Examples with Access org.hisp.dhis.security.acl.Access used on opensource projects

Search in sources :

Example 1 with Access

use of org.hisp.dhis.security.acl.Access in project dhis2-core by dhis2.

the class DataSetServiceTest method testDataSharingDataSet.

@Test
void testDataSharingDataSet() {
    User user = createUser('A');
    injectSecurityContext(user);
    DataSet dataSet = createDataSet('A', new MonthlyPeriodType());
    UserAccess userAccess = new UserAccess();
    userAccess.setUser(user);
    userAccess.setAccess(AccessStringHelper.DATA_READ_WRITE);
    dataSet.getSharing().addUserAccess(userAccess);
    Access access = aclService.getAccess(dataSet, user);
    assertTrue(access.getData().isRead());
    assertTrue(access.getData().isWrite());
}
Also used : User(org.hisp.dhis.user.User) MonthlyPeriodType(org.hisp.dhis.period.MonthlyPeriodType) UserAccess(org.hisp.dhis.user.sharing.UserAccess) UserAccess(org.hisp.dhis.user.sharing.UserAccess) Access(org.hisp.dhis.security.acl.Access) DhisTest(org.hisp.dhis.DhisTest) Test(org.junit.jupiter.api.Test)

Example 2 with Access

use of org.hisp.dhis.security.acl.Access in project dhis2-core by dhis2.

the class DefaultFieldFilterService method buildNode.

private AbstractNode buildNode(FieldMap fieldMap, Class<?> klass, Object object, User user, String nodeName, Defaults defaults) {
    Schema schema = schemaService.getDynamicSchema(klass);
    ComplexNode complexNode = new ComplexNode(nodeName);
    complexNode.setNamespace(schema.getNamespace());
    if (object == null) {
        return new SimpleNode(schema.getName(), null);
    }
    if (shouldExclude(object, defaults)) {
        return null;
    }
    updateFields(fieldMap, schema.getKlass());
    if (fieldMap.containsKey("access") && schema.isIdentifiableObject()) {
        Access access = aclService.getAccess((IdentifiableObject) object, user);
        ((BaseIdentifiableObject) object).setAccess(access);
    }
    if (fieldMap.containsKey("attribute") && AttributeValue.class.isAssignableFrom(object.getClass())) {
        AttributeValue attributeValue = (AttributeValue) object;
        attributeValue.setAttribute(attributeService.getAttribute(attributeValue.getAttribute().getUid()));
    }
    if (UserGroupAccess.class.isAssignableFrom(object.getClass())) {
        UserGroupAccess userGroupAccess = (UserGroupAccess) object;
        userGroupAccess.setDisplayName(userGroupService.getDisplayName(userGroupAccess.getUserGroupUid()));
    }
    if (UserAccess.class.isAssignableFrom(object.getClass())) {
        UserAccess userAccess = (UserAccess) object;
        userAccess.setDisplayName(userService.getDisplayName(userAccess.getUserUid()));
    }
    for (String fieldKey : fieldMap.keySet()) {
        AbstractNode child = null;
        Property property = schema.getProperty(fieldKey);
        FieldMap fieldValue = fieldMap.get(fieldKey);
        if (property == null || !property.isReadable()) {
            // throw new FieldFilterException( fieldKey, schema );
            log.debug("Unknown field property `" + fieldKey + "`, available fields are " + schema.getPropertyMap().keySet());
            continue;
        }
        Object returnValue = ReflectionUtils.invokeMethod(object, property.getGetterMethod());
        Class<?> propertyClass = property.getKlass();
        Schema propertySchema = schemaService.getDynamicSchema(propertyClass);
        if (property.hasPropertyTransformer()) {
            PropertyTransformer propertyTransformer = transformerCache.get(property.getPropertyTransformer().getName(), s -> {
                try {
                    return property.getPropertyTransformer().newInstance();
                } catch (InstantiationException | IllegalAccessException e) {
                    throw new RuntimeException(e);
                }
            });
            if (returnValue != null) {
                returnValue = propertyTransformer.transform(returnValue);
                propertyClass = returnValue.getClass();
                propertySchema = schemaService.getDynamicSchema(propertyClass);
                updateFields(fieldValue, propertyTransformer.getKlass());
            }
        }
        if (returnValue != null && propertySchema.getProperties().isEmpty() && !property.isCollection() && property.getKlass().isInterface() && !property.isIdentifiableObject()) {
            // try to retrieve schema from concrete class
            propertyClass = returnValue.getClass();
            propertySchema = schemaService.getDynamicSchema(propertyClass);
        }
        if (returnValue == null && property.isCollection()) {
            continue;
        }
        if (property.isCollection()) {
            updateFields(fieldValue, property.getItemKlass());
        } else {
            updateFields(fieldValue, propertyClass);
        }
        if (fieldValue.isEmpty()) {
            List<String> fields = Preset.defaultAssociationPreset().getFields();
            if (property.isCollection()) {
                Collection<?> collection = (Collection<?>) returnValue;
                child = new CollectionNode(property.getCollectionName(), collection.size());
                child.setNamespace(property.getNamespace());
                if (property.isIdentifiableObject() && isProperIdObject(property.getItemKlass())) {
                    final boolean mayExclude = collection.isEmpty() || mayExclude(property.getItemKlass(), defaults);
                    for (Object collectionObject : collection) {
                        if (!mayExclude || !shouldExclude(collectionObject, defaults)) {
                            child.addChild(getProperties(property, collectionObject, fields));
                        }
                    }
                } else if (!property.isSimple()) {
                    FieldMap map = getFullFieldMap(schemaService.getDynamicSchema(property.getItemKlass()));
                    for (Object collectionObject : collection) {
                        Node node = buildNode(map, property.getItemKlass(), collectionObject, user, defaults);
                        if (node != null && !node.getChildren().isEmpty()) {
                            child.addChild(node);
                        }
                    }
                } else {
                    for (Object collectionObject : collection) {
                        SimpleNode simpleNode = child.addChild(new SimpleNode(property.getName(), collectionObject));
                        simpleNode.setProperty(property);
                    }
                }
            } else if (property.isIdentifiableObject() && isProperIdObject(propertyClass)) {
                if (!shouldExclude(returnValue, defaults)) {
                    child = getProperties(property, returnValue, fields);
                }
            } else {
                if (propertySchema.getProperties().isEmpty()) {
                    SimpleNode simpleNode = new SimpleNode(fieldKey, returnValue);
                    simpleNode.setAttribute(property.isAttribute());
                    simpleNode.setNamespace(property.getNamespace());
                    child = simpleNode;
                } else {
                    child = buildNode(getFullFieldMap(propertySchema), propertyClass, returnValue, user, defaults);
                }
            }
        } else {
            if (property.isCollection()) {
                child = new CollectionNode(property.getCollectionName());
                child.setNamespace(property.getNamespace());
                for (Object collectionObject : (Collection<?>) Objects.requireNonNull(returnValue)) {
                    Node node;
                    if (property.hasPropertyTransformer()) {
                        // if it has a transformer, re-get the schema (the
                        // item klass has probably changed)
                        Schema sch = schemaService.getDynamicSchema(HibernateProxyUtils.getRealClass(collectionObject));
                        node = buildNode(fieldValue, sch.getKlass(), collectionObject, user, property.getName(), defaults);
                    } else {
                        node = buildNode(fieldValue, property.getItemKlass(), collectionObject, user, property.getName(), defaults);
                    }
                    if (!Objects.requireNonNull(node).getChildren().isEmpty()) {
                        child.addChild(node);
                    }
                }
            } else {
                returnValue = handleJsonbObjectProperties(klass, propertyClass, returnValue);
                child = buildNode(fieldValue, propertyClass, returnValue, user, defaults);
            }
        }
        if (child != null) {
            child.setName(fieldKey);
            child.setProperty(property);
            // serializer/deserializer
            if (child.isSimple() && (((SimpleNode) child).getValue()) instanceof PeriodType) {
                child = new SimpleNode(child.getName(), ((PeriodType) ((SimpleNode) child).getValue()).getName());
            }
            complexNode.addChild(fieldValue.getPipeline().process(child));
        }
    }
    return complexNode;
}
Also used : PeriodType(org.hisp.dhis.period.PeriodType) AttributeValue(org.hisp.dhis.attribute.AttributeValue) AbstractNode(org.hisp.dhis.node.AbstractNode) Schema(org.hisp.dhis.schema.Schema) SimpleNode(org.hisp.dhis.node.types.SimpleNode) ComplexNode(org.hisp.dhis.node.types.ComplexNode) CollectionNode(org.hisp.dhis.node.types.CollectionNode) AbstractNode(org.hisp.dhis.node.AbstractNode) Node(org.hisp.dhis.node.Node) UserAccess(org.hisp.dhis.user.UserAccess) Access(org.hisp.dhis.security.acl.Access) UserGroupAccess(org.hisp.dhis.user.UserGroupAccess) SimpleNode(org.hisp.dhis.node.types.SimpleNode) Property(org.hisp.dhis.schema.Property) UserGroupAccess(org.hisp.dhis.user.UserGroupAccess) UserAccess(org.hisp.dhis.user.UserAccess) ComplexNode(org.hisp.dhis.node.types.ComplexNode) CollectionNode(org.hisp.dhis.node.types.CollectionNode) BaseIdentifiableObject(org.hisp.dhis.common.BaseIdentifiableObject) PropertyTransformer(org.hisp.dhis.schema.PropertyTransformer) Collection(java.util.Collection) EmbeddedObject(org.hisp.dhis.common.EmbeddedObject) BaseIdentifiableObject(org.hisp.dhis.common.BaseIdentifiableObject) IdentifiableObject(org.hisp.dhis.common.IdentifiableObject)

Example 3 with Access

use of org.hisp.dhis.security.acl.Access in project dhis2-core by dhis2.

the class MeController method getCurrentUser.

@GetMapping
public ResponseEntity<JsonNode> getCurrentUser(@CurrentUser(required = true) User user, @RequestParam(defaultValue = "*") List<String> fields) {
    if (fieldsContains("access", fields)) {
        Access access = aclService.getAccess(user, user);
        user.setAccess(access);
    }
    Map<String, Serializable> userSettings = userSettingService.getUserSettingsWithFallbackByUserAsMap(user, USER_SETTING_KEYS, true);
    List<String> programs = programService.getUserPrograms().stream().map(BaseIdentifiableObject::getUid).collect(Collectors.toList());
    List<String> dataSets = dataSetService.getUserDataRead(user).stream().map(BaseIdentifiableObject::getUid).collect(Collectors.toList());
    MeDto meDto = new MeDto(user, userSettings, programs, dataSets);
    UserCredentialsDto userCredentialsDto = user.getUserCredentials();
    meDto.setUserCredentials(userCredentialsDto);
    var params = org.hisp.dhis.fieldfiltering.FieldFilterParams.of(meDto, fields);
    ObjectNode jsonNodes = fieldFilterService.toObjectNodes(params).get(0);
    return ResponseEntity.ok(jsonNodes);
}
Also used : Serializable(java.io.Serializable) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) Access(org.hisp.dhis.security.acl.Access) UserCredentialsDto(org.hisp.dhis.user.UserCredentialsDto) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Aggregations

Access (org.hisp.dhis.security.acl.Access)3 ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)1 Serializable (java.io.Serializable)1 Collection (java.util.Collection)1 DhisTest (org.hisp.dhis.DhisTest)1 AttributeValue (org.hisp.dhis.attribute.AttributeValue)1 BaseIdentifiableObject (org.hisp.dhis.common.BaseIdentifiableObject)1 EmbeddedObject (org.hisp.dhis.common.EmbeddedObject)1 IdentifiableObject (org.hisp.dhis.common.IdentifiableObject)1 AbstractNode (org.hisp.dhis.node.AbstractNode)1 Node (org.hisp.dhis.node.Node)1 CollectionNode (org.hisp.dhis.node.types.CollectionNode)1 ComplexNode (org.hisp.dhis.node.types.ComplexNode)1 SimpleNode (org.hisp.dhis.node.types.SimpleNode)1 MonthlyPeriodType (org.hisp.dhis.period.MonthlyPeriodType)1 PeriodType (org.hisp.dhis.period.PeriodType)1 Property (org.hisp.dhis.schema.Property)1 PropertyTransformer (org.hisp.dhis.schema.PropertyTransformer)1 Schema (org.hisp.dhis.schema.Schema)1 User (org.hisp.dhis.user.User)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial