Examples with User fi.otavanopisto.pyramus.domainmodel.users.User used on opensource projects

Example 21 with User

use of fi.otavanopisto.pyramus.domainmodel.users.User in project pyramus by otavanopisto.

the class MuikkuRESTService method deleteStudentGroup.

@Path("/studentgroups/{ID:[0-9]*}")
@DELETE
@RESTPermit(MuikkuPermissions.MUIKKU_DELETE_STUDENT_GROUP)
public Response deleteStudentGroup(@Context HttpServletRequest request, @PathParam("ID") Long id) {
    // Prerequisites
    User loggedUser = sessionController.getUser();
    if (loggedUser.getOrganization() == null) {
        return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Current user lacks organization").build();
    }
    if (id == null) {
        return Response.status(Status.BAD_REQUEST).entity("Empty fields in payload").build();
    }
    // Find student group
    StudentGroup studentGroup = studentGroupController.findStudentGroupById(id);
    if (studentGroup == null) {
        return Response.status(Status.NOT_FOUND).entity(String.format("No student group for identifier %d", id)).build();
    } else if (!UserUtils.canAccessOrganization(loggedUser, studentGroup.getOrganization())) {
        logger.log(Level.SEVERE, String.format("Organization mismatch. User %d attempted to delete user group %d", loggedUser.getId(), id));
        return Response.status(Status.BAD_REQUEST).entity("No student group access").build();
    }
    // Student group archive
    studentGroupController.archiveStudentGroup(studentGroup, loggedUser);
    return Response.noContent().build();
}

Example 22 with User

use of fi.otavanopisto.pyramus.domainmodel.users.User in project pyramus by otavanopisto.

the class MuikkuRESTService method updateStudentGroup.

@Path("/studentgroups")
@PUT
@RESTPermit(MuikkuPermissions.MUIKKU_UPDATE_STUDENT_GROUP)
public Response updateStudentGroup(@Context HttpServletRequest request, StudentGroupPayload payload) {
    // Prerequisites
    User loggedUser = sessionController.getUser();
    if (loggedUser.getOrganization() == null) {
        return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Current user lacks organization").build();
    }
    if (StringUtils.isAnyBlank(payload.getIdentifier(), payload.getName()) || payload.getIsGuidanceGroup() == null) {
        return Response.status(Status.BAD_REQUEST).entity("Empty fields in payload").build();
    }
    // Find student group
    Long studentGroupId = Long.valueOf(payload.getIdentifier());
    StudentGroup studentGroup = studentGroupController.findStudentGroupById(studentGroupId);
    if (studentGroup == null) {
        return Response.status(Status.NOT_FOUND).entity(String.format("No student group for identifier %s", payload.getIdentifier())).build();
    } else if (!UserUtils.canAccessOrganization(loggedUser, studentGroup.getOrganization())) {
        logger.log(Level.SEVERE, String.format("Organization mismatch. User %d attempted to update user group %d", loggedUser.getId(), studentGroupId));
        return Response.status(Status.BAD_REQUEST).entity("No student group access").build();
    }
    // Student group update
    studentGroup = studentGroupController.updateStudentGroup(studentGroup, studentGroup.getOrganization(), payload.getName(), studentGroup.getDescription(), studentGroup.getBeginDate(), payload.getIsGuidanceGroup(), loggedUser);
    payload.setIdentifier(studentGroup.getId().toString());
    return Response.ok(payload).build();
}

Example 23 with User

use of fi.otavanopisto.pyramus.domainmodel.users.User in project pyramus by otavanopisto.

the class MuikkuRESTService method removeStudentGroupMembers.

@Path("/removestudentgroupmembers")
@PUT
@RESTPermit(MuikkuPermissions.MUIKKU_REMOVE_STUDENT_GROUP_MEMBERS)
public Response removeStudentGroupMembers(@Context HttpServletRequest request, StudentGroupMembersPayload payload) {
    // Prerequisites
    User loggedUser = sessionController.getUser();
    if (loggedUser.getOrganization() == null) {
        return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Current user lacks organization").build();
    }
    // Basic payload validation
    Long groupId = new Long(payload.getGroupIdentifier());
    StudentGroup studentGroup = studentGroupController.findStudentGroupById(groupId);
    if (studentGroup == null) {
        return Response.status(Status.BAD_REQUEST).entity(String.format("Student group %d not found", groupId)).build();
    } else if (!UserUtils.canAccessOrganization(loggedUser, studentGroup.getOrganization())) {
        logger.log(Level.SEVERE, String.format("Organization mismatch. User %d attempted to access group %d", loggedUser.getId(), groupId));
        return Response.status(Status.BAD_REQUEST).entity("No student group access").build();
    }
    for (String userIdentifier : payload.getUserIdentifiers()) {
        Long userId = new Long(userIdentifier);
        User user = userController.findUserById(userId);
        if (!UserUtils.canAccessOrganization(loggedUser, user.getOrganization())) {
            logger.log(Level.SEVERE, String.format("Organization mismatch. User %d attempted to remove user %d from group %d", loggedUser.getId(), userId, groupId));
            return Response.status(Status.BAD_REQUEST).entity("No user access").build();
        }
    }
    for (String userIdentifier : payload.getUserIdentifiers()) {
        Long userId = new Long(userIdentifier);
        User user = userController.findUserById(userId);
        if (user instanceof Student) {
            StudentGroupStudent studentGroupStudent = studentGroupController.findStudentGroupStudentByStudentGroupAndStudent(studentGroup, (Student) user);
            if (studentGroupStudent != null) {
                studentGroupController.deleteStudentGroupStudent(studentGroupStudent);
            }
        } else if (user instanceof StaffMember) {
            StudentGroupUser studentGroupUser = studentGroupController.findStudentGroupUserByStudentGroupAndUser(studentGroup, (StaffMember) user);
            if (studentGroupUser != null) {
                studentGroupController.deleteStudentGroupUser(studentGroupUser);
            }
        }
    }
    return Response.noContent().build();
}

Example 24 with User

use of fi.otavanopisto.pyramus.domainmodel.users.User in project pyramus by otavanopisto.

the class StudentRESTService method listStudentGroups.

@Path("/studentGroups")
@GET
@RESTPermit(StudentGroupPermissions.LIST_STUDENTGROUPS)
public Response listStudentGroups(@QueryParam("firstResult") Integer firstResult, @QueryParam("maxResults") Integer maxResults, @DefaultValue("false") @QueryParam("filterArchived") boolean filterArchived) {
    List<StudentGroup> studentGroups;
    User user = sessionController.getUser();
    if (sessionController.hasEnvironmentPermission(StudentPermissions.FEATURE_OWNED_GROUP_STUDENTS_RESTRICTION)) {
        // List only personal groups if user can't access others
        if (filterArchived) {
            studentGroups = studentGroupController.listUnarchivedStudentGroupsByMember(user, firstResult, maxResults);
        } else {
            studentGroups = studentGroupController.listStudentGroupsByMember(user, firstResult, maxResults);
        }
    } else {
        studentGroups = studentGroupController.listAccessibleStudentGroups(user, firstResult, maxResults, filterArchived);
    }
    if (studentGroups.isEmpty()) {
        return Response.noContent().build();
    }
    return Response.ok(objectFactory.createModel(studentGroups)).build();
}

Example 25 with User

use of fi.otavanopisto.pyramus.domainmodel.users.User in project pyramus by otavanopisto.

the class CourseRESTService method updateCourse.

@Path("/courses/{ID:[0-9]*}")
@PUT
@RESTPermit(CoursePermissions.UPDATE_COURSE)
public Response updateCourse(@PathParam("ID") Long id, fi.otavanopisto.pyramus.rest.model.Course courseEntity) {
    Course course = courseController.findCourseById(id);
    if (course == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (course.getArchived()) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (!course.getId().equals(courseEntity.getId())) {
        return Response.status(Status.BAD_REQUEST).entity("Cannot change entity id in update request").build();
    }
    if (courseEntity.getOrganizationId() == null) {
        return Response.status(Status.BAD_REQUEST).entity("organizationId is required").build();
    }
    String name = courseEntity.getName();
    String nameExtension = courseEntity.getNameExtension();
    CourseState state = courseController.findCourseStateById(courseEntity.getStateId());
    CourseType type = courseEntity.getTypeId() != null ? courseController.findCourseTypeById(courseEntity.getTypeId()) : null;
    Subject subject = null;
    if (courseEntity.getSubjectId() != null) {
        subject = commonController.findSubjectById(courseEntity.getSubjectId());
        if (subject == null) {
            return Response.status(Status.NOT_FOUND).entity("specified subject does not exist").build();
        }
    }
    Organization organization = organizationController.findById(courseEntity.getOrganizationId());
    if (organization == null) {
        return Response.status(Status.NOT_FOUND).entity(String.format("Organization with id %d not found", courseEntity.getOrganizationId())).build();
    }
    User user = sessionController.getUser();
    if ((course.getOrganization() != null) && !UserUtils.canAccessOrganization(user, course.getOrganization())) {
        logger.warning(String.format("User %d has no access to organization %d", user.getId(), course.getOrganization().getId()));
        return Response.status(Status.FORBIDDEN).build();
    } else if ((course.getOrganization() == null) && !UserUtils.canAccessAllOrganizations(user)) {
        logger.warning(String.format("User %d has cannot access course %d because it has no organization.", user.getId(), course.getId()));
        return Response.status(Status.FORBIDDEN).build();
    }
    if (!UserUtils.canAccessOrganization(user, organization)) {
        logger.warning(String.format("User %d has no access to organization %d", user.getId(), organization.getId()));
        return Response.status(Status.FORBIDDEN).build();
    }
    Integer courseNumber = courseEntity.getCourseNumber();
    OffsetDateTime beginDate = courseEntity.getBeginDate();
    OffsetDateTime endDate = courseEntity.getEndDate();
    Double courseLength = courseEntity.getLength();
    EducationalTimeUnit courseLengthTimeUnit = null;
    if (courseLength != null) {
        if (courseEntity.getLengthUnitId() == null) {
            return Response.status(Status.BAD_REQUEST).entity("length unit is missing").build();
        }
        courseLengthTimeUnit = commonController.findEducationalTimeUnitById(courseEntity.getLengthUnitId());
        if (courseLengthTimeUnit == null) {
            return Response.status(Status.BAD_REQUEST).entity("length unit is invalid").build();
        }
    }
    Double distanceTeachingDays = courseEntity.getDistanceTeachingDays();
    Double localTeachingDays = courseEntity.getLocalTeachingDays();
    Double teachingHours = courseEntity.getTeachingHours();
    Double distanceTeachingHours = courseEntity.getDistanceTeachingHours();
    Double planningHours = courseEntity.getPlanningHours();
    Double assessingHours = courseEntity.getAssessingHours();
    String description = courseEntity.getDescription();
    Long maxParticipantCount = courseEntity.getMaxParticipantCount();
    Date enrolmentTimeEnd = toDate(courseEntity.getEnrolmentTimeEnd());
    User loggedUser = sessionController.getUser();
    Course updatedCourse = courseController.updateCourse(course, organization, name, nameExtension, state, type, subject, courseNumber, toDate(beginDate), toDate(endDate), courseLength, courseLengthTimeUnit, distanceTeachingDays, localTeachingDays, teachingHours, distanceTeachingHours, planningHours, assessingHours, description, maxParticipantCount, enrolmentTimeEnd, loggedUser);
    Set<Curriculum> curriculums = new HashSet<Curriculum>();
    if (CollectionUtils.isNotEmpty(courseEntity.getCurriculumIds())) {
        for (Long curriculumId : courseEntity.getCurriculumIds()) {
            Curriculum curriculum = curriculumId != null ? curriculumController.findCurriculumById(curriculumId) : null;
            if (curriculum != null)
                curriculums.add(curriculum);
        }
    }
    updatedCourse = courseController.updateCourseCurriculums(updatedCourse, curriculums);
    updatedCourse = courseController.updateCourseTags(updatedCourse, courseEntity.getTags() == null ? new ArrayList<String>() : courseEntity.getTags());
    updatedCourse = courseController.updateCourseVariables(updatedCourse, courseEntity.getVariables() == null ? new HashMap<String, String>() : courseEntity.getVariables());
    return Response.ok().entity(objectFactory.createModel(updatedCourse)).build();
}