use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class UserRoleController method removeUserFromRole.
@RequestMapping(value = "/{id}/users/{userId}", method = RequestMethod.DELETE)
@ResponseStatus(HttpStatus.NO_CONTENT)
public void removeUserFromRole(@PathVariable(value = "id") String pvId, @PathVariable("userId") String pvUserId, HttpServletResponse response) throws WebMessageException {
UserAuthorityGroup userAuthorityGroup = userService.getUserAuthorityGroup(pvId);
if (userAuthorityGroup == null) {
throw new WebMessageException(WebMessageUtils.notFound("UserRole does not exist: " + pvId));
}
User user = userService.getUser(pvUserId);
if (user == null || user.getUserCredentials() == null) {
throw new WebMessageException(WebMessageUtils.notFound("User does not exist: " + pvId));
}
if (!aclService.canUpdate(currentUserService.getCurrentUser(), userAuthorityGroup)) {
throw new DeleteAccessDeniedException("You don't have the proper permissions to delete this object.");
}
if (user.getUserCredentials().getUserAuthorityGroups().contains(userAuthorityGroup)) {
user.getUserCredentials().getUserAuthorityGroups().remove(userAuthorityGroup);
userService.updateUserCredentials(user.getUserCredentials());
}
}
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class DhisConvenienceTest method createUserAuthorityGroup.
public static UserAuthorityGroup createUserAuthorityGroup(char uniqueCharacter) {
UserAuthorityGroup role = new UserAuthorityGroup();
role.setAutoFields();
role.setUid(BASE_UID + uniqueCharacter);
role.setName("UserAuthorityGroup" + uniqueCharacter);
return role;
}
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class DhisConvenienceTest method createUserAndInjectSecurityContext.
/**
* Creates a user and injects into the security context with username
* "username". Requires <code>identifiableObjectManager</code> and
* <code>userService</code> to be injected into the test.
*
* @param organisationUnits the organisation units of the user.
* @param dataViewOrganisationUnits user's data view organisation units.
* @param allAuth whether to grant the ALL authority.
* @param auths authorities to grant to user.
* @return the user.
*/
protected User createUserAndInjectSecurityContext(Set<OrganisationUnit> organisationUnits, Set<OrganisationUnit> dataViewOrganisationUnits, boolean allAuth, String... auths) {
Assert.notNull(userService, "UserService must be injected in test");
Set<String> authorities = new HashSet<>();
if (allAuth) {
authorities.add(UserAuthorityGroup.AUTHORITY_ALL);
}
if (auths != null) {
authorities.addAll(Lists.newArrayList(auths));
}
UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
userAuthorityGroup.setName("Superuser");
userAuthorityGroup.getAuthorities().addAll(authorities);
userService.addUserAuthorityGroup(userAuthorityGroup);
User user = createUser('A');
if (organisationUnits != null) {
user.setOrganisationUnits(organisationUnits);
}
if (dataViewOrganisationUnits != null) {
user.setDataViewOrganisationUnits(dataViewOrganisationUnits);
}
user.getUserCredentials().getUserAuthorityGroups().add(userAuthorityGroup);
userService.addUser(user);
user.getUserCredentials().setUserInfo(user);
userService.addUserCredentials(user.getUserCredentials());
Set<GrantedAuthority> grantedAuths = authorities.stream().map(a -> new SimpleGrantedAuthority(a)).collect(Collectors.toSet());
UserDetails userDetails = new org.springframework.security.core.userdetails.User(user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuths);
Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, "", grantedAuths);
SecurityContextHolder.getContext().setAuthentication(authentication);
return user;
}
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class AddRoleAction method execute.
// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
@Override
public String execute() throws Exception {
UserAuthorityGroup group = new UserAuthorityGroup();
group.setName(StringUtils.trimToNull(name));
group.setDescription(StringUtils.trimToNull(description));
for (String id : selectedList) {
DataSet dataSet = dataSetService.getDataSet(id);
group.getDataSets().add(dataSet);
}
for (String id : selectedProgramList) {
Program program = programService.getProgram(id);
group.getPrograms().add(program);
}
group.getAuthorities().addAll(selectedListAuthority);
userService.addUserAuthorityGroup(group);
return SUCCESS;
}
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class UpdateRoleAction method execute.
// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
@Override
public String execute() throws Exception {
UserAuthorityGroup group = userService.getUserAuthorityGroup(id);
group.setName(StringUtils.trimToNull(name));
group.setDescription(StringUtils.trimToNull(description));
group.getDataSets().clear();
group.getPrograms().clear();
group.getAuthorities().clear();
for (String id : selectedList) {
DataSet dataSet = dataSetService.getDataSet(id);
group.getDataSets().add(dataSet);
}
for (String id : selectedProgramList) {
Program program = programService.getProgram(id);
group.getPrograms().add(program);
}
group.getAuthorities().addAll(selectedListAuthority);
userService.updateUserAuthorityGroup(group);
return SUCCESS;
}
Aggregations