SORMAS-Foundation#2890 - validate user can import campaign data only for it's jurisdiction

barnabartha · barnabartha · commit 1d9e11cd5acc · 2020-10-28T14:08:30.000+02:00
diff --git a/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Validations.java b/sormas-api/src/main/java/de/symeda/sormas/api/i18n/Validations.java
@@ -47,10 +47,13 @@ public interface Validations {
 	String importCommunityNotUnique = "importCommunityNotUnique";
 	String importDistrictAlreadyExists = "importDistrictAlreadyExists";
 	String importDistrictNotUnique = "importDistrictNotUnique";
+	String importEntryCommunityNotInJurisdiction = "importEntryCommunityNotInJurisdiction";
+	String importEntryDistrictNotInJurisdiction = "importEntryDistrictNotInJurisdiction";
 	String importEntryDoesNotExist = "importEntryDoesNotExist";
 	String importEntryDoesNotExistDbOrCommunity = "importEntryDoesNotExistDbOrCommunity";
 	String importEntryDoesNotExistDbOrDistrict = "importEntryDoesNotExistDbOrDistrict";
 	String importEntryDoesNotExistDbOrRegion = "importEntryDoesNotExistDbOrRegion";
+	String importEntryRegionNotInJurisdiction = "importEntryRegionNotInJurisdiction";
 	String importErrorInColumn = "importErrorInColumn";
 	String importFacilityAlreadyExists = "importFacilityAlreadyExists";
 	String importFacilityNotUniqueInCommunity = "importFacilityNotUniqueInCommunity";
diff --git a/sormas-api/src/main/resources/validations.properties b/sormas-api/src/main/resources/validations.properties
@@ -34,6 +34,9 @@ importEntryDoesNotExist = Invalid value %s in column %s; Entry does not exist in
 importEntryDoesNotExistDbOrCommunity = Invalid value %s in column %s; Entry does not exist in the database or in the specified community or is archived (Or maybe a wrong facility type was specified)
 importEntryDoesNotExistDbOrDistrict = Invalid value %s in column %s; Entry does not exist in the database or in the specified district or is archived (Or maybe a wrong facility type was specified)
 importEntryDoesNotExistDbOrRegion = Invalid value %s in column %s; Entry does not exist in the database or in the specified region or is archived
+importEntryRegionNotInJurisdiction = Invalid value %s in column %s; Specified region is not within you're user's jurisdiction
+importEntryDistrictNotInJurisdiction = Invalid value %s in column %s; Specified region is not within you're user's jurisdiction
+importEntryCommunityNotInJurisdiction = Invalid value %s in column %s; Specified region is not within you're user's jurisdiction
 importErrorInColumn = The import failed because of an error in column %s
 importFacilityNotUniqueInCommunity = Invalid value %s in column %s; Facility name is not unique in the chosen community, make sure there is only one facility with this name belonging to the chosen community in the database
 importFacilityNotUniqueInDistrict = Invalid value %s in column %s; Facility name is not unique in the chosen district, make sure there is only one facility with this name belonging to the chosen district in the database or specify a community
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/campaign/data/CampaignFormDataFacadeEjb.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/campaign/data/CampaignFormDataFacadeEjb.java
@@ -500,7 +500,8 @@ public long count(CampaignFormDataCriteria criteria) {
 		CriteriaQuery<Long> cq = cb.createQuery(Long.class);
 		Root<CampaignFormData> root = cq.from(CampaignFormData.class);
 
-		Predicate filter = campaignFormDataService.createCriteriaFilter(criteria, cb, root);
+		Predicate filter = AbstractAdoService
+				.and(cb, campaignFormDataService.createCriteriaFilter(criteria, cb, root), campaignFormDataService.createUserFilter(cb, cq, root));
 		if (filter != null) {
 			cq.where(filter);
 		}
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/campaign/importer/CampaignFormDataImporter.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/campaign/importer/CampaignFormDataImporter.java
@@ -7,7 +7,6 @@
 import java.lang.reflect.InvocationTargetException;
 import java.text.ParseException;
 import java.util.Arrays;
-import java.util.Iterator;
 import java.util.LinkedHashMap;
 import java.util.LinkedList;
 import java.util.List;
@@ -36,7 +35,12 @@
 import de.symeda.sormas.api.i18n.Validations;
 import de.symeda.sormas.api.region.CommunityReferenceDto;
 import de.symeda.sormas.api.region.DistrictReferenceDto;
+import de.symeda.sormas.api.region.RegionReferenceDto;
+import de.symeda.sormas.api.user.JurisdictionLevel;
+import de.symeda.sormas.api.user.UserDto;
+import de.symeda.sormas.api.user.UserFacade;
 import de.symeda.sormas.api.user.UserReferenceDto;
+import de.symeda.sormas.api.user.UserRole;
 import de.symeda.sormas.ui.importer.DataImporter;
 import de.symeda.sormas.ui.importer.ImportErrorException;
 import de.symeda.sormas.ui.importer.ImportLineResult;
@@ -49,6 +53,8 @@ public class CampaignFormDataImporter extends DataImporter {
 	private String campaignFormMetaUUID;
 	private CampaignReferenceDto campaignReferenceDto;
 
+	private UserFacade userFacade;
+
 	public CampaignFormDataImporter(
 		File inputFile,
 		boolean hasEntityClassRow,
@@ -58,6 +64,8 @@ public CampaignFormDataImporter(
 		super(inputFile, hasEntityClassRow, currentUser);
 		this.campaignFormMetaUUID = campaignUUID;
 		this.campaignReferenceDto = campaignFormDataDto;
+
+		this.userFacade = FacadeProvider.getUserFacade();
 	}
 
 	@Override
@@ -87,31 +95,32 @@ protected ImportLineResult importDataFromCsvLine(
 			CampaignFormMetaDto campaginMetaDto = FacadeProvider.getCampaignFormMetaFacade().getCampaignFormMetaByUuid(campaignFormMetaUUID);
 			campaignFormData.setCampaign(campaignReferenceDto);
 			campaignFormData.setCampaignFormMeta(new CampaignFormMetaReferenceDto(campaignFormMetaUUID, campaginMetaDto.getFormName()));
-			Map<String,String> invalidEntries =  validateFormValues(campaginMetaDto, campaignFormData);
+			Map<String, String> invalidEntries = validateFormValues(campaginMetaDto, campaignFormData);
 			if (!invalidEntries.isEmpty()) {
-				for(String e:invalidEntries.keySet()){
-					writeImportError(values, I18nProperties.getValidationError(Validations.importWrongDataTypeError,invalidEntries.get(e),e));
+				for (String e : invalidEntries.keySet()) {
+					writeImportError(values, I18nProperties.getValidationError(Validations.importWrongDataTypeError, invalidEntries.get(e), e));
 				}
 				return ImportLineResult.ERROR;
-				} else {
+			} else {
 				FacadeProvider.getCampaignFormDataFacade().saveCampaignFormData(campaignFormData);
 			}
 		} catch (ImportErrorException e) {
+			writeImportError(values, e.getMessage());
 			return ImportLineResult.ERROR;
 		}
 
 		return ImportLineResult.SUCCESS;
 	}
 
-	private Map<String,String> validateFormValues(CampaignFormMetaDto campaginMetaDto, CampaignFormDataDto campaignFormData) {
-		Map<String,String> wrongEntries = new LinkedHashMap<>();
+	private Map<String, String> validateFormValues(CampaignFormMetaDto campaginMetaDto, CampaignFormDataDto campaignFormData) {
+		Map<String, String> wrongEntries = new LinkedHashMap<>();
 		List<CampaignFormElement> formElements = campaginMetaDto.getCampaignFormElements();
 		Optional<CampaignFormElement> formElementOptional;
 		for (CampaignFormDataEntry formDataEntry : campaignFormData.getFormValues()) {
 			formElementOptional = formElements.stream().filter(formElement -> formElement.getId().equals(formDataEntry.getId())).findFirst();
 			if (formElementOptional.isPresent()) {
 				if (!isEntryValid(formElementOptional.get(), formDataEntry)) {
-					wrongEntries.put(formElementOptional.get().getId(),formDataEntry.getValue().toString());
+					wrongEntries.put(formElementOptional.get().getId(), formDataEntry.getValue().toString());
 
 				}
 			}
@@ -146,6 +155,8 @@ private CampaignFormDataDto insertColumnEntryIntoData(CampaignFormDataDto campai
 					propertyDescriptor = new PropertyDescriptor(entryHeaderPath[i], currentElement.getClass());
 					Class<?> propertyType = propertyDescriptor.getPropertyType();
 					if (!executeDefaultInvokings(propertyDescriptor, currentElement, entry[i], entryHeaderPath)) {
+						final UserDto currentUserDto = userFacade.getByUuid(currentUser.getUuid());
+						final JurisdictionLevel jurisdictionLevel = UserRole.getJurisdictionLevel(currentUserDto.getUserRoles());
 						/*
 						 * if (propertyType.isAssignableFrom(CampaignReferenceDto.class)) {
 						 * CampaignDto campaign = FacadeProvider.getCampaignFacade().getByUuid(entry[i]);
@@ -156,6 +167,13 @@ private CampaignFormDataDto insertColumnEntryIntoData(CampaignFormDataDto campai
 						 * } else
 						 */
 						if (propertyType.isAssignableFrom(DistrictReferenceDto.class)) {
+							if (jurisdictionLevel == JurisdictionLevel.DISTRICT && !currentUserDto.getDistrict().getCaption().equals(entry[i])) {
+								throw new ImportErrorException(
+									I18nProperties.getValidationError(
+										Validations.importEntryDistrictNotInJurisdiction,
+										entry,
+										buildEntityProperty(entryHeaderPath)));
+							}
 							List<DistrictReferenceDto> district =
 								FacadeProvider.getDistrictFacade().getByName(entry[i], currentElement.getRegion(), true);
 							if (district.isEmpty()) {
@@ -172,6 +190,13 @@ private CampaignFormDataDto insertColumnEntryIntoData(CampaignFormDataDto campai
 								propertyDescriptor.getWriteMethod().invoke(currentElement, district.get(0));
 							}
 						} else if (propertyType.isAssignableFrom(CommunityReferenceDto.class)) {
+							if (jurisdictionLevel == JurisdictionLevel.COMMUNITY && !currentUserDto.getCommunity().getCaption().equals(entry[i])) {
+								throw new ImportErrorException(
+									I18nProperties.getValidationError(
+										Validations.importEntryCommunityNotInJurisdiction,
+										entry,
+										buildEntityProperty(entryHeaderPath)));
+							}
 							List<CommunityReferenceDto> community =
 								FacadeProvider.getCommunityFacade().getByName(entry[i], currentElement.getDistrict(), true);
 							if (community.isEmpty()) {
@@ -213,4 +238,20 @@ private CampaignFormDataDto insertColumnEntryIntoData(CampaignFormDataDto campai
 		}
 		return currentElement;
 	}
+
+	@Override
+	protected boolean executeDefaultInvokings(PropertyDescriptor pd, Object element, String entry, String[] entryHeaderPath)
+		throws InvocationTargetException, IllegalAccessException, ParseException, ImportErrorException {
+		final boolean returnBoolean = super.executeDefaultInvokings(pd, element, entry, entryHeaderPath);
+		final Class<?> propertyType = pd.getPropertyType();
+		if (propertyType.isAssignableFrom(RegionReferenceDto.class)) {
+			final UserDto currentUserDto = userFacade.getByUuid(currentUser.getUuid());
+			final JurisdictionLevel jurisdictionLevel = UserRole.getJurisdictionLevel(currentUserDto.getUserRoles());
+			if (jurisdictionLevel == JurisdictionLevel.REGION && !currentUserDto.getRegion().getCaption().equals(entry)) {
+				throw new ImportErrorException(
+					I18nProperties.getValidationError(Validations.importEntryRegionNotInJurisdiction, entry, buildEntityProperty(entryHeaderPath)));
+			}
+		}
+		return returnBoolean;
+	}
 }

Original file line number	Diff line number	Diff line change
`@@ -500,7 +500,8 @@ public long count(CampaignFormDataCriteria criteria) {`
`500`	`500`	`CriteriaQuery<Long> cq = cb.createQuery(Long.class);`
`501`	`501`	`Root<CampaignFormData> root = cq.from(CampaignFormData.class);`
`502`	`502`
`503`		`- Predicate filter = campaignFormDataService.createCriteriaFilter(criteria, cb, root);`
	`503`	`+ Predicate filter = AbstractAdoService`
	`504`	`+ .and(cb, campaignFormDataService.createCriteriaFilter(criteria, cb, root), campaignFormDataService.createUserFilter(cb, cq, root));`
`504`	`505`	`if (filter != null) {`
`505`	`506`	`cq.where(filter);`
`506`	`507`	`}`