dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #33564
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 17150: Accont invite. Added validation to make sure that the invite is allowed to be sent out.
------------------------------------------------------------
revno: 17150
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Fri 2014-10-17 13:13:03 +0200
message:
Accont invite. Added validation to make sure that the invite is allowed to be sent out.
added:
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateInviteAction.java
modified:
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/SecurityService.java
dhis-2/dhis-services/dhis-service-core/src/main/resources/i18n_global.properties
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/META-INF/dhis/beans.xml
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/struts.xml
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/user.js
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java 2014-10-16 17:23:01 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java 2014-10-17 11:13:03 +0000
@@ -160,7 +160,7 @@
if ( credentials == null || credentials.getUser() == null )
{
log.info( "Could not send restore/invite message as user does not exist: " + credentials );
- return "user_does_not_exist";
+ return "no_user_credentials";
}
if ( credentials.getUser().getEmail() == null || !ValidationUtils.emailIsValid( credentials.getUser().getEmail() ) )
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/SecurityService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/SecurityService.java 2014-10-16 17:23:01 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/SecurityService.java 2014-10-17 11:13:03 +0000
@@ -52,7 +52,7 @@
*
* <ul>
* <li>email_not_configured_for_system</li>
- * <li>user_does_not_exist</li>
+ * <li>no_user_credentials</li>
* <li>user_does_not_have_valid_email</li>
* <li>user_has_critical_authorities</li>
* </ul>
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/i18n_global.properties'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/i18n_global.properties 2014-10-17 09:07:35 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/i18n_global.properties 2014-10-17 11:13:03 +0000
@@ -201,7 +201,7 @@
value_not_true_only=Value is not true
value_not_valid_date=Value is not a valid date
email_not_configured_for_system=Email is not configured for the system
-user_does_not_exist=User does not exist
+no_user_credentials=No user credentials
user_does_not_have_valid_email=User does not have a valid email
user_has_critical_authorities=User has critical authorities
=== added file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateInviteAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateInviteAction.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateInviteAction.java 2014-10-17 11:13:03 +0000
@@ -0,0 +1,126 @@
+package org.hisp.dhis.user.action;
+
+/*
+ * Copyright (c) 2004-2014, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.hisp.dhis.i18n.I18n;
+import org.hisp.dhis.security.SecurityService;
+import org.hisp.dhis.user.User;
+import org.hisp.dhis.user.UserAuthorityGroup;
+import org.hisp.dhis.user.UserCredentials;
+import org.hisp.dhis.user.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.opensymphony.xwork2.Action;
+
+public class ValidateInviteAction
+ implements Action
+{
+ @Autowired
+ private UserService userService;
+
+ @Autowired
+ private SecurityService securityService;
+
+ private I18n i18n;
+
+ public void setI18n( I18n i18n )
+ {
+ this.i18n = i18n;
+ }
+
+ // -------------------------------------------------------------------------
+ // Input
+ // -------------------------------------------------------------------------
+
+ private String email;
+
+ public void setEmail( String email )
+ {
+ this.email = email;
+ }
+
+ private List<String> urSelected = new ArrayList<>();
+
+ public void setUrSelected( List<String> urSelected )
+ {
+ this.urSelected = urSelected;
+ }
+
+ // -------------------------------------------------------------------------
+ // Output
+ // -------------------------------------------------------------------------
+
+ private String message;
+
+ public String getMessage()
+ {
+ return message;
+ }
+
+ @Override
+ public String execute()
+ throws Exception
+ {
+ UserCredentials credentials = new UserCredentials();
+ User user = new User();
+
+ credentials.setUser( user );
+ user.setUserCredentials( credentials );
+
+ user.setEmail( email );
+
+ Set<UserAuthorityGroup> userAuthorityGroups = new HashSet<>();
+
+ for ( String id : urSelected )
+ {
+ userAuthorityGroups.add( userService.getUserAuthorityGroup( id ) );
+ }
+
+ credentials.setUserAuthorityGroups( userAuthorityGroups );
+
+ String valid = securityService.validateRestore( credentials );
+
+ if ( valid != null )
+ {
+ message = i18n.getString( valid );
+
+ return ERROR;
+ }
+
+ message = i18n.getString( "everything_is_ok" );
+
+ return SUCCESS;
+ }
+
+}
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/META-INF/dhis/beans.xml 2014-05-15 13:16:11 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/META-INF/dhis/beans.xml 2014-10-17 11:13:03 +0000
@@ -56,6 +56,8 @@
<property name="userService" ref="org.hisp.dhis.user.UserService" />
</bean>
+ <bean id="org.hisp.dhis.user.action.ValidateInviteAction" class="org.hisp.dhis.user.action.ValidateInviteAction" scope="prototype"/>
+
<bean id="org.hisp.dhis.user.action.SetupTreeAction" class="org.hisp.dhis.user.action.SetupTreeAction" scope="prototype">
<property name="selectionTreeManager" ref="org.hisp.dhis.oust.manager.SelectionTreeManager" />
<property name="selectionManager" ref="org.hisp.dhis.ouwt.manager.OrganisationUnitSelectionManager" />
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/struts.xml'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/struts.xml 2014-05-15 13:16:11 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/struts.xml 2014-10-17 11:13:03 +0000
@@ -78,6 +78,12 @@
<param name="onExceptionReturn">plainTextError</param>
</action>
+ <action name="validateInvite" class="org.hisp.dhis.user.action.ValidateInviteAction">
+ <result name="success" type="velocity-json">/dhis-web-commons/ajax/jsonResponseSuccess.vm</result>
+ <result name="error" type="velocity-json">/dhis-web-commons/ajax/jsonResponseError.vm</result>
+ <param name="onExceptionReturn">plainTextError</param>
+ </action>
+
<action name="disableUser" class="org.hisp.dhis.user.action.DisableUserAction">
<result name="success" type="velocity-json">/dhis-web-commons/ajax/jsonResponseSuccess.vm</result>
<result name="error" type="velocity-json">/dhis-web-commons/ajax/jsonResponseError.vm</result>
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2014-10-17 09:29:57 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2014-10-17 11:13:03 +0000
@@ -1,5 +1,6 @@
<script type="text/javascript">
var ouwtSelected = [];
+ var i18n_data_capture_org_unit_required = '$encoder.jsEscape( $i18n.getString( "data_capture_organisation_unit_required_for_user" ) , "'" )';
jQuery(function() {
validation2('addUserForm', function( form ) {
@@ -8,16 +9,19 @@
jQuery("#dcSelected").children().attr("selected", "selected");
if( $('#orgUnitTree').find('.selected').size() == 0 ) {
- setHeaderDelayMessage('$encoder.jsEncode( $i18n.getString( "data_capture_organisation_unit_required_for_user" ) )');
+ setHeaderDelayMessage(i18n_data_capture_org_unit_required);
} else {
$('#ouwtSelected').val( ouwtSelected[0] );
selection.setSelected( ouwtSelected !== undefined ? ouwtSelected : [] );
- form.submit();
+
+ validateInvite().done(function(val) {
+ form.submit();
+ });
}
}, {
'beforeValidateHandler': function() {
listValidator('urValidator', 'urSelected');
- #tblDynamicAttributesJavascript()
+ #tblDynamicAttributesJavascript()
},
'rules': getValidationRules("user")
});
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/user.js'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/user.js 2014-10-17 09:29:57 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/user.js 2014-10-17 11:13:03 +0000
@@ -119,6 +119,36 @@
}
}
+function validateInvite() {
+ var def = $.Deferred();
+ var action = $('#accountAction').val();
+
+ if ( "invite" == action ) {
+ var url = 'validateInvite.action?email=' + $('#inviteEmail').val();
+ var options = $('#urSelected').val();
+ $.each(options, function(inx,val) {
+ url += '&urSelected=' + val;
+ });
+
+ $.getJSON(url, function(json) {
+ if (json.response == "error") {
+ setHeaderDelayMessage(json.message);
+ def.reject();
+ }
+ else if (json.response == "success") {
+ def.resolve();
+ }
+ });
+ }
+ else {
+ def.resolve();
+ }
+
+ return def.promise();
+}
+
+
+
// -----------------------------------------------------------------------------
// Remove user
// -----------------------------------------------------------------------------
