Possible PermissionDeniedException when listing rawbioassay through webservices

[Nicklas Nordborg]

This happens if one of the raw bioassays the user has access to is linked to an array design that the user doesn't has access to. Here is part of the stacktrace from the client side:

org.apache.axis2.AxisFault: Permission denied: Not allowed to read Array design[id=3; name=HG-U133A.cdf]
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508)
at org.apache.axis2.rpc.client.RPCServiceClient.invokeBlocking(RPCServiceClient.java:101)
at net.sf.basedb.ws.client.AbstractRPCClient.invokeBlocking(AbstractRPCClient.java:59)
at net.sf.basedb.ws.client.AbstractRPCClient.invokeBlocking(AbstractRPCClient.java:65)
at net.sf.basedb.ws.client.RawBioAssayClient.getRawBioAssays(RawBioAssayClient.java:86)
at net.sf.basedb.ws.example.Main.listRawBioassays(Main.java:224)
at net.sf.basedb.ws.example.Main.main(Main.java:94)
...

[Nicklas Nordborg]

The problem is the RawBioAssay.toTransferable() method, which just loads the array design with checking for permissions. It seems like there are similiar issues with other items. I think we need to go through all toTransferable() methods and implement error handling.

[Nicklas Nordborg]

(In [4245]) Fixes #1002: Possible PermissionDeniedException? when listing rawbioassay through webservices