← Back to team overview

dhis2-devs team mailing list archive

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 12354: Merge with lp:~sis-ma/dhis2/SISMA-84: allow import of users, clearing passwords

 

Merge authors:
  Leandro Soares (lssoares)
Related merge proposals:
  https://code.launchpad.net/~sis-ma/dhis2/SISMA-84/+merge/186329
  proposed by: Leandro Soares (lssoares)
------------------------------------------------------------
revno: 12354 [merge]
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Tue 2013-10-01 11:34:05 +0200
message:
  Merge with lp:~sis-ma/dhis2/SISMA-84: allow import of users, clearing passwords
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java
  dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml
  dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java
  dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java
  dhis-2/pom.xml


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java	2013-08-25 21:44:57 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java	2013-09-18 13:26:26 +0000
@@ -209,9 +209,14 @@
      */
     public static boolean canWrite( User user, IdentifiableObject object )
     {
+        Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
+
+        //TODO ( (object instanceof User) && canCreatePrivate( user, object ) ): review possible security breaches and best way to give update access upon user import
         if ( sharingOverrideAuthority( user )
             || (object.getUser() == null && canCreatePublic( user, object ) && PRIVATE_AUTHORITIES.get( object.getClass() ) != null)
             || user.equals( object.getUser() )
+            //|| authorities.contains( PRIVATE_AUTHORITIES.get( object.getClass() ) )
+            || ( (object instanceof User) && canCreatePrivate( user, object ) )
             || AccessStringHelper.canWrite( object.getPublicAccess() ) )
         {
             return true;

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java	2013-08-23 15:56:19 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java	2013-09-18 13:26:26 +0000
@@ -97,6 +97,7 @@
 
     private Date lastCheckedInterpretations;
 
+    @Scanned
     private UserCredentials userCredentials;
 
     private Set<UserGroup> groups = new HashSet<UserGroup>();

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2013-08-23 15:56:19 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2013-09-18 13:26:26 +0000
@@ -37,6 +37,7 @@
 import org.hisp.dhis.common.BaseIdentifiableObject;
 import org.hisp.dhis.common.DxfNamespaces;
 import org.hisp.dhis.common.IdentifiableObjectUtils;
+import org.hisp.dhis.common.annotation.Scanned;
 import org.hisp.dhis.common.view.DetailedView;
 import org.hisp.dhis.common.view.ExportView;
 import org.hisp.dhis.dataset.DataSet;
@@ -53,19 +54,19 @@
  */
 @JacksonXmlRootElement( localName = "userCredentials", namespace = DxfNamespaces.DXF_2_0)
 public class UserCredentials
-    implements Serializable
+        extends BaseIdentifiableObject implements Serializable
 {
     /**
      * Determines if a de-serialized file is compatible with this class.
      */
     private static final long serialVersionUID = -8919501679702302098L;
 
-    private int id;
+    //private int id;
 
     /**
      * Required and unique.
      */
-    private User user;
+    //private User user;
 
     /**
      * Required and unique.
@@ -80,6 +81,7 @@
     /**
      * Set of user roles.
      */
+    @Scanned
     private Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<UserAuthorityGroup>();
 
     /**
@@ -286,6 +288,11 @@
         return user != null ? user.getName() : username;
     }
 
+    public String getCode()
+    {
+        return username;
+    }
+
     /**
      * Tests whether the given input arguments can perform a valid restore of the
      * user account for these credentials. Returns false if any of the input arguments

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java	2013-09-30 10:39:35 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java	2013-09-30 13:57:44 +0000
@@ -623,7 +623,7 @@
         executeSql( "ALTER TABLE dataelement ALTER COLUMN domaintype SET NOT NULL" );
         executeSql( "update dataelementcategory set datadimension = false where datadimension is null" );
         
-	executeSql( "UPDATE dataset SET dataelementdecoration=false WHERE dataelementdecoration is null" );
+		executeSql( "UPDATE dataset SET dataelementdecoration=false WHERE dataelementdecoration is null" );
 
         executeSql( "alter table validationrulegroup rename column validationgroupid to validationrulegroupid" );
         executeSql( "alter table sqlview rename column viewid to sqlviewid" );
@@ -640,6 +640,8 @@
         executeSql( "ALTER TABLE interpretation ALTER COLUMN userid DROP NOT NULL" );
 
         upgradeMapViewsToAnalyticalObject();
+
+		executeSql( "ALTER TABLE users ALTER COLUMN password DROP NOT NULL" );
         
         log.info( "Tables updated" );
     }

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml	2012-12-13 11:53:32 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml	2013-09-18 13:26:26 +0000
@@ -21,7 +21,7 @@
     </property>
 
     <property name="password">
-      <column name="password" not-null="true" />
+      <column name="password" not-null="false" />
     </property>
 
     <set name="userAuthorityGroups" table="userrolemembers" cascade="save-update">

=== modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java'
--- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java	2013-10-01 09:11:23 +0000
+++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java	2013-10-01 09:34:05 +0000
@@ -173,7 +173,7 @@
         importClasses = new LinkedHashMap<Class<? extends IdentifiableObject>, String>( allExportClasses );
 
         // for now, do not allow user/userGroup to be imported
-        importClasses.remove( User.class );
+        //importClasses.remove( User.class );
         importClasses.remove( UserGroup.class );
 
         // this is considered data, and is not available for meta-data export/import

=== modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java'
--- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java	2013-08-28 12:33:54 +0000
+++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java	2013-09-18 13:26:26 +0000
@@ -62,6 +62,7 @@
 import org.hisp.dhis.system.util.functional.Function1;
 import org.hisp.dhis.user.User;
 import org.hisp.dhis.user.UserAuthorityGroup;
+import org.hisp.dhis.user.UserCredentials;
 import org.hisp.dhis.user.UserGroup;
 import org.springframework.beans.factory.annotation.Autowired;
 
@@ -409,6 +410,11 @@
         NonIdentifiableObjects nonIdentifiableObjects = new NonIdentifiableObjects();
         nonIdentifiableObjects.extract( object );
 
+        UserCredentials userCredentials = null;
+        if (object instanceof User) {
+            userCredentials = ((User)object).getUserCredentials();
+        }
+
         Map<Field, Object> fields = detachFields( object );
         Map<Field, Collection<Object>> collectionFields = detachCollectionFields( object );
 
@@ -422,6 +428,23 @@
 
         objectBridge.updateObject( object );
 
+        if (object instanceof User) {
+            userCredentials.setUser((User)object);
+            userCredentials.setId( ((User)object).getId());
+
+            Map<Field, Collection<Object>> collectionFieldsUserCredentials = detachCollectionFields( userCredentials );
+
+            sessionFactory.getCurrentSession().save(userCredentials);
+
+            reattachCollectionFields( userCredentials, collectionFieldsUserCredentials );
+
+            sessionFactory.getCurrentSession().saveOrUpdate(userCredentials);
+
+            ((User) object).setUserCredentials(userCredentials);
+
+            objectBridge.updateObject( (User)object );
+        }
+
         if ( !options.isDryRun() )
         {
             nonIdentifiableObjects.save( object );
@@ -462,6 +485,11 @@
         nonIdentifiableObjects.extract( object );
         nonIdentifiableObjects.delete( persistedObject );
 
+        UserCredentials userCredentials = null;
+        if (object instanceof User) {
+            userCredentials = ((User)object).getUserCredentials();
+        }
+
         Map<Field, Object> fields = detachFields( object );
         Map<Field, Collection<Object>> collectionFields = detachCollectionFields( object );
 
@@ -477,6 +505,15 @@
 
         objectBridge.updateObject( persistedObject );
 
+        if (object instanceof User) {
+
+            Map<Field, Collection<Object>> collectionFieldsUserCredentials = detachCollectionFields( userCredentials );
+
+            reattachCollectionFields( ((User)persistedObject).getUserCredentials(), collectionFieldsUserCredentials );
+            sessionFactory.getCurrentSession().saveOrUpdate(((User)persistedObject).getUserCredentials());
+
+        }
+
         if ( !options.isDryRun() )
         {
             nonIdentifiableObjects.save( persistedObject );

=== modified file 'dhis-2/pom.xml'
--- dhis-2/pom.xml	2013-10-01 09:02:04 +0000
+++ dhis-2/pom.xml	2013-10-01 09:34:05 +0000
@@ -26,6 +26,7 @@
     <module>dhis-api</module>
     <module>dhis-services</module>
     <module>dhis-support</module>
+	<module>dhis-web</module>
   </modules>
 
   <licenses>