Use recommended ways to inject dependencies in spring

cBioPortal · Jun 20, 2024 · a5e6952 · a5e6952
1 parent 348c804
commit a5e6952
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 33 deletions.
diff --git a/src/main/java/org/cbioportal/security/VirtualStudyPermissionService.java b/src/main/java/org/cbioportal/security/VirtualStudyPermissionService.java
@@ -5,24 +5,28 @@
 import org.cbioportal.web.parameter.VirtualStudy;
 import org.cbioportal.web.parameter.VirtualStudyData;
 import org.cbioportal.web.parameter.VirtualStudySamples;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Component;
+import org.springframework.stereotype.Service;
 
 import java.util.Iterator;
 import java.util.List;
+import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
 
-@Component
+@Service
 public class VirtualStudyPermissionService {
-    @Autowired(required = false)
-    private CancerStudyPermissionEvaluator cancerStudyPermissionEvaluator;
+
+    private final Optional<CancerStudyPermissionEvaluator> cancerStudyPermissionEvaluator;
+
+    public VirtualStudyPermissionService(Optional<CancerStudyPermissionEvaluator> cancerStudyPermissionEvaluator) {
+        this.cancerStudyPermissionEvaluator = cancerStudyPermissionEvaluator;
+    }
 
     public void filterOutForbiddenStudies(List<VirtualStudy> virtualStudies) {
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        if (authentication == null || cancerStudyPermissionEvaluator == null) {
+        if (authentication == null || cancerStudyPermissionEvaluator.isEmpty()) {
             return;
         }
         Iterator<VirtualStudy> virtualStudyIterator = virtualStudies.iterator();
@@ -32,7 +36,7 @@ public void filterOutForbiddenStudies(List<VirtualStudy> virtualStudies) {
 
             Set<VirtualStudySamples> filteredStudies = virtualStudyData.getStudies().stream()
                 .filter(study ->
-                    cancerStudyPermissionEvaluator.hasPermission(authentication, study.getId(), "CancerStudyId", AccessLevel.READ))
+                    cancerStudyPermissionEvaluator.get().hasPermission(authentication, study.getId(), "CancerStudyId", AccessLevel.READ))
                 .collect(Collectors.toSet());
             if (filteredStudies.isEmpty()) {
                 virtualStudyIterator.remove();
@@ -43,7 +47,7 @@ public void filterOutForbiddenStudies(List<VirtualStudy> virtualStudies) {
             StudyViewFilter studyViewFilter = virtualStudyData.getStudyViewFilter();
             List<String> filteredStudyIds = studyViewFilter.getStudyIds().stream()
                 .filter(studyId ->
-                    cancerStudyPermissionEvaluator.hasPermission(authentication, studyId, "CancerStudyId", AccessLevel.READ))
+                    cancerStudyPermissionEvaluator.get().hasPermission(authentication, studyId, "CancerStudyId", AccessLevel.READ))
                 .toList();
             virtualStudyData.getStudyViewFilter().setStudyIds(filteredStudyIds);
         }

diff --git a/src/main/java/org/cbioportal/web/PublicVirtualStudiesController.java b/src/main/java/org/cbioportal/web/PublicVirtualStudiesController.java
@@ -4,27 +4,21 @@
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
-import org.cbioportal.security.CancerStudyPermissionEvaluator;
 import org.cbioportal.security.VirtualStudyPermissionService;
 import org.cbioportal.service.CancerTypeService;
 import org.cbioportal.service.exception.CancerTypeNotFoundException;
 import org.cbioportal.service.util.SessionServiceRequestHandler;
-import org.cbioportal.utils.security.AccessLevel;
-import org.cbioportal.web.parameter.StudyViewFilter;
 import org.cbioportal.web.parameter.VirtualStudy;
 import org.cbioportal.web.parameter.VirtualStudyData;
-import org.cbioportal.web.parameter.VirtualStudySamples;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.core.ParameterizedTypeReference;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.HttpStatusCode;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -36,34 +30,41 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.client.RestTemplate;
 
-import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Set;
-import java.util.stream.Collectors;
 
 @Controller
 @RequestMapping("/api/public_virtual_studies")
 public class PublicVirtualStudiesController {
 
     private static final Logger LOG = LoggerFactory.getLogger(PublicVirtualStudiesController.class);
-
-    @Value("${session.endpoint.publisher-api-key:}")
-    private String requiredPublisherApiKey;
-
+
     public static final String ALL_USERS = "*";
-    @Autowired
-    SessionServiceRequestHandler sessionServiceRequestHandler;
-
-    @Value("${session.service.url:}")
-    private String sessionServiceURL;
-
-    @Autowired
-    private CancerTypeService cancerTypeService;
-
-    @Autowired
-    private VirtualStudyPermissionService virtualStudyPermissionService;
+
+    private final String requiredPublisherApiKey;
+
+    private final SessionServiceRequestHandler sessionServiceRequestHandler;
+
+    private final String sessionServiceURL;
+
+    private final CancerTypeService cancerTypeService;
+
+    private final VirtualStudyPermissionService virtualStudyPermissionService;
+
+    public PublicVirtualStudiesController(
+        @Value("${session.endpoint.publisher-api-key:}") String requiredPublisherApiKey,
+        SessionServiceRequestHandler sessionServiceRequestHandler,
+        @Value("${session.service.url:}") String sessionServiceURL,
+        CancerTypeService cancerTypeService,
+        VirtualStudyPermissionService virtualStudyPermissionService
+    ) {
+        this.requiredPublisherApiKey = requiredPublisherApiKey;
+        this.sessionServiceRequestHandler = sessionServiceRequestHandler;
+        this.sessionServiceURL = sessionServiceURL;
+        this.cancerTypeService = cancerTypeService;
+        this.virtualStudyPermissionService = virtualStudyPermissionService;
+    }
 
     @GetMapping
     @ApiResponse(responseCode = "200", description = "OK", content = @Content(schema = @Schema(implementation = VirtualStudy.class)))
@@ -183,7 +184,7 @@ public ResponseEntity retractVirtualStudy(
                     " Replying with internal server error status code to the client.",
                 statusCode);
             return new ResponseEntity<>(null, HttpStatus.INTERNAL_SERVER_ERROR);
-        } 
+        }
         VirtualStudy virtualStudy = responseEntity.getBody();
         VirtualStudyData data = virtualStudy.getData();
         data.setUsers(Collections.emptySet());