Examples with BaseSecurity org.olat.basesecurity.BaseSecurity used on opensource projects

Search in sources :

Example 46 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class CourseAssessmentWebService method attachAssessableResults.

private void attachAssessableResults(Long courseResourceableId, String nodeKey, Identity requestIdentity, AssessableResultsVO resultsVO) {
    try {
        ICourse course = CourseFactory.openCourseEditSession(courseResourceableId);
        CourseNode node = getParentNode(course, nodeKey);
        if (!(node instanceof AssessableCourseNode)) {
            throw new IllegalArgumentException("The supplied node key does not refer to an AssessableCourseNode");
        }
        BaseSecurity securityManager = BaseSecurityManager.getInstance();
        Identity userIdentity = securityManager.loadIdentityByKey(resultsVO.getIdentityKey());
        // create an identenv with no roles, no attributes, no locale
        IdentityEnvironment ienv = new IdentityEnvironment();
        ienv.setIdentity(userIdentity);
        UserCourseEnvironment userCourseEnvironment = new UserCourseEnvironmentImpl(ienv, course.getCourseEnvironment());
        // Fetch all score and passed and calculate score accounting for the
        // entire course
        userCourseEnvironment.getScoreAccounting().evaluateAll();
        if (node instanceof IQTESTCourseNode) {
            importTestItems(course, nodeKey, requestIdentity, resultsVO);
        } else {
            AssessableCourseNode assessableNode = (AssessableCourseNode) node;
            // not directly pass this key
            ScoreEvaluation scoreEval = new ScoreEvaluation(resultsVO.getScore(), Boolean.TRUE, Boolean.TRUE, new Long(nodeKey));
            assessableNode.updateUserScoreEvaluation(scoreEval, userCourseEnvironment, requestIdentity, true, Role.coach);
        }
        CourseFactory.saveCourseEditorTreeModel(course.getResourceableId());
        CourseFactory.closeCourseEditSession(course.getResourceableId(), true);
    } catch (Throwable e) {
        throw new WebApplicationException(e);
    }
}
Also used : ScoreEvaluation(org.olat.course.run.scoring.ScoreEvaluation) WebApplicationException(javax.ws.rs.WebApplicationException) UserCourseEnvironment(org.olat.course.run.userview.UserCourseEnvironment) ICourse(org.olat.course.ICourse) BaseSecurity(org.olat.basesecurity.BaseSecurity) AssessableCourseNode(org.olat.course.nodes.AssessableCourseNode) IQTESTCourseNode(org.olat.course.nodes.IQTESTCourseNode) UserCourseEnvironmentImpl(org.olat.course.run.userview.UserCourseEnvironmentImpl) CourseNode(org.olat.course.nodes.CourseNode) AssessableCourseNode(org.olat.course.nodes.AssessableCourseNode) IQTESTCourseNode(org.olat.course.nodes.IQTESTCourseNode) Identity(org.olat.core.id.Identity) IdentityEnvironment(org.olat.core.id.IdentityEnvironment)

Example 47 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class CourseWebService method removeParticipant.

/**
 * Remove a participant from the course
 * @response.representation.200.doc The user was successfully removed as participant of the course
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The course or the user not found
 * @param identityKey The user identifier
 * @param httpRequest The HTTP request
 * @return It returns 200  if the user is removed as participant of the course
 */
@DELETE
@Path("participants/{identityKey}")
public Response removeParticipant(@PathParam("identityKey") Long identityKey, @Context HttpServletRequest httpRequest) {
    if (!isAuthorEditor(course, httpRequest) && !isInstitutionalResourceManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    Identity participant = securityManager.loadIdentityByKey(identityKey, false);
    if (participant == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    Identity identity = getIdentity(httpRequest);
    // remove the user as participant of the course
    RepositoryManager rm = RepositoryManager.getInstance();
    RepositoryEntry repositoryEntry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    List<Identity> participants = Collections.singletonList(participant);
    rm.removeParticipants(identity, participants, repositoryEntry, new MailPackage(false), false);
    return Response.ok().build();
}
Also used : MailPackage(org.olat.core.util.mail.MailPackage) RepositoryManager(org.olat.repository.RepositoryManager) RepositoryEntry(org.olat.repository.RepositoryEntry) Identity(org.olat.core.id.Identity) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE)

Example 48 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class CourseWebService method addAuthor.

/**
 * Add an owner and author to the course
 * @response.representation.200.doc The user is an author and owner of the course
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The course or the user not found
 * @param identityKey The user identifier
 * @param httpRequest The HTTP request
 * @return It returns 200  if the user is added as owner and author of the course
 */
@PUT
@Path("authors/{identityKey}")
public Response addAuthor(@PathParam("identityKey") Long identityKey, @Context HttpServletRequest httpRequest) {
    if (!isAuthorEditor(course, httpRequest) && !isInstitutionalResourceManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    Identity author = securityManager.loadIdentityByKey(identityKey, false);
    if (author == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    Identity identity = getIdentity(httpRequest);
    SecurityGroup authorGroup = securityManager.findSecurityGroupByName(Constants.GROUP_AUTHORS);
    boolean hasBeenAuthor = securityManager.isIdentityInSecurityGroup(author, authorGroup);
    if (!hasBeenAuthor) {
        // not an author already, add this identity to the security group "authors"
        securityManager.addIdentityToSecurityGroup(author, authorGroup);
        log.audit("User::" + identity.getName() + " added system role::" + Constants.GROUP_AUTHORS + " to user::" + author.getName() + " via addAuthor method in course REST API", null);
    }
    // add the author as owner of the course
    RepositoryManager rm = RepositoryManager.getInstance();
    RepositoryEntry repositoryEntry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    List<Identity> authors = Collections.singletonList(author);
    IdentitiesAddEvent identitiesAddedEvent = new IdentitiesAddEvent(authors);
    rm.addOwners(identity, identitiesAddedEvent, repositoryEntry, new MailPackage(false));
    return Response.ok().build();
}
Also used : MailPackage(org.olat.core.util.mail.MailPackage) IdentitiesAddEvent(org.olat.admin.securitygroup.gui.IdentitiesAddEvent) RepositoryManager(org.olat.repository.RepositoryManager) RepositoryEntry(org.olat.repository.RepositoryEntry) Identity(org.olat.core.id.Identity) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) SecurityGroup(org.olat.basesecurity.SecurityGroup) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) PUT(javax.ws.rs.PUT)

Example 49 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class CourseWebService method addParticipant.

/**
 * Add an participant to the course
 * @response.representation.200.doc The user is a participant of the course
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The course or the user not found
 * @param identityKey The user identifier
 * @param httpRequest The HTTP request
 * @return It returns 200  if the user is added as owner and author of the course
 */
@PUT
@Path("participants/{identityKey}")
public Response addParticipant(@PathParam("identityKey") Long identityKey, @Context HttpServletRequest httpRequest) {
    if (!isAuthorEditor(course, httpRequest) && !isInstitutionalResourceManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    Identity participant = securityManager.loadIdentityByKey(identityKey, false);
    if (participant == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    Identity identity = getIdentity(httpRequest);
    UserRequest ureq = getUserRequest(httpRequest);
    // add the author as owner of the course
    RepositoryManager rm = RepositoryManager.getInstance();
    RepositoryEntry repositoryEntry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    List<Identity> participants = Collections.singletonList(participant);
    IdentitiesAddEvent iae = new IdentitiesAddEvent(participants);
    rm.addParticipants(identity, ureq.getUserSession().getRoles(), iae, repositoryEntry, new MailPackage(false));
    return Response.ok().build();
}
Also used : MailPackage(org.olat.core.util.mail.MailPackage) IdentitiesAddEvent(org.olat.admin.securitygroup.gui.IdentitiesAddEvent) RepositoryManager(org.olat.repository.RepositoryManager) RepositoryEntry(org.olat.repository.RepositoryEntry) Identity(org.olat.core.id.Identity) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) RestSecurityHelper.getUserRequest(org.olat.restapi.security.RestSecurityHelper.getUserRequest) UserRequest(org.olat.core.gui.UserRequest) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) PUT(javax.ws.rs.PUT)

Example 50 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class CourseWebService method getAuthor.

/**
 * Get this specific author and owner of the course
 * @response.representation.200.qname {http://www.example.com}userVO
 * @response.representation.200.mediaType application/xml, application/json
 * @response.representation.200.doc The author
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The course not found or the user is not an onwer or author of the course
 * @param identityKey The user identifier
 * @param httpRequest The HTTP request
 * @return It returns an <code>UserVO</code>
 */
@GET
@Path("authors/{identityKey}")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response getAuthor(@PathParam("identityKey") Long identityKey, @Context HttpServletRequest httpRequest) {
    if (!isAuthorEditor(course, httpRequest) && !isInstitutionalResourceManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    RepositoryService repositoryService = CoreSpringFactory.getImpl(RepositoryService.class);
    RepositoryEntry repositoryEntry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    SecurityGroup authorGroup = securityManager.findSecurityGroupByName(Constants.GROUP_AUTHORS);
    Identity author = securityManager.loadIdentityByKey(identityKey, false);
    if (repositoryService.hasRole(author, repositoryEntry, GroupRoles.owner.name()) && securityManager.isIdentityInSecurityGroup(author, authorGroup)) {
        UserVO vo = UserVOFactory.get(author);
        return Response.ok(vo).build();
    }
    return Response.ok(author).build();
}
Also used : UserVO(org.olat.user.restapi.UserVO) RepositoryEntry(org.olat.repository.RepositoryEntry) SecurityGroup(org.olat.basesecurity.SecurityGroup) Identity(org.olat.core.id.Identity) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) RepositoryService(org.olat.repository.RepositoryService) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Aggregations

BaseSecurity (org.olat.basesecurity.BaseSecurity)116 Identity (org.olat.core.id.Identity)88 Path (javax.ws.rs.Path)48 RestSecurityHelper.getIdentity (org.olat.restapi.security.RestSecurityHelper.getIdentity)28 PUT (javax.ws.rs.PUT)24 Produces (javax.ws.rs.Produces)22 SecurityGroup (org.olat.basesecurity.SecurityGroup)20 RepositoryEntry (org.olat.repository.RepositoryEntry)20 DELETE (javax.ws.rs.DELETE)14 Authentication (org.olat.basesecurity.Authentication)14 MailPackage (org.olat.core.util.mail.MailPackage)14 RepositoryManager (org.olat.repository.RepositoryManager)14 Consumes (javax.ws.rs.Consumes)12 WebApplicationException (javax.ws.rs.WebApplicationException)12 CertificatesManager (org.olat.course.certificate.CertificatesManager)10 OLATResource (org.olat.resource.OLATResource)10 OLATResourceManager (org.olat.resource.OLATResourceManager)10 ArrayList (java.util.ArrayList)8 GET (javax.ws.rs.GET)8 IdentitiesAddEvent (org.olat.admin.securitygroup.gui.IdentitiesAddEvent)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial