Examples with Role de.tum.in.www1.artemis.security.Role used on opensource projects

Example 21 with Role

use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.

the class GitLabUserManagementService method addUserToGroups.

/**
 * Adds the Gitlab user to the groups. It will be given a different access level
 * based on the group type (instructors are given the MAINTAINER level and teaching
 * assistants REPORTED).
 *
 * @param gitlabUserId the user id of the Gitlab user
 * @param groups the new groups
 */
private void addUserToGroups(Long gitlabUserId, Set<String> groups) {
    if (groups == null || groups.isEmpty()) {
        return;
    }
    List<ProgrammingExercise> exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
    log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
    // TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
    for (var exercise : exercises) {
        Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
        Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(groups, course);
        accessLevel.ifPresent(level -> addUserToGroup(exercise.getProjectKey(), gitlabUserId, level));
    }
}

Example 22 with Role

use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.

the class GitLabUserManagementService method updateCoursePermissions.

@Override
public void updateCoursePermissions(Course updatedCourse, String oldInstructorGroup, String oldEditorGroup, String oldTeachingAssistantGroup) {
    if (oldInstructorGroup.equals(updatedCourse.getInstructorGroupName()) && oldEditorGroup.equals(updatedCourse.getEditorGroupName()) && oldTeachingAssistantGroup.equals(updatedCourse.getTeachingAssistantGroupName())) {
        // Do nothing if the group names didn't change
        return;
    }
    final List<ProgrammingExercise> programmingExercises = programmingExerciseRepository.findAllProgrammingExercisesInCourseOrInExamsOfCourse(updatedCourse);
    log.info("Update Gitlab permissions for programming exercises: " + programmingExercises.stream().map(ProgrammingExercise::getProjectKey).toList());
    // TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
    final List<User> allUsers = userRepository.findAllInGroupWithAuthorities(oldInstructorGroup);
    allUsers.addAll(userRepository.findAllInGroupWithAuthorities(oldEditorGroup));
    allUsers.addAll(userRepository.findAllInGroupWithAuthorities(oldTeachingAssistantGroup));
    allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getInstructorGroupName(), allUsers));
    allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getEditorGroupName(), allUsers));
    allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getTeachingAssistantGroupName(), allUsers));
    final Set<User> oldUsers = new HashSet<>();
    final Set<User> newUsers = new HashSet<>();
    for (User user : allUsers) {
        Set<String> userGroups = user.getGroups();
        if (userGroups.contains(oldTeachingAssistantGroup) || userGroups.contains(oldEditorGroup) || userGroups.contains(oldInstructorGroup)) {
            oldUsers.add(user);
        } else {
            newUsers.add(user);
        }
    }
    updateOldGroupMembers(programmingExercises, oldUsers, updatedCourse);
    setPermissionsForNewGroupMembers(programmingExercises, newUsers, updatedCourse);
}

Example 23 with Role

use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.

the class JenkinsUserManagementService method addUserToGroups.

/**
 * Adds the Artemis user to a group in Jenkins. Jenkins does not support
 * groups so this function fetches all programming exercises belonging to
 * the groups and assigns the user permissions to them.
 *
 * @param userLogin The user login to add to the group
 * @param groups    The groups to add the user to
 */
@Override
public void addUserToGroups(String userLogin, Set<String> groups) throws ContinuousIntegrationException {
    var exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
    log.info("Update Jenkins permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
    // TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
    exercises.forEach(exercise -> {
        // The exercise's project key is also the name of the Jenkins job that groups all build plans
        // for students, solution, and template.
        var jobName = exercise.getProjectKey();
        var course = exercise.getCourseViaExerciseGroupOrCourseMember();
        if (groups.contains(course.getInstructorGroupName())) {
            try {
                // We are assigning instructor permissions since the exercise's course instructor group is the same as the one that is specified.
                jenkinsJobPermissionsService.addPermissionsForUserToFolder(userLogin, jobName, JenkinsJobPermission.getInstructorPermissions());
            } catch (IOException e) {
                throw new JenkinsException("Cannot assign instructor permissions to user: " + userLogin, e);
            }
        } else if (groups.contains(course.getEditorGroupName())) {
            try {
                // We are assigning editor permissions since the exercise's course editor group is the same as the one that is specified.
                jenkinsJobPermissionsService.addPermissionsForUserToFolder(userLogin, jobName, JenkinsJobPermission.getEditorPermissions());
            } catch (IOException e) {
                throw new JenkinsException("Cannot assign editor permissions to user: " + userLogin, e);
            }
        } else if (groups.contains(course.getTeachingAssistantGroupName())) {
            try {
                // We are assigning teaching assistant permissions since the exercise's course teaching assistant group is the same as the one that is specified.
                jenkinsJobPermissionsService.addTeachingAssistantPermissionsToUserForFolder(userLogin, jobName);
            } catch (IOException e) {
                throw new JenkinsException("Cannot assign teaching assistant permissions to user: " + userLogin, e);
            }
        }
    });
}

Example 24 with Role

use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.

the class ProgrammingExerciseExportImportResource method exportSolutionRepository.

/**
 * GET /programming-exercises/:exerciseId/export-solution-repository : sends a solution repository as a zip file without .git directory.
 * @param exerciseId The id of the programming exercise
 * @return ResponseEntity with status
 * @throws IOException if something during the zip process went wrong
 */
@GetMapping(EXPORT_SOLUTION_REPOSITORY)
@PreAuthorize("hasRole('USER')")
@FeatureToggle(Feature.ProgrammingExercises)
public ResponseEntity<Resource> exportSolutionRepository(@PathVariable long exerciseId) throws IOException {
    var programmingExercise = programmingExerciseRepository.findByIdElseThrow(exerciseId);
    Role atLeastRole = programmingExercise.isExampleSolutionPublished() ? Role.STUDENT : Role.TEACHING_ASSISTANT;
    authCheckService.checkHasAtLeastRoleForExerciseElseThrow(atLeastRole, programmingExercise, null);
    long start = System.nanoTime();
    Optional<File> zipFile = programmingExerciseExportService.exportSolutionRepositoryForExercise(programmingExercise.getId(), new ArrayList<>());
    return returnZipFileForRepositoryExport(zipFile, RepositoryType.SOLUTION.getName(), programmingExercise, start);
}

Example 25 with Role

use of de.tum.in.www1.artemis.security.Role in project ArTEMiS by ls1intum.

the class GitLabUserManagementService method addUserToGroups.

/**
 * Adds the Gitlab user to the groups. It will be given a different access level
 * based on the group type (instructors are given the MAINTAINER level and teaching
 * assistants REPORTED).
 *
 * @param gitlabUserId the user id of the Gitlab user
 * @param groups the new groups
 */
private void addUserToGroups(int gitlabUserId, Set<String> groups) {
    if (groups == null || groups.isEmpty()) {
        return;
    }
    List<ProgrammingExercise> exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
    log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
    // TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
    for (var exercise : exercises) {
        Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
        Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(groups, course);
        accessLevel.ifPresent(level -> addUserToGroup(exercise.getProjectKey(), gitlabUserId, level));
    }
}