Search in sources :

Example 11 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class AclServiceTest method testUserBCanUpdateEventVisualizationWithAuthorityNoUserAccess.

@Test
void testUserBCanUpdateEventVisualizationWithAuthorityNoUserAccess() {
    // Given
    User userA = createUser('A');
    manager.save(userA);
    EventVisualization eventVisualization = new EventVisualization();
    eventVisualization.setAutoFields();
    eventVisualization.setName("FavA");
    eventVisualization.setCreatedBy(userA);
    eventVisualization.getSharing().setOwner(userA);
    eventVisualization.setPublicAccess(AccessStringHelper.DEFAULT);
    eventVisualization.setType(EventVisualizationType.COLUMN);
    assertTrue(aclService.canUpdate(userA, eventVisualization));
    manager.save(eventVisualization);
    // Then
    UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
    userAuthorityGroup.setAutoFields();
    userAuthorityGroup.setName("UR");
    userAuthorityGroup.getAuthorities().add("F_EVENT_VISUALIZATION_PUBLIC_ADD");
    manager.save(userAuthorityGroup);
    User userB = createUser('B');
    userB.getUserAuthorityGroups().add(userAuthorityGroup);
    manager.save(userB);
    manager.update(eventVisualization);
    assertFalse(aclService.canUpdate(userB, eventVisualization));
}
Also used : User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) EventVisualization(org.hisp.dhis.eventvisualization.EventVisualization) TransactionalIntegrationTest(org.hisp.dhis.TransactionalIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 12 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class AclServiceTest method testUserBCanUpdateVisualizationWithAuthorityNoUserAccess.

@Test
void testUserBCanUpdateVisualizationWithAuthorityNoUserAccess() {
    User userA = createUser('A');
    manager.save(userA);
    Visualization visualization = new Visualization();
    visualization.setAutoFields();
    visualization.setName("FavA");
    visualization.setCreatedBy(userA);
    visualization.getSharing().setOwner(userA);
    visualization.setPublicAccess(AccessStringHelper.DEFAULT);
    visualization.setType(VisualizationType.COLUMN);
    assertTrue(aclService.canUpdate(userA, visualization));
    manager.save(visualization);
    UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
    userAuthorityGroup.setAutoFields();
    userAuthorityGroup.setName("UR");
    userAuthorityGroup.getAuthorities().add("F_VISUALIZATION_PUBLIC_ADD");
    manager.save(userAuthorityGroup);
    User userB = createUser('B');
    userB.getUserAuthorityGroups().add(userAuthorityGroup);
    manager.save(userB);
    manager.update(visualization);
    assertFalse(aclService.canUpdate(userB, visualization));
}
Also used : Visualization(org.hisp.dhis.visualization.Visualization) EventVisualization(org.hisp.dhis.eventvisualization.EventVisualization) User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) TransactionalIntegrationTest(org.hisp.dhis.TransactionalIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 13 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class DhisConvenienceTest method createUserAndInjectSecurityContext.

/**
 * Creates a user and injects into the security context with username
 * "username". Requires <code>identifiableObjectManager</code> and
 * <code>userService</code> to be injected into the test.
 * <p>
 *
 * @param organisationUnits the organisation units of the user.
 * @param dataViewOrganisationUnits the data view organisation units of the
 *        user.
 * @param catDimensionConstraints the category dimension constraints of the
 *        user.
 * @param allAuth whether to grant the ALL authority to the user.
 * @param auths authorities to grant to the user. =======
 * @param organisationUnits the organisation units of the user.
 * @param dataViewOrganisationUnits the data view organisation units of the
 *        user.
 * @param catDimensionConstraints the category dimension constraints of the
 *        user.
 * @param allAuth whether to grant the ALL authority to the user.
 * @param auths authorities to grant to the user.
 * @return the user.
 */
protected User createUserAndInjectSecurityContext(Set<OrganisationUnit> organisationUnits, Set<OrganisationUnit> dataViewOrganisationUnits, Set<Category> catDimensionConstraints, boolean allAuth, String... auths) {
    checkUserServiceWasInjected();
    Set<String> authorities = new HashSet<>();
    if (allAuth) {
        authorities.add(UserAuthorityGroup.AUTHORITY_ALL);
    }
    if (auths != null) {
        authorities.addAll(Lists.newArrayList(auths));
    }
    UserAuthorityGroup group = new UserAuthorityGroup();
    group.setName("Superuser");
    group.getAuthorities().addAll(authorities);
    userService.addUserAuthorityGroup(group);
    User user = createUser(nextUserName++);
    if (organisationUnits != null) {
        user.setOrganisationUnits(organisationUnits);
    }
    if (dataViewOrganisationUnits != null) {
        user.setDataViewOrganisationUnits(dataViewOrganisationUnits);
    }
    if (catDimensionConstraints != null) {
        user.setCatDimensionConstraints(catDimensionConstraints);
    }
    user.getUserAuthorityGroups().add(group);
    userService.addUser(user);
    userService.addUser(user);
    injectSecurityContext(user);
    return user;
}
Also used : User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) HashSet(java.util.HashSet)

Example 14 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class DhisConvenienceTest method createUser.

public static User createUser(char uniqueCharacter, List<String> auths) {
    User user = new User();
    user.setUid(BASE_USER_UID + uniqueCharacter);
    user.setCreatedBy(user);
    user.setUsername(("username" + uniqueCharacter).toLowerCase());
    user.setPassword("password" + uniqueCharacter);
    if (auths != null && !auths.isEmpty()) {
        UserAuthorityGroup role = new UserAuthorityGroup();
        role.setName("Role_" + CodeGenerator.generateCode(5));
        auths.stream().forEach(auth -> role.getAuthorities().add(auth));
        user.getUserAuthorityGroups().add(role);
    }
    user.setFirstName("FirstName" + uniqueCharacter);
    user.setSurname("Surname" + uniqueCharacter);
    user.setEmail(("Email" + uniqueCharacter).toLowerCase());
    user.setPhoneNumber("PhoneNumber" + uniqueCharacter);
    user.setCode("UserCode" + uniqueCharacter);
    user.setAutoFields();
    return user;
}
Also used : User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)

Example 15 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class SupplementaryDataProvider method getSupplementaryData.

public Map<String, List<String>> getSupplementaryData(List<ProgramRule> programRules) {
    List<String> orgUnitGroups = new ArrayList<>();
    for (ProgramRule programRule : programRules) {
        Matcher matcher = PATTERN.matcher(StringUtils.defaultIfBlank(programRule.getCondition(), ""));
        while (matcher.find()) {
            orgUnitGroups.add(StringUtils.replace(matcher.group(1), "'", ""));
        }
    }
    Map<String, List<String>> supplementaryData = Maps.newHashMap();
    if (!orgUnitGroups.isEmpty()) {
        supplementaryData = orgUnitGroups.stream().collect(Collectors.toMap(g -> g, g -> organisationUnitGroupService.getOrganisationUnitGroup(g).getMembers().stream().map(OrganisationUnit::getUid).collect(Collectors.toList())));
    }
    if (currentUserService.getCurrentUser() != null) {
        supplementaryData.put(USER, currentUserService.getCurrentUser().getUserAuthorityGroups().stream().map(UserAuthorityGroup::getUid).collect(Collectors.toList()));
    }
    return supplementaryData;
}
Also used : OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit) ProgramRule(org.hisp.dhis.programrule.ProgramRule) Matcher(java.util.regex.Matcher) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List)

Aggregations

UserAuthorityGroup (org.hisp.dhis.user.UserAuthorityGroup)56 User (org.hisp.dhis.user.User)41 OrganisationUnit (org.hisp.dhis.organisationunit.OrganisationUnit)19 Test (org.junit.jupiter.api.Test)19 TransactionalIntegrationTest (org.hisp.dhis.TransactionalIntegrationTest)17 List (java.util.List)15 IdentifiableObject (org.hisp.dhis.common.IdentifiableObject)15 DataSet (org.hisp.dhis.dataset.DataSet)15 DataElement (org.hisp.dhis.dataelement.DataElement)14 ClassPathResource (org.springframework.core.io.ClassPathResource)14 ObjectBundleValidationReport (org.hisp.dhis.dxf2.metadata.objectbundle.feedback.ObjectBundleValidationReport)11 HashSet (java.util.HashSet)7 Program (org.hisp.dhis.program.Program)7 UserGroup (org.hisp.dhis.user.UserGroup)6 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)5 Section (org.hisp.dhis.dataset.Section)4 WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)4 EventVisualization (org.hisp.dhis.eventvisualization.EventVisualization)4 ProgramStage (org.hisp.dhis.program.ProgramStage)4 ProgramStageDataElement (org.hisp.dhis.program.ProgramStageDataElement)4