← Back to team overview

dhis2-devs team mailing list archive

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 18123: User management. Validation of user queries.

 

------------------------------------------------------------
revno: 18123
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Mon 2015-01-26 08:32:36 -0500
message:
  User management. Validation of user queries.
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java
  dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java	2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java	2015-01-26 13:32:36 +0000
@@ -261,6 +261,19 @@
         return managedGroups;
     }
     
+    public boolean hasManagedGroups()
+    {
+        for ( UserGroup group : groups )
+        {
+            if ( group != null && group.getManagedGroups() != null && !group.getManagedGroups().isEmpty() )
+            {
+                return true;
+            }
+        }
+        
+        return false;
+    }
+    
     /**
      * Indicates whether this user can manage the given user group.
      * 

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2015-01-26 13:32:36 +0000
@@ -188,6 +188,23 @@
 
         return authorities;
     }
+    
+    /**
+     * Indicates whether this user credentials has at least one authority through
+     * its user authority groups.
+     */
+    public boolean hasAuthorities()
+    {
+        for ( UserAuthorityGroup group : userAuthorityGroups )
+        {
+            if ( group != null && group.getAuthorities() != null && !group.getAuthorities().isEmpty() )
+            {
+                return true;
+            }
+        }
+        
+        return false;
+    }
 
     /**
      * Tests whether this user credentials has any of the authorities in the
@@ -401,7 +418,15 @@
     }
 
     /**
-     * Indicates whether this user has dimension constraints.
+     * Indicates whether this user credentials has user authority groups.
+     */
+    public boolean hasUserAuthorityGroups()
+    {
+        return userAuthorityGroups != null && !userAuthorityGroups.isEmpty();
+    }
+    
+    /**
+     * Indicates whether this user credentials has dimension constraints.
      */
     public boolean hasDimensionConstraints()
     {

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java	2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java	2015-01-26 13:32:36 +0000
@@ -55,6 +55,8 @@
 import org.hisp.dhis.system.util.FilterUtils;
 import org.springframework.transaction.annotation.Transactional;
 
+import com.google.common.collect.Lists;
+
 /**
  * @author Chau Thu Tran
  */
@@ -217,6 +219,12 @@
     public List<User> getUsers( UserQueryParams params )
     {
         handleUserQueryParams( params );
+
+        if ( !validateUserQueryParams( params ) )
+        {
+            return Lists.newArrayList();
+        }
+        
         return userStore.getUsers( params );
     }
 
@@ -224,6 +232,12 @@
     public int getUserCount( UserQueryParams params )
     {
         handleUserQueryParams( params );
+
+        if ( !validateUserQueryParams( params ) )
+        {
+            return 0;
+        }
+        
         return userStore.getUserCount( params );
     }
     
@@ -251,6 +265,29 @@
             params.setInactiveSince( cal.getTime() );
         }
     }
+
+    public boolean validateUserQueryParams( UserQueryParams params )
+    {
+        if ( params.isCanManage() && ( params.getUser() == null || !params.getUser().hasManagedGroups() ) )
+        {
+            log.warn( "Cannot get managed users as user does not have any managed groups" );
+            return false;
+        }
+        
+        if ( params.isAuthSubset() && ( params.getUser() == null || !params.getUser().getUserCredentials().hasAuthorities() ) )
+        {
+            log.warn( "Cannot get users with authority subset as user does not have any authorities" );
+            return false;
+        }
+        
+        if ( params.isDisjointRoles() && ( params.getUser() == null || !params.getUser().getUserCredentials().hasUserAuthorityGroups() ) )
+        {
+            log.warn( "Cannot get users with disjoint roles as user does not have any user roles" );
+            return false;
+        }
+        
+        return true;
+    }
     
     @Override
     public List<User> getUsersByPhoneNumber( String phoneNumber )

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java'
--- dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java	2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java	2015-01-26 13:32:36 +0000
@@ -166,6 +166,10 @@
     @Test
     public void testManagedGroups()
     {
+        systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+        
+        // TODO find way to override in parameters
+        
         User userA = createUser( 'A' );
         User userB = createUser( 'B' );
         User userC = createUser( 'C' );
@@ -222,6 +226,8 @@
     @Test
     public void testGetByPhoneNumber()
     {
+        systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+        
         User userA = createUser( 'A' );
         User userB = createUser( 'B' );
         User userC = createUser( 'C' );
@@ -251,6 +257,8 @@
     @Test
     public void testGetManagedGroups()
     {
+        systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+        
         User userA = createUser( 'A' );
         User userB = createUser( 'B' );
         User userC = createUser( 'C' );
@@ -306,7 +314,6 @@
 
         UserQueryParams params = new UserQueryParams( userA );
         params.setCanManage( true );
-        params.setAuthSubset( true );
         params.setFirst( 0 );
         params.setMax( 1 );
 
@@ -340,6 +347,8 @@
     @Test
     public void testGetManagedGroupsLessAuthorities()
     {
+        systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+        
         User userA = createUser( 'A' );
         User userB = createUser( 'B' );
         User userC = createUser( 'C' );
@@ -509,6 +518,8 @@
     @Test
     public void testGetManagedGroupsSearch()
     {
+        systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+        
         User userA = createUser( 'A' );
         User userB = createUser( 'B' );
         User userC = createUser( 'C' );
@@ -551,6 +562,8 @@
     @Test
     public void testGetManagedGroupsSelfRegistered()
     {
+        systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+        
         User userA = createUser( 'A' );
         User userB = createUser( 'B' );
         User userC = createUser( 'C' );
@@ -589,6 +602,8 @@
     @Test
     public void testGetManagedGroupsOrganisationUnit()
     {
+        systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+        
         User userA = createUser( 'A' );
         User userB = createUser( 'B' );
         User userC = createUser( 'C' );
@@ -630,6 +645,8 @@
     @Test
     public void testGetInvitations()
     {
+        systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+        
         User userA = createUser( 'A' );
         User userB = createUser( 'B' );
         User userC = createUser( 'C' );