use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.
the class StudentRESTService method findStudentGroupStaffMember.
@Path("/studentGroups/{GROUPID:[0-9]*}/staffmembers/{ID:[0-9]*}")
@GET
@RESTPermit(StudentGroupPermissions.FIND_STUDENTGROUPSTAFFMEMBER)
public Response findStudentGroupStaffMember(@PathParam("GROUPID") Long studentGroupId, @PathParam("ID") Long id) {
StudentGroup studentGroup = studentGroupController.findStudentGroupById(studentGroupId);
if (studentGroup == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (studentGroup.getArchived()) {
return Response.status(Status.NOT_FOUND).build();
}
if (!UserUtils.canAccessOrganization(sessionController.getUser(), studentGroup.getOrganization())) {
return Response.status(Status.FORBIDDEN).build();
}
StudentGroupUser studentGroupUser = studentGroupController.findStudentGroupUserById(id);
if (studentGroupUser == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (!studentGroupUser.getStudentGroup().getId().equals(studentGroup.getId())) {
return Response.status(Status.NOT_FOUND).build();
}
return Response.ok(objectFactory.createModel(studentGroupUser)).build();
}
use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.
the class StudentRESTService method deleteStudentGroupStaffMember.
@Path("/studentGroups/{GROUPID:[0-9]*}/staffmembers/{ID:[0-9]*}")
@DELETE
@RESTPermit(StudentGroupPermissions.DELETE_STUDENTGROUPSTAFFMEMBER)
public Response deleteStudentGroupStaffMember(@PathParam("GROUPID") Long studentGroupId, @PathParam("ID") Long id) {
StudentGroup studentGroup = studentGroupController.findStudentGroupById(studentGroupId);
if (studentGroup == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (studentGroup.getArchived()) {
return Response.status(Status.NOT_FOUND).build();
}
if (!UserUtils.canAccessOrganization(sessionController.getUser(), studentGroup.getOrganization())) {
return Response.status(Status.FORBIDDEN).build();
}
StudentGroupUser studentGroupUser = studentGroupController.findStudentGroupUserById(id);
if (studentGroupUser == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (!studentGroupUser.getStudentGroup().getId().equals(studentGroup.getId())) {
return Response.status(Status.NOT_FOUND).build();
}
studentGroupController.deleteStudentGroupUser(studentGroupUser);
return Response.noContent().build();
}
use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.
the class MuikkuRESTService method removeStudentGroupMembers.
@Path("/removestudentgroupmembers")
@PUT
@RESTPermit(MuikkuPermissions.MUIKKU_REMOVE_STUDENT_GROUP_MEMBERS)
public Response removeStudentGroupMembers(@Context HttpServletRequest request, StudentGroupMembersPayload payload) {
// Prerequisites
User loggedUser = sessionController.getUser();
if (loggedUser.getOrganization() == null) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Current user lacks organization").build();
}
// Basic payload validation
Long groupId = new Long(payload.getGroupIdentifier());
StudentGroup studentGroup = studentGroupController.findStudentGroupById(groupId);
if (studentGroup == null) {
return Response.status(Status.BAD_REQUEST).entity(String.format("Student group %d not found", groupId)).build();
} else if (!UserUtils.canAccessOrganization(loggedUser, studentGroup.getOrganization())) {
logger.log(Level.SEVERE, String.format("Organization mismatch. User %d attempted to access group %d", loggedUser.getId(), groupId));
return Response.status(Status.BAD_REQUEST).entity("No student group access").build();
}
for (String userIdentifier : payload.getUserIdentifiers()) {
Long userId = new Long(userIdentifier);
User user = userController.findUserById(userId);
if (!UserUtils.canAccessOrganization(loggedUser, user.getOrganization())) {
logger.log(Level.SEVERE, String.format("Organization mismatch. User %d attempted to remove user %d from group %d", loggedUser.getId(), userId, groupId));
return Response.status(Status.BAD_REQUEST).entity("No user access").build();
}
}
for (String userIdentifier : payload.getUserIdentifiers()) {
Long userId = new Long(userIdentifier);
User user = userController.findUserById(userId);
if (user instanceof Student) {
StudentGroupStudent studentGroupStudent = studentGroupController.findStudentGroupStudentByStudentGroupAndStudent(studentGroup, (Student) user);
if (studentGroupStudent != null) {
studentGroupController.deleteStudentGroupStudent(studentGroupStudent);
}
} else if (user instanceof StaffMember) {
StudentGroupUser studentGroupUser = studentGroupController.findStudentGroupUserByStudentGroupAndUser(studentGroup, (StaffMember) user);
if (studentGroupUser != null) {
studentGroupController.deleteStudentGroupUser(studentGroupUser);
}
}
}
return Response.noContent().build();
}
use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.
the class StudentRESTService method createStudentGroupStaffMember.
@Path("/studentGroups/{ID:[0-9]*}/staffmembers")
@POST
@RESTPermit(StudentGroupPermissions.CREATE_STUDENTGROUPSTAFFMEMBER)
public Response createStudentGroupStaffMember(@PathParam("ID") Long id, fi.otavanopisto.pyramus.rest.model.StudentGroupUser entity) {
if (entity == null) {
return Response.status(Status.BAD_REQUEST).build();
}
if (entity.getStaffMemberId() == null) {
return Response.status(Status.BAD_REQUEST).build();
}
StudentGroup studentGroup = studentGroupController.findStudentGroupById(id);
if (studentGroup == null || studentGroup.getArchived()) {
return Response.status(Status.NOT_FOUND).build();
}
if (!UserUtils.canAccessOrganization(sessionController.getUser(), studentGroup.getOrganization())) {
return Response.status(Status.FORBIDDEN).build();
}
StaffMember staffMember = userController.findStaffMemberById(entity.getStaffMemberId());
if (staffMember == null) {
return Response.status(Status.BAD_REQUEST).build();
}
StudentGroupUser studentGroupUser = studentGroupController.createStudentGroupStaffMember(studentGroup, staffMember, sessionController.getUser());
return Response.ok(objectFactory.createModel(studentGroupUser)).build();
}
use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.
the class EditStudentGroupJSONRequestController method process.
/**
* Processes the request to edit a student group.
*
* @param requestContext
* The JSON request context
*/
public void process(JSONRequestContext requestContext) {
StaffMemberDAO staffMemberDAO = DAOFactory.getInstance().getStaffMemberDAO();
StudentDAO studentDAO = DAOFactory.getInstance().getStudentDAO();
StudentGroupDAO studentGroupDAO = DAOFactory.getInstance().getStudentGroupDAO();
StudentGroupStudentDAO studentGroupStudentDAO = DAOFactory.getInstance().getStudentGroupStudentDAO();
StudentGroupUserDAO studentGroupUserDAO = DAOFactory.getInstance().getStudentGroupUserDAO();
TagDAO tagDAO = DAOFactory.getInstance().getTagDAO();
OrganizationDAO organizationDAO = DAOFactory.getInstance().getOrganizationDAO();
// StudentGroup basic information
String name = requestContext.getString("name");
String description = requestContext.getString("description");
Date beginDate = requestContext.getDate("beginDate");
String tagsText = requestContext.getString("tags");
Boolean guidanceGroup = requestContext.getBoolean("guidanceGroup");
Set<Tag> tagEntities = new HashSet<>();
if (!StringUtils.isBlank(tagsText)) {
List<String> tags = Arrays.asList(tagsText.split("[\\ ,]"));
for (String tag : tags) {
if (!StringUtils.isBlank(tag)) {
Tag tagEntity = tagDAO.findByText(tag.trim());
if (tagEntity == null)
tagEntity = tagDAO.create(tag);
tagEntities.add(tagEntity);
}
}
}
StudentGroup studentGroup = studentGroupDAO.findById(requestContext.getLong("studentGroupId"));
User loggedUser = staffMemberDAO.findById(requestContext.getLoggedUserId());
if (!UserUtils.canAccessOrganization(loggedUser, studentGroup.getOrganization())) {
throw new SmvcRuntimeException(PyramusStatusCode.UNAUTHORIZED, "Can not access student group from another organization.");
}
// Version check
Long version = requestContext.getLong("version");
if (!studentGroup.getVersion().equals(version))
throw new StaleObjectStateException(StudentGroup.class.getName(), studentGroup.getId());
Organization organization = organizationDAO.findById(requestContext.getLong("organizationId"));
if (!UserUtils.canAccessOrganization(loggedUser, organization)) {
throw new SmvcRuntimeException(PyramusStatusCode.UNAUTHORIZED, "Invalid organization.");
}
studentGroupDAO.update(studentGroup, organization, name, description, beginDate, guidanceGroup, loggedUser);
// Tags
studentGroupDAO.setStudentGroupTags(studentGroup, tagEntities);
// Personnel
StudentGroupUser[] users = studentGroup.getUsers().toArray(new StudentGroupUser[0]);
StudentGroupStudent[] students = studentGroup.getStudents().toArray(new StudentGroupStudent[0]);
Set<Long> removables = studentGroup.getUsers().stream().map(StudentGroupUser::getId).collect(Collectors.toSet());
int rowCount = requestContext.getInteger("usersTable.rowCount").intValue();
for (int i = 0; i < rowCount; i++) {
String colPrefix = "usersTable." + i;
Long userId = requestContext.getLong(colPrefix + ".userId");
Long studentGroupUserId = requestContext.getLong(colPrefix + ".studentGroupUserId");
StaffMember staffMember = staffMemberDAO.findById(userId);
if (!UserUtils.canAccessOrganization(loggedUser, staffMember.getOrganization())) {
throw new SmvcRuntimeException(PyramusStatusCode.UNAUTHORIZED, "Can not access student group from another organization.");
}
if (studentGroupUserId == null) {
// New User
studentGroupUserDAO.create(studentGroup, staffMember, loggedUser);
} else {
// Old User, still in list
removables.remove(studentGroupUserId);
}
}
// Remove the ones that were deleted from group
for (int i = 0; i < users.length; i++) {
if (removables.contains(users[i].getId())) {
studentGroupUserDAO.remove(studentGroup, users[i], loggedUser);
}
}
// Students
removables = studentGroup.getStudents().stream().map(StudentGroupStudent::getId).collect(Collectors.toSet());
rowCount = requestContext.getInteger("studentsTable.rowCount");
for (int i = 0; i < rowCount; i++) {
String colPrefix = "studentsTable." + i;
Long studentId = requestContext.getLong(colPrefix + ".studentId");
Long studentGroupStudentId = requestContext.getLong(colPrefix + ".studentGroupStudentId");
Student student = studentDAO.findById(studentId);
if (!UserUtils.canAccessOrganization(loggedUser, student.getOrganization())) {
throw new SmvcRuntimeException(PyramusStatusCode.UNAUTHORIZED, "Can not access student from another organization.");
}
if (studentGroupStudentId == null) {
// New Student
studentGroupStudentDAO.create(studentGroup, student, loggedUser);
} else {
// Old User, still in list, we'll update if the student has changed student group
removables.remove(studentGroupStudentId);
StudentGroupStudent sgStudent = studentGroupStudentDAO.findById(studentGroupStudentId);
if (!sgStudent.getStudent().getId().equals(studentId)) {
studentGroupStudentDAO.update(sgStudent, studentDAO.findById(studentId), loggedUser);
}
}
}
// Remove the ones that were deleted from group
for (int i = 0; i < students.length; i++) {
if (removables.contains(students[i].getId())) {
studentGroupStudentDAO.remove(studentGroup, students[i], loggedUser);
}
}
requestContext.setRedirectURL(requestContext.getReferer(true));
}
Aggregations