dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #28839
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 14471: minor fixes to AclService
------------------------------------------------------------
revno: 14471
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2014-03-27 09:20:52 +0100
message:
minor fixes to AclService
modified:
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java 2014-03-27 06:38:37 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java 2014-03-27 08:20:52 +0000
@@ -39,8 +39,6 @@
import org.springframework.beans.factory.annotation.Autowired;
import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
import static org.springframework.util.CollectionUtils.containsAny;
@@ -105,6 +103,7 @@
for ( UserGroupAccess userGroupAccess : object.getUserGroupAccesses() )
{
+ /* Is the user allowed to write to this object through group access? */
if ( AccessStringHelper.canWrite( userGroupAccess.getAccess() )
&& userGroupAccess.getUserGroup().getMembers().contains( user ) )
{
@@ -136,6 +135,7 @@
for ( UserGroupAccess userGroupAccess : object.getUserGroupAccesses() )
{
+ /* Is the user allowed to read this object through group access? */
if ( AccessStringHelper.canRead( userGroupAccess.getAccess() )
&& userGroupAccess.getUserGroup().getMembers().contains( user ) )
{
@@ -202,6 +202,7 @@
for ( UserGroupAccess userGroupAccess : object.getUserGroupAccesses() )
{
+ /* Is the user allowed to write to this object through group access? */
if ( AccessStringHelper.canWrite( userGroupAccess.getAccess() )
&& userGroupAccess.getUserGroup().getMembers().contains( user ) )
{
@@ -215,46 +216,22 @@
@Override
public <T extends IdentifiableObject> boolean canCreatePublic( User user, Class<T> klass )
{
- Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
-
Schema schema = schemaService.getSchema( klass );
-
- if ( schema == null || !schema.isShareable() )
- {
- return false;
- }
-
- return containsAny( authorities, ACL_OVERRIDE_AUTHORITIES ) || containsAny( authorities, schema.getAuthorityByType( AuthorityType.CREATE_PUBLIC ) );
+ return !(schema == null || !schema.isShareable()) && canAccess( user, schema.getAuthorityByType( AuthorityType.CREATE_PUBLIC ) );
}
@Override
public <T extends IdentifiableObject> boolean canCreatePrivate( User user, Class<T> klass )
{
- Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
-
Schema schema = schemaService.getSchema( klass );
-
- if ( schema == null || !schema.isShareable() )
- {
- return false;
- }
-
- return containsAny( authorities, ACL_OVERRIDE_AUTHORITIES ) || containsAny( authorities, schema.getAuthorityByType( AuthorityType.CREATE_PRIVATE ) );
+ return !(schema == null || !schema.isShareable()) && canAccess( user, schema.getAuthorityByType( AuthorityType.CREATE_PRIVATE ) );
}
@Override
public <T extends IdentifiableObject> boolean canExternalize( User user, Class<T> klass )
{
- Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
-
Schema schema = schemaService.getSchema( klass );
-
- if ( schema == null || !schema.isShareable() )
- {
- return false;
- }
-
- return containsAny( authorities, ACL_OVERRIDE_AUTHORITIES ) || containsAny( authorities, schema.getAuthorityByType( AuthorityType.EXTERNALIZE ) );
+ return !(schema == null || !schema.isShareable()) && canAccess( user, schema.getAuthorityByType( AuthorityType.EXTERNALIZE ) );
}
@Override