Search in sources :

Example 71 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class ChangePasswordWebService method register.

/**
 * @param identityKey
 * @param request
 * @return
 */
@PUT
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response register(@QueryParam("identityKey") Long identityKey, @Context HttpServletRequest request) {
    if (!isUserManager(request)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity securityManager = CoreSpringFactory.getImpl(BaseSecurity.class);
    Identity identity = securityManager.loadIdentityByKey(identityKey);
    if (identity == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    } else if (!CoreSpringFactory.getImpl(UserModule.class).isPwdChangeAllowed(identity)) {
        return Response.serverError().status(Status.FORBIDDEN).build();
    }
    RegistrationManager rm = CoreSpringFactory.getImpl(RegistrationManager.class);
    String emailAdress = identity.getUser().getProperty(UserConstants.EMAIL, null);
    String ip = request.getRemoteAddr();
    TemporaryKey tk = rm.createAndDeleteOldTemporaryKey(identity.getKey(), emailAdress, ip, RegistrationManager.PW_CHANGE);
    return Response.ok(new TemporaryKeyVO(tk)).build();
}
Also used : RegistrationManager(org.olat.registration.RegistrationManager) TemporaryKey(org.olat.registration.TemporaryKey) UserModule(org.olat.user.UserModule) Identity(org.olat.core.id.Identity) BaseSecurity(org.olat.basesecurity.BaseSecurity) Produces(javax.ws.rs.Produces) PUT(javax.ws.rs.PUT)

Example 72 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class OLATUpgrade_7_1_1 method createRepoEntrySecurityGroups.

private void createRepoEntrySecurityGroups(RepositoryEntryUpgrade entry) {
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    boolean save = false;
    if (entry.getTutorGroup() == null) {
        // security group for tutors / coaches
        SecurityGroup tutorGroup = securityManager.createAndPersistSecurityGroup();
        // member of this group may modify member's membership
        securityManager.createAndPersistPolicy(tutorGroup, Constants.PERMISSION_ACCESS, entry.getOlatResource());
        // members of this group are always tutors also
        securityManager.createAndPersistPolicy(tutorGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_TUTOR);
        entry.setTutorGroup(tutorGroup);
        securityManager.createAndPersistPolicy(entry.getTutorGroup(), Constants.PERMISSION_COACH, entry.getOlatResource());
        DBFactory.getInstance().commit();
        save = true;
    }
    if (entry.getParticipantGroup() == null) {
        // security group for participants
        SecurityGroup participantGroup = securityManager.createAndPersistSecurityGroup();
        // member of this group may modify member's membership
        securityManager.createAndPersistPolicy(participantGroup, Constants.PERMISSION_ACCESS, entry.getOlatResource());
        // members of this group are always participants also
        securityManager.createAndPersistPolicy(participantGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_PARTICIPANT);
        entry.setParticipantGroup(participantGroup);
        securityManager.createAndPersistPolicy(entry.getParticipantGroup(), Constants.PERMISSION_PARTI, entry.getOlatResource());
        DBFactory.getInstance().commit();
        save = true;
    }
    if (save) {
        DBFactory.getInstance().updateObject(entry);
    }
}
Also used : SecurityGroup(org.olat.basesecurity.SecurityGroup) BaseSecurity(org.olat.basesecurity.BaseSecurity)

Example 73 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class OLATUpgrade_7_1_1 method migrateRepoEntrySecurityGroups.

private void migrateRepoEntrySecurityGroups(RepositoryEntryUpgrade entry) {
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    List<BGContextImpl> contexts = findBGContextsForResource(entry.getOlatResource(), true, true);
    for (BGContextImpl context : contexts) {
        List<BusinessGroupUpgrade> groups = getGroupsOfBGContext(context);
        for (BusinessGroupUpgrade group : groups) {
            // migrate tutors
            if (group.getOwnerGroup() != null) {
                int count = 0;
                List<Identity> owners = securityManager.getIdentitiesOfSecurityGroup(group.getOwnerGroup());
                SecurityGroup tutorGroup = entry.getTutorGroup();
                for (Identity owner : owners) {
                    if (securityManager.isIdentityInSecurityGroup(owner, tutorGroup)) {
                        continue;
                    }
                    securityManager.addIdentityToSecurityGroup(owner, tutorGroup);
                    if (count++ % 20 == 0) {
                        DBFactory.getInstance().intermediateCommit();
                    }
                }
                DBFactory.getInstance().intermediateCommit();
            }
            // migrate participants
            if (group.getPartipiciantGroup() != null) {
                int count = 0;
                List<Identity> participants = securityManager.getIdentitiesOfSecurityGroup(group.getPartipiciantGroup());
                SecurityGroup participantGroup = entry.getParticipantGroup();
                for (Identity participant : participants) {
                    if (securityManager.isIdentityInSecurityGroup(participant, participantGroup)) {
                        continue;
                    }
                    securityManager.addIdentityToSecurityGroup(participant, participantGroup);
                    if (count++ % 20 == 0) {
                        DBFactory.getInstance().intermediateCommit();
                    }
                }
                DBFactory.getInstance().intermediateCommit();
            }
        }
    }
}
Also used : BGContextImpl(org.olat.upgrade.model.BGContextImpl) BusinessGroupUpgrade(org.olat.upgrade.model.BusinessGroupUpgrade) Identity(org.olat.core.id.Identity) SecurityGroup(org.olat.basesecurity.SecurityGroup) BaseSecurity(org.olat.basesecurity.BaseSecurity)

Example 74 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class PreferencesFormController method formOK.

/**
 * @see org.olat.core.gui.components.form.flexible.impl.FormBasicController#formOK(org.olat.core.gui.UserRequest)
 */
protected void formOK(UserRequest ureq) {
    UserManager um = UserManager.getInstance();
    BaseSecurity secMgr = BaseSecurityManager.getInstance();
    // Refresh user from DB to prevent stale object issues
    tobeChangedIdentity = secMgr.loadIdentityByKey(tobeChangedIdentity.getKey());
    Preferences prefs = tobeChangedIdentity.getUser().getPreferences();
    prefs.setLanguage(language.getSelectedKey());
    prefs.setFontsize(fontsize.getSelectedKey());
    if (notificationInterval != null) {
        // only read notification interval if available, could be disabled by configuration
        prefs.setNotificationInterval(notificationInterval.getSelectedKey());
    }
    // Maybe the user changed the font size
    if (ureq.getIdentity().equalsByPersistableKey(tobeChangedIdentity)) {
        int fontSize = Integer.parseInt(fontsize.getSelectedKey());
        WindowManager wm = getWindowControl().getWindowBackOffice().getWindowManager();
        if (fontSize != wm.getFontSize()) {
            getWindowControl().getWindowBackOffice().getWindow().setDirty(true);
        }
    }
    if (mailSystem != null && mailSystem.isOneSelected()) {
        String val = mailSystem.isSelected(1) ? "true" : "false";
        prefs.setReceiveRealMail(val);
    }
    if (um.updateUserFromIdentity(tobeChangedIdentity)) {
        // Language change needs logout / login
        showInfo("preferences.successful");
    } else {
        showInfo("preferences.unsuccessful");
    }
    um.setUserCharset(tobeChangedIdentity, charset.getSelectedKey());
    fireEvent(ureq, Event.DONE_EVENT);
}
Also used : Preferences(org.olat.core.id.Preferences) BaseSecurity(org.olat.basesecurity.BaseSecurity) WindowManager(org.olat.core.gui.WindowManager)

Example 75 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project OpenOLAT by OpenOLAT.

the class UserWebService method update.

/**
 * Update an user
 * @response.representation.qname {http://www.example.com}userVO
 * @response.representation.mediaType application/xml, application/json
 * @response.representation.doc The user
 * @response.representation.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
 * @response.representation.200.qname {http://www.example.com}userVO
 * @response.representation.200.mediaType application/xml, application/json
 * @response.representation.200.doc The user
 * @response.representation.200.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The identity not found
 * @response.representation.406.qname {http://www.example.com}errorVO
 * @response.representation.406.mediaType application/xml, application/json
 * @response.representation.406.doc The list of validation errors
 * @response.representation.406.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_ERRORVOes}
 * @param identityKey The user key identifier
 * @param user The user datas
 * @param request The HTTP request
 * @return <code>User</code> object. The operation status (success or fail)
 */
@POST
@Path("{identityKey}")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response update(@PathParam("identityKey") Long identityKey, UserVO user, @Context HttpServletRequest request) {
    try {
        if (user == null) {
            return Response.serverError().status(Status.NO_CONTENT).build();
        }
        if (!isUserManager(request)) {
            return Response.serverError().status(Status.UNAUTHORIZED).build();
        }
        BaseSecurity baseSecurity = BaseSecurityManager.getInstance();
        Identity retrievedIdentity = baseSecurity.loadIdentityByKey(identityKey, false);
        if (retrievedIdentity == null) {
            return Response.serverError().status(Status.NOT_FOUND).build();
        }
        User retrievedUser = retrievedIdentity.getUser();
        List<ErrorVO> errors = validateUser(retrievedUser, user, request);
        if (errors.isEmpty()) {
            if (StringHelper.containsNonWhitespace(user.getExternalId()) && !user.getExternalId().equals(retrievedIdentity.getExternalId())) {
                retrievedIdentity = baseSecurity.setExternalId(retrievedIdentity, user.getExternalId());
                retrievedUser = retrievedIdentity.getUser();
            }
            String oldEmail = retrievedUser.getEmail();
            post(retrievedUser, user, getLocale(request));
            UserManager.getInstance().updateUser(retrievedUser);
            BaseSecurityManager.getInstance().deleteInvalidAuthenticationsByEmail(oldEmail);
            return Response.ok(get(retrievedIdentity, true, true)).build();
        }
        // content not ok
        ErrorVO[] errorVos = new ErrorVO[errors.size()];
        errors.toArray(errorVos);
        return Response.ok(errorVos).status(Status.NOT_ACCEPTABLE).build();
    } catch (Exception e) {
        log.error("Error updating an user", e);
        return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : ErrorVO(org.olat.restapi.support.vo.ErrorVO) User(org.olat.core.id.User) Identity(org.olat.core.id.Identity) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) WebApplicationException(javax.ws.rs.WebApplicationException) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Aggregations

BaseSecurity (org.olat.basesecurity.BaseSecurity)116 Identity (org.olat.core.id.Identity)88 Path (javax.ws.rs.Path)48 RestSecurityHelper.getIdentity (org.olat.restapi.security.RestSecurityHelper.getIdentity)28 PUT (javax.ws.rs.PUT)24 Produces (javax.ws.rs.Produces)22 SecurityGroup (org.olat.basesecurity.SecurityGroup)20 RepositoryEntry (org.olat.repository.RepositoryEntry)20 DELETE (javax.ws.rs.DELETE)14 Authentication (org.olat.basesecurity.Authentication)14 MailPackage (org.olat.core.util.mail.MailPackage)14 RepositoryManager (org.olat.repository.RepositoryManager)14 Consumes (javax.ws.rs.Consumes)12 WebApplicationException (javax.ws.rs.WebApplicationException)12 CertificatesManager (org.olat.course.certificate.CertificatesManager)10 OLATResource (org.olat.resource.OLATResource)10 OLATResourceManager (org.olat.resource.OLATResourceManager)10 ArrayList (java.util.ArrayList)8 GET (javax.ws.rs.GET)8 IdentitiesAddEvent (org.olat.admin.securitygroup.gui.IdentitiesAddEvent)8