dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #34725
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 17803: Impl method for getting user credentials with less authorities than given user with HQL
------------------------------------------------------------
revno: 17803
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Fri 2014-12-26 19:56:34 +0100
message:
Impl method for getting user credentials with less authorities than given user with HQL
added:
dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserCredentialsStoreTest.java
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentialsStore.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java
dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserStoreTest.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentialsStore.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentialsStore.java 2014-10-01 13:56:33 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentialsStore.java 2014-12-26 18:56:34 +0000
@@ -32,6 +32,7 @@
import java.util.Collection;
import java.util.Date;
+import java.util.List;
/**
* @author Lars Helge Overland
@@ -98,6 +99,10 @@
*/
void deleteUserCredentials( UserCredentials userCredentials );
+ UserCredentials getUserCredentialsByOpenID( String openId );
+
+ List<UserCredentials> getUserCredentialsWithLessAuthorities( UserCredentials userCredentials );
+
Collection<UserCredentials> searchUsersByName( String key );
Collection<UserCredentials> searchUsersByName( String key, int first, int max );
@@ -140,6 +145,4 @@
int getUsersByOrganisationUnitCountByName( OrganisationUnit orgUnit, String name );
Collection<String> getUsernames( String key, Integer max );
-
- UserCredentials getUserCredentialsByOpenID( String openId );
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2014-12-26 13:22:45 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2014-12-26 18:56:34 +0000
@@ -729,7 +729,7 @@
{
return userCredentialsStore.getActiveUsersCount( since );
}
-
+
@Override
public void canUpdateUsersFilter( Collection<User> users )
{
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java 2014-12-19 15:42:38 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java 2014-12-26 18:56:34 +0000
@@ -32,6 +32,7 @@
import java.util.Collection;
import java.util.Date;
import java.util.List;
+import java.util.Set;
import org.hibernate.Criteria;
import org.hibernate.Query;
@@ -72,7 +73,7 @@
{
this.userService = userService;
}
-
+
// -------------------------------------------------------------------------
// UserCredentials
// -------------------------------------------------------------------------
@@ -134,6 +135,25 @@
return (UserCredentials) query.uniqueResult();
}
+ @SuppressWarnings("unchecked")
+ public List<UserCredentials> getUserCredentialsWithLessAuthorities( UserCredentials userCredentials )
+ {
+ Session session = sessionFactory.getCurrentSession();
+
+ Set<String> auths = userCredentials.getAllAuthorities();
+
+ String hql =
+ "select uc from UserCredentials uc " +
+ "where not exists (" +
+ "select uc2 from UserCredentials uc2 " +
+ "inner join uc2.userAuthorityGroups ag " +
+ "inner join ag.authorities a " +
+ "where uc2.id = uc.id " +
+ "and a not in (:auths) )";
+
+ return session.createQuery( hql ).setParameterList( "auths", auths ).list();
+ }
+
@Override
@SuppressWarnings("unchecked")
public Collection<UserCredentials> getAllUserCredentials()
=== added file 'dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserCredentialsStoreTest.java'
--- dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserCredentialsStoreTest.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserCredentialsStoreTest.java 2014-12-26 18:56:34 +0000
@@ -0,0 +1,144 @@
+package org.hisp.dhis.user;
+
+/*
+ * Copyright (c) 2004-2014, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.util.List;
+
+import org.hisp.dhis.DhisSpringTest;
+import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+
+/**
+ * @author Lars Helge Overland
+ */
+public class UserCredentialsStoreTest
+ extends DhisSpringTest
+{
+ @Autowired
+ private UserCredentialsStore userCredentialsStore;
+
+ @Autowired
+ private UserService userService;
+
+ private UserAuthorityGroup roleA;
+ private UserAuthorityGroup roleB;
+ private UserAuthorityGroup roleC;
+
+ @Override
+ public void setUpTest()
+ throws Exception
+ {
+ roleA = createUserAuthorityGroup( 'A' );
+ roleB = createUserAuthorityGroup( 'B' );
+ roleC = createUserAuthorityGroup( 'C' );
+
+ roleA.getAuthorities().add( "AuthA" );
+ roleA.getAuthorities().add( "AuthB" );
+ roleA.getAuthorities().add( "AuthC" );
+ roleA.getAuthorities().add( "AuthD" );
+
+ roleB.getAuthorities().add( "AuthA" );
+ roleB.getAuthorities().add( "AuthB" );
+
+ roleC.getAuthorities().add( "AuthC" );
+
+ userService.addUserAuthorityGroup( roleA );
+ userService.addUserAuthorityGroup( roleB );
+ userService.addUserAuthorityGroup( roleC );
+ }
+
+ @Test
+ public void testAddGetUserCredentials()
+ {
+ User userA = createUser( 'A' );
+ User userB = createUser( 'B' );
+
+ UserCredentials credentialsA = createUserCredentials( 'A', userA );
+ UserCredentials credentialsB = createUserCredentials( 'B', userB );
+
+ int idA = userCredentialsStore.addUserCredentials( credentialsA );
+ int idB = userCredentialsStore.addUserCredentials( credentialsB );
+
+ assertEquals( credentialsA, userCredentialsStore.getUserCredentials( idA ) );
+ assertEquals( credentialsB, userCredentialsStore.getUserCredentials( idB ) );
+ }
+
+ @Test
+ public void testGetUserCredentialsWithLessAuthorities()
+ {
+ User userA = createUser( 'A' );
+ User userB = createUser( 'B' );
+ User userC = createUser( 'C' );
+ User userD = createUser( 'D' );
+
+ UserCredentials credentialsA = createUserCredentials( 'A', userA );
+ UserCredentials credentialsB = createUserCredentials( 'B', userB );
+ UserCredentials credentialsC = createUserCredentials( 'C', userC );
+ UserCredentials credentialsD = createUserCredentials( 'D', userD );
+
+ credentialsA.getUserAuthorityGroups().add( roleA );
+ credentialsB.getUserAuthorityGroups().add( roleB );
+ credentialsB.getUserAuthorityGroups().add( roleC );
+ credentialsC.getUserAuthorityGroups().add( roleB );
+ credentialsD.getUserAuthorityGroups().add( roleC );
+
+ userCredentialsStore.addUserCredentials( credentialsA );
+ userCredentialsStore.addUserCredentials( credentialsB );
+ userCredentialsStore.addUserCredentials( credentialsC );
+ userCredentialsStore.addUserCredentials( credentialsD );
+
+ List<UserCredentials> userCredentials = userCredentialsStore.getUserCredentialsWithLessAuthorities( credentialsA );
+
+ assertEquals( 4, userCredentials.size() );
+ assertTrue( userCredentials.contains( credentialsA ) );
+ assertTrue( userCredentials.contains( credentialsB ) );
+ assertTrue( userCredentials.contains( credentialsC ) );
+ assertTrue( userCredentials.contains( credentialsD ) );
+
+ userCredentials = userCredentialsStore.getUserCredentialsWithLessAuthorities( credentialsB );
+
+ assertEquals( 3, userCredentials.size() );
+ assertTrue( userCredentials.contains( credentialsB ) );
+ assertTrue( userCredentials.contains( credentialsC ) );
+ assertTrue( userCredentials.contains( credentialsD ) );
+
+ userCredentials = userCredentialsStore.getUserCredentialsWithLessAuthorities( credentialsC );
+
+ assertEquals( 1, userCredentials.size() );
+ assertTrue( userCredentials.contains( credentialsC ) );
+
+ userCredentials = userCredentialsStore.getUserCredentialsWithLessAuthorities( credentialsD );
+
+ assertEquals( 1, userCredentials.size() );
+ assertTrue( userCredentials.contains( credentialsD ) );
+ }
+}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserStoreTest.java'
--- dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserStoreTest.java 2014-12-26 16:55:20 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserStoreTest.java 2014-12-26 18:56:34 +0000
@@ -53,9 +53,6 @@
private UserStore userStore;
@Autowired
- private UserCredentialsStore userCredentialsStore;
-
- @Autowired
private OrganisationUnitService organisationUnitService;
private OrganisationUnit unit1;
@@ -134,22 +131,6 @@
}
@Test
- public void testAddGetUserCredentials()
- {
- User userA = createUser( 'A' );
- User userB = createUser( 'B' );
-
- UserCredentials credentialsA = createUserCredentials( 'A', userA );
- UserCredentials credentialsB = createUserCredentials( 'B', userB );
-
- int idA = userCredentialsStore.addUserCredentials( credentialsA );
- int idB = userCredentialsStore.addUserCredentials( credentialsB );
-
- assertEquals( credentialsA, userCredentialsStore.getUserCredentials( idA ) );
- assertEquals( credentialsB, userCredentialsStore.getUserCredentials( idB ) );
- }
-
- @Test
public void testGetUsersWithoutOrganisationUnit()
{
User userA = createUser( 'A' );
