dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #33397
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 17032: support password encoding on user/users import, on both /api/metadata (bulk import) and /api/user...
------------------------------------------------------------
revno: 17032
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Fri 2014-10-10 17:55:35 +0700
message:
support password encoding on user/users import, on both /api/metadata (bulk import) and /api/users, will check for existence of password field, and then encode it using passwordManager.
modified:
dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java'
--- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java 2014-09-16 05:18:47 +0000
+++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java 2014-10-10 10:55:35 +0000
@@ -67,6 +67,7 @@
import org.hisp.dhis.program.ProgramTrackedEntityAttribute;
import org.hisp.dhis.program.ProgramValidation;
import org.hisp.dhis.schema.SchemaService;
+import org.hisp.dhis.security.PasswordManager;
import org.hisp.dhis.system.util.ReflectionUtils;
import org.hisp.dhis.trackedentity.TrackedEntity;
import org.hisp.dhis.trackedentity.TrackedEntityAttribute;
@@ -130,9 +131,12 @@
@Autowired
private SchemaService schemaService;
- @Autowired( required = false )
+ @Autowired(required = false)
private List<ObjectHandler<T>> objectHandlers;
+ @Autowired
+ private PasswordManager passwordManager;
+
//-------------------------------------------------------------------------------------------------------
// Constructor
//-------------------------------------------------------------------------------------------------------
@@ -221,14 +225,16 @@
if ( !aclService.canDelete( user, persistedObject ) )
{
summaryType.getImportConflicts().add(
- new ImportConflict( ImportUtils.getDisplayName( persistedObject ), "Permission denied for deletion of object " + persistedObject.getUid() ) );
+ new ImportConflict( ImportUtils.getDisplayName( persistedObject ), "Permission denied for deletion of object " +
+ persistedObject.getUid() ) );
log.debug( "Permission denied for deletion of object " + persistedObject.getUid() );
return false;
}
- log.debug( "Trying to delete object => " + ImportUtils.getDisplayName( persistedObject ) + " (" + persistedObject.getClass().getSimpleName() + ")" );
+ log.debug( "Trying to delete object => " + ImportUtils.getDisplayName( persistedObject ) + " (" + persistedObject.getClass()
+ .getSimpleName() + ")" );
try
{
@@ -259,7 +265,8 @@
if ( !aclService.canCreate( user, object.getClass() ) )
{
summaryType.getImportConflicts().add(
- new ImportConflict( ImportUtils.getDisplayName( object ), "Permission denied, you are not allowed to create objects of type " + object.getClass() ) );
+ new ImportConflict( ImportUtils.getDisplayName( object ), "Permission denied, you are not allowed to create objects of " +
+ "type " + object.getClass() ) );
log.debug( "Permission denied, you are not allowed to create objects of type " + object.getClass() );
@@ -294,7 +301,8 @@
reattachFields( object, fields );
- log.debug( "Trying to save new object => " + ImportUtils.getDisplayName( object ) + " (" + object.getClass().getSimpleName() + ")" );
+ log.debug( "Trying to save new object => " + ImportUtils.getDisplayName( object ) + " (" + object.getClass().getSimpleName() + ")" +
+ "" );
objectBridge.saveObject( object );
updatePeriodTypes( object );
@@ -307,6 +315,11 @@
userCredentials.setUser( (User) object );
userCredentials.setId( object.getId() );
+ if ( userCredentials.getPassword() != null )
+ {
+ userCredentials.setPassword( passwordManager.encodePassword( userCredentials.getPassword() ) );
+ }
+
Map<Field, Collection<Object>> collectionFieldsUserCredentials = detachCollectionFields( userCredentials );
sessionFactory.getCurrentSession().save( userCredentials );
@@ -345,7 +358,8 @@
if ( !aclService.canUpdate( user, persistedObject ) )
{
summaryType.getImportConflicts().add(
- new ImportConflict( ImportUtils.getDisplayName( persistedObject ), "Permission denied for update of object " + persistedObject.getUid() ) );
+ new ImportConflict( ImportUtils.getDisplayName( persistedObject ), "Permission denied for update of object " +
+ persistedObject.getUid() ) );
log.debug( "Permission denied for update of object " + persistedObject.getUid() );
@@ -401,6 +415,11 @@
{
Map<Field, Collection<Object>> collectionFieldsUserCredentials = detachCollectionFields( userCredentials );
+ if ( userCredentials != null && userCredentials.getPassword() != null )
+ {
+ userCredentials.setPassword( passwordManager.encodePassword( userCredentials.getPassword() ) );
+ }
+
((User) persistedObject).getUserCredentials().mergeWith( userCredentials );
reattachCollectionFields( ((User) persistedObject).getUserCredentials(), collectionFieldsUserCredentials );
@@ -730,7 +749,8 @@
}
else
{
- if ( schemaService.getSchema( idObject.getClass() ) != null || UserCredentials.class.isAssignableFrom( idObject.getClass() ) )
+ if ( schemaService.getSchema( idObject.getClass() ) != null ||
+ UserCredentials.class.isAssignableFrom( idObject.getClass() ) )
{
reportReferenceError( idObject, object );
}
@@ -1074,7 +1094,8 @@
if ( ReflectionUtils.isCollection( "programAttributes", object, ProgramTrackedEntityAttribute.class ) )
{
- List<ProgramTrackedEntityAttribute> programTrackedEntityAttributes = ReflectionUtils.invokeGetterMethod( "programAttributes", object );
+ List<ProgramTrackedEntityAttribute> programTrackedEntityAttributes = ReflectionUtils.invokeGetterMethod(
+ "programAttributes", object );
if ( programTrackedEntityAttributes == null )
{
@@ -1104,7 +1125,8 @@
extractProgramTrackedEntityAttributes( object );
}
- private void saveProgramTrackedEntityAttributes( T object, Collection<ProgramTrackedEntityAttribute> programTrackedEntityAttributes )
+ private void saveProgramTrackedEntityAttributes( T object, Collection<ProgramTrackedEntityAttribute>
+ programTrackedEntityAttributes )
{
for ( ProgramTrackedEntityAttribute programTrackedEntityAttribute : programTrackedEntityAttributes )
{
@@ -1122,7 +1144,8 @@
if ( method != null )
{
- Collection<ProgramStageDataElement> programStageDataElements = ReflectionUtils.invokeGetterMethod( "programStageDataElements", object );
+ Collection<ProgramStageDataElement> programStageDataElements = ReflectionUtils.invokeGetterMethod(
+ "programStageDataElements", object );
for ( ProgramStageDataElement programStageDataElement : programStageDataElements )
{
@@ -1163,7 +1186,8 @@
programStageDataElement.setProgramStage( (ProgramStage) object );
}
- ProgramStageDataElement persisted = programStageDataElementService.get( programStageDataElement.getProgramStage(), programStageDataElement.getDataElement() );
+ ProgramStageDataElement persisted = programStageDataElementService.get( programStageDataElement.getProgramStage(),
+ programStageDataElement.getDataElement() );
if ( persisted == null )
{
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java 2014-10-01 08:39:12 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java 2014-10-10 10:55:35 +0000
@@ -211,12 +211,6 @@
User parsed = renderService.fromXml( request.getInputStream(), getEntityClass() );
parsed.setUid( uid );
- if ( parsed.getUserCredentials().getPassword() != null )
- {
- String encodedPassword = passwordManager.encodePassword( parsed.getUserCredentials().getPassword() );
- parsed.getUserCredentials().setPassword( encodedPassword );
- }
-
ImportTypeSummary summary = importService.importObject( currentUserService.getCurrentUser().getUid(), parsed, ImportStrategy.UPDATE );
renderService.toXml( response.getOutputStream(), summary );
}
@@ -242,12 +236,6 @@
User parsed = renderService.fromJson( request.getInputStream(), getEntityClass() );
parsed.setUid( uid );
- if ( parsed.getUserCredentials().getPassword() != null )
- {
- String encodedPassword = passwordManager.encodePassword( parsed.getUserCredentials().getPassword() );
- parsed.getUserCredentials().setPassword( encodedPassword );
- }
-
ImportTypeSummary summary = importService.importObject( currentUserService.getCurrentUser().getUid(), parsed, ImportStrategy.UPDATE );
renderService.toJson( response.getOutputStream(), summary );
}