Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provided access to human split-out data. #296

Merged
merged 1 commit into from
Jan 18, 2024
Merged

Provided access to human split-out data. #296

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion lib/WTSI/NPG/iRODS/Path.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ use List::MoreUtils qw(any notall uniq);
use Moose::Role;

use WTSI::NPG::iRODS;
use WTSI::NPG::iRODS::Metadata qw($STUDY_ID);
use WTSI::NPG::iRODS::Metadata qw($STUDY_ID $ALIGNMENT_FILTER);

our $VERSION = '';

Expand Down Expand Up @@ -294,6 +294,22 @@ sub expected_groups {
push @groups, $group;
}

# For nonconsented split-out human data add a special group.
# Give preference to the 'alignment_filter' metadata attribute.
# If this attrbute is not defined, examine the path of the object.
if (@groups == 1) { # Do not give access to nc human data to multiple groups.
my $give_human_subset_access = 0;
my @af_avus = $self->find_in_metadata($ALIGNMENT_FILTER);
if (not @af_avus and $self->str =~ /_human[.]/xms) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you expand on why the path fallback check is needed? As this is in the base class the behaviour will be inherited broadly, including by legacy genotype code, which could be given incorrent permissions as a result.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As far as I understand, there is an intention to create and store in iRODS split-out human data, which will or might originate from outside of the main NPG Illumina pipeline. This data might not belong to Illumina platform. The requirement for this task was to provide this scpecial level of access to files with names containing the _human string. There is not firm agreement at the moment that fies like this will have the alignment_filter metadata set. Therefore, the code covers both eventualities.

As far as I understand, the requirement is to inherit the behaviour broadly. Personally, I prefer the version of this implementation in #297 and a sibling wtsi-npg/npg_irods#439. It ishould also be possible, though I have not tried this, to move the expected_groups method as it is in #297 to the npg_irods package if it has a seq platform independent part.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll mark this as approved, but this change must not break https://github.com/wtsi-npg/genotyping which also depends on this package.

$give_human_subset_access = 1;
} elsif (@af_avus and any { $_->{value} eq 'human' } @af_avus) {
$give_human_subset_access = 1;
}
if ($give_human_subset_access) {
push @groups, $groups[0] . '_human';
}
}

return @groups;
}

Expand Down
197 changes: 195 additions & 2 deletions t/lib/WTSI/NPG/iRODS/DataObjectTest.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ use Test::Exception;
Log::Log4perl::init('./etc/log4perl_tests.conf');

use WTSI::NPG::iRODS::DataObject;
use WTSI::NPG::iRODS::Metadata qw($STUDY_ID);
use WTSI::NPG::iRODS::Metadata qw($STUDY_ID $ALIGNMENT_FILTER);

my $fixture_counter = 0;
my $data_path = './t/data/path';
Expand Down Expand Up @@ -676,7 +676,7 @@ sub update_group_permissions : Test(12) {
ok($r2, 'Removed ss_0 read access');

# Add a study 0 AVU and use it to update (add) permissions
# in the presence of anAVU that will infer a non-existent group
# in the presence of an AVU that will infer a non-existent group
ok($obj->add_avu($STUDY_ID, '0'));
ok($obj->add_avu($STUDY_ID, 'no_such_study'));
ok($obj->update_group_permissions);
Expand All @@ -695,4 +695,197 @@ sub update_group_permissions : Test(12) {
}
}

sub update_group_permissions_for_nc_human_data : Test(49) {

my $irods = WTSI::NPG::iRODS->new(environment => \%ENV,
strict_baton_version => 0);
my ($fh, $empty_file) = tempfile(UNLINK => 1);

#####
# Object with a name that should not trigger _human group assignment
my $obj_path = "$irods_tmp_coll/test_file_human_no.txt";
$irods->add_object($empty_file, $obj_path) or fail;
my $obj = WTSI::NPG::iRODS::DataObject->new($irods, $obj_path);
ok($obj->add_avu($STUDY_ID, '10'));
ok($obj->update_group_permissions);
my @permissions = $obj->get_permissions;
my $outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Added ss_10 read access');
$outcome = none { exists $_->{owner} && $_->{owner} eq 'ss_10_human' }
@permissions;
ok($outcome, 'ss_10_human access is not added');

#####
# Object with a name that should not trigger _human group assignment
$obj_path = "$irods_tmp_coll/test_file_nohuman.txt";
$irods->add_object($empty_file, $obj_path) or fail;
$obj = WTSI::NPG::iRODS::DataObject->new($irods, $obj_path);

# No alignment filter metadata
ok($obj->add_avu($STUDY_ID, '10'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Added ss_10 read access');
$outcome = none {
exists $_->{owner} && $_->{owner} eq 'ss_10_human'
} @permissions;
ok($outcome, 'ss_10_human access is not added');

# phix alignment filter metadata
ok($obj->add_avu($ALIGNMENT_FILTER, 'phix'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Retained ss_10 read access');
$outcome = none {
exists $_->{owner} && $_->{owner} eq 'ss_10_human'
} @permissions;
ok($outcome, 'ss_10_human access is not retained');

# yhuman alignment filter metadata
ok($obj->remove_avu($ALIGNMENT_FILTER, 'phix'));
ok($obj->add_avu($ALIGNMENT_FILTER, 'yhuman'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Retained ss_10 read access');
$outcome = none {
exists $_->{owner} && $_->{owner} eq 'ss_10_human'
} @permissions;
ok($outcome, 'ss_10_human access is not added');

# human alignment filter metadata
ok($obj->remove_avu($ALIGNMENT_FILTER, 'yhuman'));
ok($obj->add_avu($ALIGNMENT_FILTER, 'human'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Retained ss_10 read access');
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10_human' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Added ss_10_human read access');

# Multiple alignment filter metadata
ok($obj->add_avu($ALIGNMENT_FILTER, 'phix'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Retained ss_10 read access');
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10_human'
} @permissions;
ok($outcome, 'ss_10_human access is retained');

# Metadata for two studies
ok($obj->add_avu($STUDY_ID, '100'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Retained ss_10 read access');
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_100' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Added ss_100 read access');
$outcome = none {
exists $_->{owner} && $_->{owner} eq 'ss_10_human'
} @permissions;
ok($outcome, 'ss_10_human access is not retained');
$outcome = none {
exists $_->{owner} && $_->{owner} eq 'ss_100_human'
} @permissions;
ok($outcome, 'ss_100_human access is not added');

#####
# Object with a name that should trigger _human group assignment
$obj_path = "$irods_tmp_coll/test_file_human.txt";
$obj = WTSI::NPG::iRODS::DataObject->new($irods, $obj_path);
$irods->add_object($empty_file, $obj_path) or fail;

# No study metadata
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = none {
exists $_->{owner} && $_->{owner} =~ /_human\Z/xms
} @permissions;
ok($outcome, 'None of _human access groups is added');

# Single study metadata
ok($obj->add_avu($STUDY_ID, '100'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_100' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Added ss_100 read access');
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_100_human' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Added ss_100_human read access');

# Single study metadata and conflicting alignment filter
ok($obj->add_avu($ALIGNMENT_FILTER, 'phix'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = none {
exists $_->{owner} && $_->{owner} eq 'ss_100_human'
} @permissions;
ok($outcome, 'ss_100_human access is not present');

# Drop conflicting alignment filter metadata
ok($obj->remove_avu($ALIGNMENT_FILTER, 'phix'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_100_human' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Added ss_100_human read access');

# Metadata for two studies
ok($obj->add_avu($STUDY_ID, '10'));
ok($obj->update_group_permissions);
@permissions = $obj->get_permissions;
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_100' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Retained ss_100 read access');
$outcome = any {
exists $_->{owner} && $_->{owner} eq 'ss_10' &&
exists $_->{level} && $_->{level} eq 'read'
} @permissions;
ok($outcome, 'Added ss_10 read access');
$outcome = none {
exists $_->{owner} && $_->{owner} =~ /_human\Z/xms
} @permissions;
ok($outcome, 'None of _human access groups is added');
}

1;