dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 17783: UserService, method for checking write/update user access

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Tue, 23 Dec 2014 11:05:33 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 17783
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Tue 2014-12-23 11:59:45 +0100
message:
  UserService, method for checking write/update user access
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java
  dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java	2014-12-23 09:38:34 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java	2014-12-23 10:59:45 +0000
@@ -174,6 +174,18 @@
 
     int countDataSetUserAuthorityGroups( DataSet dataSet );
 
+    /**
+     * Tests whether the current user is allowed to create a user associated
+     * with the given user group identifiers. Returns true if current user has 
+     * the F_USER_ADD authority. Returns true if the current user has the 
+     * F_USER_ADD_WITHIN_MANAGED_GROUP authority and can manage any of the given
+     * user groups. Returns false otherwise.
+     * 
+     * @param userGroups the user group identifiers.
+     * @return true if the current user can create user, false if not.
+     */
+    boolean canAddOrUpdateUser( Collection<String> userGroups );
+    
     // -------------------------------------------------------------------------
     // UserCredentials
     // -------------------------------------------------------------------------

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java	2014-12-23 09:38:34 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java	2014-12-23 10:59:45 +0000
@@ -77,6 +77,13 @@
     {
         this.userStore = userStore;
     }
+    
+    private UserGroupService userGroupService;
+
+    public void setUserGroupService( UserGroupService userGroupService )
+    {
+        this.userGroupService = userGroupService;
+    }
 
     private UserCredentialsStore userCredentialsStore;
 
@@ -407,6 +414,42 @@
         return true;
     }
 
+    public boolean canAddOrUpdateUser( Collection<String> uids )
+    {
+    	User currentUser = currentUserService.getCurrentUser();
+    	
+    	if ( currentUser == null )
+    	{
+    	    return false;
+    	}
+    	
+    	boolean canAdd = currentUser.getUserCredentials().isAuthorized( UserGroup.AUTH_USER_ADD );
+    	
+    	if ( canAdd )
+    	{
+    	    return true;
+    	}
+    	
+    	boolean canAddInGroup = currentUser.getUserCredentials().isAuthorized( UserGroup.AUTH_USER_ADD_IN_GROUP );
+    	
+    	if ( !canAddInGroup )
+    	{
+    	    return false;
+    	}
+    	
+    	for ( String uid : uids )
+    	{
+    	    UserGroup userGroup = userGroupService.getUserGroup( uid );
+            
+            if ( currentUser.canManage( userGroup ) )
+            {
+                return true;
+            }
+    	}
+    	
+    	return true;
+    }
+    
     // -------------------------------------------------------------------------
     // UserAuthorityGroup
     // -------------------------------------------------------------------------

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml	2014-12-22 11:16:13 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml	2014-12-23 10:59:45 +0000
@@ -591,6 +591,7 @@
 
   <bean id="org.hisp.dhis.user.UserService" class="org.hisp.dhis.user.DefaultUserService">
     <property name="userStore" ref="org.hisp.dhis.user.UserStore" />
+    <property name="userGroupService" ref="org.hisp.dhis.user.UserGroupService" />
     <property name="userCredentialsStore" ref="org.hisp.dhis.user.UserCredentialsStore" />
     <property name="userAuthorityGroupStore" ref="org.hisp.dhis.user.UserAuthorityGroupStore" />
     <property name="currentUserService" ref="org.hisp.dhis.user.CurrentUserService" />