Search in sources :

Example 1 with StudentGroupUser

use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.

the class StudentRESTService method findStudentGroupStaffMember.

@Path("/studentGroups/{GROUPID:[0-9]*}/staffmembers/{ID:[0-9]*}")
@GET
@RESTPermit(StudentGroupPermissions.FIND_STUDENTGROUPSTAFFMEMBER)
public Response findStudentGroupStaffMember(@PathParam("GROUPID") Long studentGroupId, @PathParam("ID") Long id) {
    StudentGroup studentGroup = studentGroupController.findStudentGroupById(studentGroupId);
    if (studentGroup == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (studentGroup.getArchived()) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (!UserUtils.canAccessOrganization(sessionController.getUser(), studentGroup.getOrganization())) {
        return Response.status(Status.FORBIDDEN).build();
    }
    StudentGroupUser studentGroupUser = studentGroupController.findStudentGroupUserById(id);
    if (studentGroupUser == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (!studentGroupUser.getStudentGroup().getId().equals(studentGroup.getId())) {
        return Response.status(Status.NOT_FOUND).build();
    }
    return Response.ok(objectFactory.createModel(studentGroupUser)).build();
}
Also used : StudentGroupUser(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser) StudentGroup(fi.otavanopisto.pyramus.domainmodel.students.StudentGroup) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.pyramus.rest.annotation.RESTPermit) GET(javax.ws.rs.GET)

Example 2 with StudentGroupUser

use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.

the class StudentRESTService method deleteStudentGroupStaffMember.

@Path("/studentGroups/{GROUPID:[0-9]*}/staffmembers/{ID:[0-9]*}")
@DELETE
@RESTPermit(StudentGroupPermissions.DELETE_STUDENTGROUPSTAFFMEMBER)
public Response deleteStudentGroupStaffMember(@PathParam("GROUPID") Long studentGroupId, @PathParam("ID") Long id) {
    StudentGroup studentGroup = studentGroupController.findStudentGroupById(studentGroupId);
    if (studentGroup == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (studentGroup.getArchived()) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (!UserUtils.canAccessOrganization(sessionController.getUser(), studentGroup.getOrganization())) {
        return Response.status(Status.FORBIDDEN).build();
    }
    StudentGroupUser studentGroupUser = studentGroupController.findStudentGroupUserById(id);
    if (studentGroupUser == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (!studentGroupUser.getStudentGroup().getId().equals(studentGroup.getId())) {
        return Response.status(Status.NOT_FOUND).build();
    }
    studentGroupController.deleteStudentGroupUser(studentGroupUser);
    return Response.noContent().build();
}
Also used : StudentGroupUser(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser) StudentGroup(fi.otavanopisto.pyramus.domainmodel.students.StudentGroup) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) RESTPermit(fi.otavanopisto.pyramus.rest.annotation.RESTPermit)

Example 3 with StudentGroupUser

use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.

the class MuikkuRESTService method removeStudentGroupMembers.

@Path("/removestudentgroupmembers")
@PUT
@RESTPermit(MuikkuPermissions.MUIKKU_REMOVE_STUDENT_GROUP_MEMBERS)
public Response removeStudentGroupMembers(@Context HttpServletRequest request, StudentGroupMembersPayload payload) {
    // Prerequisites
    User loggedUser = sessionController.getUser();
    if (loggedUser.getOrganization() == null) {
        return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Current user lacks organization").build();
    }
    // Basic payload validation
    Long groupId = new Long(payload.getGroupIdentifier());
    StudentGroup studentGroup = studentGroupController.findStudentGroupById(groupId);
    if (studentGroup == null) {
        return Response.status(Status.BAD_REQUEST).entity(String.format("Student group %d not found", groupId)).build();
    } else if (!UserUtils.canAccessOrganization(loggedUser, studentGroup.getOrganization())) {
        logger.log(Level.SEVERE, String.format("Organization mismatch. User %d attempted to access group %d", loggedUser.getId(), groupId));
        return Response.status(Status.BAD_REQUEST).entity("No student group access").build();
    }
    for (String userIdentifier : payload.getUserIdentifiers()) {
        Long userId = new Long(userIdentifier);
        User user = userController.findUserById(userId);
        if (!UserUtils.canAccessOrganization(loggedUser, user.getOrganization())) {
            logger.log(Level.SEVERE, String.format("Organization mismatch. User %d attempted to remove user %d from group %d", loggedUser.getId(), userId, groupId));
            return Response.status(Status.BAD_REQUEST).entity("No user access").build();
        }
    }
    for (String userIdentifier : payload.getUserIdentifiers()) {
        Long userId = new Long(userIdentifier);
        User user = userController.findUserById(userId);
        if (user instanceof Student) {
            StudentGroupStudent studentGroupStudent = studentGroupController.findStudentGroupStudentByStudentGroupAndStudent(studentGroup, (Student) user);
            if (studentGroupStudent != null) {
                studentGroupController.deleteStudentGroupStudent(studentGroupStudent);
            }
        } else if (user instanceof StaffMember) {
            StudentGroupUser studentGroupUser = studentGroupController.findStudentGroupUserByStudentGroupAndUser(studentGroup, (StaffMember) user);
            if (studentGroupUser != null) {
                studentGroupController.deleteStudentGroupUser(studentGroupUser);
            }
        }
    }
    return Response.noContent().build();
}
Also used : StudentGroupStudent(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupStudent) StudentGroupUser(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser) User(fi.otavanopisto.pyramus.domainmodel.users.User) CourseStudent(fi.otavanopisto.pyramus.domainmodel.courses.CourseStudent) StudentGroupStudent(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupStudent) Student(fi.otavanopisto.pyramus.domainmodel.students.Student) StaffMember(fi.otavanopisto.pyramus.domainmodel.users.StaffMember) StudentGroupUser(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser) StudentGroup(fi.otavanopisto.pyramus.domainmodel.students.StudentGroup) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.pyramus.rest.annotation.RESTPermit) PUT(javax.ws.rs.PUT)

Example 4 with StudentGroupUser

use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.

the class StudentRESTService method createStudentGroupStaffMember.

@Path("/studentGroups/{ID:[0-9]*}/staffmembers")
@POST
@RESTPermit(StudentGroupPermissions.CREATE_STUDENTGROUPSTAFFMEMBER)
public Response createStudentGroupStaffMember(@PathParam("ID") Long id, fi.otavanopisto.pyramus.rest.model.StudentGroupUser entity) {
    if (entity == null) {
        return Response.status(Status.BAD_REQUEST).build();
    }
    if (entity.getStaffMemberId() == null) {
        return Response.status(Status.BAD_REQUEST).build();
    }
    StudentGroup studentGroup = studentGroupController.findStudentGroupById(id);
    if (studentGroup == null || studentGroup.getArchived()) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (!UserUtils.canAccessOrganization(sessionController.getUser(), studentGroup.getOrganization())) {
        return Response.status(Status.FORBIDDEN).build();
    }
    StaffMember staffMember = userController.findStaffMemberById(entity.getStaffMemberId());
    if (staffMember == null) {
        return Response.status(Status.BAD_REQUEST).build();
    }
    StudentGroupUser studentGroupUser = studentGroupController.createStudentGroupStaffMember(studentGroup, staffMember, sessionController.getUser());
    return Response.ok(objectFactory.createModel(studentGroupUser)).build();
}
Also used : StaffMember(fi.otavanopisto.pyramus.domainmodel.users.StaffMember) StudentGroupUser(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser) StudentGroup(fi.otavanopisto.pyramus.domainmodel.students.StudentGroup) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.pyramus.rest.annotation.RESTPermit) POST(javax.ws.rs.POST)

Example 5 with StudentGroupUser

use of fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser in project pyramus by otavanopisto.

the class EditStudentGroupJSONRequestController method process.

/**
 * Processes the request to edit a student group.
 *
 * @param requestContext
 *          The JSON request context
 */
public void process(JSONRequestContext requestContext) {
    StaffMemberDAO staffMemberDAO = DAOFactory.getInstance().getStaffMemberDAO();
    StudentDAO studentDAO = DAOFactory.getInstance().getStudentDAO();
    StudentGroupDAO studentGroupDAO = DAOFactory.getInstance().getStudentGroupDAO();
    StudentGroupStudentDAO studentGroupStudentDAO = DAOFactory.getInstance().getStudentGroupStudentDAO();
    StudentGroupUserDAO studentGroupUserDAO = DAOFactory.getInstance().getStudentGroupUserDAO();
    TagDAO tagDAO = DAOFactory.getInstance().getTagDAO();
    OrganizationDAO organizationDAO = DAOFactory.getInstance().getOrganizationDAO();
    // StudentGroup basic information
    String name = requestContext.getString("name");
    String description = requestContext.getString("description");
    Date beginDate = requestContext.getDate("beginDate");
    String tagsText = requestContext.getString("tags");
    Boolean guidanceGroup = requestContext.getBoolean("guidanceGroup");
    Set<Tag> tagEntities = new HashSet<>();
    if (!StringUtils.isBlank(tagsText)) {
        List<String> tags = Arrays.asList(tagsText.split("[\\ ,]"));
        for (String tag : tags) {
            if (!StringUtils.isBlank(tag)) {
                Tag tagEntity = tagDAO.findByText(tag.trim());
                if (tagEntity == null)
                    tagEntity = tagDAO.create(tag);
                tagEntities.add(tagEntity);
            }
        }
    }
    StudentGroup studentGroup = studentGroupDAO.findById(requestContext.getLong("studentGroupId"));
    User loggedUser = staffMemberDAO.findById(requestContext.getLoggedUserId());
    if (!UserUtils.canAccessOrganization(loggedUser, studentGroup.getOrganization())) {
        throw new SmvcRuntimeException(PyramusStatusCode.UNAUTHORIZED, "Can not access student group from another organization.");
    }
    // Version check
    Long version = requestContext.getLong("version");
    if (!studentGroup.getVersion().equals(version))
        throw new StaleObjectStateException(StudentGroup.class.getName(), studentGroup.getId());
    Organization organization = organizationDAO.findById(requestContext.getLong("organizationId"));
    if (!UserUtils.canAccessOrganization(loggedUser, organization)) {
        throw new SmvcRuntimeException(PyramusStatusCode.UNAUTHORIZED, "Invalid organization.");
    }
    studentGroupDAO.update(studentGroup, organization, name, description, beginDate, guidanceGroup, loggedUser);
    // Tags
    studentGroupDAO.setStudentGroupTags(studentGroup, tagEntities);
    // Personnel
    StudentGroupUser[] users = studentGroup.getUsers().toArray(new StudentGroupUser[0]);
    StudentGroupStudent[] students = studentGroup.getStudents().toArray(new StudentGroupStudent[0]);
    Set<Long> removables = studentGroup.getUsers().stream().map(StudentGroupUser::getId).collect(Collectors.toSet());
    int rowCount = requestContext.getInteger("usersTable.rowCount").intValue();
    for (int i = 0; i < rowCount; i++) {
        String colPrefix = "usersTable." + i;
        Long userId = requestContext.getLong(colPrefix + ".userId");
        Long studentGroupUserId = requestContext.getLong(colPrefix + ".studentGroupUserId");
        StaffMember staffMember = staffMemberDAO.findById(userId);
        if (!UserUtils.canAccessOrganization(loggedUser, staffMember.getOrganization())) {
            throw new SmvcRuntimeException(PyramusStatusCode.UNAUTHORIZED, "Can not access student group from another organization.");
        }
        if (studentGroupUserId == null) {
            // New User
            studentGroupUserDAO.create(studentGroup, staffMember, loggedUser);
        } else {
            // Old User, still in list
            removables.remove(studentGroupUserId);
        }
    }
    // Remove the ones that were deleted from group
    for (int i = 0; i < users.length; i++) {
        if (removables.contains(users[i].getId())) {
            studentGroupUserDAO.remove(studentGroup, users[i], loggedUser);
        }
    }
    // Students
    removables = studentGroup.getStudents().stream().map(StudentGroupStudent::getId).collect(Collectors.toSet());
    rowCount = requestContext.getInteger("studentsTable.rowCount");
    for (int i = 0; i < rowCount; i++) {
        String colPrefix = "studentsTable." + i;
        Long studentId = requestContext.getLong(colPrefix + ".studentId");
        Long studentGroupStudentId = requestContext.getLong(colPrefix + ".studentGroupStudentId");
        Student student = studentDAO.findById(studentId);
        if (!UserUtils.canAccessOrganization(loggedUser, student.getOrganization())) {
            throw new SmvcRuntimeException(PyramusStatusCode.UNAUTHORIZED, "Can not access student from another organization.");
        }
        if (studentGroupStudentId == null) {
            // New Student
            studentGroupStudentDAO.create(studentGroup, student, loggedUser);
        } else {
            // Old User, still in list, we'll update if the student has changed student group
            removables.remove(studentGroupStudentId);
            StudentGroupStudent sgStudent = studentGroupStudentDAO.findById(studentGroupStudentId);
            if (!sgStudent.getStudent().getId().equals(studentId)) {
                studentGroupStudentDAO.update(sgStudent, studentDAO.findById(studentId), loggedUser);
            }
        }
    }
    // Remove the ones that were deleted from group
    for (int i = 0; i < students.length; i++) {
        if (removables.contains(students[i].getId())) {
            studentGroupStudentDAO.remove(studentGroup, students[i], loggedUser);
        }
    }
    requestContext.setRedirectURL(requestContext.getReferer(true));
}
Also used : User(fi.otavanopisto.pyramus.domainmodel.users.User) StudentGroupUser(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser) Organization(fi.otavanopisto.pyramus.domainmodel.base.Organization) SmvcRuntimeException(fi.internetix.smvc.SmvcRuntimeException) StaffMember(fi.otavanopisto.pyramus.domainmodel.users.StaffMember) StudentGroupStudent(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupStudent) StaffMemberDAO(fi.otavanopisto.pyramus.dao.users.StaffMemberDAO) StudentGroupStudentDAO(fi.otavanopisto.pyramus.dao.students.StudentGroupStudentDAO) OrganizationDAO(fi.otavanopisto.pyramus.dao.base.OrganizationDAO) HashSet(java.util.HashSet) StudentGroupUserDAO(fi.otavanopisto.pyramus.dao.students.StudentGroupUserDAO) TagDAO(fi.otavanopisto.pyramus.dao.base.TagDAO) Student(fi.otavanopisto.pyramus.domainmodel.students.Student) StudentGroupStudent(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupStudent) Date(java.util.Date) StudentGroupStudentDAO(fi.otavanopisto.pyramus.dao.students.StudentGroupStudentDAO) StudentDAO(fi.otavanopisto.pyramus.dao.students.StudentDAO) StudentGroupDAO(fi.otavanopisto.pyramus.dao.students.StudentGroupDAO) Tag(fi.otavanopisto.pyramus.domainmodel.base.Tag) StudentGroupUser(fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser) StaleObjectStateException(org.hibernate.StaleObjectStateException) StudentGroup(fi.otavanopisto.pyramus.domainmodel.students.StudentGroup)

Aggregations

StudentGroupUser (fi.otavanopisto.pyramus.domainmodel.students.StudentGroupUser)13 StudentGroup (fi.otavanopisto.pyramus.domainmodel.students.StudentGroup)11 StudentGroupStudent (fi.otavanopisto.pyramus.domainmodel.students.StudentGroupStudent)6 RESTPermit (fi.otavanopisto.pyramus.rest.annotation.RESTPermit)6 Path (javax.ws.rs.Path)6 Student (fi.otavanopisto.pyramus.domainmodel.students.Student)5 StaffMember (fi.otavanopisto.pyramus.domainmodel.users.StaffMember)5 EntityManager (javax.persistence.EntityManager)5 CourseStudent (fi.otavanopisto.pyramus.domainmodel.courses.CourseStudent)4 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)4 ArrayList (java.util.ArrayList)3 Date (java.util.Date)3 Organization (fi.otavanopisto.pyramus.domainmodel.base.Organization)2 User (fi.otavanopisto.pyramus.domainmodel.users.User)2 SmvcRuntimeException (fi.internetix.smvc.SmvcRuntimeException)1 OrganizationDAO (fi.otavanopisto.pyramus.dao.base.OrganizationDAO)1 TagDAO (fi.otavanopisto.pyramus.dao.base.TagDAO)1 StudentDAO (fi.otavanopisto.pyramus.dao.students.StudentDAO)1 StudentGroupDAO (fi.otavanopisto.pyramus.dao.students.StudentGroupDAO)1 StudentGroupStudentDAO (fi.otavanopisto.pyramus.dao.students.StudentGroupStudentDAO)1