Search in sources :

Example 6 with EnvironmentUser

use of fi.otavanopisto.muikku.model.users.EnvironmentUser in project muikku by otavanopisto.

the class ForumPermissionResolver method hasPermission.

@Override
public boolean hasPermission(String permission, ContextReference contextReference, User user) {
    ForumArea forumArea = getForumArea(contextReference);
    Permission perm = permissionDAO.findByName(permission);
    UserEntity userEntity = getUserEntity(user);
    if (forumArea == null) {
        return false;
    }
    RoleEntity userRole;
    // TODO: typecasts
    if (forumArea instanceof WorkspaceForumArea) {
        WorkspaceForumArea workspaceForum = (WorkspaceForumArea) forumArea;
        WorkspaceEntity workspaceEntity = workspaceController.findWorkspaceEntityById(workspaceForum.getWorkspace());
        WorkspaceUserEntity workspaceUserEntity = workspaceUserEntityController.findActiveWorkspaceUserByWorkspaceEntityAndUserEntity(workspaceEntity, userEntity);
        if (workspaceUserEntity != null) {
            userRole = workspaceUserEntity.getWorkspaceUserRole();
            if (resourceUserRolePermissionDAO.hasResourcePermissionAccess(resourceRightsController.findResourceRightsById(forumArea.getRights()), userRole, perm) || hasEveryonePermission(permission, forumArea) || userEntity.getId().equals(forumArea.getOwner()))
                return true;
        }
    }
    EnvironmentUser environmentUser = environmentUserDAO.findByUserAndArchived(userEntity, Boolean.FALSE);
    userRole = environmentUser.getRole();
    boolean isOwner = userEntity != null ? userEntity.getId().equals(forumArea.getOwner()) : false;
    return resourceUserRolePermissionDAO.hasResourcePermissionAccess(resourceRightsController.findResourceRightsById(forumArea.getRights()), userRole, perm) || hasEveryonePermission(permission, forumArea) || isOwner;
}
Also used : RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity) WorkspaceForumArea(fi.otavanopisto.muikku.plugins.forum.model.WorkspaceForumArea) EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser) WorkspaceUserEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceUserEntity) WorkspaceEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceEntity) Permission(fi.otavanopisto.muikku.model.security.Permission) WorkspaceForumArea(fi.otavanopisto.muikku.plugins.forum.model.WorkspaceForumArea) ForumArea(fi.otavanopisto.muikku.plugins.forum.model.ForumArea) WorkspaceUserEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceUserEntity) UserEntity(fi.otavanopisto.muikku.model.users.UserEntity)

Example 7 with EnvironmentUser

use of fi.otavanopisto.muikku.model.users.EnvironmentUser in project muikku by otavanopisto.

the class TranscriptofRecordsRESTService method createHopsRESTModelForStudent.

private HopsRESTModel createHopsRESTModelForStudent(SchoolDataIdentifier userIdentifier) {
    User user = userController.findUserByIdentifier(userIdentifier);
    UserEntity userEntity = userEntityController.findUserEntityByUser(user);
    EnvironmentUser environmentUser = environmentUserController.findEnvironmentUserByUserEntity(userEntity);
    EnvironmentRoleEntity roleEntity = environmentUser.getRole();
    if (!EnvironmentRoleArchetype.STUDENT.equals(roleEntity.getArchetype())) {
        return null;
    }
    TranscriptofRecordsUserProperties userProperties = vopsController.loadUserProperties(user);
    return new HopsRESTModel(userProperties.asString("goalSecondarySchoolDegree"), userProperties.asString("goalMatriculationExam"), userProperties.asString("vocationalYears"), userProperties.asString("goalJustMatriculationExam"), userProperties.asString("justTransferCredits"), userProperties.asString("transferCreditYears"), userProperties.asString("completionYears"), userProperties.asString("mathSyllabus"), userProperties.asString("finnish"), userProperties.asBoolean("swedish"), userProperties.asBoolean("english"), userProperties.asBoolean("german"), userProperties.asBoolean("french"), userProperties.asBoolean("italian"), userProperties.asBoolean("spanish"), userProperties.asString("science"), userProperties.asString("religion"), userProperties.asString("additionalInfo"));
}
Also used : EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser) EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) User(fi.otavanopisto.muikku.schooldata.entity.User) EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser) UserEntity(fi.otavanopisto.muikku.model.users.UserEntity) TranscriptofRecordsUserProperties(fi.otavanopisto.muikku.plugins.transcriptofrecords.TranscriptofRecordsUserProperties)

Example 8 with EnvironmentUser

use of fi.otavanopisto.muikku.model.users.EnvironmentUser in project muikku by otavanopisto.

the class TranscriptofRecordsRESTService method updateHops.

@PUT
@Consumes("application/json")
@Path("/hops")
@RESTPermit(handling = Handling.INLINE)
public Response updateHops(HopsRESTModel model) {
    if (!sessionController.isLoggedIn()) {
        return Response.status(Status.FORBIDDEN).entity("Must be logged in").build();
    }
    SchoolDataIdentifier userIdentifier = sessionController.getLoggedUser();
    User user = userController.findUserByIdentifier(userIdentifier);
    UserEntity userEntity = sessionController.getLoggedUserEntity();
    EnvironmentUser environmentUser = environmentUserController.findEnvironmentUserByUserEntity(userEntity);
    EnvironmentRoleEntity roleEntity = environmentUser.getRole();
    if (!EnvironmentRoleArchetype.STUDENT.equals(roleEntity.getArchetype())) {
        return Response.status(Status.FORBIDDEN).entity("Must be a student").build();
    }
    vopsController.saveStringProperty(user, "goalSecondarySchoolDegree", model.getGoalSecondarySchoolDegree());
    vopsController.saveStringProperty(user, "goalMatriculationExam", model.getGoalMatriculationExam());
    vopsController.saveStringProperty(user, "vocationalYears", model.getVocationalYears());
    vopsController.saveStringProperty(user, "goalJustMatriculationExam", model.getGoalJustMatriculationExam());
    vopsController.saveStringProperty(user, "justTransferCredits", model.getJustTransferCredits());
    vopsController.saveStringProperty(user, "transferCreditYears", model.getTransferCreditYears());
    vopsController.saveStringProperty(user, "completionYears", model.getCompletionYears());
    vopsController.saveStringProperty(user, "mathSyllabus", model.getMathSyllabus());
    vopsController.saveStringProperty(user, "finnish", model.getFinnish());
    vopsController.saveBoolProperty(user, "swedish", model.isSwedish());
    vopsController.saveBoolProperty(user, "english", model.isEnglish());
    vopsController.saveBoolProperty(user, "german", model.isGerman());
    vopsController.saveBoolProperty(user, "french", model.isFrench());
    vopsController.saveBoolProperty(user, "italian", model.isItalian());
    vopsController.saveBoolProperty(user, "spanish", model.isSpanish());
    vopsController.saveStringProperty(user, "science", model.getScience());
    vopsController.saveStringProperty(user, "religion", model.getReligion());
    vopsController.saveStringProperty(user, "additionalInfo", model.getAdditionalInfo());
    return Response.ok().entity(model).build();
}
Also used : SchoolDataIdentifier(fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier) EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser) EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) User(fi.otavanopisto.muikku.schooldata.entity.User) EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser) UserEntity(fi.otavanopisto.muikku.model.users.UserEntity) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.security.rest.RESTPermit) Consumes(javax.ws.rs.Consumes) PUT(javax.ws.rs.PUT)

Example 9 with EnvironmentUser

use of fi.otavanopisto.muikku.model.users.EnvironmentUser in project muikku by otavanopisto.

the class UserEntityFileRESTService method getFileContent.

@GET
@Path("/user/{USERENTITYID}/identifier/{IDENTIFIER}")
@RESTPermit(handling = Handling.INLINE)
public Response getFileContent(@PathParam("USERENTITYID") Long userEntityId, @PathParam("IDENTIFIER") String identifier, @Context Request request) {
    // Check if the file exists
    UserEntity userEntity = userEntityController.findUserEntityById(userEntityId);
    if (userEntity == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    UserEntityFile userEntityFile = userEntityFileController.findByUserEntityAndIdentifier(userEntity, identifier);
    if (userEntityFile == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (userEntityFile.getVisibility() != UserEntityFileVisibility.PUBLIC) {
        UserEntity loggedUserEntity = sessionController.getLoggedUserEntity();
        if (loggedUserEntity == null) {
            return Response.status(Status.NOT_FOUND).build();
        } else if (!userEntityFile.getUserEntity().getId().equals(loggedUserEntity.getId())) {
            if (userEntityFile.getVisibility() == UserEntityFileVisibility.STAFF) {
                EnvironmentUser environmentUser = environmentUserController.findEnvironmentUserByUserEntity(loggedUserEntity);
                if (environmentUser == null || environmentUser.getRole() == null || environmentUser.getRole().getArchetype() == EnvironmentRoleArchetype.STUDENT) {
                    return Response.status(Status.NOT_FOUND).build();
                }
            } else {
                return Response.status(Status.NOT_FOUND).build();
            }
        }
    }
    // Serve the content
    String tagIdentifier = String.format("%d-%s-%d", userEntityFile.getUserEntity().getId(), userEntityFile.getIdentifier(), userEntityFile.getLastModified().getTime());
    EntityTag tag = new EntityTag(DigestUtils.md5Hex(String.valueOf(tagIdentifier)));
    ResponseBuilder builder = request.evaluatePreconditions(tag);
    if (builder != null) {
        return builder.build();
    }
    CacheControl cacheControl = new CacheControl();
    cacheControl.setMustRevalidate(true);
    byte[] data = userEntityFile.getData();
    return Response.ok(data).cacheControl(cacheControl).tag(tag).header("Content-Length", data.length).header("Content-Disposition", String.format("attachment; filename=\"%s\"", userEntityFile.getName())).type(userEntityFile.getContentType()).build();
}
Also used : EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser) EntityTag(javax.ws.rs.core.EntityTag) CacheControl(javax.ws.rs.core.CacheControl) ResponseBuilder(javax.ws.rs.core.Response.ResponseBuilder) UserEntity(fi.otavanopisto.muikku.model.users.UserEntity) UserEntityFile(fi.otavanopisto.muikku.model.users.UserEntityFile) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.security.rest.RESTPermit) GET(javax.ws.rs.GET)

Example 10 with EnvironmentUser

use of fi.otavanopisto.muikku.model.users.EnvironmentUser in project muikku by otavanopisto.

the class DefaultSchoolDataUserListener method onSchoolDataUserUpdatedEvent.

public void onSchoolDataUserUpdatedEvent(@Observes SchoolDataUserUpdatedEvent event) {
    Long userEntityId = event.getUserEntityId();
    SchoolDataIdentifier defaultIdentifier = event.getDefaultIdentifier();
    List<SchoolDataIdentifier> discoveredIdentifiers = event.getDiscoveredIdentifiers();
    List<SchoolDataIdentifier> updatedIdentifiers = event.getUpdatedIdentifiers();
    List<SchoolDataIdentifier> removedIdentifiers = event.getRemovedIdentifiers();
    Collection<String> allEmails = event.getAllEmails();
    if (allEmails.isEmpty()) {
        logger.warning("Updating user without email addresses");
    } else {
        // Attempt to find existing users by given emails
        Collection<UserEntity> emailUsers = userEntityController.listUserEntitiesByEmails(allEmails);
        if (emailUsers.isEmpty()) {
        // Could not find any users with given emails
        } else if (emailUsers.size() > 1) {
            logger.log(Level.SEVERE, String.format("Multiple users found with given emails (%s)", StringUtils.join(allEmails, ',')));
            return;
        } else {
            UserEntity emailUser = emailUsers.iterator().next();
            if (userEntityId != null) {
                if (!emailUser.getId().equals(userEntityId)) {
                    logger.log(Level.SEVERE, String.format("One or more of emails %s belong to another user", StringUtils.join(allEmails, ',')));
                    return;
                }
            } else {
                userEntityId = emailUser.getId();
                logger.log(Level.INFO, String.format("Found userEntity (%d) by email, merging user to existing account", userEntityId));
            }
        }
    }
    UserEntity userEntity = null;
    // If it's not an user delete event we need to create / update user into the system
    if (!discoveredIdentifiers.isEmpty() || !updatedIdentifiers.isEmpty()) {
        // UserEntityId has not been defined in the event and could not be found by email, so we create new user
        if (userEntityId == null) {
            userEntity = userEntityController.createUserEntity(defaultIdentifier.getDataSource(), defaultIdentifier.getIdentifier());
        } else {
            // Otherwise we use the existing one
            userEntity = userEntityController.findUserEntityById(userEntityId);
            if (userEntity == null) {
                logger.log(Level.WARNING, "Could not find specified userEntityId %d, aborting synchronization", userEntityId);
                return;
            }
            if (defaultIdentifier != null) {
                if (!StringUtils.equals(userEntity.getDefaultIdentifier(), defaultIdentifier.getIdentifier()) || !StringUtils.equals(userEntity.getDefaultSchoolDataSource().getIdentifier(), defaultIdentifier.getDataSource())) {
                    logger.log(Level.FINE, String.format("Updating default identifier for user #%d into %s", userEntity.getId(), defaultIdentifier));
                    userEntityController.updateDefaultSchoolDataSource(userEntity, defaultIdentifier.getDataSource());
                    userEntityController.updateDefaultIdentifier(userEntity, defaultIdentifier.getIdentifier());
                }
            }
        }
        // Attach discovered identities to user
        for (SchoolDataIdentifier identifier : discoveredIdentifiers) {
            List<String> identifierEmails = event.getEmails().get(identifier);
            UserSchoolDataIdentifier userSchoolDataIdentifier = userSchoolDataIdentifierController.findUserSchoolDataIdentifierByDataSourceAndIdentifierIncludeArchived(identifier.getDataSource(), identifier.getIdentifier());
            if (userSchoolDataIdentifier == null) {
                userSchoolDataIdentifier = userSchoolDataIdentifierController.createUserSchoolDataIdentifier(identifier.getDataSource(), identifier.getIdentifier(), userEntity);
                logger.log(Level.FINE, String.format("Added new identifier %s for user %d", identifier, userEntity.getId()));
            } else if (userSchoolDataIdentifier.getArchived()) {
                userSchoolDataIdentifierController.unarchiveUserSchoolDataIdentifier(userSchoolDataIdentifier);
            }
            userEmailEntityController.setUserEmails(userSchoolDataIdentifier, getValidEmails(identifierEmails));
        }
        for (SchoolDataIdentifier identifier : updatedIdentifiers) {
            List<String> emails = event.getEmails().get(identifier);
            userEmailEntityController.setUserEmails(identifier, getValidEmails(emails));
        }
        for (SchoolDataIdentifier identifier : removedIdentifiers) {
            List<String> emails = event.getEmails().get(identifier);
            userEmailEntityController.setUserEmails(identifier, getValidEmails(emails));
        }
        // Update users environment role
        if (event.getEnvironmentRoleIdentifier() != null) {
            EnvironmentRoleEntity environmentRoleEntity = environmentRoleEntityController.findEnvironmentRoleEntity(event.getEnvironmentRoleIdentifier().getDataSource(), event.getEnvironmentRoleIdentifier().getIdentifier());
            if (environmentRoleEntity != null) {
                EnvironmentUser environmentUser = environmentUserController.findEnvironmentUserByUserEntity(userEntity);
                if (environmentUser == null) {
                    logger.fine(String.format("UserEntity %d did not have an environment user so created new one into role %s", userEntity.getId(), environmentRoleEntity.getName()));
                    environmentUserController.createEnvironmentUser(userEntity, environmentRoleEntity);
                } else {
                    if (environmentUser.getRole() == null || !environmentUser.getRole().getId().equals(environmentRoleEntity.getId())) {
                        logger.fine(String.format("Updated UserEntity %d role into %s", userEntity.getId(), environmentRoleEntity.getName()));
                        environmentUserController.updateEnvironmentUserRole(environmentUser, environmentRoleEntity);
                    }
                }
            } else {
                logger.severe(String.format("Could not find specified environment role entity %s", event.getEnvironmentRoleIdentifier()));
            }
        } else {
            // Users new role has been set to null which means that we need to remove the environment role from the user
            EnvironmentUser environmentUser = environmentUserController.findEnvironmentUserByUserEntity(userEntity);
            if (environmentUser != null) {
                logger.info(String.format("Removed UserEntity %d environment role", userEntity.getId()));
                environmentUserController.updateEnvironmentUserRole(environmentUser, null);
            }
        }
    }
    // Remove identifiers in the removed list
    for (SchoolDataIdentifier identifier : removedIdentifiers) {
        UserSchoolDataIdentifier userSchoolDataIdentifier = userSchoolDataIdentifierController.findUserSchoolDataIdentifierByDataSourceAndIdentifier(identifier.getDataSource(), identifier.getIdentifier());
        if (userSchoolDataIdentifier != null) {
            logger.log(Level.FINE, String.format("Removing user school data identifier %s", identifier));
            userSchoolDataIdentifierController.archiveUserSchoolDataIdentifier(userSchoolDataIdentifier);
            if (userEntity == null) {
                userEntity = userSchoolDataIdentifier.getUserEntity();
            }
        }
    }
    // Finally check if user has any identifiers left, if not archive the user from the system
    if (userEntity != null) {
        if (userSchoolDataIdentifierController.listUserSchoolDataIdentifiersByUserEntity(userEntity).isEmpty()) {
            logger.log(Level.INFO, String.format("UserEntity #%d has no identities left, archiving userEntity", userEntity.getId()));
            userEntityController.archiveUserEntity(userEntity);
        }
    }
}
Also used : SchoolDataIdentifier(fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier) UserSchoolDataIdentifier(fi.otavanopisto.muikku.model.users.UserSchoolDataIdentifier) UserSchoolDataIdentifier(fi.otavanopisto.muikku.model.users.UserSchoolDataIdentifier) EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser) EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) UserEntity(fi.otavanopisto.muikku.model.users.UserEntity)

Aggregations

EnvironmentUser (fi.otavanopisto.muikku.model.users.EnvironmentUser)11 UserEntity (fi.otavanopisto.muikku.model.users.UserEntity)8 User (fi.otavanopisto.muikku.schooldata.entity.User)5 EnvironmentRoleEntity (fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)4 SchoolDataIdentifier (fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier)4 UserSchoolDataIdentifier (fi.otavanopisto.muikku.model.users.UserSchoolDataIdentifier)3 RESTPermit (fi.otavanopisto.security.rest.RESTPermit)3 Path (javax.ws.rs.Path)3 WorkspaceEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceEntity)2 WorkspaceUserEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceUserEntity)2 EntityManager (javax.persistence.EntityManager)2 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)2 GET (javax.ws.rs.GET)2 CacheControl (javax.ws.rs.core.CacheControl)2 EntityTag (javax.ws.rs.core.EntityTag)2 ResponseBuilder (javax.ws.rs.core.Response.ResponseBuilder)2 Permission (fi.otavanopisto.muikku.model.security.Permission)1 EnvironmentRoleArchetype (fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype)1 FlagStudent (fi.otavanopisto.muikku.model.users.FlagStudent)1 RoleEntity (fi.otavanopisto.muikku.model.users.RoleEntity)1