use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class WorkspaceForumRESTService method updateArea.
@PUT
@Path("/workspaces/{WORKSPACEENTITYID}/forumAreas/{AREAID}")
@RESTPermit(handling = Handling.INLINE)
public Response updateArea(@PathParam("WORKSPACEENTITYID") Long workspaceEntityId, @PathParam("AREAID") Long areaId, ForumAreaRESTModel restModel) {
WorkspaceEntity workspaceEntity = workspaceEntityController.findWorkspaceEntityById(workspaceEntityId);
if (workspaceEntity == null) {
return Response.status(Status.NOT_FOUND).entity(String.format("Workspace entity %d not found", workspaceEntityId)).build();
}
ForumArea forumArea = forumController.getForumArea(areaId);
if (forumArea != null) {
if (!(forumArea instanceof WorkspaceForumArea)) {
logger.severe(String.format("Trying to access forum %d via incorrect REST endpoint", forumArea.getId()));
return Response.status(Status.NOT_FOUND).build();
}
if (!workspaceEntity.getId().equals(((WorkspaceForumArea) forumArea).getWorkspace())) {
return Response.status(Status.NOT_FOUND).entity(String.format("WorkspaceForumArea %d does not belong to workspace entity %d", forumArea.getId(), workspaceEntity.getId())).build();
}
if (sessionController.hasWorkspacePermission(ForumResourcePermissionCollection.FORUM_UPDATEWORKSPACEFORUM, workspaceEntity)) {
forumController.updateForumAreaName(forumArea, restModel.getName());
forumController.updateForumAreaDescription(forumArea, restModel.getDescription());
return Response.noContent().build();
} else {
return Response.status(Status.FORBIDDEN).build();
}
} else {
return Response.status(Status.NOT_FOUND).build();
}
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class HtmlMaterialRESTService method publishMaterial.
@POST
@Path("/{id}/publish/")
@RESTPermit(handling = Handling.INLINE, requireLoggedIn = true)
public Response publishMaterial(@PathParam("id") Long id, HtmlRestMaterialPublish entity) {
if (!sessionController.hasEnvironmentPermission(MuikkuPermissions.MANAGE_MATERIALS)) {
return Response.status(Status.FORBIDDEN).entity("Permission denied").build();
}
HtmlMaterial htmlMaterial = htmlMaterialController.findHtmlMaterialById(id);
if (htmlMaterial == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (!htmlMaterial.getRevisionNumber().equals(entity.getFromRevision())) {
return Response.status(Status.CONFLICT).entity(new HtmlRestMaterialPublishError(HtmlRestMaterialPublishError.Reason.CONCURRENT_MODIFICATIONS)).build();
}
try {
File fileRevision = coOpsApi.fileGet(id.toString(), entity.getToRevision());
if (fileRevision == null) {
return Response.status(Status.NOT_FOUND).build();
}
htmlMaterialController.updateHtmlMaterialToRevision(htmlMaterial, fileRevision.getContent(), entity.getToRevision(), false, entity.getRemoveAnswers() != null ? entity.getRemoveAnswers() : false);
} catch (WorkspaceMaterialContainsAnswersExeption e) {
return Response.status(Status.CONFLICT).entity(new HtmlRestMaterialPublishError(HtmlRestMaterialPublishError.Reason.CONTAINS_ANSWERS)).build();
} catch (CoOpsNotImplementedException | CoOpsNotFoundException | CoOpsUsageException | CoOpsInternalErrorException | CoOpsForbiddenException e) {
return Response.status(Status.INTERNAL_SERVER_ERROR).build();
}
return Response.noContent().build();
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class MaterialRESTService method deleteWorkspaceMaterialProducer.
@DELETE
@Path("/material/{MATERIALID}/producers/{PRODUCERID}")
@RESTPermit(handling = Handling.INLINE, requireLoggedIn = true)
public Response deleteWorkspaceMaterialProducer(@PathParam("MATERIALID") Long materialId, @PathParam("PRODUCERID") Long producerId) {
if (!sessionController.isLoggedIn()) {
return Response.status(Status.UNAUTHORIZED).entity("Not logged in").build();
}
if (!sessionController.hasEnvironmentPermission(MuikkuPermissions.MANAGE_MATERIAL_PRODUCERS)) {
return Response.status(Status.FORBIDDEN).entity("Permission denied").build();
}
Material material = materialController.findMaterialById(materialId);
if (material == null) {
return Response.status(Status.NOT_FOUND).entity(String.format("Material %d not found", materialId)).build();
}
fi.otavanopisto.muikku.plugins.material.model.MaterialProducer materialProducer = materialController.findMaterialProducer(producerId);
materialController.deleteMaterialProducer(materialProducer);
return Response.noContent().build();
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class MaterialRESTService method updateMaterial.
@PUT
@Path("/material/{ID}")
@RESTPermit(handling = Handling.INLINE, requireLoggedIn = true)
public Response updateMaterial(@PathParam("ID") Long id, RestMaterial payload) {
if (!sessionController.hasEnvironmentPermission(MuikkuPermissions.MANAGE_MATERIALS)) {
return Response.status(Status.FORBIDDEN).entity("Permission denied").build();
}
Material material = materialController.findMaterialById(id);
if (material == null) {
return Response.status(Status.NOT_FOUND).entity(String.format("Material %d not found", id)).build();
}
if (StringUtils.isNotBlank(payload.getTitle()) && !StringUtils.equals(payload.getTitle(), material.getTitle())) {
return Response.status(Status.BAD_REQUEST).entity("Refused to update title via this REST endpoint").build();
}
if (payload.getViewRestrict() == null) {
return Response.status(Status.BAD_REQUEST).entity("Required field viewRestrict missing").build();
}
materialController.updateMaterialLicense(material, payload.getLicense());
materialController.updateMaterialViewRestrict(material, payload.getViewRestrict());
return Response.ok(createRestModel(material)).build();
}
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class MaterialRESTService method listMaterialWorkspaceMaterials.
@GET
// @Path("/material/{ID:[0-9]*}/workspaceMaterials/")
@Path("/material/{ID}/workspaceMaterials/")
@RESTPermit(handling = Handling.INLINE, requireLoggedIn = true)
public Response listMaterialWorkspaceMaterials(@PathParam("ID") Long materialId) {
if (!sessionController.isLoggedIn()) {
return Response.status(Status.UNAUTHORIZED).build();
}
if (!sessionController.hasEnvironmentPermission(MuikkuPermissions.LIST_MATERIAL_WORKSPACE_MATERIALS)) {
return Response.status(Status.FORBIDDEN).build();
}
Material material = materialController.findMaterialById(materialId);
if (material == null) {
return Response.status(Status.NOT_FOUND).entity("Material not found").build();
}
List<WorkspaceMaterial> workspaceMaterials = workspaceMaterialController.listWorkspaceMaterialsByMaterial(material);
return Response.ok(createRestModel(workspaceMaterials.toArray(new WorkspaceMaterial[0]))).build();
}
Aggregations