use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceRESTService method getFeeInfo.
@GET
@Path("/workspaces/{ID}/feeInfo")
@RESTPermit(value = MuikkuPermissions.VIEW_WORKSPACE_FEE, requireLoggedIn = true)
public Response getFeeInfo(@PathParam("ID") Long workspaceEntityId) {
SchoolDataIdentifier userIdentifier = sessionController.getLoggedUser();
if (userIdentifier == null) {
return Response.status(Status.UNAUTHORIZED).build();
}
User user = userController.findUserByIdentifier(userIdentifier);
if (user == null) {
return Response.status(Status.FORBIDDEN).build();
}
WorkspaceEntity workspaceEntity = workspaceController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.NOT_FOUND).build();
}
Workspace workspace = workspaceController.findWorkspace(workspaceEntity);
if (workspace == null) {
return Response.status(Status.NOT_FOUND).build();
}
// #3069: If the user has evaluation fees and a school set, all workspaces have an
// evaluation fee. Otherwise it depends on the applicability of the workspace itself.
boolean evaluationFees = user.hasEvaluationFees() && (StringUtils.isNotEmpty(user.getSchool()) || workspace.isEvaluationFeeApplicable());
return Response.ok(new WorkspaceFeeInfo(evaluationFees)).build();
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceRESTService method createWorkspaceFile.
@POST
@Path("/workspaces/{WORKSPACEID}/workspacefile/")
@RESTPermit(handling = Handling.INLINE, requireLoggedIn = true)
public Response createWorkspaceFile(@PathParam("WORKSPACEID") Long workspaceId, WorkspaceEntityFileRESTModel entity) {
WorkspaceEntity workspaceEntity = workspaceEntityController.findWorkspaceEntityById(workspaceId);
if (workspaceEntity == null)
return Response.status(Status.BAD_REQUEST).build();
if (!sessionController.hasWorkspacePermission(MuikkuPermissions.MANAGE_WORKSPACE, workspaceEntity)) {
return Response.status(Status.FORBIDDEN).build();
}
if (StringUtils.isBlank(entity.getContentType())) {
return Response.status(Status.BAD_REQUEST).entity("contentType is missing").build();
}
if (StringUtils.isBlank(entity.getFileIdentifier())) {
return Response.status(Status.BAD_REQUEST).entity("identifier is missing").build();
}
byte[] content = null;
if (StringUtils.isNotBlank(entity.getTempFileId())) {
try {
content = TempFileUtils.getTempFileData(entity.getTempFileId());
} catch (IOException e) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
}
} else if (StringUtils.isNotBlank(entity.getBase64Data())) {
String base64File = entity.getBase64Data().split(",")[1];
content = DatatypeConverter.parseBase64Binary(base64File);
}
if (content == null) {
return Response.status(Status.BAD_REQUEST).entity("no content was found").build();
}
try {
WorkspaceEntityFile workspaceEntityFile = workspaceEntityFileController.findWorkspaceEntityFile(workspaceEntity, entity.getFileIdentifier());
ByteArrayInputStream contentStream = new ByteArrayInputStream(content);
if (workspaceEntityFile == null) {
String diskName = fileController.createFile("workspace", contentStream);
workspaceEntityFile = workspaceEntityFileController.createWorkspaceEntityFile(workspaceEntity, entity.getFileIdentifier(), diskName, entity.getContentType(), new Date());
} else {
fileController.updateFile("workspace", workspaceEntityFile.getDiskName(), contentStream);
workspaceEntityFile = workspaceEntityFileController.updateWorkspaceEntityFile(workspaceEntityFile, entity.getContentType(), new Date());
}
return Response.ok(createRestModel(workspaceEntityFile)).build();
} catch (IOException e) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
}
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceRESTService method listJournalEntries.
@GET
@Path("/workspaces/{WORKSPACEID}/journal")
@RESTPermit(handling = Handling.INLINE, requireLoggedIn = true)
public Response listJournalEntries(@PathParam("WORKSPACEID") Long workspaceEntityId, @QueryParam("userEntityId") Long userEntityId, @QueryParam("workspaceStudentId") String workspaceStudentId, @QueryParam("firstResult") @DefaultValue("0") Integer firstResult, @QueryParam("maxResults") @DefaultValue("25") Integer maxResults) {
List<WorkspaceJournalEntry> entries = new ArrayList<>();
List<WorkspaceJournalEntryRESTModel> result = new ArrayList<>();
WorkspaceEntity workspaceEntity = workspaceController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.NOT_FOUND).build();
}
UserEntity userEntity = sessionController.getLoggedUserEntity();
boolean canListAllEntries = sessionController.hasWorkspacePermission(MuikkuPermissions.LIST_ALL_JOURNAL_ENTRIES, workspaceEntity);
if (workspaceStudentId == null && userEntityId == null && canListAllEntries) {
List<WorkspaceUserEntity> workspaceUserEntities = workspaceUserEntityController.listActiveWorkspaceStudents(workspaceEntity);
Set<UserEntity> userEntities = new HashSet<>();
for (WorkspaceUserEntity workspaceUserEntity : workspaceUserEntities) {
userEntities.add(workspaceUserEntity.getUserSchoolDataIdentifier().getUserEntity());
}
entries = workspaceJournalController.listEntriesForStudents(workspaceEntity, userEntities, firstResult, maxResults);
} else {
if (userEntityId != null) {
// List by user entity (Muikku)
if (!userEntityId.equals(userEntity.getId())) {
if (canListAllEntries) {
userEntity = userEntityController.findUserEntityById(userEntityId);
if (userEntity == null) {
return Response.status(Status.NOT_FOUND).build();
}
} else {
return Response.status(Status.FORBIDDEN).build();
}
}
} else if (workspaceStudentId != null) {
// List by workspace student (school data)
SchoolDataIdentifier workspaceUserIdentifier = SchoolDataIdentifier.fromId(workspaceStudentId);
if (workspaceUserIdentifier == null) {
return Response.status(Status.BAD_REQUEST).entity("Invalid workspaceStudentId").build();
}
WorkspaceUserEntity workspaceUserEntity = workspaceUserEntityController.findWorkspaceUserEntityByWorkspaceUserIdentifierIncludeArchived(workspaceUserIdentifier);
if (workspaceUserEntity == null) {
return Response.status(Status.NOT_FOUND).build();
}
UserEntity userEntityFromWorkspaceUser = workspaceUserEntity.getUserSchoolDataIdentifier().getUserEntity();
if (userEntityFromWorkspaceUser == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (!canListAllEntries) {
if (!userEntity.getId().equals(userEntityFromWorkspaceUser.getId())) {
return Response.status(Status.FORBIDDEN).build();
}
} else {
userEntity = userEntityFromWorkspaceUser;
}
}
entries = workspaceJournalController.listEntriesByWorkspaceEntityAndUserEntity(workspaceEntity, userEntity, firstResult, maxResults);
}
for (WorkspaceJournalEntry entry : entries) {
UserEntity entryUserEntity = userEntityController.findUserEntityById(entry.getUserEntityId());
if (entryUserEntity != null) {
User user = userController.findUserByUserEntityDefaults(entryUserEntity);
if (user != null) {
result.add(new WorkspaceJournalEntryRESTModel(entry.getId(), entry.getWorkspaceEntityId(), entry.getUserEntityId(), user.getFirstName(), user.getLastName(), entry.getHtml(), entry.getTitle(), entry.getCreated()));
}
}
}
return Response.ok(result).build();
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceRESTService method updateWorkspaceStudent.
@PUT
@Path("/workspaces/{WORKSPACEENTITYID}/students/{ID}")
@RESTPermit(handling = Handling.INLINE)
public Response updateWorkspaceStudent(@PathParam("WORKSPACEENTITYID") Long workspaceEntityId, @PathParam("ID") String workspaceStudentId, WorkspaceStudent workspaceStudent) {
// Workspace
WorkspaceEntity workspaceEntity = workspaceController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.BAD_REQUEST).build();
}
// Access check
if (!sessionController.isLoggedIn()) {
return Response.status(Status.UNAUTHORIZED).entity("Not logged in").build();
}
if (!sessionController.hasWorkspacePermission(MuikkuPermissions.MANAGE_WORKSPACE_MEMBERS, workspaceEntity)) {
return Response.status(Status.FORBIDDEN).build();
}
// Workspace student and school data user
SchoolDataIdentifier workspaceUserIdentifier = SchoolDataIdentifier.fromId(workspaceStudentId);
if (workspaceUserIdentifier == null) {
return Response.status(Status.BAD_REQUEST).entity("Invalid workspace user id").build();
}
SchoolDataIdentifier workspaceIdentifier = new SchoolDataIdentifier(workspaceEntity.getIdentifier(), workspaceEntity.getDataSource().getIdentifier());
fi.otavanopisto.muikku.schooldata.entity.WorkspaceUser bridgeUser = workspaceController.findWorkspaceUser(workspaceIdentifier, workspaceUserIdentifier);
if (bridgeUser == null) {
return Response.status(Status.NOT_FOUND).entity("School data user not found").build();
}
WorkspaceUserEntity workspaceUserEntity = workspaceUserEntityController.findWorkspaceUserEntityByWorkspaceUserIdentifier(workspaceUserIdentifier);
// Reindex user when switching between active and inactive
if (workspaceStudent.getActive() != null && !workspaceStudent.getActive().equals(workspaceUserEntity.getActive())) {
workspaceController.updateWorkspaceStudentActivity(bridgeUser, workspaceStudent.getActive());
workspaceUserEntityController.updateActive(workspaceUserEntity, workspaceStudent.getActive());
UserSchoolDataIdentifier userSchoolDataIdentifier = workspaceUserEntity.getUserSchoolDataIdentifier();
userIndexer.indexUser(userSchoolDataIdentifier.getDataSource().getIdentifier(), userSchoolDataIdentifier.getIdentifier());
}
return Response.ok(workspaceStudent).build();
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceRESTService method createWorkspace.
@POST
@Path("/workspaces/")
@RESTPermit(handling = Handling.INLINE, requireLoggedIn = true)
public Response createWorkspace(@QueryParam("sourceWorkspaceIdentifier") String sourceWorkspaceId, @QueryParam("sourceWorkspaceEntityId") Long sourceWorkspaceEntityId, fi.otavanopisto.muikku.plugins.workspace.rest.model.Workspace payload) {
SchoolDataIdentifier workspaceIdentifier = null;
if (sourceWorkspaceId != null) {
workspaceIdentifier = SchoolDataIdentifier.fromId(sourceWorkspaceId);
if (workspaceIdentifier == null) {
return Response.status(Status.BAD_REQUEST).entity(String.format("Invalid source workspace identifier %s", sourceWorkspaceId)).build();
}
}
WorkspaceEntity sourceWorkspaceEntity = null;
if (sourceWorkspaceEntityId != null) {
sourceWorkspaceEntity = workspaceEntityController.findWorkspaceEntityById(sourceWorkspaceEntityId);
if (sourceWorkspaceEntity == null) {
return Response.status(Status.BAD_REQUEST).entity(String.format("Invalid source workspace entity id %d", sourceWorkspaceEntityId)).build();
}
workspaceIdentifier = new SchoolDataIdentifier(sourceWorkspaceEntity.getIdentifier(), sourceWorkspaceEntity.getDataSource().getIdentifier());
}
if (workspaceIdentifier == null) {
return Response.status(Status.NOT_IMPLEMENTED).entity("Creating new workspaces without sourceWorkspace is not not implemented yet").build();
}
if (!sessionController.hasEnvironmentPermission(MuikkuPermissions.COPY_WORKSPACE)) {
return Response.status(Status.FORBIDDEN).build();
}
if (StringUtils.isBlank(payload.getName())) {
return Response.status(Status.BAD_REQUEST).entity("Name is required").build();
}
Workspace workspace = workspaceController.copyWorkspace(workspaceIdentifier, payload.getName(), payload.getNameExtension(), payload.getDescription());
if (workspace == null) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(String.format("Failed to create copy of workspace %s", sourceWorkspaceId)).build();
}
WorkspaceEntity workspaceEntity = findCopiedWorkspaceEntity(workspace);
if (workspaceEntity == null) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(String.format("Failed to create local copy of workspace %s", sourceWorkspaceId)).build();
}
// #2599: Also copy workspace default license and producers
if (sourceWorkspaceEntity != null) {
workspaceEntityController.updateDefaultMaterialLicense(workspaceEntity, sourceWorkspaceEntity.getDefaultMaterialLicense());
List<WorkspaceMaterialProducer> workspaceMaterialProducers = workspaceController.listWorkspaceMaterialProducers(sourceWorkspaceEntity);
for (WorkspaceMaterialProducer workspaceMaterialProducer : workspaceMaterialProducers) {
workspaceController.createWorkspaceMaterialProducer(workspaceEntity, workspaceMaterialProducer.getName());
}
}
return Response.ok(createRestModel(workspaceEntity, workspace.getName(), workspace.getNameExtension(), workspace.getDescription(), convertWorkspaceCurriculumIds(workspace), workspace.getSubjectIdentifier())).build();
}
Aggregations