dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #28832
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 14468: minor fix, allow delete/update if user is null
------------------------------------------------------------
revno: 14468
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2014-03-27 06:13:32 +0100
message:
minor fix, allow delete/update if user is null
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AccessControlService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAccessControlService.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AccessControlService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AccessControlService.java 2014-03-27 04:44:41 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AccessControlService.java 2014-03-27 05:13:32 +0000
@@ -45,6 +45,8 @@
boolean isSupported( Class<?> klass );
+ boolean isShareable( Class<?> klass );
+
/**
* Can user write to this object (create)
* <p/>
@@ -138,7 +140,7 @@
/**
* Can user make this object external? (read with no login)
*
- * @param user User to check against
+ * @param user User to check against
* @param klass Type to check
* @return Result of test
*/
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAccessControlService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAccessControlService.java 2014-03-27 04:44:41 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAccessControlService.java 2014-03-27 05:13:32 +0000
@@ -67,6 +67,13 @@
}
@Override
+ public boolean isShareable( Class<?> klass )
+ {
+ Schema schema = schemaService.getSchema( klass );
+ return schema != null && schema.isShareable();
+ }
+
+ @Override
public boolean canWrite( User user, IdentifiableObject object )
{
Schema schema = schemaService.getSchema( object.getClass() );
@@ -145,9 +152,7 @@
return canWrite( user, object );
}
- Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
-
- return canAccess( authorities, schema.getAuthorityByType( AuthorityType.UPDATE ) ) && canWrite( user, object );
+ return canAccess( user, schema.getAuthorityByType( AuthorityType.UPDATE ) ) && canWrite( user, object );
}
@Override
@@ -165,14 +170,14 @@
return canWrite( user, object );
}
- Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
-
- return canAccess( authorities, schema.getAuthorityByType( AuthorityType.DELETE ) ) && canWrite( user, object );
+ return canAccess( user, schema.getAuthorityByType( AuthorityType.DELETE ) ) && canWrite( user, object );
}
- private boolean canAccess( Collection<String> userAuthorities, Collection<String> requiredAuthorities )
+ private boolean canAccess( User user, Collection<String> requiredAuthorities )
{
- return containsAny( userAuthorities, SHARING_OVERRIDE_AUTHORITIES ) ||
+ Set<String> userAuthorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
+
+ return user == null || containsAny( userAuthorities, SHARING_OVERRIDE_AUTHORITIES ) ||
containsAny( userAuthorities, requiredAuthorities );
}
