← Back to team overview

dhis2-devs team mailing list archive

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 21302: Removed restriction on critical authorities for user invites and account restore

 

------------------------------------------------------------
revno: 21302
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2015-12-03 18:01:58 +0100
message:
  Removed restriction on critical authorities for user invites and account restore
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/program/Program.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java
  dhis-2/dhis-support/dhis-support-system/src/main/java/org/hisp/dhis/system/filter/NonCriticalUserAuthorityGroupFilter.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SystemController.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/java/org/hisp/dhis/trackedentity/action/trackedentityattribute/UpdateAttributeAction.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/program/Program.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/program/Program.java	2015-12-03 16:47:14 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/program/Program.java	2015-12-03 17:01:58 +0000
@@ -119,7 +119,7 @@
     private Program relatedProgram;
 
     private Boolean dataEntryMethod = false;
-
+    
     private TrackedEntity trackedEntity;
 
     private DataEntryForm dataEntryForm;

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java	2015-10-19 11:25:31 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java	2015-12-03 17:01:58 +0000
@@ -44,14 +44,12 @@
 import org.hisp.dhis.system.velocity.VelocityManager;
 import org.hisp.dhis.user.CurrentUserService;
 import org.hisp.dhis.user.User;
-import org.hisp.dhis.user.UserAuthorityGroup;
 import org.hisp.dhis.user.UserCredentials;
 import org.hisp.dhis.user.UserService;
 import org.hisp.dhis.user.UserSettingService;
 import org.joda.time.DateTime;
 import org.springframework.beans.factory.annotation.Autowired;
 
-import java.util.Arrays;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -176,12 +174,6 @@
             return "user_does_not_have_valid_email";
         }
 
-        if ( credentials.hasAnyAuthority( Arrays.asList( UserAuthorityGroup.CRITICAL_AUTHS ) ) )
-        {
-            log.warn( "Not allowed to restore/invite users with critical authorities" );
-            return "user_has_critical_authorities";
-        }
-
         return null;
     }
 

=== modified file 'dhis-2/dhis-support/dhis-support-system/src/main/java/org/hisp/dhis/system/filter/NonCriticalUserAuthorityGroupFilter.java'
--- dhis-2/dhis-support/dhis-support-system/src/main/java/org/hisp/dhis/system/filter/NonCriticalUserAuthorityGroupFilter.java	2015-05-28 18:21:56 +0000
+++ dhis-2/dhis-support/dhis-support-system/src/main/java/org/hisp/dhis/system/filter/NonCriticalUserAuthorityGroupFilter.java	2015-12-03 17:01:58 +0000
@@ -28,9 +28,6 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-import java.util.Arrays;
-
-import org.apache.commons.collections.CollectionUtils;
 import org.hisp.dhis.user.UserAuthorityGroup;
 import org.hisp.dhis.commons.filter.Filter;
 
@@ -48,6 +45,6 @@
             return false;
         }
         
-        return !CollectionUtils.containsAny( userRole.getAuthorities(), Arrays.asList( UserAuthorityGroup.CRITICAL_AUTHS ) );
+        return !userRole.hasCriticalAuthorities();
     }
 }

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SystemController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SystemController.java	2015-12-03 02:17:45 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SystemController.java	2015-12-03 17:01:58 +0000
@@ -31,7 +31,6 @@
 import org.hisp.dhis.common.CodeGenerator;
 import org.hisp.dhis.dataintegrity.DataIntegrityReport;
 import org.hisp.dhis.dataintegrity.FlattenedDataIntegrityReport;
-import org.hisp.dhis.dxf2.common.IdSchemes;
 import org.hisp.dhis.dxf2.metadata.ImportSummary;
 import org.hisp.dhis.dxf2.render.RenderService;
 import org.hisp.dhis.node.exception.InvalidTypeException;

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java	2015-10-05 07:55:19 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java	2015-12-03 17:01:58 +0000
@@ -50,7 +50,6 @@
 import org.hisp.dhis.security.SecurityService;
 import org.hisp.dhis.system.util.ValidationUtils;
 import org.hisp.dhis.user.User;
-import org.hisp.dhis.user.UserAuthorityGroup;
 import org.hisp.dhis.user.UserCredentials;
 import org.hisp.dhis.user.UserGroupService;
 import org.hisp.dhis.user.UserInvitationStatus;
@@ -76,8 +75,6 @@
 import java.util.List;
 import java.util.Map;
 
-import static org.hisp.dhis.common.IdentifiableObjectUtils.getUids;
-
 /**
  * @author Morten Olav Hansen <mortenoh@xxxxxxxxx>
  */
@@ -514,16 +511,6 @@
 
         credentials.setUserInfo( user );
 
-        List<UserAuthorityGroup> userRoles = userService.getUserRolesByUid( getUids( credentials.getUserAuthorityGroups() ) );
-
-        for ( UserAuthorityGroup role : userRoles )
-        {
-            if ( role != null && role.hasCriticalAuthorities() )
-            {
-                throw new WebMessageException( WebMessageUtils.conflict( "User cannot be invited with user role which has critical authorities: " + role ) );
-            }
-        }
-
         String valid = securityService.validateInvite( user.getUserCredentials() );
 
         if ( valid != null )

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/java/org/hisp/dhis/trackedentity/action/trackedentityattribute/UpdateAttributeAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/java/org/hisp/dhis/trackedentity/action/trackedentityattribute/UpdateAttributeAction.java	2015-12-02 13:56:57 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/java/org/hisp/dhis/trackedentity/action/trackedentityattribute/UpdateAttributeAction.java	2015-12-03 17:01:58 +0000
@@ -182,13 +182,6 @@
         this.scope = scope;
     }
 
-    private Boolean confidential;
-
-    public void setConfidential( Boolean confidential )
-    {
-        this.confidential = confidential;
-    }
-
     private List<String> jsonAttributeValues;
 
     public void setJsonAttributeValues( List<String> jsonAttributeValues )