use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.
the class HibernateIdentifiableObjectStoreTest method testDataRead.
@Test
void testDataRead() {
User user1 = createUser("user1", "DATA_READ");
User user2 = createUser("user2", "DATA_READ");
User user3 = createUser("user3", "DATA_READ");
User user4 = createUser("user4", "DATA_READ");
UserGroup userGroup1 = createUserGroup('A', Sets.newHashSet(user1));
manager.save(userGroup1);
UserGroup userGroup2 = createUserGroup('B', Sets.newHashSet(user1, user4));
manager.save(userGroup2);
user1.getGroups().add(userGroup1);
user1.getGroups().add(userGroup2);
user4.getGroups().add(userGroup2);
Map<String, UserAccess> userSharing = new HashMap<>();
userSharing.put(user1.getUid(), new UserAccess(user1, AccessStringHelper.DEFAULT));
userSharing.put(user2.getUid(), new UserAccess(user2, AccessStringHelper.DATA_READ));
userSharing.put(user3.getUid(), new UserAccess(user3, AccessStringHelper.DEFAULT));
userSharing.put(user4.getUid(), new UserAccess(user4, AccessStringHelper.DEFAULT));
Map<String, UserGroupAccess> userGroupSharing = new HashMap<>();
userGroupSharing.put(userGroup1.getUid(), new UserGroupAccess(userGroup1, AccessStringHelper.DATA_READ_WRITE));
userGroupSharing.put(userGroup2.getUid(), new UserGroupAccess(userGroup2, AccessStringHelper.DEFAULT));
Sharing sharing = Sharing.builder().external(false).publicAccess(AccessStringHelper.DEFAULT).owner("testOwner").userGroups(userGroupSharing).users(userSharing).build();
DataElement dataElement = createDataElement('A');
dataElement.setValueType(ValueType.TEXT);
CategoryOptionCombo defaultCategoryOptionCombo = createCategoryOptionCombo('D');
OrganisationUnit organisationUnitA = createOrganisationUnit('A');
Period period = createPeriod(new Date(), new Date());
period.setPeriodType(PeriodType.getPeriodTypeByName(MonthlyPeriodType.NAME));
manager.save(dataElement);
manager.save(organisationUnitA);
manager.save(period);
manager.save(defaultCategoryOptionCombo);
CategoryOption categoryOption = createCategoryOption('A');
categoryOption.setSharing(sharing);
categoryOption.setCategoryOptionCombos(Sets.newHashSet(defaultCategoryOptionCombo));
manager.save(categoryOption, false);
defaultCategoryOptionCombo.getCategoryOptions().add(categoryOption);
DataValue dataValue = createDataValue(dataElement, period, organisationUnitA, "test", defaultCategoryOptionCombo);
dataValueStore.addDataValue(dataValue);
// User1 can't access but it belongs to UserGroup1 which has access
assertEquals(0, accessManager.canRead(user1, dataValue).size());
// User2 has access to DEA
assertEquals(0, accessManager.canRead(user2, dataValue).size());
// User3 doesn't have access and also doesn't belong to any groups
assertEquals(1, accessManager.canRead(user3, dataValue).size());
// User4 doesn't have access and it belong to UserGroup2 which also
// doesn't have access
assertEquals(1, accessManager.canRead(user4, dataValue).size());
}
use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.
the class DeduplicationServiceMergeIntegrationTest method shouldManualMergeWithUserGroupOfProgram.
@Test
void shouldManualMergeWithUserGroupOfProgram() throws PotentialDuplicateConflictException, PotentialDuplicateForbiddenException {
OrganisationUnit ou = createOrganisationUnit("OU_A");
organisationUnitService.addOrganisationUnit(ou);
User user = creteUser(new HashSet<>(Collections.singletonList(ou)), "F_TRACKED_ENTITY_MERGE");
Sharing sharing = getUserSharing(user, AccessStringHelper.FULL);
TrackedEntityType trackedEntityType = createTrackedEntityType('A');
trackedEntityTypeService.addTrackedEntityType(trackedEntityType);
trackedEntityType.setSharing(sharing);
trackedEntityTypeService.updateTrackedEntityType(trackedEntityType);
TrackedEntityInstance original = createTrackedEntityInstance(ou);
TrackedEntityInstance duplicate = createTrackedEntityInstance(ou);
original.setTrackedEntityType(trackedEntityType);
duplicate.setTrackedEntityType(trackedEntityType);
trackedEntityInstanceService.addTrackedEntityInstance(original);
trackedEntityInstanceService.addTrackedEntityInstance(duplicate);
Program program = createProgram('A');
Program program1 = createProgram('B');
programService.addProgram(program);
programService.addProgram(program1);
program.setSharing(sharing);
program1.setSharing(sharing);
ProgramInstance programInstance1 = createProgramInstance(program, original, ou);
ProgramInstance programInstance2 = createProgramInstance(program1, duplicate, ou);
programInstanceService.addProgramInstance(programInstance1);
programInstanceService.addProgramInstance(programInstance2);
programInstanceService.updateProgramInstance(programInstance1);
programInstanceService.updateProgramInstance(programInstance2);
original.getProgramInstances().add(programInstance1);
duplicate.getProgramInstances().add(programInstance2);
trackedEntityInstanceService.updateTrackedEntityInstance(original);
trackedEntityInstanceService.updateTrackedEntityInstance(duplicate);
PotentialDuplicate potentialDuplicate = new PotentialDuplicate(original.getUid(), duplicate.getUid());
deduplicationService.addPotentialDuplicate(potentialDuplicate);
DeduplicationMergeParams deduplicationMergeParams = DeduplicationMergeParams.builder().potentialDuplicate(potentialDuplicate).original(original).duplicate(duplicate).build();
Date lastUpdatedOriginal = trackedEntityInstanceService.getTrackedEntityInstance(original.getUid()).getLastUpdated();
deduplicationService.autoMerge(deduplicationMergeParams);
assertEquals(deduplicationService.getPotentialDuplicateByUid(potentialDuplicate.getUid()).getStatus(), DeduplicationStatus.MERGED);
assertTrue(trackedEntityInstanceService.getTrackedEntityInstance(original.getUid()).getLastUpdated().getTime() > lastUpdatedOriginal.getTime());
}
use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.
the class ReferencesCheck method checkReferences.
private List<PreheatErrorReport> checkReferences(IdentifiableObject object, Preheat preheat, PreheatIdentifier identifier, boolean skipSharing, ValidationContext ctx) {
if (object == null) {
return emptyList();
}
List<PreheatErrorReport> preheatErrorReports = new ArrayList<>();
Schema schema = ctx.getSchemaService().getDynamicSchema(HibernateProxyUtils.getRealClass(object));
schema.getProperties().stream().filter(p -> p.isPersisted() && p.isOwner() && (PropertyType.REFERENCE == p.getPropertyType() || PropertyType.REFERENCE == p.getItemPropertyType())).forEach(p -> {
if (skipCheck(p.getKlass()) || skipCheck(p.getItemKlass())) {
return;
}
if (!p.isCollection()) {
checkReference(object, preheat, identifier, skipSharing, preheatErrorReports, p);
} else {
checkCollection(object, preheat, identifier, preheatErrorReports, p);
}
});
if (schema.havePersistedProperty("attributeValues")) {
checkAttributeValues(object, preheat, identifier, preheatErrorReports);
}
if (schema.havePersistedProperty("sharing") && !skipSharing && object.getSharing() != null) {
checkSharing(object, preheat, preheatErrorReports);
}
return preheatErrorReports;
}
use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.
the class MetadataImportServiceTest method testImportWithSkipSharingIsTrueAndNoPermission.
/**
* User only have READ access to Dashboard object User try to update
* Dashboard with: skipSharing=true, and payload doesn't include sharing
* data. Expected: import error
*/
@Test
void testImportWithSkipSharingIsTrueAndNoPermission() {
clearSecurityContext();
User userA = createUser("A");
userService.addUser(userA);
Dashboard dashboard = new Dashboard();
dashboard.setName("DashboardA");
Sharing sharing = new Sharing();
sharing.addUserAccess(new UserAccess(userA, AccessStringHelper.READ));
dashboard.setSharing(sharing);
Map<Class<? extends IdentifiableObject>, List<IdentifiableObject>> metadata = new HashMap<>();
metadata.put(Dashboard.class, Collections.singletonList(dashboard));
MetadataImportParams params = createParams(ImportStrategy.CREATE, metadata);
params.setSkipSharing(false);
// Create Dashboard
ImportReport report = importService.importMetadata(params);
assertEquals(Status.OK, report.getStatus());
// Check sharing data
IdentifiableObject savedDashboard = manager.get(Dashboard.class, dashboard.getUid());
boolean condition = aclService.canWrite(userA, savedDashboard);
assertFalse(condition);
assertTrue(aclService.canRead(userA, savedDashboard));
// Update dashboard with skipSharing=true and no sharing data in payload
dashboard.setSharing(null);
metadata.put(Dashboard.class, Collections.singletonList(dashboard));
params = createParams(ImportStrategy.UPDATE, metadata);
params.setSkipSharing(true);
params.setUser(userA);
report = importService.importMetadata(params);
assertEquals(Status.ERROR, report.getStatus());
}
use of org.hisp.dhis.user.sharing.Sharing in project dhis2-core by dhis2.
the class MetadataImportServiceTest method testImportWithSkipSharingIsTrueAndWritePermission.
/**
* User have READ-WRITE access to Dashboard object User try to update
* Dashboard with: skipSharing=true, and payload doesn't include sharing
* data. Expected: import successfully
*/
@Test
void testImportWithSkipSharingIsTrueAndWritePermission() {
User userA = createUser('A');
userService.addUser(userA);
injectSecurityContext(userA);
Dashboard dashboard = new Dashboard();
dashboard.setName("DashboardA");
Sharing sharing = new Sharing();
sharing.setPublicAccess(AccessStringHelper.DEFAULT);
sharing.addUserAccess(new UserAccess(userA, AccessStringHelper.READ_WRITE));
dashboard.setSharing(sharing);
Map<Class<? extends IdentifiableObject>, List<IdentifiableObject>> metadata = new HashMap<>();
metadata.put(Dashboard.class, Collections.singletonList(dashboard));
MetadataImportParams params = createParams(ImportStrategy.CREATE, metadata);
params.setSkipSharing(false);
// Create Dashboard
ImportReport report = importService.importMetadata(params);
assertEquals(Status.OK, report.getStatus());
// Check all sharing data
IdentifiableObject savedDashboard = manager.get(Dashboard.class, dashboard.getUid());
assertTrue(aclService.canWrite(userA, savedDashboard));
assertTrue(aclService.canRead(userA, savedDashboard));
// Update Dashboard with skipSharing=true and no sharing data in payload
dashboard.setSharing(null);
metadata.put(Dashboard.class, Collections.singletonList(dashboard));
params = createParams(ImportStrategy.UPDATE, metadata);
params.setSkipSharing(true);
params.setUser(userA);
report = importService.importMetadata(params);
assertEquals(Status.OK, report.getStatus());
}
Aggregations