use of org.olat.resource.accesscontrol.ACService in project OpenOLAT by OpenOLAT.
the class RepositoryIndexer method checkAccess.
/**
* @see org.olat.search.service.indexer.Indexer#checkAccess(org.olat.core.id.context.ContextEntry, org.olat.core.id.context.BusinessControl, org.olat.core.id.Identity, org.olat.core.id.Roles)
*/
@Override
public boolean checkAccess(ContextEntry contextEntry, BusinessControl businessControl, Identity identity, Roles roles) {
boolean debug = isLogDebugEnabled();
if (debug)
logDebug("checkAccess for businessControl=" + businessControl + " identity=" + identity + " roles=" + roles);
Long repositoryKey = contextEntry.getOLATResourceable().getResourceableId();
RepositoryEntry repositoryEntry = repositoryManager.lookupRepositoryEntry(repositoryKey);
if (repositoryEntry == null) {
return false;
}
if (roles.isGuestOnly()) {
if (repositoryEntry.getAccess() != RepositoryEntry.ACC_USERS_GUESTS) {
return false;
}
}
boolean isOwner = repositoryManager.isOwnerOfRepositoryEntry(identity, repositoryEntry);
boolean isAllowedToLaunch = false;
if (!isOwner) {
isAllowedToLaunch = repositoryManager.isAllowedToLaunch(identity, roles, repositoryEntry);
if (isAllowedToLaunch) {
List<ContextEntry> entries = businessControl.getEntriesDownTheControls();
if (entries.size() > 1) {
boolean hasAccess = false;
ACService acService = CoreSpringFactory.getImpl(ACService.class);
AccessResult acResult = acService.isAccessible(repositoryEntry, identity, false);
if (acResult.isAccessible()) {
hasAccess = true;
} else if (!acResult.getAvailableMethods().isEmpty()) {
for (OfferAccess offer : acResult.getAvailableMethods()) {
String type = offer.getMethod().getType();
if (type.equals(FreeAccessHandler.METHOD_TYPE) || type.equals(PaypalAccessHandler.METHOD_TYPE)) {
hasAccess = true;
}
}
}
isAllowedToLaunch = hasAccess;
}
}
}
if (debug)
logDebug("isOwner=" + isOwner + " isAllowedToLaunch=" + isAllowedToLaunch);
if (isOwner || isAllowedToLaunch) {
Indexer repositoryEntryIndexer = getRepositoryEntryIndexer(repositoryEntry);
if (debug)
logDebug("repositoryEntryIndexer=" + repositoryEntryIndexer);
if (repositoryEntryIndexer != null) {
return super.checkAccess(contextEntry, businessControl, identity, roles) && repositoryEntryIndexer.checkAccess(contextEntry, businessControl, identity, roles);
}
}
return false;
}
use of org.olat.resource.accesscontrol.ACService in project OpenOLAT by OpenOLAT.
the class UserCalendarWebService method getCalendars.
private void getCalendars(CalendarVisitor calVisitor, UserRequest ureq) {
Roles roles = ureq.getUserSession().getRoles();
Identity retrievedUser = ureq.getIdentity();
CalendarModule calendarModule = CoreSpringFactory.getImpl(CalendarModule.class);
if (calendarModule.isEnabled()) {
if (calendarModule.isEnablePersonalCalendar()) {
KalendarRenderWrapper personalWrapper = getPersonalCalendar(ureq.getIdentity());
calVisitor.visit(personalWrapper);
}
if (calendarModule.isEnableCourseToolCalendar() || calendarModule.isEnableCourseElementCalendar()) {
RepositoryManager rm = RepositoryManager.getInstance();
ACService acManager = CoreSpringFactory.getImpl(ACService.class);
SearchRepositoryEntryParameters repoParams = new SearchRepositoryEntryParameters(retrievedUser, roles, "CourseModule");
repoParams.setOnlyExplicitMember(true);
repoParams.setIdentity(retrievedUser);
IdentityEnvironment ienv = new IdentityEnvironment();
ienv.setIdentity(retrievedUser);
ienv.setRoles(roles);
List<RepositoryEntry> entries = rm.genericANDQueryWithRolesRestriction(repoParams, 0, -1, true);
for (RepositoryEntry entry : entries) {
AccessResult result = acManager.isAccessible(entry, retrievedUser, false);
if (result.isAccessible()) {
try {
final ICourse course = CourseFactory.loadCourse(entry);
CourseConfig config = course.getCourseEnvironment().getCourseConfig();
UserCourseEnvironment userCourseEnv = new UserCourseEnvironmentImpl(ienv, course.getCourseEnvironment());
if (config.isCalendarEnabled()) {
KalendarRenderWrapper wrapper = CourseCalendars.getCourseCalendarWrapper(ureq, userCourseEnv, null);
calVisitor.visit(wrapper);
} else {
CalCourseNodeVisitor visitor = new CalCourseNodeVisitor();
new CourseTreeVisitor(course, ienv).visit(visitor, new VisibleTreeFilter());
if (visitor.isFound()) {
KalendarRenderWrapper wrapper = CourseCalendars.getCourseCalendarWrapper(ureq, userCourseEnv, null);
calVisitor.visit(wrapper);
}
}
} catch (Exception e) {
log.error("", e);
}
}
}
}
if (calendarModule.isEnableGroupCalendar()) {
CollaborationManager collaborationManager = CoreSpringFactory.getImpl(CollaborationManager.class);
// start found forums in groups
BusinessGroupService bgm = CoreSpringFactory.getImpl(BusinessGroupService.class);
SearchBusinessGroupParams params = new SearchBusinessGroupParams(retrievedUser, true, true);
params.addTools(CollaborationTools.TOOL_CALENDAR);
List<BusinessGroup> groups = bgm.findBusinessGroups(params, null, 0, -1);
for (BusinessGroup group : groups) {
KalendarRenderWrapper wrapper = collaborationManager.getCalendar(group, ureq, false);
calVisitor.visit(wrapper);
}
}
}
}
use of org.olat.resource.accesscontrol.ACService in project OpenOLAT by OpenOLAT.
the class CourseCreationHelper method finalizeWorkflow.
/**
* Finalizes the course creation workflow via wizard.
* @param ureq
*/
public void finalizeWorkflow(final UserRequest ureq) {
// --------------------------
// 1. insert the course nodes
// --------------------------
// single page node
CourseNode singlePageNode = null;
if (courseConfig.isCreateSinglePage()) {
singlePageNode = CourseExtensionHelper.createSinglePageNode(course, translator.translate("cce.informationpage"), translator.translate("cce.informationpage.descr"));
if (singlePageNode instanceof SPCourseNode) {
final String relPath = CourseEditorHelper.createUniqueRelFilePathFromShortTitle(singlePageNode, course.getCourseFolderContainer());
HTMLDocumentHelper.createHtmlDocument(course, relPath, courseConfig.getSinglePageText(translator));
((SPCourseNode) singlePageNode).getModuleConfiguration().set(SPEditController.CONFIG_KEY_FILE, relPath);
}
}
// enrollment node
CourseNode enCourseNode = null;
if (courseConfig.isCreateEnrollment()) {
enCourseNode = CourseExtensionHelper.createEnrollmentNode(course, translator.translate("cce.enrollment"), translator.translate("cce.enrollment.descr"));
}
// download folder node
CourseNode downloadFolderNode = null;
if (courseConfig.isCreateDownloadFolder()) {
downloadFolderNode = CourseExtensionHelper.createDownloadFolderNode(course, translator.translate("cce.downloadfolder"), translator.translate("cce.downloadfolder.descr"));
}
// forum node
CourseNode forumNode = null;
if (courseConfig.isCreateForum()) {
forumNode = CourseExtensionHelper.createForumNode(course, translator.translate("cce.forum"), translator.translate("cce.forum.descr"));
}
// contact form node
CourseNode contactNode = null;
if (courseConfig.isCreateContactForm()) {
contactNode = CourseExtensionHelper.createContactFormNode(course, translator.translate("cce.contactform"), translator.translate("cce.contactform.descr"));
if (contactNode instanceof COCourseNode) {
final List<String> emails = new ArrayList<String>();
String subject = translator.translate("cce.contactform.subject") + " " + courseConfig.getCourseTitle();
String email = ureq.getIdentity().getUser().getProperty(UserConstants.EMAIL, ureq.getLocale());
if (StringHelper.containsNonWhitespace(email)) {
emails.add(email);
}
COCourseNode cocn = (COCourseNode) contactNode;
cocn.getModuleConfiguration().set(COEditController.CONFIG_KEY_EMAILTOADRESSES, emails);
cocn.getModuleConfiguration().set(COEditController.CONFIG_KEY_MSUBJECT_DEFAULT, subject);
}
}
// enrollment node
if (courseConfig.isCreateEnrollment()) {
// --------------------------
// 2. setup enrollment
// --------------------------
final String groupBaseName = createGroupBaseName();
final BusinessGroupService bgs = CoreSpringFactory.getImpl(BusinessGroupService.class);
// get default context for learning groups
// create n learning groups with m allowed members
String comma = "";
String tmpGroupList = "";
String groupNamesList = "";
for (int i = 0; i < courseConfig.getGroupCount(); i++) {
// create group
String name = groupBaseName + " " + (i + 1);
BusinessGroup learningGroup = bgs.createBusinessGroup(ureq.getIdentity(), name, null, 0, courseConfig.getSubscriberCount(), courseConfig.getEnableWaitlist(), courseConfig.getEnableFollowup(), addedEntry);
// enable the contact collaboration tool
CollaborationTools ct = CollaborationToolsFactory.getInstance().getOrCreateCollaborationTools(learningGroup);
ct.setToolEnabled(CollaborationTools.TOOL_CONTACT, true);
// append to current learning group list
groupNamesList = tmpGroupList + comma + learningGroup.getName();
enCourseNode.getModuleConfiguration().set(ENCourseNode.CONFIG_GROUPNAME, groupNamesList);
if (i == 0) {
comma = ",";
}
tmpGroupList = (String) enCourseNode.getModuleConfiguration().get(ENCourseNode.CONFIG_GROUPNAME);
}
// set signout property
enCourseNode.getModuleConfiguration().set(ENCourseNode.CONF_CANCEL_ENROLL_ENABLED, courseConfig.getEnableSignout());
// access limits on chosen course elements
if (courseConfig.getEnableAccessLimit()) {
if (courseConfig.isEnableAclContactForm()) {
if (contactNode instanceof COCourseNode) {
Condition c = ((COCourseNode) contactNode).getPreConditionVisibility();
c.setEasyModeGroupAccess(groupNamesList);
((COCourseNode) contactNode).setNoAccessExplanation(translator.translate("noaccessexplain"));
// calculate expression from easy mode form
String condString = c.getConditionFromEasyModeConfiguration();
c.setConditionExpression(condString);
c.setExpertMode(false);
}
}
if (courseConfig.isEnableAclSinglePage()) {
if (singlePageNode instanceof SPCourseNode) {
Condition c = ((SPCourseNode) singlePageNode).getPreConditionVisibility();
c.setEasyModeGroupAccess(groupNamesList);
((SPCourseNode) singlePageNode).setNoAccessExplanation(translator.translate("noaccessexplain"));
// calculate expression from easy mode form
String condString = c.getConditionFromEasyModeConfiguration();
c.setConditionExpression(condString);
c.setExpertMode(false);
}
}
if (courseConfig.isEnableAclForum()) {
if (forumNode instanceof FOCourseNode) {
Condition c = ((FOCourseNode) forumNode).getPreConditionVisibility();
c.setEasyModeGroupAccess(groupNamesList);
((FOCourseNode) forumNode).setNoAccessExplanation(translator.translate("noaccessexplain"));
// calculate expression from easy mode form
String condString = c.getConditionFromEasyModeConfiguration();
c.setConditionExpression(condString);
c.setExpertMode(false);
}
}
if (courseConfig.isEnableAclDownloadFolder()) {
if (downloadFolderNode instanceof BCCourseNode) {
Condition c = ((BCCourseNode) downloadFolderNode).getPreConditionVisibility();
c.setEasyModeGroupAccess(groupNamesList);
((BCCourseNode) downloadFolderNode).setNoAccessExplanation(translator.translate("noaccessexplain"));
// calculate expression from easy mode form
String condString = c.getConditionFromEasyModeConfiguration();
c.setConditionExpression(condString);
c.setExpertMode(false);
}
}
}
}
// --------------------------
if (courseConfig.getPublish()) {
CourseAccessAndProperties accessAndProps = courseConfig.getAccessAndProperties();
RepositoryManager manager = RepositoryManager.getInstance();
addedEntry = manager.setAccessAndProperties(accessAndProps.getRepositoryEntry(), accessAndProps.getAccess(), accessAndProps.isMembersOnly(), accessAndProps.isCanCopy(), accessAndProps.isCanReference(), accessAndProps.isCanDownload());
addedEntry = manager.setLeaveSetting(addedEntry, accessAndProps.getSetting());
List<OfferAccess> offerAccess = accessAndProps.getOfferAccess();
ACService acService = CoreSpringFactory.getImpl(ACService.class);
for (OfferAccess newLink : offerAccess) {
acService.saveOfferAccess(newLink);
}
}
course = CourseFactory.openCourseEditSession(course.getResourceableId());
course.getRunStructure().getRootNode().setShortTitle(addedEntry.getDisplayname());
course.getRunStructure().getRootNode().setLongTitle(addedEntry.getDisplayname());
CourseFactory.saveCourse(course.getResourceableId());
final CourseEditorTreeModel cetm = course.getEditorTreeModel();
final CourseNode rootNode = cetm.getCourseNode(course.getRunStructure().getRootNode().getIdent());
rootNode.setShortTitle(addedEntry.getDisplayname());
rootNode.setLongTitle(addedEntry.getDisplayname());
course.getEditorTreeModel().nodeConfigChanged(course.getRunStructure().getRootNode());
CourseFactory.saveCourseEditorTreeModel(course.getResourceableId());
// --------------------------
// 3.2 publish the course
// --------------------------
// fetch publish process
final PublishProcess pp = PublishProcess.getInstance(course, cetm, ureq.getLocale());
final StatusDescription[] sds;
// create publish node list
List<String> nodeIds = new ArrayList<String>();
nodeIds.add(cetm.getRootNode().getIdent());
for (int i = 0; i < cetm.getRootNode().getChildCount(); i++) {
nodeIds.add(cetm.getRootNode().getChildAt(i).getIdent());
}
pp.createPublishSetFor(nodeIds);
PublishSetInformations set = pp.testPublishSet(ureq.getLocale());
sds = set.getWarnings();
boolean isValid = sds.length == 0;
if (!isValid) {
// no error and no warnings -> return immediate
log.error("Course Publishing failed", new AssertionError());
}
pp.applyPublishSet(ureq.getIdentity(), ureq.getLocale(), true);
CourseFactory.closeCourseEditSession(course.getResourceableId(), true);
// save catalog entry
if (getConfiguration().getSelectedCatalogEntry() != null) {
CatalogManager cm = CoreSpringFactory.getImpl(CatalogManager.class);
CatalogEntry newEntry = cm.createCatalogEntry();
newEntry.setRepositoryEntry(addedEntry);
newEntry.setName(addedEntry.getDisplayname());
newEntry.setDescription(addedEntry.getDescription());
newEntry.setType(CatalogEntry.TYPE_LEAF);
newEntry.setOwnerGroup(BaseSecurityManager.getInstance().createAndPersistSecurityGroup());
// save entry
cm.addCatalogEntry(getConfiguration().getSelectedCatalogEntry(), newEntry);
}
}
use of org.olat.resource.accesscontrol.ACService in project OpenOLAT by OpenOLAT.
the class BCWebService method getFolders.
/**
* Retrieves metadata of the course node
* @response.representation.200.qname {http://www.example.com}folderVOes
* @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The course node metadatas
* @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_FOLDERVOes}
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course or parentNode not found
* @param courseId The course resourceable's id
* @param nodeId The node's id
* @param httpRequest The HTTP request
* @return The persisted structure element (fully populated)
*/
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response getFolders(@PathParam("courseId") Long courseId, @Context HttpServletRequest httpRequest) {
final ICourse course = CoursesWebService.loadCourse(courseId);
if (course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!CourseWebService.isCourseAccessible(course, false, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
final UserRequest ureq = getUserRequest(httpRequest);
RepositoryEntry entry = RepositoryManager.getInstance().lookupRepositoryEntry(course, true);
ACService acManager = CoreSpringFactory.getImpl(ACService.class);
AccessResult result = acManager.isAccessible(entry, ureq.getIdentity(), false);
if (!result.isAccessible()) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
final Set<String> subscribed = new HashSet<String>();
NotificationsManager man = NotificationsManager.getInstance();
List<String> notiTypes = Collections.singletonList("FolderModule");
List<Subscriber> subs = man.getSubscribers(ureq.getIdentity(), notiTypes);
for (Subscriber sub : subs) {
Long courseKey = sub.getPublisher().getResId();
if (courseId.equals(courseKey)) {
subscribed.add(sub.getPublisher().getSubidentifier());
break;
}
}
final List<FolderVO> folderVOs = new ArrayList<FolderVO>();
new CourseTreeVisitor(course, ureq.getUserSession().getIdentityEnvironment()).visit(new Visitor() {
@Override
public void visit(INode node) {
if (node instanceof BCCourseNode) {
BCCourseNode bcNode = (BCCourseNode) node;
FolderVO folder = createFolderVO(ureq.getUserSession().getIdentityEnvironment(), course, bcNode, subscribed);
folderVOs.add(folder);
}
}
}, new VisibleTreeFilter());
FolderVOes voes = new FolderVOes();
voes.setFolders(folderVOs.toArray(new FolderVO[folderVOs.size()]));
voes.setTotalCount(folderVOs.size());
return Response.ok(voes).build();
}
use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.
the class ReservationsJob method executeWithDB.
@Override
public void executeWithDB(JobExecutionContext context) throws JobExecutionException {
ACService acService = CoreSpringFactory.getImpl(ACService.class);
acService.cleanupReservations();
}
Aggregations