LMS-1888 IEncapsulatedOpenBISService extended for checking INSTANCE_ADMIN...

LMS-1888 IEncapsulatedOpenBISService extended for checking INSTANCE_ADMIN rights. Check data sets access rights for a set instead for a list of data set codes

SVN: 18882

datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/AbstractDssServiceRpc.java

@@ -18,9 +18,10 @@ package ch.systemsx.cisd.openbis.dss.generic.server;
 
 import java.io.File;
 import java.io.IOException;
+import java.util.ArrayList;
 import java.util.HashMap;
-import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import org.apache.log4j.Logger;
 
@@ -167,7 +168,7 @@ public abstract class AbstractDssServiceRpc<T> extends AbstractServiceWithLogger
     /**
      * Asserts that specified data sets are all accessible by the user of the specified session.
      */
-    protected void checkDatasetsAuthorization(String sessionToken, List<String> dataSetCodes)
+    protected void checkDatasetsAuthorization(String sessionToken, Set<String> dataSetCodes)
     {
         if (isSessionAuthorizedForDatasets(sessionToken, dataSetCodes) == false)
         {
@@ -185,7 +186,7 @@ public abstract class AbstractDssServiceRpc<T> extends AbstractServiceWithLogger
      * @param dataSetCodes The data set codes we want to check access for.
      * @return True if all the data sets are accessible, false if one or more are not accessible.
      */
-    protected boolean isSessionAuthorizedForDatasets(String sessionToken, List<String> dataSetCodes)
+    protected boolean isSessionAuthorizedForDatasets(String sessionToken, Set<String> dataSetCodes)
     {
         boolean access;
         if (operationLog.isInfoEnabled())
@@ -196,7 +197,7 @@ public abstract class AbstractDssServiceRpc<T> extends AbstractServiceWithLogger
 
         try
         {
-            openBISService.checkDataSetCollectionAccess(sessionToken, dataSetCodes);
+            openBISService.checkDataSetCollectionAccess(sessionToken, new ArrayList<String>(dataSetCodes));
             access = true;
         } catch (UserFailureException ex)
         {
@@ -231,7 +232,7 @@ public abstract class AbstractDssServiceRpc<T> extends AbstractServiceWithLogger
      * Return a map keyed by data set code with value root directory for that data set.
      */
     protected Map<String, File> checkAccessAndGetRootDirectories(String sessionToken,
-            List<String> dataSetCodes) throws IllegalArgumentException
+            Set<String> dataSetCodes) throws IllegalArgumentException
     {
         if (isSessionAuthorizedForDatasets(sessionToken, dataSetCodes) == false)
         {

datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/server/EncapsulatedOpenBISService.java

@@ -643,6 +643,12 @@ public final class EncapsulatedOpenBISService implements IEncapsulatedOpenBISSer
         return service.tryGetDataSet(sToken, dataSetCode);
     }
 
+    synchronized public void checkInstanceAdminAuthorization(String sToken) throws UserFailureException
+    {
+        checkSessionToken();
+        service.checkInstanceAdminAuthorization(sToken);
+    }
+
     synchronized public void checkDataSetAccess(String sToken, String dataSetCode)
             throws UserFailureException
     {

datastore_server/source/java/ch/systemsx/cisd/openbis/dss/generic/shared/IEncapsulatedOpenBISService.java

@@ -61,6 +61,11 @@ public interface IEncapsulatedOpenBISService
      */
     public ExternalData tryGetDataSet(final String sessionToken, final String dataSetCode)
             throws UserFailureException;
+    
+    /**
+     * Checks if the current user has INSTANCE_ADMIN access rights.
+     */
+    public void checkInstanceAdminAuthorization(String sessionToken) throws UserFailureException;
 
     /**
      * Checks if the current user has access rights to a dataset with the specified data set code.