From c64ba233cbd5aaabcd3ec559cdac07ab0aabe8e7 Mon Sep 17 00:00:00 2001 From: Mark Goodrich Date: Thu, 25 Apr 2024 11:35:34 -0400 Subject: [PATCH] =?UTF-8?q?Revert=20"O3-3002:=20Queue=20Module=20-=20REST?= =?UTF-8?q?=20endpoints=20can=20be=20accessed=20without=20authen=E2=80=A6"?= =?UTF-8?q?=20(#72)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit a6f91d071c06d221b211e9cf0d934e0a0c67fe69. --- .../module/queue/api/QueueEntryService.java | 18 +- .../module/queue/api/QueueRoomService.java | 52 +---- .../module/queue/api/QueueService.java | 10 - .../queue/api/RoomProviderMapService.java | 50 ----- .../queue/utils/PrivilegeConstants.java | 48 ----- api/src/main/resources/liquibase.xml | 198 ------------------ 6 files changed, 3 insertions(+), 373 deletions(-) delete mode 100644 api/src/main/java/org/openmrs/module/queue/utils/PrivilegeConstants.java diff --git a/api/src/main/java/org/openmrs/module/queue/api/QueueEntryService.java b/api/src/main/java/org/openmrs/module/queue/api/QueueEntryService.java index 09b52a95..4ae58aa3 100644 --- a/api/src/main/java/org/openmrs/module/queue/api/QueueEntryService.java +++ b/api/src/main/java/org/openmrs/module/queue/api/QueueEntryService.java @@ -17,14 +17,12 @@ import org.openmrs.Location; import org.openmrs.Visit; import org.openmrs.VisitAttributeType; -import org.openmrs.annotation.Authorized; import org.openmrs.api.APIException; import org.openmrs.module.queue.api.search.QueueEntrySearchCriteria; import org.openmrs.module.queue.api.sort.SortWeightGenerator; import org.openmrs.module.queue.model.Queue; import org.openmrs.module.queue.model.QueueEntry; import org.openmrs.module.queue.model.QueueEntryTransition; -import org.openmrs.module.queue.utils.PrivilegeConstants; public interface QueueEntryService { @@ -34,7 +32,6 @@ public interface QueueEntryService { * @param uuid uuid of the queue entry to be returned. * @return {@link org.openmrs.module.queue.model.QueueEntry} */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ENTRIES }) Optional getQueueEntryByUuid(@NotNull String uuid); /** @@ -43,7 +40,6 @@ public interface QueueEntryService { * @param id queueEntryId - the id of the queue entry to retrieve. * @return {@link org.openmrs.module.queue.model.QueueEntry} */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ENTRIES }) Optional getQueueEntryById(@NotNull Integer id); /** @@ -52,30 +48,27 @@ public interface QueueEntryService { * @param queueEntry the queue entry to be saved * @return saved {@link org.openmrs.module.queue.model.QueueEntry} */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ENTRIES }) QueueEntry saveQueueEntry(@NotNull QueueEntry queueEntry); /** * Transitions a queue entry by ending one queue entry and creating a new queue entry that starts at * that time - * + * * @param queueEntryTransition the queueEntryTransition * @return the new QueueEntry that is created */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ENTRIES }) QueueEntry transitionQueueEntry(@NotNull QueueEntryTransition queueEntryTransition); /** * Undos a transition to the input queue entry by voiding it and making its previous queue entry * active by setting the previous entry's end time to null. - * + * * @see QueueEntryService#getPreviousQueueEntry(QueueEntry) * @param queueEntry the queue entry to undo transition to. Must be active * @return the previous queue entry, re-activated * @throws IllegalArgumentException if the previous queue entry does not exist * @throws IllegalStateException if multiple previous entries are identified */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ENTRIES }) QueueEntry undoTransition(@NotNull QueueEntry queueEntry); /** @@ -84,7 +77,6 @@ public interface QueueEntryService { * @param queueEntry the queue entry to be voided * @param voidReason the reason for voiding the queue entry */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ENTRIES }) void voidQueueEntry(@NotNull QueueEntry queueEntry, String voidReason); /** @@ -93,20 +85,17 @@ public interface QueueEntryService { * @param queueEntry queue entry to be deleted * @throws org.openmrs.api.APIException */ - @Authorized({ PrivilegeConstants.PURGE_QUEUE_ENTRIES }) void purgeQueueEntry(@NotNull QueueEntry queueEntry) throws APIException; /** * @return {@link List} of queue entries that match the given %{@link QueueEntrySearchCriteria} */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ENTRIES }) List getQueueEntries(@NotNull QueueEntrySearchCriteria searchCriteria); /** * @return {@link Long} count of queue entries that match the given * %{@link QueueEntrySearchCriteria} */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ENTRIES }) Long getCountOfQueueEntries(@NotNull QueueEntrySearchCriteria searchCriteria); /** @@ -114,14 +103,12 @@ public interface QueueEntryService { * @param queue * @return VisitQueueNumber - used to identify patients in the queue instead of using patient name */ - @Authorized({ org.openmrs.util.PrivilegeConstants.ADD_VISITS, org.openmrs.util.PrivilegeConstants.EDIT_VISITS }) String generateVisitQueueNumber(@NotNull Location location, @NotNull Queue queue, @NotNull Visit visit, @NotNull VisitAttributeType visitAttributeType); /** * Closes all active queue entries */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ENTRIES }) void closeActiveQueueEntries(); /** @@ -148,6 +135,5 @@ String generateVisitQueueNumber(@NotNull Location location, @NotNull Queue queue * @return the previous queue entry, null otherwise. * @throws IllegalStateException if multiple previous queue entries are identified */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ENTRIES }) QueueEntry getPreviousQueueEntry(@NotNull QueueEntry queueEntry); } diff --git a/api/src/main/java/org/openmrs/module/queue/api/QueueRoomService.java b/api/src/main/java/org/openmrs/module/queue/api/QueueRoomService.java index 765ffe48..753463fb 100644 --- a/api/src/main/java/org/openmrs/module/queue/api/QueueRoomService.java +++ b/api/src/main/java/org/openmrs/module/queue/api/QueueRoomService.java @@ -14,73 +14,23 @@ import java.util.List; import java.util.Optional; -import org.openmrs.annotation.Authorized; import org.openmrs.api.APIException; import org.openmrs.module.queue.api.search.QueueRoomSearchCriteria; import org.openmrs.module.queue.model.QueueRoom; -import org.openmrs.module.queue.utils.PrivilegeConstants; public interface QueueRoomService { - /** - * Gets a queue room given a uuid. - * - * @param uuid the uuid of the queue room to be returned. - * @return {@link org.openmrs.module.queue.model.QueueRoom} - */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ROOMS }) Optional getQueueRoomByUuid(@NotNull String uuid); - /** - * Gets a queue room by id. - * - * @param id the id of the queue room to retrieve. - * @return {@link org.openmrs.module.queue.model.QueueRoom} - */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ROOMS }) Optional getQueueRoomById(@NotNull int id); - /** - * Gets a List of all Queue Rooms. - * - * @return {@link List} of all queue rooms - */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ROOMS }) List getAllQueueRooms(); - /** - * Saves a queue room - * - * @param queueRoom the queue room to be saved - * @return saved {@link org.openmrs.module.queue.model.QueueRoom} - */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ROOMS }) QueueRoom saveQueueRoom(@NotNull QueueRoom queueRoom); - /** - * Gets a List of all Queue Rooms that match the given QueueRoomSearchCriteria. - * - * @return {@link List} of queue rooms that match the given - * {@link org.openmrs.module.queue.api.search.QueueRoomSearchCriteria} - */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ROOMS }) List getQueueRooms(QueueRoomSearchCriteria searchCriteria); - /** - * Retires a queue room. - * - * @param queueRoom the queue room to retire - * @param retireReason the reason for retiring the queue room - */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ROOMS }) - void retireQueueRoom(@NotNull QueueRoom queueRoom, String retireReason); + void retireQueueRoom(@NotNull QueueRoom queueRoom, String voidReason); - /** - * Completely remove a queue room from the database - * - * @param queueRoom queue room to be deleted - * @throws org.openmrs.api.APIException - */ - @Authorized({ PrivilegeConstants.PURGE_QUEUE_ROOMS }) void purgeQueueRoom(@NotNull QueueRoom queueRoom) throws APIException; } diff --git a/api/src/main/java/org/openmrs/module/queue/api/QueueService.java b/api/src/main/java/org/openmrs/module/queue/api/QueueService.java index 1b53d5f3..b4c9580f 100644 --- a/api/src/main/java/org/openmrs/module/queue/api/QueueService.java +++ b/api/src/main/java/org/openmrs/module/queue/api/QueueService.java @@ -14,11 +14,9 @@ import java.util.List; import java.util.Optional; -import org.openmrs.annotation.Authorized; import org.openmrs.api.APIException; import org.openmrs.module.queue.api.search.QueueSearchCriteria; import org.openmrs.module.queue.model.Queue; -import org.openmrs.module.queue.utils.PrivilegeConstants; /** * This interface defines methods for Queue objects @@ -31,7 +29,6 @@ public interface QueueService { * @param uuid uuid of the queue to be returned. * @return {@link org.openmrs.module.queue.model.Queue} */ - @Authorized({ PrivilegeConstants.GET_QUEUES }) Optional getQueueByUuid(@NotNull String uuid); /** @@ -40,7 +37,6 @@ public interface QueueService { * @param id queueId - the id of the queue to retrieve. * @return {@link org.openmrs.module.queue.model.Queue} */ - @Authorized({ PrivilegeConstants.GET_QUEUES }) Optional getQueueById(@NotNull Integer id); /** @@ -49,7 +45,6 @@ public interface QueueService { * @param queue the queue to be saved * @return saved {@link org.openmrs.module.queue.model.Queue} */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUES }) Queue createQueue(@NotNull Queue queue); /** @@ -58,19 +53,16 @@ public interface QueueService { * @param queue the queue to be saved * @return saved {@link org.openmrs.module.queue.model.Queue} */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUES }) Queue saveQueue(@NotNull Queue queue); /** * @return all queues */ - @Authorized({ PrivilegeConstants.GET_QUEUES }) List getAllQueues(); /** * @return {@link List} of queues that match the given %{@link QueueSearchCriteria} */ - @Authorized({ PrivilegeConstants.GET_QUEUES }) List getQueues(@NotNull QueueSearchCriteria searchCriteria); /** @@ -79,7 +71,6 @@ public interface QueueService { * @param queue the queue to retire * @param retireReason the reason for voiding the queue */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUES }) void retireQueue(@NotNull Queue queue, String retireReason); /** @@ -88,6 +79,5 @@ public interface QueueService { * @param queue queue to be deleted * @throws APIException Should delete the given queue from the database */ - @Authorized({ PrivilegeConstants.PURGE_QUEUES }) void purgeQueue(@NotNull Queue queue) throws APIException; } diff --git a/api/src/main/java/org/openmrs/module/queue/api/RoomProviderMapService.java b/api/src/main/java/org/openmrs/module/queue/api/RoomProviderMapService.java index f216f820..7e30a50b 100644 --- a/api/src/main/java/org/openmrs/module/queue/api/RoomProviderMapService.java +++ b/api/src/main/java/org/openmrs/module/queue/api/RoomProviderMapService.java @@ -14,74 +14,24 @@ import java.util.List; import java.util.Optional; -import org.openmrs.annotation.Authorized; import org.openmrs.api.APIException; import org.openmrs.module.queue.api.search.RoomProviderMapSearchCriteria; import org.openmrs.module.queue.model.RoomProviderMap; -import org.openmrs.module.queue.utils.PrivilegeConstants; public interface RoomProviderMapService { - /** - * Gets a room provider map given a uuid. - * - * @param uuid the uuid of the room provider map to be returned. - * @return {@link org.openmrs.module.queue.model.RoomProviderMap} - */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ROOMS }) Optional getRoomProviderMapByUuid(@NotNull String uuid); - /** - * Gets a room provider map by id. - * - * @param id the id of the room provider map to retrieve. - * @return {@link org.openmrs.module.queue.model.RoomProviderMap} - */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ROOMS }) Optional getRoomProviderMapById(@NotNull int id); - /** - * Saves a room provider map - * - * @param roomProviderMap the room provider map to be saved - * @return saved {@link org.openmrs.module.queue.model.RoomProviderMap} - */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ROOMS }) RoomProviderMap saveRoomProviderMap(@NotNull RoomProviderMap roomProviderMap); - /** - * Gets a List of all Room Provider Maps. - * - * @return {@link List} of all room provider maps - */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ROOMS }) List getAllRoomProviderMaps(); - /** - * Gets a List of all Room Provider Maps that match the given RoomProviderMapSearchCriteria. - * - * @return {@link List} of room provider maps that match the given - * {@link org.openmrs.module.queue.api.search.RoomProviderMapSearchCriteria} - */ - @Authorized({ PrivilegeConstants.GET_QUEUE_ROOMS }) List getRoomProviderMaps(RoomProviderMapSearchCriteria searchCriteria); - /** - * Voids a room provider map - * - * @param roomProviderMap the room provider map to void - * @param voidReason the reason for voiding the room provider map - */ - @Authorized({ PrivilegeConstants.MANAGE_QUEUE_ROOMS }) void voidRoomProviderMap(@NotNull RoomProviderMap roomProviderMap, String voidReason); - /** - * Completely remove a room provider map from the database - * - * @param roomProviderMap room provider map to be deleted - * @throws org.openmrs.api.APIException - */ - @Authorized({ PrivilegeConstants.PURGE_QUEUE_ROOMS }) void purgeRoomProviderMap(@NotNull RoomProviderMap roomProviderMap) throws APIException; } diff --git a/api/src/main/java/org/openmrs/module/queue/utils/PrivilegeConstants.java b/api/src/main/java/org/openmrs/module/queue/utils/PrivilegeConstants.java deleted file mode 100644 index 95de425b..00000000 --- a/api/src/main/java/org/openmrs/module/queue/utils/PrivilegeConstants.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * This Source Code Form is subject to the terms of the Mozilla Public License, - * v. 2.0. If a copy of the MPL was not distributed with this file, You can - * obtain one at http://mozilla.org/MPL/2.0/. OpenMRS is also distributed under - * the terms of the Healthcare Disclaimer located at http://openmrs.org/license. - * - * Copyright (C) OpenMRS Inc. OpenMRS is a registered trademark and the OpenMRS - * graphic logo is a trademark of OpenMRS Inc. - */ -package org.openmrs.module.queue.utils; - -import org.openmrs.annotation.AddOnStartup; -import org.openmrs.annotation.HasAddOnStartupPrivileges; - -/** - * Contains all privilege names and their descriptions. Some privilege names may be marked with - * AddOnStartup annotation. - * - * @see org.openmrs.annotation.AddOnStartup - * @since 2.4.0 - */ -@HasAddOnStartupPrivileges -public class PrivilegeConstants { - - @AddOnStartup(description = "Able to get/view queues") - public static final String GET_QUEUES = "Get Queues"; - - @AddOnStartup(description = "Able to get/view queue entries") - public static final String GET_QUEUE_ENTRIES = "Get Queue Entries"; - - @AddOnStartup(description = "Able to get/view queue rooms") - public static final String GET_QUEUE_ROOMS = "Get Queue Rooms"; - - @AddOnStartup(description = "Able to add/edit/retire queues") - public static final String MANAGE_QUEUES = "Manage Queues"; - - @AddOnStartup(description = "Able to add/edit/retire queue entries") - public static final String MANAGE_QUEUE_ENTRIES = "Manage Queue Entries"; - - @AddOnStartup(description = "Able to add/edit/retire queue rooms") - public static final String MANAGE_QUEUE_ROOMS = "Manage Queue Rooms"; - - public static final String PURGE_QUEUES = "Purge Queues"; - - public static final String PURGE_QUEUE_ENTRIES = "Purge Queue Entries"; - - public static final String PURGE_QUEUE_ROOMS = "Purge Queue Rooms"; -} diff --git a/api/src/main/resources/liquibase.xml b/api/src/main/resources/liquibase.xml index 6e52efe9..27e2e7cb 100644 --- a/api/src/main/resources/liquibase.xml +++ b/api/src/main/resources/liquibase.xml @@ -460,202 +460,4 @@ - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Get Visits'; - - - - Add "Get Queue Entries" privilege to the roles having "Get Visits" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Get Queue Entries' from role_privilege rp - WHERE rp.privilege = 'Get Visits' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Get Queue Entries' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Add Visits'; - - - - Add "Manage Queue Entries" privilege to the roles having "Add Visits" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Manage Queue Entries' from role_privilege rp - WHERE rp.privilege = 'Add Visits' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Manage Queue Entries' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Edit Visits'; - - - - Add "Manage Queue Entries" privilege to the roles having "Edit Visits" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Manage Queue Entries' from role_privilege rp - WHERE rp.privilege = 'Edit Visits' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Manage Queue Entries' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Delete Visits'; - - - - Add "Purge Queue Entries" privilege to the roles having "Delete Visits" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Purge Queue Entries' from role_privilege rp - WHERE rp.privilege = 'Delete Visits' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Purge Queue Entries' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Get Visits'; - - - - Add "Get Queue Rooms" privilege to the roles having "Get Visits" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Get Queue Rooms' from role_privilege rp - WHERE rp.privilege = 'Get Visits' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Get Queue Rooms' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Add Visits'; - - - - Add "Manage Queue Rooms" privilege to the roles having "Add Visits" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Manage Queue Rooms' from role_privilege rp - WHERE rp.privilege = 'Add Visits' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Manage Queue Rooms' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Edit Visits'; - - - - Add "Manage Queue Rooms" privilege to the roles having "Edit Visits" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Manage Queue Rooms' from role_privilege rp - WHERE rp.privilege = 'Edit Visits' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Manage Queue Rooms' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Delete Visits'; - - - - Add "Purge Queue Rooms" privilege to the roles having "Delete Visits" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Purge Queue Rooms' from role_privilege rp - WHERE rp.privilege = 'Delete Visits' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Purge Queue Rooms' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Get Visit Types'; - - - - Add "Get Queues" privilege to the roles having "Get Visit Types" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Get Queues' from role_privilege rp - WHERE rp.privilege = 'Get Visit Types' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Get Queues' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Manage Visit Types'; - - - - Add "Manage Queues" privilege to the roles having "Manage Visit Types" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Manage Queues' from role_privilege rp - WHERE rp.privilege = 'Manage Visit Types' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Manage Queues' - AND rp2.role=rp.role); - - - - - - - - SELECT count(*) FROM role_privilege WHERE privilege='Manage Visit Types'; - - - - Add "Purge Queues" privilege to the roles having "Manage Visit Types" - - INSERT INTO role_privilege (role, privilege) - SELECT role, 'Purge Queues' from role_privilege rp - WHERE rp.privilege = 'Manage Visit Types' - AND NOT EXISTS (SELECT role, privilege FROM role_privilege rp2 WHERE rp2.privilege='Purge Queues' - AND rp2.role=rp.role); - - -