SSDM-6019 : Project Authorization - modify @RolesAllowed annotations at non-entity related methods

SVN: 39068

openbis/source/java/ch/ethz/sis/openbis/generic/server/asapi/v3/translator/dataset/DataSetHistoryTranslator.java

@@ -16,10 +16,14 @@
 
 package ch.ethz.sis.openbis.generic.server.asapi.v3.translator.dataset;
 
+import java.util.ArrayList;
 import java.util.Collection;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.history.DataSetRelationType;
@@ -29,9 +33,12 @@ import ch.ethz.sis.openbis.generic.asapi.v3.dto.history.RelationHistoryEntry;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.history.fetchoptions.HistoryEntryFetchOptions;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.person.Person;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.sample.id.SamplePermId;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.TranslationContext;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.experiment.IExperimentAuthorizationValidator;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryPropertyRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryRelationshipRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryTranslator;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.sample.ISampleAuthorizationValidator;
 import ch.systemsx.cisd.openbis.generic.shared.dto.RelationType;
 
 import it.unimi.dsi.fastutil.longs.LongOpenHashSet;
@@ -44,6 +51,15 @@ import net.lemnik.eodsql.QueryTool;
 public class DataSetHistoryTranslator extends HistoryTranslator implements IDataSetHistoryTranslator
 {
 
+    @Autowired
+    private IExperimentAuthorizationValidator experimentValidator;
+
+    @Autowired
+    private ISampleAuthorizationValidator sampleValidator;
+
+    @Autowired
+    private IDataSetAuthorizationValidator dataSetValidator;
+
     @Override
     protected List<HistoryPropertyRecord> loadPropertyHistory(Collection<Long> entityIds)
     {
@@ -52,10 +68,66 @@ public class DataSetHistoryTranslator extends HistoryTranslator implements IData
     }
 
     @Override
-    protected List<? extends HistoryRelationshipRecord> loadRelationshipHistory(Collection<Long> entityIds)
+    protected List<? extends HistoryRelationshipRecord> loadRelationshipHistory(TranslationContext context, Collection<Long> entityIds)
     {
         DataSetQuery query = QueryTool.getManagedQuery(DataSetQuery.class);
-        return query.getRelationshipsHistory(new LongOpenHashSet(entityIds));
+
+        List<DataSetRelationshipRecord> records = query.getRelationshipsHistory(new LongOpenHashSet(entityIds));
+        List<DataSetRelationshipRecord> validRecords = new ArrayList<DataSetRelationshipRecord>();
+
+        Set<Long> experimentIds = new HashSet<Long>();
+        Set<Long> sampleIds = new HashSet<Long>();
+        Set<Long> dataSetIds = new HashSet<Long>();
+
+        for (DataSetRelationshipRecord record : records)
+        {
+            if (record.experimentId != null)
+            {
+                experimentIds.add(record.experimentId);
+            } else if (record.sampleId != null)
+            {
+                sampleIds.add(record.sampleId);
+            } else if (record.dataSetId != null)
+            {
+                dataSetIds.add(record.dataSetId);
+            }
+        }
+
+        if (false == experimentIds.isEmpty())
+        {
+            experimentIds = experimentValidator.validate(context.getSession().tryGetPerson(), experimentIds);
+        }
+        if (false == sampleIds.isEmpty())
+        {
+            sampleIds = sampleValidator.validate(context.getSession().tryGetPerson(), sampleIds);
+        }
+        if (false == dataSetIds.isEmpty())
+        {
+            dataSetIds = dataSetValidator.validate(context.getSession().tryGetPerson(), dataSetIds);
+        }
+
+        for (DataSetRelationshipRecord record : records)
+        {
+            boolean isValid = false;
+
+            if (record.experimentId != null)
+            {
+                isValid = experimentIds.contains(record.experimentId);
+            } else if (record.sampleId != null)
+            {
+                isValid = sampleIds.contains(record.sampleId);
+            } else if (record.dataSetId != null)
+            {
+                isValid = dataSetIds.contains(record.dataSetId);
+            }
+
+            if (isValid)
+            {
+                validRecords.add(record);
+            }
+        }
+
+        return validRecords;
     }
 
     @Override

openbis/source/java/ch/ethz/sis/openbis/generic/server/asapi/v3/translator/experiment/ExperimentHistoryTranslator.java

@@ -16,14 +16,14 @@
 
 package ch.ethz.sis.openbis.generic.server.asapi.v3.translator.experiment;
 
-import it.unimi.dsi.fastutil.longs.LongOpenHashSet;
-
+import java.util.ArrayList;
 import java.util.Collection;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
-import net.lemnik.eodsql.QueryTool;
-
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.id.DataSetPermId;
@@ -33,9 +33,16 @@ import ch.ethz.sis.openbis.generic.asapi.v3.dto.history.fetchoptions.HistoryEntr
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.person.Person;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.project.id.ProjectPermId;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.sample.id.SamplePermId;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.TranslationContext;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.dataset.IDataSetAuthorizationValidator;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryPropertyRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryRelationshipRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryTranslator;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.project.IProjectAuthorizationValidator;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.sample.ISampleAuthorizationValidator;
+
+import it.unimi.dsi.fastutil.longs.LongOpenHashSet;
+import net.lemnik.eodsql.QueryTool;
 
 /**
  * @author pkupczyk
@@ -44,6 +51,15 @@ import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryTra
 public class ExperimentHistoryTranslator extends HistoryTranslator implements IExperimentHistoryTranslator
 {
 
+    @Autowired
+    private IProjectAuthorizationValidator projectValidator;
+
+    @Autowired
+    private ISampleAuthorizationValidator sampleValidator;
+
+    @Autowired
+    private IDataSetAuthorizationValidator dataSetValidator;
+
     @Override
     protected List<HistoryPropertyRecord> loadPropertyHistory(Collection<Long> entityIds)
     {
@@ -52,10 +68,66 @@ public class ExperimentHistoryTranslator extends HistoryTranslator implements IE
     }
 
     @Override
-    protected List<? extends HistoryRelationshipRecord> loadRelationshipHistory(Collection<Long> entityIds)
+    protected List<? extends HistoryRelationshipRecord> loadRelationshipHistory(TranslationContext context, Collection<Long> entityIds)
     {
         ExperimentQuery query = QueryTool.getManagedQuery(ExperimentQuery.class);
-        return query.getRelationshipsHistory(new LongOpenHashSet(entityIds));
+
+        List<ExperimentRelationshipRecord> records = query.getRelationshipsHistory(new LongOpenHashSet(entityIds));
+        List<ExperimentRelationshipRecord> validRecords = new ArrayList<ExperimentRelationshipRecord>();
+
+        Set<Long> projectIds = new HashSet<Long>();
+        Set<Long> sampleIds = new HashSet<Long>();
+        Set<Long> dataSetIds = new HashSet<Long>();
+
+        for (ExperimentRelationshipRecord record : records)
+        {
+            if (record.projectId != null)
+            {
+                projectIds.add(record.projectId);
+            } else if (record.sampleId != null)
+            {
+                sampleIds.add(record.sampleId);
+            } else if (record.dataSetId != null)
+            {
+                dataSetIds.add(record.dataSetId);
+            }
+        }
+
+        if (false == projectIds.isEmpty())
+        {
+            projectIds = projectValidator.validate(context.getSession().tryGetPerson(), projectIds);
+        }
+        if (false == sampleIds.isEmpty())
+        {
+            sampleIds = sampleValidator.validate(context.getSession().tryGetPerson(), sampleIds);
+        }
+        if (false == dataSetIds.isEmpty())
+        {
+            dataSetIds = dataSetValidator.validate(context.getSession().tryGetPerson(), dataSetIds);
+        }
+
+        for (ExperimentRelationshipRecord record : records)
+        {
+            boolean isValid = false;
+
+            if (record.projectId != null)
+            {
+                isValid = projectIds.contains(record.projectId);
+            } else if (record.sampleId != null)
+            {
+                isValid = sampleIds.contains(record.sampleId);
+            } else if (record.dataSetId != null)
+            {
+                isValid = dataSetIds.contains(record.dataSetId);
+            }
+
+            if (isValid)
+            {
+                validRecords.add(record);
+            }
+        }
+
+        return validRecords;
     }
 
     @Override

openbis/source/java/ch/ethz/sis/openbis/generic/server/asapi/v3/translator/history/HistoryTranslator.java

@@ -49,7 +49,7 @@ public abstract class HistoryTranslator extends AbstractCachingTranslator<Long,
 
     protected abstract List<? extends HistoryPropertyRecord> loadPropertyHistory(Collection<Long> entityIds);
 
-    protected abstract List<? extends HistoryRelationshipRecord> loadRelationshipHistory(Collection<Long> entityIds);
+    protected abstract List<? extends HistoryRelationshipRecord> loadRelationshipHistory(TranslationContext context, Collection<Long> entityIds);
 
     @Override
     protected ObjectHolder<List<HistoryEntry>> createObject(TranslationContext context, Long entityId, HistoryEntryFetchOptions fetchOptions)
@@ -61,7 +61,7 @@ public abstract class HistoryTranslator extends AbstractCachingTranslator<Long,
     protected Object getObjectsRelations(TranslationContext context, Collection<Long> entityIds, HistoryEntryFetchOptions fetchOptions)
     {
         List<? extends HistoryPropertyRecord> properties = loadPropertyHistory(entityIds);
-        List<? extends HistoryRelationshipRecord> relationships = loadRelationshipHistory(entityIds);
+        List<? extends HistoryRelationshipRecord> relationships = loadRelationshipHistory(context, entityIds);
 
         Map<Long, Person> authorMap = new HashMap<>();
 

openbis/source/java/ch/ethz/sis/openbis/generic/server/asapi/v3/translator/material/MaterialHistoryTranslator.java

@@ -25,6 +25,7 @@ import net.lemnik.eodsql.QueryTool;
 
 import org.springframework.stereotype.Component;
 
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.TranslationContext;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryPropertyRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryRelationshipRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryTranslator;
@@ -44,7 +45,7 @@ public class MaterialHistoryTranslator extends HistoryTranslator implements IMat
     }
 
     @Override
-    protected List<HistoryRelationshipRecord> loadRelationshipHistory(Collection<Long> entityIds)
+    protected List<HistoryRelationshipRecord> loadRelationshipHistory(TranslationContext context, Collection<Long> entityIds)
     {
         return null;
     }

openbis/source/java/ch/ethz/sis/openbis/generic/server/asapi/v3/translator/project/ProjectHistoryTranslator.java

@@ -16,14 +16,14 @@
 
 package ch.ethz.sis.openbis.generic.server.asapi.v3.translator.project;
 
-import it.unimi.dsi.fastutil.longs.LongOpenHashSet;
-
+import java.util.ArrayList;
 import java.util.Collection;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
-import net.lemnik.eodsql.QueryTool;
-
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.experiment.id.ExperimentPermId;
@@ -32,9 +32,15 @@ import ch.ethz.sis.openbis.generic.asapi.v3.dto.history.fetchoptions.HistoryEntr
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.person.Person;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.project.history.ProjectRelationType;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.space.id.SpacePermId;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.TranslationContext;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.experiment.IExperimentAuthorizationValidator;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryPropertyRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryRelationshipRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryTranslator;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.space.ISpaceAuthorizationValidator;
+
+import it.unimi.dsi.fastutil.longs.LongOpenHashSet;
+import net.lemnik.eodsql.QueryTool;
 
 /**
  * @author pkupczyk
@@ -43,6 +49,12 @@ import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryTra
 public class ProjectHistoryTranslator extends HistoryTranslator implements IProjectHistoryTranslator
 {
 
+    @Autowired
+    private ISpaceAuthorizationValidator spaceValidator;
+
+    @Autowired
+    private IExperimentAuthorizationValidator experimentValidator;
+
     @Override
     protected List<HistoryPropertyRecord> loadPropertyHistory(Collection<Long> entityIds)
     {
@@ -50,10 +62,55 @@ public class ProjectHistoryTranslator extends HistoryTranslator implements IProj
     }
 
     @Override
-    protected List<? extends HistoryRelationshipRecord> loadRelationshipHistory(Collection<Long> entityIds)
+    protected List<? extends HistoryRelationshipRecord> loadRelationshipHistory(TranslationContext context, Collection<Long> entityIds)
     {
         ProjectQuery query = QueryTool.getManagedQuery(ProjectQuery.class);
-        return query.getRelationshipsHistory(new LongOpenHashSet(entityIds));
+
+        List<ProjectRelationshipRecord> records = query.getRelationshipsHistory(new LongOpenHashSet(entityIds));
+        List<ProjectRelationshipRecord> validRecords = new ArrayList<ProjectRelationshipRecord>();
+
+        Set<Long> spaceIds = new HashSet<Long>();
+        Set<Long> experimentIds = new HashSet<Long>();
+
+        for (ProjectRelationshipRecord record : records)
+        {
+            if (record.spaceId != null)
+            {
+                spaceIds.add(record.spaceId);
+            } else if (record.experimentId != null)
+            {
+                experimentIds.add(record.experimentId);
+            }
+        }
+
+        if (false == spaceIds.isEmpty())
+        {
+            spaceIds = spaceValidator.validate(context.getSession().tryGetPerson(), spaceIds);
+        }
+        if (false == experimentIds.isEmpty())
+        {
+            experimentIds = experimentValidator.validate(context.getSession().tryGetPerson(), experimentIds);
+        }
+
+        for (ProjectRelationshipRecord record : records)
+        {
+            boolean isValid = false;
+
+            if (record.spaceId != null)
+            {
+                isValid = spaceIds.contains(record.spaceId);
+            } else if (record.experimentId != null)
+            {
+                isValid = experimentIds.contains(record.experimentId);
+            }
+
+            if (isValid)
+            {
+                validRecords.add(record);
+            }
+        }
+
+        return validRecords;
     }
 
     @Override

openbis/source/java/ch/ethz/sis/openbis/generic/server/asapi/v3/translator/sample/SampleHistoryTranslator.java

@@ -16,10 +16,14 @@
 
 package ch.ethz.sis.openbis.generic.server.asapi.v3.translator.sample;
 
+import java.util.ArrayList;
 import java.util.Collection;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.dataset.id.DataSetPermId;
@@ -30,9 +34,13 @@ import ch.ethz.sis.openbis.generic.asapi.v3.dto.person.Person;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.sample.history.SampleRelationType;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.sample.id.SamplePermId;
 import ch.ethz.sis.openbis.generic.asapi.v3.dto.space.id.SpacePermId;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.TranslationContext;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.dataset.IDataSetAuthorizationValidator;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.experiment.IExperimentAuthorizationValidator;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryPropertyRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryRelationshipRecord;
 import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.history.HistoryTranslator;
+import ch.ethz.sis.openbis.generic.server.asapi.v3.translator.space.ISpaceAuthorizationValidator;
 import ch.systemsx.cisd.openbis.generic.shared.dto.RelationType;
 
 import it.unimi.dsi.fastutil.longs.LongOpenHashSet;
@@ -45,6 +53,18 @@ import net.lemnik.eodsql.QueryTool;
 public class SampleHistoryTranslator extends HistoryTranslator implements ISampleHistoryTranslator
 {
 
+    @Autowired
+    private ISpaceAuthorizationValidator spaceValidator;
+
+    @Autowired
+    private IExperimentAuthorizationValidator experimentValidator;
+
+    @Autowired
+    private ISampleAuthorizationValidator sampleValidator;
+
+    @Autowired
+    private IDataSetAuthorizationValidator dataSetValidator;
+
     @Override
     protected List<HistoryPropertyRecord> loadPropertyHistory(Collection<Long> entityIds)
     {
@@ -53,10 +73,77 @@ public class SampleHistoryTranslator extends HistoryTranslator implements ISampl
     }
 
     @Override
-    protected List<? extends HistoryRelationshipRecord> loadRelationshipHistory(Collection<Long> entityIds)
+    protected List<? extends HistoryRelationshipRecord> loadRelationshipHistory(TranslationContext context, Collection<Long> entityIds)
     {
         SampleQuery query = QueryTool.getManagedQuery(SampleQuery.class);
-        return query.getRelationshipsHistory(new LongOpenHashSet(entityIds));
+
+        List<SampleRelationshipRecord> records = query.getRelationshipsHistory(new LongOpenHashSet(entityIds));
+        List<SampleRelationshipRecord> validRecords = new ArrayList<SampleRelationshipRecord>();
+
+        Set<Long> spaceIds = new HashSet<Long>();
+        Set<Long> experimentIds = new HashSet<Long>();
+        Set<Long> sampleIds = new HashSet<Long>();
+        Set<Long> dataSetIds = new HashSet<Long>();
+
+        for (SampleRelationshipRecord record : records)
+        {
+            if (record.spaceId != null)
+            {
+                spaceIds.add(record.spaceId);
+            } else if (record.experimentId != null)
+            {
+                experimentIds.add(record.experimentId);
+            } else if (record.sampleId != null)
+            {
+                sampleIds.add(record.sampleId);
+            } else if (record.dataSetId != null)
+            {
+                dataSetIds.add(record.dataSetId);
+            }
+        }
+
+        if (false == spaceIds.isEmpty())
+        {
+            spaceIds = spaceValidator.validate(context.getSession().tryGetPerson(), spaceIds);
+        }
+        if (false == experimentIds.isEmpty())
+        {
+            experimentIds = experimentValidator.validate(context.getSession().tryGetPerson(), experimentIds);
+        }
+        if (false == sampleIds.isEmpty())
+        {
+            sampleIds = sampleValidator.validate(context.getSession().tryGetPerson(), sampleIds);
+        }
+        if (false == dataSetIds.isEmpty())
+        {
+            dataSetIds = dataSetValidator.validate(context.getSession().tryGetPerson(), dataSetIds);
+        }
+
+        for (SampleRelationshipRecord record : records)
+        {
+            boolean isValid = false;
+
+            if (record.spaceId != null)
+            {
+                isValid = spaceIds.contains(record.spaceId);
+            } else if (record.experimentId != null)
+            {
+                isValid = experimentIds.contains(record.experimentId);
+            } else if (record.sampleId != null)
+            {
+                isValid = sampleIds.contains(record.sampleId);
+            } else if (record.dataSetId != null)
+            {
+                isValid = dataSetIds.contains(record.dataSetId);
+            }
+
+            if (isValid)
+            {
+                validRecords.add(record);
+            }
+        }
+
+        return validRecords;
     }
 
     @Override