use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.
the class GitLabUserManagementService method addUserToGroups.
/**
* Adds the Gitlab user to the groups. It will be given a different access level
* based on the group type (instructors are given the MAINTAINER level and teaching
* assistants REPORTED).
*
* @param gitlabUserId the user id of the Gitlab user
* @param groups the new groups
*/
private void addUserToGroups(Long gitlabUserId, Set<String> groups) {
if (groups == null || groups.isEmpty()) {
return;
}
List<ProgrammingExercise> exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
for (var exercise : exercises) {
Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(groups, course);
accessLevel.ifPresent(level -> addUserToGroup(exercise.getProjectKey(), gitlabUserId, level));
}
}
use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.
the class GitLabUserManagementService method updateCoursePermissions.
@Override
public void updateCoursePermissions(Course updatedCourse, String oldInstructorGroup, String oldEditorGroup, String oldTeachingAssistantGroup) {
if (oldInstructorGroup.equals(updatedCourse.getInstructorGroupName()) && oldEditorGroup.equals(updatedCourse.getEditorGroupName()) && oldTeachingAssistantGroup.equals(updatedCourse.getTeachingAssistantGroupName())) {
// Do nothing if the group names didn't change
return;
}
final List<ProgrammingExercise> programmingExercises = programmingExerciseRepository.findAllProgrammingExercisesInCourseOrInExamsOfCourse(updatedCourse);
log.info("Update Gitlab permissions for programming exercises: " + programmingExercises.stream().map(ProgrammingExercise::getProjectKey).toList());
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
final List<User> allUsers = userRepository.findAllInGroupWithAuthorities(oldInstructorGroup);
allUsers.addAll(userRepository.findAllInGroupWithAuthorities(oldEditorGroup));
allUsers.addAll(userRepository.findAllInGroupWithAuthorities(oldTeachingAssistantGroup));
allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getInstructorGroupName(), allUsers));
allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getEditorGroupName(), allUsers));
allUsers.addAll(userRepository.findAllUserInGroupAndNotIn(updatedCourse.getTeachingAssistantGroupName(), allUsers));
final Set<User> oldUsers = new HashSet<>();
final Set<User> newUsers = new HashSet<>();
for (User user : allUsers) {
Set<String> userGroups = user.getGroups();
if (userGroups.contains(oldTeachingAssistantGroup) || userGroups.contains(oldEditorGroup) || userGroups.contains(oldInstructorGroup)) {
oldUsers.add(user);
} else {
newUsers.add(user);
}
}
updateOldGroupMembers(programmingExercises, oldUsers, updatedCourse);
setPermissionsForNewGroupMembers(programmingExercises, newUsers, updatedCourse);
}
use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.
the class JenkinsUserManagementService method addUserToGroups.
/**
* Adds the Artemis user to a group in Jenkins. Jenkins does not support
* groups so this function fetches all programming exercises belonging to
* the groups and assigns the user permissions to them.
*
* @param userLogin The user login to add to the group
* @param groups The groups to add the user to
*/
@Override
public void addUserToGroups(String userLogin, Set<String> groups) throws ContinuousIntegrationException {
var exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
log.info("Update Jenkins permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
exercises.forEach(exercise -> {
// The exercise's project key is also the name of the Jenkins job that groups all build plans
// for students, solution, and template.
var jobName = exercise.getProjectKey();
var course = exercise.getCourseViaExerciseGroupOrCourseMember();
if (groups.contains(course.getInstructorGroupName())) {
try {
// We are assigning instructor permissions since the exercise's course instructor group is the same as the one that is specified.
jenkinsJobPermissionsService.addPermissionsForUserToFolder(userLogin, jobName, JenkinsJobPermission.getInstructorPermissions());
} catch (IOException e) {
throw new JenkinsException("Cannot assign instructor permissions to user: " + userLogin, e);
}
} else if (groups.contains(course.getEditorGroupName())) {
try {
// We are assigning editor permissions since the exercise's course editor group is the same as the one that is specified.
jenkinsJobPermissionsService.addPermissionsForUserToFolder(userLogin, jobName, JenkinsJobPermission.getEditorPermissions());
} catch (IOException e) {
throw new JenkinsException("Cannot assign editor permissions to user: " + userLogin, e);
}
} else if (groups.contains(course.getTeachingAssistantGroupName())) {
try {
// We are assigning teaching assistant permissions since the exercise's course teaching assistant group is the same as the one that is specified.
jenkinsJobPermissionsService.addTeachingAssistantPermissionsToUserForFolder(userLogin, jobName);
} catch (IOException e) {
throw new JenkinsException("Cannot assign teaching assistant permissions to user: " + userLogin, e);
}
}
});
}
use of de.tum.in.www1.artemis.security.Role in project Artemis by ls1intum.
the class ProgrammingExerciseExportImportResource method exportSolutionRepository.
/**
* GET /programming-exercises/:exerciseId/export-solution-repository : sends a solution repository as a zip file without .git directory.
* @param exerciseId The id of the programming exercise
* @return ResponseEntity with status
* @throws IOException if something during the zip process went wrong
*/
@GetMapping(EXPORT_SOLUTION_REPOSITORY)
@PreAuthorize("hasRole('USER')")
@FeatureToggle(Feature.ProgrammingExercises)
public ResponseEntity<Resource> exportSolutionRepository(@PathVariable long exerciseId) throws IOException {
var programmingExercise = programmingExerciseRepository.findByIdElseThrow(exerciseId);
Role atLeastRole = programmingExercise.isExampleSolutionPublished() ? Role.STUDENT : Role.TEACHING_ASSISTANT;
authCheckService.checkHasAtLeastRoleForExerciseElseThrow(atLeastRole, programmingExercise, null);
long start = System.nanoTime();
Optional<File> zipFile = programmingExerciseExportService.exportSolutionRepositoryForExercise(programmingExercise.getId(), new ArrayList<>());
return returnZipFileForRepositoryExport(zipFile, RepositoryType.SOLUTION.getName(), programmingExercise, start);
}
use of de.tum.in.www1.artemis.security.Role in project ArTEMiS by ls1intum.
the class GitLabUserManagementService method addUserToGroups.
/**
* Adds the Gitlab user to the groups. It will be given a different access level
* based on the group type (instructors are given the MAINTAINER level and teaching
* assistants REPORTED).
*
* @param gitlabUserId the user id of the Gitlab user
* @param groups the new groups
*/
private void addUserToGroups(int gitlabUserId, Set<String> groups) {
if (groups == null || groups.isEmpty()) {
return;
}
List<ProgrammingExercise> exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
for (var exercise : exercises) {
Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(groups, course);
accessLevel.ifPresent(level -> addUserToGroup(exercise.getProjectKey(), gitlabUserId, level));
}
}
Aggregations