dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #29392
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 14839: AnalyticsSecurityManager, populating level property of org units
------------------------------------------------------------
revno: 14839
committer: Lars Helge Øverland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Mon 2014-04-14 12:12:23 +0200
message:
AnalyticsSecurityManager, populating level property of org units
modified:
dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/AnalyticsSecurityManager.java
dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/data/DefaultAnalyticsService.java
dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/security/DefaultAnalyticsSecurityManager.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/dataapproval/DefaultDataApprovalLevelService.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/AnalyticsSecurityManager.java'
--- dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/AnalyticsSecurityManager.java 2014-04-14 08:58:20 +0000
+++ dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/AnalyticsSecurityManager.java 2014-04-14 10:12:23 +0000
@@ -47,7 +47,8 @@
/**
* Adds relevant data approval levels to the given query if system is configured
* to hide unapproved data from analytics and if there are relevant approval
- * levels for current user.
+ * levels for current user. Populates the approvalLevels property of the given
+ * query and sets the level poperty of each related organisation unit.
*
* @param params the data query params.
*/
=== modified file 'dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/data/DefaultAnalyticsService.java'
--- dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/data/DefaultAnalyticsService.java 2014-04-14 08:58:20 +0000
+++ dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/data/DefaultAnalyticsService.java 2014-04-14 10:12:23 +0000
@@ -206,7 +206,11 @@
@Override
public Grid getAggregatedDataValues( DataQueryParams params )
- {
+ {
+ // ---------------------------------------------------------------------
+ // Security and validation
+ // ---------------------------------------------------------------------
+
securityManager.decideAccess( params );
securityManager.applyDataApprovalConstraints( params );
=== modified file 'dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/security/DefaultAnalyticsSecurityManager.java'
--- dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/security/DefaultAnalyticsSecurityManager.java 2014-04-14 08:58:20 +0000
+++ dhis-2/dhis-services/dhis-service-analytics/src/main/java/org/hisp/dhis/analytics/security/DefaultAnalyticsSecurityManager.java 2014-04-14 10:12:23 +0000
@@ -1,5 +1,33 @@
package org.hisp.dhis.analytics.security;
+/*
+ * Copyright (c) 2004-2014, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -17,11 +45,15 @@
import org.hisp.dhis.common.NameableObject;
import org.hisp.dhis.dataapproval.DataApprovalLevelService;
import org.hisp.dhis.organisationunit.OrganisationUnit;
+import org.hisp.dhis.organisationunit.OrganisationUnitService;
import org.hisp.dhis.setting.SystemSettingManager;
import org.hisp.dhis.user.CurrentUserService;
import org.hisp.dhis.user.User;
import org.springframework.beans.factory.annotation.Autowired;
+/**
+ * @author Lars Helge Overland
+ */
public class DefaultAnalyticsSecurityManager
implements AnalyticsSecurityManager
{
@@ -38,6 +70,9 @@
@Autowired
private DimensionService dimensionService;
+
+ @Autowired
+ private OrganisationUnitService organisationUnitService;
// -------------------------------------------------------------------------
// AnalyticsSecurityManager implementation
@@ -83,6 +118,11 @@
if ( approvalLevels != null && !approvalLevels.isEmpty() )
{
+ for ( OrganisationUnit unit : approvalLevels.keySet() )
+ {
+ unit.setLevel( organisationUnitService.getLevelOfOrganisationUnit( unit.getId() ) );
+ }
+
params.setApprovalLevels( approvalLevels );
log.info( "User: " + user.getUsername() + " constrained by data approval levels: " + approvalLevels.values() );
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/dataapproval/DefaultDataApprovalLevelService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/dataapproval/DefaultDataApprovalLevelService.java 2014-04-14 07:24:29 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/dataapproval/DefaultDataApprovalLevelService.java 2014-04-14 10:12:23 +0000
@@ -342,7 +342,7 @@
{
if ( !map.containsKey( orgUnit ) )
{
- map.put(orgUnit, requiredApprovalLevel( orgUnit ) );
+ map.put( orgUnit, requiredApprovalLevel( orgUnit ) );
}
}
