Search in sources :

Example 21 with UserCredentials

use of org.hisp.dhis.user.UserCredentials in project dhis2-core by dhis2.

the class UpdateUserAction method execute.

// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
@Override
public String execute() throws Exception {
    if (!userService.canAddOrUpdateUser(ugSelected)) {
        throw new AccessDeniedException("You cannot edit this user");
    }
    User currentUser = currentUserService.getCurrentUser();
    // ---------------------------------------------------------------------
    // User credentials and user
    // ---------------------------------------------------------------------
    User user = userService.getUser(id);
    user.setSurname(StringUtils.trimToNull(surname));
    user.setFirstName(StringUtils.trimToNull(firstName));
    user.setEmail(StringUtils.trimToNull(email));
    user.setPhoneNumber(StringUtils.trimToNull(phoneNumber));
    UserCredentials userCredentials = user.getUserCredentials();
    userCredentials.setExternalAuth(externalAuth);
    userCredentials.setOpenId(StringUtils.trimToNull(openId));
    userCredentials.setLdapId(StringUtils.trimToNull(ldapId));
    if (jsonAttributeValues != null) {
        attributeService.updateAttributeValues(user, jsonAttributeValues);
    }
    // ---------------------------------------------------------------------
    // Organisation units
    // ---------------------------------------------------------------------
    Set<OrganisationUnit> dataCaptureOrgUnits = new HashSet<>(selectionManager.getSelectedOrganisationUnits());
    user.updateOrganisationUnits(dataCaptureOrgUnits);
    Set<OrganisationUnit> dataViewOrgUnits = new HashSet<>(selectionTreeManager.getReloadedSelectedOrganisationUnits());
    user.setDataViewOrganisationUnits(dataViewOrgUnits);
    if (dataViewOrgUnits.size() == 0 && currentUser.getDataViewOrganisationUnits().size() != 0) {
        user.setDataViewOrganisationUnits(new HashSet<>(currentUser.getDataViewOrganisationUnits()));
    }
    // ---------------------------------------------------------------------
    // User roles
    // ---------------------------------------------------------------------
    Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<>();
    for (String id : urSelected) {
        userAuthorityGroups.add(userService.getUserAuthorityGroup(id));
    }
    userService.canIssueFilter(userAuthorityGroups);
    userCredentials.setUserAuthorityGroups(userAuthorityGroups);
    // ---------------------------------------------------------------------
    // Dimension constraints
    //
    // Note that any new user must inherit dimension constraints (if any)
    // from the current user.
    // ---------------------------------------------------------------------
    userCredentials.setCogsDimensionConstraints(new HashSet<>(currentUser.getUserCredentials().getCogsDimensionConstraints()));
    userCredentials.setCatDimensionConstraints(new HashSet<>(currentUser.getUserCredentials().getCatDimensionConstraints()));
    for (String id : dcSelected) {
        CategoryOptionGroupSet cogs = categoryService.getCategoryOptionGroupSet(id);
        if (cogs != null) {
            userCredentials.getCogsDimensionConstraints().add(cogs);
            continue;
        }
        DataElementCategory cat = categoryService.getDataElementCategory(id);
        if (cat != null) {
            userCredentials.getCatDimensionConstraints().add(cat);
            continue;
        }
    }
    // ---------------------------------------------------------------------
    // Set password and update user
    // ---------------------------------------------------------------------
    userService.encodeAndSetPassword(userCredentials, rawPassword);
    userService.updateUserCredentials(userCredentials);
    userService.updateUser(user);
    if (user.equals(currentUser) && !dataCaptureOrgUnits.isEmpty()) {
        selectionManager.setRootOrganisationUnits(dataCaptureOrgUnits);
        selectionManager.setSelectedOrganisationUnits(dataCaptureOrgUnits);
    } else {
        selectionManager.setRootOrganisationUnits(currentUser.getOrganisationUnits());
        if (ouwtSelected != null && manager.search(OrganisationUnit.class, ouwtSelected) != null) {
            selectionManager.setSelectedOrganisationUnits(Lists.newArrayList(manager.search(OrganisationUnit.class, ouwtSelected)));
        } else {
            selectionManager.setSelectedOrganisationUnits(currentUser.getOrganisationUnits());
        }
    }
    if (user.equals(currentUser) && !dataViewOrgUnits.isEmpty()) {
        selectionTreeManager.setRootOrganisationUnits(dataViewOrgUnits);
        selectionTreeManager.setSelectedOrganisationUnits(dataViewOrgUnits);
    }
    // ---------------------------------------------------------------------
    // User settings
    // ---------------------------------------------------------------------
    userSettingService.saveUserSetting(UserSettingKey.UI_LOCALE, LocaleUtils.getLocale(localeUi), user);
    userSettingService.saveUserSetting(UserSettingKey.DB_LOCALE, LocaleUtils.getLocale(localeDb), user);
    // ---------------------------------------------------------------------
    // User groups
    // ---------------------------------------------------------------------
    Set<UserGroup> userGroups = new HashSet<>();
    for (String id : ugSelected) {
        userGroups.add(userGroupService.getUserGroup(id));
    }
    for (UserGroup userGroup : new HashSet<>(user.getGroups())) {
        if (!userGroups.contains(userGroup)) {
            userGroup.removeUser(user);
            userGroupService.updateUserGroup(userGroup);
        }
    }
    for (UserGroup userGroup : userGroups) {
        userGroup.addUser(user);
        userGroupService.updateUserGroup(userGroup);
    }
    return SUCCESS;
}
Also used : OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit) AccessDeniedException(org.springframework.security.access.AccessDeniedException) User(org.hisp.dhis.user.User) CategoryOptionGroupSet(org.hisp.dhis.dataelement.CategoryOptionGroupSet) DataElementCategory(org.hisp.dhis.dataelement.DataElementCategory) UserGroup(org.hisp.dhis.user.UserGroup) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) UserCredentials(org.hisp.dhis.user.UserCredentials) HashSet(java.util.HashSet)

Example 22 with UserCredentials

use of org.hisp.dhis.user.UserCredentials in project dhis2-core by dhis2.

the class ValidateInviteAction method execute.

@Override
public String execute() throws Exception {
    UserCredentials credentials = new UserCredentials();
    User user = new User();
    credentials.setUserInfo(user);
    user.setUserCredentials(credentials);
    user.setEmail(email);
    Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<>();
    for (String id : urSelected) {
        userAuthorityGroups.add(userService.getUserAuthorityGroup(id));
    }
    credentials.setUserAuthorityGroups(userAuthorityGroups);
    String valid = securityService.validateRestore(credentials);
    if (valid != null) {
        message = i18n.getString(valid);
        return ERROR;
    }
    message = i18n.getString("everything_is_ok");
    return SUCCESS;
}
Also used : User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) UserCredentials(org.hisp.dhis.user.UserCredentials) HashSet(java.util.HashSet)

Example 23 with UserCredentials

use of org.hisp.dhis.user.UserCredentials in project dhis2-core by dhis2.

the class DisableUserAction method execute.

@Override
public String execute() {
    UserCredentials credentials = userService.getUserCredentialsByUsername(username);
    if (credentials == null) {
        return ERROR;
    }
    User currentUser = currentUserService.getCurrentUser();
    if (currentUser == null || currentUser.getUserCredentials() == null) {
        return ERROR;
    }
    if (!currentUser.getUserCredentials().canModifyUser(credentials)) {
        return ERROR;
    }
    credentials.setDisabled(!enable);
    userService.updateUserCredentials(credentials);
    return SUCCESS;
}
Also used : User(org.hisp.dhis.user.User) UserCredentials(org.hisp.dhis.user.UserCredentials)

Example 24 with UserCredentials

use of org.hisp.dhis.user.UserCredentials in project dhis2-core by dhis2.

the class DatabaseAutomaticAccessProvider method initialise.

// -------------------------------------------------------------------------
// AdminAccessManager implementation
// -------------------------------------------------------------------------
@Override
public void initialise() {
    // ---------------------------------------------------------------------
    // Assumes no UserAuthorityGroup called "Superuser" in database
    // ---------------------------------------------------------------------
    String username = "admin";
    String password = "district";
    User user = new User();
    user.setUid("M5zQapPyTZI");
    user.setCode("admin");
    user.setFirstName(username);
    user.setSurname(username);
    userService.addUser(user);
    UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
    userAuthorityGroup.setUid("yrB6vc5Ip3r");
    userAuthorityGroup.setCode("Superuser");
    userAuthorityGroup.setName("Superuser");
    userAuthorityGroup.setDescription("Superuser");
    userAuthorityGroup.setAuthorities(new HashSet<>(getAuthorities()));
    userService.addUserAuthorityGroup(userAuthorityGroup);
    UserCredentials userCredentials = new UserCredentials();
    userCredentials.setUid("KvMx6c1eoYo");
    userCredentials.setCode(username);
    userCredentials.setUsername(username);
    userCredentials.setUserInfo(user);
    userCredentials.getUserAuthorityGroups().add(userAuthorityGroup);
    userService.encodeAndSetPassword(userCredentials, password);
    userService.addUserCredentials(userCredentials);
}
Also used : User(org.hisp.dhis.user.User) UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup) UserCredentials(org.hisp.dhis.user.UserCredentials)

Example 25 with UserCredentials

use of org.hisp.dhis.user.UserCredentials in project dhis2-core by dhis2.

the class DefaultAuthenticationSuccessHandler method onAuthenticationSuccess.

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
    HttpSession session = request.getSession();
    final String username = authentication.getName();
    session.setAttribute("userIs", username);
    session.setAttribute(LoginInterceptor.JLI_SESSION_VARIABLE, Boolean.TRUE);
    session.setMaxInactiveInterval(systemSessionTimeout);
    UserCredentials credentials = userService.getUserCredentialsByUsername(username);
    boolean readOnly = config.isReadOnlyMode();
    if (credentials != null && !readOnly) {
        credentials.updateLastLogin();
        userService.updateUserCredentials(credentials);
    }
    if (credentials != null) {
        securityService.registerSuccessfulLogin(username);
    }
    super.onAuthenticationSuccess(request, response, authentication);
}
Also used : HttpSession(javax.servlet.http.HttpSession) UserCredentials(org.hisp.dhis.user.UserCredentials)

Aggregations

UserCredentials (org.hisp.dhis.user.UserCredentials)29 User (org.hisp.dhis.user.User)15 OrganisationUnit (org.hisp.dhis.organisationunit.OrganisationUnit)7 HashSet (java.util.HashSet)5 ArrayList (java.util.ArrayList)4 Query (org.hibernate.Query)4 UserAuthorityGroup (org.hisp.dhis.user.UserAuthorityGroup)4 CategoryOptionGroupSet (org.hisp.dhis.dataelement.CategoryOptionGroupSet)3 DataSet (org.hisp.dhis.dataset.DataSet)3 UserGroup (org.hisp.dhis.user.UserGroup)3 IllegalQueryException (org.hisp.dhis.common.IllegalQueryException)2 DataElementCategory (org.hisp.dhis.dataelement.DataElementCategory)2 WebMessageException (org.hisp.dhis.dxf2.webmessage.WebMessageException)2 Program (org.hisp.dhis.program.Program)2 AccessDeniedException (org.springframework.security.access.AccessDeniedException)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2 IOException (java.io.IOException)1 Serializable (java.io.Serializable)1 List (java.util.List)1