Examples with Sharing org.hisp.dhis.user.sharing.Sharing used on opensource projects

Example 6 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class IdentifiableObjectManagerTest method testRemoveUserGroupFromSharing.

@Test
void testRemoveUserGroupFromSharing() {
    User userA = createUser('A');
    userService.addUser(userA);
    UserGroup userGroupA = createUserGroup('A', Sets.newHashSet(userA));
    identifiableObjectManager.save(userGroupA);
    String userGroupUid = userGroupA.getUid();
    DataElement de = createDataElement('A');
    Sharing sharing = new Sharing();
    sharing.setUserGroupAccess(singleton(new UserGroupAccess("rw------", userGroupA.getUid())));
    de.setSharing(sharing);
    identifiableObjectManager.save(de, false);
    de = identifiableObjectManager.get(de.getUid());
    assertEquals(1, de.getSharing().getUserGroups().size());
    identifiableObjectManager.delete(userGroupA);
    identifiableObjectManager.removeUserGroupFromSharing(userGroupUid);
    dbmsManager.clearSession();
    de = identifiableObjectManager.get(de.getUid());
    assertEquals(0, de.getSharing().getUserGroups().size());
}

Example 7 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class HibernateIdentifiableObjectStoreTest method testMetadataRead.

/**
 * Test Metadata Read access User and UserGroups mapping User1 | User2 |
 * User3 | User 4 Group1 x | | | Group2 X | | | X
 *
 * DataElementA access defined for Users and UserGroups User1 | User2 |
 * User3 | UserGroup1 | UserGroup2 Can access DEA | X | | X |
 */
@Test
void testMetadataRead() {
    User admin = createAndInjectAdminUser();
    User user1 = new User();
    user1.setAutoFields();
    User user2 = new User();
    user2.setAutoFields();
    User user3 = new User();
    user3.setAutoFields();
    User user4 = new User();
    user4.setAutoFields();
    UserGroup userGroup1 = new UserGroup();
    userGroup1.setAutoFields();
    UserGroup userGroup2 = new UserGroup();
    userGroup2.setAutoFields();
    user1.getGroups().add(userGroup1);
    user1.getGroups().add(userGroup2);
    user4.getGroups().add(userGroup2);
    Map<String, UserAccess> userSharing = new HashMap<>();
    userSharing.put(user1.getUid(), new UserAccess(user1, AccessStringHelper.DEFAULT));
    userSharing.put(user2.getUid(), new UserAccess(user2, AccessStringHelper.READ));
    userSharing.put(user3.getUid(), new UserAccess(user3, AccessStringHelper.DEFAULT));
    userSharing.put(user4.getUid(), new UserAccess(user4, AccessStringHelper.DEFAULT));
    Map<String, UserGroupAccess> userGroupSharing = new HashMap<>();
    userGroupSharing.put(userGroup1.getUid(), new UserGroupAccess(userGroup1, AccessStringHelper.READ_WRITE));
    userGroupSharing.put(userGroup2.getUid(), new UserGroupAccess(userGroup2, AccessStringHelper.DEFAULT));
    DataElement dataElement = createDataElement('A');
    String dataElementUid = "deabcdefghA";
    dataElement.setUid(dataElementUid);
    dataElement.setCreatedBy(admin);
    Sharing sharing = Sharing.builder().external(false).publicAccess(AccessStringHelper.DEFAULT).owner("testOwner").userGroups(userGroupSharing).users(userSharing).build();
    dataElement.setSharing(sharing);
    dataElementStore.save(dataElement, false);
    dataElement = dataElementStore.getByUidNoAcl(dataElementUid);
    assertNotNull(dataElement.getSharing());
    assertEquals(2, dataElement.getSharing().getUserGroups().size());
    assertEquals(4, dataElement.getSharing().getUsers().size());
    // User1 can't access but it belong to UserGroup1 which has access
    assertNotNull(dataElementStore.getDataElement(dataElement.getUid(), user1));
    // User2 has access to DEA
    assertNotNull(dataElementStore.getDataElement(dataElement.getUid(), user2));
    // User3 doesn't have access and also does't belong to any groups
    assertNull(dataElementStore.getDataElement(dataElement.getUid(), user3));
    // User4 doesn't have access and it belong to UserGroup2 which also
    // doesn't have access
    assertNull(dataElementStore.getDataElement(dataElement.getUid(), user4));
}

Example 8 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class AclServiceTest method testAccessObjectWithoutOwner.

@Test
void testAccessObjectWithoutOwner() {
    DataElement de = createDataElement('A');
    Sharing sharing = Sharing.builder().publicAccess(AccessStringHelper.DEFAULT).owner(null).build();
    de.setSharing(sharing);
    manager.save(de, false);
    User userA = createUser('A');
    manager.save(userA);
    dbmsManager.flushSession();
    de = manager.get(de.getUid());
    assertEquals(AccessStringHelper.DEFAULT, de.getPublicAccess());
    assertEquals(null, de.getSharing().getOwner());
    assertTrue(de.getSharing().getUsers().isEmpty());
    assertTrue(aclService.canRead(userA, de));
    String sql = "select uid as uid from dataelement where " + JpaQueryUtils.generateSQlQueryForSharingCheck("sharing", userA, AccessStringHelper.READ);
    SqlRowSet row = jdbcTemplate.queryForRowSet(sql);
    assertEquals(true, row.next());
    assertEquals(de.getUid(), row.getString("uid"));
}

Example 9 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class AbstractCrudController method setSharing.

@PutMapping(value = "/{uid}/sharing", consumes = APPLICATION_JSON_VALUE)
@ResponseBody
@ResponseStatus(HttpStatus.NO_CONTENT)
public WebMessage setSharing(@PathVariable("uid") String uid, @CurrentUser User currentUser, HttpServletRequest request) throws IOException {
    T entity = manager.get(getEntityClass(), uid);
    if (entity == null) {
        return notFound(getEntityClass(), uid);
    }
    if (!aclService.canUpdate(currentUser, entity)) {
        throw new UpdateAccessDeniedException("You don't have the proper permissions to update this object.");
    }
    Sharing sharingObject = renderService.fromJson(request.getInputStream(), Sharing.class);
    TypeReport typeReport = new TypeReport(Sharing.class);
    typeReport.addObjectReport(sharingService.saveSharing(getEntityClass(), entity, sharingObject));
    if (typeReport.hasErrorReports()) {
        return typeReport(typeReport);
    }
    return null;
}

Example 10 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class DashboardCascadeSharingTest method setUpTest.

@Override
public void setUpTest() {
    userService = _userService;
    userGroupA = createUserGroup('A', Collections.EMPTY_SET);
    objectManager.save(userGroupA);
    userA = createUser('A');
    userA.getGroups().add(userGroupA);
    userService.addUser(userA);
    userB = createUser('B');
    userService.addUser(userB);
    sharingReadForUserA = new Sharing(DEFAULT, new UserAccess(userA, READ));
    sharingReadWriteForUserB = new Sharing(DEFAULT, new UserAccess(userB, READ_WRITE));
    sharingReadForUserAB = new Sharing(DEFAULT, new UserAccess(userA, READ), new UserAccess(userB, READ));
    sharingUserGroupA = new Sharing(DEFAULT, new UserGroupAccess(userGroupA, READ));
    programA = createProgram('A');
    programA.setSharing(defaultSharing());
    objectManager.save(programA, false);
    createAndInjectAdminUser();
}