Merge branch 'hotfix-1.1.31'

Author: arteymix

pom.xml

@@ -5,7 +5,7 @@
 	<name>baseCode</name>
 	<groupId>baseCode</groupId>
 	<artifactId>baseCode</artifactId>
-	<version>1.1.30</version>
+	<version>1.1.31</version>
 	<inceptionYear>2003</inceptionYear>
 	<description>
 		<![CDATA[Data structures, math and statistics tools, and utilities that are often needed across projects.]]>
@@ -92,13 +92,12 @@
 		<dependency>
 			<groupId>org.apache.commons</groupId>
 			<artifactId>commons-configuration2</artifactId>
-			<version>2.11.0</version>
+			<version>2.12.0</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.commons</groupId>
 			<artifactId>commons-lang3</artifactId>
-			<!-- 3.15.0 uses a secure random which is extremely slow, see #1194 in Gemma for details -->
-			<version>3.14.0</version>
+			<version>3.17.0</version>
 		</dependency>
 		<dependency>
 			<groupId>commons-io</groupId>
@@ -119,7 +118,7 @@
 		<dependency>
 			<groupId>commons-logging</groupId>
 			<artifactId>commons-logging</artifactId>
-			<version>1.3.2</version>
+			<version>1.3.5</version>
 			<scope>runtime</scope>
 		</dependency>
 		<dependency>
@@ -314,13 +313,13 @@
 		<dependency>
 			<groupId>org.mockito</groupId>
 			<artifactId>mockito-core</artifactId>
-			<version>5.17.0</version>
+			<version>5.20.0</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>
 			<groupId>org.assertj</groupId>
 			<artifactId>assertj-core</artifactId>
-			<version>3.27.4</version>
+			<version>3.27.6</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>
@@ -708,7 +707,7 @@
 		<pavlab.server>frink.pavlab.msl.ubc.ca</pavlab.server>
 		<pavlab.repoDir>/space/maven2</pavlab.repoDir>
 		<pavlab.siteDir>/space/web/maven-sites</pavlab.siteDir>
-		<log4j.version>2.25.1</log4j.version>
+		<log4j.version>2.25.2</log4j.version>
 		<lucene.version>3.6.2</lucene.version>
 		<!-- rJava -->
 		<!-- You may override this in ~/.m2/settings.xml -->

src/ubic/basecode/ontology/jena/AbstractOntologyService.java

@@ -88,6 +88,8 @@ public abstract class AbstractOntologyService implements OntologyService {
     private boolean searchEnabled = true;
     private Set<String> excludedWordsFromStemming = Collections.emptySet();
     private Set<String> additionalPropertyUris = DEFAULT_ADDITIONAL_PROPERTIES.stream().map( Property::getURI ).collect( Collectors.toSet() );
+    @Nullable
+    private Set<String> allowedUriPrefixes = null;
 
     protected AbstractOntologyService( String ontologyName, String ontologyUrl, boolean ontologyEnabled, @Nullable String cacheName ) {
         this.ontologyName = ontologyName;
@@ -126,9 +128,9 @@ public synchronized void startInitializationThread( boolean forceLoad, boolean f
             try {
                 this.initialize( forceLoad, forceIndexing );
             } catch ( Exception e ) {
-                log.error( "Initialization for %s failed.", e );
+                log.error( "Initialization of {} failed.", this, e );
             }
-        }, getOntologyName() + "_load_thread_" + RandomStringUtils.randomAlphanumeric( 5 ) );
+        }, getOntologyName() + "_load_thread_" + RandomStringUtils.insecure().nextAlphanumeric( 5 ) );
         // To prevent VM from waiting on this thread to shut down (if shutting down).
         initializationThread.setDaemon( true );
         initializationThread.start();
@@ -235,6 +237,19 @@ public void setProcessImports( boolean processImports ) {
         this.processImports = processImports;
     }
 
+    @Override
+    public void setAllowedUriPrefixes( String... uriPrefixes ) {
+        if ( uriPrefixes.length == 0 ) {
+            throw new IllegalArgumentException( "At least one URI prefix must be supplied." );
+        }
+        this.allowedUriPrefixes = new HashSet<>( Arrays.asList( uriPrefixes ) );
+    }
+
+    @Override
+    public void clearAllowedUriPrefixes() {
+        this.allowedUriPrefixes = null;
+    }
+
     @Override
     public boolean isSearchEnabled() {
         return getState().map( state -> state.index != null ).orElse( searchEnabled );
@@ -288,6 +303,7 @@ private synchronized void initialize( @Nullable InputStream stream, boolean forc
         boolean processImports = this.processImports;
         boolean searchEnabled = this.searchEnabled;
         Set<String> excludedWordsFromStemming = this.excludedWordsFromStemming;
+        Set<String> allowedUriPrefixes = this.allowedUriPrefixes;
 
         // Detect configuration problems.
         if ( StringUtils.isBlank( ontologyUrl ) ) {
@@ -379,13 +395,15 @@ private synchronized void initialize( @Nullable InputStream stream, boolean forc
             }
         }
 
-        this.state = new State( model, index, excludedWordsFromStemming, additionalRestrictions, languageLevel, inferenceMode, processImports, additionalProperties.stream().map( Property::getURI ).collect( Collectors.toSet() ), null );
+        this.state = new State( model, index, excludedWordsFromStemming, additionalRestrictions, languageLevel,
+            inferenceMode, processImports, additionalProperties.stream().map( Property::getURI ).collect( Collectors.toSet() ),
+            allowedUriPrefixes, null );
         if ( cacheName != null ) {
             // now that the terms have been replaced, we can clear old caches
             try {
                 OntologyLoader.deleteOldCache( cacheName );
             } catch ( IOException e ) {
-                log.error( String.format( String.format( "Failed to delete old cache directory for %s.", this ), e ) );
+                log.error( "Failed to delete old cache directory for {}.", this, e );
             }
         }
 
@@ -422,6 +440,7 @@ public Collection<OntologySearchResult<OntologyIndividual>> findIndividuals( Str
             return Collections.emptySet();
         }
         return state.index.searchIndividuals( state.model, search, maxResults ).stream()
+            .filter( i -> state.isUriAllowed( i.result.getURI() ) )
                 .map( i -> as( i.result, Individual.class ).map( r -> new OntologySearchResult<>( ( OntologyIndividual ) new OntologyIndividualImpl( r, state.additionalRestrictions ), i.score ) ) )
                 .filter( Optional::isPresent )
                 .map( Optional::get )
@@ -443,6 +462,7 @@ public Collection<OntologySearchResult<OntologyResource>> findResources( String
             return Collections.emptySet();
         }
         return state.index.search( state.model, searchString, maxResults ).stream()
+            .filter( i -> state.isUriAllowed( i.result.getURI() ) )
                 .filter( ( r -> r.result.canAs( OntClass.class ) || r.result.canAs( Individual.class ) ) )
                 .map( r -> {
                     if ( r.result.canAs( OntClass.class ) ) {
@@ -474,6 +494,7 @@ public Collection<OntologySearchResult<OntologyTerm>> findTerm( String search, i
             return Collections.emptySet();
         }
         return state.index.searchClasses( state.model, search, maxResults ).stream()
+            .filter( i -> state.isUriAllowed( i.result.getURI() ) )
                 .map( r -> as( r.result, OntClass.class ).map( s -> new OntologySearchResult<>( ( OntologyTerm ) new OntologyTermImpl( s, state.additionalRestrictions ), r.score ) ) )
                 .filter( Optional::isPresent )
                 .map( Optional::get )
@@ -514,6 +535,9 @@ public Set<String> getAllURIs() {
     @Override
     public OntologyResource getResource( String uri ) {
         return getState().map( state -> {
+            if ( !state.isUriAllowed( uri ) ) {
+                return null;
+            }
             OntologyResource res;
             Resource resource = state.model.getResource( uri );
             if ( resource.getURI() == null ) {
@@ -536,6 +560,9 @@ public OntologyResource getResource( String uri ) {
     @Override
     public OntologyTerm getTerm( String uri ) {
         return getState().map( state -> {
+            if ( !state.isUriAllowed( uri ) ) {
+                return null;
+            }
             OntClass ontCls = state.model.getOntClass( uri );
             // null or bnode
             if ( ontCls == null || ontCls.getURI() == null ) {
@@ -564,6 +591,7 @@ public Set<OntologyTerm> getParents( Collection<OntologyTerm> terms, boolean dir
         return getState().map( state ->
                         JenaUtils.getParents( state.model, getOntClassesFromTerms( state.model, terms ), direct, includeAdditionalProperties ? state.additionalRestrictions : null )
                                 .stream()
+                            .filter( o -> state.isUriAllowed( o.getURI() ) )
                                 .map( o -> ( OntologyTerm ) new OntologyTermImpl( o, state.additionalRestrictions ) )
                                 .filter( o -> keepObsoletes || !o.isObsolete() )
                                 .collect( Collectors.toSet() ) )
@@ -576,6 +604,7 @@ public Set<OntologyTerm> getChildren( Collection<OntologyTerm> terms, boolean di
         return getState().map( state ->
                 JenaUtils.getChildren( state.model, getOntClassesFromTerms( state.model, terms ), direct, includeAdditionalProperties ? state.additionalRestrictions : null )
                         .stream()
+                    .filter( o -> state.isUriAllowed( o.getURI() ) )
                         .map( o -> ( OntologyTerm ) new OntologyTermImpl( o, state.additionalRestrictions ) )
                         .filter( o -> keepObsoletes || !o.isObsolete() )
                         .collect( Collectors.toSet() )
@@ -667,7 +696,7 @@ public synchronized void index( boolean force ) {
             return;
         }
         // now we replace the index
-        this.state = new State( state.model, index, state.excludedWordsFromStemming, state.additionalRestrictions, state.languageLevel, state.inferenceMode, state.processImports, state.additionalPropertyUris, state.alternativeIDs );
+        this.state = new State( state.model, index, state.excludedWordsFromStemming, state.additionalRestrictions, state.languageLevel, state.inferenceMode, state.processImports, state.additionalPropertyUris, state.allowedUriPrefixes, state.alternativeIDs );
     }
 
     /**
@@ -703,7 +732,7 @@ private State initSearchByAlternativeId( State state ) {
                 alternativeIDs.put( baseOntologyUri + alternativeIdModified, ontologyTerm.getUri() );
             }
         }
-        return new State( state.model, state.index, state.excludedWordsFromStemming, state.additionalRestrictions, state.languageLevel, state.inferenceMode, state.processImports, state.additionalPropertyUris, alternativeIDs );
+        return new State( state.model, state.index, state.excludedWordsFromStemming, state.additionalRestrictions, state.languageLevel, state.inferenceMode, state.processImports, state.additionalPropertyUris, state.allowedUriPrefixes, alternativeIDs );
     }
 
     @Override
@@ -715,8 +744,8 @@ public void close() throws Exception {
 
     @Override
     public String toString() {
-        return String.format( "%s [url=%s] [language level=%s] [inference mode=%s] [imports=%b] [search=%b]",
-                getOntologyName(), getOntologyUrl(), getLanguageLevel(), getInferenceMode(), getProcessImports(), isSearchEnabled() );
+        return String.format( "%s [url=%s] [allowed prefixes=%s] [language level=%s] [inference mode=%s] [imports=%b] [search=%b]",
+            getOntologyName(), getOntologyUrl(), allowedUriPrefixes != null ? String.join( ",", allowedUriPrefixes ) : "*", getLanguageLevel(), getInferenceMode(), getProcessImports(), isSearchEnabled() );
     }
 
     private Optional<State> getState() {
@@ -747,9 +776,11 @@ private static class State implements AutoCloseable {
         private final boolean processImports;
         private final Set<String> additionalPropertyUris;
         @Nullable
+        private final Set<String> allowedUriPrefixes;
+        @Nullable
         private final Map<String, String> alternativeIDs;
 
-        private State( OntModel model, @Nullable SearchIndex index, Set<String> excludedWordsFromStemming, Set<Restriction> additionalRestrictions, @Nullable LanguageLevel languageLevel, InferenceMode inferenceMode, boolean processImports, Set<String> additionalPropertyUris, @Nullable Map<String, String> alternativeIDs ) {
+        private State( OntModel model, @Nullable SearchIndex index, Set<String> excludedWordsFromStemming, Set<Restriction> additionalRestrictions, @Nullable LanguageLevel languageLevel, InferenceMode inferenceMode, boolean processImports, Set<String> additionalPropertyUris, @Nullable Set<String> allowedUriPrefixes, @Nullable Map<String, String> alternativeIDs ) {
             this.model = model;
             this.index = index;
             this.excludedWordsFromStemming = excludedWordsFromStemming;
@@ -758,9 +789,20 @@ private State( OntModel model, @Nullable SearchIndex index, Set<String> excluded
             this.inferenceMode = inferenceMode;
             this.processImports = processImports;
             this.additionalPropertyUris = additionalPropertyUris;
+            this.allowedUriPrefixes = allowedUriPrefixes;
             this.alternativeIDs = alternativeIDs;
         }
 
+        /**
+         * Check if this particular state allows a given URI from being returned by the service.
+         */
+        public boolean isUriAllowed( @Nullable String uri ) {
+            if ( allowedUriPrefixes == null ) {
+                return true;
+            }
+            return uri == null || allowedUriPrefixes.stream().anyMatch( uri::startsWith );
+        }
+
         @Override
         public void close() throws Exception {
             try {

src/ubic/basecode/ontology/jena/OntologyLoader.java

@@ -25,7 +25,7 @@
 import com.hp.hpl.jena.rdf.model.*;
 import com.hp.hpl.jena.shared.CannotCreateException;
 import com.hp.hpl.jena.shared.JenaException;
-import com.hp.hpl.jena.tdb.TDBFactory;
+import com.hp.hpl.jena.sparql.graph.GraphReadOnly;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.time.StopWatch;
@@ -85,6 +85,16 @@ static OntModel createMemoryModel( String url, String name, @Nullable String cac
         return model;
     }
 
+    /**
+     * ModelFactory.createMemModelMaker()
+     * Get model that is entirely in memory.
+     */
+    private static OntModel getModel( String name, boolean processImports, OntModelSpec spec ) {
+        ModelMaker maker = ModelFactory.createMemModelMaker();
+        Model base = maker.createModel( name, false );
+        return getModel( maker, base, processImports, spec );
+    }
+
     private static void readModelFromUrl( OntModel model, String url, @Nullable String cacheName ) throws IOException {
         boolean attemptToLoadFromDisk = false;
         URLConnection urlc = null;
@@ -165,7 +175,7 @@ private static void readModelFromUrl( OntModel model, String url, @Nullable Stri
      *                       contains all the necessary definitions.
      * @param spec           spec to use to create the ontology model
      */
-    public static OntModel createTdbModel( Dataset dataset, @Nullable String name, boolean processImports, OntModelSpec spec ) {
+    public static OntModel createTdbModel( Dataset dataset, @Nullable String name, boolean processImports, OntModelSpec spec, boolean readOnly ) {
         ModelMaker maker = ModelFactory.createMemModelMaker();
         Model base;
         if ( name != null ) {
@@ -177,16 +187,9 @@ public static OntModel createTdbModel( Dataset dataset, @Nullable String name, b
             throw new IllegalStateException( String.format( "The %s at %s is empty.",
                 name != null ? "named model " + name : "default model", dataset ) );
         }
-        return getModel( maker, base, processImports, spec );
-    }
-
-    /**
-     * ModelFactory.createMemModelMaker()
-     * Get model that is entirely in memory.
-     */
-    private static OntModel getModel( String name, boolean processImports, OntModelSpec spec ) {
-        ModelMaker maker = ModelFactory.createMemModelMaker();
-        Model base = maker.createModel( name, false );
+        if ( readOnly ) {
+            base = ModelFactory.createModelForGraph( new GraphReadOnly( base.getGraph() ) );
+        }
         return getModel( maker, base, processImports, spec );
     }
 

src/ubic/basecode/ontology/jena/TdbOntologyService.java

@@ -2,11 +2,18 @@
 
 import com.hp.hpl.jena.query.Dataset;
 import com.hp.hpl.jena.tdb.TDBFactory;
+import com.hp.hpl.jena.tdb.base.file.Location;
+import org.apache.commons.io.file.PathUtils;
 import ubic.basecode.ontology.model.OntologyModel;
 
 import javax.annotation.Nullable;
+import java.io.IOException;
 import java.io.InputStream;
+import java.nio.file.Files;
 import java.nio.file.Path;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 /**
  * An implementation based on Jena TDB.
@@ -16,22 +23,54 @@ public class TdbOntologyService extends AbstractOntologyService {
 
     private final Path tdbDir;
     private final String modelName;
+    private final boolean readOnly;
 
     @Nullable
     private Dataset dataset;
 
-    public TdbOntologyService( String ontologyName, Path tdbDir, @Nullable String modelName, boolean ontologyEnabled, @Nullable String cacheName ) {
+    /**
+     * Temporary d
+     */
+    private Path tempDir;
+
+    /**
+     * @param readOnly open the TDB database in read-only mode, allowing multiple JVMs to share a common TDB. For this
+     *                 to work safely, all the TDB files must not be writable. Additionally, a temporary directory with
+     *                 symbolic links will be created since Jena will still be using a lock file.
+     */
+    public TdbOntologyService( String ontologyName, Path tdbDir, @Nullable String modelName, boolean ontologyEnabled, @Nullable String cacheName, boolean readOnly ) {
         super( ontologyName, tdbDir.toUri().toString(), ontologyEnabled, cacheName );
         this.tdbDir = tdbDir;
         this.modelName = modelName;
+        this.readOnly = readOnly;
     }
 
     @Override
-    protected OntologyModel loadModel( boolean processImports, LanguageLevel languageLevel, InferenceMode inferenceMode ) {
+    protected OntologyModel loadModel( boolean processImports, LanguageLevel languageLevel, InferenceMode inferenceMode ) throws IOException {
         if ( dataset == null ) {
-            dataset = TDBFactory.createDataset( tdbDir.toString() );
+            if ( readOnly ) {
+                // lock the location and make a copy
+                Location loc = Location.create( tdbDir.toString() );
+                loc.getLock().obtain();
+                try {
+                    Set<Path> filesToLink;
+                    try ( Stream<Path> z = Files.list( tdbDir ) ) {
+                        filesToLink = z.collect( Collectors.toSet() );
+                    }
+                    tempDir = Files.createTempDirectory( getOntologyName() + ".tdb" );
+                    for ( Path p : filesToLink ) {
+                        Files.copy( p, tempDir.resolve( p.getFileName() ) );
+                    }
+                } finally {
+                    loc.getLock().release();
+                }
+                log.info( "Reading read-only TDB model from {}.", tempDir );
+                dataset = TDBFactory.createDataset( tempDir.toString() );
+            } else {
+                dataset = TDBFactory.createDataset( tdbDir.toString() );
+            }
         }
-        return new OntologyModelImpl( OntologyLoader.createTdbModel( dataset, modelName, processImports, getSpec( languageLevel, inferenceMode ) ) );
+        return new OntologyModelImpl( OntologyLoader.createTdbModel( dataset, modelName, processImports, getSpec( languageLevel, inferenceMode ), readOnly ) );
     }
 
     @Override
@@ -47,6 +86,9 @@ public void close() throws Exception {
             if ( dataset != null ) {
                 TDBFactory.release( dataset );
             }
+            if ( tempDir != null ) {
+                PathUtils.delete( tempDir );
+            }
         }
     }
 }