Search in sources :

Example 26 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class UserRoleObjectBundleHook method postCommit.

@Override
@SuppressWarnings("unchecked")
public void postCommit(ObjectBundle bundle) {
    if (!bundle.getObjectMap().containsKey(UserAuthorityGroup.class))
        return;
    List<IdentifiableObject> objects = bundle.getObjectMap().get(UserAuthorityGroup.class);
    Map<String, Map<String, Object>> userRoleReferences = bundle.getObjectReferences(UserAuthorityGroup.class);
    if (userRoleReferences == null || userRoleReferences.isEmpty()) {
        return;
    }
    for (IdentifiableObject object : objects) {
        object = bundle.getPreheat().get(bundle.getPreheatIdentifier(), object);
        Map<String, Object> userRoleReferenceMap = userRoleReferences.get(object.getUid());
        if (userRoleReferenceMap == null || userRoleReferenceMap.isEmpty()) {
            continue;
        }
        UserAuthorityGroup userRole = (UserAuthorityGroup) object;
        userRole.setDataSets((Set<DataSet>) userRoleReferenceMap.get("dataSets"));
        userRole.setPrograms((Set<Program>) userRoleReferenceMap.get("programs"));
        preheatService.connectReferences(userRole, bundle.getPreheat(), bundle.getPreheatIdentifier());
        sessionFactory.getCurrentSession().update(userRole);
    }
}
Also used : Program(org.hisp.dhis.program.Program) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) DataSet(org.hisp.dhis.dataset.DataSet) IdentifiableObject(org.hisp.dhis.common.IdentifiableObject) Map(java.util.Map) IdentifiableObject(org.hisp.dhis.common.IdentifiableObject)

Example 27 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class UserRoleController method addUserToRole.

@RequestMapping(value = "/{id}/users/{userId}", method = { RequestMethod.POST, RequestMethod.PUT })
@ResponseStatus(HttpStatus.NO_CONTENT)
public void addUserToRole(@PathVariable(value = "id") String pvId, @PathVariable("userId") String pvUserId, HttpServletResponse response) throws WebMessageException {
    UserAuthorityGroup userAuthorityGroup = userService.getUserAuthorityGroup(pvId);
    if (userAuthorityGroup == null) {
        throw new WebMessageException(WebMessageUtils.notFound("UserRole does not exist: " + pvId));
    }
    User user = userService.getUser(pvUserId);
    if (user == null) {
        throw new WebMessageException(WebMessageUtils.notFound("User does not exist: " + pvId));
    }
    if (!aclService.canUpdate(currentUserService.getCurrentUser(), userAuthorityGroup)) {
        throw new UpdateAccessDeniedException("You don't have the proper permissions to update this object.");
    }
    if (!user.getUserCredentials().getUserAuthorityGroups().contains(userAuthorityGroup)) {
        user.getUserCredentials().getUserAuthorityGroups().add(userAuthorityGroup);
        userService.updateUserCredentials(user.getUserCredentials());
    }
}
Also used : User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) WebMessageException(org.hisp.dhis.dxf2.webmessage.WebMessageException) UpdateAccessDeniedException(org.hisp.dhis.hibernate.exception.UpdateAccessDeniedException) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 28 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class UpdateUserAction method execute.

// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
@Override
public String execute() throws Exception {
    if (!userService.canAddOrUpdateUser(ugSelected)) {
        throw new AccessDeniedException("You cannot edit this user");
    }
    User currentUser = currentUserService.getCurrentUser();
    // ---------------------------------------------------------------------
    // User credentials and user
    // ---------------------------------------------------------------------
    User user = userService.getUser(id);
    user.setSurname(StringUtils.trimToNull(surname));
    user.setFirstName(StringUtils.trimToNull(firstName));
    user.setEmail(StringUtils.trimToNull(email));
    user.setPhoneNumber(StringUtils.trimToNull(phoneNumber));
    UserCredentials userCredentials = user.getUserCredentials();
    userCredentials.setExternalAuth(externalAuth);
    userCredentials.setOpenId(StringUtils.trimToNull(openId));
    userCredentials.setLdapId(StringUtils.trimToNull(ldapId));
    if (jsonAttributeValues != null) {
        attributeService.updateAttributeValues(user, jsonAttributeValues);
    }
    // ---------------------------------------------------------------------
    // Organisation units
    // ---------------------------------------------------------------------
    Set<OrganisationUnit> dataCaptureOrgUnits = new HashSet<>(selectionManager.getSelectedOrganisationUnits());
    user.updateOrganisationUnits(dataCaptureOrgUnits);
    Set<OrganisationUnit> dataViewOrgUnits = new HashSet<>(selectionTreeManager.getReloadedSelectedOrganisationUnits());
    user.setDataViewOrganisationUnits(dataViewOrgUnits);
    if (dataViewOrgUnits.size() == 0 && currentUser.getDataViewOrganisationUnits().size() != 0) {
        user.setDataViewOrganisationUnits(new HashSet<>(currentUser.getDataViewOrganisationUnits()));
    }
    // ---------------------------------------------------------------------
    // User roles
    // ---------------------------------------------------------------------
    Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<>();
    for (String id : urSelected) {
        userAuthorityGroups.add(userService.getUserAuthorityGroup(id));
    }
    userService.canIssueFilter(userAuthorityGroups);
    userCredentials.setUserAuthorityGroups(userAuthorityGroups);
    // ---------------------------------------------------------------------
    // Dimension constraints
    //
    // Note that any new user must inherit dimension constraints (if any)
    // from the current user.
    // ---------------------------------------------------------------------
    userCredentials.setCogsDimensionConstraints(new HashSet<>(currentUser.getUserCredentials().getCogsDimensionConstraints()));
    userCredentials.setCatDimensionConstraints(new HashSet<>(currentUser.getUserCredentials().getCatDimensionConstraints()));
    for (String id : dcSelected) {
        CategoryOptionGroupSet cogs = categoryService.getCategoryOptionGroupSet(id);
        if (cogs != null) {
            userCredentials.getCogsDimensionConstraints().add(cogs);
            continue;
        }
        DataElementCategory cat = categoryService.getDataElementCategory(id);
        if (cat != null) {
            userCredentials.getCatDimensionConstraints().add(cat);
            continue;
        }
    }
    // ---------------------------------------------------------------------
    // Set password and update user
    // ---------------------------------------------------------------------
    userService.encodeAndSetPassword(userCredentials, rawPassword);
    userService.updateUserCredentials(userCredentials);
    userService.updateUser(user);
    if (user.equals(currentUser) && !dataCaptureOrgUnits.isEmpty()) {
        selectionManager.setRootOrganisationUnits(dataCaptureOrgUnits);
        selectionManager.setSelectedOrganisationUnits(dataCaptureOrgUnits);
    } else {
        selectionManager.setRootOrganisationUnits(currentUser.getOrganisationUnits());
        if (ouwtSelected != null && manager.search(OrganisationUnit.class, ouwtSelected) != null) {
            selectionManager.setSelectedOrganisationUnits(Lists.newArrayList(manager.search(OrganisationUnit.class, ouwtSelected)));
        } else {
            selectionManager.setSelectedOrganisationUnits(currentUser.getOrganisationUnits());
        }
    }
    if (user.equals(currentUser) && !dataViewOrgUnits.isEmpty()) {
        selectionTreeManager.setRootOrganisationUnits(dataViewOrgUnits);
        selectionTreeManager.setSelectedOrganisationUnits(dataViewOrgUnits);
    }
    // ---------------------------------------------------------------------
    // User settings
    // ---------------------------------------------------------------------
    userSettingService.saveUserSetting(UserSettingKey.UI_LOCALE, LocaleUtils.getLocale(localeUi), user);
    userSettingService.saveUserSetting(UserSettingKey.DB_LOCALE, LocaleUtils.getLocale(localeDb), user);
    // ---------------------------------------------------------------------
    // User groups
    // ---------------------------------------------------------------------
    Set<UserGroup> userGroups = new HashSet<>();
    for (String id : ugSelected) {
        userGroups.add(userGroupService.getUserGroup(id));
    }
    for (UserGroup userGroup : new HashSet<>(user.getGroups())) {
        if (!userGroups.contains(userGroup)) {
            userGroup.removeUser(user);
            userGroupService.updateUserGroup(userGroup);
        }
    }
    for (UserGroup userGroup : userGroups) {
        userGroup.addUser(user);
        userGroupService.updateUserGroup(userGroup);
    }
    return SUCCESS;
}
Also used : OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit) AccessDeniedException(org.springframework.security.access.AccessDeniedException) User(org.hisp.dhis.user.User) CategoryOptionGroupSet(org.hisp.dhis.dataelement.CategoryOptionGroupSet) DataElementCategory(org.hisp.dhis.dataelement.DataElementCategory) UserGroup(org.hisp.dhis.user.UserGroup) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) UserCredentials(org.hisp.dhis.user.UserCredentials) HashSet(java.util.HashSet)

Example 29 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class ValidateInviteAction method execute.

@Override
public String execute() throws Exception {
    UserCredentials credentials = new UserCredentials();
    User user = new User();
    credentials.setUserInfo(user);
    user.setUserCredentials(credentials);
    user.setEmail(email);
    Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<>();
    for (String id : urSelected) {
        userAuthorityGroups.add(userService.getUserAuthorityGroup(id));
    }
    credentials.setUserAuthorityGroups(userAuthorityGroups);
    String valid = securityService.validateRestore(credentials);
    if (valid != null) {
        message = i18n.getString(valid);
        return ERROR;
    }
    message = i18n.getString("everything_is_ok");
    return SUCCESS;
}
Also used : User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) UserCredentials(org.hisp.dhis.user.UserCredentials) HashSet(java.util.HashSet)

Example 30 with UserAuthorityGroup

use of org.hisp.dhis.user.UserAuthorityGroup in project dhis2-core by dhis2.

the class DatabaseAutomaticAccessProvider method initialise.

// -------------------------------------------------------------------------
// AdminAccessManager implementation
// -------------------------------------------------------------------------
@Override
public void initialise() {
    // ---------------------------------------------------------------------
    // Assumes no UserAuthorityGroup called "Superuser" in database
    // ---------------------------------------------------------------------
    String username = "admin";
    String password = "district";
    User user = new User();
    user.setUid("M5zQapPyTZI");
    user.setCode("admin");
    user.setFirstName(username);
    user.setSurname(username);
    userService.addUser(user);
    UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
    userAuthorityGroup.setUid("yrB6vc5Ip3r");
    userAuthorityGroup.setCode("Superuser");
    userAuthorityGroup.setName("Superuser");
    userAuthorityGroup.setDescription("Superuser");
    userAuthorityGroup.setAuthorities(new HashSet<>(getAuthorities()));
    userService.addUserAuthorityGroup(userAuthorityGroup);
    UserCredentials userCredentials = new UserCredentials();
    userCredentials.setUid("KvMx6c1eoYo");
    userCredentials.setCode(username);
    userCredentials.setUsername(username);
    userCredentials.setUserInfo(user);
    userCredentials.getUserAuthorityGroups().add(userAuthorityGroup);
    userService.encodeAndSetPassword(userCredentials, password);
    userService.addUserCredentials(userCredentials);
}
Also used : User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) UserCredentials(org.hisp.dhis.user.UserCredentials)

Aggregations

UserAuthorityGroup (org.hisp.dhis.user.UserAuthorityGroup)56 User (org.hisp.dhis.user.User)41 OrganisationUnit (org.hisp.dhis.organisationunit.OrganisationUnit)19 Test (org.junit.jupiter.api.Test)19 TransactionalIntegrationTest (org.hisp.dhis.TransactionalIntegrationTest)17 List (java.util.List)15 IdentifiableObject (org.hisp.dhis.common.IdentifiableObject)15 DataSet (org.hisp.dhis.dataset.DataSet)15 DataElement (org.hisp.dhis.dataelement.DataElement)14 ClassPathResource (org.springframework.core.io.ClassPathResource)14 ObjectBundleValidationReport (org.hisp.dhis.dxf2.metadata.objectbundle.feedback.ObjectBundleValidationReport)11 HashSet (java.util.HashSet)7 Program (org.hisp.dhis.program.Program)7 UserGroup (org.hisp.dhis.user.UserGroup)6 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)5 Section (org.hisp.dhis.dataset.Section)4 WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)4 EventVisualization (org.hisp.dhis.eventvisualization.EventVisualization)4 ProgramStage (org.hisp.dhis.program.ProgramStage)4 ProgramStageDataElement (org.hisp.dhis.program.ProgramStageDataElement)4