Example 41 with UserGroup
use of org.hisp.dhis.user.UserGroup in project dhis2-core by dhis2.
the class DefaultAclStoreTest method getAccessibleProgramsReturnsNoneIfNoneIsPublicAndUserHasNoAccess.
@Test
void getAccessibleProgramsReturnsNoneIfNoneIsPublicAndUserHasNoAccess() {
// a private program
Program programA = createProgram('A');
programA.setPublicAccess("--------");
programA.getSharing().setOwner(owner);
manager.save(programA, false);
// a private program readable by a user group of which the user is NOT
// part of
Program programB = createProgram('B');
programB.setPublicAccess("--------");
programB.getSharing().setOwner(owner);
UserGroup g = createUserGroup('B', Set.of(owner));
UserGroupAccess a = new UserGroupAccess();
a.setUserGroup(g);
a.setAccess("--r-----");
programB.getSharing().addUserGroupAccess(a);
manager.save(programB, false);
List<Long> programIds = aclStore.getAccessiblePrograms(user.getUid(), Collections.emptyList());
assertThat(programIds, hasSize(0));
}
Also used :
Program(org.hisp.dhis.program.Program)
UserGroup(org.hisp.dhis.user.UserGroup)
UserGroupAccess(org.hisp.dhis.user.sharing.UserGroupAccess)
Test(org.junit.jupiter.api.Test)
Example 42 with UserGroup
use of org.hisp.dhis.user.UserGroup in project dhis2-core by dhis2.
the class UserLookupController method lookUpFeedbackRecipients.
@GetMapping(value = "/feedbackRecipients")
public UserLookups lookUpFeedbackRecipients(@RequestParam String query) {
UserGroup feedbackRecipients = config.getConfiguration().getFeedbackRecipients();
if (feedbackRecipients == null) {
throw new IllegalQueryException(new ErrorMessage(ErrorCode.E6200));
}
UserQueryParams params = new UserQueryParams().setQuery(query).setUserGroups(Sets.newHashSet(feedbackRecipients)).setCanSeeOwnUserAuthorityGroups(true).setMax(25);
List<UserLookup> users = userService.getUsers(params).stream().map(UserLookup::fromUser).collect(Collectors.toList());
return new UserLookups(users);
}
Also used :
IllegalQueryException(org.hisp.dhis.common.IllegalQueryException)
UserLookup(org.hisp.dhis.webapi.webdomain.user.UserLookup)
UserLookups(org.hisp.dhis.webapi.webdomain.user.UserLookups)
ErrorMessage(org.hisp.dhis.feedback.ErrorMessage)
UserQueryParams(org.hisp.dhis.user.UserQueryParams)
UserGroup(org.hisp.dhis.user.UserGroup)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Example 43 with UserGroup
use of org.hisp.dhis.user.UserGroup in project dhis2-core by dhis2.
the class AddUserAction method execute.
// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
@Override
public String execute() throws Exception {
if (!userService.canAddOrUpdateUser(ugSelected)) {
throw new AccessDeniedException("You cannot add this user");
}
User currentUser = currentUserService.getCurrentUser();
// ---------------------------------------------------------------------
// User credentials and user
// ---------------------------------------------------------------------
UserCredentials userCredentials = new UserCredentials();
User user = new User();
userCredentials.setUserInfo(user);
user.setUserCredentials(userCredentials);
userCredentials.setUsername(StringUtils.trimToNull(username));
userCredentials.setExternalAuth(externalAuth);
userCredentials.setOpenId(StringUtils.trimToNull(openId));
userCredentials.setLdapId(StringUtils.trimToNull(ldapId));
if (ACCOUNT_ACTION_INVITE.equals(accountAction)) {
userCredentials.setUsername(StringUtils.trimToNull(inviteUsername));
userCredentials.setInvitation(true);
user.setEmail(StringUtils.trimToNull(inviteEmail));
securityService.prepareUserForInvite(user);
} else {
user.setSurname(StringUtils.trimToNull(surname));
user.setFirstName(StringUtils.trimToNull(firstName));
user.setEmail(StringUtils.trimToNull(email));
user.setPhoneNumber(StringUtils.trimToNull(phoneNumber));
userService.encodeAndSetPassword(userCredentials, StringUtils.trimToNull(rawPassword));
}
if (jsonAttributeValues != null) {
attributeService.updateAttributeValues(user, jsonAttributeValues);
}
// ---------------------------------------------------------------------
// Organisation units
// ---------------------------------------------------------------------
Set<OrganisationUnit> dataCaptureOrgUnits = new HashSet<>(selectionManager.getSelectedOrganisationUnits());
user.updateOrganisationUnits(dataCaptureOrgUnits);
Set<OrganisationUnit> dataViewOrgUnits = new HashSet<>(selectionTreeManager.getReloadedSelectedOrganisationUnits());
user.setDataViewOrganisationUnits(dataViewOrgUnits);
if (dataViewOrgUnits.size() == 0 && currentUser.getDataViewOrganisationUnits().size() != 0) {
user.setDataViewOrganisationUnits(new HashSet<>(currentUser.getDataViewOrganisationUnits()));
}
// ---------------------------------------------------------------------
// User roles
// ---------------------------------------------------------------------
Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<>();
for (String id : urSelected) {
userAuthorityGroups.add(userService.getUserAuthorityGroup(id));
}
userService.canIssueFilter(userAuthorityGroups);
userCredentials.setUserAuthorityGroups(userAuthorityGroups);
// ---------------------------------------------------------------------
// Dimension constraints. Note that any new user must inherit dimension
// constraints if any from the current user.
// ---------------------------------------------------------------------
userCredentials.setCogsDimensionConstraints(new HashSet<>(currentUser.getUserCredentials().getCogsDimensionConstraints()));
userCredentials.setCatDimensionConstraints(new HashSet<>(currentUser.getUserCredentials().getCatDimensionConstraints()));
for (String id : dcSelected) {
CategoryOptionGroupSet cogs = categoryService.getCategoryOptionGroupSet(id);
if (cogs != null) {
userCredentials.getCogsDimensionConstraints().add(cogs);
continue;
}
DataElementCategory cat = categoryService.getDataElementCategory(id);
if (cat != null) {
userCredentials.getCatDimensionConstraints().add(cat);
continue;
}
}
// ---------------------------------------------------------------------
// Add User
// ---------------------------------------------------------------------
userService.addUser(user);
userService.addUserCredentials(userCredentials);
// ---------------------------------------------------------------------
// User settings
// ---------------------------------------------------------------------
userSettingService.saveUserSetting(UserSettingKey.UI_LOCALE, LocaleUtils.getLocale(localeUi), user);
userSettingService.saveUserSetting(UserSettingKey.DB_LOCALE, LocaleUtils.getLocale(localeDb), user);
if (ACCOUNT_ACTION_INVITE.equals(accountAction)) {
RestoreOptions restoreOptions = inviteUsername == null || inviteUsername.isEmpty() ? RestoreOptions.INVITE_WITH_USERNAME_CHOICE : RestoreOptions.INVITE_WITH_DEFINED_USERNAME;
securityService.sendRestoreMessage(userCredentials, getRootPath(), restoreOptions);
}
for (String id : ugSelected) {
UserGroup userGroup = userGroupService.getUserGroup(id);
userGroup.addUser(user);
userGroupService.updateUserGroup(userGroup);
}
if (ouwtSelected != null && manager.search(OrganisationUnit.class, ouwtSelected) != null) {
selectionManager.setSelectedOrganisationUnits(Lists.newArrayList(manager.search(OrganisationUnit.class, ouwtSelected)));
} else {
selectionManager.setSelectedOrganisationUnits(currentUser.getOrganisationUnits());
}
return SUCCESS;
}
Also used :
OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit)
RestoreOptions(org.hisp.dhis.security.RestoreOptions)
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
User(org.hisp.dhis.user.User)
CategoryOptionGroupSet(org.hisp.dhis.dataelement.CategoryOptionGroupSet)
DataElementCategory(org.hisp.dhis.dataelement.DataElementCategory)
UserGroup(org.hisp.dhis.user.UserGroup)
UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)
UserCredentials(org.hisp.dhis.user.UserCredentials)
HashSet(java.util.HashSet)
Example 44 with UserGroup
use of org.hisp.dhis.user.UserGroup in project dhis2-core by dhis2.
the class UpdateUserAction method execute.
// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
@Override
public String execute() throws Exception {
if (!userService.canAddOrUpdateUser(ugSelected)) {
throw new AccessDeniedException("You cannot edit this user");
}
User currentUser = currentUserService.getCurrentUser();
// ---------------------------------------------------------------------
// User credentials and user
// ---------------------------------------------------------------------
User user = userService.getUser(id);
user.setSurname(StringUtils.trimToNull(surname));
user.setFirstName(StringUtils.trimToNull(firstName));
user.setEmail(StringUtils.trimToNull(email));
user.setPhoneNumber(StringUtils.trimToNull(phoneNumber));
UserCredentials userCredentials = user.getUserCredentials();
userCredentials.setExternalAuth(externalAuth);
userCredentials.setOpenId(StringUtils.trimToNull(openId));
userCredentials.setLdapId(StringUtils.trimToNull(ldapId));
if (jsonAttributeValues != null) {
attributeService.updateAttributeValues(user, jsonAttributeValues);
}
// ---------------------------------------------------------------------
// Organisation units
// ---------------------------------------------------------------------
Set<OrganisationUnit> dataCaptureOrgUnits = new HashSet<>(selectionManager.getSelectedOrganisationUnits());
user.updateOrganisationUnits(dataCaptureOrgUnits);
Set<OrganisationUnit> dataViewOrgUnits = new HashSet<>(selectionTreeManager.getReloadedSelectedOrganisationUnits());
user.setDataViewOrganisationUnits(dataViewOrgUnits);
if (dataViewOrgUnits.size() == 0 && currentUser.getDataViewOrganisationUnits().size() != 0) {
user.setDataViewOrganisationUnits(new HashSet<>(currentUser.getDataViewOrganisationUnits()));
}
// ---------------------------------------------------------------------
// User roles
// ---------------------------------------------------------------------
Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<>();
for (String id : urSelected) {
userAuthorityGroups.add(userService.getUserAuthorityGroup(id));
}
userService.canIssueFilter(userAuthorityGroups);
userCredentials.setUserAuthorityGroups(userAuthorityGroups);
// ---------------------------------------------------------------------
// Dimension constraints
//
// Note that any new user must inherit dimension constraints (if any)
// from the current user.
// ---------------------------------------------------------------------
userCredentials.setCogsDimensionConstraints(new HashSet<>(currentUser.getUserCredentials().getCogsDimensionConstraints()));
userCredentials.setCatDimensionConstraints(new HashSet<>(currentUser.getUserCredentials().getCatDimensionConstraints()));
for (String id : dcSelected) {
CategoryOptionGroupSet cogs = categoryService.getCategoryOptionGroupSet(id);
if (cogs != null) {
userCredentials.getCogsDimensionConstraints().add(cogs);
continue;
}
DataElementCategory cat = categoryService.getDataElementCategory(id);
if (cat != null) {
userCredentials.getCatDimensionConstraints().add(cat);
continue;
}
}
// ---------------------------------------------------------------------
// Set password and update user
// ---------------------------------------------------------------------
userService.encodeAndSetPassword(userCredentials, rawPassword);
userService.updateUserCredentials(userCredentials);
userService.updateUser(user);
if (user.equals(currentUser) && !dataCaptureOrgUnits.isEmpty()) {
selectionManager.setRootOrganisationUnits(dataCaptureOrgUnits);
selectionManager.setSelectedOrganisationUnits(dataCaptureOrgUnits);
} else {
selectionManager.setRootOrganisationUnits(currentUser.getOrganisationUnits());
if (ouwtSelected != null && manager.search(OrganisationUnit.class, ouwtSelected) != null) {
selectionManager.setSelectedOrganisationUnits(Lists.newArrayList(manager.search(OrganisationUnit.class, ouwtSelected)));
} else {
selectionManager.setSelectedOrganisationUnits(currentUser.getOrganisationUnits());
}
}
if (user.equals(currentUser) && !dataViewOrgUnits.isEmpty()) {
selectionTreeManager.setRootOrganisationUnits(dataViewOrgUnits);
selectionTreeManager.setSelectedOrganisationUnits(dataViewOrgUnits);
}
// ---------------------------------------------------------------------
// User settings
// ---------------------------------------------------------------------
userSettingService.saveUserSetting(UserSettingKey.UI_LOCALE, LocaleUtils.getLocale(localeUi), user);
userSettingService.saveUserSetting(UserSettingKey.DB_LOCALE, LocaleUtils.getLocale(localeDb), user);
// ---------------------------------------------------------------------
// User groups
// ---------------------------------------------------------------------
Set<UserGroup> userGroups = new HashSet<>();
for (String id : ugSelected) {
userGroups.add(userGroupService.getUserGroup(id));
}
for (UserGroup userGroup : new HashSet<>(user.getGroups())) {
if (!userGroups.contains(userGroup)) {
userGroup.removeUser(user);
userGroupService.updateUserGroup(userGroup);
}
}
for (UserGroup userGroup : userGroups) {
userGroup.addUser(user);
userGroupService.updateUserGroup(userGroup);
}
return SUCCESS;
}
Also used :
OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit)
AccessDeniedException(org.springframework.security.access.AccessDeniedException)
User(org.hisp.dhis.user.User)
CategoryOptionGroupSet(org.hisp.dhis.dataelement.CategoryOptionGroupSet)
DataElementCategory(org.hisp.dhis.dataelement.DataElementCategory)
UserGroup(org.hisp.dhis.user.UserGroup)
UserAuthorityGroup(org.hisp.dhis.user.UserAuthorityGroup)
UserCredentials(org.hisp.dhis.user.UserCredentials)
HashSet(java.util.HashSet)
Example 45 with UserGroup
use of org.hisp.dhis.user.UserGroup in project dhis2-core by dhis2.
the class AddUserGroupAction method execute.
// -------------------------------------------------------------------------
// Action Implementation
// -------------------------------------------------------------------------
@Override
public String execute() throws Exception {
UserGroup userGroup = new UserGroup(StringUtils.trimToNull(name));
for (String uid : usersSelected) {
userGroup.addUser(userService.getUser(uid));
}
if (jsonAttributeValues != null) {
attributeService.updateAttributeValues(userGroup, jsonAttributeValues);
}
for (String uid : userGroupsSelected) {
userGroup.addManagedGroup(userGroupService.getUserGroup(uid));
}
userGroupService.addUserGroup(userGroup);
return SUCCESS;
}
Also used :
UserGroup(org.hisp.dhis.user.UserGroup)
Aggregations
UserGroup (org.hisp.dhis.user.UserGroup)76
User (org.hisp.dhis.user.User)50
Test (org.junit.jupiter.api.Test)32
TransactionalIntegrationTest (org.hisp.dhis.TransactionalIntegrationTest)23
UserGroupAccess (org.hisp.dhis.user.sharing.UserGroupAccess)22
DataElement (org.hisp.dhis.dataelement.DataElement)17
OrganisationUnit (org.hisp.dhis.organisationunit.OrganisationUnit)12
HashSet (java.util.HashSet)11
List (java.util.List)11
IdentifiableObject (org.hisp.dhis.common.IdentifiableObject)10
UserAccess (org.hisp.dhis.user.sharing.UserAccess)10
ClassPathResource (org.springframework.core.io.ClassPathResource)9
Program (org.hisp.dhis.program.Program)6
ArrayList (java.util.ArrayList)5
CategoryOption (org.hisp.dhis.category.CategoryOption)5
Date (java.util.Date)4
HashMap (java.util.HashMap)4
Set (java.util.Set)4
ImportReport (org.hisp.dhis.dxf2.metadata.feedback.ImportReport)4
UserGroupAccess (org.hisp.dhis.user.UserGroupAccess)4
