Search in sources :

Example 56 with RESTPermit

use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.

the class ForumRESTService method updateArea.

@PUT
@Path("/areas/{AREAID}")
@RESTPermit(handling = Handling.INLINE)
public Response updateArea(@PathParam("AREAID") Long areaId, ForumAreaRESTModel restModel) {
    ForumArea forumArea = forumController.getForumArea(areaId);
    if (forumArea != null) {
        if (!(forumArea instanceof EnvironmentForumArea)) {
            logger.severe(String.format("Trying to access forum %d via incorrect REST endpoint", forumArea.getId()));
            return Response.status(Status.NOT_FOUND).build();
        }
        if (sessionController.hasEnvironmentPermission(ForumResourcePermissionCollection.FORUM_UPDATEENVIRONMENTFORUM)) {
            forumController.updateForumAreaName(forumArea, restModel.getName());
            forumController.updateForumAreaDescription(forumArea, restModel.getDescription());
            return Response.noContent().build();
        } else {
            return Response.status(Status.FORBIDDEN).build();
        }
    } else {
        return Response.status(Status.NOT_FOUND).build();
    }
}
Also used : ForumArea(fi.otavanopisto.muikku.plugins.forum.model.ForumArea) EnvironmentForumArea(fi.otavanopisto.muikku.plugins.forum.model.EnvironmentForumArea) EnvironmentForumArea(fi.otavanopisto.muikku.plugins.forum.model.EnvironmentForumArea) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.security.rest.RESTPermit) PUT(javax.ws.rs.PUT)

Example 57 with RESTPermit

use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.

the class ForumRESTService method createThread.

@POST
@Path("/areas/{AREAID}/threads")
@RESTPermit(handling = Handling.INLINE)
public Response createThread(@PathParam("AREAID") Long areaId, ForumThreadRESTModel newThread) {
    ForumArea forumArea = forumController.getForumArea(areaId);
    if (forumArea == null) {
        return Response.status(Status.NOT_FOUND).entity("Forum area not found").build();
    }
    if (!(forumArea instanceof EnvironmentForumArea)) {
        logger.severe(String.format("Trying to create new thread to non environment area (%d) from environment endpoint", forumArea.getId()));
        return Response.status(Status.BAD_REQUEST).build();
    }
    if (sessionController.hasEnvironmentPermission(ForumResourcePermissionCollection.FORUM_WRITE_ENVIRONMENT_MESSAGES)) {
        if (Boolean.TRUE.equals(newThread.getSticky()) || Boolean.TRUE.equals(newThread.getLocked())) {
            if (!sessionController.hasEnvironmentPermission(ForumResourcePermissionCollection.FORUM_LOCK_OR_STICKIFY_MESSAGES))
                return Response.status(Status.BAD_REQUEST).build();
        }
        Document message = Jsoup.parse(Jsoup.clean(newThread.getMessage(), Whitelist.relaxed().addAttributes("a", "target")));
        message.outputSettings().escapeMode(EscapeMode.xhtml);
        message.select("a[target]").attr("rel", "noopener noreferer");
        ForumThread thread = forumController.createForumThread(forumArea, newThread.getTitle(), message.body().toString(), newThread.getSticky(), newThread.getLocked());
        ForumThreadRESTModel result = new ForumThreadRESTModel(thread.getId(), thread.getTitle(), thread.getMessage(), thread.getCreator(), thread.getCreated(), thread.getForumArea().getId(), thread.getSticky(), thread.getLocked(), thread.getUpdated(), 1l, thread.getLastModified());
        return Response.ok(result).build();
    } else {
        return Response.status(Status.FORBIDDEN).build();
    }
}
Also used : ForumThread(fi.otavanopisto.muikku.plugins.forum.model.ForumThread) ForumArea(fi.otavanopisto.muikku.plugins.forum.model.ForumArea) EnvironmentForumArea(fi.otavanopisto.muikku.plugins.forum.model.EnvironmentForumArea) Document(org.jsoup.nodes.Document) EnvironmentForumArea(fi.otavanopisto.muikku.plugins.forum.model.EnvironmentForumArea) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.security.rest.RESTPermit) POST(javax.ws.rs.POST)

Example 58 with RESTPermit

use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.

the class ForumRESTService method listForumAreas.

@GET
@Path("/areas")
@RESTPermit(handling = Handling.INLINE)
public Response listForumAreas() {
    if (!sessionController.isLoggedIn()) {
        return Response.status(Status.UNAUTHORIZED).entity("Not logged in").build();
    }
    if (!sessionController.hasEnvironmentPermission(ForumResourcePermissionCollection.FORUM_ACCESSENVIRONMENTFORUM)) {
        return Response.status(Status.FORBIDDEN).entity("Forbidden").build();
    }
    // Permission to see the area is checked by controller here
    List<EnvironmentForumArea> forums = forumController.listEnvironmentForums();
    List<ForumAreaRESTModel> result = new ArrayList<ForumAreaRESTModel>();
    for (EnvironmentForumArea forum : forums) {
        Long numThreads = forumController.getThreadCount(forum);
        result.add(new ForumAreaRESTModel(forum.getId(), forum.getName(), forum.getDescription(), forum.getGroup() != null ? forum.getGroup().getId() : null, numThreads));
    }
    return Response.ok(result).build();
}
Also used : ArrayList(java.util.ArrayList) EnvironmentForumArea(fi.otavanopisto.muikku.plugins.forum.model.EnvironmentForumArea) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.security.rest.RESTPermit) GET(javax.ws.rs.GET)

Example 59 with RESTPermit

use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.

the class ForumRESTService method findThread.

@GET
@Path("/areas/{AREAID}/threads/{THREADID}")
@RESTPermit(handling = Handling.INLINE)
public Response findThread(@PathParam("AREAID") Long areaId, @PathParam("THREADID") Long threadId) {
    ForumThread thread = forumController.getForumThread(threadId);
    if (thread == null) {
        return Response.status(Status.NOT_FOUND).entity("Forum thread not found").build();
    }
    if (!(thread.getForumArea() instanceof EnvironmentForumArea)) {
        logger.severe(String.format("Trying to list non environment forum thread messages (%d) from environment endpoint", thread.getId()));
        return Response.status(Status.BAD_REQUEST).build();
    }
    if (sessionController.hasEnvironmentPermission(ForumResourcePermissionCollection.FORUM_READ_ENVIRONMENT_MESSAGES)) {
        long numReplies = forumController.getThreadReplyCount(thread);
        ForumThreadRESTModel result = new ForumThreadRESTModel(thread.getId(), thread.getTitle(), thread.getMessage(), thread.getCreator(), thread.getCreated(), thread.getForumArea().getId(), thread.getSticky(), thread.getLocked(), thread.getUpdated(), numReplies, thread.getLastModified());
        return Response.ok(result).build();
    } else {
        return Response.status(Status.FORBIDDEN).build();
    }
}
Also used : ForumThread(fi.otavanopisto.muikku.plugins.forum.model.ForumThread) EnvironmentForumArea(fi.otavanopisto.muikku.plugins.forum.model.EnvironmentForumArea) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.security.rest.RESTPermit) GET(javax.ws.rs.GET)

Example 60 with RESTPermit

use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.

the class ForumRESTService method createForumAreaGroup.

@POST
@Path("/areagroups")
@RESTPermit(ForumResourcePermissionCollection.FORUM_CREATEFORUMAREAGROUP)
public Response createForumAreaGroup(ForumAreaGroupRESTModel newGroup) {
    ForumAreaGroup forumArea = forumController.createForumAreaGroup(newGroup.getName());
    ForumAreaGroupRESTModel result = new ForumAreaGroupRESTModel(forumArea.getId(), forumArea.getName());
    return Response.ok(result).build();
}
Also used : ForumAreaGroup(fi.otavanopisto.muikku.plugins.forum.model.ForumAreaGroup) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.security.rest.RESTPermit) POST(javax.ws.rs.POST)

Aggregations

RESTPermit (fi.otavanopisto.security.rest.RESTPermit)215 Path (javax.ws.rs.Path)214 GET (javax.ws.rs.GET)99 UserEntity (fi.otavanopisto.muikku.model.users.UserEntity)90 WorkspaceEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceEntity)83 SchoolDataIdentifier (fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier)61 WorkspaceUserEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceUserEntity)57 POST (javax.ws.rs.POST)51 DELETE (javax.ws.rs.DELETE)45 ArrayList (java.util.ArrayList)36 UserSchoolDataIdentifier (fi.otavanopisto.muikku.model.users.UserSchoolDataIdentifier)30 ForumArea (fi.otavanopisto.muikku.plugins.forum.model.ForumArea)30 PUT (javax.ws.rs.PUT)26 ForumThread (fi.otavanopisto.muikku.plugins.forum.model.ForumThread)24 WorkspaceForumArea (fi.otavanopisto.muikku.plugins.forum.model.WorkspaceForumArea)21 CommunicatorMessageId (fi.otavanopisto.muikku.plugins.communicator.model.CommunicatorMessageId)20 WorkspaceMaterial (fi.otavanopisto.muikku.plugins.workspace.model.WorkspaceMaterial)20 User (fi.otavanopisto.muikku.schooldata.entity.User)19 EnvironmentForumArea (fi.otavanopisto.muikku.plugins.forum.model.EnvironmentForumArea)18 Date (java.util.Date)16