Examples with BaseSecurityModule org.olat.basesecurity.BaseSecurityModule used on opensource projects

Example 1 with BaseSecurityModule

use of org.olat.basesecurity.BaseSecurityModule in project OpenOLAT by OpenOLAT.

the class BaseFullWebappController method initializeBase.

private void initializeBase(UserRequest ureq, WindowManager winman, ComponentCollection mainPanel) {
    // component-id of mainPanel for the window id
    mainVc.contextPut("o_winid", mainPanel.getDispatchID());
    BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
    mainVc.contextPut("enforceTopFrame", securityModule.isForceTopFrame());
    // add optional css classes
    mainVc.contextPut("bodyCssClasses", bodyCssClasses);
    Window w = wbo.getWindow();
    mainVc.put("jsCssRawHtmlHeader", w.getJsCssRawHtmlHeader());
    // control part for ajax-communication. returns an empty panel if ajax
    // is not enabled, so that ajax can be turned on on the fly for
    // development mode
    jsServerC = wbo.createAJAXController(ureq);
    mainVc.put("jsServer", jsServerC.getInitialComponent());
    // init with no bookmark (=empty bc)
    mainVc.contextPut("o_bc", "");
    mainVc.contextPut("o_serverUri", Settings.createServerURI());
    // the current language; used e.g. by screenreaders
    mainVc.contextPut("lang", ureq.getLocale().toString());
    // some user properties
    if (ureq.getUserSession().isAuthenticated()) {
        Identity ident = ureq.getIdentity();
        StringBuilder sb = new StringBuilder();
        sb.append("{ identity : ").append(ident.getKey());
        User user = ident.getUser();
        List<UserPropertyHandler> userPropertyHandlers = userManager.getUserPropertyHandlersFor(USER_PROPS_ID, ureq.getUserSession().getRoles().isOLATAdmin());
        for (UserPropertyHandler userPropertyHandler : userPropertyHandlers) {
            String escapedValue = StringHelper.escapeJavaScript(userPropertyHandler.getUserProperty(user, getLocale()));
            sb.append(", ").append(userPropertyHandler.getName()).append(" : \"").append(escapedValue).append("\"");
        }
        sb.append("}");
        mainVc.contextPut("userJSON", sb);
    }
    // the current GUI theme and the global settings that contains the
    // font-size. both are pushed as objects so that window.dirty always reads
    // out the correct value
    mainVc.contextPut("theme", w.getGuiTheme());
    mainVc.contextPut("globalSettings", winman.getGlobalSettings());
    // also add the optional theme javascript
    addThemeJS();
    // Add JS analytics code, e.g. for google analytics
    if (analyticsModule.isAnalyticsEnabled()) {
        AnalyticsSPI analyticsSPI = analyticsModule.getAnalyticsProvider();
        mainVc.contextPut("analytics", analyticsSPI.analyticsInitPageJavaScript());
    }
    // content panel
    contentPanel = new Panel("olatContentPanel");
    mainVc.put("olatContentPanel", contentPanel);
    mainVc.contextPut("o_winid", w.getDispatchID());
    mainVc.contextPut("buildversion", Settings.getVersion());
    if (wbo.isDebuging()) {
        debugC = wbo.createDebugDispatcherController(ureq, getWindowControl());
        mainVc.put("guidebug", debugC.getInitialComponent());
    }
    // Inline translation interceptor. when the translation tool is enabled it
    // will start the translation tool in translation mode, if the overlay
    // feature is enabled it will start in customizing mode
    // fxdiff: allow user-managers to use the inline translation also.
    UserSession usess = ureq.getUserSession();
    if (usess.isAuthenticated() && (usess.getRoles().isOLATAdmin() || usess.getRoles().isUserManager()) && (i18nModule.isTransToolEnabled() || i18nModule.isOverlayEnabled())) {
        inlineTranslationC = wbo.createInlineTranslationDispatcherController(ureq, getWindowControl());
        Preferences guiPrefs = usess.getGuiPreferences();
        Boolean isInlineTranslationEnabled = (Boolean) guiPrefs.get(I18nModule.class, I18nModule.GUI_PREFS_INLINE_TRANSLATION_ENABLED, Boolean.FALSE);
        i18nManager.setMarkLocalizedStringsEnabled(usess, isInlineTranslationEnabled);
        mainVc.put("inlineTranslation", inlineTranslationC.getInitialComponent());
    }
    // debug info if debugging
    if (wbo.isDebuging()) {
        developmentC = wbo.createDevelopmentController(ureq, getWindowControl());
        mainVc.put("development", developmentC.getInitialComponent());
    }
    // put the global js translator mapper path into the main window
    mainVc.contextPut("jsTranslationMapperPath", BaseChiefController.jsTranslationMapperPath);
    // master window
    // w.addListener(this); // to be able to report "browser reload" to the user
    w.setContentPane(mainPanel);
}

Example 2 with BaseSecurityModule

use of org.olat.basesecurity.BaseSecurityModule in project OpenOLAT by OpenOLAT.

the class BusinessGroupMainRunController method buildTreeModel.

/**
 * @return The menu tree model
 */
private TreeModel buildTreeModel() {
    GenericTreeNode gtnChild, root;
    GenericTreeModel gtm = new GenericTreeModel();
    root = new GenericTreeNode(nodeIdPrefix.concat("-root"));
    root.setTitle(businessGroup.getName());
    root.setUserObject(ACTIVITY_MENUSELECT_OVERVIEW);
    root.setAltText(translate("menutree.top.alt") + " " + businessGroup.getName());
    root.setIconCssClass("o_icon o_icon_group");
    gtm.setRootNode(root);
    CollaborationTools collabTools = CollaborationToolsFactory.getInstance().getOrCreateCollaborationTools(this.businessGroup);
    if (collabTools.isToolEnabled(CollaborationTools.TOOL_NEWS)) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("new"));
        gtnChild.setTitle(translate("menutree.news"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_INFORMATION);
        gtnChild.setAltText(translate("menutree.news.alt"));
        gtnChild.setIconCssClass("o_icon_news");
        gtnChild.setCssClass("o_sel_group_news");
        root.addChild(gtnChild);
        nodeInformation = gtnChild;
    }
    if (calendarModule.isEnabled() && calendarModule.isEnableGroupCalendar() && collabTools.isToolEnabled(CollaborationTools.TOOL_CALENDAR)) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("cal"));
        gtnChild.setTitle(translate("menutree.calendar"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_CALENDAR);
        gtnChild.setAltText(translate("menutree.calendar.alt"));
        gtnChild.setIconCssClass("o_calendar_icon");
        gtnChild.setCssClass("o_sel_group_calendar");
        root.addChild(gtnChild);
        nodeCal = gtnChild;
    }
    boolean hasResources = businessGroupService.hasResources(businessGroup);
    if (hasResources) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("courses"));
        gtnChild.setTitle(translate("menutree.resources"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_SHOW_RESOURCES);
        gtnChild.setAltText(translate("menutree.resources.alt"));
        gtnChild.setIconCssClass("o_CourseModule_icon");
        gtnChild.setCssClass("o_sel_group_resources");
        root.addChild(gtnChild);
        nodeResources = gtnChild;
    }
    if (businessGroup.isOwnersVisibleIntern() || businessGroup.isParticipantsVisibleIntern() || businessGroup.isWaitingListVisibleIntern()) {
        // either owners, participants, the waiting list or all three are visible
        // otherwise the node is not visible
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("members"));
        gtnChild.setTitle(translate("menutree.members"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_MEMBERSLIST);
        gtnChild.setAltText(translate("menutree.members.alt"));
        gtnChild.setIconCssClass("o_icon_group");
        gtnChild.setCssClass("o_sel_group_members");
        root.addChild(gtnChild);
        nodeGroupOwners = gtnChild;
    }
    if (collabTools.isToolEnabled(CollaborationTools.TOOL_CONTACT)) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("contact"));
        gtnChild.setTitle(translate("menutree.contactform"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_CONTACTFORM);
        gtnChild.setAltText(translate("menutree.contactform.alt"));
        gtnChild.setIconCssClass("o_co_icon");
        gtnChild.setCssClass("o_sel_group_contact");
        root.addChild(gtnChild);
        nodeContact = gtnChild;
    }
    if (collabTools.isToolEnabled(CollaborationTools.TOOL_FOLDER)) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("folder"));
        gtnChild.setTitle(translate("menutree.folder"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_FOLDER);
        gtnChild.setAltText(translate("menutree.folder.alt"));
        gtnChild.setIconCssClass("o_bc_icon");
        gtnChild.setCssClass("o_sel_group_folder");
        root.addChild(gtnChild);
        nodeFolder = gtnChild;
    }
    if (collabTools.isToolEnabled(CollaborationTools.TOOL_FORUM)) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("forum"));
        gtnChild.setTitle(translate("menutree.forum"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_FORUM);
        gtnChild.setAltText(translate("menutree.forum.alt"));
        gtnChild.setIconCssClass("o_fo_icon");
        gtnChild.setCssClass("o_sel_group_forum");
        root.addChild(gtnChild);
        nodeForum = gtnChild;
    }
    if (chatAvailable) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("chat"));
        gtnChild.setTitle(translate("menutree.chat"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_CHAT);
        gtnChild.setAltText(translate("menutree.chat.alt"));
        gtnChild.setIconCssClass("o_icon_chat");
        gtnChild.setCssClass("o_sel_group_chat");
        root.addChild(gtnChild);
    }
    BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
    if (collabTools.isToolEnabled(CollaborationTools.TOOL_WIKI) && securityModule.isWikiEnabled()) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("wiki"));
        gtnChild.setTitle(translate("menutree.wiki"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_WIKI);
        gtnChild.setAltText(translate("menutree.wiki.alt"));
        gtnChild.setIconCssClass("o_wiki_icon");
        gtnChild.setCssClass("o_sel_group_wiki");
        root.addChild(gtnChild);
        nodeWiki = gtnChild;
    }
    if (collabTools.isToolEnabled(CollaborationTools.TOOL_PORTFOLIO) && (portfolioModule.isEnabled() || portfolioV2Module.isEnabled())) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("eportfolio"));
        gtnChild.setTitle(translate("menutree.portfolio"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_PORTFOLIO);
        gtnChild.setAltText(translate("menutree.portfolio.alt"));
        gtnChild.setIconCssClass("o_ep_icon");
        gtnChild.setCssClass("o_sel_group_portfolio");
        root.addChild(gtnChild);
        nodePortfolio = gtnChild;
    }
    OpenMeetingsModule openMeetingsModule = CoreSpringFactory.getImpl(OpenMeetingsModule.class);
    if (openMeetingsModule.isEnabled() && collabTools.isToolEnabled(CollaborationTools.TOOL_OPENMEETINGS)) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("meetings"));
        gtnChild.setTitle(translate("menutree.openmeetings"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_OPENMEETINGS);
        gtnChild.setAltText(translate("menutree.openmeetings.alt"));
        gtnChild.setIconCssClass("o_openmeetings_icon");
        root.addChild(gtnChild);
        nodeOpenMeetings = gtnChild;
    }
    if (isAdmin) {
        gtnChild = new GenericTreeNode(nodeIdPrefix.concat("admin"));
        gtnChild.setTitle(translate("menutree.administration"));
        gtnChild.setUserObject(ACTIVITY_MENUSELECT_ADMINISTRATION);
        gtnChild.setIdent(ACTIVITY_MENUSELECT_ADMINISTRATION);
        gtnChild.setAltText(translate("menutree.administration.alt"));
        gtnChild.setIconCssClass("o_icon_settings");
        root.addChild(gtnChild);
        adminNodeId = gtnChild.getIdent();
        nodeAdmin = gtnChild;
        AccessControlModule acModule = (AccessControlModule) CoreSpringFactory.getBean("acModule");
        if (acModule.isEnabled() && acService.isResourceAccessControled(businessGroup.getResource(), null)) {
            gtnChild = new GenericTreeNode(nodeIdPrefix.concat("ac"));
            gtnChild.setTitle(translate("menutree.ac"));
            gtnChild.setUserObject(ACTIVITY_MENUSELECT_AC);
            gtnChild.setIdent(ACTIVITY_MENUSELECT_AC);
            gtnChild.setAltText(translate("menutree.ac.alt"));
            gtnChild.setIconCssClass("o_icon_booking");
            root.addChild(gtnChild);
        }
    }
    return gtm;
}

Example 3 with BaseSecurityModule

use of org.olat.basesecurity.BaseSecurityModule in project OpenOLAT by OpenOLAT.

the class WikiHandler method createLaunchController.

@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
    // first handle special case: disabled wiki for security (XSS Attacks) reasons
    BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
    if (!securityModule.isWikiEnabled()) {
        return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
    }
    // check role
    boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
    boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
    boolean isResourceOwner = false;
    if (isOLatAdmin) {
        isResourceOwner = true;
    } else {
        isResourceOwner = reSecurity.isOwner();
    }
    OLATResource res = re.getOlatResource();
    BusinessControl bc = wControl.getBusinessControl();
    final ContextEntry ce = bc.popLauncherContextEntry();
    SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
    final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
    RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {

        @Override
        public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
            CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
            Controller controller;
            if (ce != null) {
                // jump to a certain context
                OLATResourceable ores = ce.getOLATResourceable();
                String typeName = ores.getResourceableTypeName();
                String page = typeName.substring("page=".length());
                controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
            } else {
                controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
            }
            return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
        }
    });
    return runtime;
}

Example 4 with BaseSecurityModule

use of org.olat.basesecurity.BaseSecurityModule in project openolat by klemens.

the class GroupController method init.

protected void init(UserRequest ureq, boolean mayModifyMembers, boolean enableTablePreferences, boolean enableUserSelection, boolean allowDownload) {
    setTranslator(Util.createPackageTranslator(org.olat.admin.securitygroup.gui.GroupController.class, getLocale(), getTranslator()));
    Roles roles = ureq.getUserSession().getRoles();
    BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
    isAdministrativeUser = securityModule.isUserAllowedAdminProps(roles);
    chatEnabled = imModule.isEnabled() && imModule.isPrivateEnabled();
    // default group controller has no mail functionality
    this.addUserMailDefaultTempl = null;
    this.removeUserMailDefaultTempl = null;
    groupmemberview = createVelocityContainer("index");
    addUsersButton = LinkFactory.createButtonSmall("overview.addusers", groupmemberview, this);
    addUsersButton.setElementCssClass("o_sel_group_import_users");
    addUserButton = LinkFactory.createButtonSmall("overview.adduser", groupmemberview, this);
    addUserButton.setElementCssClass("o_sel_group_add_user");
    if (mayModifyMembers) {
        groupmemberview.contextPut("mayadduser", Boolean.TRUE);
    }
    TableGuiConfiguration tableConfig = new TableGuiConfiguration();
    tableConfig.setDownloadOffered(allowDownload);
    if (enableTablePreferences) {
        // save table preferences for each group seperatly
        if (mayModifyMembers) {
            tableConfig.setPreferencesOffered(true, "groupcontroller" + group.getKey());
        } else {
            // different rowcount...
            tableConfig.setPreferencesOffered(true, "groupcontrollerreadonly" + group.getKey());
        }
    }
    myTrans = userManager.getPropertyHandlerTranslator(getTranslator());
    tableCtr = new TableController(tableConfig, ureq, getWindowControl(), myTrans);
    listenTo(tableCtr);
    initGroupTable(tableCtr, ureq, enableTablePreferences, enableUserSelection);
    // set data model
    reloadData();
    groupmemberview.put("subjecttable", tableCtr.getInitialComponent());
    putInitialPanel(groupmemberview);
}

Example 5 with BaseSecurityModule

use of org.olat.basesecurity.BaseSecurityModule in project openolat by klemens.

the class WikiHandler method createLaunchController.

@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
    // first handle special case: disabled wiki for security (XSS Attacks) reasons
    BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
    if (!securityModule.isWikiEnabled()) {
        return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
    }
    // check role
    boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
    boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
    boolean isResourceOwner = false;
    if (isOLatAdmin) {
        isResourceOwner = true;
    } else {
        isResourceOwner = reSecurity.isOwner();
    }
    OLATResource res = re.getOlatResource();
    BusinessControl bc = wControl.getBusinessControl();
    final ContextEntry ce = bc.popLauncherContextEntry();
    SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
    final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
    RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {

        @Override
        public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
            CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
            Controller controller;
            if (ce != null) {
                // jump to a certain context
                OLATResourceable ores = ce.getOLATResourceable();
                String typeName = ores.getResourceableTypeName();
                String page = typeName.substring("page=".length());
                controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
            } else {
                controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
            }
            return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
        }
    });
    return runtime;
}