[Dhis2-devs] [Branch ~dhis2-devs-core/dhis2/trunk] Rev 14471: minor fixes to AclService

Thu, 27 Mar 2014 01:23:20 -0700 

------------------------------------------------------------
revno: 14471
committer: Morten Olav Hansen <morte...@gmail.com>
branch nick: dhis2
timestamp: Thu 2014-03-27 09:20:52 +0100
message:
  minor fixes to AclService
modified:
  
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to 
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java	2014-03-27 06:38:37 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java	2014-03-27 08:20:52 +0000
@@ -39,8 +39,6 @@
 import org.springframework.beans.factory.annotation.Autowired;
 
 import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
 
 import static org.springframework.util.CollectionUtils.containsAny;
 
@@ -105,6 +103,7 @@
 
         for ( UserGroupAccess userGroupAccess : object.getUserGroupAccesses() )
         {
+            /* Is the user allowed to write to this object through group access? */
             if ( AccessStringHelper.canWrite( userGroupAccess.getAccess() )
                 && userGroupAccess.getUserGroup().getMembers().contains( user ) )
             {
@@ -136,6 +135,7 @@
 
         for ( UserGroupAccess userGroupAccess : object.getUserGroupAccesses() )
         {
+            /* Is the user allowed to read this object through group access? */
             if ( AccessStringHelper.canRead( userGroupAccess.getAccess() )
                 && userGroupAccess.getUserGroup().getMembers().contains( user ) )
             {
@@ -202,6 +202,7 @@
 
         for ( UserGroupAccess userGroupAccess : object.getUserGroupAccesses() )
         {
+            /* Is the user allowed to write to this object through group access? */
             if ( AccessStringHelper.canWrite( userGroupAccess.getAccess() )
                 && userGroupAccess.getUserGroup().getMembers().contains( user ) )
             {
@@ -215,46 +216,22 @@
     @Override
     public <T extends IdentifiableObject> boolean canCreatePublic( User user, Class<T> klass )
     {
-        Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
-
         Schema schema = schemaService.getSchema( klass );
-
-        if ( schema == null || !schema.isShareable() )
-        {
-            return false;
-        }
-
-        return containsAny( authorities, ACL_OVERRIDE_AUTHORITIES ) || containsAny( authorities, schema.getAuthorityByType( AuthorityType.CREATE_PUBLIC ) );
+        return !(schema == null || !schema.isShareable()) && canAccess( user, schema.getAuthorityByType( AuthorityType.CREATE_PUBLIC ) );
     }
 
     @Override
     public <T extends IdentifiableObject> boolean canCreatePrivate( User user, Class<T> klass )
     {
-        Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
-
         Schema schema = schemaService.getSchema( klass );
-
-        if ( schema == null || !schema.isShareable() )
-        {
-            return false;
-        }
-
-        return containsAny( authorities, ACL_OVERRIDE_AUTHORITIES ) || containsAny( authorities, schema.getAuthorityByType( AuthorityType.CREATE_PRIVATE ) );
+        return !(schema == null || !schema.isShareable()) && canAccess( user, schema.getAuthorityByType( AuthorityType.CREATE_PRIVATE ) );
     }
 
     @Override
     public <T extends IdentifiableObject> boolean canExternalize( User user, Class<T> klass )
     {
-        Set<String> authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet<String>();
-
         Schema schema = schemaService.getSchema( klass );
-
-        if ( schema == null || !schema.isShareable() )
-        {
-            return false;
-        }
-
-        return containsAny( authorities, ACL_OVERRIDE_AUTHORITIES ) || containsAny( authorities, schema.getAuthorityByType( AuthorityType.EXTERNALIZE ) );
+        return !(schema == null || !schema.isShareable()) && canAccess( user, schema.getAuthorityByType( AuthorityType.EXTERNALIZE ) );
     }
 
     @Override


_______________________________________________
Mailing list: https://launchpad.net/~dhis2-devs
Post to     : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help   : https://help.launchpad.net/ListHelp

Reply via email to