dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 19343: Added method to AclService, canRead() for Class<?>, used in cases where READ authority is set in ...

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Wed, 10 Jun 2015 12:31:29 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 19343
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2015-06-10 19:26:55 +0700
message:
  Added method to AclService, canRead() for Class<?>, used in cases where READ authority is set in SchemaDescriptor, will be used in AbstractCrudController to secure certain object types
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java	2015-05-26 01:50:39 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java	2015-06-10 12:26:55 +0000
@@ -135,6 +135,15 @@
     boolean canManage( User user, IdentifiableObject object );
 
     /**
+     * Can read an objects of this type.
+     *
+     * @param user  User to User to check against
+     * @param klass Type to check against
+     * @return Result of test
+     */
+    <T extends IdentifiableObject> boolean canRead( User user, Class<T> klass );
+
+    /**
      * Can create an object of this type.
      *
      * @param user  User to User to check against

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java	2015-05-26 01:50:39 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java	2015-06-10 12:26:55 +0000
@@ -215,6 +215,15 @@
     }
 
     @Override
+    public <T extends IdentifiableObject> boolean canRead( User user, Class<T> klass )
+    {
+        Schema schema = schemaService.getSchema( klass );
+
+        return schema != null &&
+            (schema.getAuthorityByType( AuthorityType.READ ) == null || canAccess( user, schema.getAuthorityByType( AuthorityType.READ ) ));
+    }
+
+    @Override
     public <T extends IdentifiableObject> boolean canCreate( User user, Class<T> klass )
     {
         Schema schema = schemaService.getSchema( klass );