diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/AbstractTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/AbstractTest.java
index 1f20679499dcc470880ceb3659ebb1ff51c1395c..0eceb6b8a7e6d05ec469255ea3a76ea27fef23f4 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/AbstractTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/AbstractTest.java
@@ -128,11 +128,16 @@ public class AbstractTest extends SystemTestCase
protected static final String TEST_GROUP_OBSERVER = "observer";
+ protected static final String TEST_OBSERVER_CISD = "observer_cisd";
+
protected static final String TEST_GROUP_POWERUSER = "poweruser";
protected static final String TEST_GROUP_ADMIN = "admin";
+ protected static final String TEST_NO_HOME_SPACE = "homeless";
+
protected static final String PASSWORD = "password";
+
private BufferedAppender logRecorder;
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/ConfirmDeletionTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/ConfirmDeletionTest.java
index ca4803ba41d7b3a7624a45c86afb692cf11327c0..7a6b45682b9479519b3979c4356c204be01f6f46 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/ConfirmDeletionTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/ConfirmDeletionTest.java
@@ -174,4 +174,48 @@ public class ConfirmDeletionTest extends AbstractDeletionTest
}, "Deletion ids cannot be null");
}
+ @Test
+ public void testConfirmDeletionWithAdminUserInAnotherSpace()
+ {
+ String sessionToken = v3api.login(TEST_POWER_USER_CISD, PASSWORD);
+
+ ExperimentPermId experimentId = createCisdExperiment();
+
+ ExperimentDeletionOptions deletionOptions = new ExperimentDeletionOptions();
+ deletionOptions.setReason("It is just a test");
+ final IDeletionId deletionId = v3api.deleteExperiments(sessionToken, Collections.singletonList(experimentId), deletionOptions);
+
+ assertAuthorizationFailureException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ String sessionToken2 = v3api.login(TEST_OBSERVER_CISD, PASSWORD);
+ v3api.confirmDeletions(sessionToken2, Collections.singletonList(deletionId));
+ }
+ });
+ }
+
+ @Test
+ public void testConfirmDeletionWithSameAdminUserInAnotherSpace()
+ {
+ String sessionToken = v3api.login(TEST_NO_HOME_SPACE, PASSWORD);
+
+ ExperimentPermId experimentId = createCisdExperiment();
+
+ ExperimentDeletionOptions deletionOptions = new ExperimentDeletionOptions();
+ deletionOptions.setReason("It is just a test");
+ final IDeletionId deletionId = v3api.deleteExperiments(sessionToken, Collections.singletonList(experimentId), deletionOptions);
+
+ assertAuthorizationFailureException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ String sessionToken2 = v3api.login(TEST_NO_HOME_SPACE, PASSWORD);
+ v3api.confirmDeletions(sessionToken2, Collections.singletonList(deletionId));
+ }
+ });
+ }
+
}
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateDataSetTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateDataSetTest.java
index cc044907126333d9eaa55480db7500242c75a40d..dcd888842a221cde101d7f3fd8795b4905f148b5 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateDataSetTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateDataSetTest.java
@@ -31,6 +31,7 @@ import org.testng.annotations.Test;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.common.id.CreationId;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.Complete;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.DataSet;
+import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.archive.DataSetArchiveOptions;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.create.DataSetCreation;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.create.LinkedDataCreation;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.create.PhysicalDataCreation;
@@ -46,6 +47,7 @@ import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.id.LocatorTypePermId;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.id.ProprietaryStorageFormatPermId;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.id.RelativeLocationLocatorTypePermId;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.id.StorageFormatPermId;
+import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.unarchive.DataSetUnarchiveOptions;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.datastore.id.DataStorePermId;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.datastore.id.IDataStoreId;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.entitytype.id.EntityTypePermId;
@@ -76,20 +78,6 @@ import ch.systemsx.cisd.openbis.generic.shared.basic.dto.NewETPTAssignment;
*/
public class CreateDataSetTest extends AbstractDataSetTest
{
-
- @Test
- public void testCreateWithIndexCheck()
- {
- String sessionToken = v3api.login(TEST_USER, PASSWORD);
-
- DataSetCreation dataSet = physicalDataSetCreation();
- ReindexingState state = new ReindexingState();
-
- List<DataSetPermId> permIds = v3api.createDataSets(sessionToken, Arrays.asList(dataSet));
-
- assertDataSetsReindexed(state, permIds.get(0).getPermId());
- }
-
@Test
public void testCreateDSWithAdminUserInAnotherSpace()
{
@@ -118,7 +106,51 @@ public class CreateDataSetTest extends AbstractDataSetTest
v3api.createDataSets(sessionToken, Collections.singletonList(creation));
}
- }, "Data set creation can be only executed by a system user or a user with at least SPACE_ETL_SERVER role");
+ }, "Data set creation can be only executed by a user with ETL_SERVER role");
+ }
+
+ @Test
+ public void testArchiveWithAdminUserInAnotherSpace()
+ {
+ assertAuthorizationFailureException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ List<DataSetPermId> permIds = testCreateWithIndexCheck();
+ String sessionToken = v3api.login(TEST_OBSERVER_CISD, PASSWORD);
+ v3api.archiveDataSets(sessionToken, permIds, new DataSetArchiveOptions());
+ }
+ });
+ }
+
+ @Test
+ public void testUnArchiveWithAdminUserInAnotherSpace()
+ {
+ assertAuthorizationFailureException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ List<DataSetPermId> permIds = testCreateWithIndexCheck();
+ String sessionToken = v3api.login(TEST_OBSERVER_CISD, PASSWORD);
+ v3api.unarchiveDataSets(sessionToken, permIds, new DataSetUnarchiveOptions());
+ }
+ });
+ }
+
+ @Test
+ public List<DataSetPermId> testCreateWithIndexCheck()
+ {
+ String sessionToken = v3api.login(TEST_USER, PASSWORD);
+
+ DataSetCreation dataSet = physicalDataSetCreation();
+ ReindexingState state = new ReindexingState();
+
+ List<DataSetPermId> permIds = v3api.createDataSets(sessionToken, Arrays.asList(dataSet));
+
+ assertDataSetsReindexed(state, permIds.get(0).getPermId());
+ return permIds;
}
@Test
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateSampleTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateSampleTest.java
index d80c1b2f63d6feb118db0c46e231a000ffb23a4d..c24e61acfb08535159fa5aab1121747343055019 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateSampleTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateSampleTest.java
@@ -60,7 +60,73 @@ import junit.framework.Assert;
*/
public class CreateSampleTest extends AbstractSampleTest
{
+ @Test
+ public void testCreateSampleUsingCreationIdAsSpaceId()
+ {
+ assertUserFailureException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ String sessionToken = v3api.login(TEST_USER, PASSWORD);
+
+ SampleCreation creation = new SampleCreation();
+ creation.setCode("TEST_SAMPLE_42");
+ creation.setTypeId(new EntityTypePermId("CELL_PLATE"));
+ CreationId creationId = new CreationId("not-a-space-id");
+ creation.setCreationId(creationId);
+ creation.setSpaceId(creationId);
+
+ v3api.createSamples(sessionToken, Collections.singletonList(creation));
+ }
+ }, "Unsupported object id [not-a-space-id]");
+
+ }
+ @Test
+ public void testCreateSharedSampleWithNoHomeSpaceAndNoAdminRights()
+ {
+ final String code = "TEST_TO_FAIL";
+
+ assertAuthorizationFailureException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ String sessionToken = v3api.login(TEST_NO_HOME_SPACE, PASSWORD);
+
+ SampleCreation creation = new SampleCreation();
+ creation.setCode(code);
+ creation.setTypeId(new EntityTypePermId("CELL_PLATE"));
+ creation.setCreationId(new CreationId("creation " + code));
+
+ v3api.createSamples(sessionToken, Collections.singletonList(creation));
+ }
+ });
+ }
+
+ @Test
+ public void testCreateSharedSampleWithNoAdminRights()
+ {
+ final String code = "TEST_TO_FAIL";
+
+ assertAuthorizationFailureException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ String sessionToken = v3api.login(TEST_ROLE_V3, PASSWORD);
+
+ SampleCreation creation = new SampleCreation();
+ creation.setCode(code);
+ creation.setTypeId(new EntityTypePermId("CELL_PLATE"));
+ creation.setCreationId(new CreationId("creation " + code));
+
+ v3api.createSamples(sessionToken, Collections.singletonList(creation));
+ }
+ });
+ }
+
@Test
public void testCreateWithIndexCheck()
{
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateTagTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateTagTest.java
index 10b6024adffc24c1ed4eb2017bf4ddecf03ae455..bfea0f7226b3f9f48aaeba230d971336609cffaf 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateTagTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/CreateTagTest.java
@@ -42,6 +42,17 @@ import ch.systemsx.cisd.common.action.IDelegatedAction;
@Test(groups = { "before remote api" })
public class CreateTagTest extends AbstractTest
{
+ @Test
+ public void testCreateWithObserver()
+ {
+ TagCreation creation = new TagCreation();
+ creation.setCode("TEST_TAG");
+ creation.setDescription("test description");
+
+ Tag tag = createTag(TEST_GROUP_OBSERVER, PASSWORD, creation);
+
+ assertEquals(tag.getDescription(), creation.getDescription());
+ }
@Test
public void testCreateWithCodeNull()
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/DeleteTagTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/DeleteTagTest.java
index a523499240ac6d8da2b2f63d17e98102f764ebb3..ddf7eee8dad04120f17d59eb83a981faa50a72fe 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/DeleteTagTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/DeleteTagTest.java
@@ -135,6 +135,21 @@ public class DeleteTagTest extends AbstractDeletionTest
assertMaterialsReindexed(state, materialId);
}
+ @Test
+ public void testDeleteWithObserver()
+ {
+ TagCreation creation = new TagCreation();
+ creation.setCode("TAG_TO_DELETE");
+
+ Tag before = createTag(TEST_GROUP_OBSERVER, PASSWORD, creation);
+
+ TagDeletionOptions options = new TagDeletionOptions();
+ options.setReason("It is just a test");
+
+ Tag after = deleteTag(TEST_GROUP_OBSERVER, PASSWORD, before.getPermId(), options);
+ assertNull(after);
+ }
+
@Test
public void testDeleteWithUnauthorizedTag()
{
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/RevertDeletionTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/RevertDeletionTest.java
index c07de67531e2acf25fc3bbbf136270b0a832079e..e5181ed716145f4a993a7762a2c96e185d65feff 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/RevertDeletionTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/RevertDeletionTest.java
@@ -131,4 +131,66 @@ public class RevertDeletionTest extends AbstractDeletionTest
}, deletionId);
}
+ @Test
+ public void testRevertDeletionWithAdminUserInAnotherSpace()
+ {
+ String sessionToken = v3api.login(TEST_POWER_USER_CISD, PASSWORD);
+
+ ExperimentPermId experimentId = createCisdExperiment();
+
+ ExperimentDeletionOptions deletionOptions = new ExperimentDeletionOptions();
+ deletionOptions.setReason("It is just a test");
+ final IDeletionId deletionId = v3api.deleteExperiments(sessionToken, Collections.singletonList(experimentId), deletionOptions);
+
+ assertAuthorizationFailureException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ String sessionToken2 = v3api.login(TEST_OBSERVER_CISD, PASSWORD);
+ v3api.revertDeletions(sessionToken2, Collections.singletonList(deletionId));
+ }
+ });
+ }
+
+ @Test
+ public void testRevertDeletionWithSamePowerUserWhoDeleted()
+ {
+ String sessionToken = v3api.login(TEST_POWER_USER_CISD, PASSWORD);
+
+ ExperimentPermId experimentId = createCisdExperiment();
+
+ ExperimentDeletionOptions deletionOptions = new ExperimentDeletionOptions();
+ deletionOptions.setReason("It is just a test");
+ final IDeletionId deletionId = v3api.deleteExperiments(sessionToken, Collections.singletonList(experimentId), deletionOptions);
+ assertDeletionExists(deletionId);
+ assertExperimentDoesNotExist(experimentId);
+
+ v3api.revertDeletions(sessionToken, Collections.singletonList(deletionId));
+
+ assertDeletionDoesNotExist(deletionId);
+ assertExperimentExists(experimentId);
+ }
+
+ @Test
+ public void testRevertDeletionWithDifferentPowerUserWhoDeleted()
+ {
+ String sessionToken = v3api.login(TEST_USER, PASSWORD);
+
+ ExperimentPermId experimentId = createCisdExperiment();
+
+ ExperimentDeletionOptions deletionOptions = new ExperimentDeletionOptions();
+ deletionOptions.setReason("It is just a test");
+ final IDeletionId deletionId = v3api.deleteExperiments(sessionToken, Collections.singletonList(experimentId), deletionOptions);
+
+ assertUnauthorizedObjectAccessException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ String sessionToken2 = v3api.login(TEST_POWER_USER_CISD, PASSWORD);
+ v3api.revertDeletions(sessionToken2, Collections.singletonList(deletionId));
+ }
+ }, deletionId);
+ }
}
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/UpdateSampleTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/UpdateSampleTest.java
index af3540354de679c5e9b387c11662badc6fa8401c..635225872162091e3bd925cef9319a2ba9478143 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/UpdateSampleTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/UpdateSampleTest.java
@@ -60,6 +60,24 @@ import junit.framework.Assert;
*/
public class UpdateSampleTest extends AbstractSampleTest
{
+ @Test
+ public void testUpdateSharedSampleWithHomelessPowerUser()
+ {
+ final SamplePermId permId = new SamplePermId("200811050947161-653");
+
+ assertUnauthorizedObjectAccessException(new IDelegatedAction()
+ {
+ @Override
+ public void execute()
+ {
+ String sessionToken = v3api.login(TEST_NO_HOME_SPACE, PASSWORD);
+
+ final SampleUpdate update = new SampleUpdate();
+ update.setSampleId(permId);
+ v3api.updateSamples(sessionToken, Collections.singletonList(update));
+ }
+ }, permId);
+ }
@Test
public void testUpdateBiggerThanPostgresDriverArgumentsLimitWithIndexCheck()
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/UpdateTagTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/UpdateTagTest.java
index d90e4b7f661f299bc9ad10ff14c899a5daae9d0d..2f1d3add26029c9db48e80bdf84fddb6a73dd23e 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/UpdateTagTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/UpdateTagTest.java
@@ -19,6 +19,7 @@ package ch.ethz.sis.openbis.systemtest.asapi.v3;
import static org.testng.Assert.assertEquals;
import java.util.Arrays;
+import java.util.List;
import java.util.Map;
import org.testng.annotations.Test;
@@ -28,6 +29,7 @@ import ch.ethz.sis.openbis.generic.asapi.v3.dto.experiment.id.ExperimentIdentifi
import ch.ethz.sis.openbis.generic.asapi.v3.dto.material.id.MaterialPermId;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.sample.id.SampleIdentifier;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.tag.Tag;
+import ch.ethz.sis.openbis.generic.asapi.v3.dto.tag.create.TagCreation;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.tag.fetchoptions.TagFetchOptions;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.tag.id.ITagId;
import ch.ethz.sis.openbis.generic.asapi.v3.dto.tag.id.TagPermId;
@@ -97,6 +99,26 @@ public class UpdateTagTest extends AbstractTest
assertEquals(after.getDescription(), update.getDescription().getValue());
}
+ @Test
+ public void testUpdateWithObserver()
+ {
+
+ TagCreation creation = new TagCreation();
+ creation.setCode("TEST_TAG");
+ creation.setDescription("test description");
+
+ String sessionToken = v3api.login(TEST_GROUP_OBSERVER, PASSWORD);
+ List<TagPermId> ids = v3api.createTags(sessionToken, Arrays.asList(creation));
+
+ TagUpdate update = new TagUpdate();
+ update.setTagId(ids.get(0));
+ update.setDescription("brand new description");
+
+ Tag after = updateTag(TEST_GROUP_OBSERVER, PASSWORD, update);
+
+ assertEquals(after.getDescription(), update.getDescription().getValue());
+ }
+
@Test
public void testUpdateWithExperimentsAdd()
{