use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class HibernateIdentifiableObjectStoreTest method testDataRead.
@Test
void testDataRead() {
User user1 = createUser("user1", "DATA_READ");
User user2 = createUser("user2", "DATA_READ");
User user3 = createUser("user3", "DATA_READ");
User user4 = createUser("user4", "DATA_READ");
UserGroup userGroup1 = createUserGroup('A', Sets.newHashSet(user1));
manager.save(userGroup1);
UserGroup userGroup2 = createUserGroup('B', Sets.newHashSet(user1, user4));
manager.save(userGroup2);
user1.getGroups().add(userGroup1);
user1.getGroups().add(userGroup2);
user4.getGroups().add(userGroup2);
Map<String, UserAccess> userSharing = new HashMap<>();
userSharing.put(user1.getUid(), new UserAccess(user1, AccessStringHelper.DEFAULT));
userSharing.put(user2.getUid(), new UserAccess(user2, AccessStringHelper.DATA_READ));
userSharing.put(user3.getUid(), new UserAccess(user3, AccessStringHelper.DEFAULT));
userSharing.put(user4.getUid(), new UserAccess(user4, AccessStringHelper.DEFAULT));
Map<String, UserGroupAccess> userGroupSharing = new HashMap<>();
userGroupSharing.put(userGroup1.getUid(), new UserGroupAccess(userGroup1, AccessStringHelper.DATA_READ_WRITE));
userGroupSharing.put(userGroup2.getUid(), new UserGroupAccess(userGroup2, AccessStringHelper.DEFAULT));
Sharing sharing = Sharing.builder().external(false).publicAccess(AccessStringHelper.DEFAULT).owner("testOwner").userGroups(userGroupSharing).users(userSharing).build();
DataElement dataElement = createDataElement('A');
dataElement.setValueType(ValueType.TEXT);
CategoryOptionCombo defaultCategoryOptionCombo = createCategoryOptionCombo('D');
OrganisationUnit organisationUnitA = createOrganisationUnit('A');
Period period = createPeriod(new Date(), new Date());
period.setPeriodType(PeriodType.getPeriodTypeByName(MonthlyPeriodType.NAME));
manager.save(dataElement);
manager.save(organisationUnitA);
manager.save(period);
manager.save(defaultCategoryOptionCombo);
CategoryOption categoryOption = createCategoryOption('A');
categoryOption.setSharing(sharing);
categoryOption.setCategoryOptionCombos(Sets.newHashSet(defaultCategoryOptionCombo));
manager.save(categoryOption, false);
defaultCategoryOptionCombo.getCategoryOptions().add(categoryOption);
DataValue dataValue = createDataValue(dataElement, period, organisationUnitA, "test", defaultCategoryOptionCombo);
dataValueStore.addDataValue(dataValue);
// User1 can't access but it belongs to UserGroup1 which has access
assertEquals(0, accessManager.canRead(user1, dataValue).size());
// User2 has access to DEA
assertEquals(0, accessManager.canRead(user2, dataValue).size());
// User3 doesn't have access and also doesn't belong to any groups
assertEquals(1, accessManager.canRead(user3, dataValue).size());
// User4 doesn't have access and it belong to UserGroup2 which also
// doesn't have access
assertEquals(1, accessManager.canRead(user4, dataValue).size());
}
use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class AclServiceTest method testUserCanUpdateDeleteSharedDashboard.
@Test
void testUserCanUpdateDeleteSharedDashboard() {
User user1 = createUser('A');
User user2 = createUser('B');
manager.save(user1);
manager.save(user2);
Dashboard dashboard = new Dashboard("Dashboard");
dashboard.setCreatedBy(user1);
dashboard.getSharing().setOwner(user1);
dashboard.setAutoFields();
manager.save(dashboard);
assertTrue(aclService.canRead(user1, dashboard));
assertTrue(aclService.canUpdate(user1, dashboard));
assertTrue(aclService.canDelete(user1, dashboard));
assertTrue(aclService.canManage(user1, dashboard));
UserAccess userAccess = new UserAccess();
userAccess.setUser(user2);
userAccess.setAccess(AccessStringHelper.READ_WRITE);
dashboard.getSharing().addUserAccess(userAccess);
assertTrue(aclService.canRead(user2, dashboard));
assertTrue(aclService.canUpdate(user2, dashboard));
assertTrue(aclService.canDelete(user2, dashboard));
assertTrue(aclService.canManage(user2, dashboard));
}
use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class AclServiceTest method testUserBCanUpdateVisualizationWithoutAuthority.
@Test
void testUserBCanUpdateVisualizationWithoutAuthority() {
User userA = createUser('A');
manager.save(userA);
Visualization visualization = new Visualization();
visualization.setAutoFields();
visualization.setName("FavA");
visualization.setCreatedBy(userA);
visualization.getSharing().setOwner(userA);
visualization.setPublicAccess(AccessStringHelper.DEFAULT);
visualization.setType(VisualizationType.COLUMN);
assertTrue(aclService.canUpdate(userA, visualization));
manager.save(visualization);
User userB = createUser('B');
manager.save(userB);
visualization.getSharing().addUserAccess(new UserAccess(userB, AccessStringHelper.FULL));
manager.update(visualization);
assertTrue(aclService.canUpdate(userB, visualization));
}
use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class AclServiceTest method testUserBCanUpdateEventVisualizationWithAuthority.
@Test
void testUserBCanUpdateEventVisualizationWithAuthority() {
// Given
User userA = createUser('A');
manager.save(userA);
EventVisualization eventVisualization = new EventVisualization();
eventVisualization.setAutoFields();
eventVisualization.setName("FavA");
eventVisualization.setCreatedBy(userA);
eventVisualization.getSharing().setOwner(userA);
eventVisualization.setPublicAccess(AccessStringHelper.DEFAULT);
eventVisualization.setType(EventVisualizationType.COLUMN);
assertTrue(aclService.canUpdate(userA, eventVisualization));
manager.save(eventVisualization);
// Then
UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
userAuthorityGroup.setAutoFields();
userAuthorityGroup.setName("UR");
userAuthorityGroup.getAuthorities().add("F_EVENT_VISUALIZATION_PUBLIC_ADD");
manager.save(userAuthorityGroup);
User userB = createUser('B');
userB.getUserAuthorityGroups().add(userAuthorityGroup);
manager.save(userB);
eventVisualization.getSharing().addUserAccess(new UserAccess(userB, AccessStringHelper.FULL));
manager.update(eventVisualization);
assertTrue(aclService.canUpdate(userB, eventVisualization));
}
use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class AclServiceTest method testUserBCanUpdateVisualizationWithAuthority.
@Test
void testUserBCanUpdateVisualizationWithAuthority() {
User userA = createUser('A');
manager.save(userA);
Visualization visualization = new Visualization();
visualization.setAutoFields();
visualization.setName("FavA");
visualization.setCreatedBy(userA);
visualization.getSharing().setOwner(userA);
visualization.setPublicAccess(AccessStringHelper.DEFAULT);
visualization.setType(VisualizationType.COLUMN);
assertTrue(aclService.canUpdate(userA, visualization));
manager.save(visualization);
UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();
userAuthorityGroup.setAutoFields();
userAuthorityGroup.setName("UR");
userAuthorityGroup.getAuthorities().add("F_VISUALIZATION_PUBLIC_ADD");
manager.save(userAuthorityGroup);
User userB = createUser('B');
userB.getUserAuthorityGroups().add(userAuthorityGroup);
manager.save(userB);
visualization.getSharing().addUserAccess(new UserAccess(userB, AccessStringHelper.FULL));
manager.update(visualization);
assertTrue(aclService.canUpdate(userB, visualization));
}
Aggregations