Examples with BaseSecurity org.olat.basesecurity.BaseSecurity used on opensource projects

Example 61 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class CourseWebService method addAuthors.

@PUT
@Path("authors")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response addAuthors(UserVO[] authors, @Context HttpServletRequest httpRequest) {
    if (!isAuthorEditor(course, httpRequest) && !isInstitutionalResourceManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    List<Identity> authorList = loadIdentities(authors);
    Identity identity = getIdentity(httpRequest);
    SecurityGroup authorGroup = securityManager.findSecurityGroupByName(Constants.GROUP_AUTHORS);
    for (Identity author : authorList) {
        boolean hasBeenAuthor = securityManager.isIdentityInSecurityGroup(author, authorGroup);
        if (!hasBeenAuthor) {
            // not an author already, add this identity to the security group "authors"
            securityManager.addIdentityToSecurityGroup(author, authorGroup);
            log.audit("User::" + identity.getName() + " added system role::" + Constants.GROUP_AUTHORS + " to user::" + author.getName() + " via addAuthor method in course REST API", null);
        }
    }
    // add the author as owner of the course
    RepositoryEntry repositoryEntry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    IdentitiesAddEvent identitiesAddedEvent = new IdentitiesAddEvent(authorList);
    RepositoryManager.getInstance().addOwners(identity, identitiesAddedEvent, repositoryEntry, new MailPackage(false));
    return Response.ok().build();
}

Example 62 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class CourseWebService method removeCoach.

/**
 * Remove a coach from the course
 * @response.representation.200.doc The user was successfully removed as coach of the course
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The course or the user not found
 * @param identityKey The user identifier
 * @param httpRequest The HTTP request
 * @return It returns 200  if the user is removed as coach of the course
 */
@DELETE
@Path("tutors/{identityKey}")
public Response removeCoach(@PathParam("identityKey") Long identityKey, @Context HttpServletRequest httpRequest) {
    if (!isAuthorEditor(course, httpRequest) && !isInstitutionalResourceManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    Identity coach = securityManager.loadIdentityByKey(identityKey, false);
    if (coach == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    Identity identity = getIdentity(httpRequest);
    // remove the user as coach of the course
    RepositoryManager rm = RepositoryManager.getInstance();
    RepositoryEntry repositoryEntry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    List<Identity> coaches = Collections.singletonList(coach);
    rm.removeTutors(identity, coaches, repositoryEntry, new MailPackage(false));
    return Response.ok().build();
}

Example 63 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class CourseWebService method removeParticipant.

/**
 * Remove a participant from the course
 * @response.representation.200.doc The user was successfully removed as participant of the course
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The course or the user not found
 * @param identityKey The user identifier
 * @param httpRequest The HTTP request
 * @return It returns 200  if the user is removed as participant of the course
 */
@DELETE
@Path("participants/{identityKey}")
public Response removeParticipant(@PathParam("identityKey") Long identityKey, @Context HttpServletRequest httpRequest) {
    if (!isAuthorEditor(course, httpRequest) && !isInstitutionalResourceManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    Identity participant = securityManager.loadIdentityByKey(identityKey, false);
    if (participant == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    Identity identity = getIdentity(httpRequest);
    // remove the user as participant of the course
    RepositoryManager rm = RepositoryManager.getInstance();
    RepositoryEntry repositoryEntry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    List<Identity> participants = Collections.singletonList(participant);
    rm.removeParticipants(identity, participants, repositoryEntry, new MailPackage(false), false);
    return Response.ok().build();
}

Example 64 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class RestSecurityHelper method isAuthorEditor.

public static boolean isAuthorEditor(OLATResourceable resourceable, HttpServletRequest request) {
    try {
        Roles roles = getRoles(request);
        if (roles.isOLATAdmin())
            return true;
        if (roles.isAuthor()) {
            UserRequest ureq = getUserRequest(request);
            Identity identity = ureq.getIdentity();
            BaseSecurity secMgr = BaseSecurityManager.getInstance();
            return secMgr.isIdentityPermittedOnResourceable(identity, Constants.PERMISSION_ADMIN, resourceable);
        }
        return false;
    } catch (Exception e) {
        return false;
    }
}

Example 65 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class UsersSubscriptionManagerImpl method getNewIdentityCreated.

/**
 * The search in the ManagerFactory is date based and not timestamp based.
 * The guest are also removed from the list.
 */
@Override
public List<Identity> getNewIdentityCreated(Date from) {
    if (from == null)
        return Collections.emptyList();
    BaseSecurity manager = BaseSecurityManager.getInstance();
    PermissionOnResourceable[] permissions = { new PermissionOnResourceable(Constants.PERMISSION_HASROLE, Constants.ORESOURCE_GUESTONLY) };
    List<Identity> guests = manager.getIdentitiesByPowerSearch(null, null, true, null, permissions, null, from, null, null, null, Identity.STATUS_VISIBLE_LIMIT);
    List<Identity> identities = manager.getIdentitiesByPowerSearch(null, null, true, null, null, null, from, null, null, null, Identity.STATUS_VISIBLE_LIMIT);
    if (!identities.isEmpty() && !guests.isEmpty()) {
        identities.removeAll(guests);
    }
    for (Iterator<Identity> identityIt = identities.iterator(); identityIt.hasNext(); ) {
        Identity identity = identityIt.next();
        if (identity.getCreationDate().before(from)) {
            identityIt.remove();
        }
    }
    return identities;
}