use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.
the class ChangePasswordWebService method register.
/**
* @param identityKey
* @param request
* @return
*/
@PUT
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response register(@QueryParam("identityKey") Long identityKey, @Context HttpServletRequest request) {
if (!isUserManager(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
BaseSecurity securityManager = CoreSpringFactory.getImpl(BaseSecurity.class);
Identity identity = securityManager.loadIdentityByKey(identityKey);
if (identity == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!CoreSpringFactory.getImpl(UserModule.class).isPwdChangeAllowed(identity)) {
return Response.serverError().status(Status.FORBIDDEN).build();
}
RegistrationManager rm = CoreSpringFactory.getImpl(RegistrationManager.class);
String emailAdress = identity.getUser().getProperty(UserConstants.EMAIL, null);
String ip = request.getRemoteAddr();
TemporaryKey tk = rm.createAndDeleteOldTemporaryKey(identity.getKey(), emailAdress, ip, RegistrationManager.PW_CHANGE);
return Response.ok(new TemporaryKeyVO(tk)).build();
}
use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.
the class OLATUpgrade_7_1_1 method createRepoEntrySecurityGroups.
private void createRepoEntrySecurityGroups(RepositoryEntryUpgrade entry) {
BaseSecurity securityManager = BaseSecurityManager.getInstance();
boolean save = false;
if (entry.getTutorGroup() == null) {
// security group for tutors / coaches
SecurityGroup tutorGroup = securityManager.createAndPersistSecurityGroup();
// member of this group may modify member's membership
securityManager.createAndPersistPolicy(tutorGroup, Constants.PERMISSION_ACCESS, entry.getOlatResource());
// members of this group are always tutors also
securityManager.createAndPersistPolicy(tutorGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_TUTOR);
entry.setTutorGroup(tutorGroup);
securityManager.createAndPersistPolicy(entry.getTutorGroup(), Constants.PERMISSION_COACH, entry.getOlatResource());
DBFactory.getInstance().commit();
save = true;
}
if (entry.getParticipantGroup() == null) {
// security group for participants
SecurityGroup participantGroup = securityManager.createAndPersistSecurityGroup();
// member of this group may modify member's membership
securityManager.createAndPersistPolicy(participantGroup, Constants.PERMISSION_ACCESS, entry.getOlatResource());
// members of this group are always participants also
securityManager.createAndPersistPolicy(participantGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_PARTICIPANT);
entry.setParticipantGroup(participantGroup);
securityManager.createAndPersistPolicy(entry.getParticipantGroup(), Constants.PERMISSION_PARTI, entry.getOlatResource());
DBFactory.getInstance().commit();
save = true;
}
if (save) {
DBFactory.getInstance().updateObject(entry);
}
}
use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.
the class OLATUpgrade_7_1_1 method migrateRepoEntrySecurityGroups.
private void migrateRepoEntrySecurityGroups(RepositoryEntryUpgrade entry) {
BaseSecurity securityManager = BaseSecurityManager.getInstance();
List<BGContextImpl> contexts = findBGContextsForResource(entry.getOlatResource(), true, true);
for (BGContextImpl context : contexts) {
List<BusinessGroupUpgrade> groups = getGroupsOfBGContext(context);
for (BusinessGroupUpgrade group : groups) {
// migrate tutors
if (group.getOwnerGroup() != null) {
int count = 0;
List<Identity> owners = securityManager.getIdentitiesOfSecurityGroup(group.getOwnerGroup());
SecurityGroup tutorGroup = entry.getTutorGroup();
for (Identity owner : owners) {
if (securityManager.isIdentityInSecurityGroup(owner, tutorGroup)) {
continue;
}
securityManager.addIdentityToSecurityGroup(owner, tutorGroup);
if (count++ % 20 == 0) {
DBFactory.getInstance().intermediateCommit();
}
}
DBFactory.getInstance().intermediateCommit();
}
// migrate participants
if (group.getPartipiciantGroup() != null) {
int count = 0;
List<Identity> participants = securityManager.getIdentitiesOfSecurityGroup(group.getPartipiciantGroup());
SecurityGroup participantGroup = entry.getParticipantGroup();
for (Identity participant : participants) {
if (securityManager.isIdentityInSecurityGroup(participant, participantGroup)) {
continue;
}
securityManager.addIdentityToSecurityGroup(participant, participantGroup);
if (count++ % 20 == 0) {
DBFactory.getInstance().intermediateCommit();
}
}
DBFactory.getInstance().intermediateCommit();
}
}
}
}
use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.
the class PreferencesFormController method formOK.
/**
* @see org.olat.core.gui.components.form.flexible.impl.FormBasicController#formOK(org.olat.core.gui.UserRequest)
*/
protected void formOK(UserRequest ureq) {
UserManager um = UserManager.getInstance();
BaseSecurity secMgr = BaseSecurityManager.getInstance();
// Refresh user from DB to prevent stale object issues
tobeChangedIdentity = secMgr.loadIdentityByKey(tobeChangedIdentity.getKey());
Preferences prefs = tobeChangedIdentity.getUser().getPreferences();
prefs.setLanguage(language.getSelectedKey());
prefs.setFontsize(fontsize.getSelectedKey());
if (notificationInterval != null) {
// only read notification interval if available, could be disabled by configuration
prefs.setNotificationInterval(notificationInterval.getSelectedKey());
}
// Maybe the user changed the font size
if (ureq.getIdentity().equalsByPersistableKey(tobeChangedIdentity)) {
int fontSize = Integer.parseInt(fontsize.getSelectedKey());
WindowManager wm = getWindowControl().getWindowBackOffice().getWindowManager();
if (fontSize != wm.getFontSize()) {
getWindowControl().getWindowBackOffice().getWindow().setDirty(true);
}
}
if (mailSystem != null && mailSystem.isOneSelected()) {
String val = mailSystem.isSelected(1) ? "true" : "false";
prefs.setReceiveRealMail(val);
}
if (um.updateUserFromIdentity(tobeChangedIdentity)) {
// Language change needs logout / login
showInfo("preferences.successful");
} else {
showInfo("preferences.unsuccessful");
}
um.setUserCharset(tobeChangedIdentity, charset.getSelectedKey());
fireEvent(ureq, Event.DONE_EVENT);
}
use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.
the class UserWebService method update.
/**
* Update an user
* @response.representation.qname {http://www.example.com}userVO
* @response.representation.mediaType application/xml, application/json
* @response.representation.doc The user
* @response.representation.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
* @response.representation.200.qname {http://www.example.com}userVO
* @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The user
* @response.representation.200.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The identity not found
* @response.representation.406.qname {http://www.example.com}errorVO
* @response.representation.406.mediaType application/xml, application/json
* @response.representation.406.doc The list of validation errors
* @response.representation.406.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_ERRORVOes}
* @param identityKey The user key identifier
* @param user The user datas
* @param request The HTTP request
* @return <code>User</code> object. The operation status (success or fail)
*/
@POST
@Path("{identityKey}")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response update(@PathParam("identityKey") Long identityKey, UserVO user, @Context HttpServletRequest request) {
try {
if (user == null) {
return Response.serverError().status(Status.NO_CONTENT).build();
}
if (!isUserManager(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
BaseSecurity baseSecurity = BaseSecurityManager.getInstance();
Identity retrievedIdentity = baseSecurity.loadIdentityByKey(identityKey, false);
if (retrievedIdentity == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
User retrievedUser = retrievedIdentity.getUser();
List<ErrorVO> errors = validateUser(retrievedUser, user, request);
if (errors.isEmpty()) {
if (StringHelper.containsNonWhitespace(user.getExternalId()) && !user.getExternalId().equals(retrievedIdentity.getExternalId())) {
retrievedIdentity = baseSecurity.setExternalId(retrievedIdentity, user.getExternalId());
retrievedUser = retrievedIdentity.getUser();
}
String oldEmail = retrievedUser.getEmail();
post(retrievedUser, user, getLocale(request));
UserManager.getInstance().updateUser(retrievedUser);
BaseSecurityManager.getInstance().deleteInvalidAuthenticationsByEmail(oldEmail);
return Response.ok(get(retrievedIdentity, true, true)).build();
}
// content not ok
ErrorVO[] errorVos = new ErrorVO[errors.size()];
errors.toArray(errorVos);
return Response.ok(errorVos).status(Status.NOT_ACCEPTABLE).build();
} catch (Exception e) {
log.error("Error updating an user", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
Aggregations