dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #25055
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 12354: Merge with lp:~sis-ma/dhis2/SISMA-84: allow import of users, clearing passwords
Merge authors:
Leandro Soares (lssoares)
Related merge proposals:
https://code.launchpad.net/~sis-ma/dhis2/SISMA-84/+merge/186329
proposed by: Leandro Soares (lssoares)
------------------------------------------------------------
revno: 12354 [merge]
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Tue 2013-10-01 11:34:05 +0200
message:
Merge with lp:~sis-ma/dhis2/SISMA-84: allow import of users, clearing passwords
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java
dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml
dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java
dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java
dhis-2/pom.xml
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java 2013-08-25 21:44:57 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java 2013-09-18 13:26:26 +0000
@@ -209,9 +209,14 @@
*/
public static boolean canWrite( User user, IdentifiableObject object )
{
+ Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
+
+ //TODO ( (object instanceof User) && canCreatePrivate( user, object ) ): review possible security breaches and best way to give update access upon user import
if ( sharingOverrideAuthority( user )
|| (object.getUser() == null && canCreatePublic( user, object ) && PRIVATE_AUTHORITIES.get( object.getClass() ) != null)
|| user.equals( object.getUser() )
+ //|| authorities.contains( PRIVATE_AUTHORITIES.get( object.getClass() ) )
+ || ( (object instanceof User) && canCreatePrivate( user, object ) )
|| AccessStringHelper.canWrite( object.getPublicAccess() ) )
{
return true;
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java 2013-08-23 15:56:19 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java 2013-09-18 13:26:26 +0000
@@ -97,6 +97,7 @@
private Date lastCheckedInterpretations;
+ @Scanned
private UserCredentials userCredentials;
private Set<UserGroup> groups = new HashSet<UserGroup>();
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2013-08-23 15:56:19 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2013-09-18 13:26:26 +0000
@@ -37,6 +37,7 @@
import org.hisp.dhis.common.BaseIdentifiableObject;
import org.hisp.dhis.common.DxfNamespaces;
import org.hisp.dhis.common.IdentifiableObjectUtils;
+import org.hisp.dhis.common.annotation.Scanned;
import org.hisp.dhis.common.view.DetailedView;
import org.hisp.dhis.common.view.ExportView;
import org.hisp.dhis.dataset.DataSet;
@@ -53,19 +54,19 @@
*/
@JacksonXmlRootElement( localName = "userCredentials", namespace = DxfNamespaces.DXF_2_0)
public class UserCredentials
- implements Serializable
+ extends BaseIdentifiableObject implements Serializable
{
/**
* Determines if a de-serialized file is compatible with this class.
*/
private static final long serialVersionUID = -8919501679702302098L;
- private int id;
+ //private int id;
/**
* Required and unique.
*/
- private User user;
+ //private User user;
/**
* Required and unique.
@@ -80,6 +81,7 @@
/**
* Set of user roles.
*/
+ @Scanned
private Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<UserAuthorityGroup>();
/**
@@ -286,6 +288,11 @@
return user != null ? user.getName() : username;
}
+ public String getCode()
+ {
+ return username;
+ }
+
/**
* Tests whether the given input arguments can perform a valid restore of the
* user account for these credentials. Returns false if any of the input arguments
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java 2013-09-30 10:39:35 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java 2013-09-30 13:57:44 +0000
@@ -623,7 +623,7 @@
executeSql( "ALTER TABLE dataelement ALTER COLUMN domaintype SET NOT NULL" );
executeSql( "update dataelementcategory set datadimension = false where datadimension is null" );
- executeSql( "UPDATE dataset SET dataelementdecoration=false WHERE dataelementdecoration is null" );
+ executeSql( "UPDATE dataset SET dataelementdecoration=false WHERE dataelementdecoration is null" );
executeSql( "alter table validationrulegroup rename column validationgroupid to validationrulegroupid" );
executeSql( "alter table sqlview rename column viewid to sqlviewid" );
@@ -640,6 +640,8 @@
executeSql( "ALTER TABLE interpretation ALTER COLUMN userid DROP NOT NULL" );
upgradeMapViewsToAnalyticalObject();
+
+ executeSql( "ALTER TABLE users ALTER COLUMN password DROP NOT NULL" );
log.info( "Tables updated" );
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml 2012-12-13 11:53:32 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml 2013-09-18 13:26:26 +0000
@@ -21,7 +21,7 @@
</property>
<property name="password">
- <column name="password" not-null="true" />
+ <column name="password" not-null="false" />
</property>
<set name="userAuthorityGroups" table="userrolemembers" cascade="save-update">
=== modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java'
--- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java 2013-10-01 09:11:23 +0000
+++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java 2013-10-01 09:34:05 +0000
@@ -173,7 +173,7 @@
importClasses = new LinkedHashMap<Class<? extends IdentifiableObject>, String>( allExportClasses );
// for now, do not allow user/userGroup to be imported
- importClasses.remove( User.class );
+ //importClasses.remove( User.class );
importClasses.remove( UserGroup.class );
// this is considered data, and is not available for meta-data export/import
=== modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java'
--- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java 2013-08-28 12:33:54 +0000
+++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java 2013-09-18 13:26:26 +0000
@@ -62,6 +62,7 @@
import org.hisp.dhis.system.util.functional.Function1;
import org.hisp.dhis.user.User;
import org.hisp.dhis.user.UserAuthorityGroup;
+import org.hisp.dhis.user.UserCredentials;
import org.hisp.dhis.user.UserGroup;
import org.springframework.beans.factory.annotation.Autowired;
@@ -409,6 +410,11 @@
NonIdentifiableObjects nonIdentifiableObjects = new NonIdentifiableObjects();
nonIdentifiableObjects.extract( object );
+ UserCredentials userCredentials = null;
+ if (object instanceof User) {
+ userCredentials = ((User)object).getUserCredentials();
+ }
+
Map<Field, Object> fields = detachFields( object );
Map<Field, Collection<Object>> collectionFields = detachCollectionFields( object );
@@ -422,6 +428,23 @@
objectBridge.updateObject( object );
+ if (object instanceof User) {
+ userCredentials.setUser((User)object);
+ userCredentials.setId( ((User)object).getId());
+
+ Map<Field, Collection<Object>> collectionFieldsUserCredentials = detachCollectionFields( userCredentials );
+
+ sessionFactory.getCurrentSession().save(userCredentials);
+
+ reattachCollectionFields( userCredentials, collectionFieldsUserCredentials );
+
+ sessionFactory.getCurrentSession().saveOrUpdate(userCredentials);
+
+ ((User) object).setUserCredentials(userCredentials);
+
+ objectBridge.updateObject( (User)object );
+ }
+
if ( !options.isDryRun() )
{
nonIdentifiableObjects.save( object );
@@ -462,6 +485,11 @@
nonIdentifiableObjects.extract( object );
nonIdentifiableObjects.delete( persistedObject );
+ UserCredentials userCredentials = null;
+ if (object instanceof User) {
+ userCredentials = ((User)object).getUserCredentials();
+ }
+
Map<Field, Object> fields = detachFields( object );
Map<Field, Collection<Object>> collectionFields = detachCollectionFields( object );
@@ -477,6 +505,15 @@
objectBridge.updateObject( persistedObject );
+ if (object instanceof User) {
+
+ Map<Field, Collection<Object>> collectionFieldsUserCredentials = detachCollectionFields( userCredentials );
+
+ reattachCollectionFields( ((User)persistedObject).getUserCredentials(), collectionFieldsUserCredentials );
+ sessionFactory.getCurrentSession().saveOrUpdate(((User)persistedObject).getUserCredentials());
+
+ }
+
if ( !options.isDryRun() )
{
nonIdentifiableObjects.save( persistedObject );
=== modified file 'dhis-2/pom.xml'
--- dhis-2/pom.xml 2013-10-01 09:02:04 +0000
+++ dhis-2/pom.xml 2013-10-01 09:34:05 +0000
@@ -26,6 +26,7 @@
<module>dhis-api</module>
<module>dhis-services</module>
<module>dhis-support</module>
+ <module>dhis-web</module>
</modules>
<licenses>
