dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #28668
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 14337: sharing service, wip
------------------------------------------------------------
revno: 14337
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Fri 2014-03-21 11:31:50 +0100
message:
sharing service, wip
added:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/sharing/SharingService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing/
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing/DefaultSharingService.java
modified:
dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== added file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/sharing/SharingService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/sharing/SharingService.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/sharing/SharingService.java 2014-03-21 10:31:50 +0000
@@ -0,0 +1,145 @@
+package org.hisp.dhis.sharing;
+
+/*
+ * Copyright (c) 2004-2014, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.hisp.dhis.common.IdentifiableObject;
+import org.hisp.dhis.user.User;
+
+/**
+ * @author Morten Olav Hansen <mortenoh@xxxxxxxxx>
+ */
+public interface SharingService
+{
+ boolean isSupported( String type );
+
+ boolean isSupported( Class<?> klass );
+
+ /**
+ * Can user write to this object (create)
+ * <p/>
+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority?
+ * 2. Is the user for the object null?
+ * 3. Is the user of the object equal to current user?
+ * 4. Is the object public write?
+ * 5. Does any of the userGroupAccesses contain public write and the current user is in that group
+ *
+ * @param user User to check against
+ * @param object Object to check
+ * @return Result of test
+ */
+ boolean canWrite( User user, IdentifiableObject object );
+
+ /**
+ * Can user read this object
+ * <p/>
+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority?
+ * 2. Is the user for the object null?
+ * 3. Is the user of the object equal to current user?
+ * 4. Is the object public read?
+ * 5. Does any of the userGroupAccesses contain public read and the current user is in that group
+ *
+ * @param user User to check against
+ * @param object Object to check
+ * @return Result of test
+ */
+ boolean canRead( User user, IdentifiableObject object );
+
+ /**
+ * Can user update this object
+ * <p/>
+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority?
+ * 2. Can user write to this object?
+ *
+ * @param user User to check against
+ * @param object Object to check
+ * @return Result of test
+ */
+ boolean canUpdate( User user, IdentifiableObject object );
+
+ /**
+ * Can user delete this object
+ * <p/>
+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority?
+ * 2. Can user write to this object?
+ *
+ * @param user User to check against
+ * @param object Object to check
+ * @return Result of test
+ */
+ boolean canDelete( User user, IdentifiableObject object );
+
+ /**
+ * Can user manage (make public) this object
+ * <p/>
+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority?
+ * 2. Can user write to this object?
+ *
+ * @param user User to check against
+ * @param object Object to check
+ * @return Result of test
+ */
+ boolean canManage( User user, IdentifiableObject object );
+
+ /**
+ * Checks if a user can create a public instance of a certain object.
+ * <p/>
+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority?
+ * 2. Does user have the authority to create public instances of that object
+ *
+ * @param user User to check against
+ * @param klass Class to check
+ * @return Result of test
+ */
+ <T extends IdentifiableObject> boolean canCreatePublic( User user, Class<T> klass );
+
+ /**
+ * Checks if a user can create a private instance of a certain object.
+ * <p/>
+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority?
+ * 2. Does user have the authority to create private instances of that object
+ *
+ * @param user User to check against
+ * @param klass Class to check
+ * @return Result of test
+ */
+ <T extends IdentifiableObject> boolean canCreatePrivate( User user, Class<T> klass );
+
+ /**
+ * Can user make this object external? (read with no login)
+ *
+ * @param user User to check against
+ * @param klass Type to check
+ * @return Result of test
+ */
+ <T extends IdentifiableObject> boolean canExternalize( User user, Class<T> klass );
+
+ <T extends IdentifiableObject> boolean defaultPublic( Class<T> klass );
+
+ Class<? extends IdentifiableObject> classForType( String type );
+}
=== added directory 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing'
=== added file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing/DefaultSharingService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing/DefaultSharingService.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing/DefaultSharingService.java 2014-03-21 10:31:50 +0000
@@ -0,0 +1,126 @@
+package org.hisp.dhis.sharing;
+
+/*
+ * Copyright (c) 2004-2014, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.hisp.dhis.common.IdentifiableObject;
+import org.hisp.dhis.schema.SchemaService;
+import org.hisp.dhis.user.User;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.CollectionUtils;
+
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * @author Morten Olav Hansen <mortenoh@xxxxxxxxx>
+ */
+public class DefaultSharingService implements SharingService
+{
+ @Autowired
+ private SchemaService schemaService;
+
+ public static final List<String> SHARING_OVERRIDE_AUTHORITIES = Arrays.asList( "ALL", "F_METADATA_IMPORT" );
+
+ @Override
+ public boolean isSupported( String type )
+ {
+ return false;
+ }
+
+ @Override
+ public boolean isSupported( Class<?> klass )
+ {
+ return false;
+ }
+
+ @Override
+ public boolean canWrite( User user, IdentifiableObject object )
+ {
+ return false;
+ }
+
+ @Override
+ public boolean canRead( User user, IdentifiableObject object )
+ {
+ return false;
+ }
+
+ @Override
+ public boolean canUpdate( User user, IdentifiableObject object )
+ {
+ return false;
+ }
+
+ @Override
+ public boolean canDelete( User user, IdentifiableObject object )
+ {
+ return false;
+ }
+
+ @Override
+ public boolean canManage( User user, IdentifiableObject object )
+ {
+ return false;
+ }
+
+ @Override
+ public <T extends IdentifiableObject> boolean canCreatePublic( User user, Class<T> klass )
+ {
+ return false;
+ }
+
+ @Override
+ public <T extends IdentifiableObject> boolean canCreatePrivate( User user, Class<T> klass )
+ {
+ return false;
+ }
+
+ @Override
+ public <T extends IdentifiableObject> boolean canExternalize( User user, Class<T> klass )
+ {
+ return false;
+ }
+
+ @Override
+ public <T extends IdentifiableObject> boolean defaultPublic( Class<T> klass )
+ {
+ return false;
+ }
+
+ @Override
+ public Class<? extends IdentifiableObject> classForType( String type )
+ {
+ return null;
+ }
+
+ private boolean haveOverrideAuthority( User user )
+ {
+ return user == null || CollectionUtils.containsAny( user.getUserCredentials().getAllAuthorities(), SHARING_OVERRIDE_AUTHORITIES );
+ }
+}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml 2014-03-21 09:35:30 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml 2014-03-21 10:31:50 +0000
@@ -11,6 +11,8 @@
<bean id="org.hisp.dhis.schema.PropertyScannerService" class="org.hisp.dhis.schema.DefaultPropertyScannerService" />
+ <bean id="org.hisp.dhis.sharing.SharingService" class="org.hisp.dhis.sharing.DefaultSharingService" />
+
<!-- Store definitions -->
<bean id="smsCommandService" class="org.hisp.dhis.smscommand.DefaultSMSCommandService">
