From 55ba64b96052c222d97bf0c24de89b56c46714d8 Mon Sep 17 00:00:00 2001
From: buczekp <buczekp>
Date: Thu, 14 Oct 2010 13:59:12 +0000
Subject: [PATCH] [LMS-1833] bugfix and changed authorization
SVN: 18310
---
.../application/ui/field/ParameterField.java | 25 +++++++++----------
.../client/web/server/QueryClientService.java | 5 ++--
.../plugin/query/server/QueryServer.java | 10 ++++++--
.../query/server/QueryServerLogger.java | 6 ++---
.../plugin/query/shared/IQueryServer.java | 2 +-
.../query/shared/IQueryServer.java.expected | 2 +-
6 files changed, 28 insertions(+), 22 deletions(-)
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/client/web/client/application/ui/field/ParameterField.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/client/web/client/application/ui/field/ParameterField.java
index 4870020892b..972ab3ed01b 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/client/web/client/application/ui/field/ParameterField.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/client/web/client/application/ui/field/ParameterField.java
@@ -66,7 +66,7 @@ public class ParameterField extends TriggerField<ModelData> implements IParamete
{
final String namePart = split[0];
final String expressionPart = split[1];
- final String idSuffix = parameterName.replaceAll(" ", "_");
+ final String idSuffix = namePart.replaceAll(" ", "_");
if (expressionPart.startsWith(ENUM_LIST_EXPRESSION_PREFIX))
{
String itemList = expressionPart.substring(ENUM_LIST_EXPRESSION_PREFIX.length());
@@ -76,19 +76,20 @@ public class ParameterField extends TriggerField<ModelData> implements IParamete
{
parameterValues.add(new ParameterValue(value, null));
}
- return ParameterSelectionDropDownList.createWithValues(parameterName, idSuffix,
+ return ParameterSelectionField.createWithValues(namePart, idSuffix,
parameterValues, initialValueOrNull, onValueChangeAction);
} else if (expressionPart.startsWith(QUERY_LIST_EXPRESSION_PREFIX))
{
String queryExpression =
expressionPart.substring(QUERY_LIST_EXPRESSION_PREFIX.length());
- return ParameterSelectionDropDownList.createWithLoader(parameterName,
- queryExpression, idSuffix, viewContextOrNull, loaderOrNull,
- initialValueOrNull, onValueChangeAction);
+ return ParameterSelectionField.createWithLoader(namePart, queryExpression,
+ idSuffix, viewContextOrNull, loaderOrNull, initialValueOrNull,
+ onValueChangeAction);
} else
{
MessageBox.alert("Error", "Filter parameter '" + namePart
+ "' is not defined properly.", null);
+ return new ParameterField(namePart, onValueChangeAction, initialValueOrNull);
}
}
return new ParameterField(parameterName, onValueChangeAction, initialValueOrNull);
@@ -147,8 +148,7 @@ public class ParameterField extends TriggerField<ModelData> implements IParamete
onValueChangeAction.execute();
}
- // TODO 2010-10-13, Piotr Buczek: extract common code with ParameterField
- private static class ParameterSelectionDropDownList extends
+ private static class ParameterSelectionField extends
DropDownList<ParameterValueModel, ParameterValue> implements IParameterField
{
@@ -178,8 +178,8 @@ public class ParameterField extends TriggerField<ModelData> implements IParamete
IParameterValuesLoader loader, String initialValueOrNull,
IDelegatedAction onValueChangeAction)
{
- return new ParameterSelectionDropDownList(parameterName, idSuffix, viewContextOrNull,
- loader, queryExpression, null, initialValueOrNull, onValueChangeAction);
+ return new ParameterSelectionField(parameterName, idSuffix, viewContextOrNull, loader,
+ queryExpression, null, initialValueOrNull, onValueChangeAction);
}
/**
@@ -189,11 +189,11 @@ public class ParameterField extends TriggerField<ModelData> implements IParamete
List<ParameterValue> initialValues, String initialValueOrNull,
IDelegatedAction onValueChangeAction)
{
- return new ParameterSelectionDropDownList(parameterName, idSuffix, null, null, null,
+ return new ParameterSelectionField(parameterName, idSuffix, null, null, null,
initialValues, initialValueOrNull, onValueChangeAction);
}
- protected ParameterSelectionDropDownList(final String parameterName, String idSuffix,
+ protected ParameterSelectionField(final String parameterName, String idSuffix,
IViewContext<?> viewContextOrNull, IParameterValuesLoader loaderOrNull,
String queryExpressionOrNull, List<ParameterValue> valuesOrNull,
String initialValueOrNull, final IDelegatedAction onValueChangeAction)
@@ -271,8 +271,7 @@ public class ParameterField extends TriggerField<ModelData> implements IParamete
GWTUtils.setSelectedItem(this, ModelDataPropertyNames.CODE, parameterValue);
}
- private class ListParameterValuesCallback extends
- ParameterSelectionDropDownList.ListItemsCallback
+ private class ListParameterValuesCallback extends ParameterSelectionField.ListItemsCallback
{
protected ListParameterValuesCallback(IViewContext<?> viewContext)
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/client/web/server/QueryClientService.java b/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/client/web/server/QueryClientService.java
index 040a4310b49..4dac8692e4a 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/client/web/server/QueryClientService.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/client/web/server/QueryClientService.java
@@ -118,7 +118,8 @@ public class QueryClientService extends AbstractClientService implements IQueryC
{
final String sessionToken = getSessionToken();
final TableModel tableModel =
- queryServer.queryDatabase(sessionToken, database, sqlQuery, bindingsOrNull);
+ queryServer.queryDatabase(sessionToken, database, sqlQuery, bindingsOrNull,
+ false);
return createTableModelReference(tableModel);
} catch (final UserFailureException e)
{
@@ -132,7 +133,7 @@ public class QueryClientService extends AbstractClientService implements IQueryC
{
final String sessionToken = getSessionToken();
final TableModel tableModel =
- queryServer.queryDatabase(sessionToken, database, sqlQuery, null);
+ queryServer.queryDatabase(sessionToken, database, sqlQuery, null, true);
// TreeSet is used because we want distinct values and we want them to be sorted
Set<ParameterValue> valuesSet = new TreeSet<ParameterValue>();
boolean withDescription = tableModel.getHeader().size() > 1;
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/server/QueryServer.java b/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/server/QueryServer.java
index 236b8a3fe28..9746b81e8e2 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/server/QueryServer.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/server/QueryServer.java
@@ -219,13 +219,19 @@ public class QueryServer extends AbstractServer<IQueryServer> implements IQueryS
}
public TableModel queryDatabase(String sessionToken, QueryDatabase database, String sqlQuery,
- QueryParameterBindings bindings)
+ QueryParameterBindings bindings, boolean onlyPerform)
{
Session session = getSession(sessionToken);
try
{
String dbKey = database.getKey();
- QueryAccessController.checkWriteAccess(session, dbKey, "create and perform");
+ if (onlyPerform)
+ {
+ QueryAccessController.checkReadAccess(session, dbKey);
+ } else
+ {
+ QueryAccessController.checkWriteAccess(session, dbKey, "create and perform");
+ }
return QueryAccessController.filterResults(session.tryGetPerson(), dbKey,
getDAOFactory(), queryDatabaseWithKey(dbKey, sqlQuery, bindings));
} catch (DataAccessException ex)
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/server/QueryServerLogger.java b/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/server/QueryServerLogger.java
index dad9344758b..272450d884d 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/server/QueryServerLogger.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/server/QueryServerLogger.java
@@ -93,10 +93,10 @@ class QueryServerLogger extends AbstractServerLogger implements IQueryServer
}
public TableModel queryDatabase(String sessionToken, QueryDatabase database, String sqlQuery,
- QueryParameterBindings bindings)
+ QueryParameterBindings bindings, boolean onlyPerform)
{
- logAccess(sessionToken, "query_database", "DB(%s) SQL(%s) BINDINGS(%s)", database,
- sqlQuery, bindings);
+ logAccess(sessionToken, "query_database", "DB(%s) SQL(%s) BINDINGS(%s) ACTION(%s)",
+ database, sqlQuery, bindings, onlyPerform ? "perform" : "create & perform");
return null;
}
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/shared/IQueryServer.java b/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/shared/IQueryServer.java
index eb62fa51740..824b08e5e72 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/shared/IQueryServer.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/plugin/query/shared/IQueryServer.java
@@ -57,7 +57,7 @@ public interface IQueryServer extends IServer
@Transactional(readOnly = true)
@RolesAllowed(RoleWithHierarchy.SPACE_OBSERVER)
public TableModel queryDatabase(String sessionToken, QueryDatabase database, String sqlQuery,
- QueryParameterBindings bindings);
+ QueryParameterBindings bindings, boolean onlyPerform);
@Transactional(readOnly = true)
@RolesAllowed(RoleWithHierarchy.SPACE_OBSERVER)
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/plugin/query/shared/IQueryServer.java.expected b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/plugin/query/shared/IQueryServer.java.expected
index 8d2a05e6ee5..f98d232bda1 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/plugin/query/shared/IQueryServer.java.expected
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/plugin/query/shared/IQueryServer.java.expected
@@ -57,7 +57,7 @@ public interface IQueryServer extends IServer
@Transactional(readOnly = true)
@RolesAllowed(RoleWithHierarchy.SPACE_OBSERVER)
public TableModel queryDatabase(String sessionToken, QueryDatabase database, String sqlQuery,
- QueryParameterBindings bindings);
+ QueryParameterBindings bindings, boolean onlyPerform);
@Transactional(readOnly = true)
@RolesAllowed(RoleWithHierarchy.SPACE_OBSERVER)
--
GitLab