dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 14483: add canCreate method to aclService, checks to see if the user can create the object, either norma...

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Thu, 27 Mar 2014 11:20:34 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 14483
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2014-03-27 12:19:51 +0100
message:
  add canCreate method to aclService, checks to see if the user can create the object, either normal create, public create, or private create, updated crudController to use this
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AbstractCrudController.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java	2014-03-27 06:38:37 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java	2014-03-27 11:19:51 +0000
@@ -116,6 +116,15 @@
     boolean canManage( User user, IdentifiableObject object );
 
     /**
+     * Can create
+     * @param user
+     * @param klass
+     * @param <T>
+     * @return
+     */
+    <T extends IdentifiableObject> boolean canCreate( User user, Class<T> klass );
+
+    /**
      * Checks if a user can create a public instance of a certain object.
      * <p/>
      * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority?

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java	2014-03-27 10:17:13 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java	2014-03-27 11:19:51 +0000
@@ -205,6 +205,19 @@
     }
 
     @Override
+    public <T extends IdentifiableObject> boolean canCreate( User user, Class<T> klass )
+    {
+        Schema schema = schemaService.getSchema( klass );
+
+        if ( !schema.isShareable() )
+        {
+            return canAccess( user, schema.getAuthorityByType( AuthorityType.CREATE ) );
+        }
+
+        return canCreatePublic( user, klass ) || canCreatePrivate( user, klass );
+    }
+
+    @Override
     public <T extends IdentifiableObject> boolean canCreatePublic( User user, Class<T> klass )
     {
         Schema schema = schemaService.getSchema( klass );

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AbstractCrudController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AbstractCrudController.java	2014-03-27 11:10:42 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AbstractCrudController.java	2014-03-27 11:19:51 +0000
@@ -256,8 +256,7 @@
     @RequestMapping( method = RequestMethod.POST, consumes = { "application/xml", "text/xml" } )
     public void postXmlObject( HttpServletResponse response, HttpServletRequest request, InputStream input ) throws Exception
     {
-        if ( !aclService.canCreatePublic( currentUserService.getCurrentUser(), getEntityClass() )
-            && !aclService.canCreatePrivate( currentUserService.getCurrentUser(), getEntityClass() ) )
+        if ( !aclService.canCreate( currentUserService.getCurrentUser(), getEntityClass() ) )
         {
             throw new CreateAccessDeniedException( "You don't have the proper permissions to create this object." );
         }
@@ -266,8 +265,7 @@
     @RequestMapping( method = RequestMethod.POST, consumes = "application/json" )
     public void postJsonObject( HttpServletResponse response, HttpServletRequest request, InputStream input ) throws Exception
     {
-        if ( !aclService.canCreatePublic( currentUserService.getCurrentUser(), getEntityClass() )
-            && !aclService.canCreatePrivate( currentUserService.getCurrentUser(), getEntityClass() ) )
+        if ( !aclService.canCreate( currentUserService.getCurrentUser(), getEntityClass() ) )
         {
             throw new CreateAccessDeniedException( "You don't have the proper permissions to create this object." );
         }