dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #40824
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 20778: minor fixes in SharingController
------------------------------------------------------------
revno: 20778
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Tue 2015-10-20 10:28:57 +0700
message:
minor fixes in SharingController
modified:
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SchemaController.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SharingController.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SchemaController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SchemaController.java 2015-10-13 08:48:10 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SchemaController.java 2015-10-20 03:28:57 +0000
@@ -58,7 +58,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
-import java.util.Arrays;
+import java.util.Collections;
import java.util.List;
/**
@@ -126,7 +126,7 @@
{
linkService.generateSchemaLinks( schema );
- CollectionNode collectionNode = fieldFilterService.filter( Schema.class, Arrays.asList( schema ), fields );
+ CollectionNode collectionNode = fieldFilterService.filter( Schema.class, Collections.singletonList( schema ), fields );
return NodeUtils.createRootNode( collectionNode.getChildren().get( 0 ) );
}
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SharingController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SharingController.java 2015-07-14 07:21:33 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SharingController.java 2015-10-20 03:28:57 +0000
@@ -30,14 +30,16 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.hisp.dhis.security.acl.AccessStringHelper;
-import org.hisp.dhis.security.acl.AclService;
import org.hisp.dhis.common.BaseIdentifiableObject;
import org.hisp.dhis.common.IdentifiableObject;
import org.hisp.dhis.common.IdentifiableObjectManager;
import org.hisp.dhis.dxf2.common.JacksonUtils;
+import org.hisp.dhis.dxf2.render.RenderService;
import org.hisp.dhis.dxf2.webmessage.WebMessageException;
+import org.hisp.dhis.security.acl.AccessStringHelper;
+import org.hisp.dhis.security.acl.AclService;
import org.hisp.dhis.user.CurrentUserService;
+import org.hisp.dhis.user.User;
import org.hisp.dhis.user.UserGroup;
import org.hisp.dhis.user.UserGroupAccess;
import org.hisp.dhis.user.UserGroupAccessService;
@@ -49,6 +51,7 @@
import org.hisp.dhis.webapi.webdomain.sharing.SharingUserGroups;
import org.hisp.dhis.webapi.webdomain.sharing.comparator.SharingUserGroupAccessNameComparator;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@@ -91,7 +94,10 @@
@Autowired
private WebMessageService webMessageService;
- @RequestMapping( method = RequestMethod.GET, produces = { "application/json" } )
+ @Autowired
+ private RenderService renderService;
+
+ @RequestMapping( method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE )
public void getSharing( @RequestParam String type, @RequestParam String id, HttpServletResponse response ) throws IOException, WebMessageException
{
if ( !aclService.isShareable( type ) )
@@ -107,15 +113,17 @@
throw new WebMessageException( WebMessageUtils.notFound( "Object of type " + type + " with ID " + id + " was not found." ) );
}
- if ( !aclService.canManage( currentUserService.getCurrentUser(), object ) )
+ User user = currentUserService.getCurrentUser();
+
+ if ( !aclService.canManage( user, object ) )
{
throw new AccessDeniedException( "You do not have manage access to this object." );
}
Sharing sharing = new Sharing();
- sharing.getMeta().setAllowPublicAccess( aclService.canCreatePublic( currentUserService.getCurrentUser(), object.getClass() ) );
- sharing.getMeta().setAllowExternalAccess( aclService.canExternalize( currentUserService.getCurrentUser(), object.getClass() ) );
+ sharing.getMeta().setAllowPublicAccess( aclService.canCreatePublic( user, object.getClass() ) );
+ sharing.getMeta().setAllowExternalAccess( aclService.canExternalize( user, object.getClass() ) );
sharing.getObject().setId( object.getUid() );
sharing.getObject().setName( object.getDisplayName() );
@@ -125,7 +133,7 @@
{
String access;
- if ( aclService.canCreatePublic( currentUserService.getCurrentUser(), klass ) )
+ if ( aclService.canCreatePublic( user, klass ) )
{
access = AccessStringHelper.newInstance().enable( AccessStringHelper.Permission.READ ).enable( AccessStringHelper.Permission.WRITE ).build();
}
@@ -159,10 +167,10 @@
Collections.sort( sharing.getObject().getUserGroupAccesses(), SharingUserGroupAccessNameComparator.INSTANCE );
- JacksonUtils.toJson( response.getOutputStream(), sharing );
+ renderService.toJson( response.getOutputStream(), sharing );
}
- @RequestMapping( method = { RequestMethod.POST, RequestMethod.PUT }, consumes = "application/json" )
+ @RequestMapping( method = { RequestMethod.POST, RequestMethod.PUT }, consumes = MediaType.APPLICATION_JSON_VALUE )
public void setSharing( @RequestParam String type, @RequestParam String id, HttpServletResponse response, HttpServletRequest request ) throws IOException, WebMessageException
{
Class<? extends IdentifiableObject> sharingClass = aclService.classForType( type );
@@ -179,7 +187,9 @@
throw new WebMessageException( WebMessageUtils.notFound( "Object of type " + type + " with ID " + id + " was not found." ) );
}
- if ( !aclService.canManage( currentUserService.getCurrentUser(), object ) )
+ User user = currentUserService.getCurrentUser();
+
+ if ( !aclService.canManage( user, object ) )
{
throw new AccessDeniedException( "You do not have manage access to this object." );
}
@@ -187,20 +197,20 @@
Sharing sharing = JacksonUtils.fromJson( request.getInputStream(), Sharing.class );
// Ignore externalAccess if user is not allowed to make objects external
- if ( aclService.canExternalize( currentUserService.getCurrentUser(), object.getClass() ) )
+ if ( aclService.canExternalize( user, object.getClass() ) )
{
object.setExternalAccess( sharing.getObject().hasExternalAccess() );
}
// Ignore publicAccess if user is not allowed to make objects public
- if ( aclService.canCreatePublic( currentUserService.getCurrentUser(), object.getClass() ) )
+ if ( aclService.canCreatePublic( user, object.getClass() ) )
{
object.setPublicAccess( sharing.getObject().getPublicAccess() );
}
if ( object.getUser() == null )
{
- object.setUser( currentUserService.getCurrentUser() );
+ object.setUser( user );
}
Iterator<UserGroupAccess> iterator = object.getUserGroupAccesses().iterator();
@@ -257,7 +267,7 @@
webMessageService.send( WebMessageUtils.ok( "Access control set" ), response, request );
}
- @RequestMapping( value = "/search", method = RequestMethod.GET, produces = { "application/json" } )
+ @RequestMapping( value = "/search", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE )
public void searchUserGroups( @RequestParam String key, @RequestParam( required = false ) Integer pageSize,
HttpServletResponse response ) throws IOException, WebMessageException
{
@@ -282,6 +292,6 @@
sharingUserGroups.getUserGroups().add( sharingUserGroupAccess );
}
- JacksonUtils.toJson( response.getOutputStream(), sharingUserGroups );
+ renderService.toJson( response.getOutputStream(), sharingUserGroups );
}
}
