Example 6 with UserAuthorityGroup
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class DataQueryServiceTest method setUpTest.
@Override
public void setUpTest() {
super.userService = internalUserService;
prA = createProgram('A');
programService.addProgram(prA);
deA = createDataElement('A');
deB = createDataElement('B');
deC = createDataElement('C');
deD = createDataElement('D');
DataElement deE = createDataElement('E');
DataElement deF = createDataElement('F');
deE.setDomainType(DataElementDomain.TRACKER);
deF.setDomainType(DataElementDomain.TRACKER);
dataElementService.addDataElement(deA);
dataElementService.addDataElement(deB);
dataElementService.addDataElement(deC);
dataElementService.addDataElement(deD);
dataElementService.addDataElement(deE);
dataElementService.addDataElement(deF);
pdA = new ProgramDataElementDimensionItem(prA, deE);
pdB = new ProgramDataElementDimensionItem(prA, deF);
cocA = categoryService.getDefaultCategoryOptionCombo();
DataSet dsA = createDataSet('A', monthly);
DataSet dsB = createDataSet('B', monthly);
dataSetService.addDataSet(dsA);
dataSetService.addDataSet(dsB);
rrA = new ReportingRate(dsA, ReportingRateMetric.REPORTING_RATE);
rrB = new ReportingRate(dsB, ReportingRateMetric.REPORTING_RATE);
rrC = new ReportingRate(dsB, ReportingRateMetric.ACTUAL_REPORTS);
itA = createIndicatorType('A');
idObjectManager.save(itA);
inA = createIndicator('A', itA);
inB = createIndicator('B', itA);
idObjectManager.save(inA);
idObjectManager.save(inB);
inGroupA = createIndicatorGroup('A');
inGroupA.getMembers().add(inA);
inGroupA.getMembers().add(inB);
idObjectManager.save(inGroupA);
atA = createTrackedEntityAttribute('A');
atB = createTrackedEntityAttribute('B');
idObjectManager.save(atA);
idObjectManager.save(atB);
patA = new ProgramTrackedEntityAttributeDimensionItem(prA, atA);
patB = new ProgramTrackedEntityAttributeDimensionItem(prA, atB);
ouA = createOrganisationUnit('A');
ouB = createOrganisationUnit('B');
ouC = createOrganisationUnit('C');
ouD = createOrganisationUnit('D');
ouE = createOrganisationUnit('E');
ouB.updateParent(ouA);
ouC.updateParent(ouA);
ouD.updateParent(ouB);
ouE.updateParent(ouB);
organisationUnitService.addOrganisationUnit(ouA);
organisationUnitService.addOrganisationUnit(ouB);
organisationUnitService.addOrganisationUnit(ouC);
organisationUnitService.addOrganisationUnit(ouD);
organisationUnitService.addOrganisationUnit(ouE);
ouGroupSetA = createOrganisationUnitGroupSet('A');
organisationUnitGroupService.addOrganisationUnitGroupSet(ouGroupSetA);
ouGroupA = createOrganisationUnitGroup('A');
ouGroupA.setPublicAccess(AccessStringHelper.FULL);
ouGroupB = createOrganisationUnitGroup('B');
ouGroupB.setPublicAccess(AccessStringHelper.FULL);
ouGroupC = createOrganisationUnitGroup('C');
ouGroupC.setPublicAccess(AccessStringHelper.FULL);
ouGroupA.addOrganisationUnit(ouA);
ouGroupA.addOrganisationUnit(ouB);
ouGroupA.addOrganisationUnit(ouC);
organisationUnitGroupService.addOrganisationUnitGroup(ouGroupA);
organisationUnitGroupService.addOrganisationUnitGroup(ouGroupB);
organisationUnitGroupService.addOrganisationUnitGroup(ouGroupC);
ouGroupSetA.addOrganisationUnitGroup(ouGroupA);
ouGroupSetA.addOrganisationUnitGroup(ouGroupB);
ouGroupSetA.addOrganisationUnitGroup(ouGroupC);
organisationUnitGroupService.updateOrganisationUnitGroupSet(ouGroupSetA);
deGroupSetA = createDataElementGroupSet('A');
dataElementService.addDataElementGroupSet(deGroupSetA);
deGroupA = createDataElementGroup('A');
deGroupB = createDataElementGroup('B');
deGroupC = createDataElementGroup('C');
deGroupA.getGroupSets().add(deGroupSetA);
deGroupB.getGroupSets().add(deGroupSetA);
deGroupC.getGroupSets().add(deGroupSetA);
deGroupA.getGroupSets().add(deGroupSetA);
deGroupA.addDataElement(deA);
deGroupA.addDataElement(deB);
deGroupA.addDataElement(deC);
dataElementService.addDataElementGroup(deGroupA);
dataElementService.addDataElementGroup(deGroupB);
dataElementService.addDataElementGroup(deGroupC);
deGroupSetA.addDataElementGroup(deGroupA);
deGroupSetA.addDataElementGroup(deGroupB);
deGroupSetA.addDataElementGroup(deGroupC);
dataElementService.updateDataElementGroupSet(deGroupSetA);
// ---------------------------------------------------------------------
// Inject user
// ---------------------------------------------------------------------
UserAuthorityGroup role = createUserAuthorityGroup('A', "ALL");
userService.addUserAuthorityGroup(role);
User user = createUser('A');
user.addOrganisationUnit(ouA);
user.getUserAuthorityGroups().add(role);
saveAndInjectUserSecurityContext(user);
}
Also used :
DataElement(org.hisp.dhis.dataelement.DataElement)
ProgramDataElementDimensionItem(org.hisp.dhis.program.ProgramDataElementDimensionItem)
User(org.hisp.dhis.user.User)
DataSet(org.hisp.dhis.dataset.DataSet)
ReportingRate(org.hisp.dhis.common.ReportingRate)
UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)
ProgramTrackedEntityAttributeDimensionItem(org.hisp.dhis.program.ProgramTrackedEntityAttributeDimensionItem)
Example 7 with UserAuthorityGroup
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class UserObjectBundleHook method preDelete.
@Override
public void preDelete(User user, ObjectBundle bundle) {
Set<UserGroup> groups = user.getGroups();
userGroupService.removeUserFromGroups(user, getUids(groups));
Set<UserAuthorityGroup> userRoles = user.getUserAuthorityGroups();
for (UserAuthorityGroup userRole : userRoles) {
userRole.removeUser(user);
sessionFactory.getCurrentSession().update(userRole);
}
}
Also used :
UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)
UserGroup(org.hisp.dhis.user.UserGroup)
Example 8 with UserAuthorityGroup
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class UserObjectBundleHook method handleNoAccessRoles.
/**
* If currentUser doesn't have read access to a UserRole and it is included
* in the payload, then that UserRole should not be removed from updating
* User.
*
* @param user the updating User.
* @param bundle the ObjectBundle.
*/
private void handleNoAccessRoles(User user, ObjectBundle bundle, Set<UserAuthorityGroup> userAuthorityGroups) {
Set<UserAuthorityGroup> roles = user.getUserAuthorityGroups();
Set<String> currentRoles = roles.stream().map(BaseIdentifiableObject::getUid).collect(Collectors.toSet());
if (userAuthorityGroups != null) {
userAuthorityGroups.stream().filter(role -> !currentRoles.contains(role.getUid())).forEach(role -> {
UserAuthorityGroup persistedRole = bundle.getPreheat().get(PreheatIdentifier.UID, role);
if (persistedRole == null) {
persistedRole = manager.getNoAcl(UserAuthorityGroup.class, role.getUid());
}
if (!aclService.canRead(bundle.getUser(), persistedRole)) {
roles.add(persistedRole);
}
});
}
}
Also used :
ObjectBundle(org.hisp.dhis.dxf2.metadata.objectbundle.ObjectBundle)
ErrorReport(org.hisp.dhis.feedback.ErrorReport)
PreheatIdentifier(org.hisp.dhis.preheat.PreheatIdentifier)
ValidationUtils(org.hisp.dhis.system.util.ValidationUtils)
StringUtils(org.apache.commons.lang3.StringUtils)
HashSet(java.util.HashSet)
FileResourceService(org.hisp.dhis.fileresource.FileResourceService)
Map(java.util.Map)
User(org.hisp.dhis.user.User)
ErrorCode(org.hisp.dhis.feedback.ErrorCode)
UserService(org.hisp.dhis.user.UserService)
BaseIdentifiableObject(org.hisp.dhis.common.BaseIdentifiableObject)
UserGroup(org.hisp.dhis.user.UserGroup)
FileResource(org.hisp.dhis.fileresource.FileResource)
Set(java.util.Set)
Collectors(java.util.stream.Collectors)
Objects(java.util.Objects)
Consumer(java.util.function.Consumer)
OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit)
BaseIdentifiableObject_(org.hisp.dhis.common.adapter.BaseIdentifiableObject_)
Slf4j(lombok.extern.slf4j.Slf4j)
Component(org.springframework.stereotype.Component)
IdentifiableObjectUtils.getUids(org.hisp.dhis.common.IdentifiableObjectUtils.getUids)
UserGroupService(org.hisp.dhis.user.UserGroupService)
CurrentUserService(org.hisp.dhis.user.CurrentUserService)
AclService(org.hisp.dhis.security.acl.AclService)
UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)
AllArgsConstructor(lombok.AllArgsConstructor)
UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)
Example 9 with UserAuthorityGroup
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class UserObjectBundleHook method postCommit.
@Override
@SuppressWarnings("unchecked")
public void postCommit(ObjectBundle bundle) {
Iterable<User> objects = bundle.getObjects(User.class);
Map<String, Map<String, Object>> userReferences = bundle.getObjectReferences(User.class);
if (userReferences == null || userReferences.isEmpty()) {
return;
}
for (User identifiableObject : objects) {
User user = identifiableObject;
user = bundle.getPreheat().get(bundle.getPreheatIdentifier(), user);
Map<String, Object> userReferenceMap = userReferences.get(identifiableObject.getUid());
if (user == null || userReferenceMap == null || userReferenceMap.isEmpty()) {
continue;
}
Set<UserAuthorityGroup> userAuthorityGroups = (Set<UserAuthorityGroup>) userReferenceMap.get("userRoles");
user.setUserAuthorityGroups(Objects.requireNonNullElseGet(userAuthorityGroups, HashSet::new));
Set<OrganisationUnit> organisationUnits = (Set<OrganisationUnit>) userReferenceMap.get("organisationUnits");
user.setOrganisationUnits(organisationUnits);
Set<OrganisationUnit> dataViewOrganisationUnits = (Set<OrganisationUnit>) userReferenceMap.get("dataViewOrganisationUnits");
user.setDataViewOrganisationUnits(dataViewOrganisationUnits);
Set<OrganisationUnit> teiSearchOrganisationUnits = (Set<OrganisationUnit>) userReferenceMap.get("teiSearchOrganisationUnits");
user.setTeiSearchOrganisationUnits(teiSearchOrganisationUnits);
user.setCreatedBy((User) userReferenceMap.get(BaseIdentifiableObject_.CREATED_BY));
if (user.getCreatedBy() == null) {
user.setCreatedBy(bundle.getUser());
}
user.setLastUpdatedBy(bundle.getUser());
preheatService.connectReferences(user, bundle.getPreheat(), bundle.getPreheatIdentifier());
handleNoAccessRoles(user, bundle, userAuthorityGroups);
sessionFactory.getCurrentSession().update(user);
}
}
Also used :
OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit)
User(org.hisp.dhis.user.User)
HashSet(java.util.HashSet)
Set(java.util.Set)
UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)
BaseIdentifiableObject(org.hisp.dhis.common.BaseIdentifiableObject)
Map(java.util.Map)
Example 10 with UserAuthorityGroup
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class DataApprovalAuditServiceTest method getMockCurrentUserService.
// -------------------------------------------------------------------------
// Set up/tear down helper methods
// -------------------------------------------------------------------------
private CurrentUserService getMockCurrentUserService(String userName, boolean superUserFlag, OrganisationUnit orgUnit, String... auths) {
CurrentUserService mockCurrentUserService = new MockCurrentUserService(superUserFlag, Sets.newHashSet(orgUnit), Sets.newHashSet(orgUnit), auths);
User user = mockCurrentUserService.getCurrentUser();
user.setFirstName("Test");
user.setSurname(userName);
user.setUsername(userName);
for (UserAuthorityGroup role : user.getUserAuthorityGroups()) {
// Give the role an
role.setName(CodeGenerator.generateUid());
// arbitrary name
userService.addUserAuthorityGroup(role);
}
userService.addUser(user);
return mockCurrentUserService;
}
Also used :
User(org.hisp.dhis.user.User)
MockCurrentUserService(org.hisp.dhis.mock.MockCurrentUserService)
UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)
MockCurrentUserService(org.hisp.dhis.mock.MockCurrentUserService)
CurrentUserService(org.hisp.dhis.user.CurrentUserService)
Aggregations
UserAuthorityGroup (org.hisp.dhis.user.UserAuthorityGroup)56
User (org.hisp.dhis.user.User)41
OrganisationUnit (org.hisp.dhis.organisationunit.OrganisationUnit)19
Test (org.junit.jupiter.api.Test)19
TransactionalIntegrationTest (org.hisp.dhis.TransactionalIntegrationTest)17
List (java.util.List)15
IdentifiableObject (org.hisp.dhis.common.IdentifiableObject)15
DataSet (org.hisp.dhis.dataset.DataSet)15
DataElement (org.hisp.dhis.dataelement.DataElement)14
ClassPathResource (org.springframework.core.io.ClassPathResource)14
ObjectBundleValidationReport (org.hisp.dhis.dxf2.metadata.objectbundle.feedback.ObjectBundleValidationReport)11
HashSet (java.util.HashSet)7
Program (org.hisp.dhis.program.Program)7
UserGroup (org.hisp.dhis.user.UserGroup)6
ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)5
Section (org.hisp.dhis.dataset.Section)4
WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)4
EventVisualization (org.hisp.dhis.eventvisualization.EventVisualization)4
ProgramStage (org.hisp.dhis.program.ProgramStage)4
ProgramStageDataElement (org.hisp.dhis.program.ProgramStageDataElement)4
