=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java 2013-08-25 21:44:57 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/common/SharingUtils.java 2013-09-18 13:26:26 +0000 @@ -209,9 +209,14 @@ */ public static boolean canWrite( User user, IdentifiableObject object ) { + Set authorities = user != null ? user.getUserCredentials().getAllAuthorities() : new HashSet(); + + //TODO ( (object instanceof User) && canCreatePrivate( user, object ) ): review possible security breaches and best way to give update access upon user import if ( sharingOverrideAuthority( user ) || (object.getUser() == null && canCreatePublic( user, object ) && PRIVATE_AUTHORITIES.get( object.getClass() ) != null) || user.equals( object.getUser() ) + //|| authorities.contains( PRIVATE_AUTHORITIES.get( object.getClass() ) ) + || ( (object instanceof User) && canCreatePrivate( user, object ) ) || AccessStringHelper.canWrite( object.getPublicAccess() ) ) { return true; === modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java 2013-08-23 15:56:19 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/User.java 2013-09-18 13:26:26 +0000 @@ -97,6 +97,7 @@ private Date lastCheckedInterpretations; + @Scanned private UserCredentials userCredentials; private Set groups = new HashSet(); === modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2013-08-23 15:56:19 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2013-09-18 13:26:26 +0000 @@ -37,6 +37,7 @@ import org.hisp.dhis.common.BaseIdentifiableObject; import org.hisp.dhis.common.DxfNamespaces; import org.hisp.dhis.common.IdentifiableObjectUtils; +import org.hisp.dhis.common.annotation.Scanned; import org.hisp.dhis.common.view.DetailedView; import org.hisp.dhis.common.view.ExportView; import org.hisp.dhis.dataset.DataSet; @@ -53,19 +54,19 @@ */ @JacksonXmlRootElement( localName = "userCredentials", namespace = DxfNamespaces.DXF_2_0) public class UserCredentials - implements Serializable + extends BaseIdentifiableObject implements Serializable { /** * Determines if a de-serialized file is compatible with this class. */ private static final long serialVersionUID = -8919501679702302098L; - private int id; + //private int id; /** * Required and unique. */ - private User user; + //private User user; /** * Required and unique. @@ -80,6 +81,7 @@ /** * Set of user roles. */ + @Scanned private Set userAuthorityGroups = new HashSet(); /** @@ -286,6 +288,11 @@ return user != null ? user.getName() : username; } + public String getCode() + { + return username; + } + /** * Tests whether the given input arguments can perform a valid restore of the * user account for these credentials. Returns false if any of the input arguments === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java 2013-09-30 10:39:35 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/TableAlteror.java 2013-09-30 13:57:44 +0000 @@ -623,7 +623,7 @@ executeSql( "ALTER TABLE dataelement ALTER COLUMN domaintype SET NOT NULL" ); executeSql( "update dataelementcategory set datadimension = false where datadimension is null" ); - executeSql( "UPDATE dataset SET dataelementdecoration=false WHERE dataelementdecoration is null" ); + executeSql( "UPDATE dataset SET dataelementdecoration=false WHERE dataelementdecoration is null" ); executeSql( "alter table validationrulegroup rename column validationgroupid to validationrulegroupid" ); executeSql( "alter table sqlview rename column viewid to sqlviewid" ); @@ -640,6 +640,8 @@ executeSql( "ALTER TABLE interpretation ALTER COLUMN userid DROP NOT NULL" ); upgradeMapViewsToAnalyticalObject(); + + executeSql( "ALTER TABLE users ALTER COLUMN password DROP NOT NULL" ); log.info( "Tables updated" ); } === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml' --- dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml 2012-12-13 11:53:32 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml 2013-09-18 13:26:26 +0000 @@ -21,7 +21,7 @@ - + === modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java' --- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java 2013-10-01 09:11:23 +0000 +++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/ExchangeClasses.java 2013-10-01 09:34:05 +0000 @@ -173,7 +173,7 @@ importClasses = new LinkedHashMap, String>( allExportClasses ); // for now, do not allow user/userGroup to be imported - importClasses.remove( User.class ); + //importClasses.remove( User.class ); importClasses.remove( UserGroup.class ); // this is considered data, and is not available for meta-data export/import === modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java' --- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java 2013-08-28 12:33:54 +0000 +++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java 2013-09-18 13:26:26 +0000 @@ -62,6 +62,7 @@ import org.hisp.dhis.system.util.functional.Function1; import org.hisp.dhis.user.User; import org.hisp.dhis.user.UserAuthorityGroup; +import org.hisp.dhis.user.UserCredentials; import org.hisp.dhis.user.UserGroup; import org.springframework.beans.factory.annotation.Autowired; @@ -409,6 +410,11 @@ NonIdentifiableObjects nonIdentifiableObjects = new NonIdentifiableObjects(); nonIdentifiableObjects.extract( object ); + UserCredentials userCredentials = null; + if (object instanceof User) { + userCredentials = ((User)object).getUserCredentials(); + } + Map fields = detachFields( object ); Map> collectionFields = detachCollectionFields( object ); @@ -422,6 +428,23 @@ objectBridge.updateObject( object ); + if (object instanceof User) { + userCredentials.setUser((User)object); + userCredentials.setId( ((User)object).getId()); + + Map> collectionFieldsUserCredentials = detachCollectionFields( userCredentials ); + + sessionFactory.getCurrentSession().save(userCredentials); + + reattachCollectionFields( userCredentials, collectionFieldsUserCredentials ); + + sessionFactory.getCurrentSession().saveOrUpdate(userCredentials); + + ((User) object).setUserCredentials(userCredentials); + + objectBridge.updateObject( (User)object ); + } + if ( !options.isDryRun() ) { nonIdentifiableObjects.save( object ); @@ -462,6 +485,11 @@ nonIdentifiableObjects.extract( object ); nonIdentifiableObjects.delete( persistedObject ); + UserCredentials userCredentials = null; + if (object instanceof User) { + userCredentials = ((User)object).getUserCredentials(); + } + Map fields = detachFields( object ); Map> collectionFields = detachCollectionFields( object ); @@ -477,6 +505,15 @@ objectBridge.updateObject( persistedObject ); + if (object instanceof User) { + + Map> collectionFieldsUserCredentials = detachCollectionFields( userCredentials ); + + reattachCollectionFields( ((User)persistedObject).getUserCredentials(), collectionFieldsUserCredentials ); + sessionFactory.getCurrentSession().saveOrUpdate(((User)persistedObject).getUserCredentials()); + + } + if ( !options.isDryRun() ) { nonIdentifiableObjects.save( persistedObject ); === modified file 'dhis-2/pom.xml' --- dhis-2/pom.xml 2013-10-01 09:02:04 +0000 +++ dhis-2/pom.xml 2013-10-01 09:34:05 +0000 @@ -26,6 +26,7 @@ dhis-api dhis-services dhis-support + dhis-web