remove of users from a userRole, added new property on userRole calle...

noreply Tue, 23 Dec 2014 08:37:18 -0800

------------------------------------------------------------
revno: 17786
committer: Morten Olav Hansen <morte...@gmail.com>
branch nick: dhis2
timestamp: Tue 2014-12-23 17:35:42 +0100
message:
  implemented support for add/remove of users from a userRole, added new 
property on userRole called users (exposes members.userCredentials.user)
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java
  
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserRoleController.java



--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to 
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java	2014-12-19 16:13:54 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java	2014-12-23 16:35:42 +0000
@@ -45,7 +45,9 @@
 import org.hisp.dhis.dataset.DataSet;
 import org.hisp.dhis.schema.annotation.PropertyRange;
 
+import java.util.ArrayList;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Set;
 
 /**
@@ -157,6 +159,25 @@
     }
 
     @JsonProperty
+    @JsonView( { DetailedView.class } )
+    @JacksonXmlElementWrapper( localName = "users", namespace = DxfNamespaces.DXF_2_0 )
+    @JacksonXmlProperty( localName = "user", namespace = DxfNamespaces.DXF_2_0 )
+    public List<User> getUsers()
+    {
+        List<User> users = new ArrayList<>();
+
+        for ( UserCredentials userCredentials : members )
+        {
+            if ( userCredentials.getUser() != null )
+            {
+                users.add( userCredentials.getUser() );
+            }
+        }
+
+        return users;
+    }
+
+    @JsonProperty
     @JsonSerialize( contentAs = BaseIdentifiableObject.class )
     @JsonView( { DetailedView.class, ExportView.class } )
     @JacksonXmlElementWrapper( localName = "dataSets", namespace = DxfNamespaces.DXF_2_0 )

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserRoleController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserRoleController.java	2014-10-01 08:39:12 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserRoleController.java	2014-12-23 16:35:42 +0000
@@ -28,16 +28,23 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+import org.hisp.dhis.hibernate.exception.DeleteAccessDeniedException;
+import org.hisp.dhis.hibernate.exception.UpdateAccessDeniedException;
 import org.hisp.dhis.schema.descriptors.UserRoleSchemaDescriptor;
+import org.hisp.dhis.user.User;
 import org.hisp.dhis.user.UserAuthorityGroup;
 import org.hisp.dhis.user.UserService;
 import org.hisp.dhis.webapi.controller.AbstractCrudController;
+import org.hisp.dhis.webapi.utils.ContextUtils;
 import org.hisp.dhis.webapi.webdomain.WebMetaData;
 import org.hisp.dhis.webapi.webdomain.WebOptions;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
 
+import javax.servlet.http.HttpServletResponse;
 import java.util.List;
 
 /**
@@ -63,4 +70,70 @@
 
         return entityList;
     }
+
+    @RequestMapping( value = "/{id}/users/{userId}", method = { RequestMethod.POST, RequestMethod.PUT } )
+    public void addUserToRole( @PathVariable( value = "id" ) String pvId, @PathVariable( "userId" ) String pvUserId, HttpServletResponse response )
+    {
+        UserAuthorityGroup userAuthorityGroup = userService.getUserAuthorityGroup( pvId );
+
+        if ( userAuthorityGroup == null )
+        {
+            ContextUtils.notFoundResponse( response, "UserRole does not exist: " + pvId );
+            return;
+        }
+
+        User user = userService.getUser( pvUserId );
+
+        if ( user == null )
+        {
+            ContextUtils.notFoundResponse( response, "User does not exist: " + pvId );
+            return;
+        }
+
+        if ( !aclService.canUpdate( currentUserService.getCurrentUser(), userAuthorityGroup ) )
+        {
+            throw new UpdateAccessDeniedException( "You don't have the proper permissions to update this object." );
+        }
+
+        if ( !user.getUserCredentials().getUserAuthorityGroups().contains( userAuthorityGroup ) )
+        {
+            user.getUserCredentials().getUserAuthorityGroups().add( userAuthorityGroup );
+            userService.updateUserCredentials( user.getUserCredentials() );
+        }
+
+        response.setStatus( HttpServletResponse.SC_NO_CONTENT );
+    }
+
+    @RequestMapping( value = "/{id}/users/{userId}", method = RequestMethod.DELETE )
+    public void removeUserFromRole( @PathVariable( value = "id" ) String pvId, @PathVariable( "userId" ) String pvUserId, HttpServletResponse response )
+    {
+        UserAuthorityGroup userAuthorityGroup = userService.getUserAuthorityGroup( pvId );
+
+        if ( userAuthorityGroup == null )
+        {
+            ContextUtils.notFoundResponse( response, "UserRole does not exist: " + pvId );
+            return;
+        }
+
+        User user = userService.getUser( pvUserId );
+
+        if ( user == null || user.getUserCredentials() == null )
+        {
+            ContextUtils.notFoundResponse( response, "User does not exist: " + pvId );
+            return;
+        }
+
+        if ( !aclService.canUpdate( currentUserService.getCurrentUser(), userAuthorityGroup ) )
+        {
+            throw new DeleteAccessDeniedException( "You don't have the proper permissions to delete this object." );
+        }
+
+        if ( user.getUserCredentials().getUserAuthorityGroups().contains( userAuthorityGroup ) )
+        {
+            user.getUserCredentials().getUserAuthorityGroups().remove( userAuthorityGroup );
+            userService.updateUserCredentials( user.getUserCredentials() );
+        }
+
+        response.setStatus( HttpServletResponse.SC_NO_CONTENT );
+    }
 }

_______________________________________________
Mailing list: https://launchpad.net/~dhis2-devs
Post to     : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help   : https://help.launchpad.net/ListHelp

[Dhis2-devs] [Branch ~dhis2-devs-core/dhis2/trunk] Rev 17786: implemented support for add/remove of users from a userRole, added new property on userRole calle...

Reply via email to