Examples with UserSession org.olat.core.util.UserSession used on opensource projects

Example 11 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class UserListController method initForm.

@Override
protected void initForm(FormItemContainer formLayout, Controller listener, UserRequest ureq) {
    // add the table
    FlexiTableColumnModel columnsModel = FlexiTableDataModelFactory.createFlexiTableColumnModel();
    if (isAdministrativeUser) {
        columnsModel.addFlexiColumnModel(new DefaultFlexiColumnModel(Columns.name, "select"));
    }
    int colIndex = UserListController.USER_PROPS_OFFSET;
    for (int i = 0; i < userPropertyHandlers.size(); i++) {
        UserPropertyHandler userPropertyHandler = userPropertyHandlers.get(i);
        boolean visible = userManager.isMandatoryUserProperty(UserListController.usageIdentifyer, userPropertyHandler);
        columnsModel.addFlexiColumnModel(new DefaultFlexiColumnModel(visible, userPropertyHandler.i18nColumnDescriptorLabelKey(), colIndex++, "select", true, userPropertyHandler.i18nColumnDescriptorLabelKey()));
    }
    columnsModel.addFlexiColumnModel(new DefaultFlexiColumnModel(Columns.countCourse));
    columnsModel.addFlexiColumnModel(new DefaultFlexiColumnModel(Columns.initialLaunch, new LightIconRenderer()));
    columnsModel.addFlexiColumnModel(new DefaultFlexiColumnModel(Columns.countPassed, new ProgressRenderer(false, getTranslator())));
    model = new StudentsTableDataModel(columnsModel);
    tableEl = uifactory.addTableElement(getWindowControl(), "table", model, 20, false, getTranslator(), formLayout);
    tableEl.setExportEnabled(true);
    tableEl.setEmtpyTableMessageKey("error.no.found");
    UserSession usess = ureq.getUserSession();
    boolean autoCompleteAllowed = securityModule.isUserAllowedAutoComplete(usess.getRoles());
    if (autoCompleteAllowed) {
        tableEl.setSearchEnabled(new StudentListProvider(model, userManager), usess);
    }
}

Example 12 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class DocumentPoolSiteSecurityCallback method isAllowedToLaunchSite.

/**
 * @see com.frentix.olat.coursesite.SiteSecurityCallback#isAllowedToLaunchSite(org.olat.core.gui.UserRequest)
 */
@Override
public boolean isAllowedToLaunchSite(UserRequest ureq) {
    UserSession usess = ureq == null ? null : ureq.getUserSession();
    if (usess == null)
        return false;
    Roles roles = usess.getRoles();
    if (roles == null || roles.isInvitee() || roles.isGuestOnly()) {
        return false;
    }
    if (roles.isOLATAdmin()) {
        return true;
    }
    String taxonomyKey = docPoolModule.getTaxonomyTreeKey();
    if (StringHelper.isLong(taxonomyKey)) {
        TaxonomyRef taxonomy = new TaxonomyRefImpl(new Long(taxonomyKey));
        return taxonomyService.hasTaxonomyCompetences(taxonomy, ureq.getIdentity(), ureq.getRequestTimestamp());
    }
    return false;
}

Example 13 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class DocumentPoolSiteDef method createSite.

@Override
protected SiteInstance createSite(UserRequest ureq, WindowControl wControl, SiteConfiguration config) {
    UserSession usess = ureq.getUserSession();
    Roles roles = usess.getRoles();
    if (roles.isOLATAdmin()) {
        return new DocumentPoolSite(this, ureq.getLocale());
    } else if (roles.isGuestOnly() || roles.isInvitee()) {
        return null;
    } else if (hasCompetence(usess.getIdentity())) {
        return new DocumentPoolSite(this, ureq.getLocale());
    }
    return null;
}

Example 14 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class AuthenticatedDispatcher method execute.

/**
 * Main method called by OpenOLATServlet. This processess all requests for
 * authenticated users.
 *
 * @param request
 * @param response
 * @param uriPrefix
 */
@Override
public void execute(HttpServletRequest request, HttpServletResponse response) {
    String uriPrefix = DispatcherModule.getLegacyUriPrefix(request);
    UserSession usess = CoreSpringFactory.getImpl(UserSessionManager.class).getUserSession(request);
    UserRequest ureq = null;
    try {
        // upon creation URL is checked for
        ureq = new UserRequestImpl(uriPrefix, request, response);
    } catch (NumberFormatException nfe) {
        // a 404 message must be shown -> e.g. robots correct their links.
        if (log.isDebug()) {
            log.debug("Bad Request " + request.getPathInfo());
        }
    }
    boolean auth = usess.isAuthenticated();
    if (!auth) {
        String guestAccess = ureq.getParameter(GUEST);
        if (guestAccess == null || !CoreSpringFactory.getImpl(LoginModule.class).isGuestLoginEnabled()) {
            String businessPath = extractBusinessPath(ureq, request, uriPrefix);
            if (businessPath != null) {
                usess.putEntryInNonClearedStore(AUTHDISPATCHER_BUSINESSPATH, businessPath);
            }
            redirectToDefaultDispatcher(request, response);
            return;
        } else if (guestAccess.equals(TRUE)) {
            // try to log in as anonymous
            // use the language from the lang parameter if available, otherwise use the system default locale
            String guestLang = ureq.getParameter("language");
            if (guestLang == null) {
                // support for legacy lang parameter
                guestLang = ureq.getParameter("lang");
            }
            Locale guestLoc;
            if (guestLang == null) {
                guestLoc = I18nModule.getDefaultLocale();
            } else {
                guestLoc = I18nManager.getInstance().getLocaleOrDefault(guestLang);
            }
            int loginStatus = AuthHelper.doAnonymousLogin(ureq, guestLoc);
            if (loginStatus != AuthHelper.LOGIN_OK) {
                if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
                    DispatcherModule.redirectToServiceNotAvailable(response);
                }
                // error, redirect to login screen
                redirectToDefaultDispatcher(request, response);
                return;
            }
        // else now logged in as anonymous user, continue
        }
    }
    // authenticated!
    try {
        // kill session if not secured via SSL
        if (forceSecureAccessOnly && !request.isSecure()) {
            SessionInfo sessionInfo = usess.getSessionInfo();
            if (sessionInfo != null) {
                HttpSession session = sessionInfo.getSession();
                if (session != null) {
                    try {
                        session.invalidate();
                    } catch (IllegalStateException ise) {
                    // thrown when session already invalidated. fine. ignore.
                    }
                }
            }
            redirectToDefaultDispatcher(request, response);
            return;
        }
        SessionInfo sessionInfo = usess.getSessionInfo();
        if (sessionInfo == null) {
            redirectToDefaultDispatcher(request, response);
            return;
        }
        if (userBasedLogLevelManager != null) {
            userBasedLogLevelManager.activateUsernameBasedLogLevel(sessionInfo.getLogin());
        }
        sessionInfo.setLastClickTime();
        String businessPath = (String) usess.removeEntryFromNonClearedStore(AUTHDISPATCHER_BUSINESSPATH);
        if (businessPath != null) {
            processBusinessPath(businessPath, ureq, usess);
        } else if (ureq.isValidDispatchURI()) {
            // valid uri for dispatching (has timestamp, componentid and windowid)
            processValidDispatchURI(ureq, usess, request, response);
        } else {
            businessPath = extractBusinessPath(ureq, request, uriPrefix);
            if (businessPath == null) {
                processBusinessPath("", ureq, usess);
            } else {
                processBusinessPath(businessPath, ureq, usess);
            }
        }
    } catch (InvalidRequestParameterException e) {
        try {
            response.sendError(HttpServletResponse.SC_BAD_REQUEST);
        } catch (IOException e1) {
            log.error("An exception occured while handling the invalid request parameter exception...", e1);
        }
    } catch (Throwable th) {
        // Do not log as Warn or Error here, log as ERROR in MsgFactory => ExceptionWindowController throws an OLATRuntimeException
        log.debug("handleError in AuthenticatedDispatcher throwable=" + th);
        DispatcherModule.handleError();
        ChiefController msgcc = MsgFactory.createMessageChiefController(ureq, th);
        // the controller's window must be failsafe also
        msgcc.getWindow().dispatchRequest(ureq, true);
    // do not dispatch (render only), since this is a new Window created as
    // a result of another window's click.
    } finally {
        if (userBasedLogLevelManager != null) {
            userBasedLogLevelManager.deactivateUsernameBasedLogLevel();
        }
    }
}

Example 15 with UserSession

use of org.olat.core.util.UserSession in project OpenOLAT by OpenOLAT.

the class BusinessGroupContextEntryControllerCreator method isAuthorized.

private boolean isAuthorized(UserRequest ureq, BusinessGroup bgroup) {
    if (authorized == null) {
        UserSession usess = ureq.getUserSession();
        Object wildcard = usess.getEntry("wild_card_" + bgroup.getKey());
        authorized = (wildcard != null && Boolean.TRUE.equals(wildcard)) || usess.getRoles().isOLATAdmin() || usess.getRoles().isGroupManager() || CoreSpringFactory.getImpl(BusinessGroupService.class).isIdentityInBusinessGroup(ureq.getIdentity(), bgroup) || CoreSpringFactory.getImpl(BGRightManager.class).hasBGRight(Constants.PERMISSION_ACCESS, ureq.getIdentity(), bgroup.getResource()) || isAccessControlled(bgroup);
    }
    return authorized.booleanValue();
}