Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace direct usage of user roles [2] #2804

Closed
15 tasks done
Tracked by #898
MartinWahnschaffe opened this issue Sep 3, 2020 · 8 comments · Fixed by #8371 or #8511
Closed
15 tasks done
Tracked by #898

Replace direct usage of user roles [2] #2804

MartinWahnschaffe opened this issue Sep 3, 2020 · 8 comments · Fixed by #8371 or #8511
Assignees
@cazacmarin @ChristopherRiedel @roxanamlendea @adinaflorea9
Labels
backend Affects the web backend change A change of an existing feature (ticket type) refactoring Technical refactoring of an existing feature users
Milestone
Sprint 113 - 1.70.0

Comments

@MartinWahnschaffe
Copy link
Contributor

MartinWahnschaffe commented Sep 3, 2020
edited by ChristopherRiedel

Feature Description

We want to allow admins to configure user roles according to their needs #898.

Ideally do #2805 first.

Problem Description

Some user roles are still used directly, which makes it impossible to create or customize user roles. This needs to be replaced by user rights or other mechanics.

Proposed Change

  • Make UserRole deprecated
  • Remove AbstractAdoService.isAdmin, isSystem, hasUserRole (no longer used anyway)
  • UserService.getLabUsersOfLab: Use jurisdiction instead of user role. Same in SampleGrid and TraskGridComponent (search for usages of LAB_USER)
  • ADMIN: Introduce DEV_MODE user right and use it instead of ADMIN for DevModeView and assign to admin user
  • ADMIN: Use specific user rights for deletion of entities, e.g. in SampleController.getSampleEditComponent (search for usages of UserRole.ADMIN)
  • NATIONAL_* + REST_USER: ActionService.createUserFilter should check Jurisdiction instead.
  • DashboardMapComponent: Remove check for national user roles. Just check region and fallback to centerOfAllRegions.
  • Add CASE_RESPONSIBLE user right. Users with this right can be assigned as responsible user to a case and be automatically assigned to related tasks (CaseFacadeEjb.assignOfficerOrSupervisorToTask).
  • Add CONTACT_RESPONSIBLE user right. Users with this right can be assigned as responsible user to a contact and be automatically assigned to related tasks
  • Add EVENT_RESPONSIBLE user right. Users with this right can be assigned as responsible user to a contact and be automatically assigned to related tasks
  • Related "Responsible Office"r field strings should be renamed to "Responsible User"

For user role checks related to the weekly reports we have three parts that need to be changed:

  • Getting hospital and community informants (call to UserFacade.getUsersByAssociatedOfficer) needs to be replaced by retrieving users that have the right to WEEKLYREPORT_CREATE and have the associatedOfficer
  • Getting surveillance officers (UserService.getallByRegionandUserRolesInJurisdiction in WeeklyReportFacade.getSummariesPerOfficer) needs to be replaced by getting all district level users of that region that have the WEEKLYREPORT_CREATE user right
  • May already been touched: In UserEditForm:L168 the system gets surveillance officers as values for the associatedOfficer drop down. This should be replaced by users associated to the district that have the CASE_RESPONSIBLE or WEEKLYREPORT_CREATE user right. Also add a description for User.associatedOfficer to the description.properties "Superordiante district user responsible for case surveillance or weekly reporting".

Finally:

Additional Information

#8318 is handling the android app.
@MartinWahnschaffe MartinWahnschaffe added users change A change of an existing feature (ticket type) labels Sep 3, 2020
@MartinWahnschaffe MartinWahnschaffe mentioned this issue Sep 3, 2020
Open
45 tasks
@MartinWahnschaffe MartinWahnschaffe added this to Sprint 97 Application in Product Backlog (deprecated) Nov 11, 2020
@StefanKock StefanKock changed the title Replace direct usage of user roles Replace direct usage of user roles [2] Nov 18, 2020
@StefanKock StefanKock moved this from Sprint 97 Application to Sprint 98 Application in Product Backlog (deprecated) Nov 26, 2020
@StefanKock StefanKock moved this from Sprint 98 Application to Sprint 99 Application in Product Backlog (deprecated) Dec 17, 2020
@markusmann-vg markusmann-vg moved this from Sprint 99 Application to Sprint 98 Application in Product Backlog (deprecated) Jan 21, 2021
@markusmann-vg markusmann-vg moved this from Sprint 98 Application to Sprint 99 Application in Product Backlog (deprecated) Jan 21, 2021
@StefanKock StefanKock moved this from Sprint 99 Application to Sprint 100 Application in Product Backlog (deprecated) Jan 21, 2021
@MateStrysewske MateStrysewske added this to the Sprint 100 - 1.56.0 milestone Jan 29, 2021
@MateStrysewske MateStrysewske added the refactoring Technical refactoring of an existing feature label Jan 29, 2021
@StefanKock StefanKock removed this from the Sprint 100 - 1.57.0 milestone Feb 18, 2021
@markusmann-vg markusmann-vg moved this from Sprint 100 Application to Backlog Application in Product Backlog (deprecated) Mar 1, 2021
@MartinWahnschaffe MartinWahnschaffe mentioned this issue Mar 1, 2021
Closed
16 tasks
@MartinWahnschaffe MartinWahnschaffe mentioned this issue Apr 13, 2021
Closed
10 tasks
@DavidBaldsiefen DavidBaldsiefen removed this from Backlog Application in Product Backlog (deprecated) Apr 23, 2021
@markusmann-vg markusmann-vg added this to the Sprint 112 - 1.69.0 milestone Feb 4, 2022
@MartinWahnschaffe MartinWahnschaffe mentioned this issue Feb 11, 2022
Closed
@vidi42 vidi42 added this to Backlog in SORMAS Team 4 - TEC - Iteration Backlog via automation Feb 11, 2022
@cazacmarin cazacmarin self-assigned this Feb 15, 2022
@cazacmarin cazacmarin moved this from Backlog to In Progress in SORMAS Team 4 - TEC - Iteration Backlog Feb 15, 2022
@StefanKock StefanKock added the backend Affects the web backend label Feb 21, 2022
cazacmarin pushed a commit that referenced this issue Mar 6, 2022
#2804 - Replace direct usage of user roles [2]
c7e7d92
@cazacmarin cazacmarin moved this from In Progress to Review in SORMAS Team 4 - TEC - Iteration Backlog Mar 7, 2022
@vidi42 vidi42 mentioned this issue Mar 7, 2022
Closed
@cazacmarin cazacmarin moved this from Review to In Progress in SORMAS Team 4 - TEC - Iteration Backlog Mar 7, 2022
cazacmarin pushed a commit that referenced this issue Mar 8, 2022
#2804 - Replace direct usage of user roles [2] - undo properties capt…
35e6f17 
…ion modification
@MartinWahnschaffe
Copy link
Contributor Author

MartinWahnschaffe commented Mar 15, 2022
edited

  1. UserRole.hasAssociatedOfficer -> Leave as-is. We need to define a separate issue that will make this whole thing more intuitive.
  2. UserRole.hasOptionalHealthFacility -> @MateStrysewske Any idea why certain user roles (e.g. CASE_OFFICER) have an optional health facility? Is this to pre-select the health facility when creating a new case? I don't see any way of calculating this based on jurisdiction or user rights, so be probably need to leave it as-is.
  3. UserRole.isPortHealthUser -> Leave as-is.
  4. UserRole.isLabUser -> JursidictionLevel.LABORATORY

@MateStrysewske We will need to discuss this. I'll need your help here. It's not urgent, though.

I have also extend #4461 to keep these fields:

UserRole: Add hasOptionalHealthFacility, hasAssociatedOfficer and portHealthUser boolean fields. Those might be replaced with other mechanics in the future.

@ChristopherRiedel
Copy link
Contributor

  1. UserRole.isLabUser -> JursidictionLevel.LABORATORY

Will be replaced in #4461

@MartinWahnschaffe
Copy link
Contributor Author

We had to set the jurisdiction level of the REST_USER to national. So far the REST_USER was explicetly checked in the createUserFilter methods (e.g. CaseService). This had to be removed and by using the jursidiction level only, it's much more unified now. This may have side-effects that we have overseen, though.

ChristopherRiedel pushed a commit that referenced this issue Mar 15, 2022
@ChristopherRiedel
#2804: work in progress
319dced
ChristopherRiedel pushed a commit that referenced this issue Mar 15, 2022
@ChristopherRiedel
#2804: Replace direct usage of user roles
80d8208
@ChristopherRiedel ChristopherRiedel self-assigned this Mar 15, 2022
MartinWahnschaffe added a commit that referenced this issue Mar 16, 2022
@MartinWahnschaffe
#2804 reverted user rights that were added to user
2a70009 
removed java 11 dependency from pom
replaced FILTERED_GRID_BULK_ACTION UserRIght with PERFORM_BULK_OPERATIONS_PSEUDONYM
Used jurisdictions instead of user rights and roles in a lot of places
MartinWahnschaffe added a commit that referenced this issue Mar 17, 2022
@MartinWahnschaffe
#2804 include jurisdiction in random resposnible user determintation
a19cfdf 
Fixed null pointer
SORMAS Team 4 - TEC - Iteration Backlog automation moved this from Review to Testing Mar 17, 2022
MartinWahnschaffe added a commit that referenced this issue Mar 17, 2022
@MartinWahnschaffe
Merge pull request #8371 from hzi-braunschweig/change-2804-Replace_di…
287f64b 
…rect_usage_of_user_roles

#2804: Replace direct usage of user roles
@cazacmarin
Copy link
Contributor

Based on a lot of points which was not included on feature estimation, and on number of tasks which was increased + few days of pair programming with Christopher and a lot of Martin time involvements, this ticket has definitely an 8+ story points. And not 2 as it was originally estimated.

@roxanamlendea roxanamlendea self-assigned this Mar 23, 2022
@HolgerReiseVSys
Copy link
Contributor

HolgerReiseVSys commented Mar 23, 2022
edited

The JurisdictionLevel of REST_USER has been changed from NONE to NATION.
This means it cannot be combined with DISTRICT level roles any more.
Was this intended?
The SurvNet converter initial import depends on this combination to determine the district of the health department.

MartinWahnschaffe added a commit that referenced this issue Mar 23, 2022
@MartinWahnschaffe
#2804 fixed user roles join type def
4ea64ab
@MartinWahnschaffe MartinWahnschaffe mentioned this issue Mar 23, 2022
Merged
MateStrysewske added a commit that referenced this issue Mar 23, 2022
@MateStrysewske
Merge pull request #8506 from hzi-braunschweig/2804-fix-userroles-join
684ebd4 
#2804 fixed user roles join type def
@adinaflorea9 adinaflorea9 self-assigned this Mar 23, 2022
@MartinWahnschaffe
Copy link
Contributor Author

Changes related to REST_USER need to be reverted, otherwise SurvNet converter and maybe other external tools will not work anymore.

SORMAS Team 4 - TEC - Iteration Backlog automation moved this from Testing to In Progress Mar 23, 2022
MartinWahnschaffe added a commit that referenced this issue Mar 23, 2022
@MartinWahnschaffe
#2804 reverted REST_USER changes
d758fb3
MartinWahnschaffe added a commit that referenced this issue Mar 23, 2022
@MartinWahnschaffe
#2804 Fixed bug introduced by #2137 that could lead to NONE jursidict…
d5b4973 
…ion users seeing data without having direct access to it
@MartinWahnschaffe MartinWahnschaffe mentioned this issue Mar 23, 2022
Merged
SORMAS Team 4 - TEC - Iteration Backlog automation moved this from In Progress to Testing Mar 23, 2022
@kwa20 kwa20 mentioned this issue Apr 5, 2022
Closed
@MartinWahnschaffe MartinWahnschaffe mentioned this issue Apr 25, 2022
Closed
19 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cazacmarin cazacmarin

@ChristopherRiedel ChristopherRiedel

@roxanamlendea roxanamlendea

@adinaflorea9 adinaflorea9

Labels
backend Affects the web backend change A change of an existing feature (ticket type) refactoring Technical refactoring of an existing feature users
Projects
None yet
Milestone
Sprint 113 - 1.70.0
9 participants
@cazacmarin @MartinWahnschaffe @MateStrysewske @StefanKock @ChristopherRiedel @HolgerReiseVSys @markusmann-vg @roxanamlendea @adinaflorea9