From 56484fa9f79aa2bd2271d849cdf2a784ff9aee7d Mon Sep 17 00:00:00 2001
From: pkupczyk <pkupczyk>
Date: Mon, 18 Dec 2017 14:11:11 +0000
Subject: [PATCH] SSDM-6019 : Project Authorization - modify @RolesAllowed
 annotations at non-entity related methods - fix openbis tests

SVN: 39052
---
 .../cisd/openbis/generic/server/CommonServer.java   | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/CommonServer.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/CommonServer.java
index f0477fe893c..97db5241bc1 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/CommonServer.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/CommonServer.java
@@ -1632,7 +1632,7 @@ public final class CommonServer extends AbstractCommonServer<ICommonServerForInt
     }
 
     @Override
-    @RolesAllowed(RoleWithHierarchy.SPACE_OBSERVER)
+    @RolesAllowed(RoleWithHierarchy.PROJECT_OBSERVER)
     @ReturnValueFilter(validatorClass = SearchDomainSearchResultValidator.class)
     public List<SearchDomainSearchResultWithFullEntity> searchOnSearchDomain(String sessionToken,
             String preferredSearchDomainOrNull, String searchString, Map<String, String> optionalParametersOrNull)
@@ -1644,7 +1644,7 @@ public final class CommonServer extends AbstractCommonServer<ICommonServerForInt
     }
 
     @Override
-    @RolesAllowed(RoleWithHierarchy.SPACE_OBSERVER)
+    @RolesAllowed(RoleWithHierarchy.PROJECT_OBSERVER)
     public List<SearchDomain> listAvailableSearchDomains(String sessionToken)
     {
         Session session = getSession(sessionToken);
@@ -2633,11 +2633,16 @@ public final class CommonServer extends AbstractCommonServer<ICommonServerForInt
     }
 
     @Override
-    @RolesAllowed(RoleWithHierarchy.SPACE_OBSERVER)
+    @RolesAllowed(RoleWithHierarchy.PROJECT_OBSERVER)
     public IEntityInformationHolderWithPermId getEntityInformationHolder(String sessionToken,
             EntityKind entityKind, String permId)
     {
-        checkSession(sessionToken);
+        Session session = getSession(sessionToken);
+
+        AuthorizationServiceUtils authorizationUtils =
+                new AuthorizationServiceUtils(getDAOFactory(), session.tryGetPerson().getUserId());
+        authorizationUtils.checkAccessEntity(entityKind, permId);
+
         switch (entityKind)
         {
             case DATA_SET:
-- 
GitLab