dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #35333
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 18123: User management. Validation of user queries.
------------------------------------------------------------
revno: 18123
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Mon 2015-01-26 08:32:36 -0500
message:
User management. Validation of user queries.
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java
dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java 2015-01-26 13:32:36 +0000
@@ -261,6 +261,19 @@
return managedGroups;
}
+ public boolean hasManagedGroups()
+ {
+ for ( UserGroup group : groups )
+ {
+ if ( group != null && group.getManagedGroups() != null && !group.getManagedGroups().isEmpty() )
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
/**
* Indicates whether this user can manage the given user group.
*
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2015-01-26 13:32:36 +0000
@@ -188,6 +188,23 @@
return authorities;
}
+
+ /**
+ * Indicates whether this user credentials has at least one authority through
+ * its user authority groups.
+ */
+ public boolean hasAuthorities()
+ {
+ for ( UserAuthorityGroup group : userAuthorityGroups )
+ {
+ if ( group != null && group.getAuthorities() != null && !group.getAuthorities().isEmpty() )
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
/**
* Tests whether this user credentials has any of the authorities in the
@@ -401,7 +418,15 @@
}
/**
- * Indicates whether this user has dimension constraints.
+ * Indicates whether this user credentials has user authority groups.
+ */
+ public boolean hasUserAuthorityGroups()
+ {
+ return userAuthorityGroups != null && !userAuthorityGroups.isEmpty();
+ }
+
+ /**
+ * Indicates whether this user credentials has dimension constraints.
*/
public boolean hasDimensionConstraints()
{
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2015-01-26 13:32:36 +0000
@@ -55,6 +55,8 @@
import org.hisp.dhis.system.util.FilterUtils;
import org.springframework.transaction.annotation.Transactional;
+import com.google.common.collect.Lists;
+
/**
* @author Chau Thu Tran
*/
@@ -217,6 +219,12 @@
public List<User> getUsers( UserQueryParams params )
{
handleUserQueryParams( params );
+
+ if ( !validateUserQueryParams( params ) )
+ {
+ return Lists.newArrayList();
+ }
+
return userStore.getUsers( params );
}
@@ -224,6 +232,12 @@
public int getUserCount( UserQueryParams params )
{
handleUserQueryParams( params );
+
+ if ( !validateUserQueryParams( params ) )
+ {
+ return 0;
+ }
+
return userStore.getUserCount( params );
}
@@ -251,6 +265,29 @@
params.setInactiveSince( cal.getTime() );
}
}
+
+ public boolean validateUserQueryParams( UserQueryParams params )
+ {
+ if ( params.isCanManage() && ( params.getUser() == null || !params.getUser().hasManagedGroups() ) )
+ {
+ log.warn( "Cannot get managed users as user does not have any managed groups" );
+ return false;
+ }
+
+ if ( params.isAuthSubset() && ( params.getUser() == null || !params.getUser().getUserCredentials().hasAuthorities() ) )
+ {
+ log.warn( "Cannot get users with authority subset as user does not have any authorities" );
+ return false;
+ }
+
+ if ( params.isDisjointRoles() && ( params.getUser() == null || !params.getUser().getUserCredentials().hasUserAuthorityGroups() ) )
+ {
+ log.warn( "Cannot get users with disjoint roles as user does not have any user roles" );
+ return false;
+ }
+
+ return true;
+ }
@Override
public List<User> getUsersByPhoneNumber( String phoneNumber )
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java'
--- dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java 2015-01-26 13:32:36 +0000
@@ -166,6 +166,10 @@
@Test
public void testManagedGroups()
{
+ systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+
+ // TODO find way to override in parameters
+
User userA = createUser( 'A' );
User userB = createUser( 'B' );
User userC = createUser( 'C' );
@@ -222,6 +226,8 @@
@Test
public void testGetByPhoneNumber()
{
+ systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+
User userA = createUser( 'A' );
User userB = createUser( 'B' );
User userC = createUser( 'C' );
@@ -251,6 +257,8 @@
@Test
public void testGetManagedGroups()
{
+ systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+
User userA = createUser( 'A' );
User userB = createUser( 'B' );
User userC = createUser( 'C' );
@@ -306,7 +314,6 @@
UserQueryParams params = new UserQueryParams( userA );
params.setCanManage( true );
- params.setAuthSubset( true );
params.setFirst( 0 );
params.setMax( 1 );
@@ -340,6 +347,8 @@
@Test
public void testGetManagedGroupsLessAuthorities()
{
+ systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+
User userA = createUser( 'A' );
User userB = createUser( 'B' );
User userC = createUser( 'C' );
@@ -509,6 +518,8 @@
@Test
public void testGetManagedGroupsSearch()
{
+ systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+
User userA = createUser( 'A' );
User userB = createUser( 'B' );
User userC = createUser( 'C' );
@@ -551,6 +562,8 @@
@Test
public void testGetManagedGroupsSelfRegistered()
{
+ systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+
User userA = createUser( 'A' );
User userB = createUser( 'B' );
User userC = createUser( 'C' );
@@ -589,6 +602,8 @@
@Test
public void testGetManagedGroupsOrganisationUnit()
{
+ systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+
User userA = createUser( 'A' );
User userB = createUser( 'B' );
User userC = createUser( 'C' );
@@ -630,6 +645,8 @@
@Test
public void testGetInvitations()
{
+ systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, true );
+
User userA = createUser( 'A' );
User userB = createUser( 'B' );
User userC = createUser( 'C' );