dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #16694
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 6408: Added controller for UserAuthorityGroup, also changed visiblity for User* controller from module ...
------------------------------------------------------------
revno: 6408
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2012-03-28 09:40:14 +0200
message:
Added controller for UserAuthorityGroup, also changed visiblity for User* controller from module based => demand superuser authority (ALL)
added:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroups.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserAuthorityGroupController.java
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserController.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserGroupController.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/webdomain/Resources.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java 2012-03-19 16:35:13 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java 2012-03-28 07:40:14 +0000
@@ -101,7 +101,7 @@
@JsonProperty
@JsonView( {DetailedView.class, ExportView.class} )
- @JacksonXmlProperty
+ @JacksonXmlProperty( namespace = Dxf2Namespace.NAMESPACE )
public String getDescription()
{
return description;
@@ -114,8 +114,8 @@
@JsonProperty
@JsonView( {DetailedView.class, ExportView.class} )
- @JacksonXmlElementWrapper( localName = "authorities" )
- @JacksonXmlProperty( localName = "authority" )
+ @JacksonXmlElementWrapper( localName = "authorities", namespace = Dxf2Namespace.NAMESPACE )
+ @JacksonXmlProperty( localName = "authority", namespace = Dxf2Namespace.NAMESPACE )
public Set<String> getAuthorities()
{
return authorities;
@@ -139,8 +139,8 @@
@JsonProperty
@JsonSerialize( contentAs = BaseIdentifiableObject.class )
@JsonView( {DetailedView.class, ExportView.class} )
- @JacksonXmlElementWrapper( localName = "dataSets" )
- @JacksonXmlProperty( localName = "dataSet" )
+ @JacksonXmlElementWrapper( localName = "dataSets", namespace = Dxf2Namespace.NAMESPACE )
+ @JacksonXmlProperty( localName = "dataSet", namespace = Dxf2Namespace.NAMESPACE )
public Set<DataSet> getDataSets()
{
return dataSets;
=== added file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroups.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroups.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroups.java 2012-03-28 07:40:14 +0000
@@ -0,0 +1,61 @@
+package org.hisp.dhis.user;
+
+/*
+ * Copyright (c) 2004-2011, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlElementWrapper;
+import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlProperty;
+import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
+import org.hisp.dhis.common.BaseCollection;
+import org.hisp.dhis.common.Dxf2Namespace;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @author Morten Olav Hansen <mortenoh@xxxxxxxxx>
+ */
+@JacksonXmlRootElement( localName = "dxf2", namespace = Dxf2Namespace.NAMESPACE )
+public class UserAuthorityGroups
+ extends BaseCollection
+{
+ private List<UserAuthorityGroup> userAuthorityGroups = new ArrayList<UserAuthorityGroup>();
+
+ @JsonProperty
+ @JacksonXmlElementWrapper( localName = "userAuthorityGroups", namespace = Dxf2Namespace.NAMESPACE )
+ @JacksonXmlProperty( localName = "userAuthorityGroup", namespace = Dxf2Namespace.NAMESPACE )
+ public List<UserAuthorityGroup> getUserAuthorityGroups()
+ {
+ return userAuthorityGroups;
+ }
+
+ public void setUserAuthorityGroups( List<UserAuthorityGroup> userAuthorityGroups )
+ {
+ this.userAuthorityGroups = userAuthorityGroups;
+ }
+}
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2012-03-09 09:40:27 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2012-03-28 07:40:14 +0000
@@ -254,6 +254,15 @@
UserAuthorityGroup getUserAuthorityGroup( int id );
/**
+ * 2
+ * Retrieves the UserAuthorityGroup with the given identifier.
+ *
+ * @param id the identifier of the UserAuthorityGroup to retrieve.
+ * @return the UserAuthorityGroup.
+ */
+ UserAuthorityGroup getUserAuthorityGroup( String uid );
+
+ /**
* Retrieves the UserAuthorityGroup with the given name.
*
* @param name the name of the UserAuthorityGroup to retrieve.
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java 2012-03-09 09:40:27 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java 2012-03-28 07:40:14 +0000
@@ -227,6 +227,14 @@
UserAuthorityGroup getUserAuthorityGroup( int id );
/**
+ * Retrieves the UserAuthorityGroup with the given identifier.
+ *
+ * @param id the identifier of the UserAuthorityGroup to retrieve.
+ * @return the UserAuthorityGroup.
+ */
+ UserAuthorityGroup getUserAuthorityGroup( String uid );
+
+ /**
* Retrieves the UserAuthorityGroup with the given name.
*
* @param name the name of the UserAuthorityGroup to retrieve.
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2012-03-09 09:40:27 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2012-03-28 07:40:14 +0000
@@ -278,6 +278,11 @@
return userStore.getUserAuthorityGroup( userAuthorityGroupId );
}
+ public UserAuthorityGroup getUserAuthorityGroup( String uid )
+ {
+ return userStore.getUserAuthorityGroup( uid );
+ }
+
public UserAuthorityGroup getUserAuthorityGroupByName( String userAuthorityGroupName )
{
return userStore.getUserAuthorityGroupByName( userAuthorityGroupName );
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java 2012-03-19 16:35:13 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java 2012-03-28 07:40:14 +0000
@@ -258,7 +258,7 @@
}
public Collection<UserCredentials> getUsersByOrganisationUnitBetweenByName( OrganisationUnit orgUnit, String name,
- int first, int max )
+ int first, int max )
{
return getBlockUser( findByName( toUserCredentials( orgUnit.getUsers() ), name ), first, max );
}
@@ -362,6 +362,17 @@
return (UserAuthorityGroup) session.get( UserAuthorityGroup.class, id );
}
+ public UserAuthorityGroup getUserAuthorityGroup( String uid )
+ {
+ Session session = sessionFactory.getCurrentSession();
+
+ Criteria criteria = session.createCriteria( UserAuthorityGroup.class );
+
+ criteria.add( Restrictions.eq( "uid", uid ) );
+
+ return (UserAuthorityGroup) criteria.uniqueResult();
+ }
+
public UserAuthorityGroup getUserAuthorityGroupByName( String name )
{
Session session = sessionFactory.getCurrentSession();
@@ -489,7 +500,7 @@
return credentials;
}
- @SuppressWarnings("unchecked")
+ @SuppressWarnings( "unchecked" )
public Collection<User> getUsersByOrganisationUnits( Collection<OrganisationUnit> orgunits )
{
String hql = "select distinct u from User u join u.organisationUnits o where o.id in (:ids)";
=== added file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserAuthorityGroupController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserAuthorityGroupController.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserAuthorityGroupController.java 2012-03-28 07:40:14 +0000
@@ -0,0 +1,158 @@
+package org.hisp.dhis.api.controller.user;
+
+/*
+ * Copyright (c) 2004-2011, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.hisp.dhis.api.utils.IdentifiableObjectParams;
+import org.hisp.dhis.api.utils.WebLinkPopulator;
+import org.hisp.dhis.user.UserAuthorityGroup;
+import org.hisp.dhis.user.UserAuthorityGroups;
+import org.hisp.dhis.user.UserGroupService;
+import org.hisp.dhis.user.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.HttpRequestMethodNotSupportedException;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.InputStream;
+import java.util.ArrayList;
+
+/**
+ * @author Morten Olav Hansen <mortenoh@xxxxxxxxx>
+ */
+@Controller
+@RequestMapping( value = UserAuthorityGroupController.RESOURCE_PATH )
+public class UserAuthorityGroupController
+{
+ public static final String RESOURCE_PATH = "/userAuthorityGroups";
+
+ @Autowired
+ private UserGroupService userGroupService;
+
+ @Autowired
+ private UserService userService;
+
+ //-------------------------------------------------------------------------------------------------------
+ // GET
+ //-------------------------------------------------------------------------------------------------------
+
+ @RequestMapping( method = RequestMethod.GET )
+ @PreAuthorize( "hasRole('ALL')" )
+ public String getUserAuthorityGroups( IdentifiableObjectParams params, Model model, HttpServletRequest request )
+ {
+ UserAuthorityGroups userAuthorityGroups = new UserAuthorityGroups();
+ userAuthorityGroups.setUserAuthorityGroups( new ArrayList<UserAuthorityGroup>( userService.getAllUserAuthorityGroups() ) );
+
+ if ( params.hasLinks() )
+ {
+ WebLinkPopulator listener = new WebLinkPopulator( request );
+ listener.addLinks( userAuthorityGroups );
+ }
+
+ model.addAttribute( "model", userAuthorityGroups );
+
+ return "userGroups";
+ }
+
+ @RequestMapping( value = "/{uid}", method = RequestMethod.GET )
+ @PreAuthorize( "hasRole('ALL')" )
+ public String getUserAuthorityGroup( @PathVariable( "uid" ) String uid, IdentifiableObjectParams params, Model model, HttpServletRequest request )
+ {
+ UserAuthorityGroup userAuthorityGroup = userService.getUserAuthorityGroup( uid );
+
+ if ( params.hasLinks() )
+ {
+ WebLinkPopulator listener = new WebLinkPopulator( request );
+ listener.addLinks( userAuthorityGroup );
+ }
+
+ model.addAttribute( "model", userAuthorityGroup );
+ model.addAttribute( "view", "detailed" );
+
+ return "userGroup";
+ }
+
+ //-------------------------------------------------------------------------------------------------------
+ // POST
+ //-------------------------------------------------------------------------------------------------------
+
+ @RequestMapping( method = RequestMethod.POST, headers = {"Content-Type=application/xml, text/xml"} )
+ @PreAuthorize( "hasRole('ALL')" )
+ @ResponseStatus( value = HttpStatus.CREATED )
+ public void postUserAuthorityGroupXML( HttpServletResponse response, InputStream input ) throws Exception
+ {
+ throw new HttpRequestMethodNotSupportedException( RequestMethod.POST.toString() );
+ }
+
+ @RequestMapping( method = RequestMethod.POST, headers = {"Content-Type=application/json"} )
+ @PreAuthorize( "hasRole('ALL')" )
+ @ResponseStatus( value = HttpStatus.CREATED )
+ public void postUserAuthorityGroupJSON( HttpServletResponse response, InputStream input ) throws Exception
+ {
+ throw new HttpRequestMethodNotSupportedException( RequestMethod.POST.toString() );
+ }
+
+ //-------------------------------------------------------------------------------------------------------
+ // PUT
+ //-------------------------------------------------------------------------------------------------------
+
+ @RequestMapping( value = "/{uid}", method = RequestMethod.PUT, headers = {"Content-Type=application/xml, text/xml"} )
+ @PreAuthorize( "hasRole('ALL')" )
+ @ResponseStatus( value = HttpStatus.NO_CONTENT )
+ public void putUserAuthorityGroupXML( @PathVariable( "uid" ) String uid, InputStream input ) throws Exception
+ {
+ throw new HttpRequestMethodNotSupportedException( RequestMethod.PUT.toString() );
+ }
+
+ @RequestMapping( value = "/{uid}", method = RequestMethod.PUT, headers = {"Content-Type=application/json"} )
+ @PreAuthorize( "hasRole('ALL')" )
+ @ResponseStatus( value = HttpStatus.NO_CONTENT )
+ public void putUserAuthorityGroupJSON( @PathVariable( "uid" ) String uid, InputStream input ) throws Exception
+ {
+ throw new HttpRequestMethodNotSupportedException( RequestMethod.PUT.toString() );
+ }
+
+ //-------------------------------------------------------------------------------------------------------
+ // DELETE
+ //-------------------------------------------------------------------------------------------------------
+
+ @RequestMapping( value = "/{uid}", method = RequestMethod.DELETE )
+ @PreAuthorize( "hasRole('ALL')" )
+ @ResponseStatus( value = HttpStatus.NO_CONTENT )
+ public void deleteUserAuthorityGroup( @PathVariable( "uid" ) String uid ) throws Exception
+ {
+ throw new HttpRequestMethodNotSupportedException( RequestMethod.DELETE.toString() );
+ }
+}
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserController.java 2012-03-28 07:18:05 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserController.java 2012-03-28 07:40:14 +0000
@@ -65,7 +65,7 @@
//-------------------------------------------------------------------------------------------------------
@RequestMapping( method = RequestMethod.GET )
- @PreAuthorize( "hasRole('ALL') or hasRole('M_dhis-web-maintenance-user')" )
+ @PreAuthorize( "hasRole('ALL')" )
public String getUsers( IdentifiableObjectParams params, Model model, HttpServletRequest request )
{
Users users = new Users();
@@ -83,7 +83,7 @@
}
@RequestMapping( value = "/{uid}", method = RequestMethod.GET )
- @PreAuthorize( "hasRole('ALL') or hasRole('M_dhis-web-maintenance-user')" )
+ @PreAuthorize( "hasRole('ALL')" )
public String getUser( @PathVariable( "uid" ) String uid, IdentifiableObjectParams params, Model model, HttpServletRequest request )
{
User user = userService.getUser( uid );
@@ -105,7 +105,7 @@
//-------------------------------------------------------------------------------------------------------
@RequestMapping( method = RequestMethod.POST, headers = {"Content-Type=application/xml, text/xml"} )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_ADD')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.CREATED )
public void postUserXML( HttpServletResponse response, InputStream input ) throws Exception
{
@@ -113,7 +113,7 @@
}
@RequestMapping( method = RequestMethod.POST, headers = {"Content-Type=application/json"} )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_ADD')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.CREATED )
public void postUserJSON( HttpServletResponse response, InputStream input ) throws Exception
{
@@ -125,7 +125,7 @@
//-------------------------------------------------------------------------------------------------------
@RequestMapping( value = "/{uid}", method = RequestMethod.PUT, headers = {"Content-Type=application/xml, text/xml"} )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_UPDATE')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.NO_CONTENT )
public void putUserXML( @PathVariable( "uid" ) String uid, InputStream input ) throws Exception
{
@@ -133,7 +133,7 @@
}
@RequestMapping( value = "/{uid}", method = RequestMethod.PUT, headers = {"Content-Type=application/json"} )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_UPDATE')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.NO_CONTENT )
public void putUserJSON( @PathVariable( "uid" ) String uid, InputStream input ) throws Exception
{
@@ -145,7 +145,7 @@
//-------------------------------------------------------------------------------------------------------
@RequestMapping( value = "/{uid}", method = RequestMethod.DELETE )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_DELETE')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.NO_CONTENT )
public void deleteUser( @PathVariable( "uid" ) String uid ) throws Exception
{
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserGroupController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserGroupController.java 2012-03-28 07:18:05 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/user/UserGroupController.java 2012-03-28 07:40:14 +0000
@@ -65,7 +65,7 @@
//-------------------------------------------------------------------------------------------------------
@RequestMapping( method = RequestMethod.GET )
- @PreAuthorize( "hasRole('ALL') or hasRole('M_dhis-web-maintenance-user')" )
+ @PreAuthorize( "hasRole('ALL')" )
public String getUserGroups( IdentifiableObjectParams params, Model model, HttpServletRequest request )
{
UserGroups userGroups = new UserGroups();
@@ -83,7 +83,7 @@
}
@RequestMapping( value = "/{uid}", method = RequestMethod.GET )
- @PreAuthorize( "hasRole('ALL') or hasRole('M_dhis-web-maintenance-user')" )
+ @PreAuthorize( "hasRole('ALL')" )
public String getUserGroup( @PathVariable( "uid" ) String uid, IdentifiableObjectParams params, Model model, HttpServletRequest request )
{
UserGroup userGroup = userGroupService.getUserGroup( uid );
@@ -105,7 +105,7 @@
//-------------------------------------------------------------------------------------------------------
@RequestMapping( method = RequestMethod.POST, headers = {"Content-Type=application/xml, text/xml"} )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_GRUP_ADD')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.CREATED )
public void postUserGroupXML( HttpServletResponse response, InputStream input ) throws Exception
{
@@ -113,7 +113,7 @@
}
@RequestMapping( method = RequestMethod.POST, headers = {"Content-Type=application/json"} )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_GRUP_ADD')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.CREATED )
public void postUserGroupJSON( HttpServletResponse response, InputStream input ) throws Exception
{
@@ -125,7 +125,7 @@
//-------------------------------------------------------------------------------------------------------
@RequestMapping( value = "/{uid}", method = RequestMethod.PUT, headers = {"Content-Type=application/xml, text/xml"} )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_GRUP_UPDATE')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.NO_CONTENT )
public void putUserGroupXML( @PathVariable( "uid" ) String uid, InputStream input ) throws Exception
{
@@ -133,7 +133,7 @@
}
@RequestMapping( value = "/{uid}", method = RequestMethod.PUT, headers = {"Content-Type=application/json"} )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_GRUP_UPDATE')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.NO_CONTENT )
public void putUserGroupJSON( @PathVariable( "uid" ) String uid, InputStream input ) throws Exception
{
@@ -145,7 +145,7 @@
//-------------------------------------------------------------------------------------------------------
@RequestMapping( value = "/{uid}", method = RequestMethod.DELETE )
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_GRUP_DELETE')" )
+ @PreAuthorize( "hasRole('ALL')" )
@ResponseStatus( value = HttpStatus.NO_CONTENT )
public void deleteUserGroup( @PathVariable( "uid" ) String uid ) throws Exception
{
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/webdomain/Resources.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/webdomain/Resources.java 2012-03-22 15:04:58 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/webdomain/Resources.java 2012-03-28 07:40:14 +0000
@@ -54,6 +54,7 @@
import org.hisp.dhis.report.Reports;
import org.hisp.dhis.reporttable.ReportTables;
import org.hisp.dhis.sqlview.SqlViews;
+import org.hisp.dhis.user.UserAuthorityGroups;
import org.hisp.dhis.user.UserGroups;
import org.hisp.dhis.user.Users;
import org.hisp.dhis.validation.ValidationRuleGroups;
@@ -139,6 +140,7 @@
resources.add( new Resource( "SqlViews", SqlViews.class, requestMethods, mediaTypes ) );
resources.add( new Resource( "Users", Users.class, requestMethods, mediaTypes ) );
resources.add( new Resource( "UserGroups", UserGroups.class, requestMethods, mediaTypes ) );
+ resources.add( new Resource( "UserAuthorityGroups", UserAuthorityGroups.class, requestMethods, mediaTypes ) );
resources.add( new Resource( "ValidationRules", ValidationRules.class, requestMethods, mediaTypes ) );
resources.add( new Resource( "ValidationRuleGroups", ValidationRuleGroups.class, requestMethods, mediaTypes ) );
}
