diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationDataProvider.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationDataProvider.java
index 6adc2ad3308e43650d4b3df62e87d4183a37237c..41b9259ad18219b5142a4f606ddceef4bbe13088 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationDataProvider.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationDataProvider.java
@@ -229,10 +229,10 @@ final public class AuthorizationDataProvider implements IAuthorizationDataProvid
}
@Override
- public Set<SampleAccessPE> getSampleCollectionAccessData(List<TechId> sampleTechIds)
+ public Set<SampleAccessPE> getSampleCollectionAccessDataByTechIds(List<TechId> sampleTechIds)
{
Session sess = daoFactory.getSessionFactory().getCurrentSession();
- final Query query = sess.getNamedQuery(SampleAccessPE.SAMPLE_ACCESS_QUERY_NAME);
+ final Query query = sess.getNamedQuery(SampleAccessPE.SAMPLE_ACCESS_BY_TECH_IDS_QUERY_NAME);
query.setReadOnly(true);
final Set<SampleAccessPE> fullResults = new HashSet<SampleAccessPE>();
@@ -269,6 +269,47 @@ final public class AuthorizationDataProvider implements IAuthorizationDataProvid
return fullResults;
}
+ @Override
+ public Set<SampleAccessPE> getSampleCollectionAccessDataByPermIds(List<PermId> samplePermIds)
+ {
+ Session sess = daoFactory.getSessionFactory().getCurrentSession();
+ final Query query = sess.getNamedQuery(SampleAccessPE.SAMPLE_ACCESS_BY_PERM_IDS_QUERY_NAME);
+ query.setReadOnly(true);
+
+ final Set<SampleAccessPE> fullResults = new HashSet<SampleAccessPE>();
+
+ BatchOperationExecutor.executeInBatches(new IBatchOperation<PermId>()
+ {
+ @Override
+ public void execute(List<PermId> entities)
+ {
+ query.setParameterList(SampleAccessPE.SAMPLE_IDS_PARAMETER_NAME, PermId.asStrings(entities));
+ List<SampleAccessPE> singleResults = cast(query.list());
+ fullResults.addAll(singleResults);
+ }
+
+ @Override
+ public List<PermId> getAllEntities()
+ {
+ return samplePermIds;
+ }
+
+ @Override
+ public String getEntityName()
+ {
+ return "sample";
+ }
+
+ @Override
+ public String getOperationName()
+ {
+ return "authorization";
+ }
+ });
+
+ return fullResults;
+ }
+
@Override
public Set<DataSetAccessPE> getDeletedDatasetCollectionAccessData(final List<TechId> deletionIds)
{
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/IAuthorizationDataProvider.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/IAuthorizationDataProvider.java
index 4a6e92e3fe20c6e151200b23c07ab9dca7ec9029..bff4c99de360637878ce72aec0d15020ce52c88d 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/IAuthorizationDataProvider.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/IAuthorizationDataProvider.java
@@ -155,7 +155,12 @@ public interface IAuthorizationDataProvider
/**
* Returns the information necessary to determine if a user is allowed to access the samples.
*/
- public Set<SampleAccessPE> getSampleCollectionAccessData(List<TechId> sampleIds);
+ public Set<SampleAccessPE> getSampleCollectionAccessDataByTechIds(List<TechId> sampleIds);
+
+ /**
+ * Returns the information necessary to determine if a user is allowed to access the samples.
+ */
+ public Set<SampleAccessPE> getSampleCollectionAccessDataByPermIds(List<PermId> samplePermIds);
/**
* Returns the information necessary to determine if a user is allowed to access the experiments.
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleTechIdCollectionPredicate.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleTechIdCollectionPredicate.java
index 7681cc1da1bf598d7953ae06230372be10d37a15..e9a3afaf45ad79e467327f2b5aa4e46f32a5f824 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleTechIdCollectionPredicate.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleTechIdCollectionPredicate.java
@@ -45,7 +45,7 @@ public class SampleTechIdCollectionPredicate extends DelegatedPredicate<Collecti
@Override
public Collection<SampleAccessPE> tryConvert(List<TechId> techIds)
{
- return authorizationDataProvider.getSampleCollectionAccessData(techIds);
+ return authorizationDataProvider.getSampleCollectionAccessDataByTechIds(techIds);
}
@Override
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleTechIdPredicate.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleTechIdPredicate.java
index 64b1eb0aa2605dcfc45350c00a0a0f168a7f1791..b550773f6a4bbdfc3bd2276ebb2f40984ad5aa71 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleTechIdPredicate.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleTechIdPredicate.java
@@ -69,7 +69,7 @@ public class SampleTechIdPredicate extends AbstractDatabaseInstancePredicate<Tec
final TechId techId)
{
Set<SampleAccessPE> samples =
- authorizationDataProvider.getSampleCollectionAccessData(techId != null ? Arrays.asList(techId) : Arrays.asList());
+ authorizationDataProvider.getSampleCollectionAccessDataByTechIds(techId != null ? Arrays.asList(techId) : Arrays.asList());
return sampleAccessPECollectionPredicate.doEvaluation(person, allowedRoles, samples);
}
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/AbstractValidator.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/AbstractValidator.java
index 5c5ee7a10a12f399e74146b62ad8ba1ec13cbb91..e105256b6c339f07adac46894217c6707fea2a08 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/AbstractValidator.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/AbstractValidator.java
@@ -17,6 +17,11 @@
package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
+import ch.systemsx.cisd.openbis.generic.server.authorization.project.IProjectAuthorization;
+import ch.systemsx.cisd.openbis.generic.server.authorization.project.ProjectAuthorizationBuilder;
+import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.object.IObjectsProvider;
+import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.role.RolesProviderFromPersonPE;
+import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.user.UserProviderFromPersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
/**
@@ -49,6 +54,18 @@ public abstract class AbstractValidator<T> implements IValidator<T>
return doValidation(person, value);
}
+ protected <O> boolean isValidPA(PersonPE person, IObjectsProvider<O> provider)
+ {
+ IProjectAuthorization<O> pa = new ProjectAuthorizationBuilder<O>()
+ .withData(authorizationDataProvider)
+ .withUser(new UserProviderFromPersonPE(person))
+ .withRoles(new RolesProviderFromPersonPE(person))
+ .withObjects(provider)
+ .build();
+
+ return pa.getObjectsWithoutAccess().isEmpty();
+ }
+
@Override
public void init(
@SuppressWarnings("hiding") IAuthorizationDataProvider authorizationDataProvider)
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ExperimentByIdentiferValidator.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ExperimentByIdentiferValidator.java
index e42abb23e5754e25fda48461df9f0af433b5feb7..1c740dc9151bf145f93dd157dbb68b5933f7fd31 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ExperimentByIdentiferValidator.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ExperimentByIdentiferValidator.java
@@ -16,11 +16,7 @@
package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.IProjectAuthorization;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.ProjectAuthorizationBuilder;
import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromExperimentIIdentifierHolder;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.role.RolesProviderFromPersonPE;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.user.UserProviderFromPersonPE;
import ch.systemsx.cisd.openbis.generic.shared.basic.IIdentifierHolder;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.ExperimentIdentifierFactory;
@@ -48,14 +44,7 @@ public class ExperimentByIdentiferValidator extends AbstractIdentifierValidator
return result;
} else
{
- IProjectAuthorization<IIdentifierHolder> pa = new ProjectAuthorizationBuilder<IIdentifierHolder>()
- .withData(authorizationDataProvider)
- .withUser(new UserProviderFromPersonPE(person))
- .withRoles(new RolesProviderFromPersonPE(person))
- .withObjects(new ProjectProviderFromExperimentIIdentifierHolder(value))
- .build();
-
- return pa.getObjectsWithoutAccess().isEmpty();
+ return isValidPA(person, new ProjectProviderFromExperimentIIdentifierHolder(value));
}
}
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ExperimentValidator.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ExperimentValidator.java
index 64eaaa6982de97d948cad6a1a39e0c0728e146db..10f5da8acacf360584ce40aaf1a381a43b14faab 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ExperimentValidator.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ExperimentValidator.java
@@ -16,13 +16,8 @@
package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.IProjectAuthorization;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.ProjectAuthorizationBuilder;
import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromProject;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.role.RolesProviderFromPersonPE;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.user.UserProviderFromPersonPE;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Experiment;
-import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Project;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
@@ -55,14 +50,7 @@ public final class ExperimentValidator extends AbstractValidator<Experiment>
return result;
} else
{
- IProjectAuthorization<Project> pa = new ProjectAuthorizationBuilder<Project>()
- .withData(authorizationDataProvider)
- .withUser(new UserProviderFromPersonPE(person))
- .withRoles(new RolesProviderFromPersonPE(person))
- .withObjects(new ProjectProviderFromProject(value.getProject()))
- .build();
-
- return pa.getObjectsWithoutAccess().isEmpty();
+ return isValidPA(person, new ProjectProviderFromProject(value.getProject()));
}
}
}
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidator.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidator.java
index 25c65554eaf0bd792b92e0a0100a3886af027659..1fa20f166a219718838e73a97e7fe0ba85267454 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidator.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidator.java
@@ -16,11 +16,7 @@
package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.IProjectAuthorization;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.ProjectAuthorizationBuilder;
import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromProjectIIdentifierHolder;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.role.RolesProviderFromPersonPE;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.user.UserProviderFromPersonPE;
import ch.systemsx.cisd.openbis.generic.shared.basic.IIdentifierHolder;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.ProjectIdentifierFactory;
@@ -48,14 +44,7 @@ public class ProjectByIdentiferValidator extends AbstractIdentifierValidator
return result;
} else
{
- IProjectAuthorization<IIdentifierHolder> pa = new ProjectAuthorizationBuilder<IIdentifierHolder>()
- .withData(authorizationDataProvider)
- .withUser(new UserProviderFromPersonPE(person))
- .withRoles(new RolesProviderFromPersonPE(person))
- .withObjects(new ProjectProviderFromProjectIIdentifierHolder(value))
- .build();
-
- return pa.getObjectsWithoutAccess().isEmpty();
+ return isValidPA(person, new ProjectProviderFromProjectIIdentifierHolder(value));
}
}
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidator.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidator.java
index 2fab953d90fef66171eb4d282fe4608cc0fd89d6..1ca75371f23768272cf62bf147ffea0e261e7eb0 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidator.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidator.java
@@ -16,11 +16,7 @@
package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.IProjectAuthorization;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.ProjectAuthorizationBuilder;
import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromProject;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.role.RolesProviderFromPersonPE;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.user.UserProviderFromPersonPE;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Project;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
@@ -53,14 +49,7 @@ public final class ProjectValidator extends AbstractValidator<Project>
return result;
} else
{
- IProjectAuthorization<Project> pa = new ProjectAuthorizationBuilder<Project>()
- .withData(authorizationDataProvider)
- .withUser(new UserProviderFromPersonPE(person))
- .withRoles(new RolesProviderFromPersonPE(person))
- .withObjects(new ProjectProviderFromProject(value))
- .build();
-
- return pa.getObjectsWithoutAccess().isEmpty();
+ return isValidPA(person, new ProjectProviderFromProject(value));
}
}
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SampleByIdentiferValidator.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SampleByIdentiferValidator.java
index fc8a760344524017d73a16bceb28c613a5aba43b..e960d58ce3646c4861f01922c82ad2aa87caa6ee 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SampleByIdentiferValidator.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SampleByIdentiferValidator.java
@@ -16,11 +16,7 @@
package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.IProjectAuthorization;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.ProjectAuthorizationBuilder;
import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromSampleIdentifierString;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.role.RolesProviderFromPersonPE;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.user.UserProviderFromPersonPE;
import ch.systemsx.cisd.openbis.generic.shared.basic.IIdentifierHolder;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SampleIdentifierFactory;
@@ -53,14 +49,7 @@ public class SampleByIdentiferValidator extends AbstractIdentifierValidator
return result;
} else
{
- IProjectAuthorization<String> pa = new ProjectAuthorizationBuilder<String>()
- .withData(authorizationDataProvider)
- .withUser(new UserProviderFromPersonPE(person))
- .withRoles(new RolesProviderFromPersonPE(person))
- .withObjects(new ProjectProviderFromSampleIdentifierString(value.getIdentifier()))
- .build();
-
- return pa.getObjectsWithoutAccess().isEmpty();
+ return isValidPA(person, new ProjectProviderFromSampleIdentifierString(value.getIdentifier()));
}
}
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SampleValidator.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SampleValidator.java
index 464956a35fb4656ad25fa4e5dc9c3faad351a3ea..9643cd76a06b561431f5eeab0e8ac909e6ceb875 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SampleValidator.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/SampleValidator.java
@@ -16,11 +16,7 @@
package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.IProjectAuthorization;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.ProjectAuthorizationBuilder;
import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromSample;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.role.RolesProviderFromPersonPE;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.user.UserProviderFromPersonPE;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Sample;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
@@ -62,14 +58,7 @@ public final class SampleValidator extends AbstractValidator<Sample>
return result;
} else
{
- IProjectAuthorization<Sample> pa = new ProjectAuthorizationBuilder<Sample>()
- .withData(authorizationDataProvider)
- .withUser(new UserProviderFromPersonPE(person))
- .withRoles(new RolesProviderFromPersonPE(person))
- .withObjects(new ProjectProviderFromSample(value))
- .build();
-
- return pa.getObjectsWithoutAccess().isEmpty();
+ return isValidPA(person, new ProjectProviderFromSample(value));
}
}
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/PermId.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/PermId.java
index 52c2f62184395b290b388328b3317c3d230cafd5..4787e8463e42fe4dc2b62f7cca5cf5459531c7c1 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/PermId.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/PermId.java
@@ -17,6 +17,8 @@
package ch.systemsx.cisd.openbis.generic.shared.dto;
import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
import ch.systemsx.cisd.openbis.generic.shared.basic.IPermIdHolder;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.ServiceVersionHolder;
@@ -64,6 +66,16 @@ public class PermId implements Serializable
}
}
+ public static List<String> asStrings(List<PermId> permIds)
+ {
+ List<String> results = new ArrayList<String>();
+ for (PermId permId : permIds)
+ {
+ results.add(permId.getId());
+ }
+ return results;
+ }
+
@Override
public final boolean equals(final Object obj)
{
diff --git a/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/SampleAccessPE.java b/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/SampleAccessPE.java
index 69fec9dcaef321ebdcd55c92d2e24fb3d1902505..6df0e9eb4cfb320d18968622e69052e7f8fc91e7 100644
--- a/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/SampleAccessPE.java
+++ b/openbis/source/java/ch/systemsx/cisd/openbis/generic/shared/dto/SampleAccessPE.java
@@ -35,7 +35,8 @@ import org.apache.commons.lang.builder.ToStringBuilder;
@Entity
@SqlResultSetMapping(name = SampleAccessPE.RESULT_SET_MAPPING, entities = @EntityResult(entityClass = SampleAccessPE.class))
@NamedNativeQueries(value = {
- @NamedNativeQuery(name = SampleAccessPE.SAMPLE_ACCESS_QUERY_NAME, query = SampleAccessPE.SAMPLE_ACCESS_QUERY, resultSetMapping = SampleAccessPE.RESULT_SET_MAPPING),
+ @NamedNativeQuery(name = SampleAccessPE.SAMPLE_ACCESS_BY_TECH_IDS_QUERY_NAME, query = SampleAccessPE.SAMPLE_ACCESS_BY_TECH_IDS_QUERY, resultSetMapping = SampleAccessPE.RESULT_SET_MAPPING),
+ @NamedNativeQuery(name = SampleAccessPE.SAMPLE_ACCESS_BY_PERM_IDS_QUERY_NAME, query = SampleAccessPE.SAMPLE_ACCESS_BY_PERM_IDS_QUERY, resultSetMapping = SampleAccessPE.RESULT_SET_MAPPING),
@NamedNativeQuery(name = SampleAccessPE.DELETED_SAMPLE_ACCESS_QUERY_NAME, query = SampleAccessPE.DELETED_SAMPLE_ACCESS_QUERY, resultSetMapping = SampleAccessPE.RESULT_SET_MAPPING) })
public class SampleAccessPE
{
@@ -54,8 +55,11 @@ public class SampleAccessPE
+ TableNames.EXPERIMENTS_ALL_TABLE
+ " e on s.expe_id = e.id left outer join "
+ TableNames.PROJECTS_TABLE
- + " ep on e.proj_id = ep.id "
- + "WHERE s.id in (:ids)";
+ + " ep on e.proj_id = ep.id ";
+
+ public final static String SAMPLE_ACCESS_BY_TECH_IDS_QUERY = SAMPLE_ACCESS_QUERY + "WHERE s.id in (:ids)";
+
+ public final static String SAMPLE_ACCESS_BY_PERM_IDS_QUERY = SAMPLE_ACCESS_QUERY + "WHERE s.perm_id in (:ids)";
public final static String DELETED_SAMPLE_ACCESS_QUERY =
"SELECT g.code as spaceCode, p.code as projectCode, ep.code as experimentProjectCode, e.code as experimentCode, s.code as sampleCode, c.code as containerCode "
@@ -74,7 +78,9 @@ public class SampleAccessPE
+ " ep on e.proj_id = ep.id "
+ "WHERE s.del_id in (:del_ids)";
- public final static String SAMPLE_ACCESS_QUERY_NAME = "sample_access";
+ public final static String SAMPLE_ACCESS_BY_TECH_IDS_QUERY_NAME = "sample_access_by_tech_ids";
+
+ public final static String SAMPLE_ACCESS_BY_PERM_IDS_QUERY_NAME = "sample_access_by_perm_ids";
public final static String DELETED_SAMPLE_ACCESS_QUERY_NAME = "deleted_sample_access";
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ListSampleCriteriaPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ListSampleCriteriaPredicateTest.java
index de6c36248e55fadd0ace613cc8b5893b6754a88a..c84509207f8f16a057b2ee4a18890805eb97d5b0 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ListSampleCriteriaPredicateTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/ListSampleCriteriaPredicateTest.java
@@ -179,7 +179,7 @@ public class ListSampleCriteriaPredicateTest extends AuthorizationTestCase
context.checking(new Expectations()
{
{
- one(provider).getSampleCollectionAccessData(Arrays.asList(new TechId(42L)));
+ one(provider).getSampleCollectionAccessDataByTechIds(Arrays.asList(new TechId(42L)));
will(returnValue(Collections.singleton(sampleAccess)));
}
});
@@ -204,7 +204,7 @@ public class ListSampleCriteriaPredicateTest extends AuthorizationTestCase
context.checking(new Expectations()
{
{
- one(provider).getSampleCollectionAccessData(Arrays.asList(new TechId(42L)));
+ one(provider).getSampleCollectionAccessDataByTechIds(Arrays.asList(new TechId(42L)));
will(returnValue(Collections.singleton(containerAccess)));
}
});
diff --git a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleUpdatesCollectionPredicateTest.java b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleUpdatesCollectionPredicateTest.java
index f1854bb92e914fc772416efae978d2cdab35f4dc..d33feb14477ad7400a3da9c7e4b2cbc92ed15a40 100644
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleUpdatesCollectionPredicateTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/SampleUpdatesCollectionPredicateTest.java
@@ -61,7 +61,7 @@ public class SampleUpdatesCollectionPredicateTest extends AuthorizationTestCase
allowing(provider).getAuthorizationConfig();
will(returnValue(new TestAuthorizationConfig(false, false)));
- one(provider).getSampleCollectionAccessData(TechId.createList(42L, 43L, 44L));
+ one(provider).getSampleCollectionAccessDataByTechIds(TechId.createList(42L, 43L, 44L));
will(returnValue(Collections.singleton(sampleAccess)));
}
});
@@ -98,7 +98,7 @@ public class SampleUpdatesCollectionPredicateTest extends AuthorizationTestCase
allowing(provider).getAuthorizationConfig();
will(returnValue(new TestAuthorizationConfig(false, false)));
- one(provider).getSampleCollectionAccessData(TechId.createList(42L, 43L, 44L));
+ one(provider).getSampleCollectionAccessDataByTechIds(TechId.createList(42L, 43L, 44L));
will(returnValue(Collections.singleton(sampleAccess)));
}
});
@@ -171,7 +171,7 @@ public class SampleUpdatesCollectionPredicateTest extends AuthorizationTestCase
allowing(provider).getAuthorizationConfig();
will(returnValue(new TestAuthorizationConfig(false, false)));
- one(provider).getSampleCollectionAccessData(TechId.createList(42L, 43L, 44L));
+ one(provider).getSampleCollectionAccessDataByTechIds(TechId.createList(42L, 43L, 44L));
will(returnValue(Collections.singleton(sampleAccess)));
}
});
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ExperimentReferenceValidator.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ExperimentReferenceValidator.java
new file mode 100644
index 0000000000000000000000000000000000000000..31089e70ad9780d1d0a904a1367db56ee5f23691
--- /dev/null
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ExperimentReferenceValidator.java
@@ -0,0 +1,108 @@
+/*
+ * Copyright 2010 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.plugin.screening.server.authorization;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
+import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromExperimentIdentifierString;
+import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromExperimentPE;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.AbstractValidator;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.SimpleSpaceValidator;
+import ch.systemsx.cisd.openbis.generic.shared.basic.ICodeHolder;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.ExperimentIdentifier;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+
+/**
+ * @author pkupczyk
+ */
+public class ExperimentReferenceValidator extends AbstractValidator<ExperimentReference>
+{
+
+ private SimpleSpaceValidator spaceValidator = new SimpleSpaceValidator();
+
+ @Override
+ public void init(IAuthorizationDataProvider provider)
+ {
+ super.init(provider);
+ spaceValidator.init(provider);
+ }
+
+ @Override
+ public boolean doValidation(PersonPE person, ExperimentReference value)
+ {
+ if (value.getSpaceCode() != null)
+ {
+ boolean result = spaceValidator.doValidation(person, new ICodeHolder()
+ {
+ @Override
+ public String getCode()
+ {
+ return value.getSpaceCode();
+ }
+ });
+
+ if (result)
+ {
+ return result;
+ } else if (value.getProjectCode() != null && value.getCode() != null)
+ {
+ ExperimentIdentifier experimentIdentifier =
+ new ExperimentIdentifier(value.getSpaceCode(), value.getProjectCode(), value.getCode());
+
+ return isValidPA(person, new ProjectProviderFromExperimentIdentifierString(experimentIdentifier.toString()));
+ } else
+ {
+ return false;
+ }
+ }
+
+ if (value.getPermId() != null)
+ {
+ ExperimentPE experimentPE = authorizationDataProvider.tryGetExperimentByPermId(value.getPermId());
+ return isValid(person, experimentPE);
+ }
+
+ if (value.getId() != null)
+ {
+ ExperimentPE experimentPE = authorizationDataProvider.tryGetExperimentByTechId(new TechId(value.getId()));
+ return isValid(person, experimentPE);
+ }
+
+ return false;
+ }
+
+ private boolean isValid(PersonPE person, ExperimentPE experimentPE)
+ {
+ if (experimentPE != null)
+ {
+ if (spaceValidator.doValidation(person, experimentPE.getProject().getSpace()))
+ {
+ return true;
+ }
+
+ if (isValidPA(person, new ProjectProviderFromExperimentPE(experimentPE)))
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+}
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/MaterialExperimentFeatureVectorSummaryValidator.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/MaterialExperimentFeatureVectorSummaryValidator.java
index cecf50fd858ffd4bc81173401c5cf26d71142780..03cf7d4169c1f04f57df6e530de34ad7f7e924ad 100644
--- a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/MaterialExperimentFeatureVectorSummaryValidator.java
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/MaterialExperimentFeatureVectorSummaryValidator.java
@@ -16,6 +16,9 @@
package ch.systemsx.cisd.openbis.plugin.screening.server.authorization;
+import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.AbstractValidator;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.MaterialSimpleFeatureVectorSummary;
/**
@@ -23,13 +26,22 @@ import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.MaterialSimple
*
* @author Tomasz Pylak
*/
-public class MaterialExperimentFeatureVectorSummaryValidator extends
- SpaceValidator<MaterialSimpleFeatureVectorSummary>
+public class MaterialExperimentFeatureVectorSummaryValidator extends AbstractValidator<MaterialSimpleFeatureVectorSummary>
{
+
+ private ExperimentReferenceValidator referenceValidator = new ExperimentReferenceValidator();
+
+ @Override
+ public void init(IAuthorizationDataProvider provider)
+ {
+ super.init(provider);
+ referenceValidator.init(provider);
+ }
+
@Override
- protected String getSpace(MaterialSimpleFeatureVectorSummary value)
+ public boolean doValidation(PersonPE person, MaterialSimpleFeatureVectorSummary value)
{
- return value.getExperiment().getSpaceCode();
+ return referenceValidator.doValidation(person, value.getExperiment());
}
}
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateIdentifierPredicate.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateIdentifierPredicate.java
index 7995c8947d1dd32e24e0a7d703676a68593171c0..fed87bbe6268a4fd42ba4d7a3f6aaf75948d6154 100644
--- a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateIdentifierPredicate.java
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateIdentifierPredicate.java
@@ -22,11 +22,11 @@ import ch.systemsx.cisd.common.exceptions.Status;
import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractSpacePredicate;
-import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.SampleOwnerIdentifierPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.SampleIdentifierPredicate;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.SamplePE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SampleIdentifier;
import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SampleIdentifierFactory;
-import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SampleOwnerIdentifier;
import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
/**
@@ -39,7 +39,7 @@ import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifi
public class PlateIdentifierPredicate extends AbstractSpacePredicate<PlateIdentifier>
{
- private final SampleOwnerIdentifierPredicate sampleOwnerIdentifierPredicate;
+ private final SampleIdentifierPredicate sampleIdentifierPredicate;
public PlateIdentifierPredicate()
{
@@ -48,7 +48,7 @@ public class PlateIdentifierPredicate extends AbstractSpacePredicate<PlateIdenti
public PlateIdentifierPredicate(boolean isReadAccess)
{
- sampleOwnerIdentifierPredicate = new SampleOwnerIdentifierPredicate(isReadAccess);
+ sampleIdentifierPredicate = new SampleIdentifierPredicate(isReadAccess);
}
//
@@ -59,7 +59,7 @@ public class PlateIdentifierPredicate extends AbstractSpacePredicate<PlateIdenti
public final void init(IAuthorizationDataProvider provider)
{
super.init(provider);
- sampleOwnerIdentifierPredicate.init(provider);
+ sampleIdentifierPredicate.init(provider);
}
@Override
@@ -72,7 +72,7 @@ public class PlateIdentifierPredicate extends AbstractSpacePredicate<PlateIdenti
protected Status doEvaluation(PersonPE person, List<RoleWithIdentifier> allowedRoles,
PlateIdentifier value)
{
- final SampleOwnerIdentifier plateOwner;
+ final SampleIdentifier plateIdentifier;
if (value.getPermId() != null)
{
@@ -83,18 +83,17 @@ public class PlateIdentifierPredicate extends AbstractSpacePredicate<PlateIdenti
return Status.createError(String.format(
"User '%s' does not have enough privileges.", person.getUserId()));
}
- plateOwner = sample.getSampleIdentifier();
+ plateIdentifier = sample.getSampleIdentifier();
} else
{
- plateOwner = SampleIdentifierFactory.parse(value.getAugmentedCode());
+ plateIdentifier = SampleIdentifierFactory.parse(value.getAugmentedCode());
}
- return performSampleOwnerPredicateEvaluation(person, allowedRoles, plateOwner);
+ return performSamplePredicateEvaluation(person, allowedRoles, plateIdentifier);
}
- @SuppressWarnings("deprecation")
- private Status performSampleOwnerPredicateEvaluation(PersonPE person,
- List<RoleWithIdentifier> allowedRoles, SampleOwnerIdentifier sampleOwner)
+ private Status performSamplePredicateEvaluation(PersonPE person,
+ List<RoleWithIdentifier> allowedRoles, SampleIdentifier sampleIdentifier)
{
- return sampleOwnerIdentifierPredicate.performEvaluation(person, allowedRoles, sampleOwner);
+ return sampleIdentifierPredicate.evaluate(person, allowedRoles, sampleIdentifier);
}
}
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateValidator.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateValidator.java
new file mode 100644
index 0000000000000000000000000000000000000000..56be750ef56c317037119135fd23b68aeeadcded
--- /dev/null
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateValidator.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.plugin.screening.server.authorization;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.AbstractValidator;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.ExperimentByIdentiferValidator;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.SimpleSpaceValidator;
+import ch.systemsx.cisd.openbis.generic.shared.basic.ICodeHolder;
+import ch.systemsx.cisd.openbis.generic.shared.basic.IIdentifierHolder;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.Plate;
+
+/**
+ * @author pkupczyk
+ */
+public class PlateValidator extends AbstractValidator<Plate>
+{
+
+ private SimpleSpaceValidator spaceValidator = new SimpleSpaceValidator();
+
+ private ExperimentByIdentiferValidator experimentValidator = new ExperimentByIdentiferValidator();
+
+ @Override
+ public void init(IAuthorizationDataProvider provider)
+ {
+ super.init(provider);
+ experimentValidator.init(provider);
+ }
+
+ @Override
+ public boolean doValidation(PersonPE person, Plate value)
+ {
+ if (value.tryGetSpaceCode() != null)
+ {
+ boolean result = spaceValidator.doValidation(person, new ICodeHolder()
+ {
+ @Override
+ public String getCode()
+ {
+ return value.tryGetSpaceCode();
+ }
+ });
+ if (result)
+ {
+ return result;
+ }
+ }
+
+ if (value.getExperimentIdentifier() != null)
+ {
+ return experimentValidator.doValidation(person, new IIdentifierHolder()
+ {
+ @Override
+ public String getIdentifier()
+ {
+ return value.getExperimentIdentifier().getAugmentedCode();
+ }
+ });
+ }
+
+ return false;
+ }
+
+}
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateWellReferenceWithDatasetsValidator.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateWellReferenceWithDatasetsValidator.java
index bf0016ae54f4d68c761b98d0f6abeccf7bdf8257..fa97307192b1f29e1b2470c3b5b9ba441868f549 100644
--- a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateWellReferenceWithDatasetsValidator.java
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/PlateWellReferenceWithDatasetsValidator.java
@@ -16,12 +16,9 @@
package ch.systemsx.cisd.openbis.plugin.screening.server.authorization;
-import java.util.Set;
-
+import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
import ch.systemsx.cisd.openbis.generic.server.authorization.validator.AbstractValidator;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.RoleAssignmentPE;
import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateWellReferenceWithDatasets;
/**
@@ -35,27 +32,19 @@ public class PlateWellReferenceWithDatasetsValidator extends
AbstractValidator<PlateWellReferenceWithDatasets>
{
+ private PlateValidator plateValidator = new PlateValidator();
+
+ @Override
+ public void init(IAuthorizationDataProvider provider)
+ {
+ super.init(provider);
+ plateValidator.init(provider);
+ }
+
@Override
public boolean doValidation(PersonPE person, PlateWellReferenceWithDatasets value)
{
- final String spaceCode =
- value.getExperimentPlateIdentifier().getExperimentIdentifier().getSpaceCode();
- final Set<RoleAssignmentPE> roleAssignments = person.getAllPersonRoles();
- for (final RoleAssignmentPE roleAssignment : roleAssignments)
- {
- if (roleAssignment.getSpace() == null)
- {
- // All roles on the db level allow full read access.
- // Note: Here we assume that we operate on _the only_ db instance (the home db)!
- return true;
- }
- final SpacePE group = roleAssignment.getSpace();
- if (group != null && group.getCode().equals(spaceCode))
- {
- return true;
- }
- }
- return false;
+ return plateValidator.doValidation(person, value.getExperimentPlateIdentifier());
}
}
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningExperimentValidator.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningExperimentValidator.java
index c2d22c970546413858d8effeb87c735467b4382f..db9ce324fbcb5392e002f66c9683cf6c48afdcfb 100644
--- a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningExperimentValidator.java
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningExperimentValidator.java
@@ -2,11 +2,7 @@ package ch.systemsx.cisd.openbis.plugin.screening.server.authorization;
import java.util.Set;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.IProjectAuthorization;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.ProjectAuthorizationBuilder;
import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.project.ProjectProviderFromExperimentIdentifierString;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.role.RolesProviderFromPersonPE;
-import ch.systemsx.cisd.openbis.generic.server.authorization.project.provider.user.UserProviderFromPersonPE;
import ch.systemsx.cisd.openbis.generic.server.authorization.validator.AbstractValidator;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.RoleAssignmentPE;
@@ -43,13 +39,6 @@ public final class ScreeningExperimentValidator extends AbstractValidator<Experi
}
}
- IProjectAuthorization<String> pa = new ProjectAuthorizationBuilder<String>()
- .withData(authorizationDataProvider)
- .withUser(new UserProviderFromPersonPE(person))
- .withRoles(new RolesProviderFromPersonPE(person))
- .withObjects(new ProjectProviderFromExperimentIdentifierString(value.getAugmentedCode()))
- .build();
-
- return pa.getObjectsWithoutAccess().isEmpty();
+ return isValidPA(person, new ProjectProviderFromExperimentIdentifierString(value.getAugmentedCode()));
}
}
\ No newline at end of file
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningPlateListReadOnlyPredicate.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningPlateListReadOnlyPredicate.java
index b1d639633687c5fc5313c72b370aa43d649c7434..86a255b3ab97321cb30288de9c1be3428b615e63 100644
--- a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningPlateListReadOnlyPredicate.java
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningPlateListReadOnlyPredicate.java
@@ -18,21 +18,21 @@ package ch.systemsx.cisd.openbis.plugin.screening.server.authorization;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.HashSet;
import java.util.List;
-import java.util.Set;
-import net.lemnik.eodsql.BaseQuery;
-import net.lemnik.eodsql.QueryTool;
-import net.lemnik.eodsql.Select;
-
-import ch.systemsx.cisd.common.db.mapper.StringArrayMapper;
import ch.systemsx.cisd.common.exceptions.Status;
+import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.ShouldFlattenCollections;
-import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractSpacePredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.AbstractPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.SampleAccessPECollectionPredicate;
+import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.SampleIdentifierCollectionPredicate;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PermId;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SampleAccessPE;
import ch.systemsx.cisd.openbis.generic.shared.dto.exception.UndefinedSpaceException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SampleIdentifier;
+import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SampleIdentifierFactory;
import ch.systemsx.cisd.openbis.generic.shared.util.SpaceCodeHelper;
import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
@@ -45,94 +45,79 @@ import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifi
* @author Bernd Rinn
*/
@ShouldFlattenCollections(value = false)
-public class ScreeningPlateListReadOnlyPredicate extends
- AbstractSpacePredicate<List<? extends PlateIdentifier>>
+public class ScreeningPlateListReadOnlyPredicate extends AbstractPredicate<List<? extends PlateIdentifier>>
{
- private final static int ARRAY_SIZE_LIMIT = 999;
- private final ISampleToSpaceQuery sampleToSpaceQuery = QueryTool
- .getManagedQuery(ISampleToSpaceQuery.class);
+ private IAuthorizationDataProvider provider;
- public interface ISampleToSpaceQuery extends BaseQuery
- {
- @Select(sql = "select distinct space_id from samples where perm_id = any(?{1})", parameterBindings =
- { StringArrayMapper.class })
- public List<Long> getSampleSpaceIds(String[] samplePermIds);
- }
+ private SampleIdentifierCollectionPredicate identifierCollectionPredicate = new SampleIdentifierCollectionPredicate(true);
+
+ private SampleAccessPECollectionPredicate accessPECollectionPredicate = new SampleAccessPECollectionPredicate(true);
@Override
- public String getCandidateDescription()
+ public void init(IAuthorizationDataProvider dataProvider)
{
- return "plate";
+ provider = dataProvider;
+ identifierCollectionPredicate.init(provider);
+ accessPECollectionPredicate.init(provider);
}
@Override
protected Status doEvaluation(PersonPE person, List<RoleWithIdentifier> allowedRoles,
List<? extends PlateIdentifier> plates)
{
- final List<String> permIds = new ArrayList<String>(plates.size());
+ List<SampleIdentifier> identifiers = new ArrayList<SampleIdentifier>();
+ List<PermId> permIds = new ArrayList<PermId>();
+
for (PlateIdentifier plate : plates)
{
- boolean hasPermId = false;
- if (plate.getPermId() != null)
+ final String spaceCodeOrNull = SpaceCodeHelper.tryGetSpaceCode(person, plate.tryGetSpaceCode());
+
+ if (spaceCodeOrNull == null && plate.getPermId() == null)
{
- permIds.add(plate.getPermId());
- hasPermId = true;
+ throw new UndefinedSpaceException();
}
- final String spaceCodeOrNull =
- SpaceCodeHelper.tryGetSpaceCode(person, plate.tryGetSpaceCode());
- if (spaceCodeOrNull == null && hasPermId == false)
+ if (spaceCodeOrNull != null)
{
- throw new UndefinedSpaceException();
+ SampleIdentifier identifier = SampleIdentifierFactory.parse(plate.getAugmentedCode());
+ identifiers.add(identifier);
}
- if (spaceCodeOrNull != null && plate.isSharedPlate() == false)
+
+ if (plate.getPermId() != null)
{
- final Status status =
- evaluate(allowedRoles, person, spaceCodeOrNull);
- if (Status.OK.equals(status) == false)
- {
- return status;
- }
+ permIds.add(new PermId(plate.getPermId()));
}
}
- if (permIds.isEmpty() == false)
+
+ if (false == identifiers.isEmpty())
{
- for (Long spaceId : getSampleSpaceIds(permIds))
+ Status status = identifierCollectionPredicate.evaluate(person, allowedRoles, identifiers);
+
+ if (status.isError())
{
- if (spaceId == null)
- {
- continue; // Shared samples will return a spaceId of null.
- }
- final Status status =
- evaluate(person, allowedRoles, spaceId);
- if (Status.OK.equals(status) == false)
- {
- return status;
- }
+ return status;
}
}
- return Status.OK;
- }
- private Collection<Long> getSampleSpaceIds(final List<String> permIds)
- {
- if (permIds.size() > ARRAY_SIZE_LIMIT)
+ if (false == permIds.isEmpty())
{
- final Set<Long> spaceIds = new HashSet<Long>(permIds.size());
- for (int startIdx = 0; startIdx < permIds.size(); startIdx += ARRAY_SIZE_LIMIT)
+ Collection<SampleAccessPE> accessPECollection = provider.getSampleCollectionAccessDataByPermIds(permIds);
+ Status status = accessPECollectionPredicate.evaluate(person, allowedRoles, accessPECollection);
+
+ if (status.isError())
{
- final List<String> permIdSubList = permIds.subList(startIdx,
- Math.min(permIds.size(), startIdx + ARRAY_SIZE_LIMIT));
- spaceIds.addAll(sampleToSpaceQuery.getSampleSpaceIds(permIdSubList.toArray(
- new String[permIdSubList.size()])));
+ return status;
}
- return spaceIds;
- } else
- {
- return sampleToSpaceQuery
- .getSampleSpaceIds(permIds.toArray(new String[permIds.size()]));
}
+
+ return Status.OK;
+ }
+
+ @Override
+ public String getCandidateDescription()
+ {
+ return "plate";
}
}
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningPlateValidator.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningPlateValidator.java
index 6f3e1c45379af12b4e45e73f147998513164f3fa..e7c18e72bf47e514f7acbd6d73693b39b24b5784 100644
--- a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningPlateValidator.java
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/ScreeningPlateValidator.java
@@ -1,11 +1,8 @@
package ch.systemsx.cisd.openbis.plugin.screening.server.authorization;
-import java.util.Set;
-
+import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
import ch.systemsx.cisd.openbis.generic.server.authorization.validator.AbstractValidator;
-import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
-import ch.systemsx.cisd.openbis.generic.shared.dto.RoleAssignmentPE;
import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.Plate;
/**
@@ -17,32 +14,19 @@ import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.Plate;
*/
public final class ScreeningPlateValidator extends AbstractValidator<Plate>
{
+
+ private PlateValidator plateValidator = new PlateValidator();
+
+ @Override
+ public void init(IAuthorizationDataProvider provider)
+ {
+ super.init(provider);
+ plateValidator.init(provider);
+ }
+
@Override
public final boolean doValidation(final PersonPE person, final Plate value)
{
- final String spaceCode = value.tryGetSpaceCode();
- if (spaceCode != null)
- {
- final Set<RoleAssignmentPE> roleAssignments = person.getAllPersonRoles();
- for (final RoleAssignmentPE roleAssignment : roleAssignments)
- {
- if (roleAssignment.getSpace() == null)
- {
- // all roles on db level allow full read access (we assume that we operate on
- // home db always)
- return true;
- }
- final SpacePE group = roleAssignment.getSpace();
- if (group != null && group.getCode().equals(spaceCode))
- {
- return true;
- }
- }
- return false;
- } else
- {
- // all shared samples are accessible
- return true;
- }
+ return plateValidator.doValidation(person, value);
}
}
\ No newline at end of file
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/SpaceValidator.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/SpaceValidator.java
index 5200f3f9fa61ca5a78807dc511ebffc8a1a70a2b..75fd2a7d32ab05aa8c4bd1b9fffb0be3a551be78 100644
--- a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/SpaceValidator.java
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/SpaceValidator.java
@@ -44,7 +44,7 @@ abstract class SpaceValidator<T> extends AbstractValidator<T>
final Set<RoleAssignmentPE> roleAssignments = person.getAllPersonRoles();
for (final RoleAssignmentPE roleAssignment : roleAssignments)
{
- if (roleAssignment.getSpace() == null)
+ if (roleAssignment.getSpace() == null && roleAssignment.getProject() == null)
{
// All roles on the db level allow full read access.
// Note: Here we assume that we operate on _the only_ db instance (the home db)!
diff --git a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/WellContentValidator.java b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/WellContentValidator.java
index cff99dd54e5070bb345cba2af0f4b01887321c16..457236af4721f9715dc75a13725a2976967a79ff 100644
--- a/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/WellContentValidator.java
+++ b/screening/source/java/ch/systemsx/cisd/openbis/plugin/screening/server/authorization/WellContentValidator.java
@@ -16,6 +16,9 @@
package ch.systemsx.cisd.openbis.plugin.screening.server.authorization;
+import ch.systemsx.cisd.openbis.generic.server.authorization.IAuthorizationDataProvider;
+import ch.systemsx.cisd.openbis.generic.server.authorization.validator.AbstractValidator;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellContent;
/**
@@ -23,12 +26,22 @@ import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellContent;
*
* @author Tomasz Pylak
*/
-public class WellContentValidator extends SpaceValidator<WellContent>
+public class WellContentValidator extends AbstractValidator<WellContent>
{
+
+ private ExperimentReferenceValidator referenceValidator = new ExperimentReferenceValidator();
+
+ @Override
+ public void init(IAuthorizationDataProvider provider)
+ {
+ super.init(authorizationDataProvider);
+ referenceValidator.init(provider);
+ }
+
@Override
- protected String getSpace(WellContent value)
+ public boolean doValidation(PersonPE person, WellContent value)
{
- return value.getExperiment().getSpaceCode();
+ return referenceValidator.doValidation(person, value.getExperiment());
}
}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/CommonSamplePredicateScreeningSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/CommonSamplePredicateScreeningSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..d18be57b8517cd01b42a8c2594c9e5ba26160c62
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/CommonSamplePredicateScreeningSystemTest.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate;
+
+import ch.systemsx.cisd.openbis.datastoreserver.systemtests.authorization.predicate.CommonSamplePredicateSystemTest;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.CommonAuthorizationScreeningSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class CommonSamplePredicateScreeningSystemTest<O> extends CommonSamplePredicateSystemTest<O>
+{
+
+ @Override
+ protected void setUpDatabaseProperties()
+ {
+ new CommonAuthorizationScreeningSystemTest().setUpDatabaseProperties();
+ }
+
+ @Override
+ protected String getApplicationContextLocation()
+ {
+ return new CommonAuthorizationScreeningSystemTest().getApplicationContextLocation();
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/material/MaterialFeaturesOneExpPredicateSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/material/MaterialFeaturesOneExpPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..6ff406d6e1f25fabd0ed3946d5088d6c6398c60c
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/material/MaterialFeaturesOneExpPredicateSystemTest.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.material;
+
+import java.util.List;
+
+import ch.systemsx.cisd.openbis.datastoreserver.systemtests.authorization.predicate.experiment.ExperimentTechIdPredicateSystemTest;
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria.MaterialFeaturesOneExpCriteria;
+
+/**
+ * @author pkupczyk
+ */
+public class MaterialFeaturesOneExpPredicateSystemTest extends ExperimentTechIdPredicateSystemTest
+{
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider session, List<TechId> objects, Object param)
+ {
+ MaterialFeaturesOneExpCriteria criteria = new MaterialFeaturesOneExpCriteria(null, null, objects.get(0));
+ getBean(MaterialPredicateScreeningTestService.class).testMaterialFeaturesOneExpPredicate(session, criteria);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/material/MaterialPredicateScreeningTestService.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/material/MaterialPredicateScreeningTestService.java
new file mode 100644
index 0000000000000000000000000000000000000000..05068ac98324102f42141c2b53cd974867191eeb
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/material/MaterialPredicateScreeningTestService.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.material;
+
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.AuthorizationGuard;
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.RolesAllowed;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.MaterialFeaturesOneExpPredicate;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria.MaterialFeaturesOneExpCriteria;
+
+/**
+ * @author pkupczyk
+ */
+@Component
+public class MaterialPredicateScreeningTestService
+{
+
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testMaterialFeaturesOneExpPredicate(IAuthSessionProvider session,
+ @AuthorizationGuard(guardClass = MaterialFeaturesOneExpPredicate.class) MaterialFeaturesOneExpCriteria criteria)
+ {
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..53f2bd3d003dba37e941f727ea9c94415491e9b4
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateSystemTest.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import java.util.List;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.CommonSamplePredicateScreeningSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class PlateIdentifierPredicateSystemTest extends CommonSamplePredicateScreeningSystemTest<PlateIdentifier>
+{
+
+ @Override
+ protected SampleKind getSharedSampleKind()
+ {
+ return SampleKind.SHARED_READ;
+ }
+
+ @Override
+ public Object[] provideParams()
+ {
+ return PlateIdentifierUtil.provideParams(getSharedSampleKind());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider session, List<PlateIdentifier> objects, Object param)
+ {
+ getBean(SamplePredicateScreeningTestService.class).testPlateIdentifierPredicate(session, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, UserFailureException.class, "No plate identifier specified.");
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateWithPermIdSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateWithPermIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..11ba165cc17e92da057781bb1589348ed05da233
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateWithPermIdSystemTest.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
+
+/**
+ * @author pkupczyk
+ */
+public class PlateIdentifierPredicateWithPermIdSystemTest extends PlateIdentifierPredicateSystemTest
+{
+
+ @Override
+ protected PlateIdentifier createNonexistentObject(Object param)
+ {
+ return PlateIdentifierUtil.createNonexistentObjectWithPermId(param);
+ }
+
+ @Override
+ protected PlateIdentifier createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ return PlateIdentifierUtil.createObjectWithPermId(this, spacePE, projectPE, param);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t, Object param)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t, Object param)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t, Object param)
+ {
+ assertAuthorizationFailureExceptionThatNotEnoughPrivileges(t);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateWithPlateCodeAndSpaceCodeSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateWithPlateCodeAndSpaceCodeSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..df78dd3e7eefd144d5ee8e787fa3d33105acdde8
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierPredicateWithPlateCodeAndSpaceCodeSystemTest.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
+
+/**
+ * @author pkupczyk
+ */
+public class PlateIdentifierPredicateWithPlateCodeAndSpaceCodeSystemTest extends PlateIdentifierPredicateSystemTest
+{
+
+ @Override
+ protected PlateIdentifier createNonexistentObject(Object param)
+ {
+ return PlateIdentifierUtil.createNonexistentObjectWithPlateCodeAndSpaceCode(param);
+ }
+
+ @Override
+ protected PlateIdentifier createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ return PlateIdentifierUtil.createObjectWithPlateCodeAndSpaceCode(this, spacePE, projectPE, param);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierUtil.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierUtil.java
new file mode 100644
index 0000000000000000000000000000000000000000..779cb5bcebd264bd1b2b1aa896bf395f441b4272
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/PlateIdentifierUtil.java
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import ch.systemsx.cisd.openbis.datastoreserver.systemtests.authorization.CommonAuthorizationSystemTest;
+import ch.systemsx.cisd.openbis.datastoreserver.systemtests.authorization.CommonAuthorizationSystemTest.SampleKind;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SamplePE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
+
+/**
+ * @author pkupczyk
+ */
+public class PlateIdentifierUtil
+{
+
+ public static Object[] provideParams(SampleKind sharedSampleKind)
+ {
+ // project sample identifier cannot be expressed with PlateIdentifier object
+
+ if (SamplePE.projectSamplesEnabled)
+ {
+ return new Object[] {};
+ } else
+ {
+ return new Object[] { sharedSampleKind, SampleKind.SPACE, SampleKind.SPACE_CONTAINED, SampleKind.EXPERIMENT };
+ }
+ }
+
+ public static PlateIdentifier createNonexistentObjectWithPermId(Object param)
+ {
+ return new PlateIdentifier(null, null, "IDONTEXIST");
+ }
+
+ public static PlateIdentifier createObjectWithPermId(CommonAuthorizationSystemTest test, SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ SamplePE samplePE = test.getSample(spacePE, projectPE, (SampleKind) param);
+ return new PlateIdentifier(null, null, samplePE.getPermId());
+ }
+
+ public static PlateIdentifier createNonexistentObjectWithPlateCodeAndSpaceCode(Object param)
+ {
+ switch ((SampleKind) param)
+ {
+ case SHARED_READ:
+ case SHARED_READ_WRITE:
+ return new PlateIdentifier("IDONTEXIST", "", null);
+ case SPACE:
+ return new PlateIdentifier("IDONTEXIST", "IDONTEXIST", null);
+ case SPACE_CONTAINED:
+ return new PlateIdentifier("IDONTEXIST:IDONTEXIST", "IDONTEXIST", null);
+ case EXPERIMENT:
+ return new PlateIdentifier("IDONTEXIST", "IDONTEXIST", null);
+ default:
+ throw new RuntimeException();
+ }
+ }
+
+ public static PlateIdentifier createObjectWithPlateCodeAndSpaceCode(CommonAuthorizationSystemTest test, SpacePE spacePE, ProjectPE projectPE,
+ Object param)
+ {
+ SamplePE samplePE = test.getSample(spacePE, projectPE, (SampleKind) param);
+ return new PlateIdentifier(samplePE.getCode(), samplePE.getSpace() != null ? samplePE.getSpace().getCode() : "", null);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/SamplePredicateScreeningTestService.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/SamplePredicateScreeningTestService.java
new file mode 100644
index 0000000000000000000000000000000000000000..a20be291b683e500be8d7f3238a2664c0e72a8e4
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/SamplePredicateScreeningTestService.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import java.util.List;
+
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.AuthorizationGuard;
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.RolesAllowed;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.PlateIdentifierPredicate;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.ScreeningPlateListReadOnlyPredicate;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.WellIdentifierPredicate;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.WellSearchCriteriaPredicate;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.WellIdentifier;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria;
+
+/**
+ * @author pkupczyk
+ */
+@Component
+public class SamplePredicateScreeningTestService
+{
+
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testWellIdentifierPredicate(IAuthSessionProvider session,
+ @AuthorizationGuard(guardClass = WellIdentifierPredicate.class) WellIdentifier wellIdentifier)
+ {
+ }
+
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testPlateIdentifierPredicate(IAuthSessionProvider session,
+ @AuthorizationGuard(guardClass = PlateIdentifierPredicate.class) PlateIdentifier plateIdentifier)
+ {
+ }
+
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testScreeningPlateListReadOnlyPredicate(IAuthSessionProvider session,
+ @AuthorizationGuard(guardClass = ScreeningPlateListReadOnlyPredicate.class) List<PlateIdentifier> plateIdentifiers)
+ {
+ }
+
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ public void testWellSearchCriteriaPredicate(IAuthSessionProvider session,
+ @AuthorizationGuard(guardClass = WellSearchCriteriaPredicate.class) WellSearchCriteria wellSearchCriteria)
+ {
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..df2655522b5d9bb8c8c723bf7f163eb9890548d8
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateSystemTest.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import java.util.List;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.CommonSamplePredicateScreeningSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class ScreeningPlateListReadOnlyPredicateSystemTest extends CommonSamplePredicateScreeningSystemTest<PlateIdentifier>
+{
+
+ @Override
+ protected boolean isCollectionPredicate()
+ {
+ return true;
+ }
+
+ @Override
+ protected SampleKind getSharedSampleKind()
+ {
+ return SampleKind.SHARED_READ;
+ }
+
+ @Override
+ public Object[] provideParams()
+ {
+ return PlateIdentifierUtil.provideParams(getSharedSampleKind());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider session, List<PlateIdentifier> objects, Object param)
+ {
+ getBean(SamplePredicateScreeningTestService.class).testScreeningPlateListReadOnlyPredicate(session, objects);
+ }
+
+ @Override
+ protected void assertWithNullCollection(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, UserFailureException.class, "No plate specified.");
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, NullPointerException.class, null);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateWithPermIdSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateWithPermIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..96a5853430e83fd37b4272270d889549985f5a6a
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateWithPermIdSystemTest.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
+
+/**
+ * @author pkupczyk
+ */
+public class ScreeningPlateListReadOnlyPredicateWithPermIdSystemTest extends ScreeningPlateListReadOnlyPredicateSystemTest
+{
+
+ @Override
+ protected PlateIdentifier createNonexistentObject(Object param)
+ {
+ return PlateIdentifierUtil.createNonexistentObjectWithPermId(param);
+ }
+
+ @Override
+ protected PlateIdentifier createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ return PlateIdentifierUtil.createObjectWithPermId(this, spacePE, projectPE, param);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t, Object param)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t, Object param)
+ {
+ assertNoException(t);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t, Object param)
+ {
+ assertNoException(t);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateWithPlateCodeAndSpaceCodeSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateWithPlateCodeAndSpaceCodeSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..9ed36086a7b9e0a16e8f69fc0f6f06a226d0dafc
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/ScreeningPlateListReadOnlyPredicateWithPlateCodeAndSpaceCodeSystemTest.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateIdentifier;
+
+/**
+ * @author pkupczyk
+ */
+public class ScreeningPlateListReadOnlyPredicateWithPlateCodeAndSpaceCodeSystemTest extends ScreeningPlateListReadOnlyPredicateSystemTest
+{
+
+ @Override
+ protected PlateIdentifier createNonexistentObject(Object param)
+ {
+ return PlateIdentifierUtil.createNonexistentObjectWithPlateCodeAndSpaceCode(param);
+ }
+
+ @Override
+ protected PlateIdentifier createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ return PlateIdentifierUtil.createObjectWithPlateCodeAndSpaceCode(this, spacePE, projectPE, param);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellIdentifierPredicateSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellIdentifierPredicateSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..4dea54f1cc4dd14f80a93a36dc67ffee7f4543a6
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellIdentifierPredicateSystemTest.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import java.util.List;
+
+import ch.systemsx.cisd.common.exceptions.UserFailureException;
+import ch.systemsx.cisd.openbis.datastoreserver.systemtests.authorization.common.SamplePermIdUtil;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SamplePE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.WellIdentifier;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.CommonSamplePredicateScreeningSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class WellIdentifierPredicateSystemTest extends CommonSamplePredicateScreeningSystemTest<WellIdentifier>
+{
+
+ @Override
+ protected SampleKind getSharedSampleKind()
+ {
+ return SampleKind.SHARED_READ_WRITE;
+ }
+
+ @Override
+ protected WellIdentifier createNonexistentObject(Object param)
+ {
+ return new WellIdentifier(null, null, "IDONTEXIST");
+ }
+
+ @Override
+ protected WellIdentifier createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ SamplePE samplePE = getSample(spacePE, projectPE, (SampleKind) param);
+ return new WellIdentifier(null, null, samplePE.getPermId());
+ }
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider session, List<WellIdentifier> objects, Object param)
+ {
+ getBean(SamplePredicateScreeningTestService.class).testWellIdentifierPredicate(session, objects.get(0));
+ }
+
+ @Override
+ protected void assertWithNull(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, UserFailureException.class, "No well identifier specified.");
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForInstanceUser(PersonPE person, Throwable t, Object param)
+ {
+ SamplePermIdUtil.assertWithNonexistentObjectForInstanceUser(person, t, param);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForProjectUser(PersonPE person, Throwable t, Object param)
+ {
+ SamplePermIdUtil.assertWithNonexistentObjectForProjectUser(person, t, param);
+ }
+
+ @Override
+ protected void assertWithNonexistentObjectForSpaceUser(PersonPE person, Throwable t, Object param)
+ {
+ SamplePermIdUtil.assertWithNonexistentObjectForSpaceUser(person, t, param);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellSearchCriteriaPredicateWithExperimentTechIdSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellSearchCriteriaPredicateWithExperimentTechIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..ffd83746b6fe2714e58d241e83330bb0ee1e26f5
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellSearchCriteriaPredicateWithExperimentTechIdSystemTest.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import java.util.List;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria.AnalysisProcedureCriteria;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria.ExperimentSearchCriteria;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria.MaterialSearchCriteria;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.experiment.ExperimentSearchCriteriaPredicateWithExperimentTechIdSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class WellSearchCriteriaPredicateWithExperimentTechIdSystemTest extends ExperimentSearchCriteriaPredicateWithExperimentTechIdSystemTest
+{
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider session, List<ExperimentSearchCriteria> objects, Object param)
+ {
+ WellSearchCriteria criteria =
+ new WellSearchCriteria(objects.get(0), MaterialSearchCriteria.createIdCriteria(new TechId()),
+ AnalysisProcedureCriteria.createAllProcedures());
+ getBean(SamplePredicateScreeningTestService.class).testWellSearchCriteriaPredicate(session, criteria);
+ }
+
+ @Override
+ protected void assertWithNullForInstanceUser(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, AssertionError.class, null);
+ }
+
+ @Override
+ protected void assertWithNullForSpaceUser(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, AssertionError.class, null);
+ }
+
+ @Override
+ protected void assertWithNullForProjectUser(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, AssertionError.class, null);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellSearchCriteriaPredicateWithProjectIdentifierSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellSearchCriteriaPredicateWithProjectIdentifierSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..dad065da11918e1404937fdc538c1deb290520b2
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/predicate/sample/WellSearchCriteriaPredicateWithProjectIdentifierSystemTest.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.sample;
+
+import java.util.List;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.TechId;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria.AnalysisProcedureCriteria;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria.ExperimentSearchCriteria;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellSearchCriteria.MaterialSearchCriteria;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.predicate.experiment.ExperimentSearchCriteriaPredicateWithProjectIdentifierSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class WellSearchCriteriaPredicateWithProjectIdentifierSystemTest extends ExperimentSearchCriteriaPredicateWithProjectIdentifierSystemTest
+{
+
+ @Override
+ protected void evaluateObjects(IAuthSessionProvider session, List<ExperimentSearchCriteria> objects, Object param)
+ {
+ WellSearchCriteria criteria =
+ new WellSearchCriteria(objects.get(0), MaterialSearchCriteria.createIdCriteria(new TechId()),
+ AnalysisProcedureCriteria.createAllProcedures());
+ getBean(SamplePredicateScreeningTestService.class).testWellSearchCriteriaPredicate(session, criteria);
+ }
+
+ @Override
+ protected void assertWithNullForInstanceUser(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, AssertionError.class, null);
+ }
+
+ @Override
+ protected void assertWithNullForSpaceUser(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, AssertionError.class, null);
+ }
+
+ @Override
+ protected void assertWithNullForProjectUser(PersonPE person, Throwable t, Object param)
+ {
+ assertException(t, AssertionError.class, null);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/CommonSampleValidatorScreeningSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/CommonSampleValidatorScreeningSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..d3e1e6b4dae3c0923eec13fb074daf7d9cd4f871
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/CommonSampleValidatorScreeningSystemTest.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator;
+
+import ch.systemsx.cisd.openbis.datastoreserver.systemtests.authorization.validator.CommonSampleValidatorSystemTest;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.CommonAuthorizationScreeningSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class CommonSampleValidatorScreeningSystemTest<O> extends CommonSampleValidatorSystemTest<O>
+{
+
+ @Override
+ protected void setUpDatabaseProperties()
+ {
+ new CommonAuthorizationScreeningSystemTest().setUpDatabaseProperties();
+ }
+
+ @Override
+ protected String getApplicationContextLocation()
+ {
+ return new CommonAuthorizationScreeningSystemTest().getApplicationContextLocation();
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/ExperimentReferenceUtil.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/ExperimentReferenceUtil.java
new file mode 100644
index 0000000000000000000000000000000000000000..401ae7f13c7f420d338007262bbf7039b9edaeb9
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/ExperimentReferenceUtil.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment;
+
+import ch.systemsx.cisd.openbis.datastoreserver.systemtests.authorization.CommonAuthorizationSystemTest;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+
+/**
+ * @author pkupczyk
+ */
+public class ExperimentReferenceUtil
+{
+
+ public static ExperimentReference createObjectWithExperimentCodeAndProjectCodeAndSpaceCode(CommonAuthorizationSystemTest test, SpacePE spacePE,
+ ProjectPE projectPE, Object param)
+ {
+ ExperimentPE experimentPE = test.getExperiment(spacePE, projectPE);
+ return new ExperimentReference(-1L, null, experimentPE.getCode(), null, experimentPE.getProject().getCode(),
+ experimentPE.getProject().getSpace().getCode());
+ }
+
+ public static ExperimentReference createObjectWithExperimentId(CommonAuthorizationSystemTest test, SpacePE spacePE, ProjectPE projectPE,
+ Object param)
+ {
+ ExperimentPE experimentPE = test.getExperiment(spacePE, projectPE);
+ return new ExperimentReference(experimentPE.getId(), null, null, null, null, null);
+ }
+
+ public static ExperimentReference createObjectWithSpaceCode(CommonAuthorizationSystemTest test, SpacePE spacePE, ProjectPE projectPE,
+ Object param)
+ {
+ return new ExperimentReference(-1L, null, null, null, null, spacePE.getCode());
+ }
+
+ public static ExperimentReference createObjectWithExperimentPermId(CommonAuthorizationSystemTest test, SpacePE spacePE, ProjectPE projectPE,
+ Object param)
+ {
+ ExperimentPE experimentPE = test.getExperiment(spacePE, projectPE);
+ return new ExperimentReference(-1L, experimentPE.getPermId(), null, null, null, null);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/ExperimentValidatorScreeningTestService.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/ExperimentValidatorScreeningTestService.java
index eda26abbc15b9d7ffbf39497541e77b0f133aecf..2ec97db72f50fc51b8e7a0fc5e71a9369479a1b2 100644
--- a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/ExperimentValidatorScreeningTestService.java
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/ExperimentValidatorScreeningTestService.java
@@ -23,8 +23,12 @@ import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.ReturnVa
import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.RolesAllowed;
import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.MaterialExperimentFeatureVectorSummaryValidator;
import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.ScreeningExperimentValidator;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.WellContentValidator;
import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.ExperimentIdentifier;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.MaterialSimpleFeatureVectorSummary;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellContent;
/**
* @author pkupczyk
@@ -41,4 +45,21 @@ public class ExperimentValidatorScreeningTestService
return experimentIdentifier;
}
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ @ReturnValueFilter(validatorClass = MaterialExperimentFeatureVectorSummaryValidator.class)
+ public MaterialSimpleFeatureVectorSummary testMaterialExperimentFeatureVectorSummaryValidator(IAuthSessionProvider sessionProvider,
+ MaterialSimpleFeatureVectorSummary summary)
+ {
+ return summary;
+ }
+
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ @ReturnValueFilter(validatorClass = WellContentValidator.class)
+ public WellContent testWellContentValidator(IAuthSessionProvider sessionProvider, WellContent wellContent)
+ {
+ return wellContent;
+ }
+
}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..3fe498f9521f224d26ab2b5d6fd55a710fbc39ae
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorSystemTest.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.MaterialSimpleFeatureVectorSummary;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.CommonValidatorScreeningSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class MaterialExperimentFeatureVectorSummaryValidatorSystemTest
+ extends CommonValidatorScreeningSystemTest<MaterialSimpleFeatureVectorSummary>
+{
+
+ @Override
+ protected MaterialSimpleFeatureVectorSummary validateObject(IAuthSessionProvider sessionProvider, MaterialSimpleFeatureVectorSummary object,
+ Object param)
+ {
+ return getBean(ExperimentValidatorScreeningTestService.class).testMaterialExperimentFeatureVectorSummaryValidator(sessionProvider, object);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentCodeAndProjectCodeAndSpaceCodeSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentCodeAndProjectCodeAndSpaceCodeSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..076aea240f8eb7945a0724c9a862583e084048b4
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentCodeAndProjectCodeAndSpaceCodeSystemTest.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.MaterialSimpleFeatureVectorSummary;
+
+/**
+ * @author pkupczyk
+ */
+public class MaterialExperimentFeatureVectorSummaryValidatorWithExperimentCodeAndProjectCodeAndSpaceCodeSystemTest
+ extends MaterialExperimentFeatureVectorSummaryValidatorSystemTest
+{
+
+ @Override
+ protected MaterialSimpleFeatureVectorSummary createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentReference reference =
+ ExperimentReferenceUtil.createObjectWithExperimentCodeAndProjectCodeAndSpaceCode(this, spacePE, projectPE, param);
+ return new MaterialSimpleFeatureVectorSummary(reference);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentIdSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..35eae19b2b3774b0549097629487c6aba753800d
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentIdSystemTest.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.MaterialSimpleFeatureVectorSummary;
+
+/**
+ * @author pkupczyk
+ */
+public class MaterialExperimentFeatureVectorSummaryValidatorWithExperimentIdSystemTest
+ extends MaterialExperimentFeatureVectorSummaryValidatorSystemTest
+{
+
+ @Override
+ protected MaterialSimpleFeatureVectorSummary createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentReference reference = ExperimentReferenceUtil.createObjectWithExperimentId(this, spacePE, projectPE, param);
+ return new MaterialSimpleFeatureVectorSummary(reference);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentPermIdSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentPermIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..fd52d0e019234bd01ffa64a374cd7fcb4a71b514
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithExperimentPermIdSystemTest.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.MaterialSimpleFeatureVectorSummary;
+
+/**
+ * @author pkupczyk
+ */
+public class MaterialExperimentFeatureVectorSummaryValidatorWithExperimentPermIdSystemTest
+ extends MaterialExperimentFeatureVectorSummaryValidatorSystemTest
+{
+
+ @Override
+ protected MaterialSimpleFeatureVectorSummary createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentPE experimentPE = getExperiment(spacePE, projectPE);
+ ExperimentReference reference = new ExperimentReference(-1L, experimentPE.getPermId(), null, null, null, null);
+ return new MaterialSimpleFeatureVectorSummary(reference);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithSpaceCodeSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithSpaceCodeSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..66b78f8f56bfaf5afc43869089ed142a8a87e6aa
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/experiment/MaterialExperimentFeatureVectorSummaryValidatorWithSpaceCodeSystemTest.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.MaterialSimpleFeatureVectorSummary;
+
+/**
+ * @author pkupczyk
+ */
+public class MaterialExperimentFeatureVectorSummaryValidatorWithSpaceCodeSystemTest
+ extends MaterialExperimentFeatureVectorSummaryValidatorSystemTest
+{
+
+ @Override
+ protected MaterialSimpleFeatureVectorSummary createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentReference reference = new ExperimentReference(-1L, null, null, null, null, spacePE.getCode());
+ return new MaterialSimpleFeatureVectorSummary(reference);
+ }
+
+ @Override
+ protected void assertWithNonMatchingSpaceAndMatchingProjectUser(PersonPE person, MaterialSimpleFeatureVectorSummary result, Throwable t,
+ Object param)
+ {
+ // given only a space code the project authorization does not work
+ assertNull(result);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/PlateWellReferenceWithDatasetsValidatorSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/PlateWellReferenceWithDatasetsValidatorSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..1e87b1410cfc4f91537679be9ec67eaa4e14825c
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/PlateWellReferenceWithDatasetsValidatorSystemTest.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.ExperimentIdentifier;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.Plate;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateWellReferenceWithDatasets;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.CommonValidatorScreeningSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class PlateWellReferenceWithDatasetsValidatorSystemTest
+ extends CommonValidatorScreeningSystemTest<PlateWellReferenceWithDatasets>
+{
+
+ @Override
+ protected PlateWellReferenceWithDatasets createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentPE experimentPE = getExperiment(spacePE, projectPE);
+ Plate plate = new Plate(null, null, null, new ExperimentIdentifier(experimentPE.getCode(), experimentPE.getProject().getCode(),
+ experimentPE.getProject().getSpace().getCode(), null));
+ return new PlateWellReferenceWithDatasets(plate, null);
+ }
+
+ @Override
+ protected PlateWellReferenceWithDatasets validateObject(IAuthSessionProvider sessionProvider, PlateWellReferenceWithDatasets object,
+ Object param)
+ {
+ return getBean(SampleValidatorScreeningTestService.class).testPlateWellReferenceWithDatasetsValidator(sessionProvider, object);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/SampleValidatorScreeningTestService.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/SampleValidatorScreeningTestService.java
new file mode 100644
index 0000000000000000000000000000000000000000..5c6d2a65c63157d2ed10f0645f1df97c0fd6c31a
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/SampleValidatorScreeningTestService.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.sample;
+
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.ReturnValueFilter;
+import ch.systemsx.cisd.openbis.generic.server.authorization.annotation.RolesAllowed;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.PlateWellReferenceWithDatasetsValidator;
+import ch.systemsx.cisd.openbis.plugin.screening.server.authorization.ScreeningPlateValidator;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.Plate;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.PlateWellReferenceWithDatasets;
+
+/**
+ * @author pkupczyk
+ */
+@Component
+public class SampleValidatorScreeningTestService
+{
+
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ @ReturnValueFilter(validatorClass = PlateWellReferenceWithDatasetsValidator.class)
+ public PlateWellReferenceWithDatasets testPlateWellReferenceWithDatasetsValidator(IAuthSessionProvider sessionProvider,
+ PlateWellReferenceWithDatasets plateWell)
+ {
+ return plateWell;
+ }
+
+ @Transactional
+ @RolesAllowed(value = { RoleWithHierarchy.PROJECT_OBSERVER })
+ @ReturnValueFilter(validatorClass = ScreeningPlateValidator.class)
+ public Plate testScreeningPlateValidator(IAuthSessionProvider sessionProvider, Plate plate)
+ {
+ return plate;
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/ScreeningPlateValidatorSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/ScreeningPlateValidatorSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..fa97d87fa3e554766f41cecdfeb7a7177347cd2f
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/ScreeningPlateValidatorSystemTest.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ExperimentPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.ExperimentIdentifier;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.api.v1.dto.Plate;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.CommonValidatorScreeningSystemTest;
+
+/**
+ * @author pkupczyk
+ */
+public class ScreeningPlateValidatorSystemTest extends CommonValidatorScreeningSystemTest<Plate>
+{
+
+ @Override
+ protected Plate createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentPE experimentPE = getExperiment(spacePE, projectPE);
+ return new Plate(null, null, null, new ExperimentIdentifier(experimentPE.getCode(), experimentPE.getProject().getCode(),
+ experimentPE.getProject().getSpace().getCode(), null));
+ }
+
+ @Override
+ protected Plate validateObject(IAuthSessionProvider sessionProvider, Plate object, Object param)
+ {
+ return getBean(SampleValidatorScreeningTestService.class).testScreeningPlateValidator(sessionProvider, object);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..6168f5b36ccabefe0a1a0cf336b3e5af46c7aa69
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorSystemTest.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.IAuthSessionProvider;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellContent;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.CommonValidatorScreeningSystemTest;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment.ExperimentValidatorScreeningTestService;
+
+/**
+ * @author pkupczyk
+ */
+public abstract class WellContentValidatorSystemTest extends CommonValidatorScreeningSystemTest<WellContent>
+{
+
+ @Override
+ protected WellContent validateObject(IAuthSessionProvider sessionProvider, WellContent object, Object param)
+ {
+ return getBean(ExperimentValidatorScreeningTestService.class).testWellContentValidator(sessionProvider, object);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentCodeAndProjectCodeAndSpaceCodeSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentCodeAndProjectCodeAndSpaceCodeSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..083154d0891f29b2d6265fbe55c2032bc5522c68
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentCodeAndProjectCodeAndSpaceCodeSystemTest.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellContent;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment.ExperimentReferenceUtil;
+
+/**
+ * @author pkupczyk
+ */
+public class WellContentValidatorWithExperimentCodeAndProjectCodeAndSpaceCodeSystemTest extends WellContentValidatorSystemTest
+{
+
+ @Override
+ protected WellContent createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentReference reference =
+ ExperimentReferenceUtil.createObjectWithExperimentCodeAndProjectCodeAndSpaceCode(this, spacePE, projectPE, param);
+ return new WellContent(null, null, null, reference);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentIdSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..1772c7e1fc4c5fc81ea232b35126c2a9b47d51e8
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentIdSystemTest.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellContent;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment.ExperimentReferenceUtil;
+
+/**
+ * @author pkupczyk
+ */
+public class WellContentValidatorWithExperimentIdSystemTest extends WellContentValidatorSystemTest
+{
+
+ @Override
+ protected WellContent createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentReference reference = ExperimentReferenceUtil.createObjectWithExperimentId(this, spacePE, projectPE, param);
+ return new WellContent(null, null, null, reference);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentPermIdSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentPermIdSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..0789ea57bb111e9a2f6fbb342e2b7b96ccc32e5f
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithExperimentPermIdSystemTest.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellContent;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment.ExperimentReferenceUtil;
+
+/**
+ * @author pkupczyk
+ */
+public class WellContentValidatorWithExperimentPermIdSystemTest extends WellContentValidatorSystemTest
+{
+
+ @Override
+ protected WellContent createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentReference reference = ExperimentReferenceUtil.createObjectWithExperimentPermId(this, spacePE, projectPE, param);
+ return new WellContent(null, null, null, reference);
+ }
+
+}
diff --git a/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithSpaceCodeSystemTest.java b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithSpaceCodeSystemTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..f061ef511b23a3e5aaeb3d8c74ff2da9bcd84cd7
--- /dev/null
+++ b/screening/sourceTest/java/ch/systemsx/cisd/openbis/screening/systemtests/authorization/validator/sample/WellContentValidatorWithSpaceCodeSystemTest.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.sample;
+
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.ProjectPE;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SpacePE;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.ExperimentReference;
+import ch.systemsx.cisd.openbis.plugin.screening.shared.basic.dto.WellContent;
+import ch.systemsx.cisd.openbis.screening.systemtests.authorization.validator.experiment.ExperimentReferenceUtil;
+
+/**
+ * @author pkupczyk
+ */
+public class WellContentValidatorWithSpaceCodeSystemTest extends WellContentValidatorSystemTest
+{
+
+ @Override
+ protected WellContent createObject(SpacePE spacePE, ProjectPE projectPE, Object param)
+ {
+ ExperimentReference reference = ExperimentReferenceUtil.createObjectWithSpaceCode(this, spacePE, projectPE, param);
+ return new WellContent(null, null, null, reference);
+ }
+
+ @Override
+ protected void assertWithNonMatchingSpaceAndMatchingProjectUser(PersonPE person, WellContent result, Throwable t,
+ Object param)
+ {
+ // given only a space code the project authorization does not work
+ assertNull(result);
+ }
+
+}