Example 6 with Role
use of fi.otavanopisto.pyramus.domainmodel.users.Role in project pyramus by otavanopisto.
the class ImportLDAPUsersViewController method processSend.
public void processSend(PageRequestContext requestContext) {
EmailDAO emailDAO = DAOFactory.getInstance().getEmailDAO();
UserDAO userDAO = DAOFactory.getInstance().getUserDAO();
List<User> createdUsers = new ArrayList<User>();
int rowCount = requestContext.getInteger("importTable.rowCount");
for (int i = 0; i < rowCount; i++) {
String colPrefix = "importTable." + i;
if ("1".equals(requestContext.getString(colPrefix + ".import"))) {
String email = requestContext.getString(colPrefix + ".email");
String firstName = requestContext.getString(colPrefix + ".firstName");
String lastName = requestContext.getString(colPrefix + ".lastName");
String roleName = requestContext.getString(colPrefix + ".role");
String id = requestContext.getString(colPrefix + ".id");
Role role = Enum.valueOf(Role.class, roleName);
User user = userDAO.create(firstName, lastName, id, "LDAP", role);
emailDAO.create(user.getContactInfo(), null, Boolean.TRUE, email);
createdUsers.add(user);
}
}
requestContext.getRequest().setAttribute("createdUsers", createdUsers);
requestContext.setRedirectURL(requestContext.getRequest().getContextPath() + "system/importldapusers.page");
}
Also used :
Role(fi.otavanopisto.pyramus.domainmodel.users.Role)
UserRole(fi.otavanopisto.pyramus.framework.UserRole)
User(fi.otavanopisto.pyramus.domainmodel.users.User)
UserDAO(fi.otavanopisto.pyramus.dao.users.UserDAO)
ArrayList(java.util.ArrayList)
EmailDAO(fi.otavanopisto.pyramus.dao.base.EmailDAO)
Example 7 with Role
use of fi.otavanopisto.pyramus.domainmodel.users.Role in project pyramus by otavanopisto.
the class ImportExportPermissionsViewController method processSend.
@Override
public void processSend(PageRequestContext requestContext) {
String permissionJson = requestContext.getString("permissionJson");
JSONObject permissionMap = JSONObject.fromObject(permissionJson);
PermissionDAO permissionDAO = DAOFactory.getInstance().getPermissionDAO();
EnvironmentRolePermissionDAO environmentRolePermissionDAO = DAOFactory.getInstance().getEnvironmentRolePermissionDAO();
List<EnvironmentRolePermission> allPermissions = environmentRolePermissionDAO.listAll();
for (EnvironmentRolePermission erp : allPermissions) {
environmentRolePermissionDAO.delete(erp);
}
for (Object roleObject : permissionMap.keySet()) {
String roleValue = (String) roleObject;
Role role = Role.getRole(Integer.valueOf(roleValue));
if (role == null) {
Logger.getLogger(getClass().getName()).severe(String.format("Role with value %s not found from system", roleValue));
continue;
}
for (Object permissionNameObject : permissionMap.getJSONArray(roleValue)) {
String permissionName = (String) permissionNameObject;
Permission permission = permissionDAO.findByName(permissionName);
if (permission == null) {
Logger.getLogger(getClass().getName()).severe(String.format("Permission %s not found from system", permissionName));
continue;
}
environmentRolePermissionDAO.create(role, permission);
}
}
requestContext.setRedirectURL("/system/managepermissions.page");
}
Also used :
Role(fi.otavanopisto.pyramus.domainmodel.users.Role)
UserRole(fi.otavanopisto.pyramus.framework.UserRole)
JSONObject(net.sf.json.JSONObject)
EnvironmentRolePermissionDAO(fi.otavanopisto.pyramus.dao.security.EnvironmentRolePermissionDAO)
PermissionDAO(fi.otavanopisto.pyramus.dao.security.PermissionDAO)
EnvironmentRolePermissionDAO(fi.otavanopisto.pyramus.dao.security.EnvironmentRolePermissionDAO)
EnvironmentRolePermission(fi.otavanopisto.pyramus.domainmodel.security.EnvironmentRolePermission)
Permission(fi.otavanopisto.pyramus.domainmodel.security.Permission)
EnvironmentRolePermission(fi.otavanopisto.pyramus.domainmodel.security.EnvironmentRolePermission)
JSONObject(net.sf.json.JSONObject)
Example 8 with Role
use of fi.otavanopisto.pyramus.domainmodel.users.Role in project pyramus by otavanopisto.
the class ManagePermissionsViewController method processSend.
@Override
public void processSend(PageRequestContext requestContext) {
String resetRole = requestContext.getString("roleReset");
if (StringUtils.isBlank(resetRole)) {
PermissionDAO permissionDAO = DAOFactory.getInstance().getPermissionDAO();
EnvironmentRolePermissionDAO environmentRolePermissionDAO = DAOFactory.getInstance().getEnvironmentRolePermissionDAO();
List<Permission> permissions = permissionDAO.listAll();
for (Permission permission : permissions) {
for (Role role : manageableRoles()) {
String paramName = permission.getId().toString() + '.' + role.name();
EnvironmentRolePermission rolePermission = environmentRolePermissionDAO.findByUserRoleAndPermission(role, permission);
boolean isSet = new Integer(1).equals(requestContext.getInteger(paramName));
boolean exists = rolePermission != null;
if (isSet != exists) {
if (isSet) {
environmentRolePermissionDAO.create(role, permission);
} else {
environmentRolePermissionDAO.delete(rolePermission);
}
}
}
}
} else {
resetRoles(Role.valueOf(resetRole));
}
processForm(requestContext);
}
Also used :
Role(fi.otavanopisto.pyramus.domainmodel.users.Role)
UserRole(fi.otavanopisto.pyramus.framework.UserRole)
EnvironmentRolePermissionDAO(fi.otavanopisto.pyramus.dao.security.EnvironmentRolePermissionDAO)
PermissionDAO(fi.otavanopisto.pyramus.dao.security.PermissionDAO)
EnvironmentRolePermissionDAO(fi.otavanopisto.pyramus.dao.security.EnvironmentRolePermissionDAO)
EnvironmentRolePermission(fi.otavanopisto.pyramus.domainmodel.security.EnvironmentRolePermission)
Permission(fi.otavanopisto.pyramus.domainmodel.security.Permission)
EnvironmentRolePermission(fi.otavanopisto.pyramus.domainmodel.security.EnvironmentRolePermission)
Example 9 with Role
use of fi.otavanopisto.pyramus.domainmodel.users.Role in project pyramus by otavanopisto.
the class MuikkuRESTService method updateUser.
@Path("/users/{IDENTIFIER}")
@PUT
@RESTPermit(MuikkuPermissions.MUIKKU_UPDATE_STAFF_MEMBER)
public Response updateUser(@Context HttpServletRequest request, @PathParam("IDENTIFIER") String identifier, StaffMemberPayload payload) {
if (!StringUtils.equals(payload.getIdentifier(), identifier)) {
return Response.status(Status.BAD_REQUEST).entity("Payload identifier doesn't match path identifier").build();
}
if (StringUtils.isAnyBlank(payload.getFirstName(), payload.getLastName(), payload.getEmail(), payload.getRole())) {
return Response.status(Status.BAD_REQUEST).entity("Empty fields in payload").build();
}
// Test allowed roles
Role role;
try {
role = Role.valueOf(payload.getRole());
if (role != Role.MANAGER && role != Role.TEACHER) {
return Response.status(Status.BAD_REQUEST).entity(String.format("Unsupported role %s", payload.getRole())).build();
}
} catch (Exception e) {
return Response.status(Status.BAD_REQUEST).entity(String.format("Unsupported role %s", payload.getRole())).build();
}
// Find user
Long staffMemberId = Long.valueOf(payload.getIdentifier());
StaffMember staffMember = userController.findStaffMemberById(staffMemberId);
if (staffMember == null || !UserUtils.canAccessOrganization(sessionController.getUser(), staffMember.getOrganization())) {
return Response.status(Status.NOT_FOUND).build();
}
Role existingRole = staffMember.getRole();
if (existingRole != Role.MANAGER && existingRole != Role.TEACHER) {
role = existingRole;
}
List<Email> staffMemberEmails = userController.listStaffMemberEmails(staffMember);
if (staffMemberEmails.size() != 1) {
return Response.status(Status.BAD_REQUEST).entity("User has several emails").build();
}
Email email = staffMemberEmails.get(0);
String address = StringUtils.trim(StringUtils.lowerCase(payload.getEmail()));
if (!UserUtils.isAllowedEmail(address, email.getContactType(), staffMember.getPerson().getId())) {
return Response.status(Status.CONFLICT).entity(getMessage(request.getLocale(), "error.emailInUse")).build();
}
// Update user
staffMember = userController.updateStaffMember(staffMember, staffMember.getOrganization(), payload.getFirstName(), payload.getLastName(), role);
// Update email
try {
email = userController.updateStaffMemberEmail(staffMember, email, email.getContactType(), address, email.getDefaultAddress());
} catch (UserEmailInUseException e) {
// Set the transaction as rollback only
sessionContext.setRollbackOnly();
return Response.status(Status.CONFLICT).entity(getMessage(request.getLocale(), "error.emailInUse")).build();
}
return Response.ok(toRestModel(staffMember, email)).build();
}
Also used :
Role(fi.otavanopisto.pyramus.domainmodel.users.Role)
UserEmailInUseException(fi.otavanopisto.pyramus.framework.UserEmailInUseException)
Email(fi.otavanopisto.pyramus.domainmodel.base.Email)
StaffMember(fi.otavanopisto.pyramus.domainmodel.users.StaffMember)
UserEmailInUseException(fi.otavanopisto.pyramus.framework.UserEmailInUseException)
Path(javax.ws.rs.Path)
RESTPermit(fi.otavanopisto.pyramus.rest.annotation.RESTPermit)
PUT(javax.ws.rs.PUT)
Example 10 with Role
use of fi.otavanopisto.pyramus.domainmodel.users.Role in project pyramus by otavanopisto.
the class StudentCrossOrganizationPermissionsTestsIT method testListStudents.
@ParameterizedTest
@EnumSource(Role.class)
public void testListStudents(Role role) throws NoSuchFieldException {
if (roleIsAllowed(role, studentPermissions, StudentPermissions.LIST_STUDENTS)) {
Person person = tools().createPerson();
Student studentFromAnotherOrg = tools().createStudent(person.getId(), studyProgramme.getId());
Person person2 = tools().createPerson();
Student studentFromSameOrg = tools().createStudent(person2.getId(), 1L);
try {
Response response = given().headers(getAuthHeaders(role)).get("/students/students");
Student[] listStudents = response.as(Student[].class);
if (!roleIsAllowed(role, studentPermissions, StudentPermissions.FEATURE_OWNED_GROUP_STUDENTS_RESTRICTION)) {
// User has no group restriction
assertTrue(Arrays.stream(listStudents).anyMatch(student -> studentFromSameOrg.getId().equals(student.getId())), String.format("Couldn't list student from same org (%s).", role));
} else {
// User has group restriction (study guider)
assertFalse(Arrays.stream(listStudents).anyMatch(student -> studentFromSameOrg.getId().equals(student.getId())), String.format("Couldn't list student from same org (%s).", role));
}
if (roleIsAllowed(role, organizationPermissions, OrganizationPermissions.ACCESS_ALL_ORGANIZATIONS)) {
// Can access all organizations -> can list student from another org.
assertTrue(Arrays.stream(listStudents).anyMatch(student -> studentFromAnotherOrg.getId().equals(student.getId())), String.format("Listed student from another org (%s).", role));
} else {
// Can access only own organizations -> can't list student from another org.
assertFalse(Arrays.stream(listStudents).anyMatch(student -> studentFromAnotherOrg.getId().equals(student.getId())), String.format("Listed student from another org (%s).", role));
}
} finally {
tools().deleteStudent(studentFromSameOrg);
tools().deletePerson(person2);
tools().deleteStudent(studentFromAnotherOrg);
tools().deletePerson(person);
}
} else {
given().headers(getAuthHeaders(role)).get("/students/students").then().statusCode(403);
}
}
Also used :
Response(io.restassured.response.Response)
Organization(fi.otavanopisto.pyramus.rest.model.Organization)
Arrays(java.util.Arrays)
Person(fi.otavanopisto.pyramus.rest.model.Person)
Role(fi.otavanopisto.pyramus.domainmodel.users.Role)
StudentPermissions(fi.otavanopisto.pyramus.rest.controller.permissions.StudentPermissions)
HashMap(java.util.HashMap)
EnumSource(org.junit.jupiter.params.provider.EnumSource)
Lifecycle(org.junit.jupiter.api.TestInstance.Lifecycle)
AfterAll(org.junit.jupiter.api.AfterAll)
Student(fi.otavanopisto.pyramus.rest.model.Student)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
TestInstance(org.junit.jupiter.api.TestInstance)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Response(io.restassured.response.Response)
Map(java.util.Map)
Assertions(org.junit.jupiter.api.Assertions)
OrganizationPermissions(fi.otavanopisto.pyramus.security.impl.permissions.OrganizationPermissions)
RestAssured.given(io.restassured.RestAssured.given)
StudyProgramme(fi.otavanopisto.pyramus.rest.model.StudyProgramme)
Student(fi.otavanopisto.pyramus.rest.model.Student)
Person(fi.otavanopisto.pyramus.rest.model.Person)
EnumSource(org.junit.jupiter.params.provider.EnumSource)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Aggregations
Role (fi.otavanopisto.pyramus.domainmodel.users.Role)21
StaffMember (fi.otavanopisto.pyramus.domainmodel.users.StaffMember)9
UserRole (fi.otavanopisto.pyramus.framework.UserRole)7
StaffMemberDAO (fi.otavanopisto.pyramus.dao.users.StaffMemberDAO)5
User (fi.otavanopisto.pyramus.domainmodel.users.User)5
Organization (fi.otavanopisto.pyramus.domainmodel.base.Organization)4
EnvironmentRolePermission (fi.otavanopisto.pyramus.domainmodel.security.EnvironmentRolePermission)4
Permission (fi.otavanopisto.pyramus.domainmodel.security.Permission)4
Response (io.restassured.response.Response)4
SmvcRuntimeException (fi.internetix.smvc.SmvcRuntimeException)3
EmailDAO (fi.otavanopisto.pyramus.dao.base.EmailDAO)3
PersonDAO (fi.otavanopisto.pyramus.dao.base.PersonDAO)3
UserIdentificationDAO (fi.otavanopisto.pyramus.dao.users.UserIdentificationDAO)3
Person (fi.otavanopisto.pyramus.domainmodel.base.Person)3
StaffMemberPayload (fi.otavanopisto.pyramus.rest.model.muikku.StaffMemberPayload)3
ArrayList (java.util.ArrayList)3
Test (org.junit.Test)3
AddressDAO (fi.otavanopisto.pyramus.dao.base.AddressDAO)2
ContactTypeDAO (fi.otavanopisto.pyramus.dao.base.ContactTypeDAO)2
OrganizationDAO (fi.otavanopisto.pyramus.dao.base.OrganizationDAO)2
