use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceForumRESTService method findThread.
@GET
@Path("/workspaces/{WORKSPACEENTITYID}/forumAreas/{AREAID}/threads/{THREADID}")
@RESTPermit(handling = Handling.INLINE)
public Response findThread(@PathParam("WORKSPACEENTITYID") Long workspaceEntityId, @PathParam("AREAID") Long areaId, @PathParam("THREADID") Long threadId) {
WorkspaceEntity workspaceEntity = workspaceEntityController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.NOT_FOUND).entity(String.format("Workspace entity %d not found", workspaceEntityId)).build();
}
ForumThread thread = forumController.getForumThread(threadId);
if (thread == null) {
return Response.status(Status.NOT_FOUND).entity("Forum thread not found").build();
}
ForumArea forumArea = thread.getForumArea();
if (!(forumArea instanceof WorkspaceForumArea)) {
logger.severe(String.format("Trying to access forum %d via incorrect REST endpoint", forumArea.getId()));
return Response.status(Status.NOT_FOUND).build();
}
if (!workspaceEntity.getId().equals(((WorkspaceForumArea) forumArea).getWorkspace())) {
return Response.status(Status.NOT_FOUND).entity(String.format("WorkspaceForumArea %d does not belong to workspace entity %d", forumArea.getId(), workspaceEntity.getId())).build();
}
if (sessionController.hasWorkspacePermission(ForumResourcePermissionCollection.FORUM_READ_WORKSPACE_MESSAGES, workspaceEntity)) {
long numReplies = forumController.getThreadReplyCount(thread);
ForumThreadRESTModel result = new ForumThreadRESTModel(thread.getId(), thread.getTitle(), thread.getMessage(), thread.getCreator(), thread.getCreated(), thread.getForumArea().getId(), thread.getSticky(), thread.getLocked(), thread.getUpdated(), numReplies, thread.getLastModified());
return Response.ok(result).build();
} else {
return Response.status(Status.FORBIDDEN).build();
}
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceForumRESTService method findWorkspaceArea.
@GET
@Path("/workspaces/{WORKSPACEENTITYID}/forumAreas/{AREAID}")
@RESTPermit(handling = Handling.INLINE)
public Response findWorkspaceArea(@Context Request request, @PathParam("WORKSPACEENTITYID") Long workspaceEntityId, @PathParam("AREAID") Long areaId) {
ForumArea forumArea = forumController.getForumArea(areaId);
WorkspaceEntity workspaceEntity = workspaceEntityController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.NOT_FOUND).entity(String.format("Workspace entity %d not found", workspaceEntityId)).build();
}
if (forumArea != null) {
if (!(forumArea instanceof WorkspaceForumArea)) {
logger.severe(String.format("Trying to access forum %d via incorrect REST endpoint", forumArea.getId()));
return Response.status(Status.NOT_FOUND).build();
}
if (!workspaceEntity.getId().equals(((WorkspaceForumArea) forumArea).getWorkspace())) {
return Response.status(Status.NOT_FOUND).entity(String.format("WorkspaceForumArea %d does not belong to workspace entity %d", forumArea.getId(), workspaceEntity.getId())).build();
}
if (sessionController.hasWorkspacePermission(ForumResourcePermissionCollection.FORUM_ACCESSWORKSPACEFORUMS, workspaceEntity)) {
Long numThreads = forumController.getThreadCount(forumArea);
EntityTag tag = new EntityTag(DigestUtils.md5Hex(String.valueOf(forumArea.getVersion()) + String.valueOf(numThreads)));
ResponseBuilder builder = request.evaluatePreconditions(tag);
if (builder != null) {
return builder.build();
}
CacheControl cacheControl = new CacheControl();
cacheControl.setMustRevalidate(true);
ForumAreaRESTModel result = new ForumAreaRESTModel(forumArea.getId(), forumArea.getName(), forumArea.getDescription(), forumArea.getGroup() != null ? forumArea.getGroup().getId() : null, numThreads);
return Response.ok(result).cacheControl(cacheControl).tag(tag).build();
} else {
return Response.status(Status.FORBIDDEN).build();
}
} else {
return Response.status(Status.NOT_FOUND).build();
}
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceForumRESTService method archiveWorkspaceForumArea.
@DELETE
@Path("/workspaces/{WORKSPACEENTITYID}/forumAreas/{AREAID}")
@RESTPermit(handling = Handling.INLINE)
public Response archiveWorkspaceForumArea(@PathParam("WORKSPACEENTITYID") Long workspaceEntityId, @PathParam("AREAID") Long areaId) {
WorkspaceEntity workspaceEntity = workspaceEntityController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.NOT_FOUND).entity(String.format("Workspace entity %d not found", workspaceEntityId)).build();
}
ForumArea forumArea = forumController.getForumArea(areaId);
if (!(forumArea instanceof WorkspaceForumArea)) {
logger.severe(String.format("Trying to access forum %d via incorrect REST endpoint", forumArea.getId()));
return Response.status(Status.NOT_FOUND).build();
}
if (!workspaceEntity.getId().equals(((WorkspaceForumArea) forumArea).getWorkspace())) {
return Response.status(Status.NOT_FOUND).entity(String.format("WorkspaceForumArea %d does not belong to workspace entity %d", forumArea.getId(), workspaceEntity.getId())).build();
}
if (sessionController.hasPermission(MuikkuPermissions.OWNER, forumArea) || sessionController.hasWorkspacePermission(ForumResourcePermissionCollection.FORUM_DELETEWORKSPACEFORUM, workspaceEntity)) {
forumController.archiveArea(forumArea);
} else {
return Response.status(Status.FORBIDDEN).build();
}
return Response.noContent().build();
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceForumRESTService method listWorkspaceForumAreas.
@GET
@Path("/workspaces/{WORKSPACEENTITYID}/forumAreas")
@RESTPermit(handling = Handling.INLINE)
public Response listWorkspaceForumAreas(@PathParam("WORKSPACEENTITYID") Long workspaceEntityId) {
WorkspaceEntity workspaceEntity = workspaceEntityController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.NOT_FOUND).entity(String.format("Workspace entity %d not found", workspaceEntityId)).build();
}
if (!sessionController.hasWorkspacePermission(ForumResourcePermissionCollection.FORUM_LIST_WORKSPACE_FORUM, workspaceEntity)) {
return Response.status(Status.FORBIDDEN).build();
}
List<WorkspaceForumArea> workspaceForumAreas = forumController.listWorkspaceForumAreas(workspaceEntity);
List<WorkspaceForumAreaRESTModel> result = new ArrayList<WorkspaceForumAreaRESTModel>();
for (WorkspaceForumArea forum : workspaceForumAreas) {
Long numThreads = forumController.getThreadCount(forum);
result.add(new WorkspaceForumAreaRESTModel(forum.getId(), forum.getWorkspace(), forum.getName(), forum.getDescription(), forum.getGroup() != null ? forum.getGroup().getId() : null, numThreads));
}
return Response.ok(result).build();
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceForumRESTService method getWorkspaceForumStatistics.
@GET
@Path("/workspaces/{WORKSPACEENTITYID}/forumStatistics")
@RESTPermit(handling = Handling.INLINE)
public Response getWorkspaceForumStatistics(@PathParam("WORKSPACEENTITYID") Long workspaceEntityId, @QueryParam("userIdentifier") String userId) {
WorkspaceEntity workspaceEntity = workspaceEntityController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.NOT_FOUND).entity(String.format("Workspace entity %d could not be found", workspaceEntityId)).build();
}
SchoolDataIdentifier userIdentifier = null;
if (StringUtils.isNotBlank(userId)) {
userIdentifier = SchoolDataIdentifier.fromId(userId);
}
if (userIdentifier == null) {
return Response.status(Status.NOT_IMPLEMENTED).entity("Listing forum statistics for all users is not implemented yet").build();
}
UserEntity userEntity = userEntityController.findUserEntityByUserIdentifier(userIdentifier);
if (userEntity == null) {
return Response.status(Status.BAD_REQUEST).entity("Invalid userIdentifier").build();
}
if (!sessionController.hasWorkspacePermission(ForumResourcePermissionCollection.FORUM_FINDWORKSPACE_USERSTATISTICS, workspaceEntity)) {
return Response.status(Status.FORBIDDEN).build();
}
Long messageCount = forumController.countUserEntityWorkspaceMessages(workspaceEntity, userEntity);
ForumMessage latestMessage = forumController.findUserEntitysLatestWorkspaceMessage(workspaceEntity, userEntity);
return Response.ok(new WorkspaceForumUserStatisticsRESTModel(messageCount, latestMessage != null ? latestMessage.getCreated() : null)).build();
}
Aggregations