/** * @see org.openmrs.api.UserService#hasDuplicateUsername(org.openmrs.User) */ @Override @Transactional(readOnly = true) public boolean hasDuplicateUsername(User user) throws APIException { return dao.hasDuplicateUsername(user.getUsername(), user.getSystemId(), user.getUserId()); }
private void updatePassword(User user, String newPassword) { OpenmrsUtil.validatePassword(user.getUsername(), newPassword, user.getSystemId()); dao.changePassword(user, newPassword); }
/** * @see org.openmrs.api.handler.SaveHandler#handle(org.openmrs.OpenmrsObject, org.openmrs.User, * java.util.Date, java.lang.String) */ @Override public void handle(User user, User creator, Date dateCreated, String other) { // if the user doesn't have a system id, generate one if (StringUtils.isEmpty(user.getSystemId())) { user.setSystemId(Context.getUserService().generateSystemId()); } // the framework only automatically recurses on properties that are Collection<OpenmrsObject> // so we need to do this manually if (user.getPerson() != null) { loadLazyHibernateCollections(user); RequiredDataAdvice.recursivelyHandle(SaveHandler.class, user.getPerson(), creator, dateCreated, other, new ArrayList<>()); } }
/** * @see org.openmrs.api.UserService#createUser(org.openmrs.User, java.lang.String) */ @Override public User createUser(User user, String password) throws APIException { if (user.getUserId() != null) { throw new APIException("This method can be used for only creating new users"); } Context.requirePrivilege(PrivilegeConstants.ADD_USERS); checkPrivileges(user); // if a password wasn't supplied, throw an error if (password == null || password.length() < 1) { throw new APIException("User.creating.password.required", (Object[]) null); } if (hasDuplicateUsername(user)) { throw new DAOException("Username " + user.getUsername() + " or system id " + user.getSystemId() + " is already in use."); } // TODO Check required fields for user!! OpenmrsUtil.validatePassword(user.getUsername(), password, user.getSystemId()); return dao.saveUser(user, password); }
/** * @see ContextDAO#authenticate(String,String) */ @Test public void authenticate_shouldAuthenticateGivenSystemIdAndPassword() { User u = dao.authenticate("1-8", "test"); Assert.assertEquals("Should be the 1-8 user", "1-8", u.getSystemId()); }
/** * Fixed bug #982 * * @see ContextDAO#authenticate(String,String) */ @Test public void authenticate_shouldAuthenticateGivenSystemIdWithoutHyphenAndPassword() { User u = dao.authenticate("18", "test"); Assert.assertEquals("Should be the 1-8 user", "1-8", u.getSystemId()); }
@Test public void createUser_shouldNotAllowDuplicatedSystemId() { User someUser = userService.getUserByUsername(SOME_USERNAME); User newUser = userWithValidPerson(); newUser.setSystemId(someUser.getSystemId()); expectedException.expect(DAOException.class); expectedException.expectMessage( String.format("Username %s or system id %s is already in use.", newUser.getUsername(), newUser.getSystemId())); userService.createUser(newUser, SOME_VALID_PASSWORD); }
/** * @see org.openmrs.api.UserService#saveUser(org.openmrs.User) */ @Override @CacheEvict(value = "userSearchLocales", allEntries = true) public User saveUser(User user) throws APIException { if (user.getUserId() == null) { throw new APIException("This method can be called only to update existing users"); } Context.requirePrivilege(PrivilegeConstants.EDIT_USERS); checkPrivileges(user); if (hasDuplicateUsername(user)) { throw new DAOException("Username " + user.getUsername() + " or system id " + user.getSystemId() + " is already in use."); } return dao.saveUser(user, null); }
String output = "<update tableName=\"users\"><column name=\"uuid\" value=\"" + user.getUuid() + "\"/><where> user_id = '" + user.getUserId() + "' and system_id = '" + user.getSystemId().replace("'", "\\'") + "'</where></update>"; System.out.println(output);
@Test public void createUser_shouldNotAllowSystemIdEqualsExistingUsername() { User someUser = userService.getUserByUsername(SOME_USERNAME); User newUser = userWithValidPerson(); newUser.setSystemId(someUser.getUsername()); expectedException.expect(DAOException.class); expectedException.expectMessage( String.format("Username %s or system id %s is already in use.", newUser.getUsername(), newUser.getSystemId())); userService.createUser(newUser, SOME_VALID_PASSWORD); }
@Test public void createUser_shouldNotAllowUsernameEqualsExistingSystemId() { User someUser = userService.getUserByUsername(SOME_USERNAME); User newUser = userWithValidPerson(); newUser.setUsername(someUser.getSystemId()); expectedException.expect(DAOException.class); expectedException.expectMessage( String.format("Username %s or system id %s is already in use.", newUser.getUsername(), Context.getUserService().generateSystemId())); userService.createUser(newUser, SOME_VALID_PASSWORD); }
@Test public void createUser_shouldNotAllowSystemIdEqualsUsernameWithLuhnCheckDigit() { User someUser = userService.getUserByUsername(SOME_USERNAME); User newUser = userWithValidPerson(); newUser.setUsername(someUser.getUsername()); newUser.setSystemId(decorateWithLuhnIdentifier(someUser.getUsername())); expectedException.expect(DAOException.class); expectedException.expectMessage( String.format("Username %s or system id %s is already in use.", newUser.getUsername(), newUser.getSystemId())); userService.createUser(newUser, SOME_VALID_PASSWORD); }
/** * @see EncounterService#voidEncounter(Encounter, String) */ @Test(expected = APIException.class) public void voidEncounter_shouldFailfIfUserIsNotSupposedToEditEncountersOfTypeOfGivenEncounter() { // get encounter that has type with edit privilege set Encounter encounter = getEncounterWithEditPrivilege(); User user = Context.getUserService().getUserByUsername("test_user"); assertNotNull(user); // left this user as is - i.e. without required privilege // and authenticate under it's account Context.becomeUser(user.getSystemId()); // have to add privilege in order to be able to call voidEncounter(Encounter,String) method Context.addProxyPrivilege(PrivilegeConstants.EDIT_ENCOUNTERS); Context.getEncounterService().voidEncounter(encounter, "test"); }
/** * @see Context#becomeUser(String) */ @Test public void becomeUser_shouldChangeLocaleWhenBecomeAnotherUser() { UserService userService = Context.getUserService(); User user = new User(new Person()); user.addName(new PersonName("givenName", "middleName", "familyName")); user.getPerson().setGender("M"); user.setUserProperty(OpenmrsConstants.USER_PROPERTY_DEFAULT_LOCALE, "pt_BR"); userService.createUser(user, "TestPass123"); Context.becomeUser(user.getSystemId()); Locale locale = Context.getLocale(); Assert.assertEquals("pt", locale.getLanguage()); Assert.assertEquals("BR", locale.getCountry()); Context.logout(); } }
/** * @see EncounterService#unvoidEncounter(Encounter) */ @Test(expected = APIException.class) public void unvoidEncounter_shouldFailfIfUserIsNotSupposedToEditEncountersOfTypeOfGivenEncounter() { // get encounter that has type with edit privilege set Encounter encounter = getEncounterWithEditPrivilege(); User user = Context.getUserService().getUserByUsername("test_user"); assertNotNull(user); // left this user as is - i.e. without required privilege // and authenticate under it's account Context.becomeUser(user.getSystemId()); // have to add privilege in order to be able to call unvoidEncounter(Encounter) method Context.addProxyPrivilege(PrivilegeConstants.EDIT_ENCOUNTERS); Context.getEncounterService().unvoidEncounter(encounter); }
/** * @see EncounterService#purgeEncounter(Encounter,Boolean) */ @Test(expected = APIException.class) public void purgeEncounterCascade_shouldFailfIfUserIsNotSupposedToEditEncountersOfTypeOfGivenEncounter() { // get encounter that has type with edit privilege set Encounter encounter = getEncounterWithEditPrivilege(); User user = Context.getUserService().getUserByUsername("test_user"); assertNotNull(user); // left this user as is - i.e. without required privilege // and authenticate under it's account Context.becomeUser(user.getSystemId()); // have to add privilege in order to be able to call purgeEncounter(Encounter,Boolean) method Context.addProxyPrivilege(PrivilegeConstants.PURGE_ENCOUNTERS); Context.getEncounterService().purgeEncounter(encounter, Boolean.TRUE); }
/** * @see EncounterService#saveEncounter(Encounter) */ @Test(expected = APIException.class) public void saveEncounter_shouldFailfIfUserIsNotSupposedToEditEncountersOfTypeOfGivenEncounter() { // get encounter that has type with edit privilege set Encounter encounter = getEncounterWithEditPrivilege(); User user = Context.getUserService().getUserByUsername("test_user"); assertNotNull(user); // left this user as is - i.e. without required privilege // and authenticate under it's account Context.becomeUser(user.getSystemId()); // have to add privilege in order to be able to call saveEncounter(Encounter) method Context.addProxyPrivilege(PrivilegeConstants.EDIT_ENCOUNTERS); Context.getEncounterService().saveEncounter(encounter); }
/** * @see EncounterService#purgeEncounter(Encounter) */ @Test(expected = APIException.class) public void purgeEncounter_shouldFailfIfUserIsNotSupposedToEditEncountersOfTypeOfGivenEncounter() { // get encounter that has type with edit privilege set Encounter encounter = getEncounterWithEditPrivilege(); User user = Context.getUserService().getUserByUsername("test_user"); assertNotNull(user); // left this user as is - i.e. without required privilege // and authenticate under it's account Context.becomeUser(user.getSystemId()); // have to add privilege in order to be able to call purgeEncounter(Encounter) method Context.addProxyPrivilege(PrivilegeConstants.PURGE_ENCOUNTERS); Context.getEncounterService().purgeEncounter(encounter); }
/** * @see EncounterService#getEncounter(Integer) */ @Test(expected = APIException.class) public void getEncounter_shouldFailIfUserIsNotAllowedToViewEncounterByGivenId() { // get encounter that has type with view privilege set Encounter encounter = getEncounterWithViewPrivilege(); User user = Context.getUserService().getUserByUsername("test_user"); assertNotNull(user); // left this user as is - i.e. without required privilege // and authenticate under it's account Context.becomeUser(user.getSystemId()); // have to add privilege in order to be able to call getEncounter(Integer) method Context.addProxyPrivilege(PrivilegeConstants.GET_ENCOUNTERS); assertNull(Context.getEncounterService().getEncounter(encounter.getId())); }
/** * @see EncounterService#getEncounter(Integer) */ @Test public void getEncounter_shouldReturnEncounterIfUserIsAllowedToViewIt() { // get encounter that has type with view privilege set Encounter encounter = getEncounterWithViewPrivilege(); User user = Context.getUserService().getUserByUsername("test_user"); assertNotNull(user); // add required privilege to role in which this user is Role role = Context.getUserService().getRole("Provider"); role.addPrivilege(encounter.getEncounterType().getViewPrivilege()); user.addRole(role); // and authenticate under it's account Context.becomeUser(user.getSystemId()); // have to add privilege in order to be able to call getEncounter(Integer) method Context.addProxyPrivilege(PrivilegeConstants.GET_ENCOUNTERS); assertNotNull(Context.getEncounterService().getEncounter(encounter.getId())); }