diff --git a/src/main/java/org/mskcc/cbio/oncokb/config/SecurityConfiguration.java b/src/main/java/org/mskcc/cbio/oncokb/config/SecurityConfiguration.java index c40654946..5b0f11e38 100644 --- a/src/main/java/org/mskcc/cbio/oncokb/config/SecurityConfiguration.java +++ b/src/main/java/org/mskcc/cbio/oncokb/config/SecurityConfiguration.java @@ -94,7 +94,7 @@ public void configure(HttpSecurity http) throws Exception { .antMatchers("/api/slack").permitAll() // Permits the api swagger definitions through proxy .antMatchers("/api/v1/v2/api-docs").permitAll() - .antMatchers("/api/private/utils/data/**").hasAnyAuthority(AuthoritiesConstants.DATA_DOWNLOAD) + .antMatchers("/api/private/utils/data/**").hasAnyAuthority(AuthoritiesConstants.DATA_DOWNLOAD, AuthoritiesConstants.PREMIUM_USER) .antMatchers("/api/v1/annotate/sample").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) // Order matters here .antMatchers("/api/v1/annotate/**").hasAnyAuthority(AuthoritiesConstants.API, AuthoritiesConstants.ROLE_SERVICE_ACCOUNT) @@ -113,9 +113,9 @@ public void configure(HttpSecurity http) throws Exception { .antMatchers("/api/v1/annotation/search").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) .antMatchers("/api/v1/drugs").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) .antMatchers("/api/v1/utils/allActionableVariants").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) - .antMatchers("/api/v1/utils/allActionableVariants.txt").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) + .antMatchers("/api/v1/utils/allActionableVariants.txt").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN, AuthoritiesConstants.DATA_DOWNLOAD) .antMatchers("/api/v1/utils/allAnnotatedVariants").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) - .antMatchers("/api/v1/utils/allAnnotatedVariants.txt").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) + .antMatchers("/api/v1/utils/allAnnotatedVariants.txt").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN, AuthoritiesConstants.DATA_DOWNLOAD) .antMatchers("/api/v1/utils/allVariantsOfUnknownSignificance").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) .antMatchers("/api/v1/utils/allVariantsOfUnknownSignificance.txt").hasAnyAuthority(AuthoritiesConstants.PREMIUM_USER, AuthoritiesConstants.ADMIN) diff --git a/src/main/webapp/app/pages/apiAccessGroup/APIAccessPage.tsx b/src/main/webapp/app/pages/apiAccessGroup/APIAccessPage.tsx index b1260dda6..9cae5f5ea 100644 --- a/src/main/webapp/app/pages/apiAccessGroup/APIAccessPage.tsx +++ b/src/main/webapp/app/pages/apiAccessGroup/APIAccessPage.tsx @@ -82,7 +82,37 @@ const DownloadButtonGroups: React.FunctionComponent<{ buttonText="Cancer Gene List" /> ) : null} - {props.data.hasAllActionableVariants ? ( + {props.data.hasAllActionableVariants && ( + { + const data = await oncokbClient.utilsAllActionableVariantsTxtGetUsingGET( + { + version: props.data.version, + } + ); + return data; + }} + buttonText="All Actionable Variants" + /> + )} + {props.data.hasAllAnnotatedVariants && ( + { + const data = await oncokbClient.utilsAllAnnotatedVariantsTxtGetUsingGET( + { + version: props.data.version, + } + ); + return data; + }} + buttonText="All Annotated Variants" + /> + )} + {props.data.hasSqlDump ? ( <> {this.props.authenticationStore.account && - this.props.authenticationStore.account.authorities.includes( - USER_AUTHORITY.ROLE_DATA_DOWNLOAD + this.props.authenticationStore.account.authorities.some( + authority => + authority === USER_AUTHORITY.ROLE_DATA_DOWNLOAD || + authority === USER_AUTHORITY.ROLE_PREMIUM_USER ) ? ( <>