Examples with UserGroupAccess org.hisp.dhis.user.sharing.UserGroupAccess used on opensource projects

Search in sources :

Example 26 with UserGroupAccess

use of org.hisp.dhis.user.sharing.UserGroupAccess in project dhis2-core by dhis2.

the class DefaultAclStoreTest method getAccessibleProgramsReturnsUserGroupOnes.

@Test
void getAccessibleProgramsReturnsUserGroupOnes() {
    // a private program
    Program programA = createProgram('A');
    programA.setPublicAccess("--------");
    programA.getSharing().setOwner(owner);
    manager.save(programA, false);
    // a private program readable by a user group of which the user IS part
    // of
    Program programB = createProgram('B');
    programB.setPublicAccess("--------");
    programB.getSharing().setOwner(owner);
    UserGroup g = createUserGroup('B', Set.of(owner, user));
    UserGroupAccess a = new UserGroupAccess();
    a.setUserGroup(g);
    a.setAccess("--r-----");
    programB.getSharing().addUserGroupAccess(a);
    manager.save(programB, false);
    List<Long> programIds = aclStore.getAccessiblePrograms(user.getUid(), Collections.singletonList(g.getUid()));
    assertContainsOnly(programIds, programB.getId());
}
Also used : Program(org.hisp.dhis.program.Program) UserGroup(org.hisp.dhis.user.UserGroup) UserGroupAccess(org.hisp.dhis.user.sharing.UserGroupAccess) Test(org.junit.jupiter.api.Test)

Example 27 with UserGroupAccess

use of org.hisp.dhis.user.sharing.UserGroupAccess in project dhis2-core by dhis2.

the class SharingTest method withAccessAppliesToUserGroups.

@Test
void withAccessAppliesToUserGroups() {
    Sharing original = new Sharing();
    original.setUserGroups(singletonMap("key", new UserGroupAccess("abcd1234", "uid")));
    Sharing actual = original.withAccess(Sharing::copyMetadataToData);
    Map<String, UserGroupAccess> groups = actual.getUserGroups();
    assertEquals(1, groups.size());
    assertEquals("key", groups.keySet().iterator().next());
    assertEquals("abab1234", groups.values().iterator().next().getAccess());
    assertEquals("uid", groups.values().iterator().next().getId());
}
Also used : Sharing(org.hisp.dhis.user.sharing.Sharing) UserGroupAccess(org.hisp.dhis.user.sharing.UserGroupAccess) Test(org.junit.jupiter.api.Test)

Example 28 with UserGroupAccess

use of org.hisp.dhis.user.sharing.UserGroupAccess in project dhis2-core by dhis2.

the class SharingTest method addUserGroupAccessCreatesMapWhenNeeded.

@Test
void addUserGroupAccessCreatesMapWhenNeeded() {
    Sharing actual = new Sharing();
    actual.addUserGroupAccess(new UserGroupAccess("rw------", "uid"));
    assertEquals(1, actual.getUserGroups().size());
}
Also used : Sharing(org.hisp.dhis.user.sharing.Sharing) UserGroupAccess(org.hisp.dhis.user.sharing.UserGroupAccess) Test(org.junit.jupiter.api.Test)

Example 29 with UserGroupAccess

use of org.hisp.dhis.user.sharing.UserGroupAccess in project dhis2-core by dhis2.

the class SharingController method postSharing.

@PostMapping(consumes = APPLICATION_JSON_VALUE)
@ResponseBody
public WebMessage postSharing(@RequestParam String type, @RequestParam String id, HttpServletRequest request) throws Exception {
    Class<? extends IdentifiableObject> sharingClass = aclService.classForType(type);
    if (sharingClass == null || !aclService.isClassShareable(sharingClass)) {
        return conflict("Type " + type + " is not supported.");
    }
    BaseIdentifiableObject object = (BaseIdentifiableObject) manager.getNoAcl(sharingClass, id);
    if (object == null) {
        return notFound("Object of type " + type + " with ID " + id + " was not found.");
    }
    if ((object instanceof SystemDefaultMetadataObject) && ((SystemDefaultMetadataObject) object).isDefault()) {
        return conflict("Sharing settings of system default metadata object of type " + type + " cannot be modified.");
    }
    User user = currentUserService.getCurrentUser();
    if (!aclService.canManage(user, object)) {
        throw new AccessDeniedException("You do not have manage access to this object.");
    }
    Sharing sharing = renderService.fromJson(request.getInputStream(), Sharing.class);
    if (!AccessStringHelper.isValid(sharing.getObject().getPublicAccess())) {
        return conflict("Invalid public access string: " + sharing.getObject().getPublicAccess());
    }
    if (aclService.canMakeExternal(user, object)) {
        object.setExternalAccess(sharing.getObject().hasExternalAccess());
    }
    // ---------------------------------------------------------------------
    // Ignore publicAccess if user is not allowed to make objects public
    // ---------------------------------------------------------------------
    Schema schema = schemaService.getDynamicSchema(sharingClass);
    if (aclService.canMakePublic(user, object)) {
        object.setPublicAccess(sharing.getObject().getPublicAccess());
    }
    if (!schema.isDataShareable()) {
        if (AccessStringHelper.hasDataSharing(object.getSharing().getPublicAccess())) {
            object.getSharing().setPublicAccess(AccessStringHelper.disableDataSharing(object.getSharing().getPublicAccess()));
        }
    }
    if (object.getCreatedBy() == null) {
        object.setCreatedBy(user);
    }
    object.getSharing().getUserGroups().clear();
    for (SharingUserGroupAccess sharingUserGroupAccess : sharing.getObject().getUserGroupAccesses()) {
        UserGroupAccess userGroupAccess = new UserGroupAccess();
        if (!AccessStringHelper.isValid(sharingUserGroupAccess.getAccess())) {
            return conflict("Invalid user group access string: " + sharingUserGroupAccess.getAccess());
        }
        if (!schema.isDataShareable()) {
            if (AccessStringHelper.hasDataSharing(sharingUserGroupAccess.getAccess())) {
                sharingUserGroupAccess.setAccess(AccessStringHelper.disableDataSharing(sharingUserGroupAccess.getAccess()));
            }
        }
        userGroupAccess.setAccess(sharingUserGroupAccess.getAccess());
        UserGroup userGroup = manager.get(UserGroup.class, sharingUserGroupAccess.getId());
        if (userGroup != null) {
            userGroupAccess.setUserGroup(userGroup);
            object.getSharing().addUserGroupAccess(userGroupAccess);
        }
    }
    object.getSharing().getUsers().clear();
    for (SharingUserAccess sharingUserAccess : sharing.getObject().getUserAccesses()) {
        UserAccess userAccess = new UserAccess();
        if (!AccessStringHelper.isValid(sharingUserAccess.getAccess())) {
            return conflict("Invalid user access string: " + sharingUserAccess.getAccess());
        }
        if (!schema.isDataShareable()) {
            if (AccessStringHelper.hasDataSharing(sharingUserAccess.getAccess())) {
                sharingUserAccess.setAccess(AccessStringHelper.disableDataSharing(sharingUserAccess.getAccess()));
            }
        }
        userAccess.setAccess(sharingUserAccess.getAccess());
        User sharingUser = manager.get(User.class, sharingUserAccess.getId());
        if (sharingUser != null) {
            userAccess.setUser(sharingUser);
            object.getSharing().addUserAccess(userAccess);
        }
    }
    manager.updateNoAcl(object);
    if (Program.class.isInstance(object)) {
        syncSharingForEventProgram((Program) object);
    }
    log.info(sharingToString(object));
    return ok("Access control set");
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) BaseIdentifiableObject(org.hisp.dhis.common.BaseIdentifiableObject) User(org.hisp.dhis.user.User) Sharing(org.hisp.dhis.webapi.webdomain.sharing.Sharing) UserAccess(org.hisp.dhis.user.sharing.UserAccess) SharingUserAccess(org.hisp.dhis.webapi.webdomain.sharing.SharingUserAccess) Schema(org.hisp.dhis.schema.Schema) SharingUserGroupAccess(org.hisp.dhis.webapi.webdomain.sharing.SharingUserGroupAccess) SharingUserAccess(org.hisp.dhis.webapi.webdomain.sharing.SharingUserAccess) SystemDefaultMetadataObject(org.hisp.dhis.common.SystemDefaultMetadataObject) SharingUserGroupAccess(org.hisp.dhis.webapi.webdomain.sharing.SharingUserGroupAccess) UserGroupAccess(org.hisp.dhis.user.sharing.UserGroupAccess) UserGroup(org.hisp.dhis.user.UserGroup) PostMapping(org.springframework.web.bind.annotation.PostMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Aggregations

UserGroupAccess (org.hisp.dhis.user.sharing.UserGroupAccess)29 UserGroup (org.hisp.dhis.user.UserGroup)22 Test (org.junit.jupiter.api.Test)21 User (org.hisp.dhis.user.User)14 TransactionalIntegrationTest (org.hisp.dhis.TransactionalIntegrationTest)13 UserAccess (org.hisp.dhis.user.sharing.UserAccess)13 DataElement (org.hisp.dhis.dataelement.DataElement)10 Sharing (org.hisp.dhis.user.sharing.Sharing)8 HashMap (java.util.HashMap)3 Schema (org.hisp.dhis.schema.Schema)3 ArrayList (java.util.ArrayList)2 DhisSpringTest (org.hisp.dhis.DhisSpringTest)2 CategoryOption (org.hisp.dhis.category.CategoryOption)2 BaseIdentifiableObject (org.hisp.dhis.common.BaseIdentifiableObject)2 SystemDefaultMetadataObject (org.hisp.dhis.common.SystemDefaultMetadataObject)2 ErrorReport (org.hisp.dhis.feedback.ErrorReport)2 Program (org.hisp.dhis.program.Program)2 Date (java.util.Date)1 CategoryOptionCombo (org.hisp.dhis.category.CategoryOptionCombo)1 Dashboard (org.hisp.dhis.dashboard.Dashboard)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial