use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class DashboardCascadeSharingTest method testCascadeShareEventVisualizationError.
@Test
void testCascadeShareEventVisualizationError() {
DataElement dataElementA = createDataElement('A');
dataElementA.setSharing(Sharing.builder().publicAccess(DEFAULT).build());
objectManager.save(dataElementA, false);
Program program = createProgram('Y', null, null);
objectManager.save(program);
EventVisualization eventVisualizationA = createEventVisualization('A', program);
eventVisualizationA.setSharing(Sharing.builder().publicAccess(DEFAULT).build());
eventVisualizationA.addDataDimensionItem(dataElementA);
objectManager.save(eventVisualizationA, false);
Sharing sharing = new Sharing();
sharing.setPublicAccess(DEFAULT);
sharing.addUserAccess(new UserAccess(userB, DEFAULT));
Dashboard dashboard = createDashboardWithItem("A", sharing);
dashboard.getItems().get(0).setEventVisualization(eventVisualizationA);
objectManager.save(dashboard, false);
CascadeSharingReport report = cascadeSharingService.cascadeSharing(dashboard, new CascadeSharingParameters());
assertEquals(0, report.getUpdateObjects().size());
assertFalse(aclService.canRead(userB, eventVisualizationA));
assertFalse(aclService.canRead(userB, dataElementA));
}
use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class DashboardCascadeSharingTest method testCascadeShareVisualizationError.
@Test
void testCascadeShareVisualizationError() {
DataElement dataElementA = createDataElement('A');
dataElementA.setSharing(Sharing.builder().publicAccess(DEFAULT).build());
objectManager.save(dataElementA, false);
Visualization vzA = createVisualization('A');
vzA.setSharing(Sharing.builder().publicAccess(DEFAULT).build());
vzA.addDataDimensionItem(dataElementA);
objectManager.save(vzA, false);
Sharing sharing = new Sharing();
sharing.setPublicAccess(DEFAULT);
sharing.addUserAccess(new UserAccess(userB, DEFAULT));
Dashboard dashboard = createDashboardWithItem("A", sharing);
dashboard.getItems().get(0).setVisualization(vzA);
objectManager.save(dashboard, false);
CascadeSharingReport report = cascadeSharingService.cascadeSharing(dashboard, new CascadeSharingParameters());
assertEquals(0, report.getUpdateObjects().size());
assertFalse(aclService.canRead(userB, vzA));
assertFalse(aclService.canRead(userB, dataElementA));
}
use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class DashboardCascadeSharingTest method testCascadeShareMapError.
/**
* Dashboard is shared to userB.
* <p>
* But userB's access is DEFAULT('--------')
* <p>
* Expected: no objects being updated.
*/
@Test
void testCascadeShareMapError() {
DataElement dataElementB = createDataElement('B');
dataElementB.setSharing(Sharing.builder().publicAccess(DEFAULT).build());
objectManager.save(dataElementB, false);
Map map = createMap("A");
map.setSharing(Sharing.builder().publicAccess(DEFAULT).build());
objectManager.save(map, false);
objectManager.flush();
Sharing sharing = new Sharing();
sharing.setPublicAccess(DEFAULT);
sharing.addUserAccess(new UserAccess(userB, DEFAULT));
Dashboard dashboard = createDashboardWithItem("dashboardA", sharing);
dashboard.getItems().get(0).setMap(map);
objectManager.save(dashboard, false);
CascadeSharingReport report = cascadeSharingService.cascadeSharing(dashboard, new CascadeSharingParameters());
assertEquals(0, report.getUpdateObjects().size());
assertFalse(aclService.canRead(userB, dashboard.getItems().get(0).getMap()));
}
use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class SharingController method postSharing.
@PostMapping(consumes = APPLICATION_JSON_VALUE)
@ResponseBody
public WebMessage postSharing(@RequestParam String type, @RequestParam String id, HttpServletRequest request) throws Exception {
Class<? extends IdentifiableObject> sharingClass = aclService.classForType(type);
if (sharingClass == null || !aclService.isClassShareable(sharingClass)) {
return conflict("Type " + type + " is not supported.");
}
BaseIdentifiableObject object = (BaseIdentifiableObject) manager.getNoAcl(sharingClass, id);
if (object == null) {
return notFound("Object of type " + type + " with ID " + id + " was not found.");
}
if ((object instanceof SystemDefaultMetadataObject) && ((SystemDefaultMetadataObject) object).isDefault()) {
return conflict("Sharing settings of system default metadata object of type " + type + " cannot be modified.");
}
User user = currentUserService.getCurrentUser();
if (!aclService.canManage(user, object)) {
throw new AccessDeniedException("You do not have manage access to this object.");
}
Sharing sharing = renderService.fromJson(request.getInputStream(), Sharing.class);
if (!AccessStringHelper.isValid(sharing.getObject().getPublicAccess())) {
return conflict("Invalid public access string: " + sharing.getObject().getPublicAccess());
}
if (aclService.canMakeExternal(user, object)) {
object.setExternalAccess(sharing.getObject().hasExternalAccess());
}
// ---------------------------------------------------------------------
// Ignore publicAccess if user is not allowed to make objects public
// ---------------------------------------------------------------------
Schema schema = schemaService.getDynamicSchema(sharingClass);
if (aclService.canMakePublic(user, object)) {
object.setPublicAccess(sharing.getObject().getPublicAccess());
}
if (!schema.isDataShareable()) {
if (AccessStringHelper.hasDataSharing(object.getSharing().getPublicAccess())) {
object.getSharing().setPublicAccess(AccessStringHelper.disableDataSharing(object.getSharing().getPublicAccess()));
}
}
if (object.getCreatedBy() == null) {
object.setCreatedBy(user);
}
object.getSharing().getUserGroups().clear();
for (SharingUserGroupAccess sharingUserGroupAccess : sharing.getObject().getUserGroupAccesses()) {
UserGroupAccess userGroupAccess = new UserGroupAccess();
if (!AccessStringHelper.isValid(sharingUserGroupAccess.getAccess())) {
return conflict("Invalid user group access string: " + sharingUserGroupAccess.getAccess());
}
if (!schema.isDataShareable()) {
if (AccessStringHelper.hasDataSharing(sharingUserGroupAccess.getAccess())) {
sharingUserGroupAccess.setAccess(AccessStringHelper.disableDataSharing(sharingUserGroupAccess.getAccess()));
}
}
userGroupAccess.setAccess(sharingUserGroupAccess.getAccess());
UserGroup userGroup = manager.get(UserGroup.class, sharingUserGroupAccess.getId());
if (userGroup != null) {
userGroupAccess.setUserGroup(userGroup);
object.getSharing().addUserGroupAccess(userGroupAccess);
}
}
object.getSharing().getUsers().clear();
for (SharingUserAccess sharingUserAccess : sharing.getObject().getUserAccesses()) {
UserAccess userAccess = new UserAccess();
if (!AccessStringHelper.isValid(sharingUserAccess.getAccess())) {
return conflict("Invalid user access string: " + sharingUserAccess.getAccess());
}
if (!schema.isDataShareable()) {
if (AccessStringHelper.hasDataSharing(sharingUserAccess.getAccess())) {
sharingUserAccess.setAccess(AccessStringHelper.disableDataSharing(sharingUserAccess.getAccess()));
}
}
userAccess.setAccess(sharingUserAccess.getAccess());
User sharingUser = manager.get(User.class, sharingUserAccess.getId());
if (sharingUser != null) {
userAccess.setUser(sharingUser);
object.getSharing().addUserAccess(userAccess);
}
}
manager.updateNoAcl(object);
if (Program.class.isInstance(object)) {
syncSharingForEventProgram((Program) object);
}
log.info(sharingToString(object));
return ok("Access control set");
}
use of org.hisp.dhis.user.sharing.UserAccess in project dhis2-core by dhis2.
the class PatchServiceTest method testEmbeddedObjectCollectionDiff.
@Test
void testEmbeddedObjectCollectionDiff() {
User adminUser = createAndInjectAdminUser();
UserGroup userGroup = createUserGroup('A', Sets.newHashSet(adminUser));
manager.save(userGroup);
DataElement deA = createDataElement('A');
DataElement deB = createDataElement('B');
deA.getAggregationLevels().add(1);
deB.getAggregationLevels().add(1);
deB.getAggregationLevels().add(2);
deB.getAggregationLevels().add(3);
deB.getSharing().addUserGroupAccess(new UserGroupAccess(userGroup, "rw------"));
deB.getSharing().addUserAccess(new UserAccess(adminUser, "rw------"));
Patch patch = patchService.diff(new PatchParams(deA, deB));
patchService.apply(patch, deA);
assertEquals(deA.getName(), deB.getName());
assertEquals(deA.getShortName(), deB.getShortName());
assertEquals(deA.getDescription(), deB.getDescription());
assertEquals(deA.getAggregationLevels(), deB.getAggregationLevels());
assertEquals(deA.getUserGroupAccesses(), deB.getUserGroupAccesses());
assertEquals(deA.getUserAccesses(), deB.getUserAccesses());
}
Aggregations