List of permission in DHIS2

From: Dhis2-users [mailto:dhis2-users-bounces+dapsyjorge=gmail.com@lists.launchpad.net] On Behalf Of Elmarie Claasen
Sent: 9 June, 2015 7:19 PM
To: dhis2-devs@lists.launchpad.net; dhis2-users@lists.launchpad.net
Subject: [Dhis2-users] List of permission in DHIS2

Hi all,

Can anyone provide me with a complete list of available userrole authorities which appears on the left side when you create a user role?

I don’t see any table with that information in dhis2.

Much appreciated - thanks

Regards,

Elmarie Claasen

Project Manager

Health Information Systems Program

Tel: 041-367 1027

Cell: 082 374 2209

E-mail: elmarie@hisp.org

Skype: elmarie.claasen52

This message and any attachments are subject to a disclaimer published at http://www.hisp.org/policies.html#comms_disclaimer . Please read the disclaimer before opening any attachment or taking any other action in terms of this electronic transmission.
If you cannot access the disclaimer, kindly send an email to disclaimer@hisp.org and a copy will be provided to you. By replying to this e-mail or opening any attachment you agree to be bound by the provisions of the disclaimer.

On Tue, Jun 9, 2015 at 9:19 PM, Elmarie Claasen elmarie@hisp.org wrote:

Hi all,

Can anyone provide me with a complete list of available userrole authorities which appears on the left side when you create a user role?

I don’t see any table with that information in dhis2.

Much appreciated - thanks

Regards,

Elmarie Claasen

Project Manager

Health Information Systems Program

Tel: 041-367 1027

Cell: 082 374 2209

E-mail: elmarie@hisp.org

Skype: elmarie.claasen52

This message and any attachments are subject to a disclaimer published at http://www.hisp.org/policies.html#comms_disclaimer . Please read the disclaimer before opening any attachment or taking any other action in terms of this electronic transmission.
If you cannot access the disclaimer, kindly send an email to disclaimer@hisp.org and a copy will be provided to you. By replying to this e-mail or opening any attachment you agree to be bound by the provisions of the disclaimer.

---

Mailing list: https://launchpad.net/~dhis2-users

Post to : dhis2-users@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-users

More help : https://help.launchpad.net/ListHelp

–

Alex Tumwesigye

Technical Advisor - DHIS2 (Consultant),
Ministry of Health/AFENET

Kampala

Uganda

IT Consultant - BarefootPower Uganda Ltd, SmartSolar, Kenya

IT Specialist (Servers, Networks and Security, Health Information Systems - DHIS2 ) & Solar Consultant

+256 774149 775, + 256 759 800161

"I don’t want to be anything other than what I have been - one tree hill "

On Tue, Jun 9, 2015 at 10:51 PM, Alex Tumwesigye atumwesigye@gmail.com wrote:

Dear Elmarie,

They are hard coded using spring security.

see an extract from the code.

<action name="alluser" class="org.hisp.dhis.user.action.GetUserListAction">
      <result name="success" type="velocity">/main.vm</result>
      <param name="page">/dhis-web-maintenance-user/allUser.vm</param>
      <param name="menu">/dhis-web-maintenance-user/menu.vm</param>
      <param name="javascripts">javascript/user.js,javascript/filterTable.js</param>
      <param name="requiredAuthorities">F_USER_VIEW</param>
    </action>

    <action name="getUser" class="org.hisp.dhis.user.action.GetUserAction">
      <result name="success" type="velocity-json">/dhis-web-commons/ajax/jsonUser.vm</result>
      <param name="onExceptionReturn">plainTextError</param>
    </action>

    <action name="removeUser" class="org.hisp.dhis.user.action.RemoveUserAction">
      <result name="success" type="velocity-json">/dhis-web-commons/ajax/jsonResponseSuccess.vm</result>
      <result name="logout" type="redirect">/dhis-web-commons-security/logout.action</result>
      <result name="error" type="velocity-json">/dhis-web-commons/ajax/jsonResponseError.vm</result>
      <param name="requiredAuthorities">F_USER_DELETE</param>
      <param name="onExceptionReturn">plainTextError</param>
    </action>

    <action name="showAddUserForm" class="org.hisp.dhis.user.action.SetupTreeAction">
      <result name="success" type="velocity">/main.vm</result>
      <param name="page">/dhis-web-maintenance-user/addUserForm.vm</param>
      <param name="javascripts">../dhis-web-commons/oust/oust.js,../dhis-web-commons/ouwt/ouwt.js,javascript/user.js</param>
      **<param name="requiredAuthorities">F_USER_ADD</param>**
    </action>

    <action name="addUser" class="org.hisp.dhis.user.action.AddUserAction">
      <result name="success" type="redirect">user.action?currentPage=${keyCurrentPage}&amp;key=${keyCurrentKey}</result>
      <result name="error" type="velocity-json">/dhis-web-commons/ajax/jsonResponseError.vm</result>
      <param name="javascripts">javascript/user.js</param>
      <param name="requiredAuthorities">F_USER_ADD</param>
    </action>

Also follow these link.

http://bazaar.launchpad.net/~dhis2-devs-core/dhis2/2.19/view/head:/dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties

Alex

–

On Tue, Jun 9, 2015 at 9:19 PM, Elmarie Claasen elmarie@hisp.org wrote:

Hi all,

Can anyone provide me with a complete list of available userrole authorities which appears on the left side when you create a user role?

I don’t see any table with that information in dhis2.

Much appreciated - thanks

Regards,

Elmarie Claasen

Project Manager

Health Information Systems Program

Tel: 041-367 1027

Cell: 082 374 2209

E-mail: elmarie@hisp.org

Skype: elmarie.claasen52

This message and any attachments are subject to a disclaimer published at http://www.hisp.org/policies.html#comms_disclaimer . Please read the disclaimer before opening any attachment or taking any other action in terms of this electronic transmission.
If you cannot access the disclaimer, kindly send an email to disclaimer@hisp.org and a copy will be provided to you. By replying to this e-mail or opening any attachment you agree to be bound by the provisions of the disclaimer.

---

Mailing list: https://launchpad.net/~dhis2-users

Post to : dhis2-users@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-users

More help : https://help.launchpad.net/ListHelp

–
Alex Tumwesigye

Technical Advisor - DHIS2 (Consultant),
Ministry of Health/AFENET

Kampala

Uganda

IT Consultant - BarefootPower Uganda Ltd, SmartSolar, Kenya

IT Specialist (Servers, Networks and Security, Health Information Systems - DHIS2 ) & Solar Consultant

+256 774149 775, + 256 759 800161

"I don’t want to be anything other than what I have been - one tree hill "

Alex Tumwesigye

Technical Advisor - DHIS2 (Consultant),
Ministry of Health/AFENET

Kampala

Uganda

IT Consultant - BarefootPower Uganda Ltd, SmartSolar, Kenya

IT Specialist (Servers, Networks and Security, Health Information Systems - DHIS2 ) & Solar Consultant

+256 774149 775, + 256 759 800161

"I don’t want to be anything other than what I have been - one tree hill "

From: Alex Tumwesigye [mailto:atumwesigye@gmail.com]
Sent: 09 June 2015 09:58 PM
To: Elmarie Claasen
Cc: DHIS 2 developers; dhis2-users@lists.launchpad.net
Subject: Re: [Dhis2-users] List of permission in DHIS2

Dapo,

You are right!!! the userrole table is referenced by that table.

Alex

On Tue, Jun 9, 2015 at 10:51 PM, Alex Tumwesigye atumwesigye@gmail.com wrote:

Dear Elmarie,

They are hard coded using spring security.

see an extract from the code.

<action name="alluser" class="org.hisp.dhis.user.action.GetUserListAction">

      <result name="success" type="velocity">/main.vm</result>

      <param name="page">/dhis-web-maintenance-user/allUser.vm</param>

      <param name="menu">/dhis-web-maintenance-user/menu.vm</param>

      <param name="javascripts">javascript/user.js,javascript/filterTable.js</param>

      <param name="requiredAuthorities">F_USER_VIEW</param>

    </action>

    <action name="getUser" class="org.hisp.dhis.user.action.GetUserAction">

      <result name="success" type="velocity-json">/dhis-web-commons/ajax/jsonUser.vm</result>

      <param name="onExceptionReturn">plainTextError</param>

    </action>

    <action name="removeUser" class="org.hisp.dhis.user.action.RemoveUserAction">

      <result name="success" type="velocity-json">/dhis-web-commons/ajax/jsonResponseSuccess.vm</result>

      <result name="logout" type="redirect">/dhis-web-commons-security/logout.action</result>

      <result name="error" type="velocity-json">/dhis-web-commons/ajax/jsonResponseError.vm</result>

      <param name="requiredAuthorities">F_USER_DELETE</param>

      <param name="onExceptionReturn">plainTextError</param>

    </action>

    <action name="showAddUserForm" class="org.hisp.dhis.user.action.SetupTreeAction">

      <result name="success" type="velocity">/main.vm</result>

      <param name="page">/dhis-web-maintenance-user/addUserForm.vm</param>

      <param name="javascripts">../dhis-web-commons/oust/oust.js,../dhis-web-commons/ouwt/ouwt.js,javascript/user.js</param>

      **<param name="requiredAuthorities">F_USER_ADD</param>**

    </action>

    <action name="addUser" class="org.hisp.dhis.user.action.AddUserAction">

      <result name="success" type="redirect">user.action?currentPage=${keyCurrentPage}**&amp;**key=${keyCurrentKey}</result>

      <result name="error" type="velocity-json">/dhis-web-commons/ajax/jsonResponseError.vm</result>

      <param name="javascripts">javascript/user.js</param>

      <param name="requiredAuthorities">F_USER_ADD</param>

    </action>

Also follow these link.

http://bazaar.launchpad.net/~dhis2-devs-core/dhis2/2.19/view/head:/dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties

Alex

On Tue, Jun 9, 2015 at 9:19 PM, Elmarie Claasen elmarie@hisp.org wrote:

Hi all,

Can anyone provide me with a complete list of available userrole authorities which appears on the left side when you create a user role?

I don’t see any table with that information in dhis2.

Much appreciated - thanks

Regards,

Elmarie Claasen

Project Manager

Health Information Systems Program

Tel: 041-367 1027

Cell: 082 374 2209

E-mail: elmarie@hisp.org

Skype: elmarie.claasen52

This message and any attachments are subject to a disclaimer published at http://www.hisp.org/policies.html#comms_disclaimer . Please read the disclaimer before opening any attachment or taking any other action in terms of this electronic transmission.
If you cannot access the disclaimer, kindly send an email to disclaimer@hisp.org and a copy will be provided to you. By replying to this e-mail or opening any attachment you agree to be bound by the provisions of the disclaimer.

---

Mailing list: https://launchpad.net/~dhis2-users
Post to : dhis2-users@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-users
More help : https://help.launchpad.net/ListHelp

–

Alex Tumwesigye

Technical Advisor - DHIS2 (Consultant),
Ministry of Health/AFENET

Kampala

Uganda

IT Consultant - BarefootPower Uganda Ltd, SmartSolar, Kenya

IT Specialist (Servers, Networks and Security, Health Information Systems - DHIS2 ) & Solar Consultant

+256 774149 775, + 256 759 800161

"I don’t want to be anything other than what I have been - one tree hill "

–

Alex Tumwesigye

Technical Advisor - DHIS2 (Consultant),
Ministry of Health/AFENET

Kampala

Uganda

IT Consultant - BarefootPower Uganda Ltd, SmartSolar, Kenya

IT Specialist (Servers, Networks and Security, Health Information Systems - DHIS2 ) & Solar Consultant

+256 774149 775, + 256 759 800161

"I don’t want to be anything other than what I have been - one tree hill "

Hi,

this is almost correct The userroleauthorities table is a link table between userrole and authorities. So it will contain all available authorities only if you assume that all possible authorities have been assigned to one or more user roles.

So a hack is to create a new user role in the system with all possible authorities and then do:

select distinct authority from userroleauthorities;

Abyot,

did you start on a document outlining the authorities?

regards,

Lars

On Wed, Jun 10, 2015 at 5:27 PM, Abyot Gizaw abyota@gmail.com wrote:

Yes, I have a very rough document. I was hoping for us to clean it first as there are lots of roles which are not in use currently.

Probably better to put it ‘as is’ somewhere - as appendix in the documentation?

On Wed, Jun 10, 2015 at 12:11 PM Lars Helge Øverland larshelge@gmail.com wrote:

---

Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

–

---

Thank you,

Abyot

---

Mailing list: https://launchpad.net/~dhis2-devs

Post to : dhis2-devs@lists.launchpad.net

Unsubscribe : https://launchpad.net/~dhis2-devs

More help : https://help.launchpad.net/ListHelp

–
Morten

Hi,

this is almost correct The userroleauthorities table is a link table between userrole and authorities. So it will contain all available authorities only if you assume that all possible authorities have been assigned to one or more user roles.

So a hack is to create a new user role in the system with all possible authorities and then do:

select distinct authority from userroleauthorities;

Abyot,

did you start on a document outlining the authorities?

regards,

Lars