/**
   * Can the user read from this CategoryOptionGroupSet (COGS)?
   *
   * <p>If the COGS is null, then the user must have no dimension constraints. (In other words, the
   * user must be able to read across all category option groups.)
   *
   * <p>If the COGS is not null, then the user must be able to read at least one category option
   * group from the category option group set.
   *
   * @param cogs The category option group set to test
   * @return true if user can read at least one category option group.
   */
  private boolean canReadCOGS(User user, CategoryOptionGroupSet cogs) {
    if (cogs == null) {
      UserCredentials userCredentials = user.getUserCredentials();

      return CollectionUtils.isEmpty(userCredentials.getCogsDimensionConstraints())
          && CollectionUtils.isEmpty(userCredentials.getCatDimensionConstraints());
    }

    return !CollectionUtils.isEmpty(categoryService.getCategoryOptionGroups(cogs));
  }
Exemplo n.º 2
0
  @Override
  public Set<CategoryOptionGroup> getCogDimensionConstraints(UserCredentials userCredentials) {
    Set<CategoryOptionGroup> groups = null;

    Set<CategoryOptionGroupSet> cogsConstraints = userCredentials.getCogsDimensionConstraints();

    if (cogsConstraints != null && !cogsConstraints.isEmpty()) {
      groups = new HashSet<>();

      for (CategoryOptionGroupSet cogs : cogsConstraints) {
        groups.addAll(categoryService.getCategoryOptionGroups(cogs));
      }
    }

    return groups;
  }
  @Override
  public List<DataApprovalLevel> getUserDataApprovalLevels() {
    UserCredentials userCredentials = currentUserService.getCurrentUser().getUserCredentials();

    boolean mayApprove = userCredentials.isAuthorized(DataApproval.AUTH_APPROVE);
    boolean mayApproveAtLowerLevels =
        userCredentials.isAuthorized(DataApproval.AUTH_APPROVE_LOWER_LEVELS);
    boolean mayAcceptAtLowerLevels =
        userCredentials.isAuthorized(DataApproval.AUTH_ACCEPT_LOWER_LEVELS);

    if (!mayApprove && !mayApproveAtLowerLevels && !mayAcceptAtLowerLevels) {
      return new ArrayList<>();
    }

    int lowestNumberOrgUnitLevel = getCurrentUsersLowestNumberOrgUnitLevel();

    boolean canSeeAllDimensions =
        CollectionUtils.isEmpty(userService.getCoDimensionConstraints(userCredentials))
            && CollectionUtils.isEmpty(userService.getCogDimensionConstraints(userCredentials));

    List<DataApprovalLevel> approvalLevels = getAllDataApprovalLevels();
    List<DataApprovalLevel> userDataApprovalLevels = new ArrayList<>();

    boolean addLevel = false;

    for (DataApprovalLevel approvalLevel : approvalLevels) {
      if (!addLevel && approvalLevel.getOrgUnitLevel() >= lowestNumberOrgUnitLevel) {
        CategoryOptionGroupSet cogs = approvalLevel.getCategoryOptionGroupSet();

        addLevel =
            securityService.canRead(approvalLevel) && cogs == null
                ? canSeeAllDimensions
                : (securityService.canRead(cogs)
                    && !CollectionUtils.isEmpty(categoryService.getCategoryOptionGroups(cogs)));
      }

      if (addLevel) {
        userDataApprovalLevels.add(approvalLevel);
      }
    }

    return userDataApprovalLevels;
  }