Examples with WikiSecurityCallback - org.olat.modules.wiki.WikiSecurityCallback

Example 1 with WikiSecurityCallback

use of org.olat.modules.wiki.WikiSecurityCallback in project OpenOLAT by OpenOLAT.

the class WikiHandler method createLaunchController.

@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
    // first handle special case: disabled wiki for security (XSS Attacks) reasons
    BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
    if (!securityModule.isWikiEnabled()) {
        return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
    }
    // check role
    boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
    boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
    boolean isResourceOwner = false;
    if (isOLatAdmin) {
        isResourceOwner = true;
    } else {
        isResourceOwner = reSecurity.isOwner();
    }
    OLATResource res = re.getOlatResource();
    BusinessControl bc = wControl.getBusinessControl();
    final ContextEntry ce = bc.popLauncherContextEntry();
    SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
    final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
    RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {

        @Override
        public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
            CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
            Controller controller;
            if (ce != null) {
                // jump to a certain context
                OLATResourceable ores = ce.getOLATResourceable();
                String typeName = ores.getResourceableTypeName();
                String page = typeName.substring("page=".length());
                controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
            } else {
                controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
            }
            return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
        }
    });
    return runtime;
}

Also used : TooledStackedPanel(org.olat.core.gui.components.stack.TooledStackedPanel) AssessmentMode(org.olat.course.assessment.AssessmentMode) OLATResourceable(org.olat.core.id.OLATResourceable) WikiMainController(org.olat.modules.wiki.WikiMainController) BusinessControl(org.olat.core.id.context.BusinessControl) BaseSecurityModule(org.olat.basesecurity.BaseSecurityModule) OLATResource(org.olat.resource.OLATResource) RepositoryEntry(org.olat.repository.RepositoryEntry) WindowControl(org.olat.core.gui.control.WindowControl) OLATResourceableListeningWrapperController(org.olat.core.util.controller.OLATResourceableListeningWrapperController) StepsMainRunController(org.olat.core.gui.control.generic.wizard.StepsMainRunController) MainLayoutController(org.olat.core.gui.control.generic.layout.MainLayoutController) RepositoryEntryRuntimeController(org.olat.repository.ui.RepositoryEntryRuntimeController) Controller(org.olat.core.gui.control.Controller) WikiMainController(org.olat.modules.wiki.WikiMainController) ContextEntry(org.olat.core.id.context.ContextEntry) RepositoryEntryRuntimeController(org.olat.repository.ui.RepositoryEntryRuntimeController) RuntimeControllerCreator(org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator) WikiSecurityCallbackImpl(org.olat.modules.wiki.WikiSecurityCallbackImpl) RepositoryEntrySecurity(org.olat.repository.model.RepositoryEntrySecurity) OLATResourceableListeningWrapperController(org.olat.core.util.controller.OLATResourceableListeningWrapperController) SubscriptionContext(org.olat.core.commons.services.notifications.SubscriptionContext) WikiSecurityCallback(org.olat.modules.wiki.WikiSecurityCallback) UserRequest(org.olat.core.gui.UserRequest)

Example 2 with WikiSecurityCallback

use of org.olat.modules.wiki.WikiSecurityCallback in project OpenOLAT by OpenOLAT.

the class WikiEditController method event.

/**
 * @see org.olat.core.gui.control.DefaultController#event(org.olat.core.gui.UserRequest,
 *      org.olat.core.gui.components.Component,
 *      org.olat.core.gui.control.Event)
 */
public void event(UserRequest ureq, Component source, Event event) {
    if (source == previewLink) {
        // Preview as modal dialogue only if the config is valid
        RepositoryEntry re = getWikiRepoReference(moduleConfiguration, false);
        if (re == null) {
            // we cannot preview it, because the repository entry
            // had been deleted between the time when it was
            // chosen here, and now
            this.showError("error.repoentrymissing");
        } else {
            // File cpRoot =
            // FileResourceManager.getInstance().unzipFileResource(re.getOlatResource());
            Identity ident = ureq.getIdentity();
            boolean isOlatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
            boolean isResourceOwner = RepositoryManager.getInstance().isOwnerOfRepositoryEntry(ident, re);
            CourseEnvironment cenv = course.getCourseEnvironment();
            SubscriptionContext subsContext = WikiManager.createTechnicalSubscriptionContextForCourse(cenv, wikiCourseNode);
            WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOlatAdmin, false, false, isResourceOwner, subsContext);
            wikiCtr = WikiManager.getInstance().createWikiMainController(ureq, getWindowControl(), re.getOlatResource(), callback, null);
            cmcWikiCtr = new CloseableModalController(getWindowControl(), translate("command.close"), wikiCtr.getInitialComponent());
            this.listenTo(cmcWikiCtr);
            cmcWikiCtr.activate();
        }
    } else if (source == chooseButton || source == changeButton) {
        searchController = new ReferencableEntriesSearchController(getWindowControl(), ureq, WikiResource.TYPE_NAME, translate("command.choose"));
        this.listenTo(searchController);
        cmcSearchController = new CloseableModalController(getWindowControl(), translate("close"), searchController.getInitialComponent(), true, translate("command.create"));
        cmcSearchController.activate();
    } else if (source == editLink) {
        RepositoryEntry repositoryEntry = wikiCourseNode.getReferencedRepositoryEntry();
        if (repositoryEntry == null) {
            // do nothing
            return;
        }
        String bPath = "[RepositoryEntry:" + repositoryEntry.getKey() + "][Editor:0]";
        NewControllerFactory.getInstance().launch(bPath, ureq, getWindowControl());
    }
}

Also used : WikiSecurityCallbackImpl(org.olat.modules.wiki.WikiSecurityCallbackImpl) CourseEnvironment(org.olat.course.run.environment.CourseEnvironment) UserCourseEnvironment(org.olat.course.run.userview.UserCourseEnvironment) CloseableModalController(org.olat.core.gui.control.generic.closablewrapper.CloseableModalController) RepositoryEntry(org.olat.repository.RepositoryEntry) SubscriptionContext(org.olat.core.commons.services.notifications.SubscriptionContext) Identity(org.olat.core.id.Identity) WikiSecurityCallback(org.olat.modules.wiki.WikiSecurityCallback) ReferencableEntriesSearchController(org.olat.repository.controllers.ReferencableEntriesSearchController)

Example 3 with WikiSecurityCallback

use of org.olat.modules.wiki.WikiSecurityCallback in project openolat by klemens.

the class WikiHandler method createLaunchController.

@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
    // first handle special case: disabled wiki for security (XSS Attacks) reasons
    BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
    if (!securityModule.isWikiEnabled()) {
        return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
    }
    // check role
    boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
    boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
    boolean isResourceOwner = false;
    if (isOLatAdmin) {
        isResourceOwner = true;
    } else {
        isResourceOwner = reSecurity.isOwner();
    }
    OLATResource res = re.getOlatResource();
    BusinessControl bc = wControl.getBusinessControl();
    final ContextEntry ce = bc.popLauncherContextEntry();
    SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
    final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
    RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {

        @Override
        public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
            CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
            Controller controller;
            if (ce != null) {
                // jump to a certain context
                OLATResourceable ores = ce.getOLATResourceable();
                String typeName = ores.getResourceableTypeName();
                String page = typeName.substring("page=".length());
                controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
            } else {
                controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
            }
            return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
        }
    });
    return runtime;
}

Example 4 with WikiSecurityCallback

use of org.olat.modules.wiki.WikiSecurityCallback in project OpenOLAT by OpenOLAT.

the class CollaborationTools method createWikiController.

/**
 * return an controller for the wiki tool
 * @param ureq
 * @param wControl
 * @return
 */
public Controller createWikiController(UserRequest ureq, WindowControl wControl) {
    // Check for jumping to certain wiki page
    BusinessControl bc = wControl.getBusinessControl();
    ContextEntry ce = bc.popLauncherContextEntry();
    SubscriptionContext subContext = new SubscriptionContext(ores, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
    boolean isOlatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
    boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
    boolean isResourceOwner = BaseSecurityManager.getInstance().isIdentityPermittedOnResourceable(ureq.getIdentity(), Constants.PERMISSION_ACCESS, ores);
    WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOlatAdmin, isGuestOnly, true, isResourceOwner, subContext);
    if (ce != null) {
        // jump to a certain context
        OLATResourceable ceOres = ce.getOLATResourceable();
        String typeName = ceOres.getResourceableTypeName();
        String page = typeName.substring("page=".length());
        if (page != null && page.endsWith(":0")) {
            page = page.substring(0, page.length() - 2);
        }
        return WikiManager.getInstance().createWikiMainController(ureq, wControl, ores, callback, page);
    } else {
        return WikiManager.getInstance().createWikiMainController(ureq, wControl, ores, callback, null);
    }
}

Also used : WikiSecurityCallbackImpl(org.olat.modules.wiki.WikiSecurityCallbackImpl) OLATResourceable(org.olat.core.id.OLATResourceable) BusinessControl(org.olat.core.id.context.BusinessControl) SubscriptionContext(org.olat.core.commons.services.notifications.SubscriptionContext) WikiSecurityCallback(org.olat.modules.wiki.WikiSecurityCallback) ContextEntry(org.olat.core.id.context.ContextEntry)

Example 5 with WikiSecurityCallback

use of org.olat.modules.wiki.WikiSecurityCallback in project openolat by klemens.

the class CollaborationTools method createWikiController.

/**
 * return an controller for the wiki tool
 * @param ureq
 * @param wControl
 * @return
 */
public Controller createWikiController(UserRequest ureq, WindowControl wControl) {
    // Check for jumping to certain wiki page
    BusinessControl bc = wControl.getBusinessControl();
    ContextEntry ce = bc.popLauncherContextEntry();
    SubscriptionContext subContext = new SubscriptionContext(ores, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
    boolean isOlatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
    boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
    boolean isResourceOwner = BaseSecurityManager.getInstance().isIdentityPermittedOnResourceable(ureq.getIdentity(), Constants.PERMISSION_ACCESS, ores);
    WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOlatAdmin, isGuestOnly, true, isResourceOwner, subContext);
    if (ce != null) {
        // jump to a certain context
        OLATResourceable ceOres = ce.getOLATResourceable();
        String typeName = ceOres.getResourceableTypeName();
        String page = typeName.substring("page=".length());
        if (page != null && page.endsWith(":0")) {
            page = page.substring(0, page.length() - 2);
        }
        return WikiManager.getInstance().createWikiMainController(ureq, wControl, ores, callback, page);
    } else {
        return WikiManager.getInstance().createWikiMainController(ureq, wControl, ores, callback, null);
    }
}

Aggregations

SubscriptionContext (org.olat.core.commons.services.notifications.SubscriptionContext)6 WikiSecurityCallback (org.olat.modules.wiki.WikiSecurityCallback)6 WikiSecurityCallbackImpl (org.olat.modules.wiki.WikiSecurityCallbackImpl)6 OLATResourceable (org.olat.core.id.OLATResourceable)4 BusinessControl (org.olat.core.id.context.BusinessControl)4 ContextEntry (org.olat.core.id.context.ContextEntry)4 RepositoryEntry (org.olat.repository.RepositoryEntry)4 BaseSecurityModule (org.olat.basesecurity.BaseSecurityModule)2 UserRequest (org.olat.core.gui.UserRequest)2 TooledStackedPanel (org.olat.core.gui.components.stack.TooledStackedPanel)2 Controller (org.olat.core.gui.control.Controller)2 WindowControl (org.olat.core.gui.control.WindowControl)2 CloseableModalController (org.olat.core.gui.control.generic.closablewrapper.CloseableModalController)2 MainLayoutController (org.olat.core.gui.control.generic.layout.MainLayoutController)2 StepsMainRunController (org.olat.core.gui.control.generic.wizard.StepsMainRunController)2 Identity (org.olat.core.id.Identity)2 OLATResourceableListeningWrapperController (org.olat.core.util.controller.OLATResourceableListeningWrapperController)2 AssessmentMode (org.olat.course.assessment.AssessmentMode)2 CourseEnvironment (org.olat.course.run.environment.CourseEnvironment)2 UserCourseEnvironment (org.olat.course.run.userview.UserCourseEnvironment)2