dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #38064
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 19431: Removed system setting for allowing user invitations, and instead always allow it when a SMTP ser...
------------------------------------------------------------
revno: 19431
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2015-06-17 15:37:50 +0200
message:
Removed system setting for allowing user invitations, and instead always allow it when a SMTP server is configured. Creating user invitations is in most cases more secure than creating accounts directly, as people typically either set weak default passwords or email passwords in clear text to distribute account information.
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/SystemSettingInterceptor.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/java/org/hisp/dhis/settings/action/system/SetAccessSettingsAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemAccessSettings.vm
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/SetupTreeAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java 2015-06-16 05:11:29 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java 2015-06-17 13:37:50 +0000
@@ -84,7 +84,6 @@
final String KEY_SCHEDULE_AGGREGATE_QUERY_BUILDER_TASK_STRATEGY = "scheduleAggregateQueryBuilderTackStrategy";
final String KEY_CONFIGURATION = "keyConfig";
final String KEY_ACCOUNT_RECOVERY = "keyAccountRecovery";
- final String KEY_ACCOUNT_INVITE = "keyAccountInvite";
final String KEY_LAST_MONITORING_RUN = "keyLastMonitoringRun";
final String KEY_GOOGLE_ANALYTICS_UA = "googleAnalyticsUA";
final String KEY_CREDENTIALS_EXPIRES = "credentialsExpires";
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/SystemSettingInterceptor.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/SystemSettingInterceptor.java 2015-06-09 12:52:15 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/SystemSettingInterceptor.java 2015-06-17 13:37:50 +0000
@@ -112,7 +112,6 @@
map.put( KEY_PHONE_NUMBER_AREA_CODE, systemSettingManager.getSystemSetting( KEY_PHONE_NUMBER_AREA_CODE, "" ) );
map.put( KEY_MULTI_ORGANISATION_UNIT_FORMS, systemSettingManager.getSystemSetting( KEY_MULTI_ORGANISATION_UNIT_FORMS, false ) );
map.put( KEY_ACCOUNT_RECOVERY, systemSettingManager.getSystemSetting( KEY_ACCOUNT_RECOVERY, false ) );
- map.put( KEY_ACCOUNT_INVITE, systemSettingManager.getSystemSetting( KEY_ACCOUNT_INVITE, false ) );
map.put( KEY_CONFIGURATION, configurationService.getConfiguration() );
map.put( KEY_APP_BASE_URL, systemSettingManager.getSystemSetting( KEY_APP_BASE_URL ) );
map.put( KEY_INSTANCE_BASE_URL, systemSettingManager.getSystemSetting( KEY_INSTANCE_BASE_URL ) );
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/java/org/hisp/dhis/settings/action/system/SetAccessSettingsAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/java/org/hisp/dhis/settings/action/system/SetAccessSettingsAction.java 2015-06-09 12:52:15 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/java/org/hisp/dhis/settings/action/system/SetAccessSettingsAction.java 2015-06-17 13:37:50 +0000
@@ -28,7 +28,6 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-import static org.hisp.dhis.setting.SystemSettingManager.KEY_ACCOUNT_INVITE;
import static org.hisp.dhis.setting.SystemSettingManager.KEY_ACCOUNT_RECOVERY;
import static org.hisp.dhis.setting.SystemSettingManager.KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS;
import static org.hisp.dhis.setting.SystemSettingManager.KEY_CREDENTIALS_EXPIRES;
@@ -104,13 +103,6 @@
this.accountRecovery = accountRecovery;
}
- private Boolean accountInvite;
-
- public void setAccountInvite( Boolean accountInvite )
- {
- this.accountInvite = accountInvite;
- }
-
private Boolean canGrantOwnUserAuthorityGroups;
public void setCanGrantOwnUserAuthorityGroups( Boolean canGrantOwnUserAuthorityGroups )
@@ -197,7 +189,6 @@
configurationService.setConfiguration( config );
systemSettingManager.saveSystemSetting( KEY_ACCOUNT_RECOVERY, accountRecovery );
- systemSettingManager.saveSystemSetting( KEY_ACCOUNT_INVITE, accountInvite );
systemSettingManager.saveSystemSetting( KEY_CAN_GRANT_OWN_USER_AUTHORITY_GROUPS, canGrantOwnUserAuthorityGroups );
systemSettingManager.saveSystemSetting( KEY_ALLOW_OBJECT_ASSIGNMENT, allowObjectAssignment );
systemSettingManager.saveSystemSetting( KEY_SELF_REGISTRATION_NO_RECAPTCHA, selfRegistrationNoRecaptcha );
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemAccessSettings.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemAccessSettings.vm 2015-06-09 12:52:15 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemAccessSettings.vm 2015-06-17 13:37:50 +0000
@@ -21,7 +21,6 @@
selfRegistrationOrgUnit: jQuery( "#selfRegistrationOrgUnit" ).val(),
selfRegistrationNoRecaptcha: jQuery( '#selfRegistrationNoRecaptcha' ).is( ':checked' ),
accountRecovery: jQuery( '#accountRecovery' ).is( ':checked' ),
- accountInvite: jQuery( '#accountInvite' ).is( ':checked' ),
canGrantOwnUserAuthorityGroups: jQuery( '#canGrantOwnUserAuthorityGroups' ).is( ':checked' ),
allowObjectAssignment: jQuery( '#allowObjectAssignment' ).is( ':checked' ),
credentialsExpires: jQuery( '#credentialsExpires' ).val(),
@@ -89,11 +88,6 @@
</div>
<div class="setting">
- <input type="checkbox" id="accountInvite" name="accountInvite"#if( $keyAccountInvite ) checked="checked"#end>
- <label for="accountInvite">$i18n.getString( "enable_user_account_invite" )</label>
-</div>
-
-<div class="setting">
<input type="checkbox" id="canGrantOwnUserAuthorityGroups" name="canGrantOwnUserAuthorityGroups"#if( $keyCanGrantOwnUserAuthorityGroups ) checked="checked"#end>
<label for="canGrantOwnUserAuthorityGroups">$i18n.getString( "allow_users_to_grant_own_user_roles" )</label>
</div>
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/SetupTreeAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/SetupTreeAction.java 2015-01-17 07:41:26 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/SetupTreeAction.java 2015-06-17 13:37:50 +0000
@@ -46,6 +46,7 @@
import org.hisp.dhis.i18n.locale.LocaleManager;
import org.hisp.dhis.oust.manager.SelectionTreeManager;
import org.hisp.dhis.ouwt.manager.OrganisationUnitSelectionManager;
+import org.hisp.dhis.setting.SystemSettingManager;
import org.hisp.dhis.system.util.AttributeUtils;
import org.hisp.dhis.user.User;
import org.hisp.dhis.user.UserAuthorityGroup;
@@ -112,6 +113,9 @@
@Autowired
private UserSettingService userSettingService;
+
+ @Autowired
+ private SystemSettingManager systemSettingManager;
// -------------------------------------------------------------------------
// Input & Output
@@ -200,6 +204,13 @@
{
return attributeValues;
}
+
+ private boolean allowInvite;
+
+ public boolean isAllowInvite()
+ {
+ return allowInvite;
+ }
// -------------------------------------------------------------------------
// Action implementation
@@ -261,6 +272,8 @@
attributes = new ArrayList<>( attributeService.getUserAttributes() );
Collections.sort( attributes, AttributeSortOrderComparator.INSTANCE );
+ allowInvite = systemSettingManager.emailEnabled();
+
return SUCCESS;
}
}
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2014-11-20 15:06:59 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2015-06-17 13:37:50 +0000
@@ -78,7 +78,7 @@
<table>
<col style="width: 120px"/>
- #if ( $keyAccountInvite )
+ #if ( $allowInvite )
<tr>
<td><label>$i18n.getString( "action" )</label></td>
<td>