=== added file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/sharing/SharingService.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/sharing/SharingService.java 1970-01-01 00:00:00 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/sharing/SharingService.java 2014-03-21 10:31:50 +0000 @@ -0,0 +1,145 @@ +package org.hisp.dhis.sharing; + +/* + * Copyright (c) 2004-2014, University of Oslo + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * Neither the name of the HISP project nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +import org.hisp.dhis.common.IdentifiableObject; +import org.hisp.dhis.user.User; + +/** + * @author Morten Olav Hansen + */ +public interface SharingService +{ + boolean isSupported( String type ); + + boolean isSupported( Class klass ); + + /** + * Can user write to this object (create) + *

+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority? + * 2. Is the user for the object null? + * 3. Is the user of the object equal to current user? + * 4. Is the object public write? + * 5. Does any of the userGroupAccesses contain public write and the current user is in that group + * + * @param user User to check against + * @param object Object to check + * @return Result of test + */ + boolean canWrite( User user, IdentifiableObject object ); + + /** + * Can user read this object + *

+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority? + * 2. Is the user for the object null? + * 3. Is the user of the object equal to current user? + * 4. Is the object public read? + * 5. Does any of the userGroupAccesses contain public read and the current user is in that group + * + * @param user User to check against + * @param object Object to check + * @return Result of test + */ + boolean canRead( User user, IdentifiableObject object ); + + /** + * Can user update this object + *

+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority? + * 2. Can user write to this object? + * + * @param user User to check against + * @param object Object to check + * @return Result of test + */ + boolean canUpdate( User user, IdentifiableObject object ); + + /** + * Can user delete this object + *

+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority? + * 2. Can user write to this object? + * + * @param user User to check against + * @param object Object to check + * @return Result of test + */ + boolean canDelete( User user, IdentifiableObject object ); + + /** + * Can user manage (make public) this object + *

+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority? + * 2. Can user write to this object? + * + * @param user User to check against + * @param object Object to check + * @return Result of test + */ + boolean canManage( User user, IdentifiableObject object ); + + /** + * Checks if a user can create a public instance of a certain object. + *

+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority? + * 2. Does user have the authority to create public instances of that object + * + * @param user User to check against + * @param klass Class to check + * @return Result of test + */ + boolean canCreatePublic( User user, Class klass ); + + /** + * Checks if a user can create a private instance of a certain object. + *

+ * 1. Does user have SHARING_OVERRIDE_AUTHORITY authority? + * 2. Does user have the authority to create private instances of that object + * + * @param user User to check against + * @param klass Class to check + * @return Result of test + */ + boolean canCreatePrivate( User user, Class klass ); + + /** + * Can user make this object external? (read with no login) + * + * @param user User to check against + * @param klass Type to check + * @return Result of test + */ + boolean canExternalize( User user, Class klass ); + + boolean defaultPublic( Class klass ); + + Class classForType( String type ); +} === added directory 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing' === added file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing/DefaultSharingService.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing/DefaultSharingService.java 1970-01-01 00:00:00 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/sharing/DefaultSharingService.java 2014-03-21 10:31:50 +0000 @@ -0,0 +1,126 @@ +package org.hisp.dhis.sharing; + +/* + * Copyright (c) 2004-2014, University of Oslo + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * Neither the name of the HISP project nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +import org.hisp.dhis.common.IdentifiableObject; +import org.hisp.dhis.schema.SchemaService; +import org.hisp.dhis.user.User; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.util.CollectionUtils; + +import java.util.Arrays; +import java.util.List; + +/** + * @author Morten Olav Hansen + */ +public class DefaultSharingService implements SharingService +{ + @Autowired + private SchemaService schemaService; + + public static final List SHARING_OVERRIDE_AUTHORITIES = Arrays.asList( "ALL", "F_METADATA_IMPORT" ); + + @Override + public boolean isSupported( String type ) + { + return false; + } + + @Override + public boolean isSupported( Class klass ) + { + return false; + } + + @Override + public boolean canWrite( User user, IdentifiableObject object ) + { + return false; + } + + @Override + public boolean canRead( User user, IdentifiableObject object ) + { + return false; + } + + @Override + public boolean canUpdate( User user, IdentifiableObject object ) + { + return false; + } + + @Override + public boolean canDelete( User user, IdentifiableObject object ) + { + return false; + } + + @Override + public boolean canManage( User user, IdentifiableObject object ) + { + return false; + } + + @Override + public boolean canCreatePublic( User user, Class klass ) + { + return false; + } + + @Override + public boolean canCreatePrivate( User user, Class klass ) + { + return false; + } + + @Override + public boolean canExternalize( User user, Class klass ) + { + return false; + } + + @Override + public boolean defaultPublic( Class klass ) + { + return false; + } + + @Override + public Class classForType( String type ) + { + return null; + } + + private boolean haveOverrideAuthority( User user ) + { + return user == null || CollectionUtils.containsAny( user.getUserCredentials().getAllAuthorities(), SHARING_OVERRIDE_AUTHORITIES ); + } +} === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml' --- dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml 2014-03-21 09:35:30 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml 2014-03-21 10:31:50 +0000 @@ -11,6 +11,8 @@ + +