dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 15717: fixes for externalize, don't check sharing override when checking for externalize access

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Tue, 17 Jun 2014 10:30:40 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 15717
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Tue 2014-06-17 12:29:40 +0200
message:
  fixes for externalize, don't check sharing override when checking for externalize access
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/schema/descriptors/DashboardSchemaDescriptor.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java
  dhis-2/dhis-services/dhis-service-reporting/src/main/resources/org/hisp/dhis/dashboard/hibernate/Dashboard.hbm.xml
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AbstractCrudController.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/IdentifiableObjectController.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/schema/descriptors/DashboardSchemaDescriptor.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/schema/descriptors/DashboardSchemaDescriptor.java	2014-06-07 14:22:06 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/schema/descriptors/DashboardSchemaDescriptor.java	2014-06-17 10:29:40 +0000
@@ -58,6 +58,7 @@
         schema.setOrder( 1380 );
 
         schema.getAuthorities().add( new Authority( AuthorityType.CREATE_PUBLIC, Lists.newArrayList( "F_DASHBOARD_PUBLIC_ADD" ) ) );
+        schema.getAuthorities().add( new Authority( AuthorityType.EXTERNALIZE, Lists.newArrayList( "F_DASHBOARD_PUBLIC_ADD" ) ) );
 
         return schema;
     }

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java	2014-03-27 11:19:51 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java	2014-06-17 10:29:40 +0000
@@ -235,7 +235,7 @@
     public <T extends IdentifiableObject> boolean canExternalize( User user, Class<T> klass )
     {
         Schema schema = schemaService.getSchema( klass );
-        return !(schema == null || !schema.isShareable()) && canAccess( user, schema.getAuthorityByType( AuthorityType.EXTERNALIZE ) );
+        return !(schema == null || !schema.isShareable()) && haveAuthority( user, schema.getAuthorityByType( AuthorityType.EXTERNALIZE ) );
     }
 
     @Override
@@ -261,11 +261,16 @@
 
     private boolean haveOverrideAuthority( User user )
     {
-        return user == null || containsAny( user.getUserCredentials().getAllAuthorities(), ACL_OVERRIDE_AUTHORITIES );
+        return user == null || haveAuthority( user, ACL_OVERRIDE_AUTHORITIES );
     }
 
     private boolean canAccess( User user, Collection<String> requiredAuthorities )
     {
-        return haveOverrideAuthority( user ) || requiredAuthorities.isEmpty() || containsAny( user.getUserCredentials().getAllAuthorities(), requiredAuthorities );
+        return haveOverrideAuthority( user ) || requiredAuthorities.isEmpty() || haveAuthority( user, requiredAuthorities );
+    }
+
+    private boolean haveAuthority( User user, Collection<String> requiredAuthorities )
+    {
+        return containsAny( user.getUserCredentials().getAllAuthorities(), requiredAuthorities );
     }
 }

=== modified file 'dhis-2/dhis-services/dhis-service-reporting/src/main/resources/org/hisp/dhis/dashboard/hibernate/Dashboard.hbm.xml'
--- dhis-2/dhis-services/dhis-service-reporting/src/main/resources/org/hisp/dhis/dashboard/hibernate/Dashboard.hbm.xml	2013-08-22 17:09:11 +0000
+++ dhis-2/dhis-services/dhis-service-reporting/src/main/resources/org/hisp/dhis/dashboard/hibernate/Dashboard.hbm.xml	2014-06-17 10:29:40 +0000
@@ -27,6 +27,8 @@
     <!-- Access properties -->
     <many-to-one name="user" class="org.hisp.dhis.user.User" column="userid" foreign-key="fk_dashboard_userid" />
 
+    <property name="externalAccess" />
+
     <property name="publicAccess" length="8" />
 
     <set name="userGroupAccesses" table="dashboardusergroupaccesses">

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AbstractCrudController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AbstractCrudController.java	2014-06-15 09:24:05 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AbstractCrudController.java	2014-06-17 10:29:40 +0000
@@ -450,7 +450,7 @@
     protected List<T> getEntity( String uid, WebOptions options )
     {
         ArrayList<T> list = new ArrayList<>();
-        Optional<T> identifiableObject = Optional.of( manager.getNoAcl( getEntityClass(), uid ) );
+        Optional<T> identifiableObject = Optional.fromNullable( manager.getNoAcl( getEntityClass(), uid ) );
 
         if ( identifiableObject.isPresent() )
         {

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/IdentifiableObjectController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/IdentifiableObjectController.java	2014-06-12 14:32:29 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/IdentifiableObjectController.java	2014-06-17 10:29:40 +0000
@@ -55,7 +55,7 @@
     public List<IdentifiableObject> getEntity( String uid )
     {
         List<IdentifiableObject> identifiableObjects = Lists.newArrayList();
-        Optional<IdentifiableObject> optional = Optional.of( manager.get( uid ) );
+        Optional<IdentifiableObject> optional = Optional.fromNullable( manager.get( uid ) );
 
         if ( optional.isPresent() )
         {

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java	2014-06-11 20:34:56 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java	2014-06-17 10:29:40 +0000
@@ -139,7 +139,7 @@
     protected List<User> getEntity( String uid )
     {
         List<User> users = Lists.newArrayList();
-        Optional<User> user = Optional.of( userService.getUser( uid ) );
+        Optional<User> user = Optional.fromNullable( userService.getUser( uid ) );
 
         if ( user.isPresent() )
         {