Example 96 with RESTPermit
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class TranscriptofRecordsRESTService method unplanCourse.
@DELETE
@Path("/plannedCourses/")
@RESTPermit(handling = Handling.INLINE)
public Response unplanCourse(VopsPlannedCourseRESTModel model) {
SchoolDataIdentifier loggedUserIdentifier = sessionController.getLoggedUser();
boolean hasPermission = Objects.equals(loggedUserIdentifier.toId(), model.getStudentIdentifier());
if (!hasPermission) {
return Response.status(Status.FORBIDDEN).entity("You don't have the permission to access this").build();
}
StudiesViewCourseChoice choice = studiesViewCourseChoiceController.find(model.getSubjectIdentifier(), model.getCourseNumber(), model.getStudentIdentifier());
if (choice != null) {
studiesViewCourseChoiceController.delete(choice);
return Response.ok().build();
} else {
return Response.status(Status.NOT_FOUND).build();
}
}
Also used :
SchoolDataIdentifier(fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier)
StudiesViewCourseChoice(fi.otavanopisto.muikku.plugins.transcriptofrecords.model.StudiesViewCourseChoice)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
RESTPermit(fi.otavanopisto.security.rest.RESTPermit)
Example 97 with RESTPermit
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class TranscriptofRecordsRESTService method getVops.
@GET
@Path("/vops/{IDENTIFIER}")
@RESTPermit(handling = Handling.INLINE)
public Response getVops(@PathParam("IDENTIFIER") String studentIdentifierString) {
String educationTypeMappingString = pluginSettingsController.getPluginSetting("transcriptofrecords", "educationTypeMapping");
EducationTypeMapping educationTypeMapping = new EducationTypeMapping();
if (educationTypeMappingString != null) {
try {
educationTypeMapping = new ObjectMapper().readValue(educationTypeMappingString, EducationTypeMapping.class);
} catch (IOException e) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Education type mapping not set").build();
}
}
if (!sessionController.isLoggedIn()) {
return Response.status(Status.FORBIDDEN).entity("Must be logged in").build();
}
SchoolDataIdentifier studentIdentifier = SchoolDataIdentifier.fromId(studentIdentifierString);
if (studentIdentifier == null) {
return Response.status(Status.NOT_FOUND).entity("Student identifier not found").build();
}
if (!sessionController.hasEnvironmentPermission(TranscriptofRecordsPermissions.TRANSCRIPT_OF_RECORDS_VIEW_ANY_STUDENT_STUDIES) && !Objects.equals(sessionController.getLoggedUser(), studentIdentifier)) {
return Response.status(Status.FORBIDDEN).entity("Can only look at own information").build();
}
User student = userController.findUserByIdentifier(studentIdentifier);
if (!vopsController.shouldShowStudies(student)) {
VopsRESTModel result = new VopsRESTModel(null, 0, 0, false);
return Response.ok(result).build();
}
List<TransferCredit> transferCredits = new ArrayList<>(gradingController.listStudentTransferCredits(studentIdentifier));
List<Subject> subjects = courseMetaController.listSubjects();
Map<SchoolDataIdentifier, WorkspaceAssessment> studentAssessments = vopsController.listStudentAssessments(studentIdentifier);
String curriculum = pluginSettingsController.getPluginSetting("transcriptofrecords", "curriculum");
SchoolDataIdentifier curriculumIdentifier = null;
if (curriculum != null) {
curriculumIdentifier = SchoolDataIdentifier.fromId(curriculum);
}
final List<String> subjectList = new ArrayList<String>();
String commaSeparatedSubjectsOrder = pluginSettingsController.getPluginSetting("transcriptofrecords", "subjectsOrder");
if (!StringUtils.isBlank(commaSeparatedSubjectsOrder)) {
subjectList.addAll(Arrays.asList(commaSeparatedSubjectsOrder.split(",")));
}
subjects.sort(new Comparator<Subject>() {
public int compare(Subject o1, Subject o2) {
int i1 = subjectList.indexOf(o1.getCode());
int i2 = subjectList.indexOf(o2.getCode());
i1 = i1 == -1 ? Integer.MAX_VALUE : i1;
i2 = i2 == -1 ? Integer.MAX_VALUE : i2;
return i1 < i2 ? -1 : i1 == i2 ? 0 : 1;
}
});
VopsLister lister = new VopsLister(subjects, vopsController, student, transferCredits, curriculumIdentifier, workspaceController, workspaceUserEntityController, studentIdentifier, studentAssessments, userGroupEntityController, permissionController, studiesViewCourseChoiceController, studentIdentifierString, gradingController, educationTypeMapping);
lister.performListing();
VopsRESTModel result = new VopsRESTModel(lister.getRows(), lister.getNumCourses(), lister.getNumMandatoryCourses(), lister.isOptedIn());
return Response.ok(result).build();
}
Also used :
SchoolDataIdentifier(fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier)
WorkspaceAssessment(fi.otavanopisto.muikku.schooldata.entity.WorkspaceAssessment)
User(fi.otavanopisto.muikku.schooldata.entity.User)
EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
Subject(fi.otavanopisto.muikku.schooldata.entity.Subject)
VopsLister(fi.otavanopisto.muikku.plugins.transcriptofrecords.VopsLister)
TransferCredit(fi.otavanopisto.muikku.schooldata.entity.TransferCredit)
ObjectMapper(org.codehaus.jackson.map.ObjectMapper)
Path(javax.ws.rs.Path)
RESTPermit(fi.otavanopisto.security.rest.RESTPermit)
GET(javax.ws.rs.GET)
Example 98 with RESTPermit
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class TranscriptofRecordsRESTService method retrieveForm.
@GET
@Path("/hops")
@RESTPermit(handling = Handling.INLINE)
public Response retrieveForm() {
if (!sessionController.isLoggedIn()) {
return Response.status(Status.FORBIDDEN).entity("Must be logged in").build();
}
SchoolDataIdentifier userIdentifier = sessionController.getLoggedUser();
HopsRESTModel response = createHopsRESTModelForStudent(userIdentifier);
if (response == null) {
return Response.status(Status.NOT_FOUND).entity("No HOPS form for non-students").build();
}
return Response.ok(response).build();
}
Also used :
SchoolDataIdentifier(fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier)
Path(javax.ws.rs.Path)
RESTPermit(fi.otavanopisto.security.rest.RESTPermit)
GET(javax.ws.rs.GET)
Example 99 with RESTPermit
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class TranscriptofRecordsRESTService method updateHops.
@PUT
@Consumes("application/json")
@Path("/hops")
@RESTPermit(handling = Handling.INLINE)
public Response updateHops(HopsRESTModel model) {
if (!sessionController.isLoggedIn()) {
return Response.status(Status.FORBIDDEN).entity("Must be logged in").build();
}
SchoolDataIdentifier userIdentifier = sessionController.getLoggedUser();
User user = userController.findUserByIdentifier(userIdentifier);
UserEntity userEntity = sessionController.getLoggedUserEntity();
EnvironmentUser environmentUser = environmentUserController.findEnvironmentUserByUserEntity(userEntity);
EnvironmentRoleEntity roleEntity = environmentUser.getRole();
if (!EnvironmentRoleArchetype.STUDENT.equals(roleEntity.getArchetype())) {
return Response.status(Status.FORBIDDEN).entity("Must be a student").build();
}
vopsController.saveStringProperty(user, "goalSecondarySchoolDegree", model.getGoalSecondarySchoolDegree());
vopsController.saveStringProperty(user, "goalMatriculationExam", model.getGoalMatriculationExam());
vopsController.saveStringProperty(user, "vocationalYears", model.getVocationalYears());
vopsController.saveStringProperty(user, "goalJustMatriculationExam", model.getGoalJustMatriculationExam());
vopsController.saveStringProperty(user, "justTransferCredits", model.getJustTransferCredits());
vopsController.saveStringProperty(user, "transferCreditYears", model.getTransferCreditYears());
vopsController.saveStringProperty(user, "completionYears", model.getCompletionYears());
vopsController.saveStringProperty(user, "mathSyllabus", model.getMathSyllabus());
vopsController.saveStringProperty(user, "finnish", model.getFinnish());
vopsController.saveBoolProperty(user, "swedish", model.isSwedish());
vopsController.saveBoolProperty(user, "english", model.isEnglish());
vopsController.saveBoolProperty(user, "german", model.isGerman());
vopsController.saveBoolProperty(user, "french", model.isFrench());
vopsController.saveBoolProperty(user, "italian", model.isItalian());
vopsController.saveBoolProperty(user, "spanish", model.isSpanish());
vopsController.saveStringProperty(user, "science", model.getScience());
vopsController.saveStringProperty(user, "religion", model.getReligion());
vopsController.saveStringProperty(user, "additionalInfo", model.getAdditionalInfo());
return Response.ok().entity(model).build();
}
Also used :
SchoolDataIdentifier(fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier)
EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser)
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
User(fi.otavanopisto.muikku.schooldata.entity.User)
EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser)
UserEntity(fi.otavanopisto.muikku.model.users.UserEntity)
Path(javax.ws.rs.Path)
RESTPermit(fi.otavanopisto.security.rest.RESTPermit)
Consumes(javax.ws.rs.Consumes)
PUT(javax.ws.rs.PUT)
Example 100 with RESTPermit
use of fi.otavanopisto.security.rest.RESTPermit in project muikku by otavanopisto.
the class UserEntityFileRESTService method getFileContent.
@GET
@Path("/user/{USERENTITYID}/identifier/{IDENTIFIER}")
@RESTPermit(handling = Handling.INLINE)
public Response getFileContent(@PathParam("USERENTITYID") Long userEntityId, @PathParam("IDENTIFIER") String identifier, @Context Request request) {
// Check if the file exists
UserEntity userEntity = userEntityController.findUserEntityById(userEntityId);
if (userEntity == null) {
return Response.status(Status.NOT_FOUND).build();
}
UserEntityFile userEntityFile = userEntityFileController.findByUserEntityAndIdentifier(userEntity, identifier);
if (userEntityFile == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (userEntityFile.getVisibility() != UserEntityFileVisibility.PUBLIC) {
UserEntity loggedUserEntity = sessionController.getLoggedUserEntity();
if (loggedUserEntity == null) {
return Response.status(Status.NOT_FOUND).build();
} else if (!userEntityFile.getUserEntity().getId().equals(loggedUserEntity.getId())) {
if (userEntityFile.getVisibility() == UserEntityFileVisibility.STAFF) {
EnvironmentUser environmentUser = environmentUserController.findEnvironmentUserByUserEntity(loggedUserEntity);
if (environmentUser == null || environmentUser.getRole() == null || environmentUser.getRole().getArchetype() == EnvironmentRoleArchetype.STUDENT) {
return Response.status(Status.NOT_FOUND).build();
}
} else {
return Response.status(Status.NOT_FOUND).build();
}
}
}
// Serve the content
String tagIdentifier = String.format("%d-%s-%d", userEntityFile.getUserEntity().getId(), userEntityFile.getIdentifier(), userEntityFile.getLastModified().getTime());
EntityTag tag = new EntityTag(DigestUtils.md5Hex(String.valueOf(tagIdentifier)));
ResponseBuilder builder = request.evaluatePreconditions(tag);
if (builder != null) {
return builder.build();
}
CacheControl cacheControl = new CacheControl();
cacheControl.setMustRevalidate(true);
byte[] data = userEntityFile.getData();
return Response.ok(data).cacheControl(cacheControl).tag(tag).header("Content-Length", data.length).header("Content-Disposition", String.format("attachment; filename=\"%s\"", userEntityFile.getName())).type(userEntityFile.getContentType()).build();
}
Also used :
EnvironmentUser(fi.otavanopisto.muikku.model.users.EnvironmentUser)
EntityTag(javax.ws.rs.core.EntityTag)
CacheControl(javax.ws.rs.core.CacheControl)
ResponseBuilder(javax.ws.rs.core.Response.ResponseBuilder)
UserEntity(fi.otavanopisto.muikku.model.users.UserEntity)
UserEntityFile(fi.otavanopisto.muikku.model.users.UserEntityFile)
Path(javax.ws.rs.Path)
RESTPermit(fi.otavanopisto.security.rest.RESTPermit)
GET(javax.ws.rs.GET)
Aggregations
RESTPermit (fi.otavanopisto.security.rest.RESTPermit)215
Path (javax.ws.rs.Path)214
GET (javax.ws.rs.GET)99
UserEntity (fi.otavanopisto.muikku.model.users.UserEntity)90
WorkspaceEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceEntity)83
SchoolDataIdentifier (fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier)61
WorkspaceUserEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceUserEntity)57
POST (javax.ws.rs.POST)51
DELETE (javax.ws.rs.DELETE)45
ArrayList (java.util.ArrayList)36
UserSchoolDataIdentifier (fi.otavanopisto.muikku.model.users.UserSchoolDataIdentifier)30
ForumArea (fi.otavanopisto.muikku.plugins.forum.model.ForumArea)30
PUT (javax.ws.rs.PUT)26
ForumThread (fi.otavanopisto.muikku.plugins.forum.model.ForumThread)24
WorkspaceForumArea (fi.otavanopisto.muikku.plugins.forum.model.WorkspaceForumArea)21
CommunicatorMessageId (fi.otavanopisto.muikku.plugins.communicator.model.CommunicatorMessageId)20
WorkspaceMaterial (fi.otavanopisto.muikku.plugins.workspace.model.WorkspaceMaterial)20
User (fi.otavanopisto.muikku.schooldata.entity.User)19
EnvironmentForumArea (fi.otavanopisto.muikku.plugins.forum.model.EnvironmentForumArea)18
Date (java.util.Date)16
