@Override @Transactional(readOnly = true) public HL7QueueItem getHl7QueueItemByUuid(String uuid) throws APIException { HL7QueueItem result = getHL7InQueueByUuid(uuid); if (result != null) { Context.hasPrivilege(PrivilegeConstants.GET_HL7_IN_QUEUE); return result; } result = getHL7InErrorByUuid(uuid); if (result != null) { Context.hasPrivilege(PrivilegeConstants.GET_HL7_IN_EXCEPTION); return result; } result = getHL7InArchiveByUuid(uuid); if (result != null) { Context.hasPrivilege(PrivilegeConstants.GET_HL7_IN_ARCHIVE); return result; } return null; }
&& !Context.hasPrivilege(PrivilegeConstants.ASSIGN_SYSTEM_DEVELOPER_ROLE)) { throw new APIException("User.you.must.have.role", new Object[] { RoleConstants.SUPERUSER }); if (!Context.hasPrivilege(p.getPrivilege())) { requiredPrivs.add(p.getPrivilege());
/** * Convenience method to check if the authenticated user has all privileges they are giving out * to the new role * * @param new user that has privileges */ private void checkPrivileges(Role role) { Collection<Privilege> privileges = role.getPrivileges(); if (privileges != null) { for (Privilege p : privileges) { if (!Context.hasPrivilege(p.getPrivilege())) { throw new APIAuthenticationException("Privilege required: " + p); } } } }
/** * Throws an exception if the currently authenticated user does not have the specified * privilege. * * @param privilege * @throws ContextAuthenticationException */ public static void requirePrivilege(String privilege) throws ContextAuthenticationException { if (!hasPrivilege(privilege)) { String errorMessage; if (StringUtils.isNotBlank(privilege)) { errorMessage = Context.getMessageSourceService().getMessage("error.privilegesRequired", new Object[] { privilege }, null); } else { //Should we even be here if the privilege is blank? errorMessage = Context.getMessageSourceService().getMessage("error.privilegesRequiredNoArgs"); } throw new ContextAuthenticationException(errorMessage); } }
log.debug("User has privilege {}? {}", privilege, Context.hasPrivilege(privilege)); if (Context.hasPrivilege(privilege)) { if (!requireAll) {
/** * @see UserService#changePassword(User, String, String) */ @Override @Authorized(PrivilegeConstants.EDIT_USER_PASSWORDS) @Logging(ignoredArgumentIndexes = { 1, 2 }) public void changePassword(User user, String oldPassword, String newPassword) throws APIException { if (user.getUserId() == null) { throw new APIException("user.must.exist", (Object[]) null); } if (oldPassword == null) { if (!Context.hasPrivilege(PrivilegeConstants.EDIT_USER_PASSWORDS)) { throw new APIException("null.old.password.privilege.required", (Object[]) null); } } else if (!dao.getLoginCredential(user).checkPassword(oldPassword)) { throw new APIException("old.password.not.correct", (Object[]) null); } updatePassword(user, newPassword); }
/** * @see org.openmrs.api.UserService#setUserProperty(User, String, String) */ @Override public User setUserProperty(User user, String key, String value) { if (user != null) { if (!Context.hasPrivilege(PrivilegeConstants.EDIT_USERS) && !user.equals(Context.getAuthenticatedUser())) { throw new APIException("you.are.not.authorized.change.properties", new Object[] { user.getUserId() }); } user.setUserProperty(key, value); try { Context.addProxyPrivilege(PrivilegeConstants.EDIT_USERS); Context.getUserService().saveUser(user); } finally { Context.removeProxyPrivilege(PrivilegeConstants.EDIT_USERS); } } return user; }
/** * @see org.openmrs.api.UserService#removeUserProperty(org.openmrs.User, java.lang.String) */ @Override public User removeUserProperty(User user, String key) { if (user != null) { // if the current user isn't allowed to edit users and // the user being edited is not the current user, throw an // exception if (!Context.hasPrivilege(PrivilegeConstants.EDIT_USERS) && !user.equals(Context.getAuthenticatedUser())) { throw new APIException("you.are.not.authorized.change.properties", new Object[] { user.getUserId() }); } user.removeUserProperty(key); try { Context.addProxyPrivilege(PrivilegeConstants.EDIT_USERS); Context.getUserService().saveUser(user); } finally { Context.removeProxyPrivilege(PrivilegeConstants.EDIT_USERS); } } return user; }
/** * @see org.openmrs.module.web.extension.AdministrationSectionExt#getLinks() */ @Override public Map<String, String> getLinks() { Map<String, String> map = new LinkedHashMap<String, String>(); if (Context.hasPrivilege(RestConstants.PRIV_MANAGE_RESTWS)) { map.put("module/webservices/rest/settings.form", RestConstants.MODULE_ID + ".manage.settings"); } if (Context.hasPrivilege(RestConstants.PRIV_VIEW_RESTWS) || Context.hasPrivilege(RestConstants.PRIV_MANAGE_RESTWS)) { map.put("module/webservices/rest/test.htm", RestConstants.MODULE_ID + ".test"); map.put("module/webservices/rest/apiDocs.htm", RestConstants.MODULE_ID + ".swaggerDocumentation"); } return map; }
public void checkPrivilege() throws APIAuthenticationException { if (!Context.hasPrivilege(PrivilegeConstants.MANAGE_MODULES)) { throw new APIAuthenticationException("Privilege required: " + PrivilegeConstants.MANAGE_MODULES); } } }