diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/SearchExperimentTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/SearchExperimentTest.java
index 0b35d2732322765aa9fc07cd898655abb04089cd..767920a6c6daf6b032f97762b0e055ce8df4b8b0 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/SearchExperimentTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/SearchExperimentTest.java
@@ -565,7 +565,7 @@ public class SearchExperimentTest extends AbstractExperimentTest
{
ExperimentSearchCriteria criteria = new ExperimentSearchCriteria();
criteria.withRegistrationDate().thatIsEarlierThanOrEqualTo("2008-11-05");
- testSearch(TEST_USER, criteria, 7);
+ testSearch(TEST_USER, criteria, 15);
}
@Test
@@ -573,7 +573,7 @@ public class SearchExperimentTest extends AbstractExperimentTest
{
ExperimentSearchCriteria criteria = new ExperimentSearchCriteria();
criteria.withModificationDate().thatEquals("2009-03-18");
- testSearch(TEST_USER, criteria, 12);
+ testSearch(TEST_USER, criteria, 20);
}
@Test
diff --git a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/SearchProjectTest.java b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/SearchProjectTest.java
index c5c80cbabcfa69277365a2fe3431d98cc3f9697a..9de58c5f9270f0efd3ede7dad8295c02e0293762 100644
--- a/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/SearchProjectTest.java
+++ b/openbis/sourceTest/java/ch/ethz/sis/openbis/systemtest/asapi/v3/SearchProjectTest.java
@@ -95,7 +95,8 @@ public class SearchProjectTest extends AbstractTest
{
ProjectSearchCriteria criteria = new ProjectSearchCriteria();
criteria.withCode().thatContains("pRoJ");
- testSearch(TEST_USER, criteria, "/TESTGROUP/TESTPROJ", "/TEST-SPACE/TEST-PROJECT", "/TEST-SPACE/PROJECT-TO-DELETE");
+ testSearch(TEST_USER, criteria, "/TESTGROUP/TESTPROJ", "/TEST-SPACE/TEST-PROJECT", "/AUTH-SPACE-2/AUTH-PROJECT-21",
+ "/AUTH-SPACE-2/AUTH-PROJECT-22", "/AUTH-SPACE-1/AUTH-PROJECT-11", "/AUTH-SPACE-1/AUTH-PROJECT-12", "/TEST-SPACE/PROJECT-TO-DELETE");
}
@Test
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationTestCase.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationTestCase.java
index b5d16e01159094b7ad0f5990314273ce20620231..88cf32279235e5562d2e3198ee2ab91a17be241a 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationTestCase.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationTestCase.java
@@ -27,7 +27,6 @@ import org.jmock.Mockery;
import org.testng.AssertJUnit;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
-import org.testng.annotations.DataProvider;
import ch.rinn.restrictions.Friend;
import ch.systemsx.cisd.common.exceptions.Status;
@@ -55,8 +54,6 @@ import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SpaceIdentifier;
public class AuthorizationTestCase extends AssertJUnit
{
- protected static final String AUTHORIZATION_CONFIG_PROVIDER = "authorizationConfigProvider";
-
protected static final PersonPE PERSON_PE = new PersonPE();
protected static final String SPACE_CODE = "G1";
@@ -506,14 +503,6 @@ public class AuthorizationTestCase extends AssertJUnit
});
}
- @DataProvider(name = AUTHORIZATION_CONFIG_PROVIDER)
- protected Object[][] provideAuthorizationConfig()
- {
- return new Object[][] {
- { new TestAuthorizationConfig(false, null) },
- { new TestAuthorizationConfig(true, PERSON_PE.getUserId()) } };
- }
-
protected static void assertOK(Status status)
{
assertTrue(status.isOK());
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/CapabilityMapTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/CapabilityMapTest.java
index effed55605cef825870b1441cdf43a6c94e8cac2..c1ca52c38732b1b471b902a656e48bba8bcf148c 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/CapabilityMapTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/CapabilityMapTest.java
@@ -80,7 +80,7 @@ public class CapabilityMapTest
{
CapabilityMap capMap =
new CapabilityMap(Arrays.asList("A: SPACE_POWER_USER\t", "# Some comment", "",
- " B INSTANCE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, null));
+ " B INSTANCE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertEquals(
@@ -101,7 +101,7 @@ public class CapabilityMapTest
{
CapabilityMap capMap =
new CapabilityMap(Arrays.asList("A:SPACE_POWER_USER\t", "# Some comment", "",
- " B INSTANCE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, null));
+ " B INSTANCE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertEquals(
@@ -122,7 +122,7 @@ public class CapabilityMapTest
{
CapabilityMap capMap =
new CapabilityMap(Arrays.asList("A :SPACE_POWER_USER\t", "# Some comment", "",
- " B INSTANCE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, null));
+ " B INSTANCE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertEquals(
@@ -143,7 +143,7 @@ public class CapabilityMapTest
{
CapabilityMap capMap =
new CapabilityMap(Arrays.asList("A : SPACE_POWER_USER\t", "# Some comment", "",
- " b instance_etl_server"), "<memory>", new TestAuthorizationConfig(false, null));
+ " b instance_etl_server"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertEquals(
@@ -164,7 +164,7 @@ public class CapabilityMapTest
{
CapabilityMap capMap =
new CapabilityMap(Arrays.asList("A SPACE_POWER_USER\t",
- " A INSTANCE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, null));
+ " A INSTANCE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertEquals(2, capMap.tryGetRoles(CapabilityMapTest.class.getDeclaredMethod("dummyA1"), null)
@@ -180,7 +180,7 @@ public class CapabilityMapTest
{
CapabilityMap capMap =
new CapabilityMap(Arrays.asList("A : SPACE_POWER_USER,INSTANCE_ETL_SERVER\t"),
- "<memory>", new TestAuthorizationConfig(false, null));
+ "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertEquals(2, capMap.tryGetRoles(CapabilityMapTest.class.getDeclaredMethod("dummyA1"), null)
@@ -196,7 +196,7 @@ public class CapabilityMapTest
{
CapabilityMap capMap =
new CapabilityMap(Arrays.asList("A\tSPACE_POWER_USER,INSTANCE_ETL_SERVER; "
- + "sample = SPACE_USER, SPACE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, null));
+ + "sample = SPACE_USER, SPACE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertRoles("[INSTANCE_ETL_SERVER, SPACE_POWER_USER]", capMap, "dummyA1", null);
@@ -207,7 +207,7 @@ public class CapabilityMapTest
public void testOnlyParameterRoles() throws Exception
{
CapabilityMap capMap =
- new CapabilityMap(Arrays.asList("a : sample = SPACE_USER, SPACE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, null));
+ new CapabilityMap(Arrays.asList("a : sample = SPACE_USER, SPACE_ETL_SERVER"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertNoRoles(capMap, "dummyA1", null);
@@ -220,7 +220,7 @@ public class CapabilityMapTest
CapabilityMap capMap =
new CapabilityMap(Arrays.asList(
"CapabilityMapTest.dummyA: SPACE_POWER_USER #wrong",
- "CapabilityMapTest.dummyB NO_ROLE"), "<memory>", new TestAuthorizationConfig(false, null));
+ "CapabilityMapTest.dummyB NO_ROLE"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("WARN OPERATION.CapabilityMap - Ignoring mal-formed line "
+ "'CapabilityMapTest.dummyA: SPACE_POWER_USER #wrong' in <memory> "
@@ -238,7 +238,7 @@ public class CapabilityMapTest
public void testUserRoleDisabled() throws SecurityException, NoSuchMethodException
{
CapabilityMap capMap =
- new CapabilityMap(Arrays.asList("A: INSTANCE_DISABLED\t"), "<memory>", new TestAuthorizationConfig(false, null));
+ new CapabilityMap(Arrays.asList("A: INSTANCE_DISABLED\t"), "<memory>", new TestAuthorizationConfig(false, false));
assertEquals("", logRecorder.getLogContent());
assertEquals(
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/TestAuthorizationConfig.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/TestAuthorizationConfig.java
index 83b4d00c430baad387ef2ea4e6a6ded7463ddfe5..d4175494bf3c1157690661b5d645fdcd63fbfc93 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/TestAuthorizationConfig.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/TestAuthorizationConfig.java
@@ -26,9 +26,9 @@ public class TestAuthorizationConfig implements IAuthorizationConfig
private boolean projectLevelEnabled;
- private String projectLevelUser;
+ private boolean projectLevelUser;
- public TestAuthorizationConfig(boolean projectLevelEnabled, String projectLevelUser)
+ public TestAuthorizationConfig(boolean projectLevelEnabled, boolean projectLevelUser)
{
this.projectLevelEnabled = projectLevelEnabled;
this.projectLevelUser = projectLevelUser;
@@ -43,13 +43,13 @@ public class TestAuthorizationConfig implements IAuthorizationConfig
@Override
public boolean isProjectLevelUser(String userId)
{
- return userId != null && userId.equals(projectLevelUser);
+ return projectLevelUser;
}
@Override
public String toString()
{
- return "projectAuthorization=" + isProjectLevelEnabled();
+ return "projectAuthorization=" + isProjectLevelEnabled() + ", projectLevelUser=" + isProjectLevelUser(null);
}
}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/AbstractTechIdCollectionPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/AbstractTechIdCollectionPredicateTest.java
index bb2ce3651001b0dd96fdcbc8d2017994559fdc63..c12ff6170353fa3082362647bed67d27b4c41ef2 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/AbstractTechIdCollectionPredicateTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/AbstractTechIdCollectionPredicateTest.java
@@ -46,7 +46,7 @@ public class AbstractTechIdCollectionPredicateTest extends AuthorizationTestCase
prepareProvider(createSpaces());
final List<TechId> techIds = TechId.createList(1L, 2L);
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
context.checking(new Expectations()
{
{
@@ -153,7 +153,7 @@ public class AbstractTechIdCollectionPredicateTest extends AuthorizationTestCase
public void testExperimentTechIdCollectionPredicateFails()
{
ExperimentTechIdCollectionPredicate predicate = new ExperimentTechIdCollectionPredicate();
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
prepareProvider(createSpaces());
final List<TechId> techIds = TechId.createList(1L, 2L);
context.checking(new Expectations()
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/AbstractTechIdPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/AbstractTechIdPredicateTest.java
index b54f863510c91f7ea01ce9b15a332d1311ed072b..d9a2126cbbe121f13700e2ebbd2a231edbec67fe 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/AbstractTechIdPredicateTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/AbstractTechIdPredicateTest.java
@@ -52,7 +52,7 @@ public final class AbstractTechIdPredicateTest extends AuthorizationTestCase
public final void testDoEvaluationWithoutDAOFactory()
{
final AbstractTechIdPredicate predicate = createPredicate();
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
boolean fail = true;
try
{
@@ -71,7 +71,7 @@ public final class AbstractTechIdPredicateTest extends AuthorizationTestCase
{
final AbstractTechIdPredicate predicate = createPredicate();
prepareProvider(Collections.<SpacePE> emptyList(), createSpace(), ENTITY_KIND, TECH_ID);
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
predicate.init(provider);
assertTrue(predicate.doEvaluation(createPerson(), createRoles(false), TECH_ID).isError());
context.assertIsSatisfied();
@@ -82,7 +82,7 @@ public final class AbstractTechIdPredicateTest extends AuthorizationTestCase
{
final AbstractTechIdPredicate predicate = createPredicate();
prepareProvider(createSpaces(), createSpace(), ENTITY_KIND, TECH_ID);
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
predicate.init(provider);
final Status evaluation =
predicate.doEvaluation(createPerson(), createRoles(false), TECH_ID);
@@ -98,7 +98,7 @@ public final class AbstractTechIdPredicateTest extends AuthorizationTestCase
person.setHomeSpace(createSpace());
final SpacePE homeGroup = createSpace();
prepareProvider(createSpaces(), homeGroup, ENTITY_KIND, TECH_ID);
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
predicate.init(provider);
final Status evaluation = predicate.doEvaluation(person, createRoles(false), TECH_ID);
assertEquals(Status.OK, evaluation);
@@ -110,7 +110,7 @@ public final class AbstractTechIdPredicateTest extends AuthorizationTestCase
{
final AbstractTechIdPredicate predicate = createPredicate();
prepareProvider(createSpaces(), createAnotherSpace(), ENTITY_KIND, TECH_ID);
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
predicate.init(provider);
final Status evaluation =
predicate.doEvaluation(createPerson(), createRoles(false), TECH_ID);
@@ -128,7 +128,7 @@ public final class AbstractTechIdPredicateTest extends AuthorizationTestCase
final SpacePE anotherGroup = createSpace(ANOTHER_SPACE_CODE);
groups.add(anotherGroup);
prepareProvider(groups, anotherGroup, ENTITY_KIND, TECH_ID);
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
predicate.init(provider);
final Status evaluation =
predicate.doEvaluation(createPerson(), createRoles(false), TECH_ID);
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/CommonCollectionPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/CommonCollectionPredicateTest.java
deleted file mode 100644
index 5b08757204500703ec51e350597e37b58f23fb06..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/CommonCollectionPredicateTest.java
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import org.testng.annotations.Test;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
-
-/**
- * @author pkupczyk
- */
-public abstract class CommonCollectionPredicateTest<O> extends CommonPredicateTest<O>
-{
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNullCollection(IAuthorizationConfig config)
- {
- try
- {
- expectWithAll(config, null);
- Status result = evaluateObjects(null);
- assertWithNullCollection(config, result, null);
- } catch (Throwable t)
- {
- assertWithNullCollection(config, null, t);
- }
- }
-
- protected void assertWithNullCollection(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "Unspecified value");
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectMatchesAtSpaceLevel(final IAuthorizationConfig config)
- {
- O objectInSpaceProject = createObject(SPACE_PE, SPACE_PROJECT_PE);
- O objectInAnotherSpaceAnotherProject = createObject(ANOTHER_SPACE_PE, ANOTHER_SPACE_ANOTHER_PROJECT_PE);
-
- List<O> objects = Arrays.asList(objectInSpaceProject, objectInAnotherSpaceAnotherProject);
-
- expectWithAll(config, objects);
-
- Status result = evaluateObjects(objects, createProjectRole(RoleCode.ADMIN, SPACE_PROJECT_PE),
- createSpaceRole(RoleCode.ADMIN, ANOTHER_SPACE_PE));
-
- assertWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectMatchesAtSpaceLevel(config, result, null);
- }
-
- protected void assertWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectMatchesAtSpaceLevel(IAuthorizationConfig config,
- Status result, Throwable t)
- {
- if (config.isProjectLevelEnabled())
- {
- assertOK(result);
- } else
- {
- assertError(result);
- }
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectDoesNotMatchAtAnyLevel(final IAuthorizationConfig config)
- {
- O objectInSpaceProject = createObject(SPACE_PE, SPACE_PROJECT_PE);
- O objectInAnotherSpaceAnotherProject = createObject(ANOTHER_SPACE_PE, ANOTHER_SPACE_ANOTHER_PROJECT_PE);
-
- List<O> objects = Arrays.asList(objectInSpaceProject, objectInAnotherSpaceAnotherProject);
-
- expectWithAll(config, objects);
-
- Status result = evaluateObjects(objects, createProjectRole(RoleCode.ADMIN, SPACE_PROJECT_PE));
-
- assertError(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithTwoObjectsWhereOneObjectMatchesAtSpaceLevelAndTheOtherObjectDoesNotMatchAtAnyLevel(final IAuthorizationConfig config)
- {
- O objectInSpaceProject = createObject(SPACE_PE, SPACE_PROJECT_PE);
- O objectInAnotherSpaceAnotherProject = createObject(ANOTHER_SPACE_PE, ANOTHER_SPACE_ANOTHER_PROJECT_PE);
-
- List<O> objects = Arrays.asList(objectInSpaceProject, objectInAnotherSpaceAnotherProject);
-
- expectWithAll(config, objects);
-
- Status result = evaluateObjects(objects, createSpaceRole(RoleCode.ADMIN, SPACE_PE));
-
- assertError(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithTwoObjectsWhereBothObjectsMatchAtProjectLevel(final IAuthorizationConfig config)
- {
- O objectInSpaceProject = createObject(SPACE_PE, SPACE_PROJECT_PE);
- O objectInAnotherSpaceAnotherProject = createObject(ANOTHER_SPACE_PE, ANOTHER_SPACE_ANOTHER_PROJECT_PE);
-
- List<O> objects = Arrays.asList(objectInSpaceProject, objectInAnotherSpaceAnotherProject);
-
- expectWithAll(config, objects);
-
- Status result = evaluateObjects(objects,
- createProjectRole(RoleCode.ADMIN, SPACE_PROJECT_PE),
- createProjectRole(RoleCode.ADMIN, ANOTHER_SPACE_ANOTHER_PROJECT_PE));
-
- if (config.isProjectLevelEnabled())
- {
- assertOK(result);
- } else
- {
- assertError(result);
- }
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithTwoObjectsWhereBothObjectsMatchAtSpaceLevel(final IAuthorizationConfig config)
- {
- O objectInSpaceProject = createObject(SPACE_PE, SPACE_PROJECT_PE);
- O objectInAnotherSpaceAnotherProject = createObject(ANOTHER_SPACE_PE, ANOTHER_SPACE_ANOTHER_PROJECT_PE);
-
- List<O> objects = Arrays.asList(objectInSpaceProject, objectInAnotherSpaceAnotherProject);
-
- expectWithAll(config, objects);
-
- Status result = evaluateObjects(objects,
- createSpaceRole(RoleCode.ADMIN, SPACE_PE),
- createSpaceRole(RoleCode.ADMIN, ANOTHER_SPACE_PE));
-
- assertOK(result);
- }
-
-}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/CommonPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/CommonPredicateTest.java
deleted file mode 100644
index 4f2042dbdb28119330dd704b1115010ea0f121f2..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/CommonPredicateTest.java
+++ /dev/null
@@ -1,242 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import org.testng.annotations.Test;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.AuthorizationTestCase;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public abstract class CommonPredicateTest<O> extends AuthorizationTestCase
-{
-
- protected abstract O createObject(SpacePE spacePE, ProjectPE projectPE);
-
- protected abstract Status evaluateObjects(List<O> objects, RoleWithIdentifier... roles);
-
- protected void expectWithAll(IAuthorizationConfig config, List<O> objects)
- {
-
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNull(IAuthorizationConfig config)
- {
- try
- {
- List<O> objects = Arrays.asList((O) null);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects);
- assertWithNull(config, result, null);
- } catch (Throwable t)
- {
- assertWithNull(config, null, t);
- }
- }
-
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "Unspecified value");
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNonexistentObjectForInstanceUser(IAuthorizationConfig config)
- {
- O object = createObject(NON_EXISTENT_SPACE_PE, NON_EXISTENT_SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createInstanceRole(RoleCode.ADMIN));
- assertWithNonexistentObjectForInstanceUser(config, result);
- }
-
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertError(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNonexistentObjectForSpaceUser(IAuthorizationConfig config)
- {
- O object = createObject(NON_EXISTENT_SPACE_PE, NON_EXISTENT_SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createSpaceRole(RoleCode.ADMIN, SPACE_PE));
- assertWithNonexistentObjectForSpaceUser(config, result);
- }
-
- protected void assertWithNonexistentObjectForSpaceUser(IAuthorizationConfig config, Status result)
- {
- assertError(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNonexistentObjectForProjectUser(IAuthorizationConfig config)
- {
- O object = createObject(NON_EXISTENT_SPACE_PE, NON_EXISTENT_SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createProjectRole(RoleCode.ADMIN, SPACE_PROJECT_PE));
- assertWithNonexistentObjectForProjectUser(config, result);
- }
-
- protected void assertWithNonexistentObjectForProjectUser(IAuthorizationConfig config, Status result)
- {
- assertError(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNoAllowedRoles(IAuthorizationConfig config)
- {
- O object = createObject(SPACE_PE, SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects);
- assertWithNoAllowedRoles(config, result);
- }
-
- protected void assertWithNoAllowedRoles(IAuthorizationConfig config, Status result)
- {
- assertError(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithMultipleAllowedRoles(IAuthorizationConfig config)
- {
- O object = createObject(SPACE_PE, SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createSpaceRole(RoleCode.ADMIN, ANOTHER_SPACE_PE), createSpaceRole(RoleCode.ADMIN, SPACE_PE));
- assertWithMultipleAllowedRoles(config, result);
- }
-
- protected void assertWithMultipleAllowedRoles(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithInstanceUser(IAuthorizationConfig config)
- {
- O object = createObject(SPACE_PE, SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createInstanceRole(RoleCode.ADMIN));
- assertWithInstanceUser(config, result);
- }
-
- protected void assertWithInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithMatchingSpaceAndMatchingProjectUser(IAuthorizationConfig config)
- {
- O object = createObject(SPACE_PE, SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createSpaceRole(RoleCode.ADMIN, SPACE_PE),
- createProjectRole(RoleCode.ADMIN, SPACE_PROJECT_PE));
- assertWithMatchingSpaceAndMatchingProjectUser(config, result);
- }
-
- protected void assertWithMatchingSpaceAndMatchingProjectUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithMatchingSpaceAndNonMatchingProjectUser(IAuthorizationConfig config)
- {
- O object = createObject(SPACE_PE, SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createSpaceRole(RoleCode.ADMIN, SPACE_PE),
- createProjectRole(RoleCode.ADMIN, ANOTHER_SPACE_PROJECT_PE));
- assertWithMatchingSpaceAndNonMatchingProjectUser(config, result);
- }
-
- protected void assertWithMatchingSpaceAndNonMatchingProjectUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNonMatchingSpaceAndMatchingProjectUser(IAuthorizationConfig config)
- {
- O object = createObject(SPACE_PE, SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createSpaceRole(RoleCode.ADMIN, ANOTHER_SPACE_PE),
- createProjectRole(RoleCode.ADMIN, SPACE_PROJECT_PE));
- assertWithNonMatchingSpaceAndMatchingProjectUser(config, result);
- }
-
- protected void assertWithNonMatchingSpaceAndMatchingProjectUser(IAuthorizationConfig config, Status result)
- {
- if (config.isProjectLevelEnabled())
- {
- assertOK(result);
- } else
- {
- assertError(result);
- }
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNonMatchingSpaceAndNonMatchingProjectUser(IAuthorizationConfig config)
- {
- O object = createObject(SPACE_PE, SPACE_PROJECT_PE);
- List<O> objects = Arrays.asList(object);
- expectWithAll(config, objects);
- Status result = evaluateObjects(objects, createSpaceRole(RoleCode.ADMIN, ANOTHER_SPACE_PE),
- createProjectRole(RoleCode.ADMIN, ANOTHER_SPACE_PROJECT_PE));
- assertWithNonMatchingSpaceAndNonMatchingProjectUser(config, result);
- }
-
- protected void assertWithNonMatchingSpaceAndNonMatchingProjectUser(IAuthorizationConfig config, Status result)
- {
- assertError(result);
- }
-
- protected static void assertException(Throwable actualException, Class<?> expectedClass, String expectedMessage)
- {
- if (false == actualException.getClass().equals(expectedClass))
- {
- actualException.printStackTrace(System.err);
- fail();
- } else
- {
- actualException.printStackTrace(System.out);
- }
- assertEquals(expectedMessage, actualException.getMessage());
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentListPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentListPredicateTest.java
deleted file mode 100644
index 30964873ad6a6ea745426a1bfdc6a36ccd54efad..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentListPredicateTest.java
+++ /dev/null
@@ -1,252 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.jmock.Expectations;
-import org.jmock.api.Invocation;
-import org.jmock.lib.action.CustomAction;
-import org.testng.annotations.BeforeMethod;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ExperimentListPredicate.IExperimentToSpaceQuery;
-import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.EntityRegistrationDetails;
-import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.EntityRegistrationDetails.EntityRegistrationDetailsInitializer;
-import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Experiment;
-import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Experiment.ExperimentInitializer;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public class ExperimentListPredicateTest extends CommonCollectionPredicateTest<Experiment>
-{
-
- private static String EXPERIMENT_TYPE_CODE = "TEST_TYPE";
-
- private static Experiment EXPERIMENT_IN_SPACE_PROJECT;
-
- private static Experiment EXPERIMENT_IN_SPACE_ANOTHER_PROJECT;
-
- private static Experiment EXPERIMENT_IN_ANOTHER_SPACE_PROJECT;
-
- private static Experiment EXPERIMENT_IN_ANOTHER_SPACE_ANOTHER_PROJECT;
-
- private static Experiment EXPERIMENT_NON_EXISTENT;
-
- private IExperimentToSpaceQuery experimentToSpaceQuery;
-
- static
- {
- ExperimentInitializer sp = new Experiment.ExperimentInitializer();
- sp.setId(SPACE_PROJECT_EXPERIMENT_PE.getId());
- sp.setPermId("perm1");
- sp.setCode("E1");
- sp.setExperimentTypeCode(EXPERIMENT_TYPE_CODE);
- sp.setRegistrationDetails(new EntityRegistrationDetails(new EntityRegistrationDetailsInitializer()));
- sp.setIdentifier("/" + SPACE_CODE + "/" + SPACE_PROJECT_CODE + "/" + sp.getCode());
-
- EXPERIMENT_IN_SPACE_PROJECT = new Experiment(sp);
-
- ExperimentInitializer sap = new Experiment.ExperimentInitializer();
- sap.setId(SPACE_ANOTHER_PROJECT_EXPERIMENT_PE.getId());
- sap.setPermId("perm2");
- sap.setCode("E2");
- sap.setExperimentTypeCode(EXPERIMENT_TYPE_CODE);
- sap.setRegistrationDetails(new EntityRegistrationDetails(new EntityRegistrationDetailsInitializer()));
- sap.setIdentifier("/" + SPACE_CODE + "/" + SPACE_ANOTHER_PROJECT_CODE + "/" + sap.getCode());
-
- EXPERIMENT_IN_SPACE_ANOTHER_PROJECT = new Experiment(sap);
-
- ExperimentInitializer asp = new Experiment.ExperimentInitializer();
- asp.setId(ANOTHER_SPACE_PROJECT_EXPERIMENT_PE.getId());
- asp.setPermId("perm3");
- asp.setCode("E3");
- asp.setExperimentTypeCode(EXPERIMENT_TYPE_CODE);
- asp.setRegistrationDetails(new EntityRegistrationDetails(new EntityRegistrationDetailsInitializer()));
- asp.setIdentifier("/" + ANOTHER_SPACE_CODE + "/" + ANOTHER_SPACE_PROJECT_CODE + "/" + asp.getCode());
-
- EXPERIMENT_IN_ANOTHER_SPACE_PROJECT = new Experiment(asp);
-
- ExperimentInitializer asap = new Experiment.ExperimentInitializer();
- asap.setId(ANOTHER_SPACE_ANOTHER_PROJECT_EXPERIMENT_PE.getId());
- asap.setPermId("perm4");
- asap.setCode("E4");
- asap.setExperimentTypeCode(EXPERIMENT_TYPE_CODE);
- asap.setRegistrationDetails(new EntityRegistrationDetails(new EntityRegistrationDetailsInitializer()));
- asap.setIdentifier("/" + ANOTHER_SPACE_CODE + "/" + ANOTHER_SPACE_ANOTHER_PROJECT_CODE + "/" + asap.getCode());
-
- EXPERIMENT_IN_ANOTHER_SPACE_ANOTHER_PROJECT = new Experiment(asap);
-
- ExperimentInitializer ne = new Experiment.ExperimentInitializer();
- ne.setId(NON_EXISTENT_SPACE_PE.getId());
- ne.setPermId("perm5");
- ne.setCode("E5");
- ne.setExperimentTypeCode(EXPERIMENT_TYPE_CODE);
- ne.setRegistrationDetails(new EntityRegistrationDetails(new EntityRegistrationDetailsInitializer()));
- ne.setIdentifier("/" + NON_EXISTENT_SPACE_CODE + "/" + NON_EXISTENT_SPACE_PROJECT_CODE + "/" + ne.getCode());
-
- EXPERIMENT_NON_EXISTENT = new Experiment(ne);
- }
-
- @Override
- @BeforeMethod
- public void setUp()
- {
- super.setUp();
- experimentToSpaceQuery = context.mock(IExperimentToSpaceQuery.class);
- }
-
- @Override
- protected Experiment createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- if (SPACE_PE.equals(spacePE))
- {
- if (SPACE_PROJECT_PE.equals(projectPE))
- {
- return EXPERIMENT_IN_SPACE_PROJECT;
- } else if (SPACE_ANOTHER_PROJECT_PE.equals(projectPE))
- {
- return EXPERIMENT_IN_SPACE_ANOTHER_PROJECT;
- }
- } else if (ANOTHER_SPACE_PE.equals(spacePE))
- {
- if (ANOTHER_SPACE_PROJECT_PE.equals(projectPE))
- {
- return EXPERIMENT_IN_ANOTHER_SPACE_PROJECT;
- } else if (ANOTHER_SPACE_ANOTHER_PROJECT_PE.equals(projectPE))
- {
- return EXPERIMENT_IN_ANOTHER_SPACE_ANOTHER_PROJECT;
- }
- } else if (NON_EXISTENT_SPACE_PE.equals(spacePE))
- {
- return EXPERIMENT_NON_EXISTENT;
- }
-
- throw new RuntimeException();
- }
-
- @Override
- protected Status evaluateObjects(List<Experiment> object, RoleWithIdentifier... roles)
- {
- ExperimentListPredicate predicate = new ExperimentListPredicate();
- predicate.init(provider);
- predicate.setExperimentToSpaceQuery(experimentToSpaceQuery);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), object);
- }
-
- @Override
- protected void expectWithAll(final IAuthorizationConfig config, final List<Experiment> objects)
- {
- prepareProvider(ALL_SPACES_PE);
- expectAuthorizationConfig(config);
-
- context.checking(new Expectations()
- {
- {
- List<Long> experimentIds = new ArrayList<Long>();
- List<String> experimentPermIds = new ArrayList<String>();
- final Map<TechId, ExperimentPE> experimentMap = new HashMap<TechId, ExperimentPE>();
- List<Long> spaceIds = new ArrayList<Long>();
-
- if (objects != null)
- {
- for (Experiment object : objects)
- {
- if (object != null)
- {
- experimentIds.add(object.getId());
- experimentPermIds.add(object.getPermId());
-
- if (EXPERIMENT_IN_SPACE_PROJECT.equals(object))
- {
- spaceIds.add(SPACE_PE.getId());
- experimentMap.put(new TechId(SPACE_PROJECT_EXPERIMENT_PE.getId()), SPACE_PROJECT_EXPERIMENT_PE);
- } else if (EXPERIMENT_IN_SPACE_ANOTHER_PROJECT.equals(object))
- {
- spaceIds.add(SPACE_PE.getId());
- experimentMap.put(new TechId(SPACE_ANOTHER_PROJECT_EXPERIMENT_PE.getId()), SPACE_ANOTHER_PROJECT_EXPERIMENT_PE);
- } else if (EXPERIMENT_IN_ANOTHER_SPACE_PROJECT.equals(object))
- {
- spaceIds.add(ANOTHER_SPACE_PE.getId());
- experimentMap.put(new TechId(ANOTHER_SPACE_PROJECT_EXPERIMENT_PE.getId()), ANOTHER_SPACE_PROJECT_EXPERIMENT_PE);
- } else if (EXPERIMENT_IN_ANOTHER_SPACE_ANOTHER_PROJECT.equals(object))
- {
- spaceIds.add(ANOTHER_SPACE_PE.getId());
- experimentMap.put(new TechId(ANOTHER_SPACE_ANOTHER_PROJECT_EXPERIMENT_PE.getId()),
- ANOTHER_SPACE_ANOTHER_PROJECT_EXPERIMENT_PE);
- }
- }
- }
- }
-
- if (config.isProjectLevelEnabled())
- {
- allowing(provider).tryGetExperimentsByTechIds(TechId.createList(experimentIds));
- will(returnValue(experimentMap));
- }
-
- allowing(experimentToSpaceQuery).getExperimentSpaceIds(with(any(long[].class)), with(any(String[].class)));
-
- will(new CustomAction("getExperimentSpaceIds")
- {
-
- @SuppressWarnings("hiding")
- @Override
- public Object invoke(Invocation invocation) throws Throwable
- {
- long[] experimentIds = (long[]) invocation.getParameter(0);
- List<Long> spaceIds = new ArrayList<Long>();
-
- for (long experimentId : experimentIds)
- {
- ExperimentPE experiment = experimentMap.get(new TechId(experimentId));
- spaceIds.add(experiment.getProject().getSpace().getId());
- }
-
- return spaceIds;
- }
- });
- }
- });
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, NullPointerException.class, null);
- }
-
- @Override
- protected void assertWithNullCollection(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertException(t, UserFailureException.class, "No experiment specified.");
- }
-
-}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentPEPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentPEPredicateTest.java
deleted file mode 100644
index cc2f759824dc843a827fafeac61832e1d1b22214..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentPEPredicateTest.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public class ExperimentPEPredicateTest extends CommonPredicateTest<ExperimentPE>
-{
-
- @Override
- protected ExperimentPE createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- ExperimentPE experimentPE = new ExperimentPE();
- experimentPE.setProject(projectPE);
- return experimentPE;
- }
-
- @Override
- protected Status evaluateObjects(List<ExperimentPE> objects, RoleWithIdentifier... roles)
- {
- ExperimentPEPredicate predicate = new ExperimentPEPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
- }
-
- @Override
- protected void expectWithAll(IAuthorizationConfig config, List<ExperimentPE> object)
- {
- expectAuthorizationConfig(config);
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertError(result);
- }
-
- @Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentPermIdPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentPermIdPredicateTest.java
deleted file mode 100644
index 4d8f0d6fe44f6659f166f907420c1145c6c817b5..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentPermIdPredicateTest.java
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import org.jmock.Expectations;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public class ExperimentPermIdPredicateTest extends CommonPredicateTest<PermId>
-{
-
- private static final PermId EXPERIMENT_PERM_ID = new PermId("experimentPermId");
-
- private static final PermId NON_EXISTENT_EXPERIMENT_PERM_ID = new PermId("nonExistentExperimentPermId");
-
- @Override
- protected void expectWithAll(IAuthorizationConfig config, final List<PermId> objects)
- {
- final PermId object = objects.get(0);
-
- prepareProvider(ALL_SPACES_PE);
- expectAuthorizationConfig(config);
-
- context.checking(new Expectations()
- {
- {
- if (object != null)
- {
- allowing(provider).tryGetExperimentByPermId(object.getId());
-
- if (EXPERIMENT_PERM_ID.equals(object))
- {
- will(returnValue(SPACE_PROJECT_EXPERIMENT_PE));
- } else if (NON_EXISTENT_EXPERIMENT_PERM_ID.equals(object))
- {
- will(returnValue(null));
- }
- }
- }
- });
- }
-
- @Override
- protected PermId createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- if (SPACE_PE.equals(spacePE) && SPACE_PROJECT_PE.equals(projectPE))
- {
- return EXPERIMENT_PERM_ID;
- } else if (NON_EXISTENT_SPACE_PE.equals(spacePE) && NON_EXISTENT_SPACE_PROJECT_PE.equals(projectPE))
- {
- return NON_EXISTENT_EXPERIMENT_PERM_ID;
- } else
- {
- throw new RuntimeException();
- }
- }
-
- @Override
- protected Status evaluateObjects(List<PermId> objects, RoleWithIdentifier... roles)
- {
- ExperimentPermIdPredicate predicate = new ExperimentPermIdPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No experiment perm id specified.");
- }
-
- @Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Override
- protected void assertWithNonexistentObjectForSpaceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Override
- protected void assertWithNonexistentObjectForProjectUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentTechIdCollectionPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentTechIdCollectionPredicateTest.java
deleted file mode 100644
index ef454f84054e3598c6da35a367aefbf8f3a9a854..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentTechIdCollectionPredicateTest.java
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.jmock.Expectations;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.server.authorization.SpaceOwnerKind;
-import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractTechIdCollectionPredicate.ExperimentTechIdCollectionPredicate;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
-
-/**
- * @author pkupczyk
- */
-public class ExperimentTechIdCollectionPredicateTest extends ObjectTechIdCollectionPredicateTest
-{
-
- private static ExperimentPE EXPERIMENT_IN_SPACE_PROJECT = new ExperimentPE();
-
- private static ExperimentPE EXPERIMENT_IN_SPACE_ANOTHER_PROJECT = new ExperimentPE();
-
- private static ExperimentPE EXPERIMENT_IN_ANOTHER_SPACE_PROJECT = new ExperimentPE();
-
- private static ExperimentPE EXPERIMENT_IN_ANOTHER_SPACE_ANOTHER_PROJECT = new ExperimentPE();
-
- private static Map<TechId, ExperimentPE> EXPERIMENT_ID_TO_PE = new HashMap<TechId, ExperimentPE>();
-
- static
- {
- EXPERIMENT_IN_SPACE_PROJECT.setProject(SPACE_PROJECT_PE);
- EXPERIMENT_IN_SPACE_ANOTHER_PROJECT.setProject(SPACE_ANOTHER_PROJECT_PE);
-
- EXPERIMENT_IN_ANOTHER_SPACE_PROJECT.setProject(ANOTHER_SPACE_PROJECT_PE);
- EXPERIMENT_IN_ANOTHER_SPACE_ANOTHER_PROJECT.setProject(ANOTHER_SPACE_ANOTHER_PROJECT_PE);
-
- EXPERIMENT_ID_TO_PE.put(OBJECT_IN_SPACE_PROJECT, EXPERIMENT_IN_SPACE_PROJECT);
- EXPERIMENT_ID_TO_PE.put(OBJECT_IN_SPACE_ANOTHER_PROJECT, EXPERIMENT_IN_SPACE_ANOTHER_PROJECT);
- EXPERIMENT_ID_TO_PE.put(OBJECT_IN_ANOTHER_SPACE_PROJECT, EXPERIMENT_IN_ANOTHER_SPACE_PROJECT);
- EXPERIMENT_ID_TO_PE.put(OBJECT_IN_ANOTHER_SPACE_ANOTHER_PROJECT, EXPERIMENT_IN_ANOTHER_SPACE_ANOTHER_PROJECT);
- }
-
- @Override
- protected Status evaluateObjects(List<TechId> object, RoleWithIdentifier... roles)
- {
- ExperimentTechIdCollectionPredicate predicate = new ExperimentTechIdCollectionPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), object);
- }
-
- @Override
- protected void expectWithAll(final IAuthorizationConfig config, final List<TechId> objects)
- {
- prepareProvider(ALL_SPACES_PE);
- expectAuthorizationConfig(config);
-
- context.checking(new Expectations()
- {
- {
- if (config.isProjectLevelEnabled())
- {
- allowing(provider).tryGetExperimentsByTechIds(objects);
-
- Map<TechId, ExperimentPE> map = new HashMap<TechId, ExperimentPE>();
-
- if (objects != null)
- {
- for (TechId techId : objects)
- {
- if (EXPERIMENT_ID_TO_PE.containsKey(techId))
- {
- map.put(techId, EXPERIMENT_ID_TO_PE.get(techId));
- }
- }
- }
-
- will(returnValue(map));
- }
-
- expectGetDistinctSpacesByEntityIds(SpaceOwnerKind.EXPERIMENT);
- }
- });
- }
-
- @Override
- protected void assertWithNullCollection(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No EXPERIMENT technical id collection specified.");
- }
-
-}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentTechIdPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentTechIdPredicateTest.java
deleted file mode 100644
index 2e202635996260268cd5429fb9abb074a333efe6..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ExperimentTechIdPredicateTest.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import org.jmock.Expectations;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.server.authorization.SpaceOwnerKind;
-import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractTechIdPredicate.ExperimentTechIdPredicate;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public class ExperimentTechIdPredicateTest extends CommonPredicateTest<TechId>
-{
-
- private static TechId EXPERIMENT_ID = new TechId(123L);
-
- private static TechId NON_EXISTENT_EXPERIMENT_ID = new TechId(234L);
-
- @Override
- protected void expectWithAll(IAuthorizationConfig config, final List<TechId> objects)
- {
- final TechId object = objects.get(0);
-
- prepareProvider(ALL_SPACES_PE);
- expectAuthorizationConfig(config);
-
- context.checking(new Expectations()
- {
- {
- allowing(provider).tryGetSpace(SpaceOwnerKind.EXPERIMENT, object);
-
- if (EXPERIMENT_ID.equals(object))
- {
- will(returnValue(SPACE_PE));
- } else if (NON_EXISTENT_EXPERIMENT_ID.equals(object))
- {
- will(returnValue(null));
- }
-
- allowing(provider).tryGetExperimentByTechId(object);
-
- if (EXPERIMENT_ID.equals(object))
- {
- will(returnValue(SPACE_PROJECT_EXPERIMENT_PE));
- } else if (NON_EXISTENT_EXPERIMENT_ID.equals(object))
- {
- will(returnValue(null));
- }
- }
- });
- }
-
- @Override
- protected TechId createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- if (SPACE_PE.equals(spacePE) && SPACE_PROJECT_PE.equals(projectPE))
- {
- return EXPERIMENT_ID;
- } else if (NON_EXISTENT_SPACE_PE.equals(spacePE) && NON_EXISTENT_SPACE_PROJECT_PE.equals(projectPE))
- {
- return NON_EXISTENT_EXPERIMENT_ID;
- } else
- {
- throw new RuntimeException();
- }
- }
-
- @Override
- protected Status evaluateObjects(List<TechId> objects, RoleWithIdentifier... roles)
- {
- ExperimentTechIdPredicate predicate = new ExperimentTechIdPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No technical id specified.");
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ListSampleCriteriaPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ListSampleCriteriaPredicateTest.java
index 4cead4c51a10ad946b7c2ebd9acc0599c7ecc9bf..cbf93a8641bcced9c24d68bd5aa2df42241393e0 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ListSampleCriteriaPredicateTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ListSampleCriteriaPredicateTest.java
@@ -130,7 +130,7 @@ public class ListSampleCriteriaPredicateTest extends AuthorizationTestCase
{
final ListSampleCriteriaPredicate predicate = new ListSampleCriteriaPredicate();
prepareProvider(createSpaces());
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
context.checking(new Expectations()
{
{
@@ -151,7 +151,7 @@ public class ListSampleCriteriaPredicateTest extends AuthorizationTestCase
{
final ListSampleCriteriaPredicate predicate = new ListSampleCriteriaPredicate();
prepareProvider(createSpaces());
- expectAuthorizationConfig(new TestAuthorizationConfig(false, null));
+ expectAuthorizationConfig(new TestAuthorizationConfig(false, false));
context.checking(new Expectations()
{
{
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ObjectTechIdCollectionPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ObjectTechIdCollectionPredicateTest.java
deleted file mode 100644
index e306ff01dff8c798f6f4b1e5551d107284460ba1..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ObjectTechIdCollectionPredicateTest.java
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import org.jmock.Expectations;
-import org.jmock.api.Invocation;
-import org.jmock.lib.action.CustomAction;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.openbis.generic.server.authorization.SpaceOwnerKind;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public abstract class ObjectTechIdCollectionPredicateTest extends CommonCollectionPredicateTest<TechId>
-{
-
- protected static TechId OBJECT_IN_SPACE_PROJECT = new TechId(101L);
-
- protected static TechId OBJECT_IN_SPACE_ANOTHER_PROJECT = new TechId(102L);
-
- protected static TechId OBJECT_IN_ANOTHER_SPACE_PROJECT = new TechId(201L);
-
- protected static TechId OBJECT_IN_ANOTHER_SPACE_ANOTHER_PROJECT = new TechId(202L);
-
- protected static TechId OBJECT_NON_EXISTENT = new TechId(300L);
-
- @Override
- protected TechId createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- if (SPACE_PE.equals(spacePE))
- {
- if (SPACE_PROJECT_PE.equals(projectPE))
- {
- return OBJECT_IN_SPACE_PROJECT;
- } else if (SPACE_ANOTHER_PROJECT_PE.equals(projectPE))
- {
- return OBJECT_IN_SPACE_ANOTHER_PROJECT;
- }
- } else if (ANOTHER_SPACE_PE.equals(spacePE))
- {
- if (ANOTHER_SPACE_PROJECT_PE.equals(projectPE))
- {
- return OBJECT_IN_ANOTHER_SPACE_PROJECT;
- } else if (ANOTHER_SPACE_ANOTHER_PROJECT_PE.equals(projectPE))
- {
- return OBJECT_IN_ANOTHER_SPACE_ANOTHER_PROJECT;
- }
- } else if (NON_EXISTENT_SPACE_PE.equals(spacePE))
- {
- return OBJECT_NON_EXISTENT;
- }
-
- throw new RuntimeException();
- }
-
- @SuppressWarnings("unchecked")
- protected void expectGetDistinctSpacesByEntityIds(final SpaceOwnerKind spaceOwnerKind)
- {
- context.checking(new Expectations()
- {
- {
- allowing(provider).getDistinctSpacesByEntityIds(with(spaceOwnerKind),
- with(any(List.class)));
-
- will(new CustomAction("getSpacesByEntityIds")
- {
-
- @Override
- public Object invoke(Invocation invocation) throws Throwable
- {
- List<TechId> entityIds = (List<TechId>) invocation.getParameter(1);
- Set<SpacePE> entitySpaces = new HashSet<SpacePE>();
-
- if (entityIds.contains(OBJECT_IN_SPACE_PROJECT) || entityIds.contains(OBJECT_IN_SPACE_ANOTHER_PROJECT))
- {
- entitySpaces.add(SPACE_PE);
- }
- if (entityIds.contains(OBJECT_IN_ANOTHER_SPACE_PROJECT)
- || entityIds.contains(OBJECT_IN_ANOTHER_SPACE_ANOTHER_PROJECT))
- {
- entitySpaces.add(ANOTHER_SPACE_PE);
- }
-
- return entitySpaces;
- }
- });
- }
- });
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertOK(result);
- }
-
- @Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Override
- protected void assertWithNonexistentObjectForSpaceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Override
- protected void assertWithNonexistentObjectForProjectUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
-}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectAugmentedCodePredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectAugmentedCodePredicateTest.java
deleted file mode 100644
index dea246d626510a3404b179936624e5b36e759a3f..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectAugmentedCodePredicateTest.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public class ProjectAugmentedCodePredicateTest extends CommonPredicateTest<String>
-{
-
- private static String PROJECT_IDENTIFIER = "/" + SPACE_CODE + "/" + SPACE_PROJECT_CODE;
-
- private static String NON_EXISTENT_PROJECT_IDENTIFIER = "/" + NON_EXISTENT_SPACE_CODE + "/" + NON_EXISTENT_SPACE_PROJECT_CODE;
-
- @Override
- protected void expectWithAll(IAuthorizationConfig config, List<String> objects)
- {
- expectAuthorizationConfig(config);
- prepareProvider(Arrays.asList(SPACE_PE));
- }
-
- @Override
- protected String createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- if (SPACE_PE.equals(spacePE) && SPACE_PROJECT_PE.equals(projectPE))
- {
- return PROJECT_IDENTIFIER;
- } else if (NON_EXISTENT_SPACE_PE.equals(spacePE) && NON_EXISTENT_SPACE_PROJECT_PE.equals(projectPE))
- {
- return NON_EXISTENT_PROJECT_IDENTIFIER;
- } else
- {
- throw new RuntimeException();
- }
- }
-
- @Override
- protected Status evaluateObjects(List<String> objects, RoleWithIdentifier... roles)
- {
- ProjectAugmentedCodePredicate predicate = new ProjectAugmentedCodePredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project specified.");
- }
-
- @Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithIdentifierTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithIdentifierTest.java
deleted file mode 100644
index 1d0322fb964a49d69b00772915b64530517d361a..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithIdentifierTest.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.id.project.ProjectIdentifierId;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-
-/**
- * @author pkupczyk
- */
-public class ProjectIdPredicateWithIdentifierTest extends ProjectAugmentedCodePredicateTest
-{
-
- @Override
- protected Status evaluateObjects(List<String> objects, RoleWithIdentifier... roles)
- {
- ProjectIdPredicate predicate = new ProjectIdPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0) != null ? new ProjectIdentifierId(objects.get(0)) : null);
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project id specified.");
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithPermIdTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithPermIdTest.java
deleted file mode 100644
index a51c9be81c9c558eb1869b775ad06e04861ab9d7..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithPermIdTest.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.id.project.ProjectPermIdId;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
-
-/**
- * @author pkupczyk
- */
-public class ProjectIdPredicateWithPermIdTest extends ProjectPermIdPredicateTest
-{
-
- @Override
- protected Status evaluateObjects(List<PermId> objects, RoleWithIdentifier... roles)
- {
- ProjectIdPredicate predicate = new ProjectIdPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0) != null ? new ProjectPermIdId(objects.get(0).getId()) : null);
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project id specified.");
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithTechIdTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithTechIdTest.java
deleted file mode 100644
index cb3a82dbe7236102ab2f30975c72315001b24e99..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdPredicateWithTechIdTest.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.id.project.ProjectTechIdId;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
-
-/**
- * @author pkupczyk
- */
-public class ProjectIdPredicateWithTechIdTest extends ProjectTechIdPredicateTest
-{
-
- @Override
- protected Status evaluateObjects(List<TechId> objects, RoleWithIdentifier... roles)
- {
- ProjectIdPredicate predicate = new ProjectIdPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0) != null ? new ProjectTechIdId(objects.get(0).getId()) : null);
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project id specified.");
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdentifierPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdentifierPredicateTest.java
deleted file mode 100644
index ce91f4a463222afc4f3d707318ea2587cc93142d..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectIdentifierPredicateTest.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.ProjectIdentifier;
-
-/**
- * @author pkupczyk
- */
-public class ProjectIdentifierPredicateTest extends CommonPredicateTest<ProjectIdentifier>
-{
-
- private static ProjectIdentifier PROJECT_IDENTIFIER = new ProjectIdentifier(SPACE_CODE, SPACE_PROJECT_CODE);
-
- private static ProjectIdentifier NON_EXISTENT_PROJECT_IDENTIFIER =
- new ProjectIdentifier(NON_EXISTENT_SPACE_CODE, NON_EXISTENT_SPACE_PROJECT_CODE);
-
- @Override
- protected void expectWithAll(IAuthorizationConfig config, List<ProjectIdentifier> objects)
- {
- expectAuthorizationConfig(config);
- prepareProvider(Arrays.asList(SPACE_PE));
- }
-
- @Override
- protected ProjectIdentifier createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- if (SPACE_PE.equals(spacePE) && SPACE_PROJECT_PE.equals(projectPE))
- {
- return PROJECT_IDENTIFIER;
- } else if (NON_EXISTENT_SPACE_PE.equals(spacePE) && NON_EXISTENT_SPACE_PROJECT_PE.equals(projectPE))
- {
- return NON_EXISTENT_PROJECT_IDENTIFIER;
- } else
- {
- throw new RuntimeException();
- }
- }
-
- @Override
- protected Status evaluateObjects(List<ProjectIdentifier> objects, RoleWithIdentifier... roles)
- {
- ProjectIdentifierPredicate predicate = new ProjectIdentifierPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project specified.");
- }
-
- @Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPEPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPEPredicateTest.java
deleted file mode 100644
index 6ae72a84e045687af4a924627639c300584fa2e6..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPEPredicateTest.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public class ProjectPEPredicateTest extends CommonPredicateTest<ProjectPE>
-{
-
- @Override
- protected void expectWithAll(IAuthorizationConfig config, List<ProjectPE> objects)
- {
- expectAuthorizationConfig(config);
- }
-
- @Override
- protected ProjectPE createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- return projectPE;
- }
-
- @Override
- protected Status evaluateObjects(List<ProjectPE> objects, RoleWithIdentifier... roles)
- {
- ProjectPEPredicate predicate = new ProjectPEPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, NullPointerException.class, null);
- }
-
- @Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPermIdPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPermIdPredicateTest.java
deleted file mode 100644
index c227ad98658d5b3ad7a695745f574f4c415b998e..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPermIdPredicateTest.java
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import org.jmock.Expectations;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public class ProjectPermIdPredicateTest extends CommonPredicateTest<PermId>
-{
-
- private static final PermId PROJECT_PERM_ID = new PermId("projectPermId");
-
- private static final PermId NON_EXISTENT_PROJECT_PERM_ID = new PermId("nonExistentProjectPermId");
-
- @Override
- protected void expectWithAll(IAuthorizationConfig config, final List<PermId> objects)
- {
- final PermId object = objects.get(0);
-
- prepareProvider(ALL_SPACES_PE);
- expectAuthorizationConfig(config);
-
- context.checking(new Expectations()
- {
- {
- allowing(provider).tryGetProjectByPermId(object);
-
- if (PROJECT_PERM_ID.equals(object))
- {
- will(returnValue(SPACE_PROJECT_PE));
- } else if (NON_EXISTENT_PROJECT_PERM_ID.equals(object))
- {
- will(returnValue(null));
- }
- }
- });
- }
-
- @Override
- protected PermId createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- if (SPACE_PE.equals(spacePE) && SPACE_PROJECT_PE.equals(projectPE))
- {
- return PROJECT_PERM_ID;
- } else if (NON_EXISTENT_SPACE_PE.equals(spacePE) && NON_EXISTENT_SPACE_PROJECT_PE.equals(projectPE))
- {
- return NON_EXISTENT_PROJECT_PERM_ID;
- } else
- {
- throw new RuntimeException();
- }
- }
-
- @Override
- protected Status evaluateObjects(List<PermId> objects, RoleWithIdentifier... roles)
- {
- ProjectPermIdPredicate predicate = new ProjectPermIdPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project perm id specified.");
- }
-
- @Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Override
- protected void assertWithNonexistentObjectForSpaceUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
- @Override
- protected void assertWithNonexistentObjectForProjectUser(IAuthorizationConfig config, Status result)
- {
- assertOK(result);
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectTechIdCollectionPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectTechIdCollectionPredicateTest.java
deleted file mode 100644
index cc9bd1cb39496a51cd5276b2320d86773b9c02e3..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectTechIdCollectionPredicateTest.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.jmock.Expectations;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.server.authorization.SpaceOwnerKind;
-import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractTechIdCollectionPredicate.ProjectTechIdCollectionPredicate;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-
-/**
- * @author pkupczyk
- */
-public class ProjectTechIdCollectionPredicateTest extends ObjectTechIdCollectionPredicateTest
-{
-
- private static Map<TechId, ProjectPE> PROJECT_ID_TO_PE = new HashMap<TechId, ProjectPE>();
-
- static
- {
- PROJECT_ID_TO_PE.put(OBJECT_IN_SPACE_PROJECT, SPACE_PROJECT_PE);
- PROJECT_ID_TO_PE.put(OBJECT_IN_SPACE_ANOTHER_PROJECT, SPACE_ANOTHER_PROJECT_PE);
- PROJECT_ID_TO_PE.put(OBJECT_IN_ANOTHER_SPACE_PROJECT, ANOTHER_SPACE_PROJECT_PE);
- PROJECT_ID_TO_PE.put(OBJECT_IN_ANOTHER_SPACE_ANOTHER_PROJECT, ANOTHER_SPACE_ANOTHER_PROJECT_PE);
- }
-
- @Override
- protected Status evaluateObjects(List<TechId> objects, RoleWithIdentifier... roles)
- {
- ProjectTechIdCollectionPredicate predicate = new ProjectTechIdCollectionPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects);
- }
-
- @Override
- protected void expectWithAll(final IAuthorizationConfig config, final List<TechId> objects)
- {
- prepareProvider(ALL_SPACES_PE);
- expectAuthorizationConfig(config);
-
- context.checking(new Expectations()
- {
- {
- if (config.isProjectLevelEnabled())
- {
- allowing(provider).tryGetProjectsByTechIds(objects);
-
- Map<TechId, ProjectPE> map = new HashMap<TechId, ProjectPE>();
-
- if (objects != null)
- {
- for (TechId object : objects)
- {
- if (PROJECT_ID_TO_PE.containsKey(object))
- {
- map.put(object, PROJECT_ID_TO_PE.get(object));
- }
- }
- }
-
- will(returnValue(map));
- }
-
- expectGetDistinctSpacesByEntityIds(SpaceOwnerKind.PROJECT);
- }
- });
- }
-
- @Override
- protected void assertWithNullCollection(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No PROJECT technical id collection specified.");
- }
-
-}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectTechIdPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectTechIdPredicateTest.java
deleted file mode 100644
index a5724635cd43530c86e104468a44a0ca1f477a19..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectTechIdPredicateTest.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import org.jmock.Expectations;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.server.authorization.SpaceOwnerKind;
-import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractTechIdPredicate.ProjectTechIdPredicate;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public class ProjectTechIdPredicateTest extends CommonPredicateTest<TechId>
-{
-
- private static TechId PROJECT_ID = new TechId(123L);
-
- private static TechId NON_EXISTENT_PROJECT_ID = new TechId(234L);
-
- @Override
- protected void expectWithAll(IAuthorizationConfig config, final List<TechId> objects)
- {
- final TechId object = objects.get(0);
-
- prepareProvider(ALL_SPACES_PE);
- expectAuthorizationConfig(config);
-
- context.checking(new Expectations()
- {
- {
- allowing(provider).tryGetSpace(SpaceOwnerKind.PROJECT, object);
-
- if (PROJECT_ID.equals(object))
- {
- will(returnValue(SPACE_PE));
- } else if (NON_EXISTENT_PROJECT_ID.equals(object))
- {
- will(returnValue(null));
- }
-
- allowing(provider).tryGetProjectByTechId(object);
-
- if (PROJECT_ID.equals(object))
- {
- will(returnValue(SPACE_PROJECT_PE));
- } else if (NON_EXISTENT_PROJECT_ID.equals(object))
- {
- will(returnValue(null));
- }
- }
- });
- }
-
- @Override
- protected TechId createObject(SpacePE spacePE, ProjectPE projectPE)
- {
- if (SPACE_PE.equals(spacePE) && SPACE_PROJECT_PE.equals(projectPE))
- {
- return PROJECT_ID;
- } else if (NON_EXISTENT_SPACE_PE.equals(spacePE) && NON_EXISTENT_SPACE_PROJECT_PE.equals(projectPE))
- {
- return NON_EXISTENT_PROJECT_ID;
- } else
- {
- throw new RuntimeException();
- }
- }
-
- @Override
- protected Status evaluateObjects(List<TechId> objects, RoleWithIdentifier... roles)
- {
- ProjectTechIdPredicate predicate = new ProjectTechIdPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No technical id specified.");
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithIdentifierTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithIdentifierTest.java
deleted file mode 100644
index 3ad84daa9366b8e95797a07ca4de8cbf1066e5a9..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithIdentifierTest.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectUpdatesDTO;
-
-/**
- * @author pkupczyk
- */
-public class ProjectUpdatesPredicateWithIdentifierTest extends ProjectAugmentedCodePredicateTest
-{
-
- @Override
- protected Status evaluateObjects(List<String> objects, RoleWithIdentifier... roles)
- {
- ProjectUpdatesDTO updates = null;
-
- if (objects.get(0) != null)
- {
- updates = new ProjectUpdatesDTO();
- updates.setIdentifier(objects.get(0));
- }
-
- ProjectUpdatesPredicate predicate = new ProjectUpdatesPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), updates);
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project updates specified.");
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithPermIdTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithPermIdTest.java
deleted file mode 100644
index 4afa453c159fcade321dd7b42861c0066fdcfa2d..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithPermIdTest.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectUpdatesDTO;
-
-/**
- * @author pkupczyk
- */
-public class ProjectUpdatesPredicateWithPermIdTest extends ProjectPermIdPredicateTest
-{
-
- @Override
- protected Status evaluateObjects(List<PermId> objects, RoleWithIdentifier... roles)
- {
- ProjectUpdatesDTO updates = null;
-
- if (objects.get(0) != null)
- {
- updates = new ProjectUpdatesDTO();
- updates.setPermId(objects.get(0).getId());
- }
-
- ProjectUpdatesPredicate predicate = new ProjectUpdatesPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), updates);
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project updates specified.");
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithTechIdTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithTechIdTest.java
deleted file mode 100644
index 72df305ee8c80fc891125bc515930d6c8b299a29..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectUpdatesPredicateWithTechIdTest.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
-
-import java.util.Arrays;
-import java.util.List;
-
-import ch.systemsx.cisd.common.exceptions.Status;
-import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectUpdatesDTO;
-
-/**
- * @author pkupczyk
- */
-public class ProjectUpdatesPredicateWithTechIdTest extends ProjectTechIdPredicateTest
-{
-
- @Override
- protected Status evaluateObjects(List<TechId> objects, RoleWithIdentifier... roles)
- {
- ProjectUpdatesDTO updates = null;
-
- if (objects.get(0) != null)
- {
- updates = new ProjectUpdatesDTO();
- updates.setTechId(objects.get(0));
- }
-
- ProjectUpdatesPredicate predicate = new ProjectUpdatesPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), updates);
- }
-
- @Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
- {
- assertNull(result);
- assertException(t, UserFailureException.class, "No project updates specified.");
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/project/ProjectAuthorizationTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/project/ProjectAuthorizationTest.java
index 7b4eb7b38e1911406d89e278970e50d816bc169d..82d98f7671f62a3b499296a7761c7a874618e643 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/project/ProjectAuthorizationTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/project/ProjectAuthorizationTest.java
@@ -81,7 +81,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(false, null)));
+ will(returnValue(new TestAuthorizationConfig(false, false)));
allowing(userProvider).getUserId();
will(returnValue(USER_ID));
@@ -101,7 +101,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, null)));
+ will(returnValue(new TestAuthorizationConfig(true, false)));
allowing(userProvider).getUserId();
will(returnValue(USER_ID));
@@ -121,7 +121,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> object = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_X);
@@ -146,7 +146,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(false, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(false, true)));
allowing(userProvider).getUserId();
will(returnValue(USER_ID));
@@ -166,7 +166,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
allowing(objectsProvider).getObjects(dataProvider);
will(returnValue(null));
@@ -189,7 +189,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
allowing(objectsProvider).getObjects(dataProvider);
will(returnValue(Arrays.asList()));
@@ -212,7 +212,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectA = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_X);
IObject<String> objectB = new Object<String>(ORIGINAL_OBJECT_B, PROJECT_Y);
@@ -238,7 +238,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectA = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_X);
IObject<String> objectB = new Object<String>(ORIGINAL_OBJECT_B, PROJECT_Y);
@@ -264,7 +264,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectWithoutProject = new Object<String>(ORIGINAL_OBJECT_A, null);
@@ -289,7 +289,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectWithProject = new Object<String>(ORIGINAL_OBJECT_A, objectProject);
@@ -320,7 +320,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectWithOtherProject = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_OTHER);
@@ -345,7 +345,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectA = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_X);
IObject<String> objectB = new Object<String>(ORIGINAL_OBJECT_B, PROJECT_Y);
@@ -371,7 +371,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectA = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_X);
IObject<String> objectB = new Object<String>(ORIGINAL_OBJECT_B, PROJECT_Y);
@@ -397,7 +397,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectA = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_X);
IObject<String> objectB = new Object<String>(ORIGINAL_OBJECT_B, PROJECT_Y);
@@ -423,7 +423,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectA = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_X);
IObject<String> objectB = new Object<String>(ORIGINAL_OBJECT_B, PROJECT_Y);
@@ -449,7 +449,7 @@ public class ProjectAuthorizationTest extends Assert
{
{
allowing(dataProvider).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(true, USER_ID)));
+ will(returnValue(new TestAuthorizationConfig(true, true)));
IObject<String> objectA = new Object<String>(ORIGINAL_OBJECT_A, PROJECT_X);
IObject<String> objectB = new Object<String>(ORIGINAL_OBJECT_B, PROJECT_Y);
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/CommonValidatorTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/CommonValidatorTest.java
deleted file mode 100644
index 76d5b0614ea43ff17a0d3c8da3eddbd54fe26d99..0000000000000000000000000000000000000000
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/CommonValidatorTest.java
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * Copyright 2017 ETH Zuerich, CISD
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
-
-import org.testng.annotations.Test;
-
-import ch.systemsx.cisd.openbis.generic.server.authorization.AuthorizationTestCase;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
-import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
-import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
-
-/**
- * @author pkupczyk
- */
-public abstract class CommonValidatorTest<O> extends AuthorizationTestCase
-{
-
- protected abstract O createObject(SpacePE spacePE, ProjectPE projectPE);
-
- protected abstract boolean validateObject(PersonPE personPE, O object);
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNull(final IAuthorizationConfig config)
- {
- PersonPE person = createPersonWithRoleAssignments(createInstanceRoleAssignment(RoleCode.ADMIN));
- try
- {
- assertWithNull(config, validateObject(person, null), null);
- } catch (Throwable t)
- {
- assertWithNull(config, false, t);
- }
- }
-
- protected void assertWithNull(IAuthorizationConfig config, boolean result, Throwable t)
- {
- assertFalse(result);
- assertEquals(AssertionError.class, t.getClass());
- assertEquals("Unspecified value", t.getMessage());
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNoAllowedRoles(final IAuthorizationConfig config)
- {
- expectAuthorizationConfig(config);
-
- PersonPE person = createPerson();
- boolean result = validateObject(person, createObject(SPACE_PE, SPACE_PROJECT_PE));
- assertWithNoAllowedRoles(config, result);
- }
-
- protected void assertWithNoAllowedRoles(IAuthorizationConfig config, boolean result)
- {
- assertFalse(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithMultipleAllowedRoles(final IAuthorizationConfig config)
- {
- expectAuthorizationConfig(config);
-
- PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE),
- createSpaceRoleAssignment(RoleCode.ADMIN, SPACE_CODE));
- boolean result = validateObject(person, createObject(SPACE_PE, SPACE_PROJECT_PE));
- assertWithMultipleAllowedRoles(config, result);
- }
-
- protected void assertWithMultipleAllowedRoles(IAuthorizationConfig config, boolean result)
- {
- assertTrue(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithInstanceUser(final IAuthorizationConfig config)
- {
- expectAuthorizationConfig(config);
-
- PersonPE person = createPersonWithRoleAssignments(createInstanceRoleAssignment(RoleCode.ADMIN));
- boolean result = validateObject(person, createObject(SPACE_PE, SPACE_PROJECT_PE));
- assertWithInstanceUser(config, result);
- }
-
- protected void assertWithInstanceUser(IAuthorizationConfig config, boolean result)
- {
- assertTrue(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithMatchingSpaceAndMatchingProjectUser(final IAuthorizationConfig config)
- {
- expectAuthorizationConfig(config);
-
- PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, SPACE_CODE),
- createProjectRoleAssignment(RoleCode.ADMIN, SPACE_CODE, SPACE_PROJECT_CODE));
- boolean result = validateObject(person, createObject(SPACE_PE, SPACE_PROJECT_PE));
- assertWithMatchingSpaceAndMatchingProjectUser(config, result);
- }
-
- protected void assertWithMatchingSpaceAndMatchingProjectUser(IAuthorizationConfig config, boolean result)
- {
- assertTrue(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithMatchingSpaceAndNonMatchingProjectUser(final IAuthorizationConfig config)
- {
- expectAuthorizationConfig(config);
-
- PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, SPACE_CODE),
- createProjectRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE, ANOTHER_SPACE_PROJECT_CODE));
- boolean result = validateObject(person, createObject(SPACE_PE, SPACE_PROJECT_PE));
- assertWithMatchingSpaceAndNonMatchingProjectUser(config, result);
- }
-
- protected void assertWithMatchingSpaceAndNonMatchingProjectUser(IAuthorizationConfig config, boolean result)
- {
- assertTrue(result);
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNonMatchingSpaceAndMatchingProjectUser(final IAuthorizationConfig config)
- {
- expectAuthorizationConfig(config);
-
- PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE),
- createProjectRoleAssignment(RoleCode.ADMIN, SPACE_CODE, SPACE_PROJECT_CODE));
- person.setUserId(PERSON_PE.getUserId());
- boolean result = validateObject(person, createObject(SPACE_PE, SPACE_PROJECT_PE));
- assertWithNonMatchingSpaceAndMatchingProjectUser(config, result);
- }
-
- protected void assertWithNonMatchingSpaceAndMatchingProjectUser(IAuthorizationConfig config, boolean result)
- {
- if (config.isProjectLevelEnabled())
- {
- assertTrue(result);
- } else
- {
- assertFalse(result);
- }
- }
-
- @Test(dataProvider = AUTHORIZATION_CONFIG_PROVIDER)
- public void testWithNonMatchingSpaceAndNonMatchingProjectUser(final IAuthorizationConfig config)
- {
- expectAuthorizationConfig(config);
-
- PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE),
- createProjectRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE, ANOTHER_SPACE_PROJECT_CODE));
- person.setUserId(PERSON_PE.getUserId());
- boolean result = validateObject(person, createObject(SPACE_PE, SPACE_PROJECT_PE));
- assertWithNonMatchingSpaceAndNonMatchingProjectUser(config, result);
- }
-
- protected void assertWithNonMatchingSpaceAndNonMatchingProjectUser(IAuthorizationConfig config, boolean result)
- {
- assertFalse(result);
- }
-
-}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/business/bo/TrashBOTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/business/bo/TrashBOTest.java
index 7467187c8dc8c7d7abfdc8fb919a819bf339839b..85fb965fc5de385b1be5fbf50e9360d205395e6a 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/business/bo/TrashBOTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/business/bo/TrashBOTest.java
@@ -210,7 +210,7 @@ public final class TrashBOTest extends AbstractBOTest
{
{
allowing(daoFactory).getAuthorizationConfig();
- will(returnValue(new TestAuthorizationConfig(false, null)));
+ will(returnValue(new TestAuthorizationConfig(false, false)));
one(deletionDAO).trash(EntityKind.EXPERIMENT, experimentIds, deletion, true);
will(returnValue(0));
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/CommonAuthorizationSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/CommonAuthorizationSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..39b7c90b08d2ec1de6cfd2a899e336cf61ecb6f4
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/CommonAuthorizationSystemTest.java
@@ -0,0 +1,253 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization;
+
+import java.lang.reflect.Method;
+
+import org.apache.log4j.Level;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.testng.Assert;
+import org.testng.annotations.AfterMethod;
+import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.DataProvider;
+
+import ch.systemsx.cisd.common.exceptions.AuthorizationFailureException;
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.common.logging.BufferedAppender;
+import ch.systemsx.cisd.openbis.generic.server.authorization.project.TestAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.server.dataaccess.IDAOFactory;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.RoleAssignmentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SimpleSession;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.SystemTestCase;
+import ch.systemsx.cisd.openbis.util.LogRecordingUtils;
+
+/**
+ * @author pkupczyk
+ */
+public class CommonAuthorizationSystemTest extends SystemTestCase
+{
+
+ protected static final String PERSON_WITH_OR_WITHOUT_PA_PROVIDER = "personProvider";
+
+ @Autowired
+ private IDAOFactory daoFactory;
+
+ private BufferedAppender logRecorder;
+
+ @BeforeMethod
+ public void beforeMethod(Method method)
+ {
+ logRecorder = LogRecordingUtils.createRecorder("%-5p %c - %m%n", Level.DEBUG);
+ System.out.println(">>>>>>>>> BEFORE METHOD: " + method.getName());
+ }
+
+ @AfterMethod
+ public void afterMethod(Method method)
+ {
+ logRecorder.reset();
+ System.out.println("<<<<<<<<< AFTER METHOD: " + method.getName());
+ }
+
+ @DataProvider(name = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public Object[][] providePerson()
+ {
+ PersonPE userWithPAOff = new PersonPE();
+ userWithPAOff.setUserId("test_user_pa_off");
+
+ PersonPE userWithPAOn = new PersonPE();
+ userWithPAOn.setUserId("test_user_pa_on");
+
+ return new Object[][] {
+ { userWithPAOff },
+ { userWithPAOn }
+ };
+ }
+
+ protected IAuthSessionProvider createSessionProvider(PersonPE person)
+ {
+ SimpleSession session = new SimpleSession();
+ session.setPerson(person);
+ return new TestAuthSessionProvider(session);
+ }
+
+ protected RoleAssignmentPE createInstanceRole(RoleCode roleCode)
+ {
+ RoleAssignmentPE ra = new RoleAssignmentPE();
+ ra.setRole(roleCode);
+ return ra;
+ }
+
+ protected RoleAssignmentPE createSpaceRole(RoleCode roleCode, SpacePE space)
+ {
+ RoleAssignmentPE ra = new RoleAssignmentPE();
+ ra.setRole(roleCode);
+ ra.setSpace(space);
+ return ra;
+ }
+
+ protected RoleAssignmentPE createProjectRole(RoleCode roleCode, ProjectPE project)
+ {
+ RoleAssignmentPE ra = new RoleAssignmentPE();
+ ra.setRole(roleCode);
+ ra.setProject(project);
+ return ra;
+ }
+
+ public SpacePE getSpace1()
+ {
+ return daoFactory.getSpaceDAO().tryFindSpaceByCode("AUTH-SPACE-1");
+ }
+
+ public SpacePE getSpace2()
+ {
+ return daoFactory.getSpaceDAO().tryFindSpaceByCode("AUTH-SPACE-2");
+ }
+
+ public ProjectPE getProject11()
+ {
+ return daoFactory.getProjectDAO().tryFindProject(getSpace1().getCode(), "AUTH-PROJECT-11");
+ }
+
+ public ProjectPE getProject12()
+ {
+ return daoFactory.getProjectDAO().tryFindProject(getSpace1().getCode(), "AUTH-PROJECT-12");
+ }
+
+ public ProjectPE getProject21()
+ {
+ return daoFactory.getProjectDAO().tryFindProject(getSpace2().getCode(), "AUTH-PROJECT-21");
+ }
+
+ public ProjectPE getProject22()
+ {
+ return daoFactory.getProjectDAO().tryFindProject(getSpace2().getCode(), "AUTH-PROJECT-22");
+ }
+
+ public ExperimentPE getExperiment111()
+ {
+ return daoFactory.getExperimentDAO().tryFindByCodeAndProject(getProject11(), "AUTH-EXPERIMENT-111");
+ }
+
+ public ExperimentPE getExperiment112()
+ {
+ return daoFactory.getExperimentDAO().tryFindByCodeAndProject(getProject11(), "AUTH-EXPERIMENT-112");
+ }
+
+ public ExperimentPE getExperiment121()
+ {
+ return daoFactory.getExperimentDAO().tryFindByCodeAndProject(getProject11(), "AUTH-EXPERIMENT-121");
+ }
+
+ public ExperimentPE getExperiment122()
+ {
+ return daoFactory.getExperimentDAO().tryFindByCodeAndProject(getProject11(), "AUTH-EXPERIMENT-122");
+ }
+
+ public ExperimentPE getExperiment211()
+ {
+ return daoFactory.getExperimentDAO().tryFindByCodeAndProject(getProject11(), "AUTH-EXPERIMENT-211");
+ }
+
+ public ExperimentPE getExperiment212()
+ {
+ return daoFactory.getExperimentDAO().tryFindByCodeAndProject(getProject11(), "AUTH-EXPERIMENT-212");
+ }
+
+ public ExperimentPE getExperiment221()
+ {
+ return daoFactory.getExperimentDAO().tryFindByCodeAndProject(getProject11(), "AUTH-EXPERIMENT-221");
+ }
+
+ public ExperimentPE getExperiment222()
+ {
+ return daoFactory.getExperimentDAO().tryFindByCodeAndProject(getProject11(), "AUTH-EXPERIMENT-222");
+ }
+
+ protected static void assertNull(Object object)
+ {
+ Assert.assertNull(object);
+ }
+
+ protected static void assertNotNull(Object object)
+ {
+ Assert.assertNotNull(object);
+ }
+
+ protected static void assertAuthorizationFailureExceptionThatNotEnoughPrivileges(Throwable t)
+ {
+ assertException(t, AuthorizationFailureException.class, ".*does not have enough privileges.*");
+ }
+
+ protected static void assertAuthorizationFailureExceptionThatNoRoles(Throwable t)
+ {
+ assertException(t, AuthorizationFailureException.class, ".*No role assignments could be found for user.*");
+ }
+
+ protected static void assertUserFailureExceptionThatProjectDoesNotExist(Throwable t)
+ {
+ assertException(t, UserFailureException.class, "Project with ID .* does not exist. Maybe someone has just deleted it.");
+ }
+
+ protected static void assertUserFailureExceptionThatExperimentDoesNotExist(Throwable t)
+ {
+ assertException(t, UserFailureException.class, "Experiment with ID .* does not exist. Maybe someone has just deleted it.");
+ }
+
+ protected static void assertNoException(Throwable actualException)
+ {
+ if (actualException != null)
+ {
+ actualException.printStackTrace(System.err);
+ Assert.fail("Unexpected exception '" + actualException.getClass().getName() + "'.");
+ }
+ }
+
+ protected static void assertException(Throwable actualException, Class<?> expectedClass, String expectedMessageRegexp)
+ {
+ if (actualException == null)
+ {
+ Assert.fail("Expected exception '" + expectedClass.getName() + "' but got null");
+ } else
+ {
+ if (actualException.getClass().equals(expectedClass))
+ {
+ actualException.printStackTrace(System.out);
+
+ if (expectedMessageRegexp != null)
+ {
+ if (actualException.getMessage() == null || false == actualException.getMessage().matches(expectedMessageRegexp))
+ {
+ Assert.fail(
+ "Error message was expected to match '" + expectedMessageRegexp + "' regexp but got '" + actualException.getMessage()
+ + "'.");
+ }
+ }
+ } else
+ {
+ actualException.printStackTrace(System.err);
+ Assert.fail("Expected exception '" + expectedClass.getName() + "' but got '" + actualException.getClass().getName() + "'.");
+ }
+ }
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/CommonCollectionPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/CommonCollectionPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..90e74f9e46be6dd4b8470bfb8785266e20ae6132
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/CommonCollectionPredicateSystemTest.java
@@ -0,0 +1,171 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.testng.annotations.Test;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.RoleAssignmentPE;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class CommonCollectionPredicateSystemTest<O> extends CommonPredicateSystemTest<O>
+{
+
+ @Autowired
+ private IAuthorizationConfig authorizationConfig;
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNullCollection(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createInstanceRole(RoleCode.ADMIN)));
+
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), null);
+ assertWithNullCollection(person, t);
+ }
+
+ protected void assertWithNullCollection(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "Unspecified value");
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectMatchesAtSpaceLevel(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createProjectRole(RoleCode.ADMIN, getProject11()), createSpaceRole(RoleCode.ADMIN, getSpace2()))));
+
+ O objectInProject11 = createObject(getSpace1(), getProject11());
+ O objectInProject22 = createObject(getSpace2(), getProject22());
+
+ List<O> objects = Arrays.asList(objectInProject11, objectInProject22);
+
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+
+ assertWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectMatchesAtSpaceLevel(person, t);
+ }
+
+ protected void assertWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectMatchesAtSpaceLevel(PersonPE person, Throwable t)
+ {
+ if (authorizationConfig.isProjectLevelEnabled() && authorizationConfig.isProjectLevelUser(person.getUserId()))
+ {
+ assertNoException(t);
+ } else
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectDoesNotMatchAtAnyLevel(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createProjectRole(RoleCode.ADMIN, getProject11())));
+
+ O objectInProject11 = createObject(getSpace1(), getProject11());
+ O objectInProject22 = createObject(getSpace2(), getProject22());
+
+ List<O> objects = Arrays.asList(objectInProject11, objectInProject22);
+
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+
+ assertWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectDoesNotMatchAtAnyLevel(person, t);
+ }
+
+ protected void assertWithTwoObjectsWhereOneObjectMatchesAtProjectLevelAndTheOtherObjectDoesNotMatchAtAnyLevel(PersonPE person, Throwable t)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithTwoObjectsWhereOneObjectMatchesAtSpaceLevelAndTheOtherObjectDoesNotMatchAtAnyLevel(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createSpaceRole(RoleCode.ADMIN, getSpace1())));
+
+ O objectInProject11 = createObject(getSpace1(), getProject11());
+ O objectInProject22 = createObject(getSpace2(), getProject22());
+
+ List<O> objects = Arrays.asList(objectInProject11, objectInProject22);
+
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+
+ assertWithTwoObjectsWhereOneObjectMatchesAtSpaceLevelAndTheOtherObjectDoesNotMatchAtAnyLevel(person, t);
+ }
+
+ protected void assertWithTwoObjectsWhereOneObjectMatchesAtSpaceLevelAndTheOtherObjectDoesNotMatchAtAnyLevel(PersonPE person, Throwable t)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithTwoObjectsWhereBothObjectsMatchAtProjectLevel(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createProjectRole(RoleCode.ADMIN, getProject11()), createProjectRole(RoleCode.ADMIN, getProject22()))));
+
+ O objectInProject11 = createObject(getSpace1(), getProject11());
+ O objectInProject22 = createObject(getSpace2(), getProject22());
+
+ List<O> objects = Arrays.asList(objectInProject11, objectInProject22);
+
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+
+ assertWithTwoObjectsWhereBothObjectsMatchAtProjectLevel(person, t);
+ }
+
+ protected void assertWithTwoObjectsWhereBothObjectsMatchAtProjectLevel(PersonPE person, Throwable t)
+ {
+ if (authorizationConfig.isProjectLevelEnabled() && authorizationConfig.isProjectLevelUser(person.getUserId()))
+ {
+ assertNoException(t);
+ } else
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithTwoObjectsWhereBothObjectsMatchAtSpaceLevel(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace1()), createSpaceRole(RoleCode.ADMIN, getSpace2()))));
+
+ O objectInProject11 = createObject(getSpace1(), getProject11());
+ O objectInProject22 = createObject(getSpace2(), getProject22());
+
+ List<O> objects = Arrays.asList(objectInProject11, objectInProject22);
+
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+
+ assertWithTwoObjectsWhereBothObjectsMatchAtSpaceLevel(person, t);
+ }
+
+ protected void assertWithTwoObjectsWhereBothObjectsMatchAtSpaceLevel(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/CommonPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/CommonPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..add0f8d651ccc256811daa7638b107192a9b8c2e
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/CommonPredicateSystemTest.java
@@ -0,0 +1,248 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.testng.annotations.Test;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.RoleAssignmentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.CommonAuthorizationSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class CommonPredicateSystemTest<O> extends CommonAuthorizationSystemTest
+{
+
+ @Autowired
+ private IAuthorizationConfig authorizationConfig;
+
+ protected abstract O createNonexistentObject();
+
+ protected abstract O createObject(SpacePE spacePE, ProjectPE projectPE);
+
+ protected abstract void evaluateObjects(IAuthSessionProvider sessionProvider, List<O> objects);
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNull(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createInstanceRole(RoleCode.ADMIN)));
+
+ List<O> objects = Arrays.asList((O) null);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithNull(person, t);
+ }
+
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "Unspecified value");
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNonexistentObjectForInstanceUser(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createInstanceRole(RoleCode.ADMIN)));
+
+ O object = createNonexistentObject();
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithNonexistentObjectForInstanceUser(person, t);
+ }
+
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNonexistentObjectForSpaceUser(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createSpaceRole(RoleCode.ADMIN, getSpace1())));
+
+ O object = createNonexistentObject();
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithNonexistentObjectForSpaceUser(person, t);
+ }
+
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNonexistentObjectForProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createProjectRole(RoleCode.ADMIN, getProject11())));
+
+ O object = createNonexistentObject();
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithNonexistentObjectForProjectUser(person, t);
+ }
+
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNoAllowedRoles(PersonPE person)
+ {
+ O object = createObject(getSpace1(), getProject11());
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithNoAllowedRoles(person, t);
+ }
+
+ protected void assertWithNoAllowedRoles(PersonPE person, Throwable t)
+ {
+ assertAuthorizationFailureExceptionThatNoRoles(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithMultipleAllowedRoles(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(
+ Arrays.asList(createSpaceRole(RoleCode.ADMIN, getSpace2()), createSpaceRole(RoleCode.ADMIN, getSpace1()))));
+
+ O object = createObject(getSpace1(), getProject11());
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithMultipleAllowedRoles(person, t);
+ }
+
+ protected void assertWithMultipleAllowedRoles(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithInstanceUser(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createInstanceRole(RoleCode.ADMIN)));
+
+ O object = createObject(getSpace1(), getProject11());
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithInstanceUser(person, t);
+ }
+
+ protected void assertWithInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithMatchingSpaceAndMatchingProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace1()), createProjectRole(RoleCode.ADMIN, getProject11()))));
+
+ O object = createObject(getSpace1(), getProject11());
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithMatchingSpaceAndMatchingProjectUser(person, t);
+ }
+
+ protected void assertWithMatchingSpaceAndMatchingProjectUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithMatchingSpaceAndNonMatchingProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace1()), createProjectRole(RoleCode.ADMIN, getProject21()))));
+
+ O object = createObject(getSpace1(), getProject11());
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithMatchingSpaceAndNonMatchingProjectUser(person, t);
+ }
+
+ protected void assertWithMatchingSpaceAndNonMatchingProjectUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNonMatchingSpaceAndMatchingProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace2()), createProjectRole(RoleCode.ADMIN, getProject11()))));
+
+ O object = createObject(getSpace1(), getProject11());
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithNonMatchingSpaceAndMatchingProjectUser(person, t);
+ }
+
+ protected void assertWithNonMatchingSpaceAndMatchingProjectUser(PersonPE person, Throwable t)
+ {
+ if (authorizationConfig.isProjectLevelEnabled() && authorizationConfig.isProjectLevelUser(person.getUserId()))
+ {
+ assertNoException(t);
+ } else
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNonMatchingSpaceAndNonMatchingProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace2()), createProjectRole(RoleCode.ADMIN, getProject21()))));
+
+ O object = createObject(getSpace1(), getProject11());
+ List<O> objects = Arrays.asList(object);
+ Throwable t = tryEvaluateObjects(createSessionProvider(person), objects);
+ assertWithNonMatchingSpaceAndNonMatchingProjectUser(person, t);
+ }
+
+ protected void assertWithNonMatchingSpaceAndNonMatchingProjectUser(PersonPE person, Throwable t)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+ protected Throwable tryEvaluateObjects(IAuthSessionProvider session, List<O> objects)
+ {
+ try
+ {
+ evaluateObjects(session, objects);
+ return null;
+ } catch (Throwable t)
+ {
+ return t;
+ }
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentDB.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentDB.java
new file mode 100644
index 0000000000000000000000000000000000000000..bbfb10142f61b1bae4b2b75fc44597d4eab318b9
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentDB.java
@@ -0,0 +1,116 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.experiment;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+
+/**
+ * @author pkupczyk
+ */
+public class ExperimentDB
+{
+
+ private static final Map<String, Map<String, Object>> EXPERIMENTS = new HashMap<String, Map<String, Object>>();
+
+ public static final String ID = "id";
+
+ public static final String PERM_ID = "permId";
+
+ public static final String CODE = "code";
+
+ public static final String TYPE_CODE = "typeCode";
+
+ static
+ {
+ Map<String, Object> EXPERIMENT_111 = new HashMap<>();
+ EXPERIMENT_111.put(ID, 26L);
+ EXPERIMENT_111.put(PERM_ID, "201206190940555-1111");
+ EXPERIMENT_111.put(CODE, "AUTH-EXPERIMENT-111");
+ EXPERIMENT_111.put(TYPE_CODE, "SIRNA_HCS");
+
+ Map<String, Object> EXPERIMENT_121 = new HashMap<>();
+ EXPERIMENT_121.put(ID, 28L);
+ EXPERIMENT_121.put(PERM_ID, "201206190940555-1121");
+ EXPERIMENT_121.put(CODE, "AUTH-EXPERIMENT-121");
+ EXPERIMENT_121.put(TYPE_CODE, "SIRNA_HCS");
+
+ Map<String, Object> EXPERIMENT_211 = new HashMap<>();
+ EXPERIMENT_211.put(ID, 30L);
+ EXPERIMENT_211.put(PERM_ID, "201206190940555-1211");
+ EXPERIMENT_211.put(CODE, "AUTH-EXPERIMENT-211");
+ EXPERIMENT_211.put(TYPE_CODE, "SIRNA_HCS");
+
+ Map<String, Object> EXPERIMENT_221 = new HashMap<>();
+ EXPERIMENT_221.put(ID, 32L);
+ EXPERIMENT_221.put(PERM_ID, "201206190940555-1221");
+ EXPERIMENT_221.put(CODE, "AUTH-EXPERIMENT-221");
+ EXPERIMENT_221.put(TYPE_CODE, "SIRNA_HCS");
+
+ EXPERIMENTS.put("/AUTH-SPACE-1/AUTH-PROJECT-11", EXPERIMENT_111);
+ EXPERIMENTS.put("/AUTH-SPACE-1/AUTH-PROJECT-12", EXPERIMENT_121);
+ EXPERIMENTS.put("/AUTH-SPACE-2/AUTH-PROJECT-21", EXPERIMENT_211);
+ EXPERIMENTS.put("/AUTH-SPACE-2/AUTH-PROJECT-22", EXPERIMENT_221);
+ }
+
+ public static Long getId(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return getField(spacePE, projectPE, ID);
+ }
+
+ public static String getPermId(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return getField(spacePE, projectPE, PERM_ID);
+ }
+
+ public static String getCode(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return getField(spacePE, projectPE, CODE);
+ }
+
+ public static String getTypeCode(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return getField(spacePE, projectPE, TYPE_CODE);
+ }
+
+ public static String getIdentifier(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return "/" + spacePE.getCode() + "/" + projectPE.getCode() + "/" + getCode(spacePE, projectPE);
+ }
+
+ @SuppressWarnings("unchecked")
+ private static <T> T getField(SpacePE spacePE, ProjectPE projectPE, String fieldName)
+ {
+ Map<String, Object> experiment = EXPERIMENTS.get("/" + spacePE.getCode() + "/" + projectPE.getCode());
+
+ if (experiment == null)
+ {
+ throw new RuntimeException("Couldn't find experiment for space: " + spacePE + " and project: " + projectPE);
+ }
+
+ if (false == experiment.containsKey(fieldName))
+ {
+ throw new RuntimeException("Couldn't find field: " + fieldName + " for experiment: " + experiment);
+ }
+
+ return (T) experiment.get(fieldName);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentListPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentListPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..d937bf76d539fe191357a720c5a3763833b9cfb5
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentListPredicateSystemTest.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.experiment;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.EntityRegistrationDetails;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.EntityRegistrationDetails.EntityRegistrationDetailsInitializer;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Experiment;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Experiment.ExperimentInitializer;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonCollectionPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ExperimentListPredicateSystemTest extends CommonCollectionPredicateSystemTest<Experiment>
+{
+
+ @Autowired
+ private ExperimentPredicateTestService service;
+
+ @Override
+ protected Experiment createNonexistentObject()
+ {
+ ExperimentInitializer initializer = new Experiment.ExperimentInitializer();
+ initializer.setId(-1L);
+ initializer.setPermId("IDONTEXIST");
+ initializer.setCode("IDONTEXIST");
+ initializer.setExperimentTypeCode("IDONTEXIST");
+ initializer.setRegistrationDetails(new EntityRegistrationDetails(new EntityRegistrationDetailsInitializer()));
+ initializer.setIdentifier("/IDONTEXIST/IDONTEXIST/" + initializer.getCode());
+ return new Experiment(initializer);
+ }
+
+ @Override
+ protected Experiment createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ ExperimentInitializer initializer = new Experiment.ExperimentInitializer();
+ initializer.setId(ExperimentDB.getId(spacePE, projectPE));
+ initializer.setPermId(ExperimentDB.getPermId(spacePE, projectPE));
+ initializer.setCode(ExperimentDB.getCode(spacePE, projectPE));
+ initializer.setExperimentTypeCode(ExperimentDB.getTypeCode(spacePE, projectPE));
+ initializer.setRegistrationDetails(new EntityRegistrationDetails(new EntityRegistrationDetailsInitializer()));
+ initializer.setIdentifier(ExperimentDB.getIdentifier(spacePE, projectPE));
+ return new Experiment(initializer);
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<Experiment> objects)
+ {
+ service.testExperimentListPredicate(sessionProvider, objects);
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, NullPointerException.class, null);
+ }
+
+ @Override
+ protected void assertWithNullCollection(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No experiment specified.");
+ }
+
+}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPEPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPEPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..5358b1b3b0f6dd3703ecf8addfc784f0a235ace3
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPEPredicateSystemTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.experiment;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ExperimentPEPredicateSystemTest extends CommonPredicateSystemTest<ExperimentPE>
+{
+
+ @Autowired
+ private ExperimentPredicateTestService service;
+
+ @Override
+ protected ExperimentPE createNonexistentObject()
+ {
+ SpacePE space = new SpacePE();
+ space.setCode("IDONTEXIST");
+
+ ProjectPE project = new ProjectPE();
+ project.setCode("IDONTEXIST");
+ project.setSpace(space);
+
+ ExperimentPE experiment = new ExperimentPE();
+ experiment.setCode("IDONTEXIST");
+ experiment.setProject(project);
+
+ return experiment;
+ }
+
+ @Override
+ protected ExperimentPE createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ ExperimentPE experimentPE = new ExperimentPE();
+ experimentPE.setProject(projectPE);
+ return experimentPE;
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<ExperimentPE> objects)
+ {
+ service.testExperimentPEPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPermIdPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPermIdPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..bcfae874fd38640a4672eccbaa51575d7e5d014f
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPermIdPredicateSystemTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.experiment;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ExperimentPermIdPredicateSystemTest extends CommonPredicateSystemTest<PermId>
+{
+
+ @Autowired
+ private ExperimentPredicateTestService service;
+
+ @Override
+ protected PermId createNonexistentObject()
+ {
+ return new PermId("IDONTEXIST");
+ }
+
+ @Override
+ protected PermId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new PermId(ExperimentDB.getPermId(spacePE, projectPE));
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<PermId> objects)
+ {
+ service.testExperimentPermIdPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No experiment perm id specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPredicateTestService.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPredicateTestService.java
new file mode 100644
index 0000000000000000000000000000000000000000..12f972009458ca1d14ff50777106a155b87eecb0
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentPredicateTestService.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.experiment;
+
+import java.util.List;
+
+import org.springframework.stereotype.Component;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.AuthorizationGuard;
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.RolesAllowed;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractTechIdCollectionPredicate.ExperimentTechIdCollectionPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractTechIdPredicate.ExperimentTechIdPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ExperimentListPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ExperimentPEPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ExperimentPermIdPredicate;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Experiment;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
+
+/**
+ * @author pkupczyk
+ */
+@Component
+public class ExperimentPredicateTestService
+{
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testExperimentTechIdPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ExperimentTechIdPredicate.class) TechId experimentTechId)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testExperimentTechIdCollectionPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ExperimentTechIdCollectionPredicate.class) List<TechId> experimentTechIds)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testExperimentPermIdPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ExperimentPermIdPredicate.class) PermId experimentPermId)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testExperimentPEPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ExperimentPEPredicate.class) ExperimentPE experimentPE)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testExperimentListPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ExperimentListPredicate.class) List<Experiment> experimentList)
+ {
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentTechIdCollectionPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentTechIdCollectionPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..73f546c2f9a3d8bc12287c2d5a9b78e11ba60ffa
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentTechIdCollectionPredicateSystemTest.java
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.experiment;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonCollectionPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ExperimentTechIdCollectionPredicateSystemTest extends CommonCollectionPredicateSystemTest<TechId>
+{
+
+ @Autowired
+ private ExperimentPredicateTestService service;
+
+ @Override
+ protected TechId createNonexistentObject()
+ {
+ return new TechId(-1);
+ }
+
+ @Override
+ protected TechId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new TechId(ExperimentDB.getId(spacePE, projectPE));
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<TechId> objects)
+ {
+ service.testExperimentTechIdCollectionPredicate(sessionProvider, objects);
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, NullPointerException.class, null);
+ }
+
+ @Override
+ protected void assertWithNullCollection(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No EXPERIMENT technical id collection specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentTechIdPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentTechIdPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..1666686b7000d1a04d513ed96906c2fb28ae33cd
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/experiment/ExperimentTechIdPredicateSystemTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.experiment;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ExperimentTechIdPredicateSystemTest extends CommonPredicateSystemTest<TechId>
+{
+
+ @Autowired
+ private ExperimentPredicateTestService service;
+
+ @Override
+ protected TechId createNonexistentObject()
+ {
+ return new TechId(-1);
+ }
+
+ @Override
+ protected TechId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new TechId(ExperimentDB.getId(spacePE, projectPE));
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<TechId> objects)
+ {
+ service.testExperimentTechIdPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No technical id specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatExperimentDoesNotExist(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatExperimentDoesNotExist(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatExperimentDoesNotExist(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/NewProjectPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/NewProjectPredicateSystemTest.java
similarity index 50%
rename from openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/NewProjectPredicateTest.java
rename to openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/NewProjectPredicateSystemTest.java
index 9977a4f2dfbb82ac8494a68653fe7f8aa200ef7e..891b924f060ed66b27c2e45b57a61f801f46f15e 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/NewProjectPredicateTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/NewProjectPredicateSystemTest.java
@@ -14,30 +14,33 @@
* limitations under the License.
*/
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
-import java.util.Arrays;
import java.util.List;
-import ch.systemsx.cisd.common.exceptions.Status;
+import org.springframework.beans.factory.annotation.Autowired;
+
import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.NewProject;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
/**
* @author pkupczyk
*/
-public class NewProjectPredicateTest extends CommonPredicateTest<NewProject>
+public class NewProjectPredicateSystemTest extends CommonPredicateSystemTest<NewProject>
{
+ @Autowired
+ private ProjectPredicateTestService service;
+
@Override
- protected void expectWithAll(IAuthorizationConfig config, List<NewProject> objects)
+ protected NewProject createNonexistentObject()
{
- expectAuthorizationConfig(config);
- prepareProvider(ALL_SPACES_PE);
+ return new NewProject("/IDONTEXIST/IDONTEXIST", "idontexist");
}
@Override
@@ -47,36 +50,33 @@ public class NewProjectPredicateTest extends CommonPredicateTest<NewProject>
}
@Override
- protected Status evaluateObjects(List<NewProject> objects, RoleWithIdentifier... roles)
+ protected void evaluateObjects(IAuthSessionProvider session, List<NewProject> objects)
{
- NewProjectPredicate predicate = new NewProjectPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
+ service.testNewProjectPredicate(session, objects.get(0));
}
@Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
+ protected void assertWithNull(PersonPE person, Throwable t)
{
- assertNull(result);
assertException(t, UserFailureException.class, "No new project specified.");
}
@Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
{
- assertOK(result);
+ assertNoException(t);
}
@Override
- protected void assertWithNonexistentObjectForSpaceUser(IAuthorizationConfig config, Status result)
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
{
- assertOK(result);
+ assertNoException(t);
}
@Override
- protected void assertWithNonexistentObjectForProjectUser(IAuthorizationConfig config, Status result)
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
{
- assertOK(result);
+ assertNoException(t);
}
}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectAugmentedCodePredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectAugmentedCodePredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..f57a640a12b705e00bd2570a5a93e5080fea2949
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectAugmentedCodePredicateSystemTest.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectAugmentedCodePredicateSystemTest extends CommonPredicateSystemTest<String>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected String createNonexistentObject()
+ {
+ return "/IDONTEXIST/IDONTEXIST";
+ }
+
+ @Override
+ protected String createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return "/" + spacePE.getCode() + "/" + projectPE.getCode();
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<String> objects)
+ {
+ service.testProjectAugmentedCodePredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithIdentifierSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithIdentifierSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..c7fc12eb7c717eb448cfbf065967935118689527
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithIdentifierSystemTest.java
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.id.project.ProjectIdentifierId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectIdPredicateWithIdentifierSystemTest extends CommonPredicateSystemTest<ProjectIdentifierId>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected ProjectIdentifierId createNonexistentObject()
+ {
+ return new ProjectIdentifierId("/IDONTEXIST/IDONTEXIST");
+ }
+
+ @Override
+ protected ProjectIdentifierId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new ProjectIdentifierId("/" + spacePE.getCode() + "/" + projectPE.getCode());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<ProjectIdentifierId> objects)
+ {
+ service.testProjectIdPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project id specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithPermIdSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithPermIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..31af377919be1353a75d6f064f1897291d265b6a
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithPermIdSystemTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.id.project.ProjectPermIdId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectIdPredicateWithPermIdSystemTest extends CommonPredicateSystemTest<ProjectPermIdId>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected ProjectPermIdId createNonexistentObject()
+ {
+ return new ProjectPermIdId("IDONTEXIST");
+ }
+
+ @Override
+ protected ProjectPermIdId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new ProjectPermIdId(projectPE.getPermId());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<ProjectPermIdId> objects)
+ {
+ service.testProjectIdPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project id specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithTechIdSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithTechIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..eb5754cbff6c162df610f9f03081973c0d82424c
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdPredicateWithTechIdSystemTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.id.project.ProjectTechIdId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectIdPredicateWithTechIdSystemTest extends CommonPredicateSystemTest<ProjectTechIdId>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected ProjectTechIdId createNonexistentObject()
+ {
+ return new ProjectTechIdId(-1L);
+ }
+
+ @Override
+ protected ProjectTechIdId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new ProjectTechIdId(projectPE.getId());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<ProjectTechIdId> objects)
+ {
+ service.testProjectIdPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project id specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdentifierPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdentifierPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..6785a2bea20125b8c1eba43d93f98c79df21b725
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectIdentifierPredicateSystemTest.java
@@ -0,0 +1,70 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.ProjectIdentifier;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectIdentifierPredicateSystemTest extends CommonPredicateSystemTest<ProjectIdentifier>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected ProjectIdentifier createNonexistentObject()
+ {
+ return new ProjectIdentifier("IDONTEXIST", "IDONTEXIST");
+ }
+
+ @Override
+ protected ProjectIdentifier createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new ProjectIdentifier(spacePE.getCode(), projectPE.getCode());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<ProjectIdentifier> objects)
+ {
+ service.testProjectIdentifierPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPEPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPEPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..952ff23e9fda27027d9b097cd9d379f95f36079a
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPEPredicateSystemTest.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectPEPredicateSystemTest extends CommonPredicateSystemTest<ProjectPE>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected ProjectPE createNonexistentObject()
+ {
+ SpacePE space = new SpacePE();
+ space.setCode("IDONTEXIST");
+
+ ProjectPE project = new ProjectPE();
+ project.setCode("IDONTEXIST");
+ project.setSpace(space);
+
+ return project;
+ }
+
+ @Override
+ protected ProjectPE createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return projectPE;
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider session, List<ProjectPE> objects)
+ {
+ service.testProjectPEPredicate(session, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, NullPointerException.class, null);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPermIdPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPermIdPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..479e9180b104c5c8bb2b92664a0f52fb4a9d5bf7
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPermIdPredicateSystemTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectPermIdPredicateSystemTest extends CommonPredicateSystemTest<PermId>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected PermId createNonexistentObject()
+ {
+ return new PermId("IDONTEXIST");
+ }
+
+ @Override
+ protected PermId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new PermId(projectPE.getPermId());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<PermId> objects)
+ {
+ service.testProjectPermIdPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project perm id specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPredicateSystemTest.java
similarity index 53%
rename from openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPredicateTest.java
rename to openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPredicateSystemTest.java
index 412e3268e62130ff9825cd9ab983921d473ddb36..9a878148801bb381ffeda82a818e709d001e17cf 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ProjectPredicateTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPredicateSystemTest.java
@@ -14,30 +14,33 @@
* limitations under the License.
*/
-package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
-import java.util.Arrays;
import java.util.List;
-import ch.systemsx.cisd.common.exceptions.Status;
+import org.springframework.beans.factory.annotation.Autowired;
+
import ch.systemsx.cisd.common.exceptions.UserFailureException;
-import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Project;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
/**
- * @author Pawel Glyzewski
+ * @author pkupczyk
*/
-public class ProjectPredicateTest extends CommonPredicateTest<Project>
+public class ProjectPredicateSystemTest extends CommonPredicateSystemTest<Project>
{
+ @Autowired
+ private ProjectPredicateTestService service;
+
@Override
- protected void expectWithAll(IAuthorizationConfig config, List<Project> objects)
+ protected Project createNonexistentObject()
{
- expectAuthorizationConfig(config);
- prepareProvider(ALL_SPACES_PE);
+ return new Project("IDONTEXIST", "IDONTEXIST");
}
@Override
@@ -47,24 +50,21 @@ public class ProjectPredicateTest extends CommonPredicateTest<Project>
}
@Override
- protected Status evaluateObjects(List<Project> objects, RoleWithIdentifier... roles)
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<Project> objects)
{
- ProjectPredicate predicate = new ProjectPredicate();
- predicate.init(provider);
- return predicate.evaluate(PERSON_PE, Arrays.asList(roles), objects.get(0));
+ service.testProjectPredicate(sessionProvider, objects.get(0));
}
@Override
- protected void assertWithNull(IAuthorizationConfig config, Status result, Throwable t)
+ protected void assertWithNull(PersonPE person, Throwable t)
{
- assertNull(result);
assertException(t, UserFailureException.class, "No project specified.");
}
@Override
- protected void assertWithNonexistentObjectForInstanceUser(IAuthorizationConfig config, Status result)
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
{
- assertOK(result);
+ assertNoException(t);
}
}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPredicateTestService.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPredicateTestService.java
new file mode 100644
index 0000000000000000000000000000000000000000..206d10b0252349644be9ef9ae984ab89e957c719
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectPredicateTestService.java
@@ -0,0 +1,112 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.stereotype.Component;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.AuthorizationGuard;
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.RolesAllowed;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractTechIdCollectionPredicate.ProjectTechIdCollectionPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractTechIdPredicate.ProjectTechIdPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.NewProjectPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ProjectAugmentedCodePredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ProjectIdPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ProjectIdentifierPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ProjectPEPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ProjectPermIdPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ProjectPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.ProjectUpdatesPredicate;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Project;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.id.project.IProjectId;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.NewProject;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectUpdatesDTO;
+import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.ProjectIdentifier;
+
+/**
+ * @author pkupczyk
+ */
+@Component
+public class ProjectPredicateTestService
+{
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectPEPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ProjectPEPredicate.class) ProjectPE projectPE)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testNewProjectPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = NewProjectPredicate.class) NewProject newProject)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectIdentifierPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ProjectIdentifierPredicate.class) ProjectIdentifier projectIdentifier)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectPredicate(IAuthSessionProvider sessionProvider, @AuthorizationGuard(guardClass = ProjectPredicate.class) Project project)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectIdPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ProjectIdPredicate.class) IProjectId projectId)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectAugmentedCodePredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ProjectAugmentedCodePredicate.class) String projectAugmentedCode)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectUpdatesPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ProjectUpdatesPredicate.class) ProjectUpdatesDTO projectUpdatesDTO)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectTechIdPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ProjectTechIdPredicate.class) TechId projectTechId)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectPermIdPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ProjectPermIdPredicate.class) PermId projectPermId)
+ {
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testProjectTechIdCollectionPredicate(IAuthSessionProvider sessionProvider,
+ @AuthorizationGuard(guardClass = ProjectTechIdCollectionPredicate.class) List<TechId> projectTechIds)
+ {
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectTechIdCollectionPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectTechIdCollectionPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..3b974a9be7758a7ae7f9995c28ec9a974c0e1614
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectTechIdCollectionPredicateSystemTest.java
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonCollectionPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectTechIdCollectionPredicateSystemTest extends CommonCollectionPredicateSystemTest<TechId>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected TechId createNonexistentObject()
+ {
+ return new TechId(-1);
+ }
+
+ @Override
+ protected TechId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new TechId(projectPE.getId());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<TechId> objects)
+ {
+ service.testProjectTechIdCollectionPredicate(sessionProvider, objects);
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, NullPointerException.class, null);
+ }
+
+ @Override
+ protected void assertWithNullCollection(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No PROJECT technical id collection specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
\ No newline at end of file
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectTechIdPredicateSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectTechIdPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..d395fc368b95914c6cdedc044e8554ff96d0c241
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectTechIdPredicateSystemTest.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectTechIdPredicateSystemTest extends CommonPredicateSystemTest<TechId>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected TechId createNonexistentObject()
+ {
+ return new TechId(-1);
+ }
+
+ @Override
+ protected TechId createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ return new TechId(projectPE.getId());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<TechId> objects)
+ {
+ service.testProjectTechIdPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No technical id specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithIdentifierSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithIdentifierSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..2f2a3cf44c34e44ac962870924b0d6649b0f433c
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithIdentifierSystemTest.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectUpdatesDTO;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectUpdatesPredicateWithIdentifierSystemTest extends CommonPredicateSystemTest<ProjectUpdatesDTO>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected ProjectUpdatesDTO createNonexistentObject()
+ {
+ ProjectUpdatesDTO updates = new ProjectUpdatesDTO();
+ updates.setIdentifier("/IDONTEXIST/IDONTEXIST");
+ return updates;
+ }
+
+ @Override
+ protected ProjectUpdatesDTO createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ ProjectUpdatesDTO updates = new ProjectUpdatesDTO();
+ updates.setIdentifier("/" + spacePE.getCode() + "/" + projectPE.getCode());
+ return updates;
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<ProjectUpdatesDTO> objects)
+ {
+ service.testProjectUpdatesPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project updates specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithPermIdSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithPermIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..86df3eee1f6f7ecb2bfa35760672757dd1942529
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithPermIdSystemTest.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectUpdatesDTO;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectUpdatesPredicateWithPermIdSystemTest extends CommonPredicateSystemTest<ProjectUpdatesDTO>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected ProjectUpdatesDTO createNonexistentObject()
+ {
+ ProjectUpdatesDTO updates = new ProjectUpdatesDTO();
+ updates.setPermId("IDONTEXIST");
+ return updates;
+ }
+
+ @Override
+ protected ProjectUpdatesDTO createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ ProjectUpdatesDTO updates = new ProjectUpdatesDTO();
+ updates.setPermId(projectPE.getPermId());
+ return updates;
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<ProjectUpdatesDTO> objects)
+ {
+ service.testProjectUpdatesPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project updates specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithTechIdSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithTechIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..d59b6ab1b9b452ac4a3e319f25664c2a148dfc50
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/predicate/project/ProjectUpdatesPredicateWithTechIdSystemTest.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.predicate.project;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectUpdatesDTO;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.predicate.CommonPredicateSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectUpdatesPredicateWithTechIdSystemTest extends CommonPredicateSystemTest<ProjectUpdatesDTO>
+{
+
+ @Autowired
+ private ProjectPredicateTestService service;
+
+ @Override
+ protected ProjectUpdatesDTO createNonexistentObject()
+ {
+ ProjectUpdatesDTO updates = new ProjectUpdatesDTO();
+ updates.setTechId(new TechId(-1));
+ return updates;
+ }
+
+ @Override
+ protected ProjectUpdatesDTO createObject(SpacePE spacePE, ProjectPE projectPE)
+ {
+ ProjectUpdatesDTO updates = new ProjectUpdatesDTO();
+ updates.setTechId(new TechId(projectPE.getId()));
+ return updates;
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider sessionProvider, List<ProjectUpdatesDTO> objects)
+ {
+ service.testProjectUpdatesPredicate(sessionProvider, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t)
+ {
+ assertException(t, UserFailureException.class, "No project updates specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t)
+ {
+ assertUserFailureExceptionThatProjectDoesNotExist(t);
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/CommonValidatorSystemTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/CommonValidatorSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..162c26221283528e1ef6249519e2b47a6c6722d6
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/CommonValidatorSystemTest.java
@@ -0,0 +1,226 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.validator;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.testng.annotations.Test;
+
+import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.RoleAssignmentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.CommonAuthorizationSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class CommonValidatorSystemTest<O> extends CommonAuthorizationSystemTest
+{
+
+ @Autowired
+ private IAuthorizationConfig authorizationConfig;
+
+ protected abstract O createObject(SpacePE spacePE, ProjectPE projectPE);
+
+ protected abstract O validateObject(IAuthSessionProvider sessionProvider, O object);
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNull(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createInstanceRole(RoleCode.ADMIN)));
+
+ ValidationResult result = tryValidateObject(createSessionProvider(person), null);
+
+ assertWithNull(person, result.getResult(), result.getError());
+ }
+
+ protected void assertWithNull(PersonPE person, O result, Throwable t)
+ {
+ assertNull(result);
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNoAllowedRoles(PersonPE person)
+ {
+ ValidationResult result = tryValidateObject(createSessionProvider(person), createObject(getSpace1(), getProject11()));
+
+ assertWithNoAllowedRoles(person, result.getResult(), result.getError());
+ }
+
+ protected void assertWithNoAllowedRoles(PersonPE person, O result, Throwable t)
+ {
+ assertNull(result);
+ assertAuthorizationFailureExceptionThatNoRoles(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithMultipleAllowedRoles(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace2()), createSpaceRole(RoleCode.ADMIN, getSpace1()))));
+
+ ValidationResult result = tryValidateObject(createSessionProvider(person), createObject(getSpace1(), getProject11()));
+
+ assertWithMultipleAllowedRoles(person, result.getResult(), result.getError());
+ }
+
+ protected void assertWithMultipleAllowedRoles(PersonPE person, O result, Throwable t)
+ {
+ assertNotNull(result);
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithInstanceUser(PersonPE person)
+ {
+ person.setRoleAssignments(Collections.singleton(createInstanceRole(RoleCode.ADMIN)));
+
+ ValidationResult result = tryValidateObject(createSessionProvider(person), createObject(getSpace1(), getProject11()));
+
+ assertWithInstanceUser(person, result.getResult(), result.getError());
+ }
+
+ protected void assertWithInstanceUser(PersonPE person, O result, Throwable t)
+ {
+ assertNotNull(result);
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithMatchingSpaceAndMatchingProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace1()), createProjectRole(RoleCode.ADMIN, getProject11()))));
+
+ ValidationResult result = tryValidateObject(createSessionProvider(person), createObject(getSpace1(), getProject11()));
+
+ assertWithMatchingSpaceAndMatchingProjectUser(person, result.getResult(), result.getError());
+ }
+
+ protected void assertWithMatchingSpaceAndMatchingProjectUser(PersonPE person, O result, Throwable t)
+ {
+ assertNotNull(result);
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithMatchingSpaceAndNonMatchingProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace1()), createProjectRole(RoleCode.ADMIN, getProject21()))));
+
+ ValidationResult result = tryValidateObject(createSessionProvider(person), createObject(getSpace1(), getProject11()));
+
+ assertWithMatchingSpaceAndNonMatchingProjectUser(person, result.getResult(), result.getError());
+ }
+
+ protected void assertWithMatchingSpaceAndNonMatchingProjectUser(PersonPE person, O result, Throwable t)
+ {
+ assertNotNull(result);
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNonMatchingSpaceAndMatchingProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace2()), createProjectRole(RoleCode.ADMIN, getProject11()))));
+
+ ValidationResult result = tryValidateObject(createSessionProvider(person), createObject(getSpace1(), getProject11()));
+
+ assertWithNonMatchingSpaceAndMatchingProjectUser(person, result.getResult(), result.getError());
+ }
+
+ protected void assertWithNonMatchingSpaceAndMatchingProjectUser(PersonPE person, O result, Throwable t)
+ {
+ if (authorizationConfig.isProjectLevelEnabled() && authorizationConfig.isProjectLevelUser(person.getUserId()))
+ {
+ assertNotNull(result);
+ } else
+ {
+ assertNull(result);
+ }
+
+ assertNoException(t);
+ }
+
+ @Test(dataProvider = PERSON_WITH_OR_WITHOUT_PA_PROVIDER)
+ public void testWithNonMatchingSpaceAndNonMatchingProjectUser(PersonPE person)
+ {
+ person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(
+ createSpaceRole(RoleCode.ADMIN, getSpace2()), createProjectRole(RoleCode.ADMIN, getProject21()))));
+
+ ValidationResult result = tryValidateObject(createSessionProvider(person), createObject(getSpace1(), getProject11()));
+
+ assertWithNonMatchingSpaceAndNonMatchingProjectUser(person, result.getResult(), result.getError());
+ }
+
+ protected void assertWithNonMatchingSpaceAndNonMatchingProjectUser(PersonPE person, O result, Throwable t)
+ {
+ assertNull(result);
+ assertNoException(t);
+ }
+
+ protected ValidationResult tryValidateObject(IAuthSessionProvider session, O object)
+ {
+ try
+ {
+ O result = validateObject(session, object);
+ return new ValidationResult(result);
+ } catch (Throwable t)
+ {
+ return new ValidationResult(t);
+ }
+ }
+
+ private class ValidationResult
+ {
+
+ private O result;
+
+ private Throwable error;
+
+ public ValidationResult(O result)
+ {
+ this.result = result;
+ }
+
+ public ValidationResult(Throwable error)
+ {
+ this.error = error;
+ }
+
+ public O getResult()
+ {
+ return result;
+ }
+
+ public Throwable getError()
+ {
+ return error;
+ }
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidatorTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectByIdentiferValidatorSystemTest.java
similarity index 61%
rename from openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidatorTest.java
rename to openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectByIdentiferValidatorSystemTest.java
index a6aa06b02b50e15eb186da4d8af84ff20057e1c0..cee512dda66df75b2a6e569f1316a67404eac8cd 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidatorTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectByIdentiferValidatorSystemTest.java
@@ -14,19 +14,25 @@
* limitations under the License.
*/
-package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
+package ch.systemsx.cisd.openbis.systemtest.authorization.validator.project;
+
+import org.springframework.beans.factory.annotation.Autowired;
import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Project;
-import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.validator.CommonValidatorSystemTest;
/**
* @author pkupczyk
*/
-public class ProjectByIdentiferValidatorTest extends CommonValidatorTest<Project>
+public class ProjectByIdentiferValidatorSystemTest extends CommonValidatorSystemTest<Project>
{
+ @Autowired
+ private ProjectValidatorTestService service;
+
@Override
protected Project createObject(SpacePE spacePE, ProjectPE projectPE)
{
@@ -34,11 +40,9 @@ public class ProjectByIdentiferValidatorTest extends CommonValidatorTest<Project
}
@Override
- protected boolean validateObject(PersonPE personPE, Project object)
+ protected Project validateObject(IAuthSessionProvider sessionProvider, Project object)
{
- ProjectByIdentiferValidator validator = new ProjectByIdentiferValidator();
- validator.init(provider);
- return validator.isValid(personPE, object);
+ return service.testProjectByIdentifierValidator(sessionProvider, object);
}
}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidatorTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectValidatorSystemTest.java
similarity index 65%
rename from openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidatorTest.java
rename to openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectValidatorSystemTest.java
index 9a5dbadb15d9cc9f4e82eab804102a94c99ba11b..dbf4b0252c7b96228b335dffee28699b3adfcd4c 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidatorTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectValidatorSystemTest.java
@@ -14,20 +14,26 @@
* limitations under the License.
*/
-package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
+package ch.systemsx.cisd.openbis.systemtest.authorization.validator.project;
+
+import org.springframework.beans.factory.annotation.Autowired;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Project;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
-import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.validator.CommonValidatorSystemTest;
/**
- * @author Franz-Josef Elmer
+ * @author pkupczyk
*/
-public class ProjectValidatorTest extends CommonValidatorTest<Project>
+public class ProjectValidatorSystemTest extends CommonValidatorSystemTest<Project>
{
+ @Autowired
+ private ProjectValidatorTestService service;
+
@Override
protected Project createObject(SpacePE spacePE, ProjectPE projectPE)
{
@@ -43,11 +49,9 @@ public class ProjectValidatorTest extends CommonValidatorTest<Project>
}
@Override
- protected boolean validateObject(PersonPE person, Project project)
+ protected Project validateObject(IAuthSessionProvider sessionProvider, Project object)
{
- ProjectValidator validator = new ProjectValidator();
- validator.init(provider);
- return validator.isValid(person, project);
+ return service.testProjectValidator(sessionProvider, object);
}
}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectValidatorTestService.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectValidatorTestService.java
new file mode 100644
index 0000000000000000000000000000000000000000..67820b75c5f8d7ac8a0e16f096ad26d0eded1e13
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/project/ProjectValidatorTestService.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.validator.project;
+
+import org.springframework.stereotype.Component;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.ReturnValueFilter;
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.RolesAllowed;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.ProjectByIdentiferValidator;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.ProjectValidator;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+
+/**
+ * @author pkupczyk
+ */
+@Component
+public class ProjectValidatorTestService
+{
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ @ReturnValueFilter(validatorClass = ProjectByIdentiferValidator.class)
+ public ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Project testProjectByIdentifierValidator(IAuthSessionProvider sessionProvider,
+ ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Project project)
+ {
+ return project;
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ @ReturnValueFilter(validatorClass = ProjectValidator.class)
+ public ch.systemsx.cisd.openbis.generic.shared.basic.dto.Project testProjectValidator(IAuthSessionProvider sessionProvider,
+ ch.systemsx.cisd.openbis.generic.shared.basic.dto.Project project)
+ {
+ return project;
+ }
+
+}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SpaceValidatorTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SimpleSpaceValidatorSystemTest.java
similarity index 62%
rename from openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SpaceValidatorTest.java
rename to openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SimpleSpaceValidatorSystemTest.java
index 71f11d5403c821b4d3d7c952880f7a38e16d8175..042e369e10fdb6645487f62728d091d9927e8097 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SpaceValidatorTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SimpleSpaceValidatorSystemTest.java
@@ -14,20 +14,26 @@
* limitations under the License.
*/
-package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
+package ch.systemsx.cisd.openbis.systemtest.authorization.validator.space;
+
+import org.springframework.beans.factory.annotation.Autowired;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.validator.CommonValidatorSystemTest;
/**
* @author pkupczyk
*/
-public class SpaceValidatorTest extends CommonValidatorTest<Space>
+public class SimpleSpaceValidatorSystemTest extends CommonValidatorSystemTest<Space>
{
+ @Autowired
+ private SpaceValidatorTestService service;
+
@Override
protected Space createObject(SpacePE spacePE, ProjectPE projectPE)
{
@@ -37,17 +43,16 @@ public class SpaceValidatorTest extends CommonValidatorTest<Space>
}
@Override
- protected boolean validateObject(PersonPE person, Space object)
+ protected Space validateObject(IAuthSessionProvider sessionProvider, Space object)
{
- SpaceValidator validator = new SpaceValidator();
- validator.init(provider);
- return validator.isValid(person, object);
+ return service.testSimpleSpaceValidator(sessionProvider, object);
}
@Override
- protected void assertWithNonMatchingSpaceAndMatchingProjectUser(IAuthorizationConfig config, boolean result)
+ protected void assertWithNonMatchingSpaceAndMatchingProjectUser(PersonPE person, Space result, Throwable t)
{
- assertFalse(result);
+ assertNull(result);
+ assertNoException(t);
}
}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SimpleSpaceValidatorTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SpaceValidatorSystemTest.java
similarity index 62%
rename from openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SimpleSpaceValidatorTest.java
rename to openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SpaceValidatorSystemTest.java
index ed9abfa96568b3beedb8ea1d6ffe0f2874b1a665..238790f0ac69c6a3cb827080e12fc5ce6fc0172f 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SimpleSpaceValidatorTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SpaceValidatorSystemTest.java
@@ -14,20 +14,26 @@
* limitations under the License.
*/
-package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
+package ch.systemsx.cisd.openbis.systemtest.authorization.validator.space;
+
+import org.springframework.beans.factory.annotation.Autowired;
-import ch.systemsx.cisd.openbis.generic.shared.authorization.IAuthorizationConfig;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.systemtest.authorization.validator.CommonValidatorSystemTest;
/**
* @author pkupczyk
*/
-public class SimpleSpaceValidatorTest extends CommonValidatorTest<Space>
+public class SpaceValidatorSystemTest extends CommonValidatorSystemTest<Space>
{
+ @Autowired
+ private SpaceValidatorTestService service;
+
@Override
protected Space createObject(SpacePE spacePE, ProjectPE projectPE)
{
@@ -37,17 +43,16 @@ public class SimpleSpaceValidatorTest extends CommonValidatorTest<Space>
}
@Override
- protected boolean validateObject(PersonPE personPE, Space object)
+ protected Space validateObject(IAuthSessionProvider sessionProvider, Space object)
{
- SimpleSpaceValidator validator = new SimpleSpaceValidator();
- validator.init(provider);
- return validator.isValid(personPE, object);
+ return service.testSpaceValidator(sessionProvider, object);
}
@Override
- protected void assertWithNonMatchingSpaceAndMatchingProjectUser(IAuthorizationConfig config, boolean result)
+ protected void assertWithNonMatchingSpaceAndMatchingProjectUser(PersonPE person, Space result, Throwable t)
{
- assertFalse(result);
+ assertNull(result);
+ assertNoException(t);
}
}
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SpaceValidatorTestService.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SpaceValidatorTestService.java
new file mode 100644
index 0000000000000000000000000000000000000000..7c904dd12896ebec5a65fcb4eb7a9dca681eea38
--- /dev/null
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/validator/space/SpaceValidatorTestService.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization.validator.space;
+
+import org.springframework.stereotype.Component;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.ReturnValueFilter;
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.RolesAllowed;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.SimpleSpaceValidator;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.SpaceValidator;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+
+/**
+ * @author pkupczyk
+ */
+@Component
+public class SpaceValidatorTestService
+{
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ @ReturnValueFilter(validatorClass = SimpleSpaceValidator.class)
+ public Space testSimpleSpaceValidator(IAuthSessionProvider sessionProvider, Space space)
+ {
+ return space;
+ }
+
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ @ReturnValueFilter(validatorClass = SpaceValidator.class)
+ public Space testSpaceValidator(IAuthSessionProvider sessionProvider, Space space)
+ {
+ return space;
+ }
+
+}
diff --git a/openbis/sourceTest/java/tests_project_authorization.xml b/openbis/sourceTest/java/tests_project_authorization.xml
index 299360c6452c374c4098fbdd2617ad1f91f6c7df..21eceaabe218dd366f4b98b2b07e228138a6a85f 100644
--- a/openbis/sourceTest/java/tests_project_authorization.xml
+++ b/openbis/sourceTest/java/tests_project_authorization.xml
@@ -6,7 +6,8 @@
</run>
</groups>
<packages>
- <package name="ch.systemsx.cisd.openbis.generic.server.authorization.*" />
+ <package name="ch.systemsx.cisd.openbis.systemtest.authorization.predicate.*" />
+ <package name="ch.systemsx.cisd.openbis.systemtest.authorization.validator.*" />
</packages>
</test>
</suite>
diff --git a/openbis/sourceTest/sql/postgresql/162/030=experiments_all.tsv b/openbis/sourceTest/sql/postgresql/162/030=experiments_all.tsv
index ae76979a31468cc01abf95c3b52024284b720172..48e0405004f9d7b28e10a8dfa418a6a8957e3631 100644
--- a/openbis/sourceTest/sql/postgresql/162/030=experiments_all.tsv
+++ b/openbis/sourceTest/sql/postgresql/162/030=experiments_all.tsv
@@ -11,3 +11,11 @@
23 EXP-SPACE-TEST 1 2 2008-11-05 09:22:40.555+01 5 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1032 2 0 \N
24 EXP-TEST-2 1 2 2009-02-09 12:17:55.058768+01 6 \N f 2009-03-18 10:50:19.475958+01 200902091255058-1037 2 0 \N
25 EXPERIMENT-TO-DELETE 1 2 2009-02-09 12:17:55.058768+01 6 \N f 2009-03-18 10:50:19.475958+01 200902091255058-1038 2 0 \N
+26 AUTH-EXPERIMENT-111 1 2 2008-11-05 09:22:40.555+01 8 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1111 2 0 \N
+27 AUTH-EXPERIMENT-112 1 2 2008-11-05 09:22:40.555+01 8 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1112 2 0 \N
+28 AUTH-EXPERIMENT-121 1 2 2008-11-05 09:22:40.555+01 9 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1121 2 0 \N
+29 AUTH-EXPERIMENT-122 1 2 2008-11-05 09:22:40.555+01 9 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1122 2 0 \N
+30 AUTH-EXPERIMENT-211 1 2 2008-11-05 09:22:40.555+01 10 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1211 2 0 \N
+31 AUTH-EXPERIMENT-212 1 2 2008-11-05 09:22:40.555+01 10 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1212 2 0 \N
+32 AUTH-EXPERIMENT-221 1 2 2008-11-05 09:22:40.555+01 11 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1221 2 0 \N
+33 AUTH-EXPERIMENT-222 1 2 2008-11-05 09:22:40.555+01 11 \N f 2009-03-18 10:50:19.475958+01 201206190940555-1222 2 0 \N
diff --git a/openbis/sourceTest/sql/postgresql/162/046=persons.tsv b/openbis/sourceTest/sql/postgresql/162/046=persons.tsv
index 9ca5c0eadab62887a06644999e6b3370c46bccb6..d9083c68f9d46b2795cb5104f3b83dc352bf69d8 100644
--- a/openbis/sourceTest/sql/postgresql/162/046=persons.tsv
+++ b/openbis/sourceTest/sql/postgresql/162/046=persons.tsv
@@ -11,7 +11,9 @@
11 John Homeless homeless admin@o.o \N 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
12 John ObserverCISD observer_cisd observer_cisd@o.o 1 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
13 John InstanceObserver instance_observer instance_observer@o.o 1 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
-14 John Doe test project test_project_pa_off inactive@in.active 3 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
-15 John Doe test project test_project_pa_on inactive@in.active 3 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
-16 John Doe test space test_space_pa_off inactive@in.active 3 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
-17 John Doe test space test_space_pa_on inactive@in.active 3 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
+14 John Doe test_project_pa_off inactive@in.active 3 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
+15 John Doe test_project_pa_on inactive@in.active 3 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
+16 John Doe test_space_pa_off inactive@in.active 3 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
+17 John Doe test_space_pa_on inactive@in.active 3 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
+18 John Doe test_user_pa_off inactive@in.active \N 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
+19 John Doe test_user_pa_on inactive@in.active \N 2008-11-05 09:18:10.581+01 \N \\xaced00057372004163682e73797374656d73782e636973642e6f70656e6269732e67656e657269632e7368617265642e62617369632e64746f2e446973706c617953657474696e677300000000000000010200035a001575736557696c64636172645365617263684d6f64654c000e636f6c756d6e53657474696e677374000f4c6a6176612f7574696c2f4d61703b4c000f73656374696f6e53657474696e677371007e0001787001737200176a6176612e7574696c2e4c696e6b6564486173684d617034c04e5c106cc0fb0200015a000b6163636573734f72646572787200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f4000000000000c7708000000100000000078007371007e00043f4000000000000c7708000000100000000078 t
diff --git a/openbis/sourceTest/sql/postgresql/162/049=projects.tsv b/openbis/sourceTest/sql/postgresql/162/049=projects.tsv
index 149d60da9a4d1baa0ad3378bebe2225081e0c4b4..7f65671d3b7169c4b30b26152df55879fbeaab42 100644
--- a/openbis/sourceTest/sql/postgresql/162/049=projects.tsv
+++ b/openbis/sourceTest/sql/postgresql/162/049=projects.tsv
@@ -5,3 +5,7 @@
5 20120814110011738-105 TEST-PROJECT 3 1 \N 2 2008-11-05 09:18:14.967+01 2009-04-03 15:56:37.675094+02 2 0
6 20120814110011738-106 NOE 3 \N \N 2 2008-11-05 09:21:43.312+01 2009-04-03 15:56:37.675094+02 2 0
7 20120814110011738-107 PROJECT-TO-DELETE 3 \N \N 2 2008-11-05 09:21:43.312+01 2009-04-03 15:56:37.675094+02 2 0
+8 20120814110011738-111 AUTH-PROJECT-11 4 \N \N 2 2008-11-05 09:18:14.967+01 2009-04-03 15:56:37.675094+02 2 0
+9 20120814110011738-112 AUTH-PROJECT-12 4 \N \N 2 2008-11-05 09:18:14.967+01 2009-04-03 15:56:37.675094+02 2 0
+10 20120814110011738-121 AUTH-PROJECT-21 5 \N \N 2 2008-11-05 09:18:14.967+01 2009-04-03 15:56:37.675094+02 2 0
+11 20120814110011738-122 AUTH-PROJECT-22 5 \N \N 2 2008-11-05 09:18:14.967+01 2009-04-03 15:56:37.675094+02 2 0
diff --git a/openbis/sourceTest/sql/postgresql/162/062=spaces.tsv b/openbis/sourceTest/sql/postgresql/162/062=spaces.tsv
index 8c39eab103fcd8fb202c9e786fc96c815e3f6e88..3073124eb62e8539f0bf6def2dcab6551de46018 100644
--- a/openbis/sourceTest/sql/postgresql/162/062=spaces.tsv
+++ b/openbis/sourceTest/sql/postgresql/162/062=spaces.tsv
@@ -1,3 +1,5 @@
1 CISD \N 2008-11-05 09:18:10.893+01 2
2 TESTGROUP myDescription 2008-11-05 09:18:11.283+01 2
3 TEST-SPACE myDescription 2008-11-05 09:18:11.283+01 2
+4 AUTH-SPACE-1 authorization1 2008-11-05 09:18:11.283+01 2
+5 AUTH-SPACE-2 authorization2 2008-11-05 09:18:11.283+01 2