use of de.tum.in.www1.artemis.security.Role in project ArTEMiS by ls1intum.
the class GitLabUserManagementService method updateCoursePermissions.
@Override
public void updateCoursePermissions(Course updatedCourse, String oldInstructorGroup, String oldEditorGroup, String oldTeachingAssistantGroup) {
if (oldInstructorGroup.equals(updatedCourse.getInstructorGroupName()) && oldEditorGroup.equals(updatedCourse.getEditorGroupName()) && oldTeachingAssistantGroup.equals(updatedCourse.getTeachingAssistantGroupName())) {
// Do nothing if the group names didn't change
return;
}
final List<ProgrammingExercise> programmingExercises = programmingExerciseRepository.findAllProgrammingExercisesInCourseOrInExamsOfCourse(updatedCourse);
log.info("Update Gitlab permissions for programming exercises: " + programmingExercises.stream().map(ProgrammingExercise::getProjectKey).toList());
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
final List<User> allUsers = userRepository.findAllInGroupWithAuthorities(oldInstructorGroup);
allUsers.addAll(userRepository.findAllInGroupWithAuthorities(oldEditorGroup));
allUsers.addAll(userRepository.findAllInGroupWithAuthorities(oldTeachingAssistantGroup));
allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getInstructorGroupName(), allUsers));
allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getEditorGroupName(), allUsers));
allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getTeachingAssistantGroupName(), allUsers));
final Set<User> oldUsers = new HashSet<>();
final Set<User> newUsers = new HashSet<>();
for (User user : allUsers) {
Set<String> userGroups = user.getGroups();
if (userGroups.contains(oldTeachingAssistantGroup) || userGroups.contains(oldEditorGroup) || userGroups.contains(oldInstructorGroup)) {
oldUsers.add(user);
} else {
newUsers.add(user);
}
}
updateOldGroupMembers(programmingExercises, oldUsers, updatedCourse);
setPermissionsForNewGroupMembers(programmingExercises, newUsers, updatedCourse);
}
use of de.tum.in.www1.artemis.security.Role in project ArTEMiS by ls1intum.
the class GitLabUserManagementService method removeOrUpdateUserFromGroups.
/**
* Removes or updates the user to or from the groups.
*
* @param gitlabUserId the Gitlab user id
* @param userGroups groups that the user belongs to
* @param groupsToRemove groups where the user should be removed from
*/
private void removeOrUpdateUserFromGroups(Long gitlabUserId, Set<String> userGroups, Set<String> groupsToRemove) throws GitLabApiException {
if (groupsToRemove == null || groupsToRemove.isEmpty()) {
return;
}
// Gitlab groups are identified by the project key of the programming exercise
var exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groupsToRemove);
log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
for (var exercise : exercises) {
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(userGroups, course);
// Do not remove the user from the group and only update its access level
var shouldUpdateGroupAccess = accessLevel.isPresent();
if (shouldUpdateGroupAccess) {
gitlabApi.getGroupApi().updateMember(exercise.getProjectKey(), gitlabUserId, accessLevel.get());
} else {
removeUserFromGroup(gitlabUserId, exercise.getProjectKey());
}
}
}
use of de.tum.in.www1.artemis.security.Role in project ArTEMiS by ls1intum.
the class TextExerciseAnalyticsIntegrationTest method testGetNumberOfTutorsInvolvedInAssessingByExerciseAndCourseId.
/**
* Tests the get events endpoint with admin role
*/
@Test
@WithMockUser(username = "instructor", roles = "INSTRUCTOR")
public void testGetNumberOfTutorsInvolvedInAssessingByExerciseAndCourseId() throws Exception {
User user = new User();
user.setLogin("instructor");
user.setGroups(Set.of(course.getInstructorGroupName()));
userRepository.save(user);
TextAssessmentEvent event1 = database.createSingleTextAssessmentEvent(course.getId(), 0L, exercise.getId(), studentParticipation.getId(), textSubmission.getId());
TextAssessmentEvent event2 = database.createSingleTextAssessmentEvent(course.getId(), 1L, exercise.getId(), studentParticipation.getId(), textSubmission.getId());
// Add two events with two different tutor ids
textAssessmentEventRepository.saveAll(List.of(event1, event2));
int numberOfTutorsInvolved = request.get("/api/analytics/text-assessment/courses/" + course.getId() + "/text-exercises/" + exercise.getId() + "/tutors-involved", HttpStatus.OK, Integer.class);
assertThat(numberOfTutorsInvolved).isNotNull().isEqualTo(2);
}
use of de.tum.in.www1.artemis.security.Role in project ArTEMiS by ls1intum.
the class TextExerciseAnalyticsIntegrationTest method testGetAllEventsByCourseId.
/**
* Tests the get events endpoint with admin role
*/
@Test
@WithMockUser(username = "admin", roles = "ADMIN")
public void testGetAllEventsByCourseId() {
User user = new User();
user.setLogin("admin");
user.setGroups(Set.of(course.getTeachingAssistantGroupName()));
userRepository.save(user);
TextAssessmentEvent event = database.createSingleTextAssessmentEvent(course.getId(), user.getId(), exercise.getId(), studentParticipation.getId(), textSubmission.getId());
ResponseEntity<Void> responseAddEvent = textAssessmentEventResource.addAssessmentEvent(event);
assertThat(responseAddEvent.getStatusCode()).isEqualTo(HttpStatus.OK);
ResponseEntity<List<TextAssessmentEvent>> responseFindEvents = textAssessmentEventResource.getEventsByCourseId(course.getId());
assertThat(responseFindEvents.getStatusCode()).isEqualTo(HttpStatus.OK);
assertThat(responseFindEvents.getBody()).isEqualTo(List.of(event));
}
use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.
the class GitLabUserManagementService method removeOrUpdateUserFromGroups.
/**
* Removes or updates the user to or from the groups.
*
* @param gitlabUserId the Gitlab user id
* @param userGroups groups that the user belongs to
* @param groupsToRemove groups where the user should be removed from
*/
private void removeOrUpdateUserFromGroups(Long gitlabUserId, Set<String> userGroups, Set<String> groupsToRemove) throws GitLabApiException {
if (groupsToRemove == null || groupsToRemove.isEmpty()) {
return;
}
// Gitlab groups are identified by the project key of the programming exercise
var exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groupsToRemove);
log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
for (var exercise : exercises) {
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(userGroups, course);
// Do not remove the user from the group and only update its access level
var shouldUpdateGroupAccess = accessLevel.isPresent();
if (shouldUpdateGroupAccess) {
gitlabApi.getGroupApi().updateMember(exercise.getProjectKey(), gitlabUserId, accessLevel.get());
} else {
removeUserFromGroup(gitlabUserId, exercise.getProjectKey());
}
}
}
Aggregations