------------------------------------------------------------ revno: 16627 committer: Morten Olav Hansen <[email protected]> branch nick: dhis2 timestamp: Thu 2014-09-04 20:03:35 +0700 message: basic sharing tests + fixes added: dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/common/SharingTest.java modified: dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java
-- lp:dhis2 https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk Your team DHIS 2 developers is subscribed to branch lp:dhis2. To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== added file 'dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/common/SharingTest.java' --- dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/common/SharingTest.java 1970-01-01 00:00:00 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/common/SharingTest.java 2014-09-04 13:03:35 +0000 @@ -0,0 +1,116 @@ +package org.hisp.dhis.common; + +/* + * Copyright (c) 2004-2014, University of Oslo + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * Neither the name of the HISP project nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +import org.hisp.dhis.DhisSpringTest; +import org.hisp.dhis.acl.AccessStringHelper; +import org.hisp.dhis.dataelement.DataElement; +import org.hisp.dhis.user.User; +import org.hisp.dhis.user.UserService; +import org.junit.Test; + +import java.util.Collection; + +import static org.junit.Assert.*; + +/** + * @author Morten Olav Hansen <[email protected]> + */ +public class SharingTest + extends DhisSpringTest +{ + @Override + protected void setUpTest() throws Exception + { + identifiableObjectManager = (IdentifiableObjectManager) getBean( IdentifiableObjectManager.ID ); + userService = (UserService) getBean( UserService.ID ); + } + + @Test + public void publicAccessSetIfNoUser() + { + DataElement dataElement = createDataElement( 'A' ); + identifiableObjectManager.save( dataElement ); + + assertNotNull( dataElement.getPublicAccess() ); + assertFalse( AccessStringHelper.canRead( dataElement.getPublicAccess() ) ); + assertFalse( AccessStringHelper.canWrite( dataElement.getPublicAccess() ) ); + } + + @Test + public void userIsCurrentIfNoUserSet() + { + User user = createUserAndInjectSecurityContext( true ); + + DataElement dataElement = createDataElement( 'A' ); + identifiableObjectManager.save( dataElement ); + + assertNotNull( dataElement.getUser() ); + assertEquals( user, dataElement.getUser() ); + } + + @Test + public void userCanCreatePublic() + { + createUserAndInjectSecurityContext( false, "F_DATAELEMENT_PUBLIC_ADD" ); + + DataElement dataElement = createDataElement( 'A' ); + identifiableObjectManager.save( dataElement ); + + assertNotNull( dataElement.getPublicAccess() ); + assertTrue( AccessStringHelper.canRead( dataElement.getPublicAccess() ) ); + assertTrue( AccessStringHelper.canWrite( dataElement.getPublicAccess() ) ); + } + + @Test + public void userCanCreatePrivate() + { + createUserAndInjectSecurityContext( false, "F_DATAELEMENT_PRIVATE_ADD" ); + + DataElement dataElement = createDataElement( 'A' ); + identifiableObjectManager.save( dataElement ); + + assertNotNull( dataElement.getPublicAccess() ); + assertFalse( AccessStringHelper.canRead( dataElement.getPublicAccess() ) ); + assertFalse( AccessStringHelper.canWrite( dataElement.getPublicAccess() ) ); + } + + @Test + public void objectsWithNoUser() + { + identifiableObjectManager.save( createDataElement( 'A' ) ); + identifiableObjectManager.save( createDataElement( 'B' ) ); + identifiableObjectManager.save( createDataElement( 'C' ) ); + identifiableObjectManager.save( createDataElement( 'D' ) ); + + Collection<DataElement> all = identifiableObjectManager.getAll( DataElement.class ); + + assertEquals( 4, all.size() ); + } +} === modified file 'dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java' --- dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java 2014-09-04 07:04:22 +0000 +++ dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java 2014-09-04 13:03:35 +0000 @@ -42,7 +42,6 @@ import org.hibernate.criterion.Property; import org.hibernate.criterion.Restrictions; import org.hibernate.criterion.Subqueries; -import org.hibernate.sql.JoinType; import org.hisp.dhis.acl.AccessStringHelper; import org.hisp.dhis.acl.AclService; import org.hisp.dhis.common.AuditLogUtil; @@ -185,10 +184,10 @@ protected final Criteria getSharingCriteria() { - return getSharingCriteria( currentUserService.getCurrentUser() ); + return getSharingCriteria( currentUserService.getCurrentUser(), "r%" ); } - protected final Criteria getSharingCriteria( User user ) + protected final Criteria getSharingCriteria( User user, String access ) { Criteria criteria = sessionFactory.getCurrentSession().createCriteria( getClazz(), "c" ).setCacheable( false ); @@ -201,7 +200,7 @@ Disjunction disjunction = Restrictions.disjunction(); - disjunction.add( Restrictions.like( "c.publicAccess", "r%" ) ); + disjunction.add( Restrictions.like( "c.publicAccess", access ) ); disjunction.add( Restrictions.isNull( "c.user.id" ) ); disjunction.add( Restrictions.eq( "c.user.id", user.getId() ) ); @@ -212,7 +211,7 @@ detachedCriteria.add( Restrictions.eqProperty( "dc.id", "c.id" ) ); detachedCriteria.add( Restrictions.eq( "ugm.id", user.getId() ) ); - detachedCriteria.add( Restrictions.like( "uga.access", "r%" ) ); + detachedCriteria.add( Restrictions.like( "uga.access", access ) ); detachedCriteria.setProjection( Property.forName( "uga.id" ) ); @@ -279,20 +278,22 @@ @Override public int save( T object ) { - if ( !Interpretation.class.isAssignableFrom( clazz ) && currentUserService.getCurrentUser() != null && aclService.isShareable( clazz ) ) + BaseIdentifiableObject identifiableObject = (BaseIdentifiableObject) object; + identifiableObject.setPublicAccess( AccessStringHelper.newInstance().build() ); + identifiableObject.setUserGroupAccesses( new HashSet<UserGroupAccess>() ); + + User currentUser = currentUserService.getCurrentUser(); + + if ( !Interpretation.class.isAssignableFrom( clazz ) && currentUser != null && aclService.isShareable( clazz ) ) { - BaseIdentifiableObject identifiableObject = (BaseIdentifiableObject) object; - // TODO we might want to allow setting sharing props on save, but for now we null them out - identifiableObject.setPublicAccess( null ); - identifiableObject.setUserGroupAccesses( new HashSet<UserGroupAccess>() ); if ( identifiableObject.getUser() == null ) { - identifiableObject.setUser( currentUserService.getCurrentUser() ); + identifiableObject.setUser( currentUser ); } - if ( aclService.canCreatePublic( currentUserService.getCurrentUser(), identifiableObject.getClass() ) ) + if ( aclService.canCreatePublic( currentUser, identifiableObject.getClass() ) ) { if ( aclService.defaultPublic( identifiableObject.getClass() ) ) { @@ -303,13 +304,8 @@ identifiableObject.setPublicAccess( build ); } - else - { - String build = AccessStringHelper.newInstance().build(); - identifiableObject.setPublicAccess( build ); - } } - else if ( aclService.canCreatePrivate( currentUserService.getCurrentUser(), identifiableObject.getClass() ) ) + else if ( aclService.canCreatePrivate( currentUser, identifiableObject.getClass() ) ) { identifiableObject.setPublicAccess( AccessStringHelper.newInstance().build() ); }
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-devs Post to : [email protected] Unsubscribe : https://launchpad.net/~dhis2-devs More help : https://help.launchpad.net/ListHelp
