dhis2 · teleivo · Jan 10, 2025
@@ -215,13 +215,9 @@ private static TrackedEntityAttribute getAttribute(
   public TrackedEntity getTrackedEntity(@Nonnull UID uid)
       throws NotFoundException, ForbiddenException {
     UserDetails currentUser = getCurrentUserDetails();
-    TrackedEntity trackedEntity =
-        mapTrackedEntity(
-            getTrackedEntity(uid, currentUser),
-            TrackedEntityParams.FALSE,
-            currentUser,
-            null,
-            false);
+    TrackedEntity trackedEntity = getTrackedEntity(uid, currentUser);
+    trackedEntity =
+        mapTrackedEntity(trackedEntity, TrackedEntityParams.FALSE, currentUser, null, false);
     mapTrackedEntityTypeAttributes(trackedEntity);
     return trackedEntity;
   }
@@ -233,67 +229,22 @@ public TrackedEntity getTrackedEntity(
       @Nonnull TrackedEntityParams params)
       throws NotFoundException, ForbiddenException {
     Program program = null;
-
     if (programIdentifier != null) {
       program = programService.getProgram(programIdentifier.getValue());
       if (program == null) {
         throw new NotFoundException(Program.class, programIdentifier);
       }
     }
 
-    TrackedEntity trackedEntity;
-    if (program != null) {
-      trackedEntity = getTrackedEntity(trackedEntityUid.getValue(), program, params);
-
-      if (params.isIncludeProgramOwners()) {
-        Set<TrackedEntityProgramOwner> filteredProgramOwners =
-            trackedEntity.getProgramOwners().stream()
-                .filter(te -> te.getProgram().getUid().equals(programIdentifier.getValue()))
-                .collect(Collectors.toSet());
-        trackedEntity.setProgramOwners(filteredProgramOwners);
-      }
-    } else {
-      UserDetails userDetails = getCurrentUserDetails();
-
-      trackedEntity =
-          mapTrackedEntity(
-              getTrackedEntity(trackedEntityUid, userDetails), params, userDetails, null, false);
-
-      mapTrackedEntityTypeAttributes(trackedEntity);
-    }
-    return trackedEntity;
-  }
-
-  /**
-   * Gets a tracked entity based on the program and org unit ownership
-   *
-   * @return the TE object if found and accessible by the current user
-   * @throws NotFoundException if uid does not exist
-   * @throws ForbiddenException if TE owner is not in user's scope or not enough sharing access
-   */
-  private TrackedEntity getTrackedEntity(String uid, Program program, TrackedEntityParams params)
-      throws NotFoundException, ForbiddenException {
-    TrackedEntity trackedEntity = trackedEntityStore.getByUid(uid);
-    trackedEntityAuditService.addTrackedEntityAudit(trackedEntity, getCurrentUsername(), READ);
-    if (trackedEntity == null) {
-      throw new NotFoundException(TrackedEntity.class, uid);
-    }
-
     UserDetails userDetails = getCurrentUserDetails();
-    List<String> errors =
-        trackerAccessManager.canReadProgramAndTrackedEntityType(
-            userDetails, trackedEntity, program);
-    if (!errors.isEmpty()) {
-      throw new ForbiddenException(errors.toString());
-    }
+    TrackedEntity trackedEntity = getTrackedEntity(trackedEntityUid, userDetails, program);
+    trackedEntity = mapTrackedEntity(trackedEntity, params, userDetails, program, false);
 
-    String error =
-        trackerAccessManager.canAccessProgramOwner(userDetails, trackedEntity, program, false);
-    if (error != null) {
-      throw new ForbiddenException(error);
+    if (program != null) {
+      mapTrackedEntityTypeAttributes(trackedEntity);
     }
 
-    return mapTrackedEntity(trackedEntity, params, userDetails, program, false);
+    return trackedEntity;
   }
 
   /**
@@ -306,14 +257,41 @@ private TrackedEntity getTrackedEntity(String uid, Program program, TrackedEntit
    */
   private TrackedEntity getTrackedEntity(UID uid, UserDetails userDetails)
       throws NotFoundException, ForbiddenException {
+    return getTrackedEntity(uid, userDetails, null);
+  }
+
+  /**
+   * Gets a tracked entity based on the program and org unit ownership
+   *
+   * @return the TE object if found and accessible by the current user
+   * @throws NotFoundException if uid does not exist
+   * @throws ForbiddenException if TE owner is not in user's scope or not enough sharing access
+   */
+  private TrackedEntity getTrackedEntity(UID uid, UserDetails userDetails, Program program)
+      throws NotFoundException, ForbiddenException {
     TrackedEntity trackedEntity = trackedEntityStore.getByUid(uid.getValue());
     trackedEntityAuditService.addTrackedEntityAudit(trackedEntity, getCurrentUsername(), READ);
     if (trackedEntity == null) {
       throw new NotFoundException(TrackedEntity.class, uid);
     }
 
-    if (!trackerAccessManager.canRead(userDetails, trackedEntity).isEmpty()) {
-      throw new ForbiddenException(TrackedEntity.class, uid);
+    if (program != null) {
+      List<String> errors =
+          trackerAccessManager.canReadProgramAndTrackedEntityType(
+              userDetails, trackedEntity, program);
+      if (!errors.isEmpty()) {
+        throw new ForbiddenException(errors.toString());
+      }
+
+      String error =
+          trackerAccessManager.canAccessProgramOwner(userDetails, trackedEntity, program, false);
+      if (error != null) {
+        throw new ForbiddenException(error);
+      }
+    } else {
+      if (!trackerAccessManager.canRead(userDetails, trackedEntity).isEmpty()) {
+        throw new ForbiddenException(TrackedEntity.class, uid);
+      }
     }
 
     return trackedEntity;
@@ -364,7 +342,7 @@ private TrackedEntity mapTrackedEntity(
       result.setEnrollments(getEnrollments(trackedEntity, user, includeDeleted, program));
     }
     if (params.isIncludeProgramOwners()) {
-      result.setProgramOwners(trackedEntity.getProgramOwners());
+      result.setProgramOwners(getTrackedEntityProgramOwners(trackedEntity, program));
     }
 
     result.setTrackedEntityAttributeValues(getTrackedEntityAttributeValues(trackedEntity, program));
@@ -408,6 +386,17 @@ private Set<Enrollment> getEnrollments(
         .collect(Collectors.toSet());
   }
 
+  private static Set<TrackedEntityProgramOwner> getTrackedEntityProgramOwners(
+      TrackedEntity trackedEntity, Program program) {
+    if (program == null) {
+      return trackedEntity.getProgramOwners();
+    }
+
+    return trackedEntity.getProgramOwners().stream()
+        .filter(te -> te.getProgram().getUid().equals(program.getUid()))
+        .collect(Collectors.toSet());
+  }
+
   private Set<TrackedEntityAttributeValue> getTrackedEntityAttributeValues(
       TrackedEntity trackedEntity, Program program) {
     Set<String> readableAttributes =
@@ -488,6 +477,7 @@ private RelationshipItem getTrackedEntityInRelationshipItem(
     return relationshipItem;
   }
 
+  @Nonnull
   @Override
   public List<TrackedEntity> getTrackedEntities(
       @Nonnull TrackedEntityOperationParams operationParams)