use of fi.otavanopisto.pyramus.rest.annotation.RESTPermit in project pyramus by otavanopisto.
the class StudentPhoneNumberRESTService method listStudentPhoneNumbers.
@Path("/")
@GET
@RESTPermit(handling = Handling.INLINE)
public Response listStudentPhoneNumbers(@PathParam("STUDENTID") Long studentId) {
Student student = studentController.findStudentById(studentId);
Status studentStatus = checkStudent(student);
if (studentStatus != Status.OK) {
return Response.status(studentStatus).build();
}
if (!restSecurity.hasPermission(new String[] { StudentPermissions.LIST_STUDENTPHONENUMBERS }, student) && !restSecurity.hasPermission(new String[] { PersonPermissions.PERSON_OWNER }, student.getPerson())) {
return Response.status(Status.FORBIDDEN).build();
}
List<PhoneNumber> phoneNumbers = student.getContactInfo().getPhoneNumbers();
if (phoneNumbers.isEmpty()) {
return Response.noContent().build();
}
return Response.ok(objectFactory.createModel(phoneNumbers)).build();
}
use of fi.otavanopisto.pyramus.rest.annotation.RESTPermit in project pyramus by otavanopisto.
the class StudentPhoneNumberRESTService method deleteStudentPhoneNumber.
@Path("/{ID:[0-9]*}")
@DELETE
@RESTPermit(StudentPermissions.DELETE_STUDENTPHONENUMBER)
public Response deleteStudentPhoneNumber(@PathParam("STUDENTID") Long studentId, @PathParam("ID") Long id) {
Student student = studentController.findStudentById(studentId);
Status studentStatus = checkStudent(student);
if (studentStatus != Status.OK) {
return Response.status(studentStatus).build();
}
PhoneNumber phoneNumber = commonController.findPhoneNumberById(id);
if (phoneNumber == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (!phoneNumber.getContactInfo().getId().equals(student.getContactInfo().getId())) {
return Response.status(Status.NOT_FOUND).build();
}
commonController.deletePhoneNumber(phoneNumber);
return Response.noContent().build();
}
use of fi.otavanopisto.pyramus.rest.annotation.RESTPermit in project pyramus by otavanopisto.
the class StudentRESTService method findStudentGroupStaffMember.
@Path("/studentGroups/{GROUPID:[0-9]*}/staffmembers/{ID:[0-9]*}")
@GET
@RESTPermit(StudentGroupPermissions.FIND_STUDENTGROUPSTAFFMEMBER)
public Response findStudentGroupStaffMember(@PathParam("GROUPID") Long studentGroupId, @PathParam("ID") Long id) {
StudentGroup studentGroup = studentGroupController.findStudentGroupById(studentGroupId);
if (studentGroup == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (studentGroup.getArchived()) {
return Response.status(Status.NOT_FOUND).build();
}
if (!UserUtils.canAccessOrganization(sessionController.getUser(), studentGroup.getOrganization())) {
return Response.status(Status.FORBIDDEN).build();
}
StudentGroupUser studentGroupUser = studentGroupController.findStudentGroupUserById(id);
if (studentGroupUser == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (!studentGroupUser.getStudentGroup().getId().equals(studentGroup.getId())) {
return Response.status(Status.NOT_FOUND).build();
}
return Response.ok(objectFactory.createModel(studentGroupUser)).build();
}
use of fi.otavanopisto.pyramus.rest.annotation.RESTPermit in project pyramus by otavanopisto.
the class StudentRESTService method findLatestStudentWorkspaceAssessment.
@Path("/students/{STUDENTID:[0-9]*}/latestCourseAssessment/")
@GET
@RESTPermit(handling = Handling.INLINE)
public Response findLatestStudentWorkspaceAssessment(@PathParam("STUDENTID") Long studentId) {
Student student = studentController.findStudentById(studentId);
if (student == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (student.getArchived()) {
return Response.status(Status.NOT_FOUND).build();
}
if (!restSecurity.hasPermission(new String[] { CourseAssessmentPermissions.LIST_ALL_STUDENT_COURSEASSESSMENTS, PersonPermissions.PERSON_OWNER }, student.getPerson(), Style.OR)) {
return Response.status(Status.FORBIDDEN).build();
}
List<CourseAssessment> courseAssessments = assessmentController.listByStudent(student);
if (CollectionUtils.isEmpty(courseAssessments)) {
return Response.status(Status.NOT_FOUND).build();
}
Collections.sort(courseAssessments, new Comparator<CourseAssessment>() {
public int compare(CourseAssessment o1, CourseAssessment o2) {
return o2.getDate().compareTo(o1.getDate());
}
});
return Response.ok(objectFactory.createModel(courseAssessments.get(0))).build();
}
use of fi.otavanopisto.pyramus.rest.annotation.RESTPermit in project pyramus by otavanopisto.
the class StudentRESTService method listStudentAssessments.
@Path("/students/{STUDENTID:[0-9]*}/assessments/")
@GET
@RESTPermit(handling = Handling.INLINE)
public Response listStudentAssessments(@PathParam("STUDENTID") Long studentId) {
Student student = studentController.findStudentById(studentId);
Status studentStatus = checkStudent(student);
if (studentStatus != Status.OK)
return Response.status(studentStatus).build();
if (!restSecurity.hasPermission(new String[] { CourseAssessmentPermissions.LIST_ALL_STUDENT_COURSEASSESSMENTS, StudentPermissions.STUDENT_OWNER }, student, Style.OR)) {
return Response.status(Status.FORBIDDEN).build();
}
List<CourseAssessment> assessments = assessmentController.listByStudent(student);
return Response.ok(objectFactory.createModel(assessments)).build();
}
Aggregations