Skip to content

User Authorization

Jump to bottom Edit New page
Sander de Ridder edited this page Nov 6, 2015 · 14 revisions

User Authorization

This step is only required if you intend on running an instance of the portal that supports user authorization.

Two tables need to be populated in order to support user authorization.

Table: users

This table contains all the users that have authorized access to the instance of the portal. The table requires a user email address, name, and integer flag indicating if the account is enabled.

mysql> describe users;
+---------+--------------+------+-----+---------+-------+
| Field   | Type         | Null | Key | Default | Extra |
+---------+--------------+------+-----+---------+-------+
| EMAIL   | varchar(128) | NO   | PRI | NULL    |       |
| NAME    | varchar(255) | NO   |     | NULL    |       |
| ENABLED | tinyint(1)   | NO   |     | NULL    |       |
+---------+--------------+------+-----+---------+-------+
3 rows in set (0.00 sec)

An example entry would be:

mysql> select * from users where email = "john.smith@gmail.com";
+--------------------------+----------------+---------+
| EMAIL                    | NAME           | ENABLED |
+--------------------------+----------------+---------+
| john.smith@gmail.com     | John Smith     |       1 | 
+--------------------------+----------------+---------+
1 row in set (0.00 sec)

Note, if the ENABLED value is set to 0, the user will not be able to login to the portal.

You need to add users via MySQL directly. For example:

INSERT INTO cbioportal.users (EMAIL, NAME, ENABLED) 
    VALUES ('john.smith@gmail.com', 'John Smith', 1);

Table: authorities

This table contains the list of cancer studies that each user is authorized to view. The table requires a user email address and an authority (e.g. cancer study) granted to the user.

mysql> describe authorities;
+-----------+--------------+------+-----+---------+-------+
| Field     | Type         | Null | Key | Default | Extra |
+-----------+--------------+------+-----+---------+-------+
| EMAIL     | varchar(128) | NO   |     | NULL    |       | 
| AUTHORITY | varchar(50)  | NO   |     | NULL    |       | 
+-----------+--------------+------+-----+---------+-------+
2 rows in set (0.00 sec)

Some example entries would be:

mysql> select * from authorities where email = "john.smith@gmail.com";
+--------------------------+---------------------------+
| EMAIL                    | AUTHORITY                 |
+--------------------------+---------------------------+
| john.smith@gmail.com     | cbioportal:CANCER_STUDY_1 | 
| john.smith@gmail.com     | cbioportal:CANCER_STUDY_2 | 
| john.smith@gmail.com     | cbioportal:CANCER_STUDY_3 | 
+--------------------------+---------------------------+
5 rows in set (0.00 sec)

The value in the EMAIL column should be the same email address contained in the USER table.

The value in the AUTHORITY column is made of two parts:

  • The first part is the name of your portal instance. This name should also match the app.name property found in the portal.properties file.
  • Following a colon delimiter, the second part is the cancer_study_identifier of the cancer study this user has rights to access. If the user has rights to all available cancer studies, a single entry with the keyword "ALL" is sufficient.

You need to add users via MySQL directly. For example:

INSERT INTO cbioportal.authorities (EMAIL, AUTHORITY) VALUES
    ('john.smith@gmail.com', 'cbioportal:CANCER_STUDY_1');

Important Note: The cancer study identifier must be specified in UPPER CASE, regardless of how it is stored in the cancer_study table.

cBioPortal, 2015

Add a custom sidebar
Clone this wiki locally