use of org.olat.modules.wiki.WikiSecurityCallbackImpl in project OpenOLAT by OpenOLAT.
the class WikiHandler method createLaunchController.
@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
// first handle special case: disabled wiki for security (XSS Attacks) reasons
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
if (!securityModule.isWikiEnabled()) {
return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
}
// check role
boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
boolean isResourceOwner = false;
if (isOLatAdmin) {
isResourceOwner = true;
} else {
isResourceOwner = reSecurity.isOwner();
}
OLATResource res = re.getOlatResource();
BusinessControl bc = wControl.getBusinessControl();
final ContextEntry ce = bc.popLauncherContextEntry();
SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
Controller controller;
if (ce != null) {
// jump to a certain context
OLATResourceable ores = ce.getOLATResourceable();
String typeName = ores.getResourceableTypeName();
String page = typeName.substring("page=".length());
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
} else {
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
}
return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
}
});
return runtime;
}
use of org.olat.modules.wiki.WikiSecurityCallbackImpl in project OpenOLAT by OpenOLAT.
the class WikiEditController method event.
/**
* @see org.olat.core.gui.control.DefaultController#event(org.olat.core.gui.UserRequest,
* org.olat.core.gui.components.Component,
* org.olat.core.gui.control.Event)
*/
public void event(UserRequest ureq, Component source, Event event) {
if (source == previewLink) {
// Preview as modal dialogue only if the config is valid
RepositoryEntry re = getWikiRepoReference(moduleConfiguration, false);
if (re == null) {
// we cannot preview it, because the repository entry
// had been deleted between the time when it was
// chosen here, and now
this.showError("error.repoentrymissing");
} else {
// File cpRoot =
// FileResourceManager.getInstance().unzipFileResource(re.getOlatResource());
Identity ident = ureq.getIdentity();
boolean isOlatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isResourceOwner = RepositoryManager.getInstance().isOwnerOfRepositoryEntry(ident, re);
CourseEnvironment cenv = course.getCourseEnvironment();
SubscriptionContext subsContext = WikiManager.createTechnicalSubscriptionContextForCourse(cenv, wikiCourseNode);
WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOlatAdmin, false, false, isResourceOwner, subsContext);
wikiCtr = WikiManager.getInstance().createWikiMainController(ureq, getWindowControl(), re.getOlatResource(), callback, null);
cmcWikiCtr = new CloseableModalController(getWindowControl(), translate("command.close"), wikiCtr.getInitialComponent());
this.listenTo(cmcWikiCtr);
cmcWikiCtr.activate();
}
} else if (source == chooseButton || source == changeButton) {
searchController = new ReferencableEntriesSearchController(getWindowControl(), ureq, WikiResource.TYPE_NAME, translate("command.choose"));
this.listenTo(searchController);
cmcSearchController = new CloseableModalController(getWindowControl(), translate("close"), searchController.getInitialComponent(), true, translate("command.create"));
cmcSearchController.activate();
} else if (source == editLink) {
RepositoryEntry repositoryEntry = wikiCourseNode.getReferencedRepositoryEntry();
if (repositoryEntry == null) {
// do nothing
return;
}
String bPath = "[RepositoryEntry:" + repositoryEntry.getKey() + "][Editor:0]";
NewControllerFactory.getInstance().launch(bPath, ureq, getWindowControl());
}
}
use of org.olat.modules.wiki.WikiSecurityCallbackImpl in project openolat by klemens.
the class WikiHandler method createLaunchController.
@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
// first handle special case: disabled wiki for security (XSS Attacks) reasons
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
if (!securityModule.isWikiEnabled()) {
return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
}
// check role
boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
boolean isResourceOwner = false;
if (isOLatAdmin) {
isResourceOwner = true;
} else {
isResourceOwner = reSecurity.isOwner();
}
OLATResource res = re.getOlatResource();
BusinessControl bc = wControl.getBusinessControl();
final ContextEntry ce = bc.popLauncherContextEntry();
SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
Controller controller;
if (ce != null) {
// jump to a certain context
OLATResourceable ores = ce.getOLATResourceable();
String typeName = ores.getResourceableTypeName();
String page = typeName.substring("page=".length());
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
} else {
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
}
return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
}
});
return runtime;
}
use of org.olat.modules.wiki.WikiSecurityCallbackImpl in project OpenOLAT by OpenOLAT.
the class CollaborationTools method createWikiController.
/**
* return an controller for the wiki tool
* @param ureq
* @param wControl
* @return
*/
public Controller createWikiController(UserRequest ureq, WindowControl wControl) {
// Check for jumping to certain wiki page
BusinessControl bc = wControl.getBusinessControl();
ContextEntry ce = bc.popLauncherContextEntry();
SubscriptionContext subContext = new SubscriptionContext(ores, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
boolean isOlatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
boolean isResourceOwner = BaseSecurityManager.getInstance().isIdentityPermittedOnResourceable(ureq.getIdentity(), Constants.PERMISSION_ACCESS, ores);
WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOlatAdmin, isGuestOnly, true, isResourceOwner, subContext);
if (ce != null) {
// jump to a certain context
OLATResourceable ceOres = ce.getOLATResourceable();
String typeName = ceOres.getResourceableTypeName();
String page = typeName.substring("page=".length());
if (page != null && page.endsWith(":0")) {
page = page.substring(0, page.length() - 2);
}
return WikiManager.getInstance().createWikiMainController(ureq, wControl, ores, callback, page);
} else {
return WikiManager.getInstance().createWikiMainController(ureq, wControl, ores, callback, null);
}
}
use of org.olat.modules.wiki.WikiSecurityCallbackImpl in project openolat by klemens.
the class CollaborationTools method createWikiController.
/**
* return an controller for the wiki tool
* @param ureq
* @param wControl
* @return
*/
public Controller createWikiController(UserRequest ureq, WindowControl wControl) {
// Check for jumping to certain wiki page
BusinessControl bc = wControl.getBusinessControl();
ContextEntry ce = bc.popLauncherContextEntry();
SubscriptionContext subContext = new SubscriptionContext(ores, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
boolean isOlatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
boolean isResourceOwner = BaseSecurityManager.getInstance().isIdentityPermittedOnResourceable(ureq.getIdentity(), Constants.PERMISSION_ACCESS, ores);
WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOlatAdmin, isGuestOnly, true, isResourceOwner, subContext);
if (ce != null) {
// jump to a certain context
OLATResourceable ceOres = ce.getOLATResourceable();
String typeName = ceOres.getResourceableTypeName();
String page = typeName.substring("page=".length());
if (page != null && page.endsWith(":0")) {
page = page.substring(0, page.length() - 2);
}
return WikiManager.getInstance().createWikiMainController(ureq, wControl, ores, callback, page);
} else {
return WikiManager.getInstance().createWikiMainController(ureq, wControl, ores, callback, null);
}
}
Aggregations