revision-diff.txt (31.1 KB)
Hi Chau, can you please explain a bit what you have done here? To me it seems a bit of a security risk to hardcode username/passwords into the application… Could we make this a bit more dynamic?
Lars
···
On Mon, Dec 21, 2009 at 9:16 AM, noreply@launchpad.net wrote:
revno: 1257
committer: Tran Chau tran.hispvietnam@gmail.com
branch nick: trunk
timestamp: Mon 2009-12-21 15:11:39 +0700
message:
Fix bug: Allowed to remove superuser user role
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AbstractAutomaticAccessProvider.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddRoleAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetRoleAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetRoleListAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetUserListAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/RemoveRoleAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/RemoveUserAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateRoleAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/allRole.vm
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/allUser.vm
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/role.js
–
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription.
=== modified file ‘dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java’
— dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java 2009-09-26 09:41:54 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserAuthorityGroup.java 2009-12-21 08:11:39 +0000
@@ -36,9 +36,13 @@
/**
@author Nguyen Hong Duc
@version $Id: UserAuthorityGroup.java 5701 2008-09-14 20:34:46Z larshelg $
- @version $Id: UserAuthorityGroup.java 339942 2009-12-21 10:21:03Z chauthutran $
*/
public class UserAuthorityGroup
{
public static final String SUPER_USER_GROUP = "Superuser";private int id; /**=== modified file ‘dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java’
— dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2009-06-17 22:06:54 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2009-12-21 08:11:39 +0000
@@ -34,10 +34,16 @@
/**
@author Nguyen Hong Duc
@version $Id: UserCredentials.java 2869 2007-02-20 14:26:09Z andegje $
- @version $Id: UserCredentials.java 339942 2009-12-21 10:21:03Z chauthutran $
*/
public class UserCredentials
implements Serializable{
public static final String SUPER_USER_NAME = "admin";public static final String SUPER_USER_PASSWORD = "district";private int id; /**=== modified file ‘dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AbstractAutomaticAccessProvider.java’
— dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AbstractAutomaticAccessProvider.java 2009-03-03 16:46:36 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AbstractAutomaticAccessProvider.java 2009-12-21 08:11:39 +0000
@@ -66,6 +66,7 @@
// ------------------------------------------------------------------------- protected abstract void initialise();
public final void init() {@@ -81,7 +82,7 @@
protected boolean isEnabled() {
return userStore.getAllUsers().size() == 0;
return ( userStore.getAllUsers().size() == 0);}
protected Collection getAuthorities()
=== modified file ‘dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java’
— dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java 2009-03-03 16:46:36 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java 2009-12-21 08:11:39 +0000
@@ -35,57 +35,58 @@
/**
- @author Torgeir Lorange Ostby
- @version $Id: DatabaseAutomaticAccessProvider.java 3513 2007-08-04 16:16:40Z torgeilo $
- @version $Id: DatabaseAutomaticAccessProvider.java 3513 2007-08-04 16:16:40Z
torgeilo $
- @version $Id: DatabaseAutomaticAccessProvider.java 339942 2009-12-21 10:21:03Z
chauthutran $*/
-public class DatabaseAutomaticAccessProvider
- extends AbstractAutomaticAccessProvider
-{
// -------------------------------------------------------------------------
// Dependencies
// -------------------------------------------------------------------------
private PasswordManager passwordManager;
public void setPasswordManager( PasswordManager passwordManager )
{
this.passwordManager = passwordManager;}
// -------------------------------------------------------------------------
// AdminAccessManager implementation
// -------------------------------------------------------------------------
public void initialise()
{
// ---------------------------------------------------------------------// Assumes no UserAuthorityGroup called "Superuser" in database// ---------------------------------------------------------------------String username = "admin";String password = "district";User user = new User();user.setFirstName( username );user.setSurname( username );userStore.addUser( user );UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();userAuthorityGroup.setName( "Superuser" );userAuthorityGroup.setAuthorities( new HashSet<String>( getAuthorities() ) );userStore.addUserAuthorityGroup( userAuthorityGroup );UserCredentials userCredentials = new UserCredentials();userCredentials.setUsername( username );userCredentials.setPassword( passwordManager.encodePassword( username, password ) );userCredentials.setUser( user );userCredentials.getUserAuthorityGroups().add( userAuthorityGroup );userStore.addUserCredentials( userCredentials );}
public void access()
{
}
+public class DatabaseAutomaticAccessProvider extends
AbstractAutomaticAccessProvider {// -------------------------------------------------------------------------// Dependencies// -------------------------------------------------------------------------private PasswordManager passwordManager;public void setPasswordManager(PasswordManager passwordManager) {this.passwordManager = passwordManager;}// -------------------------------------------------------------------------// AdminAccessManager implementation// -------------------------------------------------------------------------public void initialise() {// ---------------------------------------------------------------------// Assumes no UserAuthorityGroup called "Superuser" in database// ---------------------------------------------------------------------String username = UserCredentials.SUPER_USER_NAME;String password = UserCredentials.SUPER_USER_PASSWORD;User user = new User();user.setFirstName(username);user.setSurname(username);userStore.addUser(user);UserAuthorityGroup userAuthorityGroup = new UserAuthorityGroup();userAuthorityGroup.setName(UserAuthorityGroup.SUPER_USER_GROUP);userAuthorityGroup.setAuthorities(new HashSet<String>(getAuthorities()));userStore.addUserAuthorityGroup(userAuthorityGroup);UserCredentials userCredentials = new UserCredentials();userCredentials.setUsername(username);userCredentials.setPassword(passwordManager.encodePassword(username,password));userCredentials.setUser(user);userCredentials.getUserAuthorityGroups().add(userAuthorityGroup);userStore.addUserCredentials(userCredentials);}public void access() {}}
=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddRoleAction.java’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddRoleAction.java 2009-09-26 09:41:54 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddRoleAction.java 2009-12-21 08:11:39 +0000
@@ -136,11 +136,11 @@
group.getReportExcels().add( reportExcel ); }
group.getAuthorities().addAll( selectedListAuthority );userStore.addUserAuthorityGroup( group );
group.getAuthorities().addAll( selectedListAuthority );userStore.addUserAuthorityGroup( group );return SUCCESS; }}
=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetRoleAction.java’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetRoleAction.java 2009-09-26 09:41:54 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetRoleAction.java 2009-12-21 08:11:39 +0000
@@ -154,7 +154,7 @@
throws Exception { userAuthorityGroup = userStore.getUserAuthorityGroup( id );
// --------------------------------------------------------------------- // DataSets // ---------------------------------------------------------------------=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetRoleListAction.java’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetRoleListAction.java 2009-08-20 08:17:49 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetRoleListAction.java 2009-12-21 08:11:39 +0000
@@ -39,40 +39,44 @@
@author Thanh Nguyen
@version $Id: GetRoleListAction.java 4079 2007-11-20 11:42:23Z larshelg $
*/
-public class GetRoleListAction
- implements Action
-{
// -------------------------------------------------------------------------
// Dependencies
// -------------------------------------------------------------------------
private UserStore userStore;
public void setUserStore( UserStore userStore )
{
this.userStore = userStore;}
// -------------------------------------------------------------------------
// Output
// -------------------------------------------------------------------------
private List userAuthorityGroups;
public List getUserAuthorityGroups()
{
return userAuthorityGroups;}
// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
public String execute()
throws Exception{
userAuthorityGroups = new ArrayList<UserAuthorityGroup>( userStore.getAllUserAuthorityGroups() );return SUCCESS;}
+public class GetRoleListAction implements Action {
// -------------------------------------------------------------------------// Dependencies// -------------------------------------------------------------------------private UserStore userStore;public void setUserStore(UserStore userStore) {this.userStore = userStore;}private String superuserRole;public String getSuperuserRole() {return superuserRole;}// -------------------------------------------------------------------------// Output// -------------------------------------------------------------------------private List<UserAuthorityGroup> userAuthorityGroups;public List<UserAuthorityGroup> getUserAuthorityGroups() {return userAuthorityGroups;}// -------------------------------------------------------------------------// Action implementation// -------------------------------------------------------------------------public String execute() throws Exception {superuserRole = UserAuthorityGroup.SUPER_USER_GROUP;userAuthorityGroups = new ArrayList<UserAuthorityGroup>(userStore.getAllUserAuthorityGroups());return SUCCESS;}}
=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetUserListAction.java’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetUserListAction.java 2009-08-20 08:17:49 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/GetUserListAction.java 2009-12-21 08:11:39 +0000
@@ -56,12 +56,19 @@
{ this.userStore = userStore; }
private String userAdmin;
public String getUserAdmin() {
return userAdmin;}// -------------------------------------------------------------------------
// Output
// -------------------------------------------------------------------------
- private List userCredentialsList;
private List<UserCredentials> userCredentialsList;public List getUserCredentialsList()
{
@@ -74,6 +81,8 @@
public String execute() throws Exception {
userAdmin = UserCredentials.SUPER_USER_NAME;Collection<User> users = userStore.getAllUsers(); userCredentialsList = new ArrayList<UserCredentials>();=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/RemoveRoleAction.java’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/RemoveRoleAction.java 2009-08-20 08:17:49 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/RemoveRoleAction.java 2009-12-21 08:11:39 +0000
@@ -27,54 +27,73 @@
- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+import java.sql.BatchUpdateException;
+import org.hibernate.exception.ConstraintViolationException;
+import org.hisp.dhis.i18n.I18n;
+import org.hisp.dhis.i18n.I18nFormat;
import org.hisp.dhis.user.UserAuthorityGroup;
+import org.hisp.dhis.user.UserCredentials;
import org.hisp.dhis.user.UserStore;
+import org.springframework.dao.DataIntegrityViolationException;
import com.opensymphony.xwork2.Action;
/**
@author Thanh Nguyen
@version $Id: RemoveRoleAction.java 5724 2008-09-18 14:37:01Z larshelg $
- @version $Id: RemoveRoleAction.java 339942 2009-12-21 10:21:03Z chauthutran $
*/
-public class RemoveRoleAction
- implements Action
-{
// -------------------------------------------------------------------------
// Dependencies
// -------------------------------------------------------------------------
private UserStore userStore;
public void setUserStore( UserStore userStore )
{
this.userStore = userStore;}
// -------------------------------------------------------------------------
// Input
// -------------------------------------------------------------------------
private Integer id;
public void setId( Integer id )
{
[this.id](http://this.id) = id;}
// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
public String execute()
throws Exception{
UserAuthorityGroup authorityGroup = userStore.getUserAuthorityGroup( id );if ( authorityGroup != null ){userStore.deleteUserAuthorityGroup( authorityGroup );}return SUCCESS;}
+public class RemoveRoleAction implements Action {
// -------------------------------------------------------------------------// Dependencies// -------------------------------------------------------------------------private UserStore userStore;public void setUserStore(UserStore userStore) {this.userStore = userStore;}// -------------------------------------------------------------------------// Input// -------------------------------------------------------------------------private Integer id;public void setId(Integer id) {[this.id](http://this.id) = id;}private String message;public String getMessage() {return message;}private I18n i18n;public void setI18n(I18n i18n) {this.i18n = i18n;}// -------------------------------------------------------------------------// Action implementation// -------------------------------------------------------------------------public String execute() throws Exception {UserAuthorityGroup authorityGroup = userStore.getUserAuthorityGroup(id);if (authorityGroup != null) {try{userStore.deleteUserAuthorityGroup(authorityGroup);}catch(DataIntegrityViolationException e){message = i18n.getString("user_use_group");return ERROR;}}return SUCCESS;}}
=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/RemoveUserAction.java’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/RemoveUserAction.java 2009-08-20 08:17:49 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/RemoveUserAction.java 2009-12-21 08:11:39 +0000
@@ -29,8 +29,10 @@
import java.util.Collection;
+import org.hisp.dhis.i18n.I18n;
import org.hisp.dhis.user.CurrentUserService;
import org.hisp.dhis.user.User;
+import org.hisp.dhis.user.UserCredentials;
import org.hisp.dhis.user.UserSetting;
import org.hisp.dhis.user.UserStore;
@@ -72,6 +74,18 @@
[this.id](http://this.id) = id; }
private String message;
public String getMessage() {return message;}private I18n i18n;public void setI18n(I18n i18n) {this.i18n = i18n;}// ------------------------------------------------------------------------- // Action implementation // -------------------------------------------------------------------------=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateRoleAction.java’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateRoleAction.java 2009-11-25 04:45:30 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateRoleAction.java 2009-12-21 08:11:39 +0000
@@ -32,6 +32,7 @@
import org.hisp.dhis.dataset.DataSet;
import org.hisp.dhis.dataset.DataSetService;
+import org.hisp.dhis.i18n.I18n;
import org.hisp.dhis.reportexcel.ReportExcel;
import org.hisp.dhis.reportexcel.ReportExcelService;
import org.hisp.dhis.user.UserAuthorityGroup;
@@ -43,115 +44,115 @@
@author Thanh Nguyen
@version $Id: UpdateRoleAction.java 5701 2008-09-14 20:34:46Z larshelg $
*/
-public class UpdateRoleAction
- implements Action
-{
// -------------------------------------------------------------------------
// Dependencies
// -------------------------------------------------------------------------
private UserStore userStore;
public void setUserStore( UserStore userStore )
{
this.userStore = userStore;}
private DataSetService dataSetService;
public void setDataSetService( DataSetService dataSetService )
{
this.dataSetService = dataSetService;}
private ReportExcelService reportExcelService;
public void setReportExcelService( ReportExcelService reportExcelService )
{
this.reportExcelService = reportExcelService;}
// -------------------------------------------------------------------------
// Input
// -------------------------------------------------------------------------
private Integer id;
public void setId( Integer id )
{
[this.id](http://this.id) = id;}
private String name;
public void setName( String rolename )
{
[this.name](http://this.name) = rolename;}
private String description;
public void setDescription( String description )
{
this.description = description;}
private Collection selectedList = new ArrayList();
public void setSelectedList( Collection selectedList )
{
this.selectedList = selectedList;}
private Collection selectedListAuthority = new ArrayList();
public void setSelectedListAuthority( Collection selectedListAuthority )
{
this.selectedListAuthority = selectedListAuthority;}
private Collection selectedReportExcel = new ArrayList();
public void setSelectedReportExcel( Collection selectedReportExcel )
{
this.selectedReportExcel = selectedReportExcel;}
// -------------------------------------------------------------------------
// Action implementation
// -------------------------------------------------------------------------
public String execute()
throws Exception{
UserAuthorityGroup group = userStore.getUserAuthorityGroup( id );group.setName( name );group.setDescription( description );group.getDataSets().clear();group.getAuthorities().clear();group.getReportExcels().clear();for ( String id : selectedList ){DataSet dataSet = dataSetService.getDataSet( Integer.parseInt( id ) );group.getDataSets().add( dataSet );}for ( String id : selectedReportExcel ){ReportExcel reportExcel = reportExcelService.getReportExcel( Integer.parseInt( id ) );group.getReportExcels().add( reportExcel );}group.getAuthorities().addAll( selectedListAuthority );userStore.updateUserAuthorityGroup( group );return SUCCESS;}
+public class UpdateRoleAction implements Action {
// -------------------------------------------------------------------------// Dependencies// -------------------------------------------------------------------------private UserStore userStore;public void setUserStore(UserStore userStore) {this.userStore = userStore;}private DataSetService dataSetService;public void setDataSetService(DataSetService dataSetService) {this.dataSetService = dataSetService;}private ReportExcelService reportExcelService;public void setReportExcelService(ReportExcelService reportExcelService) {this.reportExcelService = reportExcelService;}private String message;public String getMessage() {return message;}private I18n i18n;public void setI18n(I18n i18n) {this.i18n = i18n;}// -------------------------------------------------------------------------// Input// -------------------------------------------------------------------------private Integer id;public void setId(Integer id) {[this.id](http://this.id) = id;}private String name;public void setName(String rolename) {[this.name](http://this.name) = rolename;}private String description;public void setDescription(String description) {this.description = description;}private Collection<String> selectedList = new ArrayList<String>();public void setSelectedList(Collection<String> selectedList) {this.selectedList = selectedList;}private Collection<String> selectedListAuthority = new ArrayList<String>();public void setSelectedListAuthority(Collection<String> selectedListAuthority) {this.selectedListAuthority = selectedListAuthority;}private Collection<String> selectedReportExcel = new ArrayList<String>();public void setSelectedReportExcel(Collection<String> selectedReportExcel) {this.selectedReportExcel = selectedReportExcel;}// -------------------------------------------------------------------------// Action implementation// -------------------------------------------------------------------------public String execute() throws Exception {UserAuthorityGroup group = userStore.getUserAuthorityGroup(id);group.setName(name);group.setDescription(description);group.getDataSets().clear();group.getAuthorities().clear();group.getReportExcels().clear();for (String id : selectedList) {DataSet dataSet = dataSetService.getDataSet(Integer.parseInt(id));group.getDataSets().add(dataSet);}for (String id : selectedReportExcel) {ReportExcel reportExcel = reportExcelService.getReportExcel(Integer.parseInt(id));group.getReportExcels().add(reportExcel);}group.getAuthorities().addAll(selectedListAuthority);userStore.updateUserAuthorityGroup(group);return SUCCESS;}}
=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties 2009-12-21 05:32:40 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties 2009-12-21 08:11:39 +0000
@@ -192,3 +192,4 @@
intro_user_by_orgunit = Create, modify, view and delete users for a given organisation unit.
intro_user_role = Create, modify, view and delete user roles. A user role has a set of authorities.
intro_change_password = Change the password for users.
+user_use_group = There are users used this role
\ No newline at end of file
=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/allRole.vm’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/allRole.vm 2009-11-03 10:54:57 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/allRole.vm 2009-12-21 08:11:39 +0000
@@ -1,3 +1,4 @@
+
$i18n.getString( "user_role_management" )
@@ -26,8 +27,16 @@
<tr> <td#alternate( $mark )>$!encoder.htmlEncode( $userAuthorityGroup.name )</td> <td#alternate( $mark )>$!encoder.htmlEncode( $userAuthorityGroup.description )</td>
<td style="text-align:center"#alternate( $mark )><a href="showUpdateRoleForm.action?id=$userAuthorityGroup.id" title="$i18n.getString( "edit" )"><img src="../images/edit.png" alt="$i18n.getString( "edit" )"></a></td><td style="text-align:center"#alternate( $mark )><a href="javascript:removeRole( $userAuthorityGroup.id, '$encoder.jsEncode( $userAuthorityGroup.name )' )" title="$i18n.getString( "remove" )"><img src="../images/delete.png" alt="$i18n.getString( "remove" )"></a></td>
<td style="text-align:center"#alternate( $mark )>#if($userAuthorityGroup.name != $!encoder.htmlEncode( $superuserRole))<a href="showUpdateRoleForm.action?id=$userAuthorityGroup.id" title="$i18n.getString( "edit" )"><img src="../images/edit.png" alt="$i18n.getString( "edit" )"></a>#end</td><td style="text-align:center"#alternate( $mark )>#if($userAuthorityGroup.name != $!encoder.htmlEncode( $superuserRole))<a href="javascript:removeRole( $userAuthorityGroup.id, '$encoder.jsEncode( $userAuthorityGroup.name )' )" title="$i18n.getString( "remove" )"><img src="../images/delete.png" alt="$i18n.getString( "remove" )"></a>#end</td> <td style="text-align:center"#alternate( $mark )><a href="javascript:showRoleDetails( $userAuthorityGroup.id )" title="$i18n.getString( "show_details" )"><img src="../images/information.png" alt="$i18n.getString( "show_details" )"></a></td> </tr> #if( $mark )=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/allUser.vm’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/allUser.vm 2009-05-20 09:47:08 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/allUser.vm 2009-12-21 08:11:39 +0000
@@ -30,8 +30,15 @@
<td#alternate( $mark )>$encoder.htmlEncode( $userCredentials.username )</td> <td#alternate( $mark )>$encoder.htmlEncode( $userCredentials.user.surname ), $encoder.htmlEncode( $userCredentials.user.firstName )</td> <td#alternate( $mark )>$!encoder.htmlEncode( $[userCredentials.user.organisationUnit.name](http://userCredentials.user.organisationUnit.name) )</td>
<td style="text-align:center"#alternate( $mark )><a href="showUpdateUserForm.action?id=$userCredentials.id" title="$i18n.getString( "edit" )"><img src="../images/edit.png" alt="$i18n.getString( "edit" )"></a></td><td style="text-align:center"#alternate( $mark )><a href="javascript:removeUser( $userCredentials.id, '$encoder.jsEncode( $userCredentials.username )' )" title="$i18n.getString( "remove" )"><img src="../images/delete.png" alt="$i18n.getString( "remove" )"></a></td>
<td style="text-align:center"#alternate( $mark )>#if($encoder.htmlEncode( $userCredentials.username ) != $!encoder.htmlEncode( $userAdmin))<a href="showUpdateUserForm.action?id=$userCredentials.id" title="$i18n.getString( "edit" )"><img src="../images/edit.png" alt="$i18n.getString( "edit" )"></a></td>#end<td style="text-align:center"#alternate( $mark )>#if($encoder.htmlEncode( $userCredentials.username ) != $!encoder.htmlEncode( $userAdmin))<a href="javascript:removeUser( $userCredentials.id, '$encoder.jsEncode( $userCredentials.username )' )" title="$i18n.getString( "remove" )"><img src="../images/delete.png" alt="$i18n.getString( "remove" )"></a>#end</td> <td style="text-align:center"#alternate( $mark )><a href="javascript:showUserDetails( $userCredentials.id )" title="$i18n.getString( "show_details" )"><img src="../images/information.png" alt="$i18n.getString( "show_details" )"></a></td> </tr> #if( $mark )=== modified file ‘dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/role.js’
— dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/role.js 2009-09-26 09:41:54 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/role.js 2009-12-21 08:11:39 +0000
@@ -28,10 +28,26 @@
{
if ( confirm( i18n_confirm_delete ) ) {
window.location.href = 'removeRole.action?id=' + id;
var request = new Request();request.setResponseTypeXML( 'message' );request.setCallbackSuccess( removeRoleCompleted );request.send( 'removeRole.action?id=' + id );//window.location.href = 'removeRole.action?id=' + id; }}
+function removeRoleCompleted(xmlObject){
var type = xmlObject.getAttribute( 'type' );if ( type == ‘success’ )
{
windown.location.href = 'allRole.action';}
else{
setMessage(xmlObject.firstChild.nodeValue);}+}
// -----------------------------------------------------------------------------
// Add role
// -----------------------------------------------------------------------------
@@ -85,7 +101,6 @@
request.send( 'validateRole.action?id=' + getFieldValue( 'id' ) + '&name=' + getFieldValue( 'name' ) + '&description=' + getFieldValue( 'description' ) );
return false;}
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp