage/Analysis.pm +++ b/src/MGRAST/lib/WebPage/Analysis.pm @@ -600,8 +600,8 @@ sub single_data { if ($mg_grp_sel eq 'groups') { my $joined_data = {}; foreach my $row (@$result) { - my $id_string = join("|", @$row[1..8]); $row->[0] = $collections->{$row->[0]}; + my $id_string = join("|", @$row[0..8]); if (exists($joined_data->{$id_string})) { $row->[10] = sprintf("%.2f", (($joined_data->{$id_string}->[9] * $joined_data->{$id_string}->[10]) + ($row->[9] * $row->[10])) / ($joined_data->{$id_string}->[9] + $row->[9])); $row->[11] = sprintf("%.2f", (($joined_data->{$id_string}->[9] * $joined_data->{$id_string}->[11]) + ($row->[9] * $row->[11])) / ($joined_data->{$id_string}->[9] + $row->[9])); @@ -715,8 +715,8 @@ sub phylogenetic_data { if ($mg_grp_sel eq 'groups') { my $joined_data = {}; foreach my $row (@$result) { - my $id_string = join("|", @$row[1..9]); $row->[0] = $collections->{$row->[0]}; + my $id_string = join("|", @$row[0..9]); if (exists($joined_data->{$id_string})) { $row->[12] = sprintf("%.2f", (($joined_data->{$id_string}->[10] * $joined_data->{$id_string}->[12]) + ($row->[10] * $row->[12])) / ($joined_data->{$id_string}->[10] + $row->[10])); $row->[13] = sprintf("%.2f", (($joined_data->{$id_string}->[10] * $joined_data->{$id_string}->[13]) + ($row->[10] * $row->[13])) / ($joined_data->{$id_string}->[10] + $row->[10])); @@ -861,8 +861,8 @@ sub metabolic_data { if ($mg_grp_sel eq 'groups') { my $joined_data = {}; foreach my $row (@$all) { - my $id_string = join("|", @$row[1..4]); $row->[0] = $collections->{$row->[0]}; + my $id_string = join("|", @$row[0..4]); if (exists($joined_data->{$id_string})) { $row->[8] = sprintf("%.2f", (($joined_data->{$id_string}->[6] * $joined_data->{$id_string}->[8]) + ($row->[6] * $row->[8])) / ($joined_data->{$id_string}->[6] + $row->[6])); $row->[9] = sprintf("%.2f", (($joined_data->{$id_string}->[6] * $joined_data->{$id_string}->[9]) + ($row->[6] * $row->[9])) / ($joined_data->{$id_string}->[6] + $row->[6])); @@ -966,8 +966,8 @@ sub annotation_data { if ($mg_grp_sel eq 'groups') { my $joined_data = {}; foreach my $row (@$result) { - my $id_string = join("|", @$row[1..2]); $row->[0] = $collections->{$row->[0]}; + my $id_string = join("|", @$row[0..2]); if (exists($joined_data->{$id_string})) { $row->[5] = sprintf("%.2f", (($joined_data->{$id_string}->[3] * $joined_data->{$id_string}->[5]) + ($row->[3] * $row->[5])) / ($joined_data->{$id_string}->[3] + $row->[3])); $row->[6] = sprintf("%.2f", (($joined_data->{$id_string}->[3] * $joined_data->{$id_string}->[6]) + ($row->[3] * $row->[6])) / ($joined_data->{$id_string}->[3] + $row->[3])); @@ -1053,8 +1053,8 @@ sub lca_data { if ($mg_grp_sel eq 'groups') { my $joined_data = {}; foreach my $row (@$result) { - my $id_string = join("|", @$row[1..8]); $row->[0] = $collections->{$row->[0]}; + my $id_string = join("|", @$row[0..8]); if (exists($joined_data->{$id_string})) { $row->[10] = sprintf("%.2f", (($joined_data->{$id_string}->[9] * $joined_data->{$id_string}->[10]) + ($row->[9] * $row->[10])) / ($joined_data->{$id_string}->[9] + $row->[9])); $row->[11] = sprintf("%.2f", (($joined_data->{$id_string}->[9] * $joined_data->{$id_string}->[11]) + ($row->[9] * $row->[11])) / ($joined_data->{$id_string}->[9] + $row->[9])); diff --git a/src/MGRAST/lib/resources/job.pm b/src/MGRAST/lib/resources/job.pm index 27c796c5..bcde0039 100644 --- a/src/MGRAST/lib/resources/job.pm +++ b/src/MGRAST/lib/resources/job.pm @@ -362,7 +362,7 @@ sub job_action { my $attr = $n->{attributes}; $attr->{status} = 'public'; $self->update_shock_node($n->{id}, $attr, $self->mgrast_token); - $self->edit_shock_acl($n->{id}, $self->mgrast_token, 'mgrast', 'delete', 'read'); + $self->edit_shock_public_acl($n->{id}, $self->mgrast_token, 'put', 'read'); } # update db $job->public(1); diff --git a/src/MGRAST/lib/resources/metagenome.pm b/src/MGRAST/lib/resources/metagenome.pm index 5f7626cb..ff53393d 100644 --- a/src/MGRAST/lib/resources/metagenome.pm +++ b/src/MGRAST/lib/resources/metagenome.pm @@ -305,7 +305,7 @@ sub query { if ($self->user->has_star_right('view', 'metagenome')) { $solr_query_str .= "(status:private)"; } else { - if (scalar(%{$self->rights}) > 0) { + if (scalar(keys %{$self->rights}) > 0) { $solr_query_str .= "(status:private AND (".join(" OR ", map {'id:mgm'.$_} keys %{$self->rights})."))"; } else { $return_empty_set = 1; @@ -316,7 +316,7 @@ sub query { if ($self->user->has_star_right('view', 'metagenome')) { $solr_query_str .= "(status:*)"; } else { - if (scalar(%{$self->rights}) > 0) { + if (scalar(keys %{$self->rights}) > 0) { $solr_query_str .= "((status:public) OR (status:private AND (".join(" OR ", map {'id:mgm'.$_} keys %{$self->rights}).")))"; } else { $solr_query_str .= '(status:public)'; diff --git a/src/MGRAST/lib/resources/notebook.pm b/src/MGRAST/lib/resources/notebook.pm index 0b7d4e66..39e52521 100644 --- a/src/MGRAST/lib/resources/notebook.pm +++ b/src/MGRAST/lib/resources/notebook.pm @@ -429,7 +429,7 @@ sub shock_post_acl { map { $self->edit_shock_acl($id, $self->{nb_token}, $_, 'put', 'read') } @$access; } elsif ($self->{nb_token} && $self->{nb_info} && (@$access == 0)) { # public - $self->edit_shock_acl($id, $self->{nb_token}, $self->{nb_info}{username}, 'delete', 'read'); + $self->edit_shock_public_acl($id, $self->{nb_token}, 'put', 'read'); } else { # missing config print STDERR "Missing notebook config options\n"; diff --git a/src/MGRAST/lib/resources/project.pm b/src/MGRAST/lib/resources/project.pm index cd060c15..83da18ef 100644 --- a/src/MGRAST/lib/resources/project.pm +++ b/src/MGRAST/lib/resources/project.pm @@ -192,8 +192,27 @@ sub query { if ($limit == 0) { $limit = 18446744073709551615; } + + # check if we just want the private projects + if ($self->cgi->param('private')) { + unless ($self->user) { + $self->return_data({"ERROR" => "private option requires authentication"}, 400); + } + my $ids = []; + if ($self->cgi->param('edit')) { + $ids = $self->user->has_right_to(undef, 'edit', 'project'); + } else { + $ids = $self->user->has_right_to(undef, 'view', 'project'); + } + if (scalar(@$ids) && $ids->[0] eq '*') { + shift @$ids; + } + my $list = join(",", @$ids); + $total = scalar(@$ids); + $projects = $master->Project->get_objects( {$order => [undef, "id IN ($list) ORDER BY $order LIMIT $limit OFFSET $offset"]} ); + } # get all items the user has access to - if (exists $self->rights->{'*'}) { + elsif (exists $self->rights->{'*'}) { $total = $master->Project->count_all(); $projects = $master->Project->get_objects( {$order => [undef, "_id IS NOT NULL ORDER BY $order LIMIT $limit OFFSET $offset"]} ); } else { @@ -239,13 +258,32 @@ sub prepare_data { $obj->{samples} = \@samples; $obj->{libraries} = \@libraries; } - if (($self->cgi->param('verbosity') eq 'verbose') || ($self->cgi->param('verbosity') eq 'full')) { + if (($self->cgi->param('verbosity') eq 'verbose') || ($self->cgi->param('verbosity') eq 'full') || ($self->cgi->param('verbosity') eq 'summary')) { my $metadata = $project->data(); my $desc = $metadata->{project_description} || $metadata->{study_abstract} || " - "; my $fund = $metadata->{project_funding} || " - "; $obj->{metadata} = $metadata; $obj->{description} = $desc; - $obj->{funding_source} = $fund; + $obj->{funding_source} = $fund; + + if ($self->cgi->param('verbosity') eq 'summary') { + my $jdata = $project->metagenomes_summary(); + $obj->{metagenomes} = []; + foreach my $row (@$jdata) { + push(@{$obj->{metagenomes}}, { metagenome_id => $row->[0], + name => $row->[1], + basepairs => $row->[2], + sequences => $row->[3], + biome => $row->[4], + feature => $row->[5], + material => $row->[6], + location => $row->[7], + country => $row->[8], + coordinates => $row->[9], + sequence_type => $row->[10], + sequencing_method => $row->[11] }); + } + } } elsif ($self->cgi->param('verbosity') ne 'minimal') { $self->return_data( {"ERROR" => "invalid value for option verbosity"}, 400 ); } diff --git a/src/MGRAST/lib/resources/resource.pm b/src/MGRAST/lib/resources/resource.pm index 5a092a07..2f2ea913 100644 --- a/src/MGRAST/lib/resources/resource.pm +++ b/src/MGRAST/lib/resources/resource.pm @@ -547,8 +547,12 @@ sub download_text { # stream a file from shock to browser sub return_shock_file { - my ($self, $id, $size, $name, $auth) = @_; + my ($self, $id, $size, $name, $auth, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + my $response = undef; # print headers print "Content-Type:application/x-download\n"; @@ -560,7 +564,7 @@ sub return_shock_file { eval { my $url = $Conf::shock_url.'/node/'.$id.'?download_raw'; my @args = ( - $auth ? ('Authorization', "OAuth $auth") : (), + $auth ? ('Authorization', "$authPrefix $auth") : (), ':read_size_hint', 8192, ':content_cb', sub{ my ($chunk) = @_; print $chunk; } ); @@ -575,12 +579,16 @@ sub return_shock_file { ## download array of info for metagenome files in shock sub get_download_set { - my ($self, $mgid, $auth, $seq_only) = @_; + my ($self, $mgid, $auth, $seq_only, $authPrefix) = @_; + + if (! $authPrefix) { + $authPrefix = "OAuth"; + } my %seen = (); my %subset = ('preprocess' => 1, 'dereplication' => 1, 'screen' => 1); my $stages = []; - my $mgdata = $self->get_shock_query({'type' => 'metagenome', 'id' => 'mgm'.$mgid}, $auth); + my $mgdata = $self->get_shock_query({'type' => 'metagenome', 'id' => 'mgm'.$mgid}, $auth, $authPrefix); @$mgdata = grep { exists($_->{attributes}{stage_id}) && exists($_->{attributes}{data_type}) } @$mgdata; @$mgdata = sort { ($a->{attributes}{stage_id} cmp $b->{attributes}{stage_id}) || ($a->{attributes}{data_type} cmp $b->{attributes}{data_type}) } @$mgdata; @@ -665,16 +673,20 @@ sub get_download_set { # add or delete an ACL based on username sub edit_shock_acl { - my ($self, $id, $auth, $user, $action, $acl) = @_; + my ($self, $id, $auth, $user, $action, $acl, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + my $response = undef; my $url = $Conf::shock_url.'/node/'.$id.'/acl/'.$acl.'?users='.$user; eval { my $tmp = undef; if ($action eq 'delete') { - $tmp = $self->agent->delete($url, 'Authorization' => "OAuth $auth"); + $tmp = $self->agent->delete($url, 'Authorization' => "$authPrefix $auth"); } elsif ($action eq 'put') { - $tmp = $self->agent->put($url, 'Authorization' => "OAuth $auth"); + $tmp = $self->agent->put($url, 'Authorization' => "$authPrefix $auth"); } else { $self->return_data( {"ERROR" => "Invalid Shock ACL action: $action"}, 500 ); } @@ -689,11 +701,44 @@ sub edit_shock_acl { } } +# add or delete public from a node ACL +sub edit_shock_public_acl { + my ($self, $id, $auth, $action, $acl, $authPrefix) = @_; + + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + + my $response = undef; + my $url = $Conf::shock_url.'/node/'.$id.'/acl/public_'.$acl; + eval { + my $tmp = undef; + if ($action eq 'delete') { + $tmp = $self->agent->delete($url, 'Authorization' => "$authPrefix $auth"); + } elsif ($action eq 'put') { + $tmp = $self->agent->put($url, 'Authorization' => "$authPrefix $auth"); + } else { + $self->return_data( {"ERROR" => "Invalid Shock ACL action: $action"}, 500 ); + } + $response = $self->json->decode( $tmp->content ); + }; + if ($@ || (! ref($response))) { + return undef; + } elsif (exists($response->{error}) && $response->{error}) { + $self->return_data( {"ERROR" => "Unable to $action public ACL for '$acl' to node $id in Shock: ".$response->{error}[0]}, $response->{status} ); + } else { + return $response->{data}; + } +} + # create node with optional file and/or attributes # file is json struct by default sub set_shock_node { - my ($self, $name, $file, $attr, $auth, $not_json) = @_; + my ($self, $name, $file, $attr, $auth, $not_json, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } my $response = undef; my $content = {}; if ($file) { @@ -705,7 +750,7 @@ sub set_shock_node { } eval { my @args = ( - $auth ? ('Authorization', "OAuth $auth") : (), + $auth ? ('Authorization', "$authPrefix $auth") : (), 'Content_Type', 'multipart/form-data', $content ? ('Content', $content) : () ); @@ -723,13 +768,17 @@ sub set_shock_node { # set node file_name sub update_shock_node_file_name { - my ($self, $id, $fname, $auth) = @_; + my ($self, $id, $fname, $auth, $authPrefix) = @_; + + if (! $authPrefix) { + $authPrefix = "OAuth"; + } my $response = undef; my $content = {file_name => $fname}; eval { my @args = ( - $auth ? ('Authorization', "OAuth $auth") : (), + $auth ? ('Authorization', "$authPrefix $auth") : (), 'Content_Type', 'multipart/form-data', $content ? ('Content', $content) : () ); @@ -750,13 +799,16 @@ sub update_shock_node_file_name { # edit node attributes sub update_shock_node { - my ($self, $id, $attr, $auth) = @_; + my ($self, $id, $attr, $auth, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } my $response = undef; my $content = {attributes => [undef, "n/a", Content => $self->json->encode($attr)]}; eval { my @args = ( - $auth ? ('Authorization', "OAuth $auth") : (), + $auth ? ('Authorization', "$authPrefix $auth") : (), 'Content_Type', 'multipart/form-data', $content ? ('Content', $content) : () ); @@ -776,11 +828,15 @@ sub update_shock_node { # get node contents sub get_shock_node { - my ($self, $id, $auth) = @_; + my ($self, $id, $auth, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + my $response = undef; eval { - my @args = $auth ? ('Authorization', "OAuth $auth") : (); + my @args = $auth ? ('Authorization', "$authPrefix $auth") : (); my $get = $self->agent->get($Conf::shock_url.'/node/'.$id, @args); $response = $self->json->decode( $get->content ); }; @@ -795,11 +851,15 @@ sub get_shock_node { # get the shock preauth url for a file sub get_shock_preauth { - my ($self, $id, $auth, $fn) = @_; + my ($self, $id, $auth, $fn, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + my $response = undef; eval { - my @args = $auth ? ('Authorization', "OAuth $auth") : (); + my @args = $auth ? ('Authorization', "$authPrefix $auth") : (); my $get = $self->agent->get($Conf::shock_url.'/node/'.$id.'?download_url'.($fn ? "&filename=".$fn : ""), @args); $response = $self->json->decode( $get->content ); }; @@ -814,11 +874,15 @@ sub get_shock_preauth { # write file content to given filepath, else return file content as string sub get_shock_file { - my ($self, $id, $file, $auth, $index) = @_; + my ($self, $id, $file, $auth, $index, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + my $response = undef; my $fhdl = undef; - my @args = $auth ? ('Authorization', "OAuth $auth") : (); + my @args = $auth ? ('Authorization', "$authPrefix $auth") : (); if ($file) { open($fhdl, ">$file") || return undef; @@ -840,15 +904,19 @@ sub get_shock_file { # get list of nodes for query sub get_shock_query { - my ($self, $params, $auth) = @_; - + my ($self, $params, $auth, $authPrefix) = @_; + + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + my $response = undef; my $query = '?query&limit=0'; if ($params && (scalar(keys %$params) > 0)) { map { $query .= '&'.$_.'='.$params->{$_} } keys %$params; } eval { - my @args = $auth ? ('Authorization', "OAuth $auth") : (); + my @args = $auth ? ('Authorization', "$authPrefix $auth") : (); my $get = $self->agent->get($Conf::shock_url.'/node'.$query, @args); $response = $self->json->decode( $get->content ); }; @@ -863,7 +931,11 @@ sub get_shock_query { # submit job to awe sub post_awe_job { - my ($self, $workflow, $shock_auth, $awe_auth, $is_string) = @_; + my ($self, $workflow, $shock_auth, $awe_auth, $is_string, $authPrefix) = @_; + + if (! $authPrefix) { + $authPrefix = "OAuth"; + } my $content = undef; if ($is_string) { @@ -876,7 +948,7 @@ sub post_awe_job { eval { my $post = $self->agent->post($Conf::awe_url.'/job', 'Datatoken', $shock_auth, - 'Authorization', 'OAuth '.$awe_auth, + 'Authorization', "$authPrefix ".$awe_auth, 'Content-Type', 'multipart/form-data', 'Content', $content); $response = $self->json->decode( $post->content ); @@ -893,11 +965,15 @@ sub post_awe_job { # PUT command to perfrom action on a job sub awe_job_action { - my ($self, $id, $action, $auth) = @_; + my ($self, $id, $action, $auth, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + my $response = undef; eval { - my @args = $auth ? ('Authorization', "OAuth $auth") : (); + my @args = $auth ? ('Authorization', "$authPrefix $auth") : (); my $req = POST($Conf::awe_url.'/job/'.$id.'?'.$action, @args); $req->method('PUT'); my $put = $self->agent->request($req); @@ -912,8 +988,12 @@ sub awe_job_action { # get list of jobs for query sub get_awe_query { - my ($self, $params, $auth) = @_; + my ($self, $params, $auth, $authPrefix) = @_; + if (! $authPrefix) { + $authPrefix = "OAuth"; + } + my $response = undef; my $query = '?query'; if ($params && (scalar(keys %$params) > 0)) { @@ -922,7 +1002,7 @@ sub get_awe_query { } } eval { - my @args = $auth ? ('Authorization', "OAuth $auth") : (); + my @args = $auth ? ('Authorization', "$authPrefix $auth") : (); my $get = $self->agent->get($Conf::awe_url.'/job'.$query, @args); $response = $self->json->decode( $get->content ); }; diff --git a/src/MGRAST/lib/resources/user.pm b/src/MGRAST/lib/resources/user.pm index f107ba83..a57500ab 100644 --- a/src/MGRAST/lib/resources/user.pm +++ b/src/MGRAST/lib/resources/user.pm @@ -267,6 +267,29 @@ sub instance { if (defined $self->{cgi}->param('comment')) { $user->comment(uri_unescape($self->{cgi}->param('comment'))); } + + # preferences were passed + if (defined $rest->[1] && $rest->[1] eq "preferences") { + my $userToken = $master->Preferences->get_objects({ user => $user, name => "WebServicesKey" }); + if (scalar(@$userToken)) { + $userToken = $userToken->[0]->{value}; + } else { + $self->return_data( {"ERROR" => "insufficient permissions for this user call"}, 401 ); + } + my $prefs = { 'type' => 'preference', 'app' => 'MGRAST', 'id' => 'mgu'.$self->user->_id, "pref" => $self->json->decode($self->cgi->param('prefs')) }; + + my $pref_id = $master->Preferences->get_objects({ user => $user, name => "shock_pref_node" }); + my $nodeid; + my $retval = {}; + if (scalar(@$pref_id)) { + $nodeid = $pref_id->[0]->{value}; + $retval = $self->update_shock_node($nodeid, $prefs, $userToken, "mgrast"); + } else { + $retval = $self->set_shock_node("preferences", undef, $prefs, $userToken, undef, "mgrast"); + $master->Preferences->create({ user => $user, name => "shock_pref_node", value => $retval->{id} }); + } + $self->return_data( {"OK" => $retval->{attributes}->{pref}}, 200 ); + } } # check if this is a user deletion @@ -403,6 +426,31 @@ sub instance { my $prefs = $master->Preferences->get_objects({ user => $user }); $user->{preferences} = []; @{$user->{preferences}} = map { { name => $_->{name}, value => $_->{value} } } @$prefs; + + # check if we already have shock preferences + my $nodeid; + foreach my $p (@{$user->{preferences}}) { + if ($p->{name} eq "shock_pref_node") { + $nodeid = $p->{value}; + last; + } + } + if ($nodeid) { + my $userToken; + foreach my $p (@$prefs) { + if ($p->{name} eq "WebServicesKey") { + $userToken = $p->{value}; + last; + } + } + unless ($userToken) { + $self->return_data( {"ERROR" => "insufficient permissions for this user call"}, 401 ); + } + my $shockprefs = $self->get_shock_node($nodeid, $userToken, "mgrast"); + if ($shockprefs) { + push(@{$user->{preferences}}, { name => 'shock', value => $shockprefs->{attributes}->{pref} } ); + } + } } # get the users rights elsif ($verb eq 'rights') {