use of org.olat.basesecurity.BaseSecurityModule in project OpenOLAT by OpenOLAT.
the class BaseFullWebappController method initializeBase.
private void initializeBase(UserRequest ureq, WindowManager winman, ComponentCollection mainPanel) {
// component-id of mainPanel for the window id
mainVc.contextPut("o_winid", mainPanel.getDispatchID());
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
mainVc.contextPut("enforceTopFrame", securityModule.isForceTopFrame());
// add optional css classes
mainVc.contextPut("bodyCssClasses", bodyCssClasses);
Window w = wbo.getWindow();
mainVc.put("jsCssRawHtmlHeader", w.getJsCssRawHtmlHeader());
// control part for ajax-communication. returns an empty panel if ajax
// is not enabled, so that ajax can be turned on on the fly for
// development mode
jsServerC = wbo.createAJAXController(ureq);
mainVc.put("jsServer", jsServerC.getInitialComponent());
// init with no bookmark (=empty bc)
mainVc.contextPut("o_bc", "");
mainVc.contextPut("o_serverUri", Settings.createServerURI());
// the current language; used e.g. by screenreaders
mainVc.contextPut("lang", ureq.getLocale().toString());
// some user properties
if (ureq.getUserSession().isAuthenticated()) {
Identity ident = ureq.getIdentity();
StringBuilder sb = new StringBuilder();
sb.append("{ identity : ").append(ident.getKey());
User user = ident.getUser();
List<UserPropertyHandler> userPropertyHandlers = userManager.getUserPropertyHandlersFor(USER_PROPS_ID, ureq.getUserSession().getRoles().isOLATAdmin());
for (UserPropertyHandler userPropertyHandler : userPropertyHandlers) {
String escapedValue = StringHelper.escapeJavaScript(userPropertyHandler.getUserProperty(user, getLocale()));
sb.append(", ").append(userPropertyHandler.getName()).append(" : \"").append(escapedValue).append("\"");
}
sb.append("}");
mainVc.contextPut("userJSON", sb);
}
// the current GUI theme and the global settings that contains the
// font-size. both are pushed as objects so that window.dirty always reads
// out the correct value
mainVc.contextPut("theme", w.getGuiTheme());
mainVc.contextPut("globalSettings", winman.getGlobalSettings());
// also add the optional theme javascript
addThemeJS();
// Add JS analytics code, e.g. for google analytics
if (analyticsModule.isAnalyticsEnabled()) {
AnalyticsSPI analyticsSPI = analyticsModule.getAnalyticsProvider();
mainVc.contextPut("analytics", analyticsSPI.analyticsInitPageJavaScript());
}
// content panel
contentPanel = new Panel("olatContentPanel");
mainVc.put("olatContentPanel", contentPanel);
mainVc.contextPut("o_winid", w.getDispatchID());
mainVc.contextPut("buildversion", Settings.getVersion());
if (wbo.isDebuging()) {
debugC = wbo.createDebugDispatcherController(ureq, getWindowControl());
mainVc.put("guidebug", debugC.getInitialComponent());
}
// Inline translation interceptor. when the translation tool is enabled it
// will start the translation tool in translation mode, if the overlay
// feature is enabled it will start in customizing mode
// fxdiff: allow user-managers to use the inline translation also.
UserSession usess = ureq.getUserSession();
if (usess.isAuthenticated() && (usess.getRoles().isOLATAdmin() || usess.getRoles().isUserManager()) && (i18nModule.isTransToolEnabled() || i18nModule.isOverlayEnabled())) {
inlineTranslationC = wbo.createInlineTranslationDispatcherController(ureq, getWindowControl());
Preferences guiPrefs = usess.getGuiPreferences();
Boolean isInlineTranslationEnabled = (Boolean) guiPrefs.get(I18nModule.class, I18nModule.GUI_PREFS_INLINE_TRANSLATION_ENABLED, Boolean.FALSE);
i18nManager.setMarkLocalizedStringsEnabled(usess, isInlineTranslationEnabled);
mainVc.put("inlineTranslation", inlineTranslationC.getInitialComponent());
}
// debug info if debugging
if (wbo.isDebuging()) {
developmentC = wbo.createDevelopmentController(ureq, getWindowControl());
mainVc.put("development", developmentC.getInitialComponent());
}
// put the global js translator mapper path into the main window
mainVc.contextPut("jsTranslationMapperPath", BaseChiefController.jsTranslationMapperPath);
// master window
// w.addListener(this); // to be able to report "browser reload" to the user
w.setContentPane(mainPanel);
}
use of org.olat.basesecurity.BaseSecurityModule in project OpenOLAT by OpenOLAT.
the class BusinessGroupMainRunController method buildTreeModel.
/**
* @return The menu tree model
*/
private TreeModel buildTreeModel() {
GenericTreeNode gtnChild, root;
GenericTreeModel gtm = new GenericTreeModel();
root = new GenericTreeNode(nodeIdPrefix.concat("-root"));
root.setTitle(businessGroup.getName());
root.setUserObject(ACTIVITY_MENUSELECT_OVERVIEW);
root.setAltText(translate("menutree.top.alt") + " " + businessGroup.getName());
root.setIconCssClass("o_icon o_icon_group");
gtm.setRootNode(root);
CollaborationTools collabTools = CollaborationToolsFactory.getInstance().getOrCreateCollaborationTools(this.businessGroup);
if (collabTools.isToolEnabled(CollaborationTools.TOOL_NEWS)) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("new"));
gtnChild.setTitle(translate("menutree.news"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_INFORMATION);
gtnChild.setAltText(translate("menutree.news.alt"));
gtnChild.setIconCssClass("o_icon_news");
gtnChild.setCssClass("o_sel_group_news");
root.addChild(gtnChild);
nodeInformation = gtnChild;
}
if (calendarModule.isEnabled() && calendarModule.isEnableGroupCalendar() && collabTools.isToolEnabled(CollaborationTools.TOOL_CALENDAR)) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("cal"));
gtnChild.setTitle(translate("menutree.calendar"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_CALENDAR);
gtnChild.setAltText(translate("menutree.calendar.alt"));
gtnChild.setIconCssClass("o_calendar_icon");
gtnChild.setCssClass("o_sel_group_calendar");
root.addChild(gtnChild);
nodeCal = gtnChild;
}
boolean hasResources = businessGroupService.hasResources(businessGroup);
if (hasResources) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("courses"));
gtnChild.setTitle(translate("menutree.resources"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_SHOW_RESOURCES);
gtnChild.setAltText(translate("menutree.resources.alt"));
gtnChild.setIconCssClass("o_CourseModule_icon");
gtnChild.setCssClass("o_sel_group_resources");
root.addChild(gtnChild);
nodeResources = gtnChild;
}
if (businessGroup.isOwnersVisibleIntern() || businessGroup.isParticipantsVisibleIntern() || businessGroup.isWaitingListVisibleIntern()) {
// either owners, participants, the waiting list or all three are visible
// otherwise the node is not visible
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("members"));
gtnChild.setTitle(translate("menutree.members"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_MEMBERSLIST);
gtnChild.setAltText(translate("menutree.members.alt"));
gtnChild.setIconCssClass("o_icon_group");
gtnChild.setCssClass("o_sel_group_members");
root.addChild(gtnChild);
nodeGroupOwners = gtnChild;
}
if (collabTools.isToolEnabled(CollaborationTools.TOOL_CONTACT)) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("contact"));
gtnChild.setTitle(translate("menutree.contactform"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_CONTACTFORM);
gtnChild.setAltText(translate("menutree.contactform.alt"));
gtnChild.setIconCssClass("o_co_icon");
gtnChild.setCssClass("o_sel_group_contact");
root.addChild(gtnChild);
nodeContact = gtnChild;
}
if (collabTools.isToolEnabled(CollaborationTools.TOOL_FOLDER)) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("folder"));
gtnChild.setTitle(translate("menutree.folder"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_FOLDER);
gtnChild.setAltText(translate("menutree.folder.alt"));
gtnChild.setIconCssClass("o_bc_icon");
gtnChild.setCssClass("o_sel_group_folder");
root.addChild(gtnChild);
nodeFolder = gtnChild;
}
if (collabTools.isToolEnabled(CollaborationTools.TOOL_FORUM)) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("forum"));
gtnChild.setTitle(translate("menutree.forum"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_FORUM);
gtnChild.setAltText(translate("menutree.forum.alt"));
gtnChild.setIconCssClass("o_fo_icon");
gtnChild.setCssClass("o_sel_group_forum");
root.addChild(gtnChild);
nodeForum = gtnChild;
}
if (chatAvailable) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("chat"));
gtnChild.setTitle(translate("menutree.chat"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_CHAT);
gtnChild.setAltText(translate("menutree.chat.alt"));
gtnChild.setIconCssClass("o_icon_chat");
gtnChild.setCssClass("o_sel_group_chat");
root.addChild(gtnChild);
}
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
if (collabTools.isToolEnabled(CollaborationTools.TOOL_WIKI) && securityModule.isWikiEnabled()) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("wiki"));
gtnChild.setTitle(translate("menutree.wiki"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_WIKI);
gtnChild.setAltText(translate("menutree.wiki.alt"));
gtnChild.setIconCssClass("o_wiki_icon");
gtnChild.setCssClass("o_sel_group_wiki");
root.addChild(gtnChild);
nodeWiki = gtnChild;
}
if (collabTools.isToolEnabled(CollaborationTools.TOOL_PORTFOLIO) && (portfolioModule.isEnabled() || portfolioV2Module.isEnabled())) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("eportfolio"));
gtnChild.setTitle(translate("menutree.portfolio"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_PORTFOLIO);
gtnChild.setAltText(translate("menutree.portfolio.alt"));
gtnChild.setIconCssClass("o_ep_icon");
gtnChild.setCssClass("o_sel_group_portfolio");
root.addChild(gtnChild);
nodePortfolio = gtnChild;
}
OpenMeetingsModule openMeetingsModule = CoreSpringFactory.getImpl(OpenMeetingsModule.class);
if (openMeetingsModule.isEnabled() && collabTools.isToolEnabled(CollaborationTools.TOOL_OPENMEETINGS)) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("meetings"));
gtnChild.setTitle(translate("menutree.openmeetings"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_OPENMEETINGS);
gtnChild.setAltText(translate("menutree.openmeetings.alt"));
gtnChild.setIconCssClass("o_openmeetings_icon");
root.addChild(gtnChild);
nodeOpenMeetings = gtnChild;
}
if (isAdmin) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("admin"));
gtnChild.setTitle(translate("menutree.administration"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_ADMINISTRATION);
gtnChild.setIdent(ACTIVITY_MENUSELECT_ADMINISTRATION);
gtnChild.setAltText(translate("menutree.administration.alt"));
gtnChild.setIconCssClass("o_icon_settings");
root.addChild(gtnChild);
adminNodeId = gtnChild.getIdent();
nodeAdmin = gtnChild;
AccessControlModule acModule = (AccessControlModule) CoreSpringFactory.getBean("acModule");
if (acModule.isEnabled() && acService.isResourceAccessControled(businessGroup.getResource(), null)) {
gtnChild = new GenericTreeNode(nodeIdPrefix.concat("ac"));
gtnChild.setTitle(translate("menutree.ac"));
gtnChild.setUserObject(ACTIVITY_MENUSELECT_AC);
gtnChild.setIdent(ACTIVITY_MENUSELECT_AC);
gtnChild.setAltText(translate("menutree.ac.alt"));
gtnChild.setIconCssClass("o_icon_booking");
root.addChild(gtnChild);
}
}
return gtm;
}
use of org.olat.basesecurity.BaseSecurityModule in project OpenOLAT by OpenOLAT.
the class WikiHandler method createLaunchController.
@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
// first handle special case: disabled wiki for security (XSS Attacks) reasons
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
if (!securityModule.isWikiEnabled()) {
return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
}
// check role
boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
boolean isResourceOwner = false;
if (isOLatAdmin) {
isResourceOwner = true;
} else {
isResourceOwner = reSecurity.isOwner();
}
OLATResource res = re.getOlatResource();
BusinessControl bc = wControl.getBusinessControl();
final ContextEntry ce = bc.popLauncherContextEntry();
SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
Controller controller;
if (ce != null) {
// jump to a certain context
OLATResourceable ores = ce.getOLATResourceable();
String typeName = ores.getResourceableTypeName();
String page = typeName.substring("page=".length());
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
} else {
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
}
return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
}
});
return runtime;
}
use of org.olat.basesecurity.BaseSecurityModule in project openolat by klemens.
the class GroupController method init.
protected void init(UserRequest ureq, boolean mayModifyMembers, boolean enableTablePreferences, boolean enableUserSelection, boolean allowDownload) {
setTranslator(Util.createPackageTranslator(org.olat.admin.securitygroup.gui.GroupController.class, getLocale(), getTranslator()));
Roles roles = ureq.getUserSession().getRoles();
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
isAdministrativeUser = securityModule.isUserAllowedAdminProps(roles);
chatEnabled = imModule.isEnabled() && imModule.isPrivateEnabled();
// default group controller has no mail functionality
this.addUserMailDefaultTempl = null;
this.removeUserMailDefaultTempl = null;
groupmemberview = createVelocityContainer("index");
addUsersButton = LinkFactory.createButtonSmall("overview.addusers", groupmemberview, this);
addUsersButton.setElementCssClass("o_sel_group_import_users");
addUserButton = LinkFactory.createButtonSmall("overview.adduser", groupmemberview, this);
addUserButton.setElementCssClass("o_sel_group_add_user");
if (mayModifyMembers) {
groupmemberview.contextPut("mayadduser", Boolean.TRUE);
}
TableGuiConfiguration tableConfig = new TableGuiConfiguration();
tableConfig.setDownloadOffered(allowDownload);
if (enableTablePreferences) {
// save table preferences for each group seperatly
if (mayModifyMembers) {
tableConfig.setPreferencesOffered(true, "groupcontroller" + group.getKey());
} else {
// different rowcount...
tableConfig.setPreferencesOffered(true, "groupcontrollerreadonly" + group.getKey());
}
}
myTrans = userManager.getPropertyHandlerTranslator(getTranslator());
tableCtr = new TableController(tableConfig, ureq, getWindowControl(), myTrans);
listenTo(tableCtr);
initGroupTable(tableCtr, ureq, enableTablePreferences, enableUserSelection);
// set data model
reloadData();
groupmemberview.put("subjecttable", tableCtr.getInitialComponent());
putInitialPanel(groupmemberview);
}
use of org.olat.basesecurity.BaseSecurityModule in project openolat by klemens.
the class WikiHandler method createLaunchController.
@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
// first handle special case: disabled wiki for security (XSS Attacks) reasons
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
if (!securityModule.isWikiEnabled()) {
return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
}
// check role
boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
boolean isResourceOwner = false;
if (isOLatAdmin) {
isResourceOwner = true;
} else {
isResourceOwner = reSecurity.isOwner();
}
OLATResource res = re.getOlatResource();
BusinessControl bc = wControl.getBusinessControl();
final ContextEntry ce = bc.popLauncherContextEntry();
SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
Controller controller;
if (ce != null) {
// jump to a certain context
OLATResourceable ores = ce.getOLATResourceable();
String typeName = ores.getResourceableTypeName();
String page = typeName.substring("page=".length());
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
} else {
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
}
return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
}
});
return runtime;
}
Aggregations