=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2014-12-26 16:55:20 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2014-12-26 22:47:28 +0000 @@ -169,9 +169,9 @@ * groups association. * * @param user the user. - * @return a List of users. + * @return a Collection of users. */ - List getManagedUsers( User user ); + Collection getManagedUsers( User user ); /** * Returns all users which are managed by the given user through its managed @@ -180,9 +180,9 @@ * @param user the user. * @param first the first record to return. * @param max the max number of records to return. - * @return a List of users. + * @return a Collection of users. */ - List getManagedUsersBetween( User user, int first, int max ); + Collection getManagedUsersBetween( User user, int first, int max ); /** * Tests whether the current user is allowed to create a user associated === modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java 2014-12-26 12:27:14 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserStore.java 2014-12-26 22:47:28 +0000 @@ -71,18 +71,9 @@ * groups association. * * @param user the user. - * @return a List of users. - */ - List getManagedUsers( User user ); - - /** - * Returns all users which are managed by the given user through its managed - * groups association. - * - * @param user the user. - * @param first the first record to return. - * @param max the max number of records to return. - * @return a List of users. - */ - List getManagedUsersBetween( User user, int first, int max ); + * @param first the first record to return, null if 0. + * @param max the max number of records to return, null if none. + * @return a List of users. + */ + List getManagedUsersBetween( User user, Integer first, Integer max ); } === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2014-12-26 18:56:34 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2014-12-26 22:47:28 +0000 @@ -204,14 +204,19 @@ } @Override - public List getManagedUsers( User user ) + public Collection getManagedUsers( User user ) { - return userStore.getManagedUsers( user ); + return userStore.getManagedUsersBetween( user, null, null ); } @Override - public List getManagedUsersBetween( User user, int first, int max ) + public Collection getManagedUsersBetween( User user, int first, int max ) { + if ( user != null && user.isSuper() ) + { + return getAllUsers(); + } + return userStore.getManagedUsersBetween( user, first, max ); } === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java 2014-12-26 16:55:20 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserStore.java 2014-12-26 22:47:28 +0000 @@ -30,6 +30,7 @@ import java.util.Collection; import java.util.List; +import java.util.Set; import org.hibernate.Criteria; import org.hibernate.Query; @@ -107,29 +108,42 @@ return criteria.list(); } - - @Override - @SuppressWarnings("unchecked") - public List getManagedUsers( User user ) - { - Collection managedGroups = IdentifiableObjectUtils.getIdentifiers( user.getManagedGroups() ); - - String hql = "select distinct u from User u join u.groups g where g.id in (:ids) order by u.surname, u.firstName"; - - return sessionFactory.getCurrentSession().createQuery( hql ).setParameterList( "ids", managedGroups ).list(); - } @Override @SuppressWarnings("unchecked") - public List getManagedUsersBetween( User user, int first, int max ) + public List getManagedUsersBetween( User user, Integer first, Integer max ) { Collection managedGroups = IdentifiableObjectUtils.getIdentifiers( user.getManagedGroups() ); - - String hql = "select distinct u from User u join u.groups g where g.id in (:ids) order by u.surname, u.firstName"; - - return sessionFactory.getCurrentSession().createQuery( hql ). + + Set auths = user.getUserCredentials().getAllAuthorities(); + + String hql = + "select distinct u from User u " + + "inner join u.userCredentials uc " + + "inner join u.groups g " + + "where g.id in (:ids) " + + "and not exists (" + + "select uc2 from UserCredentials uc2 " + + "inner join uc2.userAuthorityGroups ag " + + "inner join ag.authorities a " + + "where uc2.id = uc.id " + + "and a not in (:auths) ) " + + "order by u.surname, u.firstName"; + + Query query = sessionFactory.getCurrentSession().createQuery( hql ). setParameterList( "ids", managedGroups ). - setFirstResult( first ). - setMaxResults( max ).list(); + setParameterList( "auths", auths ); + + if ( first != null ) + { + query.setFirstResult( first ); + } + + if ( max != null ) + { + query.setMaxResults( max ).list(); + } + + return query.list(); } } === modified file 'dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java' --- dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java 2014-12-26 12:27:14 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/test/java/org/hisp/dhis/user/UserServiceTest.java 2014-12-26 22:47:28 +0000 @@ -29,13 +29,13 @@ */ import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; -import static org.junit.Assert.assertFalse; +import java.util.Collection; import java.util.HashSet; -import java.util.List; import java.util.Set; import org.hisp.dhis.DhisSpringTest; @@ -64,6 +64,10 @@ private OrganisationUnit unit1; private OrganisationUnit unit2; + private UserAuthorityGroup roleA; + private UserAuthorityGroup roleB; + private UserAuthorityGroup roleC; + @Override public void setUpTest() throws Exception @@ -72,7 +76,25 @@ unit2 = createOrganisationUnit( 'B' ); organisationUnitService.addOrganisationUnit( unit1 ); - organisationUnitService.addOrganisationUnit( unit2 ); + organisationUnitService.addOrganisationUnit( unit2 ); + + roleA = createUserAuthorityGroup( 'A' ); + roleB = createUserAuthorityGroup( 'B' ); + roleC = createUserAuthorityGroup( 'C' ); + + roleA.getAuthorities().add( "AuthA" ); + roleA.getAuthorities().add( "AuthB" ); + roleA.getAuthorities().add( "AuthC" ); + roleA.getAuthorities().add( "AuthD" ); + + roleB.getAuthorities().add( "AuthA" ); + roleB.getAuthorities().add( "AuthB" ); + + roleC.getAuthorities().add( "AuthC" ); + + userService.addUserAuthorityGroup( roleA ); + userService.addUserAuthorityGroup( roleB ); + userService.addUserAuthorityGroup( roleC ); } @Test @@ -199,18 +221,38 @@ User userB = createUser( 'B' ); User userC = createUser( 'C' ); User userD = createUser( 'D' ); + User userE = createUser( 'E' ); + User userF = createUser( 'F' ); + + UserCredentials credentialsA = createUserCredentials( 'A', userA ); + UserCredentials credentialsB = createUserCredentials( 'B', userB ); + UserCredentials credentialsC = createUserCredentials( 'C', userC ); + UserCredentials credentialsD = createUserCredentials( 'D', userD ); + UserCredentials credentialsE = createUserCredentials( 'E', userE ); + UserCredentials credentialsF = createUserCredentials( 'F', userF ); userService.addUser( userA ); userService.addUser( userB ); userService.addUser( userC ); userService.addUser( userD ); + userService.addUser( userE ); + userService.addUser( userF ); + + userService.addUserCredentials( credentialsA ); + userService.addUserCredentials( credentialsB ); + userService.addUserCredentials( credentialsC ); + userService.addUserCredentials( credentialsD ); + userService.addUserCredentials( credentialsE ); + userService.addUserCredentials( credentialsF ); UserGroup userGroup1 = createUserGroup( 'A', Sets.newHashSet( userA, userB ) ); - UserGroup userGroup2 = createUserGroup( 'B', Sets.newHashSet( userC, userD ) ); + UserGroup userGroup2 = createUserGroup( 'B', Sets.newHashSet( userC, userD, userE, userF ) ); userA.getGroups().add( userGroup1 ); userB.getGroups().add( userGroup1 ); userC.getGroups().add( userGroup2 ); userD.getGroups().add( userGroup2 ); + userE.getGroups().add( userGroup2 ); + userF.getGroups().add( userGroup2 ); userGroup1.setManagedGroups( Sets.newHashSet( userGroup2 ) ); userGroup2.setManagedByGroups( Sets.newHashSet( userGroup1 ) ); @@ -218,11 +260,13 @@ userGroupService.addUserGroup( userGroup1 ); userGroupService.addUserGroup( userGroup2 ); - List users = userService.getManagedUsers( userA ); + Collection users = userService.getManagedUsers( userA ); - assertEquals( 2, users.size() ); + assertEquals( 4, users.size() ); assertTrue( users.contains( userC ) ); assertTrue( users.contains( userD ) ); + assertTrue( users.contains( userE ) ); + assertTrue( users.contains( userF ) ); users = userService.getManagedUsersBetween( userA, 0, 1 ); @@ -230,9 +274,11 @@ users = userService.getManagedUsers( userB ); - assertEquals( 2, users.size() ); + assertEquals( 4, users.size() ); assertTrue( users.contains( userC ) ); assertTrue( users.contains( userD ) ); + assertTrue( users.contains( userE ) ); + assertTrue( users.contains( userF ) ); users = userService.getManagedUsersBetween( userB, 0, 1 ); @@ -242,4 +288,79 @@ assertEquals( 0, users.size() ); } + + @Test + public void testGetManagedGroupsLessAuthorities() + { + User userA = createUser( 'A' ); + User userB = createUser( 'B' ); + User userC = createUser( 'C' ); + User userD = createUser( 'D' ); + User userE = createUser( 'E' ); + User userF = createUser( 'F' ); + + UserCredentials credentialsA = createUserCredentials( 'A', userA ); + UserCredentials credentialsB = createUserCredentials( 'B', userB ); + UserCredentials credentialsC = createUserCredentials( 'C', userC ); + UserCredentials credentialsD = createUserCredentials( 'D', userD ); + UserCredentials credentialsE = createUserCredentials( 'E', userE ); + UserCredentials credentialsF = createUserCredentials( 'F', userF ); + + credentialsA.getUserAuthorityGroups().add( roleA ); + credentialsB.getUserAuthorityGroups().add( roleB ); + credentialsB.getUserAuthorityGroups().add( roleC ); + credentialsC.getUserAuthorityGroups().add( roleA ); + credentialsC.getUserAuthorityGroups().add( roleB ); + credentialsD.getUserAuthorityGroups().add( roleC ); + credentialsE.getUserAuthorityGroups().add( roleA ); + credentialsE.getUserAuthorityGroups().add( roleB ); + credentialsF.getUserAuthorityGroups().add( roleC ); + + userService.addUser( userA ); + userService.addUser( userB ); + userService.addUser( userC ); + userService.addUser( userD ); + userService.addUser( userE ); + userService.addUser( userF ); + + userService.addUserCredentials( credentialsA ); + userService.addUserCredentials( credentialsB ); + userService.addUserCredentials( credentialsC ); + userService.addUserCredentials( credentialsD ); + userService.addUserCredentials( credentialsE ); + userService.addUserCredentials( credentialsF ); + + UserGroup userGroup1 = createUserGroup( 'A', Sets.newHashSet( userA, userB ) ); + UserGroup userGroup2 = createUserGroup( 'B', Sets.newHashSet( userC, userD, userE, userF ) ); + userA.getGroups().add( userGroup1 ); + userB.getGroups().add( userGroup1 ); + userC.getGroups().add( userGroup2 ); + userD.getGroups().add( userGroup2 ); + userE.getGroups().add( userGroup2 ); + userF.getGroups().add( userGroup2 ); + + userGroup1.setManagedGroups( Sets.newHashSet( userGroup2 ) ); + userGroup2.setManagedByGroups( Sets.newHashSet( userGroup1 ) ); + + userGroupService.addUserGroup( userGroup1 ); + userGroupService.addUserGroup( userGroup2 ); + + Collection users = userService.getManagedUsers( userA ); + + assertEquals( 4, users.size() ); + assertTrue( users.contains( userC ) ); + assertTrue( users.contains( userD ) ); + assertTrue( users.contains( userE ) ); + assertTrue( users.contains( userF ) ); + + users = userService.getManagedUsers( userB ); + + assertEquals( 2, users.size() ); + assertTrue( users.contains( userD ) ); + assertTrue( users.contains( userF ) ); + + users = userService.getManagedUsers( userC ); + + assertEquals( 0, users.size() ); + } }