dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #36341
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 18610: Sharing. Minor performance fixes. Using user.isSuper instead of override sharing auth.
------------------------------------------------------------
revno: 18610
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Mon 2015-03-16 14:12:20 +0100
message:
Sharing. Minor performance fixes. Using user.isSuper instead of override sharing auth.
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java
dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/MessageConversationController.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java 2015-03-16 13:12:20 +0000
@@ -31,16 +31,11 @@
import org.hisp.dhis.common.IdentifiableObject;
import org.hisp.dhis.user.User;
-import java.util.Arrays;
-import java.util.List;
-
/**
* @author Morten Olav Hansen <mortenoh@xxxxxxxxx>
*/
public interface AclService
{
- public static final List<String> ACL_OVERRIDE_AUTHORITIES = Arrays.asList( "ALL" );
-
/**
* Is type supported for acl?
*
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java 2015-03-16 13:12:20 +0000
@@ -280,7 +280,7 @@
private boolean haveOverrideAuthority( User user )
{
- return user == null || haveAuthority( user, ACL_OVERRIDE_AUTHORITIES );
+ return user == null || user.isSuper();
}
private boolean canAccess( User user, Collection<String> requiredAuthorities )
=== modified file 'dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java'
--- dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java 2015-02-18 13:08:37 +0000
+++ dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java 2015-03-16 13:12:20 +0000
@@ -28,7 +28,9 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-import com.google.common.collect.Lists;
+import java.util.ArrayList;
+import java.util.List;
+
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.Criteria;
@@ -62,10 +64,8 @@
import org.springframework.beans.factory.annotation.Required;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.util.Assert;
-import org.springframework.util.CollectionUtils;
-import java.util.ArrayList;
-import java.util.List;
+import com.google.common.collect.Lists;
/**
* @author Lars Helge Overland
@@ -186,14 +186,16 @@
public final Criteria getSharingCriteria()
{
- return getSharingCriteria( currentUserService.getCurrentUser(), "r%" );
+ return getSharingCriteria( "r%" );
}
- protected final Criteria getSharingCriteria( User user, String access )
+ private final Criteria getSharingCriteria( String access )
{
Criteria criteria = sessionFactory.getCurrentSession().createCriteria( getClazz(), "c" ).setCacheable( cacheable );
- if ( !sharingEnabled() || user == null )
+ User user = currentUserService.getCurrentUser();
+
+ if ( !sharingEnabled( user ) || user == null )
{
return criteria;
}
@@ -358,8 +360,8 @@
private boolean checkPublicAccess( User user, IdentifiableObject identifiableObject )
{
return aclService.canCreatePublic( user, identifiableObject.getClass() ) ||
- (aclService.canCreatePrivate( user, identifiableObject.getClass() ) &&
- !AccessStringHelper.canReadOrWrite( identifiableObject.getPublicAccess() ));
+ ( aclService.canCreatePrivate( user, identifiableObject.getClass() ) &&
+ !AccessStringHelper.canReadOrWrite( identifiableObject.getPublicAccess() ) );
}
@Override
@@ -535,10 +537,9 @@
return Dashboard.class.isAssignableFrom( clazz );
}
- protected boolean sharingEnabled()
+ protected boolean sharingEnabled( User currentUser )
{
- return forceAcl() || (aclService.isShareable( clazz ) && !(currentUserService.getCurrentUser() == null ||
- CollectionUtils.containsAny( currentUserService.getCurrentUser().getUserCredentials().getAllAuthorities(), AclService.ACL_OVERRIDE_AUTHORITIES )));
+ return forceAcl() || ( aclService.isShareable( clazz ) && !( currentUser == null || currentUser.isSuper() ) );
}
protected boolean isReadAllowed( T object )
@@ -547,9 +548,11 @@
{
IdentifiableObject idObject = (IdentifiableObject) object;
- if ( sharingEnabled() )
+ User currentUser = currentUserService.getCurrentUser();
+
+ if ( sharingEnabled( currentUser ) )
{
- return aclService.canRead( currentUserService.getCurrentUser(), idObject );
+ return aclService.canRead( currentUser, idObject );
}
}
@@ -562,9 +565,11 @@
{
IdentifiableObject idObject = (IdentifiableObject) object;
- if ( sharingEnabled() )
+ User currentUser = currentUserService.getCurrentUser();
+
+ if ( sharingEnabled( currentUser ) )
{
- return aclService.canWrite( currentUserService.getCurrentUser(), idObject );
+ return aclService.canWrite( currentUser, idObject );
}
}
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/MessageConversationController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/MessageConversationController.java 2015-02-25 06:32:18 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/MessageConversationController.java 2015-03-16 13:12:20 +0000
@@ -28,12 +28,18 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-import com.google.common.collect.Lists;
-import org.hisp.dhis.acl.AclService;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import org.hisp.dhis.common.Pager;
import org.hisp.dhis.dxf2.common.ImportOptions;
+import org.hisp.dhis.dxf2.common.JacksonUtils;
import org.hisp.dhis.dxf2.common.TranslateOptions;
-import org.hisp.dhis.dxf2.common.JacksonUtils;
import org.hisp.dhis.hibernate.exception.DeleteAccessDeniedException;
import org.hisp.dhis.hibernate.exception.UpdateAccessDeniedException;
import org.hisp.dhis.message.MessageService;
@@ -65,12 +71,7 @@
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
+import com.google.common.collect.Lists;
/**
* @author Morten Olav Hansen <mortenoh@xxxxxxxxx>
@@ -548,7 +549,7 @@
*/
private boolean canModifyUserConversation( User currentUser, User user )
{
- return currentUser.equals( user ) || currentUser.getUserCredentials().hasAnyAuthority( AclService.ACL_OVERRIDE_AUTHORITIES );
+ return currentUser.equals( user ) || currentUser.isSuper();
}
/**
@@ -560,7 +561,7 @@
*/
private boolean canReadMessageConversation( User user, org.hisp.dhis.message.MessageConversation messageConversation )
{
- return messageConversation.getUsers().contains( user ) || user.getUserCredentials().hasAnyAuthority( AclService.ACL_OVERRIDE_AUTHORITIES );
+ return messageConversation.getUsers().contains( user ) || user.isSuper();
}
/**
