dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #30805
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 15661: Impl check for authority for searching across all org units
------------------------------------------------------------
revno: 15661
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2014-06-12 20:38:24 +0200
message:
Impl check for authority for searching across all org units
modified:
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultCurrentUserService.java
dhis-2/dhis-services/dhis-service-tracker/src/main/java/org/hisp/dhis/trackedentity/DefaultTrackedEntityInstanceService.java
dhis-2/dhis-services/dhis-service-tracker/src/main/resources/META-INF/dhis/beans.xml
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultCurrentUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultCurrentUserService.java 2014-05-12 16:37:39 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultCurrentUserService.java 2014-06-12 18:38:24 +0000
@@ -91,4 +91,11 @@
return userCredentials.isSuper();
}
+
+ public boolean currenUserIsAuthorized( String auth )
+ {
+ User user = getCurrentUser();
+
+ return user != null && user.getUserCredentials().isAuthorized( auth );
+ }
}
=== modified file 'dhis-2/dhis-services/dhis-service-tracker/src/main/java/org/hisp/dhis/trackedentity/DefaultTrackedEntityInstanceService.java'
--- dhis-2/dhis-services/dhis-service-tracker/src/main/java/org/hisp/dhis/trackedentity/DefaultTrackedEntityInstanceService.java 2014-06-12 16:30:25 +0000
+++ dhis-2/dhis-services/dhis-service-tracker/src/main/java/org/hisp/dhis/trackedentity/DefaultTrackedEntityInstanceService.java 2014-06-12 18:38:24 +0000
@@ -68,6 +68,7 @@
import org.hisp.dhis.system.grid.ListGrid;
import org.hisp.dhis.trackedentityattributevalue.TrackedEntityAttributeValue;
import org.hisp.dhis.trackedentityattributevalue.TrackedEntityAttributeValueService;
+import org.hisp.dhis.user.CurrentUserService;
import org.hisp.dhis.validation.ValidationCriteria;
import org.springframework.transaction.annotation.Transactional;
@@ -139,6 +140,13 @@
{
this.organisationUnitService = organisationUnitService;
}
+
+ private CurrentUserService currentUserService;
+
+ public void setCurrentUserService( CurrentUserService currentUserService )
+ {
+ this.currentUserService = currentUserService;
+ }
// -------------------------------------------------------------------------
// Implementation methods
@@ -149,6 +157,8 @@
@Override
public Grid getTrackedEntityInstances( TrackedEntityInstanceQueryParams params )
{
+ decideAccess( params );
+
validate( params );
// ---------------------------------------------------------------------
@@ -265,6 +275,15 @@
return grid;
}
+ public void decideAccess( TrackedEntityInstanceQueryParams params )
+ {
+ if ( params.isOrganisationUnitMode( OrganisationUnitSelectionMode.ALL ) &&
+ !currentUserService.currenUserIsAuthorized( F_TRACKED_ENTITY_INSTANCE_SEARCH_IN_ALL_ORGUNITS ) )
+ {
+ throw new IllegalQueryException( "Current user is not authorized to query across all organisation units" );
+ }
+ }
+
@Override
public void validate( TrackedEntityInstanceQueryParams params )
throws IllegalQueryException
@@ -495,8 +514,7 @@
}
}
- updateTrackedEntityInstance( instance ); // Save instance to update
- // associations
+ updateTrackedEntityInstance( instance ); // Update associations
return id;
}
@@ -616,18 +634,14 @@
public ValidationCriteria validateEnrollment( TrackedEntityInstance instance, Program program, I18nFormat format )
{
for ( ValidationCriteria criteria : program.getValidationCriteria() )
- {
- String value = "";
-
+ {
for ( TrackedEntityAttributeValue attributeValue : instance.getAttributeValues() )
{
if ( attributeValue.getAttribute().getUid().equals( criteria.getProperty() ) )
{
- value = attributeValue.getValue();
-
+ String value = attributeValue.getValue();
String type = attributeValue.getAttribute().getValueType();
- // For integer type
if ( type.equals( TrackedEntityAttribute.TYPE_NUMBER ) )
{
int value1 = Integer.parseInt( value );
@@ -640,7 +654,6 @@
return criteria;
}
}
- // For Date type
else if ( type.equals( TrackedEntityAttribute.TYPE_DATE ) )
{
Date value1 = format.parseDate( value );
@@ -652,7 +665,6 @@
return criteria;
}
}
- // For other types
else
{
if ( criteria.getOperator() == ValidationCriteria.OPERATOR_EQUAL_TO
=== modified file 'dhis-2/dhis-services/dhis-service-tracker/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-services/dhis-service-tracker/src/main/resources/META-INF/dhis/beans.xml 2014-05-23 18:02:29 +0000
+++ dhis-2/dhis-services/dhis-service-tracker/src/main/resources/META-INF/dhis/beans.xml 2014-06-12 18:38:24 +0000
@@ -247,6 +247,7 @@
<property name="programService" ref="org.hisp.dhis.program.ProgramService" />
<property name="organisationUnitService"
ref="org.hisp.dhis.organisationunit.OrganisationUnitService" />
+ <property name="currentUserService" ref="org.hisp.dhis.user.CurrentUserService" />
</bean>
<bean id="org.hisp.dhis.trackedentity.TrackedEntityAttributeService"
