use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class AclServiceTest method testUserBCanUpdateEventVisualizationWithAuthorityNoUserAccess.
@Test
void testUserBCanUpdateEventVisualizationWithAuthorityNoUserAccess() {
// Given
User userA = createUser('A');
manager.save(userA);
EventVisualization eventVisualization = new EventVisualization();
eventVisualization.setAutoFields();
eventVisualization.setName("FavA");
eventVisualization.setCreatedBy(userA);
eventVisualization.getSharing().setOwner(userA);
eventVisualization.setPublicAccess(AccessStringHelper.DEFAULT);
eventVisualization.setType(EventVisualizationType.COLUMN);
assertTrue(aclService.canUpdate(userA, eventVisualization));
manager.save(eventVisualization);
// Then
UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
userAuthorityGroup.setAutoFields();
userAuthorityGroup.setName("UR");
userAuthorityGroup.getAuthorities().add("F_EVENT_VISUALIZATION_PUBLIC_ADD");
manager.save(userAuthorityGroup);
User userB = createUser('B');
userB.getUserAuthorityGroups().add(userAuthorityGroup);
manager.save(userB);
manager.update(eventVisualization);
assertFalse(aclService.canUpdate(userB, eventVisualization));
}
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class AclServiceTest method testUserBCanUpdateVisualizationWithAuthorityNoUserAccess.
@Test
void testUserBCanUpdateVisualizationWithAuthorityNoUserAccess() {
User userA = createUser('A');
manager.save(userA);
Visualization visualization = new Visualization();
visualization.setAutoFields();
visualization.setName("FavA");
visualization.setCreatedBy(userA);
visualization.getSharing().setOwner(userA);
visualization.setPublicAccess(AccessStringHelper.DEFAULT);
visualization.setType(VisualizationType.COLUMN);
assertTrue(aclService.canUpdate(userA, visualization));
manager.save(visualization);
UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
userAuthorityGroup.setAutoFields();
userAuthorityGroup.setName("UR");
userAuthorityGroup.getAuthorities().add("F_VISUALIZATION_PUBLIC_ADD");
manager.save(userAuthorityGroup);
User userB = createUser('B');
userB.getUserAuthorityGroups().add(userAuthorityGroup);
manager.save(userB);
manager.update(visualization);
assertFalse(aclService.canUpdate(userB, visualization));
}
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class DhisConvenienceTest method createUserAndInjectSecurityContext.
/**
* Creates a user and injects into the security context with username
* "username". Requires <code>identifiableObjectManager</code> and
* <code>userService</code> to be injected into the test.
* <p>
*
* @param organisationUnits the organisation units of the user.
* @param dataViewOrganisationUnits the data view organisation units of the
* user.
* @param catDimensionConstraints the category dimension constraints of the
* user.
* @param allAuth whether to grant the ALL authority to the user.
* @param auths authorities to grant to the user. =======
* @param organisationUnits the organisation units of the user.
* @param dataViewOrganisationUnits the data view organisation units of the
* user.
* @param catDimensionConstraints the category dimension constraints of the
* user.
* @param allAuth whether to grant the ALL authority to the user.
* @param auths authorities to grant to the user.
* @return the user.
*/
protected User createUserAndInjectSecurityContext(Set<OrganisationUnit> organisationUnits, Set<OrganisationUnit> dataViewOrganisationUnits, Set<Category> catDimensionConstraints, boolean allAuth, String... auths) {
checkUserServiceWasInjected();
Set<String> authorities = new HashSet<>();
if (allAuth) {
authorities.add(UserAuthorityGroup.AUTHORITY_ALL);
}
if (auths != null) {
authorities.addAll(Lists.newArrayList(auths));
}
UserAuthorityGroup group = new UserAuthorityGroup();
group.setName("Superuser");
group.getAuthorities().addAll(authorities);
userService.addUserAuthorityGroup(group);
User user = createUser(nextUserName++);
if (organisationUnits != null) {
user.setOrganisationUnits(organisationUnits);
}
if (dataViewOrganisationUnits != null) {
user.setDataViewOrganisationUnits(dataViewOrganisationUnits);
}
if (catDimensionConstraints != null) {
user.setCatDimensionConstraints(catDimensionConstraints);
}
user.getUserAuthorityGroups().add(group);
userService.addUser(user);
userService.addUser(user);
injectSecurityContext(user);
return user;
}
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class DhisConvenienceTest method createUser.
public static User createUser(char uniqueCharacter, List<String> auths) {
User user = new User();
user.setUid(BASE_USER_UID + uniqueCharacter);
user.setCreatedBy(user);
user.setUsername(("username" + uniqueCharacter).toLowerCase());
user.setPassword("password" + uniqueCharacter);
if (auths != null && !auths.isEmpty()) {
UserAuthorityGroup role = new UserAuthorityGroup();
role.setName("Role_" + CodeGenerator.generateCode(5));
auths.stream().forEach(auth -> role.getAuthorities().add(auth));
user.getUserAuthorityGroups().add(role);
}
user.setFirstName("FirstName" + uniqueCharacter);
user.setSurname("Surname" + uniqueCharacter);
user.setEmail(("Email" + uniqueCharacter).toLowerCase());
user.setPhoneNumber("PhoneNumber" + uniqueCharacter);
user.setCode("UserCode" + uniqueCharacter);
user.setAutoFields();
return user;
}
use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.
the class SupplementaryDataProvider method getSupplementaryData.
public Map<String, List<String>> getSupplementaryData(List<ProgramRule> programRules) {
List<String> orgUnitGroups = new ArrayList<>();
for (ProgramRule programRule : programRules) {
Matcher matcher = PATTERN.matcher(StringUtils.defaultIfBlank(programRule.getCondition(), ""));
while (matcher.find()) {
orgUnitGroups.add(StringUtils.replace(matcher.group(1), "'", ""));
}
}
Map<String, List<String>> supplementaryData = Maps.newHashMap();
if (!orgUnitGroups.isEmpty()) {
supplementaryData = orgUnitGroups.stream().collect(Collectors.toMap(g -> g, g -> organisationUnitGroupService.getOrganisationUnitGroup(g).getMembers().stream().map(OrganisationUnit::getUid).collect(Collectors.toList())));
}
if (currentUserService.getCurrentUser() != null) {
supplementaryData.put(USER, currentUserService.getCurrentUser().getUserAuthorityGroups().stream().map(UserAuthorityGroup::getUid).collect(Collectors.toList()));
}
return supplementaryData;
}
Aggregations