search

GMOD / Apollo

Genome annotation editor with a Java Server backend and a Javascript client that runs in a web browser as a JBrowse plugin.
http://genomearchitect.readthedocs.io/
Other
124 stars 85 forks source link

(2d) web-services: support altering user permissions on organisms #570

Closed nathandunn closed 8 years ago

nathandunn commented 8 years ago

We want to support GenSAS, which means supporting authentication into Drupal. Previously this was done using a direct database connection. However, a web service / OAuth would be a better way to do it. Conversely, it might be necessary to have the maintainers maintain this version as a grails plugin, as well, depending on the specificity and complexity.

nathandunn commented 8 years ago

Stephen is going try a few things on his side to see what the recommended way to do this is in Drupal. I would prefer to use a REST login instead of OAuth, but OAuth is fine, as well.

Nathan

On Sep 23, 2015, at 9:25 AM, Colin Diesh notifications@github.com wrote:

I was going to go ahead and see if we could try using the shiro-oauth plugin

It didn't compile for me though (??)

I added to the plugin to BuildConfig.groovy compile ":shiro-oauth:0.3"

Then I just tried to deploy and I got this error

$ ./apollo run-local Buildfile: /Users/biocmd/Apollo2/build.xml

copy.apollo.plugin.webapp: [echo] Copying WebApollo plugin to jbrowse webapp ...

setup-jbrowse:

copy-resources:

javac:

gwtc: [java] Compiling module org.bbop.apollo.gwt.Annotator [java] Compiling 5 permutations [java] Compiling permutation 0... [java] Compiling permutation 1... [java] Compiling permutation 2... [java] Compiling permutation 3... [java] Compiling permutation 4... [java] Compile of permutations succeeded [java] Compilation succeeded -- 37.154s [java] Linking into /Users/biocmd/Apollo2/web-app/annotator [java] Link succeeded [java] Linking succeeded -- 1.114s

BUILD SUCCESSFUL | Installed plugin shiro-oauth-0.3 WARNING

Version 0.3 of the shiro-oauth plugin introduces a breaking change. The OAuthController.linkAccount action no longer accepts a userId parameter. Instead, you can:

  • Pass username and password parameters for the account to link to.
  • Pre-authenticate the target account (via subject.login()) before forwarding to the linkAccount action.

This breaking change was required to fix a security hole. | Compiling 194 source files Note: Some input files use or override a deprecated API. Note: Recompile with -Xlint:deprecation for details. [groovyc] org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed: [groovyc] /Users/biocmd/Apollo2/target/work/plugins/oauth-2.0.1/grails-app/services/uk/co/desirableobjects/oauth/scribe/OauthService.groovy: 3: unable to resolve class org.codehaus.groovy.grails.commons.ConfigurationHolder [groovyc] @ line 3, column 1. [groovyc] import org.codehaus.groovy.grails.commons.ConfigurationHolder as CH [groovyc] ^ [groovyc] [groovyc] 1 error | Compiling 194 source files. | Error Compilation error: startup failed: /Users/biocmd/Apollo2/target/work/plugins/oauth-2.0.1/grails-app/services/uk/co/desirableobjects/oauth/scribe/OauthService.groovy: 3: unable to resolve class org.codehaus.groovy.grails.commons.ConfigurationHolder @ line 3, column 1. import org.codehaus.groovy.grails.commons.ConfigurationHolder as CH ^ Maybe related Grails-Plugin-Consortium/grails-cxf#37 https://github.com/Grails-Plugin-Consortium/grails-cxf/issues/37 (?)

— Reply to this email directly or view it on GitHub https://github.com/GMOD/Apollo/issues/570#issuecomment-142653741.

cmdcolin commented 8 years ago

I don't think OAuth precludes a REST based login. There already is a "REST based login" (or a web service API for login), but it uses our backend. It would probably be nice if it just used their existing backend (and sessions even)

nathandunn commented 8 years ago

I don’t think it precludes either, but we need to check and see what the appropriate Drupal hooks are (other than a direct database connection) before we start implementing a solution.

Nathan

On Sep 23, 2015, at 9:37 AM, Colin Diesh notifications@github.com wrote:

I don't think OAuth precludes a REST based login. There already is a "REST based login" (or a web service API for login), but it uses our backend. It would probably be nice if it just used their existing backend (and sessions even)

— Reply to this email directly or view it on GitHub https://github.com/GMOD/Apollo/issues/570#issuecomment-142656815.

nathandunn commented 8 years ago

FYI @spficklin

cmdcolin commented 8 years ago

Looks like updateOrganismPermission is a webservice that already exists on the UserController

Maybe a new command line script to automate that is worthwhile

nathandunn commented 8 years ago

Yeah . . I am going through to document this stuff right now. If you have a Skype second, I can show you where I’m at with it.

Nathan

On Oct 7, 2015, at 2:21 PM, Colin Diesh notifications@github.com wrote:

Looks like updateOrganismPermission is a webservice that already exists on the UserController

Maybe a new command line script to automate that is worthwhile

— Reply to this email directly or view it on GitHub https://github.com/GMOD/Apollo/issues/570#issuecomment-146333393.

nathandunn commented 8 years ago

:+1: