Examples with BaseSecurity org.olat.basesecurity.BaseSecurity used on opensource projects

Search in sources :

Example 91 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class UserWebService method update.

/**
 * Update an user
 * @response.representation.qname {http://www.example.com}userVO
 * @response.representation.mediaType application/xml, application/json
 * @response.representation.doc The user
 * @response.representation.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
 * @response.representation.200.qname {http://www.example.com}userVO
 * @response.representation.200.mediaType application/xml, application/json
 * @response.representation.200.doc The user
 * @response.representation.200.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The identity not found
 * @response.representation.406.qname {http://www.example.com}errorVO
 * @response.representation.406.mediaType application/xml, application/json
 * @response.representation.406.doc The list of validation errors
 * @response.representation.406.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_ERRORVOes}
 * @param identityKey The user key identifier
 * @param user The user datas
 * @param request The HTTP request
 * @return <code>User</code> object. The operation status (success or fail)
 */
@POST
@Path("{identityKey}")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response update(@PathParam("identityKey") Long identityKey, UserVO user, @Context HttpServletRequest request) {
    try {
        if (user == null) {
            return Response.serverError().status(Status.NO_CONTENT).build();
        }
        if (!isUserManager(request)) {
            return Response.serverError().status(Status.UNAUTHORIZED).build();
        }
        BaseSecurity baseSecurity = BaseSecurityManager.getInstance();
        Identity retrievedIdentity = baseSecurity.loadIdentityByKey(identityKey, false);
        if (retrievedIdentity == null) {
            return Response.serverError().status(Status.NOT_FOUND).build();
        }
        User retrievedUser = retrievedIdentity.getUser();
        List<ErrorVO> errors = validateUser(retrievedUser, user, request);
        if (errors.isEmpty()) {
            if (StringHelper.containsNonWhitespace(user.getExternalId()) && !user.getExternalId().equals(retrievedIdentity.getExternalId())) {
                retrievedIdentity = baseSecurity.setExternalId(retrievedIdentity, user.getExternalId());
                retrievedUser = retrievedIdentity.getUser();
            }
            String oldEmail = retrievedUser.getEmail();
            post(retrievedUser, user, getLocale(request));
            UserManager.getInstance().updateUser(retrievedUser);
            BaseSecurityManager.getInstance().deleteInvalidAuthenticationsByEmail(oldEmail);
            return Response.ok(get(retrievedIdentity, true, true)).build();
        }
        // content not ok
        ErrorVO[] errorVos = new ErrorVO[errors.size()];
        errors.toArray(errorVos);
        return Response.ok(errorVos).status(Status.NOT_ACCEPTABLE).build();
    } catch (Exception e) {
        log.error("Error updating an user", e);
        return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : ErrorVO(org.olat.restapi.support.vo.ErrorVO) User(org.olat.core.id.User) Identity(org.olat.core.id.Identity) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) WebApplicationException(javax.ws.rs.WebApplicationException) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Example 92 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class UserAuthenticationWebService method changePassword.

/**
 * Change the password of a user.
 *
 * @response.representation.200.doc The password successfully changed
 * @response.representation.304.doc The password was not changed
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The identity or the authentication not found
 * @param username The username of the user to change the password
 * @param newPassword The new password
 * @param request The HTTP request
 * @return <code>Response</code> object. The operation status (success or fail)
 */
@POST
@Path("password")
public Response changePassword(@PathParam("username") String username, @FormParam("newPassword") String newPassword, @Context HttpServletRequest request) {
    if (!isAdmin(request)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    Identity doer = getIdentity(request);
    if (doer == null) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity baseSecurity = BaseSecurityManager.getInstance();
    Identity identity = baseSecurity.findIdentityByName(username);
    if (identity == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    OLATAuthManager authManager = CoreSpringFactory.getImpl(OLATAuthManager.class);
    boolean ok = authManager.changePassword(doer, identity, newPassword);
    return (ok ? Response.ok() : Response.notModified()).build();
}
Also used : OLATAuthManager(org.olat.login.auth.OLATAuthManager) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) Identity(org.olat.core.id.Identity) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST)

Example 93 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class QuestionPoolWebService method addAuthor.

/**
 * Add an author to the question item.
 *
 * @response.representation.200.doc The user is an author of the question item
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The question item or the user not found
 * @param itemKey The question item identifier
 * @param identityKey The user identifier
 * @param httpRequest The HTTP request
 * @return It returns 200  if the user is added as author of the question item
 */
@PUT
@Path("{itemKey}/authors/{identityKey}")
public Response addAuthor(@PathParam("itemKey") Long itemKey, @PathParam("identityKey") Long identityKey, @Context HttpServletRequest httpRequest) {
    if (!isQuestionPoolManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    QPoolService poolService = CoreSpringFactory.getImpl(QPoolService.class);
    QuestionItem item = poolService.loadItemById(itemKey);
    if (item == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    BaseSecurity securityManager = CoreSpringFactory.getImpl(BaseSecurity.class);
    Identity author = securityManager.loadIdentityByKey(identityKey, false);
    if (author == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    List<Identity> authors = Collections.singletonList(author);
    List<QuestionItemShort> items = Collections.singletonList(item);
    poolService.addAuthors(authors, items);
    return Response.ok().build();
}
Also used : QPoolService(org.olat.modules.qpool.QPoolService) QuestionItemShort(org.olat.modules.qpool.QuestionItemShort) Identity(org.olat.core.id.Identity) QuestionItem(org.olat.modules.qpool.QuestionItem) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) PUT(javax.ws.rs.PUT)

Example 94 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class QuestionPoolWebService method removeAuthor.

/**
 * Remove an author to the question item.
 *
 * @response.representation.200.doc The user was successfully removed as author of the question item
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The question item or the user not found
 * @param itemKey The question item identifier
 * @param identityKey The user identifier
 * @param httpRequest The HTTP request
 * @return It returns 200  if the user is removed as author of the question item
 */
@DELETE
@Path("{itemKey}/authors/{identityKey}")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response removeAuthor(@PathParam("itemKey") Long itemKey, @PathParam("identityKey") Long identityKey, @Context HttpServletRequest httpRequest) {
    if (!isQuestionPoolManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    QPoolService poolService = CoreSpringFactory.getImpl(QPoolService.class);
    QuestionItem item = poolService.loadItemById(itemKey);
    if (item == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    BaseSecurity securityManager = CoreSpringFactory.getImpl(BaseSecurity.class);
    Identity author = securityManager.loadIdentityByKey(identityKey, false);
    if (author == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    List<Identity> authors = Collections.singletonList(author);
    List<QuestionItemShort> items = Collections.singletonList(item);
    poolService.removeAuthors(authors, items);
    return Response.ok().build();
}
Also used : QPoolService(org.olat.modules.qpool.QPoolService) QuestionItemShort(org.olat.modules.qpool.QuestionItemShort) Identity(org.olat.core.id.Identity) QuestionItem(org.olat.modules.qpool.QuestionItem) BaseSecurity(org.olat.basesecurity.BaseSecurity) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) Produces(javax.ws.rs.Produces)

Example 95 with BaseSecurity

use of org.olat.basesecurity.BaseSecurity in project openolat by klemens.

the class CatalogTest method setUp.

@Before
@Override
public void setUp() throws Exception {
    super.setUp();
    id1 = JunitTestHelper.createAndPersistIdentityAsUser("rest-catalog-one");
    JunitTestHelper.createAndPersistIdentityAsUser("rest-catalog-two");
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    admin = securityManager.findIdentityByName("administrator");
    // create a catalog
    root1 = catalogManager.getRootCatalogEntries().get(0);
    entry1 = catalogManager.createCatalogEntry();
    entry1.setType(CatalogEntry.TYPE_NODE);
    entry1.setName("Entry-1");
    entry1.setDescription("Entry-description-1");
    entry1.setOwnerGroup(securityManager.createAndPersistSecurityGroup());
    catalogManager.addCatalogEntry(root1, entry1);
    DBFactory.getInstance().intermediateCommit();
    entry1 = catalogManager.loadCatalogEntry(entry1);
    securityManager.addIdentityToSecurityGroup(admin, entry1.getOwnerGroup());
    subEntry11 = catalogManager.createCatalogEntry();
    subEntry11.setType(CatalogEntry.TYPE_NODE);
    subEntry11.setName("Sub-entry-11");
    subEntry11.setDescription("Sub-entry-description-11");
    catalogManager.addCatalogEntry(entry1, subEntry11);
    subEntry12 = catalogManager.createCatalogEntry();
    subEntry12.setType(CatalogEntry.TYPE_NODE);
    subEntry12.setName("Sub-entry-12");
    subEntry12.setDescription("Sub-entry-description-12");
    catalogManager.addCatalogEntry(entry1, subEntry12);
    entry2 = catalogManager.createCatalogEntry();
    entry2.setType(CatalogEntry.TYPE_NODE);
    entry2.setName("Entry-2");
    entry2.setDescription("Entry-description-2");
    catalogManager.addCatalogEntry(root1, entry2);
    entryToMove1 = catalogManager.createCatalogEntry();
    entryToMove1.setType(CatalogEntry.TYPE_NODE);
    entryToMove1.setName("Entry-1-to-move");
    entryToMove1.setDescription("Entry-description-1-to-move");
    catalogManager.addCatalogEntry(root1, entryToMove1);
    entryToMove2 = catalogManager.createCatalogEntry();
    entryToMove2.setType(CatalogEntry.TYPE_NODE);
    entryToMove2.setName("Entry-2-to-move");
    entryToMove2.setDescription("Entry-description-2-to-move");
    catalogManager.addCatalogEntry(root1, entryToMove2);
    subEntry13move = catalogManager.createCatalogEntry();
    subEntry13move.setType(CatalogEntry.TYPE_NODE);
    subEntry13move.setName("Sub-entry-13-move target");
    subEntry13move.setDescription("Sub-entry-description-13-move target");
    catalogManager.addCatalogEntry(root1, subEntry13move);
    DBFactory.getInstance().intermediateCommit();
}
Also used : BaseSecurity(org.olat.basesecurity.BaseSecurity) Before(org.junit.Before)

Aggregations

BaseSecurity (org.olat.basesecurity.BaseSecurity)116 Identity (org.olat.core.id.Identity)88 Path (javax.ws.rs.Path)48 RestSecurityHelper.getIdentity (org.olat.restapi.security.RestSecurityHelper.getIdentity)28 PUT (javax.ws.rs.PUT)24 Produces (javax.ws.rs.Produces)22 SecurityGroup (org.olat.basesecurity.SecurityGroup)20 RepositoryEntry (org.olat.repository.RepositoryEntry)20 DELETE (javax.ws.rs.DELETE)14 Authentication (org.olat.basesecurity.Authentication)14 MailPackage (org.olat.core.util.mail.MailPackage)14 RepositoryManager (org.olat.repository.RepositoryManager)14 Consumes (javax.ws.rs.Consumes)12 WebApplicationException (javax.ws.rs.WebApplicationException)12 CertificatesManager (org.olat.course.certificate.CertificatesManager)10 OLATResource (org.olat.resource.OLATResource)10 OLATResourceManager (org.olat.resource.OLATResourceManager)10 ArrayList (java.util.ArrayList)8 GET (javax.ws.rs.GET)8 IdentitiesAddEvent (org.olat.admin.securitygroup.gui.IdentitiesAddEvent)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial