Enable SSL.

Add query parameter to include personal roles.

pom.xml

@@ -44,12 +44,12 @@
 
     <spring.batch.repository.tableprefix>${datasource.ohdsi.schema}.BATCH_</spring.batch.repository.tableprefix>
     <spring.batch.repository.isolationLevelForCreate>ISOLATION_READ_COMMITTED</spring.batch.repository.isolationLevelForCreate>
-
     <spring.profiles.active>default</spring.profiles.active>
+
     <security.token.expiration>43200</security.token.expiration>
     <security.origin>http://localhost:8080</security.origin>
     <security.ssl.port>8443</security.ssl.port>
-    <security.ssl.enabled>false</security.ssl.enabled>
+    <security.ssl.enabled>true</security.ssl.enabled>
     <security.oauth.callback.ui>http://localhost:8080/Atlas/#/welcome</security.oauth.callback.ui>
     <security.oauth.callback.api>http://localhost:8084/WebAPI/user/oauth/callback</security.oauth.callback.api>
     <security.oauth.google.apiKey></security.oauth.google.apiKey>

src/main/java/org/ohdsi/webapi/service/UserService.java

@@ -9,12 +9,14 @@
 import java.util.Set;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
+import javax.ws.rs.DefaultValue;
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.MediaType;
 import org.ohdsi.webapi.shiro.Entities.PermissionEntity;
 import org.ohdsi.webapi.shiro.Entities.RoleEntity;
@@ -171,8 +173,9 @@ public Role updateRole(@PathParam("roleId") Long id, Role role) throws Exception
   @GET
   @Path("role")
   @Produces(MediaType.APPLICATION_JSON)
-  public ArrayList<Role> getRoles() {
-    Iterable<RoleEntity> roleEntities = this.authorizer.getRoles();
+  public ArrayList<Role> getRoles(
+          @DefaultValue("false") @QueryParam("include_personal") boolean includePersonalRoles) {
+    Iterable<RoleEntity> roleEntities = this.authorizer.getRoles(includePersonalRoles);
     ArrayList<Role> roles = convertRoles(roleEntities);
     return roles;
   }

src/main/java/org/ohdsi/webapi/shiro/Entities/UserRepository.java

@@ -1,5 +1,6 @@
 package org.ohdsi.webapi.shiro.Entities;
 
+import java.util.Set;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.CrudRepository;
 
@@ -10,6 +11,9 @@ public interface UserRepository extends CrudRepository<UserEntity, Long> {
 
     public UserEntity findByLogin(String login);
 
+    @Query("SELECT u.login FROM UserEntity u")
+    public Set<String> getUserLogins();
+
     @Query("from UserEntity where login = 'testLogin'")
     public UserEntity getTestUser();
 }

src/main/java/org/ohdsi/webapi/shiro/PermissionManager.java

@@ -1,6 +1,8 @@
 package org.ohdsi.webapi.shiro;
 
 import java.security.Principal;
+import java.util.Arrays;
+import java.util.HashSet;
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Map;
@@ -93,8 +95,21 @@ public void removeUserFromRole(String roleName, String login) throws Exception {
       this.userRoleRepository.delete(userRole);
   }
 
-  public Iterable<RoleEntity> getRoles() {
-    return this.roleRepository.findAll();
+  public Iterable<RoleEntity> getRoles(boolean includePersonalRoles) {
+    Iterable<RoleEntity> roles = this.roleRepository.findAll();
+    if (includePersonalRoles) {
+      return roles;
+    }
+
+    Set<String> logins = this.userRepository.getUserLogins();
+    HashSet<RoleEntity> filteredRoles = new HashSet<>();
+    for (RoleEntity role : roles) {
+      if (!logins.contains(role.getName())) {
+        filteredRoles.add(role);
+      }
+    }
+
+    return filteredRoles;
   }
 
   public AuthorizationInfo getAuthorizationInfo(final String login) {