------------------------------------------------------------ revno: 14483 committer: Morten Olav Hansen <morte...@gmail.com> branch nick: dhis2 timestamp: Thu 2014-03-27 12:19:51 +0100 message: add canCreate method to aclService, checks to see if the user can create the object, either normal create, public create, or private create, updated crudController to use this modified: dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AbstractCrudController.java
-- lp:dhis2 https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk Your team DHIS 2 developers is subscribed to branch lp:dhis2. To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java 2014-03-27 06:38:37 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/acl/AclService.java 2014-03-27 11:19:51 +0000 @@ -116,6 +116,15 @@ boolean canManage( User user, IdentifiableObject object ); /** + * Can create + * @param user + * @param klass + * @param <T> + * @return + */ + <T extends IdentifiableObject> boolean canCreate( User user, Class<T> klass ); + + /** * Checks if a user can create a public instance of a certain object. * <p/> * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority? === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java 2014-03-27 10:17:13 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/acl/DefaultAclService.java 2014-03-27 11:19:51 +0000 @@ -205,6 +205,19 @@ } @Override + public <T extends IdentifiableObject> boolean canCreate( User user, Class<T> klass ) + { + Schema schema = schemaService.getSchema( klass ); + + if ( !schema.isShareable() ) + { + return canAccess( user, schema.getAuthorityByType( AuthorityType.CREATE ) ); + } + + return canCreatePublic( user, klass ) || canCreatePrivate( user, klass ); + } + + @Override public <T extends IdentifiableObject> boolean canCreatePublic( User user, Class<T> klass ) { Schema schema = schemaService.getSchema( klass ); === modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AbstractCrudController.java' --- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AbstractCrudController.java 2014-03-27 11:10:42 +0000 +++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AbstractCrudController.java 2014-03-27 11:19:51 +0000 @@ -256,8 +256,7 @@ @RequestMapping( method = RequestMethod.POST, consumes = { "application/xml", "text/xml" } ) public void postXmlObject( HttpServletResponse response, HttpServletRequest request, InputStream input ) throws Exception { - if ( !aclService.canCreatePublic( currentUserService.getCurrentUser(), getEntityClass() ) - && !aclService.canCreatePrivate( currentUserService.getCurrentUser(), getEntityClass() ) ) + if ( !aclService.canCreate( currentUserService.getCurrentUser(), getEntityClass() ) ) { throw new CreateAccessDeniedException( "You don't have the proper permissions to create this object." ); } @@ -266,8 +265,7 @@ @RequestMapping( method = RequestMethod.POST, consumes = "application/json" ) public void postJsonObject( HttpServletResponse response, HttpServletRequest request, InputStream input ) throws Exception { - if ( !aclService.canCreatePublic( currentUserService.getCurrentUser(), getEntityClass() ) - && !aclService.canCreatePrivate( currentUserService.getCurrentUser(), getEntityClass() ) ) + if ( !aclService.canCreate( currentUserService.getCurrentUser(), getEntityClass() ) ) { throw new CreateAccessDeniedException( "You don't have the proper permissions to create this object." ); }
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-devs Post to : dhis2-devs@lists.launchpad.net Unsubscribe : https://launchpad.net/~dhis2-devs More help : https://help.launchpad.net/ListHelp