Examples with Role de.tum.in.www1.artemis.security.Role used on opensource projects

Example 11 with Role

use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.

the class ResultResource method getResultForParticipationAndCheckAccess.

private Result getResultForParticipationAndCheckAccess(Long participationId, Long resultId, Role role) {
    Result result = resultRepository.findByIdElseThrow(resultId);
    Participation participation = result.getParticipation();
    if (!participation.getId().equals(participationId)) {
        throw new BadRequestAlertException("participationId of the path doesnt match the participationId of the participation corresponding to the result " + resultId + "!", "Participation", "400");
    }
    Course course = participation.getExercise().getCourseViaExerciseGroupOrCourseMember();
    authCheckService.checkHasAtLeastRoleInCourseElseThrow(role, course, null);
    return result;
}

Example 12 with Role

use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.

the class TextExerciseAnalyticsIntegrationTest method testGetAllEventsByCourseId.

/**
 * Tests the get events endpoint with admin role
 */
@Test
@WithMockUser(username = "admin", roles = "ADMIN")
public void testGetAllEventsByCourseId() {
    User user = new User();
    user.setLogin("admin");
    user.setGroups(Set.of(course.getTeachingAssistantGroupName()));
    userRepository.save(user);
    TextAssessmentEvent event = database.createSingleTextAssessmentEvent(course.getId(), user.getId(), exercise.getId(), studentParticipation.getId(), textSubmission.getId());
    ResponseEntity<Void> responseAddEvent = textAssessmentEventResource.addAssessmentEvent(event);
    assertThat(responseAddEvent.getStatusCode()).isEqualTo(HttpStatus.OK);
    ResponseEntity<List<TextAssessmentEvent>> responseFindEvents = textAssessmentEventResource.getEventsByCourseId(course.getId());
    assertThat(responseFindEvents.getStatusCode()).isEqualTo(HttpStatus.OK);
    assertThat(responseFindEvents.getBody()).isEqualTo(List.of(event));
}

Example 13 with Role

use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.

the class TextExerciseAnalyticsIntegrationTest method testGetNumberOfTutorsInvolvedInAssessingByExerciseAndCourseId.

/**
 * Tests the get events endpoint with admin role
 */
@Test
@WithMockUser(username = "instructor", roles = "INSTRUCTOR")
public void testGetNumberOfTutorsInvolvedInAssessingByExerciseAndCourseId() throws Exception {
    User user = new User();
    user.setLogin("instructor");
    user.setGroups(Set.of(course.getInstructorGroupName()));
    userRepository.save(user);
    TextAssessmentEvent event1 = database.createSingleTextAssessmentEvent(course.getId(), 0L, exercise.getId(), studentParticipation.getId(), textSubmission.getId());
    TextAssessmentEvent event2 = database.createSingleTextAssessmentEvent(course.getId(), 1L, exercise.getId(), studentParticipation.getId(), textSubmission.getId());
    // Add two events with two different tutor ids
    textAssessmentEventRepository.saveAll(List.of(event1, event2));
    int numberOfTutorsInvolved = request.get("/api/analytics/text-assessment/courses/" + course.getId() + "/text-exercises/" + exercise.getId() + "/tutors-involved", HttpStatus.OK, Integer.class);
    assertThat(numberOfTutorsInvolved).isNotNull().isEqualTo(2);
}

Example 14 with Role

use of de.tum.in.www1.artemis.security.Role in project ArTEMiS by ls1intum.

the class JiraAuthenticationProvider method buildAuthoritiesFromGroups.

/**
 * Builds the authorities list from the groups:
 * group contains configured instructor group name -> instructor role
 * otherwise                                       -> student role
 */
private Set<Authority> buildAuthoritiesFromGroups(List<String> groups) {
    Set<Authority> authorities = new HashSet<>();
    // Check if user is admin
    if (groups.contains(ADMIN_GROUP_NAME)) {
        Authority adminAuthority = new Authority();
        adminAuthority.setName(AuthoritiesConstants.ADMIN);
        authorities.add(adminAuthority);
    }
    List<String> instructorGroups = courseService.getAllInstructorGroupNames();
    // Check if user is an instructor in any course
    if (groups.stream().anyMatch(group -> instructorGroups.contains(group))) {
        Authority instructorAuthority = new Authority();
        instructorAuthority.setName(AuthoritiesConstants.INSTRUCTOR);
        authorities.add(instructorAuthority);
    }
    List<String> teachingAssistantGroups = courseService.getAllTeachingAssistantGroupNames();
    // Check if user is a tutor in any course
    if (groups.stream().anyMatch(group -> teachingAssistantGroups.contains(group))) {
        Authority taAuthority = new Authority();
        taAuthority.setName(AuthoritiesConstants.TEACHING_ASSISTANT);
        authorities.add(taAuthority);
    }
    Authority userAuthority = new Authority();
    userAuthority.setName(AuthoritiesConstants.USER);
    authorities.add(userAuthority);
    return authorities;
}

Example 15 with Role

use of de.tum.in.www1.artemis.security.Role in project ArTEMiS by ls1intum.

the class CourseService method registerUsersForCourseGroup.

/**
 * Add multiple users to the course so that they can access it
 * The passed list of UserDTOs must include the registration number (the other entries are currently ignored and can be left out)
 * Note: registration based on other user attributes (e.g. email, name, login) is currently NOT supported
 * <p>
 * This method first tries to find the user in the internal Artemis user database (because the user is most probably already using Artemis).
 * In case the user cannot be found, we additionally search the (TUM) LDAP in case it is configured properly.
 *
 * @param courseId      the id of the course
 * @param studentDTOs   the list of students (with at least registration number)
 * @param courseGroup   the group the students should be added to
 * @return the list of students who could not be registered for the course, because they could NOT be found in the Artemis database and could NOT be found in the TUM LDAP
 */
public List<StudentDTO> registerUsersForCourseGroup(Long courseId, List<StudentDTO> studentDTOs, String courseGroup) {
    var course = courseRepository.findByIdElseThrow(courseId);
    String courseGroupName = course.defineCourseGroupName(courseGroup);
    Role courseGroupRole = Role.fromString(courseGroup);
    List<StudentDTO> notFoundStudentsDTOs = new ArrayList<>();
    for (var studentDto : studentDTOs) {
        var registrationNumber = studentDto.getRegistrationNumber();
        var login = studentDto.getLogin();
        Optional<User> optionalStudent = userService.findUserAndAddToCourse(registrationNumber, courseGroupName, courseGroupRole, login);
        if (optionalStudent.isEmpty()) {
            notFoundStudentsDTOs.add(studentDto);
        }
    }
    return notFoundStudentsDTOs;
}