BIS-51 / SP-175: Test cleanup

SVN: 26032

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/UpdateExperimentOfSampleTest.java

@@ -16,6 +16,10 @@
 
 package ch.systemsx.cisd.openbis.systemtest;
 
+import static ch.systemsx.cisd.openbis.systemtest.base.auth.RuleBuilder.and;
+import static ch.systemsx.cisd.openbis.systemtest.base.auth.RuleBuilder.not;
+import static ch.systemsx.cisd.openbis.systemtest.base.auth.RuleBuilder.or;
+import static ch.systemsx.cisd.openbis.systemtest.base.auth.RuleBuilder.rule;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.CoreMatchers.nullValue;
 import static org.hamcrest.MatcherAssert.assertThat;
@@ -30,10 +34,13 @@ import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Experiment;
 import ch.systemsx.cisd.openbis.generic.shared.basic.dto.ExternalData;
 import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Project;
 import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleLevel;
 import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Sample;
 import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
 import ch.systemsx.cisd.openbis.systemtest.base.BaseTest;
-import ch.systemsx.cisd.openbis.systemtest.base.RolePermutator;
+import ch.systemsx.cisd.openbis.systemtest.base.auth.AuthorizationRule;
+import ch.systemsx.cisd.openbis.systemtest.base.auth.GuardedDomain;
+import ch.systemsx.cisd.openbis.systemtest.base.auth.RolePermutator;
 
 /**
  * @author anttil
@@ -149,20 +156,51 @@ public class UpdateExperimentOfSampleTest extends BaseTest
         sample = create(aSample().inExperiment(sourceExperiment));
     }
 
+    public static final GuardedDomain space1;
+
+    public static final GuardedDomain space2;
+
+    public static final GuardedDomain instance;
+
+    public static final AuthorizationRule assignSampleToExperimentRule;
+
+    static
+    {
+        space1 = new GuardedDomain("space1", RoleLevel.SPACE);
+        space2 = new GuardedDomain("space2", RoleLevel.SPACE);
+        instance = new GuardedDomain("instance", RoleLevel.INSTANCE);
+
+        // (space1 power and space2 power) or
+        // (space1 user and space2 user and instance1 etl_server) or
+        // instance_admin
+
+        AuthorizationRule powerUsers =
+                and(rule(space1, RoleWithHierarchy.SPACE_POWER_USER),
+                        rule(space2, RoleWithHierarchy.SPACE_POWER_USER));
+
+        AuthorizationRule users =
+                and(rule(space1, RoleWithHierarchy.SPACE_USER),
+                        rule(space2, RoleWithHierarchy.SPACE_USER), rule(instance,
+                                RoleWithHierarchy.INSTANCE_ETL_SERVER));
+
+        AuthorizationRule admins = rule(instance, RoleWithHierarchy.INSTANCE_ADMIN);
+
+        assignSampleToExperimentRule = or(powerUsers, users, admins);
+    }
+
     @DataProvider(name = "rolesAllowedToUpdateExperimentOfSample")
     public static Object[][] rolesAllowedToAssignSampleToExperiment()
     {
-        RolePermutator rp =
-                new RolePermutator(2, RoleWithHierarchy.SPACE_POWER_USER);
-        return rp.getAcceptedPermutations();
+        return RolePermutator.getAcceptedPermutations(assignSampleToExperimentRule, space1, space2,
+                instance);
     }
 
     @DataProvider(name = "rolesNotAllowedToUpdateExperimentOfSample")
     public static Object[][] rolesNotAllowedToAssignSampleToExperiment()
     {
-        RolePermutator rp =
-                new RolePermutator(2, RoleWithHierarchy.SPACE_POWER_USER);
-        return rp.getRejectedPermutations();
+        return RolePermutator.getAcceptedPermutations(not(assignSampleToExperimentRule), space1,
+                space2, instance);
+
     }
 
 }

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/BaseTest.java

@@ -57,6 +57,23 @@ import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SampleIdentifier;
 import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SpaceIdentifier;
 import ch.systemsx.cisd.openbis.plugin.generic.client.web.client.IGenericClientService;
 import ch.systemsx.cisd.openbis.plugin.generic.shared.IGenericServer;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.Builder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.DataSetUpdateBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.ExperimentBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.ExperimentUpdateBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.ExternalDataBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.ProjectBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.ProjectUpdateBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.SampleBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.SampleUpdateBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.SessionBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.SpaceBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.builder.UpdateBuilder;
+import ch.systemsx.cisd.openbis.systemtest.base.matcher.CollectionContainsExactlyMatcher;
+import ch.systemsx.cisd.openbis.systemtest.base.matcher.InExperimentMatcher;
+import ch.systemsx.cisd.openbis.systemtest.base.matcher.InProjectMatcher;
+import ch.systemsx.cisd.openbis.systemtest.base.matcher.InSampleMatcher;
+import ch.systemsx.cisd.openbis.systemtest.base.matcher.InSpaceMatcher;
 
 /**
  * @author anttil

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/auth/AndAuthorizationRule.java

+/*
+ * Copyright 2012 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.base.auth;
+
+import java.util.Map;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+
+/**
+ * @author anttil
+ */
+public class AndAuthorizationRule implements AuthorizationRule
+{
+    private final AuthorizationRule rule1;
+
+    private final AuthorizationRule rule2;
+
+    public AndAuthorizationRule(AuthorizationRule rule1, AuthorizationRule rule2)
+    {
+        this.rule1 = rule1;
+        this.rule2 = rule2;
+    }
+
+    @Override
+    public boolean accepts(Map<GuardedDomain, RoleWithHierarchy> roles)
+    {
+        return this.rule1.accepts(roles) && this.rule2.accepts(roles);
+    }
+
+}

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/auth/AuthorizationRule.java

+/*
+ * Copyright 2012 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.base.auth;
+
+import java.util.Map;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+
+/**
+ * @author anttil
+ */
+public interface AuthorizationRule
+{
+    public boolean accepts(Map<GuardedDomain, RoleWithHierarchy> roles);
+}

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/auth/BasicAuthorizationRule.java

+/*
+ * Copyright 2012 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.base.auth;
+
+import java.util.Map;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+
+/**
+ * @author anttil
+ */
+public class BasicAuthorizationRule implements AuthorizationRule
+{
+
+    private final RoleWithHierarchy limit;
+
+    private final GuardedDomain domain;
+
+    public BasicAuthorizationRule(GuardedDomain domain, RoleWithHierarchy limit)
+    {
+        switch (domain.getType())
+        {
+            case SPACE:
+                if (!limit.isSpaceLevel())
+                {
+                    throw new IllegalArgumentException("Invalid limit for space: " + limit);
+                }
+                break;
+            case INSTANCE:
+                if (!limit.isInstanceLevel())
+                {
+                    throw new IllegalArgumentException("Invalid limit for instance: " + limit);
+                }
+                break;
+            default:
+                throw new IllegalArgumentException("Unknown domain type " + domain.getType());
+        }
+        this.limit = limit;
+        this.domain = domain;
+    }
+
+    @Override
+    public boolean accepts(Map<GuardedDomain, RoleWithHierarchy> roles)
+    {
+        RoleWithHierarchy role = roles.get(this.domain);
+        if (role == null)
+        {
+            return false;
+        }
+
+        return this.limit.getRoles().contains(role);
+    }
+}

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/auth/GuardedDomain.java

+/*
+ * Copyright 2012 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.base.auth;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleLevel;
+
+/**
+ * @author anttil
+ */
+public class GuardedDomain
+{
+    private final String name;
+
+    private final RoleLevel type;
+
+    public GuardedDomain(String name, RoleLevel type)
+    {
+        this.name = name;
+        this.type = type;
+    }
+
+    public String getName()
+    {
+        return name;
+    }
+
+    public RoleLevel getType()
+    {
+        return type;
+    }
+
+    @Override
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof GuardedDomain))
+        {
+            return false;
+        }
+
+        GuardedDomain domain = (GuardedDomain) o;
+        return domain.getName().equals(this.name) && domain.getType().equals(this.type);
+    }
+
+    @Override
+    public int hashCode()
+    {
+        HashCodeBuilder builder = new HashCodeBuilder();
+        builder.append(this.name);
+        builder.append(this.type);
+        return builder.toHashCode();
+    }
+
+    @Override
+    public String toString()
+    {
+        return this.name + " (" + this.type + ")";
+    }
+}

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/auth/NotAuthorizationRule.java

+/*
+ * Copyright 2012 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.base.auth;
+
+import java.util.Map;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+
+/**
+ * @author anttil
+ */
+public class NotAuthorizationRule implements AuthorizationRule
+{
+
+    private final AuthorizationRule rule;
+
+    public NotAuthorizationRule(AuthorizationRule rule)
+    {
+        this.rule = rule;
+    }
+
+    @Override
+    public boolean accepts(Map<GuardedDomain, RoleWithHierarchy> roles)
+    {
+        return !this.rule.accepts(roles);
+    }
+
+}

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/auth/OrAuthorizationRule.java

+/*
+ * Copyright 2012 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.base.auth;
+
+import java.util.Map;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+
+/**
+ * @author anttil
+ */
+public class OrAuthorizationRule implements AuthorizationRule
+{
+    private final AuthorizationRule rule1;
+
+    private final AuthorizationRule rule2;
+
+    public OrAuthorizationRule(AuthorizationRule rule1, AuthorizationRule rule2)
+    {
+        this.rule1 = rule1;
+        this.rule2 = rule2;
+    }
+
+    @Override
+    public boolean accepts(Map<GuardedDomain, RoleWithHierarchy> roles)
+    {
+        return this.rule1.accepts(roles) || this.rule2.accepts(roles);
+    }
+}

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/RolePermutator.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/auth/RolePermutator.java

@@ -14,14 +14,18 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.auth;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collection;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Map;
 
 import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleLevel;
 
 /**
  * @author anttil
@@ -29,146 +33,104 @@ import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
 public class RolePermutator
 {
 
-    public static Collection<RoleWithHierarchy> allInstanceRoles = new HashSet<RoleWithHierarchy>();
-
-    public static Collection<RoleWithHierarchy> allSpaceRoles = new HashSet<RoleWithHierarchy>();
-
-    private final int numSpaces;
-
-    private final RoleWithHierarchy[] limits;
-
-    {
-        allInstanceRoles.add(RoleWithHierarchy.INSTANCE_ADMIN);
-        allInstanceRoles.add(RoleWithHierarchy.INSTANCE_ETL_SERVER);
-        allInstanceRoles.add(RoleWithHierarchy.INSTANCE_OBSERVER);
-        allInstanceRoles.add(null);
-
-        allSpaceRoles.add(RoleWithHierarchy.SPACE_ADMIN);
-        allSpaceRoles.add(RoleWithHierarchy.SPACE_ETL_SERVER);
-        allSpaceRoles.add(RoleWithHierarchy.SPACE_POWER_USER);
-        allSpaceRoles.add(RoleWithHierarchy.SPACE_USER);
-        allSpaceRoles.add(RoleWithHierarchy.SPACE_OBSERVER);
-        allSpaceRoles.add(null);
-    }
-
-    public RolePermutator(int numSpaces, RoleWithHierarchy... limits)
+    public static RoleWithHierarchy[][] getAcceptedPermutations(AuthorizationRule rule,
+            GuardedDomain... domains)
     {
-        this.numSpaces = numSpaces;
-        this.limits = limits;
-
-    }
+        Collection<Map<GuardedDomain, RoleWithHierarchy>> accepted =
+                new HashSet<Map<GuardedDomain, RoleWithHierarchy>>();
 
-    public RoleWithHierarchy[][] getAcceptedPermutations()
-    {
-        return toNestedArray(acceptedRoles(numSpaces, limits));
-    }
-
-    public RoleWithHierarchy[][] getRejectedPermutations()
-    {
-        return toNestedArray(rejectedRoles(numSpaces, limits));
-    }
-
-    public static RoleWithHierarchy[][] toNestedArray(Collection<List<RoleWithHierarchy>> input)
-    {
-        RoleWithHierarchy[][] result = new RoleWithHierarchy[input.size()][];
-        int index = 0;
-        for (List<RoleWithHierarchy> roles : input)
+        for (Map<GuardedDomain, RoleWithHierarchy> permutation : getAllPermutations(Arrays
+                .asList(domains)))
         {
-            result[index] = roles.toArray(new RoleWithHierarchy[0]);
-            index++;
+            if (rule.accepts(permutation) && !containsOnlyNulls(permutation.values()))
+            {
+                accepted.add(permutation);
+            }
         }
-        return result;
+        return toNestedArray(accepted, domains);
     }
 
-    public static Collection<List<RoleWithHierarchy>> acceptedRoles(int numSpaceRoles,
-            RoleWithHierarchy... limits)
+    public static Collection<Map<GuardedDomain, RoleWithHierarchy>> getAllPermutations(
+            List<GuardedDomain> domains)
     {
-        Collection<RoleWithHierarchy> acceptedRoles = new HashSet<RoleWithHierarchy>();
-        for (RoleWithHierarchy limit : limits)
+        Collection<Map<GuardedDomain, RoleWithHierarchy>> result =
+                new HashSet<Map<GuardedDomain, RoleWithHierarchy>>();
+        if (domains.size() == 0)
         {
-            acceptedRoles.addAll(limit.getRoles());
+            return result;
         }
 
-        Collection<List<RoleWithHierarchy>> results = new HashSet<List<RoleWithHierarchy>>();
-        for (RoleWithHierarchy instanceRole : allInstanceRoles)
+        GuardedDomain domain = domains.get(0);
+        for (RoleWithHierarchy role : getAllRolesFor(domain.getType()))
         {
-            for (List<RoleWithHierarchy> spaceRoles : getSpaceRoleCombinations(numSpaceRoles))
+            Collection<Map<GuardedDomain, RoleWithHierarchy>> subpermutations =
+                    getAllPermutations(restOf(domains));
+            if (subpermutations.size() > 0)
             {
-                if (acceptedRoles.contains(instanceRole) || acceptedRoles.containsAll(spaceRoles))
+                for (Map<GuardedDomain, RoleWithHierarchy> rest : subpermutations)
                 {
-                    List<RoleWithHierarchy> result = new ArrayList<RoleWithHierarchy>();
-                    for (RoleWithHierarchy spaceRole : spaceRoles)
-                    {
-                        result.add(spaceRole);
-                    }
-                    result.add(instanceRole);
-                    results.add(result);
+                    Map<GuardedDomain, RoleWithHierarchy> map =
+                            new HashMap<GuardedDomain, RoleWithHierarchy>();
+                    map.put(domain, role);
+                    map.putAll(rest);
+                    result.add(map);
                 }
+            } else
+            {
+                Map<GuardedDomain, RoleWithHierarchy> map =
+                        new HashMap<GuardedDomain, RoleWithHierarchy>();
+                map.put(domain, role);
+                result.add(map);
             }
         }
-        return results;
+        return result;
     }
 
-    public static Collection<List<RoleWithHierarchy>> rejectedRoles(int numSpaceRoles,
-            RoleWithHierarchy... limits)
+    public static <T> List<T> restOf(List<T> list)
     {
-        Collection<List<RoleWithHierarchy>> allCombinations = getAllRoleCombinations(numSpaceRoles);
-        Collection<List<RoleWithHierarchy>> acceptedCombinations =
-                acceptedRoles(numSpaceRoles, limits);
-        allCombinations.removeAll(acceptedCombinations);
-        return allCombinations;
-    }
+        if (list.size() == 0)
+        {
+            throw new IllegalArgumentException("0");
+        }
 
-    public static Collection<List<RoleWithHierarchy>> getSpaceRoleCombinations(int num)
-    {
-        Collection<List<RoleWithHierarchy>> result = new HashSet<List<RoleWithHierarchy>>();
-        if (num == 0)
+        if (list.size() == 1)
         {
-            return result;
+            return new ArrayList<T>();
         }
 
-        Collection<List<RoleWithHierarchy>> subLists = getSpaceRoleCombinations(num - 1);
+        return list.subList(1, list.size());
+    }
 
-        for (RoleWithHierarchy role : allSpaceRoles)
+    public static Collection<RoleWithHierarchy> getAllRolesFor(RoleLevel level)
+    {
+        if (RoleLevel.SPACE.equals(level))
         {
-            if (subLists.size() == 0)
-            {
-                List<RoleWithHierarchy> list = new ArrayList<RoleWithHierarchy>();
-                list.add(role);
-                result.add(list);
-            } else
-            {
-                for (List<RoleWithHierarchy> subList : subLists)
-                {
-                    List<RoleWithHierarchy> list = new ArrayList<RoleWithHierarchy>();
-                    list.add(role);
-                    list.addAll(subList);
-                    result.add(list);
-                }
-            }
+            return allSpaceRoles;
+        } else if (RoleLevel.INSTANCE.equals(level))
+        {
+            return allInstanceRoles;
+        } else
+        {
+            throw new IllegalArgumentException(level.toString());
         }
-        return result;
     }
 
-    public static Collection<List<RoleWithHierarchy>> getAllRoleCombinations(int numSpaceRoles)
+    public static RoleWithHierarchy[][] toNestedArray(
+            Collection<Map<GuardedDomain, RoleWithHierarchy>> input, GuardedDomain[] order)
     {
-        Collection<List<RoleWithHierarchy>> result = new HashSet<List<RoleWithHierarchy>>();
-
-        for (List<RoleWithHierarchy> spaceRoles : getSpaceRoleCombinations(numSpaceRoles))
+        RoleWithHierarchy[][] result = new RoleWithHierarchy[input.size()][];
+        int index = 0;
+        for (Map<GuardedDomain, RoleWithHierarchy> permutation : input)
         {
-            for (RoleWithHierarchy instanceRole : allInstanceRoles)
+            RoleWithHierarchy[] roles = new RoleWithHierarchy[permutation.size()];
+            int subIndex = 0;
+            for (GuardedDomain d : order)
             {
-                List<RoleWithHierarchy> list = new ArrayList<RoleWithHierarchy>();
-                list.addAll(spaceRoles);
-                list.add(instanceRole);
-
-                if (containsOnlyNulls(list))
-                {
-                    continue;
-                }
-
-                result.add(list);
+                roles[subIndex] = permutation.get(d);
+                subIndex++;
             }
+            result[index] = roles;
+            index++;
         }
         return result;
     }
@@ -185,4 +147,25 @@ public class RolePermutator
         return true;
     }
 
+    public static final Collection<RoleWithHierarchy> allInstanceRoles;
+
+    public static final Collection<RoleWithHierarchy> allSpaceRoles;
+
+    static
+    {
+        allInstanceRoles = new HashSet<RoleWithHierarchy>();
+        allSpaceRoles = new HashSet<RoleWithHierarchy>();
+
+        allInstanceRoles.add(RoleWithHierarchy.INSTANCE_ADMIN);
+        allInstanceRoles.add(RoleWithHierarchy.INSTANCE_ETL_SERVER);
+        allInstanceRoles.add(RoleWithHierarchy.INSTANCE_OBSERVER);
+        allInstanceRoles.add(null);
+
+        allSpaceRoles.add(RoleWithHierarchy.SPACE_ADMIN);
+        allSpaceRoles.add(RoleWithHierarchy.SPACE_ETL_SERVER);
+        allSpaceRoles.add(RoleWithHierarchy.SPACE_POWER_USER);
+        allSpaceRoles.add(RoleWithHierarchy.SPACE_USER);
+        allSpaceRoles.add(RoleWithHierarchy.SPACE_OBSERVER);
+        allSpaceRoles.add(null);
+    }
 }

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/auth/RuleBuilder.java

+/*
+ * Copyright 2012 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.base.auth;
+
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+
+/**
+ * @author anttil
+ */
+public class RuleBuilder
+{
+
+    public static AuthorizationRule rule(GuardedDomain domain, RoleWithHierarchy role)
+    {
+        return new BasicAuthorizationRule(domain, role);
+    }
+
+    public static AuthorizationRule and(AuthorizationRule rule1, AuthorizationRule rule2,
+            AuthorizationRule... rest)
+    {
+        AuthorizationRule main = new AndAuthorizationRule(rule1, rule2);
+        for (AuthorizationRule rule : rest)
+        {
+            main = new AndAuthorizationRule(main, rule);
+        }
+        return main;
+    }
+
+    public static AuthorizationRule or(AuthorizationRule rule1, AuthorizationRule rule2,
+            AuthorizationRule... rest)
+    {
+        AuthorizationRule main = new OrAuthorizationRule(rule1, rule2);
+        for (AuthorizationRule rule : rest)
+        {
+            main = new OrAuthorizationRule(main, rule);
+        }
+        return main;
+    }
+
+    public static AuthorizationRule not(AuthorizationRule rule)
+    {
+        return new NotAuthorizationRule(rule);
+    }
+
+}

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/Builder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/Builder.java

@@ -14,11 +14,12 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import ch.systemsx.cisd.openbis.generic.server.ICommonServerForInternalUse;
 import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Sample;
 import ch.systemsx.cisd.openbis.plugin.generic.shared.IGenericServer;
+import ch.systemsx.cisd.openbis.systemtest.base.BaseTest;
 
 /**
  * @author anttil

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/DataSetUpdateBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/DataSetUpdateBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import static ch.systemsx.cisd.openbis.systemtest.base.BaseTest.id;
 

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/ExperimentBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/ExperimentBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import java.util.ArrayList;
 import java.util.List;

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/ExperimentUpdateBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/ExperimentUpdateBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import java.util.ArrayList;
 

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/ExternalDataBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/ExternalDataBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import static ch.systemsx.cisd.openbis.systemtest.base.BaseTest.id;
 

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/ProjectBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/ProjectBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import java.util.ArrayList;
 import java.util.UUID;

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/ProjectUpdateBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/ProjectUpdateBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import java.util.ArrayList;
 

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/SampleBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/SampleBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import java.util.ArrayList;
 import java.util.List;

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/SampleUpdateBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/SampleUpdateBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import static ch.systemsx.cisd.openbis.systemtest.base.BaseTest.id;
 

openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/SessionBuilder.java → openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/SessionBuilder.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package ch.systemsx.cisd.openbis.systemtest.base;
+package ch.systemsx.cisd.openbis.systemtest.base.builder;
 
 import java.util.ArrayList;
 import java.util.List;