use of org.olat.core.id.context.ContextEntry in project openolat by klemens.
the class CatalogSiteMainController method activate.
@Override
public void activate(UserRequest ureq, List<ContextEntry> entries, StateEntry state) {
if (entries == null || entries.isEmpty()) {
return;
}
ContextEntry entry = entries.get(0);
String type = entry.getOLATResourceable().getResourceableTypeName();
if ("Catalog".equalsIgnoreCase(type)) {
// remove the Catalog/0
entries = entries.subList(1, entries.size());
}
stackPanel.popUpToRootController(ureq);
nodeController.activate(ureq, entries, state);
}
use of org.olat.core.id.context.ContextEntry in project openolat by klemens.
the class CourseIndexer method checkAccess.
@Override
public boolean checkAccess(ContextEntry contextEntry, BusinessControl businessControl, Identity identity, Roles roles) {
ContextEntry bcContextEntry = businessControl.popLauncherContextEntry();
if (bcContextEntry == null) {
// not a course node of course we have access to the course metadata
return true;
}
if (isLogDebugEnabled())
logDebug("Start identity=" + identity + " roles=" + roles);
Long repositoryKey = contextEntry.getOLATResourceable().getResourceableId();
RepositoryEntry repositoryEntry = repositoryManager.lookupRepositoryEntry(repositoryKey);
if (isLogDebugEnabled())
logDebug("repositoryEntry=" + repositoryEntry);
if (roles.isGuestOnly()) {
if (repositoryEntry.getAccess() != RepositoryEntry.ACC_USERS_GUESTS) {
return false;
}
}
Long nodeId = bcContextEntry.getOLATResourceable().getResourceableId();
if (isLogDebugEnabled())
logDebug("nodeId=" + nodeId);
ICourse course = CourseFactory.loadCourse(repositoryEntry);
IdentityEnvironment ienv = new IdentityEnvironment();
ienv.setIdentity(identity);
ienv.setRoles(roles);
UserCourseEnvironment userCourseEnv = new UserCourseEnvironmentImpl(ienv, course.getCourseEnvironment());
if (isLogDebugEnabled())
logDebug("userCourseEnv=" + userCourseEnv + "ienv=" + ienv);
CourseNode rootCn = userCourseEnv.getCourseEnvironment().getRunStructure().getRootNode();
String nodeIdS = nodeId.toString();
CourseNode courseNode = course.getRunStructure().getNode(nodeIdS);
if (isLogDebugEnabled())
logDebug("courseNode=" + courseNode);
TreeEvaluation treeEval = new TreeEvaluation();
NodeEvaluation rootNodeEval = rootCn.eval(userCourseEnv.getConditionInterpreter(), treeEval, new VisibleTreeFilter());
if (isLogDebugEnabled())
logDebug("rootNodeEval=" + rootNodeEval);
TreeNode newCalledTreeNode = treeEval.getCorrespondingTreeNode(courseNode);
if (newCalledTreeNode == null) {
// TreeNode no longer visible
return false;
}
// go further
NodeEvaluation nodeEval = (NodeEvaluation) newCalledTreeNode.getUserObject();
if (isLogDebugEnabled())
logDebug("nodeEval=" + nodeEval);
if (nodeEval.getCourseNode() != courseNode)
throw new AssertException("error in structure");
if (!nodeEval.isVisible())
throw new AssertException("node eval not visible!!");
if (isLogDebugEnabled())
logDebug("call mayAccessWholeTreeUp...");
boolean mayAccessWholeTreeUp = NavigationHandler.mayAccessWholeTreeUp(nodeEval);
if (isLogDebugEnabled())
logDebug("call mayAccessWholeTreeUp=" + mayAccessWholeTreeUp);
if (mayAccessWholeTreeUp) {
CourseNodeIndexer courseNodeIndexer = getCourseNodeIndexer(courseNode);
bcContextEntry.setTransientState(new CourseNodeEntry(courseNode));
return courseNodeIndexer.checkAccess(bcContextEntry, businessControl, identity, roles) && super.checkAccess(bcContextEntry, businessControl, identity, roles);
} else {
return false;
}
}
use of org.olat.core.id.context.ContextEntry in project openolat by klemens.
the class RepositoryIndexer method checkAccess.
/**
* @see org.olat.search.service.indexer.Indexer#checkAccess(org.olat.core.id.context.ContextEntry, org.olat.core.id.context.BusinessControl, org.olat.core.id.Identity, org.olat.core.id.Roles)
*/
@Override
public boolean checkAccess(ContextEntry contextEntry, BusinessControl businessControl, Identity identity, Roles roles) {
boolean debug = isLogDebugEnabled();
if (debug)
logDebug("checkAccess for businessControl=" + businessControl + " identity=" + identity + " roles=" + roles);
Long repositoryKey = contextEntry.getOLATResourceable().getResourceableId();
RepositoryEntry repositoryEntry = repositoryManager.lookupRepositoryEntry(repositoryKey);
if (repositoryEntry == null) {
return false;
}
if (roles.isGuestOnly()) {
if (repositoryEntry.getAccess() != RepositoryEntry.ACC_USERS_GUESTS) {
return false;
}
}
boolean isOwner = repositoryManager.isOwnerOfRepositoryEntry(identity, repositoryEntry);
boolean isAllowedToLaunch = false;
if (!isOwner) {
isAllowedToLaunch = repositoryManager.isAllowedToLaunch(identity, roles, repositoryEntry);
if (isAllowedToLaunch) {
List<ContextEntry> entries = businessControl.getEntriesDownTheControls();
if (entries.size() > 1) {
boolean hasAccess = false;
ACService acService = CoreSpringFactory.getImpl(ACService.class);
AccessResult acResult = acService.isAccessible(repositoryEntry, identity, false);
if (acResult.isAccessible()) {
hasAccess = true;
} else if (!acResult.getAvailableMethods().isEmpty()) {
for (OfferAccess offer : acResult.getAvailableMethods()) {
String type = offer.getMethod().getType();
if (type.equals(FreeAccessHandler.METHOD_TYPE) || type.equals(PaypalAccessHandler.METHOD_TYPE)) {
hasAccess = true;
}
}
}
isAllowedToLaunch = hasAccess;
}
}
}
if (debug)
logDebug("isOwner=" + isOwner + " isAllowedToLaunch=" + isAllowedToLaunch);
if (isOwner || isAllowedToLaunch) {
Indexer repositoryEntryIndexer = getRepositoryEntryIndexer(repositoryEntry);
if (debug)
logDebug("repositoryEntryIndexer=" + repositoryEntryIndexer);
if (repositoryEntryIndexer != null) {
return super.checkAccess(contextEntry, businessControl, identity, roles) && repositoryEntryIndexer.checkAccess(contextEntry, businessControl, identity, roles);
}
}
return false;
}
use of org.olat.core.id.context.ContextEntry in project openolat by klemens.
the class AbstractHierarchicalIndexer method checkAccess.
/**
* @param businessControl
* @param identity
* @param roles
* @return
*/
public boolean checkAccess(BusinessControl businessControl, Identity identity, Roles roles) {
boolean debug = isLogDebugEnabled();
if (debug)
logDebug("checkAccess for businessControl=" + businessControl + " identity=" + identity + " roles=" + roles);
ContextEntry contextEntry = businessControl.popLauncherContextEntry();
if (contextEntry != null) {
// there is an other context-entry => go further
OLATResourceable ores = contextEntry.getOLATResourceable();
String type = ores.getResourceableTypeName();
List<Indexer> indexers = getIndexerByType(type);
if (indexers.isEmpty()) {
// loop in child-indexers to check access for businesspath not stacked as on index-run
for (Indexer childIndexer : childIndexers) {
List<Indexer> foundSubChildIndexers = childIndexer instanceof AbstractHierarchicalIndexer ? ((AbstractHierarchicalIndexer) childIndexer).getIndexerByType(type) : null;
if (foundSubChildIndexers != null) {
if (debug)
logDebug("took a childindexer for ores= " + ores + " not directly linked (means businesspath is not the same stack as indexer -> childindexer). type= " + type + " . indexer parent-type not on businesspath=" + childIndexer.getSupportedTypeName());
for (Indexer foundSubChildIndexer : foundSubChildIndexers) {
boolean allow = foundSubChildIndexer.checkAccess(contextEntry, businessControl, identity, roles) && super.checkAccess(contextEntry, businessControl, identity, roles);
if (allow) {
return true;
}
}
}
}
if (debug)
logDebug("could not find an indexer for type=" + type + " businessControl=" + businessControl + " identity=" + identity, null);
} else {
for (Indexer indexer : indexers) {
boolean allow = indexer.checkAccess(contextEntry, businessControl, identity, roles) && super.checkAccess(contextEntry, businessControl, identity, roles);
if (allow) {
return true;
}
}
}
return false;
} else {
// rearch the end context entry list
return super.checkAccess(contextEntry, businessControl, identity, roles);
}
}
use of org.olat.core.id.context.ContextEntry in project openolat by klemens.
the class GroupForumIndexer method checkAccess.
/**
* @see org.olat.search.service.indexer.Indexer#checkAccess(org.olat.core.id.context.ContextEntry, org.olat.core.id.context.BusinessControl, org.olat.core.id.Identity, org.olat.core.id.Roles)
*/
@Override
public boolean checkAccess(ContextEntry contextEntry, BusinessControl businessControl, Identity identity, Roles roles) {
ContextEntry ce = businessControl.popLauncherContextEntry();
Long resourceableId = ce.getOLATResourceable().getResourceableId();
Message message = ForumManager.getInstance().loadMessage(resourceableId);
if (message == null)
return false;
Message threadtop = message.getThreadtop();
if (threadtop == null) {
threadtop = message;
}
boolean isMessageHidden = Status.getStatus(threadtop.getStatusCode()).isHidden();
// assumes that if is owner then is moderator so it is allowed to see the hidden forum threads
// here it is checked if the identity is owner of the forum tool but it has no way to find out whether is owner of the group that owns the forum tool
boolean isOwner = BaseSecurityManager.getInstance().isIdentityPermittedOnResourceable(identity, Constants.PERMISSION_ACCESS, contextEntry.getOLATResourceable());
if (isMessageHidden && !isOwner) {
return false;
}
return super.checkAccess(contextEntry, businessControl, identity, roles);
}
Aggregations