dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #34721
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 17800: UserController, support for filter for users which can be managed by the current user
------------------------------------------------------------
revno: 17800
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Fri 2014-12-26 13:27:14 +0100
message:
UserController, support for filter for users which can be managed by the current user
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java
dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AbstractCrudController.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/webdomain/WebOptions.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2014-12-25 15:08:25 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2014-12-26 12:27:14 +0000
@@ -182,7 +182,7 @@
* @param max the max number of records to return.
* @return a List of users.
*/
- List<User> getManagedUsers( User user, int first, int max );
+ List<User> getManagedUsersBetween( User user, int first, int max );
/**
* Tests whether the current user is allowed to create a user associated
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java 2014-12-25 15:05:06 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java 2014-12-26 12:27:14 +0000
@@ -84,5 +84,5 @@
* @param max the max number of records to return.
* @return a List of users.
*/
- List<User> getManagedUsers( User user, int first, int max );
+ List<User> getManagedUsersBetween( User user, int first, int max );
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2014-12-25 15:05:06 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2014-12-26 12:27:14 +0000
@@ -210,9 +210,9 @@
}
@Override
- public List<User> getManagedUsers( User user, int first, int max )
+ public List<User> getManagedUsersBetween( User user, int first, int max )
{
- return userStore.getManagedUsers( user, first, max );
+ return userStore.getManagedUsersBetween( user, first, max );
}
@Override
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java 2014-12-25 15:05:06 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java 2014-12-26 12:27:14 +0000
@@ -131,7 +131,7 @@
@Override
@SuppressWarnings("unchecked")
- public List<User> getManagedUsers( User user, int first, int max )
+ public List<User> getManagedUsersBetween( User user, int first, int max )
{
Collection<Integer> managedGroups = IdentifiableObjectUtils.getIdentifiers( user.getManagedGroups() );
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java'
--- dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java 2014-12-25 15:05:06 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java 2014-12-26 12:27:14 +0000
@@ -224,7 +224,7 @@
assertTrue( users.contains( userC ) );
assertTrue( users.contains( userD ) );
- users = userService.getManagedUsers( userA, 0, 1 );
+ users = userService.getManagedUsersBetween( userA, 0, 1 );
assertEquals( 1, users.size() );
@@ -234,6 +234,10 @@
assertTrue( users.contains( userC ) );
assertTrue( users.contains( userD ) );
+ users = userService.getManagedUsersBetween( userB, 0, 1 );
+
+ assertEquals( 1, users.size() );
+
users = userService.getManagedUsers( userC );
assertEquals( 0, users.size() );
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AbstractCrudController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AbstractCrudController.java 2014-12-25 10:43:54 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AbstractCrudController.java 2014-12-26 12:27:14 +0000
@@ -194,7 +194,7 @@
}
else
{
- // Get full list when using filters other than name
+ // Get full list when using filters other than name / objects without persisted name
if ( !filters.isEmpty() )
{
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java 2014-12-24 14:44:09 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java 2014-12-26 12:27:14 +0000
@@ -33,7 +33,6 @@
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
-import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -44,11 +43,11 @@
import org.hisp.dhis.dxf2.importsummary.ImportSummary;
import org.hisp.dhis.dxf2.metadata.ImportTypeSummary;
import org.hisp.dhis.importexport.ImportStrategy;
-import org.hisp.dhis.node.types.RootNode;
import org.hisp.dhis.schema.descriptors.UserSchemaDescriptor;
import org.hisp.dhis.security.RestoreOptions;
import org.hisp.dhis.security.SecurityService;
import org.hisp.dhis.setting.SystemSettingManager;
+import org.hisp.dhis.user.CurrentUserService;
import org.hisp.dhis.user.User;
import org.hisp.dhis.user.UserAuthorityGroup;
import org.hisp.dhis.user.UserCredentials;
@@ -60,12 +59,10 @@
import org.hisp.dhis.webapi.webdomain.WebMetaData;
import org.hisp.dhis.webapi.webdomain.WebOptions;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
import com.google.common.base.Optional;
import com.google.common.collect.Lists;
@@ -87,6 +84,9 @@
@Autowired
private UserGroupService userGroupService;
+
+ @Autowired
+ private CurrentUserService currentUserService;
@Autowired
private SecurityService securityService;
@@ -99,27 +99,10 @@
// -------------------------------------------------------------------------
@Override
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_VIEW')" )
- public RootNode getObjectList( @RequestParam Map<String, String> parameters, HttpServletResponse response, HttpServletRequest request )
- {
- //TODO: Allow user with F_USER_VIEW_WITHIN_MANAGED_GROUP and restrict viewing to within managed groups.
-
- return super.getObjectList( parameters, response, request );
- }
-
- @Override
- @PreAuthorize( "hasRole('ALL') or hasRole('F_USER_VIEW')" )
- public RootNode getObject( @PathVariable( "uid" ) String uid, @RequestParam Map<String, String> parameters,
- HttpServletRequest request, HttpServletResponse response ) throws Exception
- {
- //TODO: Allow user with F_USER_VIEW_WITHIN_MANAGED_GROUP and restrict viewing to within managed groups.
-
- return super.getObject( uid, parameters, request, response );
- }
-
- @Override
protected List<User> getEntityList( WebMetaData metaData, WebOptions options, List<String> filters )
{
+ User user = currentUserService.getCurrentUser();
+
List<User> entityList;
if ( options.getOptions().containsKey( "query" ) )
@@ -133,11 +116,25 @@
Pager pager = new Pager( options.getPage(), count );
metaData.setPager( pager );
- entityList = new ArrayList<>( userService.getAllUsersBetween( pager.getOffset(), pager.getPageSize() ) );
+ if ( options.isManage() )
+ {
+ entityList = new ArrayList<>( userService.getManagedUsersBetween( user, pager.getOffset(), pager.getPageSize() ) );
+ }
+ else
+ {
+ entityList = new ArrayList<>( userService.getAllUsersBetween( pager.getOffset(), pager.getPageSize() ) );
+ }
}
else
{
- entityList = new ArrayList<>( userService.getAllUsers() );
+ if ( options.isManage() )
+ {
+ entityList = new ArrayList<>( userService.getManagedUsers( user ) );
+ }
+ else
+ {
+ entityList = new ArrayList<>( userService.getAllUsers() );
+ }
}
return entityList;
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/webdomain/WebOptions.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/webdomain/WebOptions.java 2014-06-11 20:27:54 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/webdomain/WebOptions.java 2014-12-26 12:27:14 +0000
@@ -67,7 +67,7 @@
{
return stringAsInt( options.get( "page" ), 1 );
}
-
+
public String getViewClass()
{
return stringAsString( options.get( "viewClass" ), null );
@@ -82,4 +82,9 @@
{
return stringAsInt( options.get( "pageSize" ), Pager.DEFAULT_PAGE_SIZE );
}
+
+ public boolean isManage()
+ {
+ return stringAsBoolean( options.get( "manage" ), false );
+ }
}
