Search in sources :

Example 11 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class HibernateIdentifiableObjectStoreTest method testDataRead.

@Test
void testDataRead() {
    User user1 = createUser("user1", "DATA_READ");
    User user2 = createUser("user2", "DATA_READ");
    User user3 = createUser("user3", "DATA_READ");
    User user4 = createUser("user4", "DATA_READ");
    UserGroup userGroup1 = createUserGroup('A', Sets.newHashSet(user1));
    manager.save(userGroup1);
    UserGroup userGroup2 = createUserGroup('B', Sets.newHashSet(user1, user4));
    manager.save(userGroup2);
    user1.getGroups().add(userGroup1);
    user1.getGroups().add(userGroup2);
    user4.getGroups().add(userGroup2);
    Map<String, UserAccess> userSharing = new HashMap<>();
    userSharing.put(user1.getUid(), new UserAccess(user1, AccessStringHelper.DEFAULT));
    userSharing.put(user2.getUid(), new UserAccess(user2, AccessStringHelper.DATA_READ));
    userSharing.put(user3.getUid(), new UserAccess(user3, AccessStringHelper.DEFAULT));
    userSharing.put(user4.getUid(), new UserAccess(user4, AccessStringHelper.DEFAULT));
    Map<String, UserGroupAccess> userGroupSharing = new HashMap<>();
    userGroupSharing.put(userGroup1.getUid(), new UserGroupAccess(userGroup1, AccessStringHelper.DATA_READ_WRITE));
    userGroupSharing.put(userGroup2.getUid(), new UserGroupAccess(userGroup2, AccessStringHelper.DEFAULT));
    Sharing sharing = Sharing.builder().external(false).publicAccess(AccessStringHelper.DEFAULT).owner("testOwner").userGroups(userGroupSharing).users(userSharing).build();
    DataElement dataElement = createDataElement('A');
    dataElement.setValueType(ValueType.TEXT);
    CategoryOptionCombo defaultCategoryOptionCombo = createCategoryOptionCombo('D');
    OrganisationUnit organisationUnitA = createOrganisationUnit('A');
    Period period = createPeriod(new Date(), new Date());
    period.setPeriodType(PeriodType.getPeriodTypeByName(MonthlyPeriodType.NAME));
    manager.save(dataElement);
    manager.save(organisationUnitA);
    manager.save(period);
    manager.save(defaultCategoryOptionCombo);
    CategoryOption categoryOption = createCategoryOption('A');
    categoryOption.setSharing(sharing);
    categoryOption.setCategoryOptionCombos(Sets.newHashSet(defaultCategoryOptionCombo));
    manager.save(categoryOption, false);
    defaultCategoryOptionCombo.getCategoryOptions().add(categoryOption);
    DataValue dataValue = createDataValue(dataElement, period, organisationUnitA, "test", defaultCategoryOptionCombo);
    dataValueStore.addDataValue(dataValue);
    // User1 can't access but it belongs to UserGroup1 which has access
    assertEquals(0, accessManager.canRead(user1, dataValue).size());
    // User2 has access to DEA
    assertEquals(0, accessManager.canRead(user2, dataValue).size());
    // User3 doesn't have access and also doesn't belong to any groups
    assertEquals(1, accessManager.canRead(user3, dataValue).size());
    // User4 doesn't have access and it belong to UserGroup2 which also
    // doesn't have access
    assertEquals(1, accessManager.canRead(user4, dataValue).size());
}
Also used : OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit) User(org.hisp.dhis.user.User) UserAccess(org.hisp.dhis.user.sharing.UserAccess) HashMap(java.util.HashMap) DataValue(org.hisp.dhis.datavalue.DataValue) Period(org.hisp.dhis.period.Period) Date(java.util.Date) UserGroup(org.hisp.dhis.user.UserGroup) DataElement(org.hisp.dhis.dataelement.DataElement) Sharing(org.hisp.dhis.user.sharing.Sharing) CategoryOption(org.hisp.dhis.category.CategoryOption) CategoryOptionCombo(org.hisp.dhis.category.CategoryOptionCombo) UserGroupAccess(org.hisp.dhis.user.sharing.UserGroupAccess) TransactionalIntegrationTest(org.hisp.dhis.TransactionalIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 12 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class DeduplicationServiceMergeIntegrationTest method shouldManualMergeWithUserGroupOfProgram.

@Test
void shouldManualMergeWithUserGroupOfProgram() throws PotentialDuplicateConflictException, PotentialDuplicateForbiddenException {
    OrganisationUnit ou = createOrganisationUnit("OU_A");
    organisationUnitService.addOrganisationUnit(ou);
    User user = creteUser(new HashSet<>(Collections.singletonList(ou)), "F_TRACKED_ENTITY_MERGE");
    Sharing sharing = getUserSharing(user, AccessStringHelper.FULL);
    TrackedEntityType trackedEntityType = createTrackedEntityType('A');
    trackedEntityTypeService.addTrackedEntityType(trackedEntityType);
    trackedEntityType.setSharing(sharing);
    trackedEntityTypeService.updateTrackedEntityType(trackedEntityType);
    TrackedEntityInstance original = createTrackedEntityInstance(ou);
    TrackedEntityInstance duplicate = createTrackedEntityInstance(ou);
    original.setTrackedEntityType(trackedEntityType);
    duplicate.setTrackedEntityType(trackedEntityType);
    trackedEntityInstanceService.addTrackedEntityInstance(original);
    trackedEntityInstanceService.addTrackedEntityInstance(duplicate);
    Program program = createProgram('A');
    Program program1 = createProgram('B');
    programService.addProgram(program);
    programService.addProgram(program1);
    program.setSharing(sharing);
    program1.setSharing(sharing);
    ProgramInstance programInstance1 = createProgramInstance(program, original, ou);
    ProgramInstance programInstance2 = createProgramInstance(program1, duplicate, ou);
    programInstanceService.addProgramInstance(programInstance1);
    programInstanceService.addProgramInstance(programInstance2);
    programInstanceService.updateProgramInstance(programInstance1);
    programInstanceService.updateProgramInstance(programInstance2);
    original.getProgramInstances().add(programInstance1);
    duplicate.getProgramInstances().add(programInstance2);
    trackedEntityInstanceService.updateTrackedEntityInstance(original);
    trackedEntityInstanceService.updateTrackedEntityInstance(duplicate);
    PotentialDuplicate potentialDuplicate = new PotentialDuplicate(original.getUid(), duplicate.getUid());
    deduplicationService.addPotentialDuplicate(potentialDuplicate);
    DeduplicationMergeParams deduplicationMergeParams = DeduplicationMergeParams.builder().potentialDuplicate(potentialDuplicate).original(original).duplicate(duplicate).build();
    Date lastUpdatedOriginal = trackedEntityInstanceService.getTrackedEntityInstance(original.getUid()).getLastUpdated();
    deduplicationService.autoMerge(deduplicationMergeParams);
    assertEquals(deduplicationService.getPotentialDuplicateByUid(potentialDuplicate.getUid()).getStatus(), DeduplicationStatus.MERGED);
    assertTrue(trackedEntityInstanceService.getTrackedEntityInstance(original.getUid()).getLastUpdated().getTime() > lastUpdatedOriginal.getTime());
}
Also used : OrganisationUnit(org.hisp.dhis.organisationunit.OrganisationUnit) TrackedEntityType(org.hisp.dhis.trackedentity.TrackedEntityType) User(org.hisp.dhis.user.User) Program(org.hisp.dhis.program.Program) Sharing(org.hisp.dhis.user.sharing.Sharing) ProgramInstance(org.hisp.dhis.program.ProgramInstance) TrackedEntityInstance(org.hisp.dhis.trackedentity.TrackedEntityInstance) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 13 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class ReferencesCheck method checkReferences.

private List<PreheatErrorReport> checkReferences(IdentifiableObject object, Preheat preheat, PreheatIdentifier identifier, boolean skipSharing, ValidationContext ctx) {
    if (object == null) {
        return emptyList();
    }
    List<PreheatErrorReport> preheatErrorReports = new ArrayList<>();
    Schema schema = ctx.getSchemaService().getDynamicSchema(HibernateProxyUtils.getRealClass(object));
    schema.getProperties().stream().filter(p -> p.isPersisted() && p.isOwner() && (PropertyType.REFERENCE == p.getPropertyType() || PropertyType.REFERENCE == p.getItemPropertyType())).forEach(p -> {
        if (skipCheck(p.getKlass()) || skipCheck(p.getItemKlass())) {
            return;
        }
        if (!p.isCollection()) {
            checkReference(object, preheat, identifier, skipSharing, preheatErrorReports, p);
        } else {
            checkCollection(object, preheat, identifier, preheatErrorReports, p);
        }
    });
    if (schema.havePersistedProperty("attributeValues")) {
        checkAttributeValues(object, preheat, identifier, preheatErrorReports);
    }
    if (schema.havePersistedProperty("sharing") && !skipSharing && object.getSharing() != null) {
        checkSharing(object, preheat, preheatErrorReports);
    }
    return preheatErrorReports;
}
Also used : AtomicMode(org.hisp.dhis.dxf2.metadata.AtomicMode) ImportStrategy(org.hisp.dhis.importexport.ImportStrategy) PropertyType(org.hisp.dhis.schema.PropertyType) ObjectBundle(org.hisp.dhis.dxf2.metadata.objectbundle.ObjectBundle) ReflectionUtils(org.hisp.dhis.system.util.ReflectionUtils) PreheatIdentifier(org.hisp.dhis.preheat.PreheatIdentifier) Preheat(org.hisp.dhis.preheat.Preheat) EmbeddedObject(org.hisp.dhis.common.EmbeddedObject) ArrayList(java.util.ArrayList) TypeReport(org.hisp.dhis.feedback.TypeReport) PreheatErrorReport(org.hisp.dhis.preheat.PreheatErrorReport) User(org.hisp.dhis.user.User) ErrorCode(org.hisp.dhis.feedback.ErrorCode) ObjectReport(org.hisp.dhis.feedback.ObjectReport) Period(org.hisp.dhis.period.Period) IdentifiableObject(org.hisp.dhis.common.IdentifiableObject) HibernateProxyUtils(org.hisp.dhis.hibernate.HibernateProxyUtils) Collections.emptyList(java.util.Collections.emptyList) Collection(java.util.Collection) Sharing(org.hisp.dhis.user.sharing.Sharing) Property(org.hisp.dhis.schema.Property) List(java.util.List) Component(org.springframework.stereotype.Component) ValidationUtils.joinObjects(org.hisp.dhis.dxf2.metadata.objectbundle.validation.ValidationUtils.joinObjects) PeriodType(org.hisp.dhis.period.PeriodType) Schema(org.hisp.dhis.schema.Schema) PreheatErrorReport(org.hisp.dhis.preheat.PreheatErrorReport) Schema(org.hisp.dhis.schema.Schema) ArrayList(java.util.ArrayList)

Example 14 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class MetadataImportServiceTest method testImportWithSkipSharingIsTrueAndNoPermission.

/**
 * User only have READ access to Dashboard object User try to update
 * Dashboard with: skipSharing=true, and payload doesn't include sharing
 * data. Expected: import error
 */
@Test
void testImportWithSkipSharingIsTrueAndNoPermission() {
    clearSecurityContext();
    User userA = createUser("A");
    userService.addUser(userA);
    Dashboard dashboard = new Dashboard();
    dashboard.setName("DashboardA");
    Sharing sharing = new Sharing();
    sharing.addUserAccess(new UserAccess(userA, AccessStringHelper.READ));
    dashboard.setSharing(sharing);
    Map<Class<? extends IdentifiableObject>, List<IdentifiableObject>> metadata = new HashMap<>();
    metadata.put(Dashboard.class, Collections.singletonList(dashboard));
    MetadataImportParams params = createParams(ImportStrategy.CREATE, metadata);
    params.setSkipSharing(false);
    // Create Dashboard
    ImportReport report = importService.importMetadata(params);
    assertEquals(Status.OK, report.getStatus());
    // Check sharing data
    IdentifiableObject savedDashboard = manager.get(Dashboard.class, dashboard.getUid());
    boolean condition = aclService.canWrite(userA, savedDashboard);
    assertFalse(condition);
    assertTrue(aclService.canRead(userA, savedDashboard));
    // Update dashboard with skipSharing=true and no sharing data in payload
    dashboard.setSharing(null);
    metadata.put(Dashboard.class, Collections.singletonList(dashboard));
    params = createParams(ImportStrategy.UPDATE, metadata);
    params.setSkipSharing(true);
    params.setUser(userA);
    report = importService.importMetadata(params);
    assertEquals(Status.ERROR, report.getStatus());
}
Also used : User(org.hisp.dhis.user.User) Sharing(org.hisp.dhis.user.sharing.Sharing) UserAccess(org.hisp.dhis.user.sharing.UserAccess) HashMap(java.util.HashMap) ImportReport(org.hisp.dhis.dxf2.metadata.feedback.ImportReport) Dashboard(org.hisp.dhis.dashboard.Dashboard) List(java.util.List) IdentifiableObject(org.hisp.dhis.common.IdentifiableObject) TransactionalIntegrationTest(org.hisp.dhis.TransactionalIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 15 with Sharing

use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.

the class MetadataImportServiceTest method testImportWithSkipSharingIsTrueAndWritePermission.

/**
 * User have READ-WRITE access to Dashboard object User try to update
 * Dashboard with: skipSharing=true, and payload doesn't include sharing
 * data. Expected: import successfully
 */
@Test
void testImportWithSkipSharingIsTrueAndWritePermission() {
    User userA = createUser('A');
    userService.addUser(userA);
    injectSecurityContext(userA);
    Dashboard dashboard = new Dashboard();
    dashboard.setName("DashboardA");
    Sharing sharing = new Sharing();
    sharing.setPublicAccess(AccessStringHelper.DEFAULT);
    sharing.addUserAccess(new UserAccess(userA, AccessStringHelper.READ_WRITE));
    dashboard.setSharing(sharing);
    Map<Class<? extends IdentifiableObject>, List<IdentifiableObject>> metadata = new HashMap<>();
    metadata.put(Dashboard.class, Collections.singletonList(dashboard));
    MetadataImportParams params = createParams(ImportStrategy.CREATE, metadata);
    params.setSkipSharing(false);
    // Create Dashboard
    ImportReport report = importService.importMetadata(params);
    assertEquals(Status.OK, report.getStatus());
    // Check all sharing data
    IdentifiableObject savedDashboard = manager.get(Dashboard.class, dashboard.getUid());
    assertTrue(aclService.canWrite(userA, savedDashboard));
    assertTrue(aclService.canRead(userA, savedDashboard));
    // Update Dashboard with skipSharing=true and no sharing data in payload
    dashboard.setSharing(null);
    metadata.put(Dashboard.class, Collections.singletonList(dashboard));
    params = createParams(ImportStrategy.UPDATE, metadata);
    params.setSkipSharing(true);
    params.setUser(userA);
    report = importService.importMetadata(params);
    assertEquals(Status.OK, report.getStatus());
}
Also used : User(org.hisp.dhis.user.User) Sharing(org.hisp.dhis.user.sharing.Sharing) UserAccess(org.hisp.dhis.user.sharing.UserAccess) HashMap(java.util.HashMap) ImportReport(org.hisp.dhis.dxf2.metadata.feedback.ImportReport) Dashboard(org.hisp.dhis.dashboard.Dashboard) List(java.util.List) IdentifiableObject(org.hisp.dhis.common.IdentifiableObject) TransactionalIntegrationTest(org.hisp.dhis.TransactionalIntegrationTest) Test(org.junit.jupiter.api.Test)

Aggregations

Sharing (org.hisp.dhis.user.sharing.Sharing)27 Test (org.junit.jupiter.api.Test)21 UserAccess (org.hisp.dhis.user.sharing.UserAccess)12 User (org.hisp.dhis.user.User)10 UserGroupAccess (org.hisp.dhis.user.sharing.UserGroupAccess)8 DataElement (org.hisp.dhis.dataelement.DataElement)7 TransactionalIntegrationTest (org.hisp.dhis.TransactionalIntegrationTest)6 Dashboard (org.hisp.dhis.dashboard.Dashboard)5 HashMap (java.util.HashMap)4 IdentifiableObject (org.hisp.dhis.common.IdentifiableObject)4 List (java.util.List)3 UserGroup (org.hisp.dhis.user.UserGroup)3 Date (java.util.Date)2 ImportReport (org.hisp.dhis.dxf2.metadata.feedback.ImportReport)2 EventVisualization (org.hisp.dhis.eventvisualization.EventVisualization)2 TypeReport (org.hisp.dhis.feedback.TypeReport)2 OrganisationUnit (org.hisp.dhis.organisationunit.OrganisationUnit)2 Period (org.hisp.dhis.period.Period)2 Program (org.hisp.dhis.program.Program)2 PreparedStatement (java.sql.PreparedStatement)1