Skip to content
Snippets Groups Projects
Commit 071ac477 authored by kaloyane's avatar kaloyane
Browse files

[LMS-2285] added predicate implementation to ensure the correct set of... 

[LMS-2285] added predicate implementation to ensure the correct set of permissions when updating data sets from Jython dropboxes

SVN: 21518
parent 9c6ef9cd
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/authorization/predicate/AtomicOperationsPredicate.java
+ 41
15
View file @ 071ac477
...@@ -24,6 +24,7 @@ import ch.systemsx.cisd.openbis.generic.shared.authorization.RoleWithIdentifier; ...@@ -24,6 +24,7 @@ import ch.systemsx.cisd.openbis.generic.shared.authorization.RoleWithIdentifier;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.NewExperiment; import ch.systemsx.cisd.openbis.generic.shared.basic.dto.NewExperiment;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.NewSample; import ch.systemsx.cisd.openbis.generic.shared.basic.dto.NewSample;
import ch.systemsx.cisd.openbis.generic.shared.dto.AtomicEntityOperationDetails; import ch.systemsx.cisd.openbis.generic.shared.dto.AtomicEntityOperationDetails;
import ch.systemsx.cisd.openbis.generic.shared.dto.DataSetUpdatesDTO;
import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentUpdatesDTO; import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentUpdatesDTO;
import ch.systemsx.cisd.openbis.generic.shared.dto.NewExternalData; import ch.systemsx.cisd.openbis.generic.shared.dto.NewExternalData;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE; import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
...@@ -134,7 +135,11 @@ public class AtomicOperationsPredicate extends AbstractPredicate<AtomicEntityOpe ...@@ -134,7 +135,11 @@ public class AtomicOperationsPredicate extends AbstractPredicate<AtomicEntityOpe
} }
if (result.equals(Status.OK)) if (result.equals(Status.OK))
{ {
result = evaluateDataSetsPredicate(); result = evaluateDataSetRegistrationsPredicate();
}
if (result.equals(Status.OK))
{
result = evaluateDataSetUpdatesPredicate();
} }
return result; return result;
...@@ -203,25 +208,28 @@ public class AtomicOperationsPredicate extends AbstractPredicate<AtomicEntityOpe ...@@ -203,25 +208,28 @@ public class AtomicOperationsPredicate extends AbstractPredicate<AtomicEntityOpe
return Status.OK; return Status.OK;
} }
private Status evaluateDataSetsPredicate() private Status evaluateDataSetRegistrationsPredicate()
{ {
for (NewExternalData newExternalData : value.getDataSetRegistrations()) for (NewExternalData newExternalData : value.getDataSetRegistrations())
{ {
Status status; Status status =
SampleIdentifier sampleIdentifier = newExternalData.getSampleIdentifierOrNull(); evaluateDataSetPredicate(newExternalData.getSampleIdentifierOrNull(),
if (null != sampleIdentifier) newExternalData.getExperimentIdentifierOrNull());
{ if (status.equals(Status.OK) == false)
status =
predicate.sampleOwnerIdentifierPredicate.doEvaluation(person,
allowedRoles, sampleIdentifier);
} else
{ {
ExperimentIdentifier experimentIdentifier = return status;
newExternalData.getExperimentIdentifierOrNull();
status =
predicate.experimentOwnerIdentifierPredicate.doEvaluation(person,
allowedRoles, experimentIdentifier);
} }
}
return Status.OK;
}
private Status evaluateDataSetUpdatesPredicate()
{
for (DataSetUpdatesDTO dataSetUpdate : value.getDataSetUpdates())
{
Status status =
evaluateDataSetPredicate(dataSetUpdate.getSampleIdentifierOrNull(),
dataSetUpdate.getExperimentIdentifierOrNull());
if (status.equals(Status.OK) == false) if (status.equals(Status.OK) == false)
{ {
return status; return status;
...@@ -229,5 +237,23 @@ public class AtomicOperationsPredicate extends AbstractPredicate<AtomicEntityOpe ...@@ -229,5 +237,23 @@ public class AtomicOperationsPredicate extends AbstractPredicate<AtomicEntityOpe
} }
return Status.OK; return Status.OK;
} }
private Status evaluateDataSetPredicate(SampleIdentifier sampleIdentifier,
ExperimentIdentifier experimentIdentifier)
{
Status status;
if (null != sampleIdentifier)
{
status =
predicate.sampleOwnerIdentifierPredicate.doEvaluation(person,
allowedRoles, sampleIdentifier);
} else
{
status =
predicate.experimentOwnerIdentifierPredicate.doEvaluation(person,
allowedRoles, experimentIdentifier);
}
return status;
}
} }
} }
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment