@Override public void delete( IdentifiableObject object ) { delete( object, currentUserService.getCurrentUser() ); }
@Override public TrackedEntityInstance getTrackedEntityInstance( String uid ) { TrackedEntityInstance tei = trackedEntityInstanceStore.getByUid( uid ); addTrackedEntityInstanceAudit( tei, currentUserService.getCurrentUsername(), AuditType.READ ); return tei; }
@Override public final T get( int id ) { T object = getSession().get( getClazz(), id ); if ( !isReadAllowed( object, currentUserService.getCurrentUser() ) ) { AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_READ_DENIED ); throw new ReadAccessDeniedException( object.toString() ); } return postProcessObject( object ); }
User user = currentUserService.getCurrentUser(); if ( currentUserService.currentUserIsSuper() || ( CollectionUtils.isEmpty( cogDimensionConstraints ) && CollectionUtils.isEmpty( catDimensionConstraints ) ) )
ImportSummary summary, MetaDataCallables mdCallables, MetaDataCaches mdCaches ) final String currentUser = currentUserService.getCurrentUsername(); final Set<OrganisationUnit> userOrgUnits = currentUserService.getCurrentUserOrganisationUnits(); final I18n i18n = i18nManager.getI18n(); List<String> errors = accessManager.canWrite( currentUserService.getCurrentUser(), internalCdsr.getDataSet() ); if ( !errors.isEmpty() )
final User currentUser = currentUserService.getCurrentUser(); final String currentUserName = currentUser.getUsername(); final Set<OrganisationUnit> currentOrgUnits = currentUserService.getCurrentUserOrganisationUnits();
@Override public void decideAccess( TrackedEntityInstanceQueryParams params ) { User user = params.isInternalSearch() ? null : currentUserService.getCurrentUser(); if ( params.isOrganisationUnitMode( ALL ) && !currentUserService.currentUserIsAuthorized( Authorities.F_TRACKED_ENTITY_INSTANCE_SEARCH_IN_ALL_ORGUNITS.name() ) && !params.isInternalSearch() ) { throw new IllegalQueryException( "Current user is not authorized to query across all organisation units" ); } if ( params.hasProgram() ) { if ( !aclService.canDataRead( user, params.getProgram() ) ) { throw new IllegalQueryException( "Current user is not authorized to read data from selected program: " + params.getProgram().getUid() ); } if ( params.getProgram().getTrackedEntityType() != null && !aclService.canDataRead( user, params.getProgram().getTrackedEntityType() ) ) { throw new IllegalQueryException( "Current user is not authorized to read data from selected program's tracked entity type: " + params.getProgram().getTrackedEntityType().getUid() ); } } if ( params.hasTrackedEntityType() && !aclService.canDataRead( user, params.getTrackedEntityType() ) ) { throw new IllegalQueryException( "Current user is not authorized to read data from selected tracked entity type: " + params.getTrackedEntityType().getUid() ); } }
Set<OrganisationUnit> userOrgUnits = currentUserService.getCurrentUserOrganisationUnits();
/** * Uses query since name property might not be unique. */ @Override public final T getByName( String name ) { CriteriaBuilder builder = getCriteriaBuilder(); JpaQueryParameters<T> param = new JpaQueryParameters<T>() .addPredicates( getSharingPredicates( builder ) ) .addPredicate( root -> builder.equal( root.get( "name" ), name ) ); List<T> list = getList( builder, param ); T object = list != null && !list.isEmpty() ? list.get( 0 ) : null; if ( !isReadAllowed( object, currentUserService.getCurrentUser() ) ) { AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_READ_DENIED ); throw new ReadAccessDeniedException( object.toString() ); } return object; }
@Override public List<DataApprovalAudit> getDataApprovalAudits( DataApprovalAuditQueryParams params ) { if ( !currentUserService.currentUserIsSuper() ) { Set<DataApprovalLevel> userLevels = new HashSet<>( dataApprovalLevelService.getUserDataApprovalLevels( currentUserService.getCurrentUser() ) ); if ( params.hasLevels() ) { params.setLevels( Sets.intersection( params.getLevels(), userLevels ) ); } else { params.setLevels( userLevels ); } } List<DataApprovalAudit> audits = dataApprovalAuditStore.getDataApprovalAudits( params ); retainFromDimensionConstraints( audits ); return audits; }
@Override public Enrollment getEnrollment( ProgramInstance programInstance ) { return getEnrollment( currentUserService.getCurrentUser(), programInstance, TrackedEntityInstanceParams.FALSE ); }
@Override public List<TrackedEntityInstance> getTrackedEntityInstances( TrackedEntityInstanceQueryParams params, boolean skipAccessValidation ) { if ( params.isOrQuery() && !params.hasAttributes() && !params.hasProgram() ) { Collection<TrackedEntityAttribute> attributes = attributeService.getTrackedEntityAttributesDisplayInListNoProgram(); params.addAttributes( QueryItem.getQueryItems( attributes ) ); params.addFiltersIfNotExist( QueryItem.getQueryItems( attributes ) ); } decideAccess( params ); //AccessValidation should be skipped only and only if it is internal service that runs the task (for example sync job) if ( !skipAccessValidation ) { validate( params ); } params.setUser( currentUserService.getCurrentUser() ); if ( !params.isPaging() && !params.isSkipPaging() ) { params.setDefaultPaging(); } List<TrackedEntityInstance> trackedEntityInstances = trackedEntityInstanceStore.getTrackedEntityInstances( params ); String accessedBy = currentUserService.getCurrentUsername(); for ( TrackedEntityInstance tei : trackedEntityInstances ) { addTrackedEntityInstanceAudit( tei, accessedBy, AuditType.SEARCH ); } return trackedEntityInstances; }
final User user = currentUserService.getCurrentUser(); if ( user == null || currentUserService.currentUserIsSuper() )
@Override public void updateUser( User user ) { userStore.update( user ); AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), user, AuditLogUtil.ACTION_UPDATE ); }
@Override public List<MessageConversation> getMessageConversations() { return messageConversationStore .getMessageConversations( currentUserService.getCurrentUser(), null, false, false, null, null ); }
handleAttributes( params ); User user = currentUserService.getCurrentUser(); String accessedBy = currentUserService.getCurrentUsername();
final User user = currentUserService.getCurrentUser(); final boolean isSuperUser = currentUserService.currentUserIsSuper();
@Override public TrackedEntityInstance getTrackedEntityInstance( int id ) { TrackedEntityInstance tei = trackedEntityInstanceStore.get( id ); addTrackedEntityInstanceAudit( tei, currentUserService.getCurrentUsername(), AuditType.READ ); return tei; }
@Override public boolean isAccessible( App app ) { return isAccessible( app, currentUserService.getCurrentUser() ); }
@Override public void deleteUser( User user ) { AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), user, AuditLogUtil.ACTION_DELETE ); userStore.delete( user ); }