Make group auth check case-insensitive

[akulyakhtin]

Closes #11609

This request fixes the following issue:
if we have set authorities=true in app properties
and if we have a group value in cancer_study table sample_group
and if we have authority sample_group (or cbioportal:sample_group, depending on the filtering option) in authorities table for a user.

Then the access to that cancer study is not granted to the user even though the authroity matches the cancer study group.

This happens because authorities are convereted to upper case while cancer group names are not.

To fix this the pull request changes Collections.disjoint (which is case-sensitive) to a case-insensitive utility method caseInsensitiveDisjoint.

[Copilot]

Pull Request Overview

This PR fixes a case-sensitivity issue in group-based cancer study access control where authorities are converted to uppercase but cancer study group names are not, preventing proper access validation. The fix implements a case-insensitive comparison method to ensure group matching works correctly regardless of case differences.

• Replace case-sensitive Collections.disjoint with a case-insensitive utility method
• Add caseInsensitiveDisjoint helper method that converts both collections to uppercase before comparison

[Copilot]

The method should include null safety checks for the input collections to prevent NullPointerException if either c1 or c2 is null.

Suggested change

	private static boolean caseInsensitiveDisjoint(Collection<String> c1, Collection<String> c2) {
	private static boolean caseInsensitiveDisjoint(Collection<String> c1, Collection<String> c2) {
	if (c1 == null || c2 == null) {
	return true; // If either collection is null, they are considered disjoint.
	}

[Copilot]

The stream operations should handle null elements within the collections to prevent NullPointerException when calling toUpperCase() on null strings.

Suggested change

	Set<String> upperC1 = c1.stream().map(String::toUpperCase).collect(Collectors.toSet());
	Set<String> upperC2 = c2.stream().map(String::toUpperCase).collect(Collectors.toSet());
	Set<String> upperC1 = c1.stream()
	.filter(Objects::nonNull)
	.map(String::toUpperCase)
	.collect(Collectors.toSet());
	Set<String> upperC2 = c2.stream()
	.filter(Objects::nonNull)
	.map(String::toUpperCase)
	.collect(Collectors.toSet());

[Copilot]

The stream operations should handle null elements within the collections to prevent NullPointerException when calling toUpperCase() on null strings.

Suggested change

	Set<String> upperC1 = c1.stream().map(String::toUpperCase).collect(Collectors.toSet());
	Set<String> upperC2 = c2.stream().map(String::toUpperCase).collect(Collectors.toSet());
	Set<String> upperC1 = c1.stream()
	.filter(Objects::nonNull)
	.map(String::toUpperCase)
	.collect(Collectors.toSet());
	Set<String> upperC2 = c2.stream()
	.filter(Objects::nonNull)
	.map(String::toUpperCase)
	.collect(Collectors.toSet());

[KingAlex1985]

Hi @akulyakhtin .
Take a look at Copilot's recommendations regarding null pointer checks in the pervious comment.
Perhaps you could include these changes as well.

[haynescd]

Yea, looks good. I would just address the suggested null checks.

Interesting how this is just now coming up... but the docs do say its not case sensitive.

[KingAlex1985]

Hi @akulyakhtin
Take please a look at Copilot's recommendations regarding null pointer checks in the pervious comment.
Can you include these changes as well.
I guess after these changes this PR will be accepted and merged into master branch.

[KingAlex1985]

@haynescd
Are you able to take over the Copilot's recommendations by yourself without waiting for @akulyakhtin.
Is there a function at github like a "one click take over Copilot's recommendations"?