=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2015-11-07 17:12:43 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2015-11-08 13:56:42 +0000 @@ -75,6 +75,12 @@ private String username; /** + * Indicates whether this credentials can only be authenticated externally, + * such as through OpenID or LDAP. + */ + private boolean externalAuth; + + /** * Unique OpenID. */ private String openId; @@ -530,6 +536,19 @@ @JsonProperty @JsonView( { DetailedView.class, ExportView.class } ) @JacksonXmlProperty( namespace = DxfNamespaces.DXF_2_0 ) + public boolean isExternalAuth() + { + return externalAuth; + } + + public void setExternalAuth( boolean externalAuth ) + { + this.externalAuth = externalAuth; + } + + @JsonProperty + @JsonView( { DetailedView.class, ExportView.class } ) + @JacksonXmlProperty( namespace = DxfNamespaces.DXF_2_0 ) public Date getPasswordLastUpdated() { return passwordLastUpdated; === modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2015-11-07 17:11:20 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2015-11-08 13:56:42 +0000 @@ -43,6 +43,7 @@ public interface UserService { String ID = UserService.class.getName(); + String PW_NO_INTERNAL_LOGIN = "--[#no_internal_login#]--"; // ------------------------------------------------------------------------- // User === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java 2015-11-07 17:11:20 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java 2015-11-08 13:56:42 +0000 @@ -1,6 +1,5 @@ package org.hisp.dhis.security; -import org.hisp.dhis.common.CodeGenerator; import org.hisp.dhis.system.util.SecurityUtils; import org.hisp.dhis.user.UserCredentials; import org.hisp.dhis.user.UserService; @@ -55,21 +54,9 @@ } } - // --------------------------------------------------------------------- - // If password is null, assume external authentication (OpenID, LDAP) - // and set not encoded, random password to satisfy Spring Security - // --------------------------------------------------------------------- - - String password = credentials.getPassword(); - - if ( !credentials.hasPassword() ) - { - password = CodeGenerator.generateCode( 60 ); - } - boolean credentialsExpired = userService.credentialsNonExpired( credentials ); - return new User( credentials.getUsername(), password, + return new User( credentials.getUsername(), credentials.getPassword(), !credentials.isDisabled(), true, credentialsExpired, true, SecurityUtils.getGrantedAuthorities( credentials ) ); } } === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/InitTableAlteror.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/InitTableAlteror.java 2015-10-23 03:41:44 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/InitTableAlteror.java 2015-11-08 13:56:42 +0000 @@ -66,7 +66,7 @@ executeSql( "UPDATE programstageinstance SET status='ACTIVE' WHERE status='0';" ); executeSql( "UPDATE programstageinstance SET status='COMPLETED' WHERE status='1';" ); executeSql( "UPDATE programstageinstance SET status='SKIPPED' WHERE status='5';" ); - + executeSql( "update users set externalauth = false where externalauth is null" ); executeSql( "ALTER TABLE program DROP COLUMN displayonallorgunit" ); upgradeProgramStageDataElements(); === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml' --- dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml 2015-11-03 03:22:58 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/resources/org/hisp/dhis/user/hibernate/UserCredentials.hbm.xml 2015-11-08 13:56:42 +0000 @@ -20,12 +20,14 @@ + + + + - - === modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddUserAction.java' --- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddUserAction.java 2015-11-03 03:22:58 +0000 +++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddUserAction.java 2015-11-08 13:56:42 +0000 @@ -148,6 +148,13 @@ { this.inviteUsername = inviteUsername; } + + private boolean externalAuth; + + public void setExternalAuth( boolean externalAuth ) + { + this.externalAuth = externalAuth; + } private String rawPassword; @@ -296,9 +303,10 @@ user.setUserCredentials( userCredentials ); userCredentials.setUsername( StringUtils.trimToNull( username ) ); + userCredentials.setExternalAuth( externalAuth ); userCredentials.setOpenId( StringUtils.trimToNull( openId ) ); userCredentials.setLdapId( StringUtils.trimToNull( ldapId ) ); - + if ( ACCOUNT_ACTION_INVITE.equals( accountAction ) ) { userCredentials.setUsername( StringUtils.trimToNull( inviteUsername ) ); === modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java' --- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java 2015-11-03 03:22:58 +0000 +++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java 2015-11-08 13:56:42 +0000 @@ -125,6 +125,13 @@ this.id = id; } + private boolean externalAuth; + + public void setExternalAuth( boolean externalAuth ) + { + this.externalAuth = externalAuth; + } + private String rawPassword; public void setRawPassword( String rawPassword ) @@ -254,6 +261,7 @@ UserCredentials userCredentials = userService.getUserCredentials( user ); + userCredentials.setExternalAuth( externalAuth ); userCredentials.setOpenId( StringUtils.trimToNull( openId ) ); userCredentials.setLdapId( StringUtils.trimToNull( ldapId ) ); === modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties' --- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties 2015-11-07 17:11:20 +0000 +++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties 2015-11-08 13:56:42 +0000 @@ -384,4 +384,5 @@ invitation_sent=Invitation sent programs = Programs ldap_id=LDAP identifier -ldap_in_use=LDAP identifier in use \ No newline at end of file +ldap_in_use=LDAP identifier in use +external_authentication_only = External authentication only \ No newline at end of file === modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm' --- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2015-11-07 17:11:20 +0000 +++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2015-11-08 13:56:42 +0000 @@ -81,7 +81,7 @@ #if ( $allowInvite ) - + @@ -111,6 +111,11 @@ + + + + + === modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm' --- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm 2015-11-03 03:22:58 +0000 +++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm 2015-11-08 13:56:42 +0000 @@ -95,6 +95,11 @@ + + + + +