Search in sources :

Example 16 with ACService

use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.

the class GroupIndexer method checkAccess.

@Override
public boolean checkAccess(ContextEntry contextEntry, BusinessControl businessControl, Identity identity, Roles roles) {
    if (roles.isGuestOnly()) {
        return false;
    }
    Long key = contextEntry.getOLATResourceable().getResourceableId();
    BusinessGroupService bgs = CoreSpringFactory.getImpl(BusinessGroupService.class);
    BusinessGroup group = bgs.loadBusinessGroup(key);
    if (group == null || roles.isGuestOnly()) {
        return false;
    }
    boolean inGroup = bgs.isIdentityInBusinessGroup(identity, group);
    if (inGroup) {
        return super.checkAccess(contextEntry, businessControl, identity, roles) && super.checkAccess(businessControl, identity, roles);
    } else {
        AccessControlModule acModule = (AccessControlModule) CoreSpringFactory.getBean("acModule");
        if (acModule.isEnabled()) {
            ACService acService = CoreSpringFactory.getImpl(ACService.class);
            OLATResource resource = group.getResource();
            if (acService.isResourceAccessControled(resource, new Date())) {
                return super.checkAccess(contextEntry, businessControl, identity, roles) && super.checkAccess(businessControl, identity, roles);
            }
        }
        return false;
    }
}
Also used : AccessControlModule(org.olat.resource.accesscontrol.AccessControlModule) BusinessGroupService(org.olat.group.BusinessGroupService) BusinessGroup(org.olat.group.BusinessGroup) ACService(org.olat.resource.accesscontrol.ACService) OLATResource(org.olat.resource.OLATResource) Date(java.util.Date)

Example 17 with ACService

use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.

the class CourseWebService method isCourseAccessible.

public static boolean isCourseAccessible(ICourse course, boolean authorRightsMandatory, HttpServletRequest request) {
    if (isAdmin(request)) {
        return true;
    }
    if (authorRightsMandatory && !isAuthor(request)) {
        return false;
    }
    Identity identity = getIdentity(request);
    RepositoryEntry entry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    ACService acManager = CoreSpringFactory.getImpl(ACService.class);
    AccessResult result = acManager.isAccessible(entry, identity, false);
    if (result.isAccessible()) {
        return true;
    }
    return false;
}
Also used : ACService(org.olat.resource.accesscontrol.ACService) AccessResult(org.olat.resource.accesscontrol.AccessResult) RepositoryEntry(org.olat.repository.RepositoryEntry) Identity(org.olat.core.id.Identity) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity)

Example 18 with ACService

use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.

the class UserCalendarWebService method getCalendars.

private void getCalendars(CalendarVisitor calVisitor, UserRequest ureq) {
    Roles roles = ureq.getUserSession().getRoles();
    Identity retrievedUser = ureq.getIdentity();
    CalendarModule calendarModule = CoreSpringFactory.getImpl(CalendarModule.class);
    if (calendarModule.isEnabled()) {
        if (calendarModule.isEnablePersonalCalendar()) {
            KalendarRenderWrapper personalWrapper = getPersonalCalendar(ureq.getIdentity());
            calVisitor.visit(personalWrapper);
        }
        if (calendarModule.isEnableCourseToolCalendar() || calendarModule.isEnableCourseElementCalendar()) {
            RepositoryManager rm = RepositoryManager.getInstance();
            ACService acManager = CoreSpringFactory.getImpl(ACService.class);
            SearchRepositoryEntryParameters repoParams = new SearchRepositoryEntryParameters(retrievedUser, roles, "CourseModule");
            repoParams.setOnlyExplicitMember(true);
            repoParams.setIdentity(retrievedUser);
            IdentityEnvironment ienv = new IdentityEnvironment();
            ienv.setIdentity(retrievedUser);
            ienv.setRoles(roles);
            List<RepositoryEntry> entries = rm.genericANDQueryWithRolesRestriction(repoParams, 0, -1, true);
            for (RepositoryEntry entry : entries) {
                AccessResult result = acManager.isAccessible(entry, retrievedUser, false);
                if (result.isAccessible()) {
                    try {
                        final ICourse course = CourseFactory.loadCourse(entry);
                        CourseConfig config = course.getCourseEnvironment().getCourseConfig();
                        UserCourseEnvironment userCourseEnv = new UserCourseEnvironmentImpl(ienv, course.getCourseEnvironment());
                        if (config.isCalendarEnabled()) {
                            KalendarRenderWrapper wrapper = CourseCalendars.getCourseCalendarWrapper(ureq, userCourseEnv, null);
                            calVisitor.visit(wrapper);
                        } else {
                            CalCourseNodeVisitor visitor = new CalCourseNodeVisitor();
                            new CourseTreeVisitor(course, ienv).visit(visitor, new VisibleTreeFilter());
                            if (visitor.isFound()) {
                                KalendarRenderWrapper wrapper = CourseCalendars.getCourseCalendarWrapper(ureq, userCourseEnv, null);
                                calVisitor.visit(wrapper);
                            }
                        }
                    } catch (Exception e) {
                        log.error("", e);
                    }
                }
            }
        }
        if (calendarModule.isEnableGroupCalendar()) {
            CollaborationManager collaborationManager = CoreSpringFactory.getImpl(CollaborationManager.class);
            // start found forums in groups
            BusinessGroupService bgm = CoreSpringFactory.getImpl(BusinessGroupService.class);
            SearchBusinessGroupParams params = new SearchBusinessGroupParams(retrievedUser, true, true);
            params.addTools(CollaborationTools.TOOL_CALENDAR);
            List<BusinessGroup> groups = bgm.findBusinessGroups(params, null, 0, -1);
            for (BusinessGroup group : groups) {
                KalendarRenderWrapper wrapper = collaborationManager.getCalendar(group, ureq, false);
                calVisitor.visit(wrapper);
            }
        }
    }
}
Also used : SearchRepositoryEntryParameters(org.olat.repository.model.SearchRepositoryEntryParameters) UserCourseEnvironment(org.olat.course.run.userview.UserCourseEnvironment) BusinessGroup(org.olat.group.BusinessGroup) VisibleTreeFilter(org.olat.course.run.userview.VisibleTreeFilter) CourseTreeVisitor(org.olat.course.run.userview.CourseTreeVisitor) Roles(org.olat.core.id.Roles) ICourse(org.olat.course.ICourse) RepositoryEntry(org.olat.repository.RepositoryEntry) KalendarRenderWrapper(org.olat.commons.calendar.ui.components.KalendarRenderWrapper) WebApplicationException(javax.ws.rs.WebApplicationException) SearchBusinessGroupParams(org.olat.group.model.SearchBusinessGroupParams) CourseConfig(org.olat.course.config.CourseConfig) UserCourseEnvironmentImpl(org.olat.course.run.userview.UserCourseEnvironmentImpl) BusinessGroupService(org.olat.group.BusinessGroupService) ACService(org.olat.resource.accesscontrol.ACService) AccessResult(org.olat.resource.accesscontrol.AccessResult) CalendarModule(org.olat.commons.calendar.CalendarModule) RepositoryManager(org.olat.repository.RepositoryManager) Identity(org.olat.core.id.Identity) IdentityEnvironment(org.olat.core.id.IdentityEnvironment) CollaborationManager(org.olat.collaboration.CollaborationManager)

Example 19 with ACService

use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.

the class PublishProcess method changeAccessAndProperties.

public void changeAccessAndProperties(Identity author, CourseAccessAndProperties accessAndProps) {
    RepositoryManager manager = RepositoryManager.getInstance();
    manager.setAccessAndProperties(accessAndProps.getRepositoryEntry(), accessAndProps.getAccess(), accessAndProps.isMembersOnly(), accessAndProps.isCanCopy(), accessAndProps.isCanReference(), accessAndProps.isCanDownload());
    manager.setLeaveSetting(accessAndProps.getRepositoryEntry(), accessAndProps.getSetting());
    List<OfferAccess> offerAccess = accessAndProps.getOfferAccess();
    // 1: add new and update existing offerings
    ACService acService = CoreSpringFactory.getImpl(ACService.class);
    for (OfferAccess newLink : offerAccess) {
        if (accessAndProps.getConfirmationEmail() != null) {
            Offer offer = newLink.getOffer();
            boolean confirmation = accessAndProps.getConfirmationEmail().booleanValue();
            if (offer.isConfirmationEmail() != confirmation) {
                offer.setConfirmationEmail(confirmation);
                if (offer.getKey() != null) {
                    offer = acService.save(offer);
                }
            }
        }
        acService.saveOfferAccess(newLink);
    }
    // 2: remove offerings not available anymore
    List<OfferAccess> deletedOfferAccess = accessAndProps.getDeletedOfferAccess();
    for (OfferAccess deletedLink : deletedOfferAccess) {
        acService.deletedLinkToMethod(deletedLink);
    }
    MultiUserEvent modifiedEvent = new EntryChangedEvent(repositoryEntry, author, Change.modifiedAtPublish, "publish");
    CoordinatorManager.getInstance().getCoordinator().getEventBus().fireEventToListenersOf(modifiedEvent, repositoryEntry);
    CoordinatorManager.getInstance().getCoordinator().getEventBus().fireEventToListenersOf(modifiedEvent, RepositoryService.REPOSITORY_EVENT_ORES);
}
Also used : OfferAccess(org.olat.resource.accesscontrol.OfferAccess) Offer(org.olat.resource.accesscontrol.Offer) EntryChangedEvent(org.olat.repository.controllers.EntryChangedEvent) ACService(org.olat.resource.accesscontrol.ACService) RepositoryManager(org.olat.repository.RepositoryManager) MultiUserEvent(org.olat.core.util.event.MultiUserEvent)

Example 20 with ACService

use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.

the class BCWebService method getFolders.

/**
 * Retrieves metadata of the course node
 * @response.representation.200.qname {http://www.example.com}folderVOes
 * @response.representation.200.mediaType application/xml, application/json
 * @response.representation.200.doc The course node metadatas
 * @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_FOLDERVOes}
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The course or parentNode not found
 * @param courseId The course resourceable's id
 * @param nodeId The node's id
 * @param httpRequest The HTTP request
 * @return The persisted structure element (fully populated)
 */
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response getFolders(@PathParam("courseId") Long courseId, @Context HttpServletRequest httpRequest) {
    final ICourse course = CoursesWebService.loadCourse(courseId);
    if (course == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    } else if (!CourseWebService.isCourseAccessible(course, false, httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    final UserRequest ureq = getUserRequest(httpRequest);
    RepositoryEntry entry = RepositoryManager.getInstance().lookupRepositoryEntry(course, true);
    ACService acManager = CoreSpringFactory.getImpl(ACService.class);
    AccessResult result = acManager.isAccessible(entry, ureq.getIdentity(), false);
    if (!result.isAccessible()) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    final Set<String> subscribed = new HashSet<String>();
    NotificationsManager man = NotificationsManager.getInstance();
    List<String> notiTypes = Collections.singletonList("FolderModule");
    List<Subscriber> subs = man.getSubscribers(ureq.getIdentity(), notiTypes);
    for (Subscriber sub : subs) {
        Long courseKey = sub.getPublisher().getResId();
        if (courseId.equals(courseKey)) {
            subscribed.add(sub.getPublisher().getSubidentifier());
            break;
        }
    }
    final List<FolderVO> folderVOs = new ArrayList<FolderVO>();
    new CourseTreeVisitor(course, ureq.getUserSession().getIdentityEnvironment()).visit(new Visitor() {

        @Override
        public void visit(INode node) {
            if (node instanceof BCCourseNode) {
                BCCourseNode bcNode = (BCCourseNode) node;
                FolderVO folder = createFolderVO(ureq.getUserSession().getIdentityEnvironment(), course, bcNode, subscribed);
                folderVOs.add(folder);
            }
        }
    }, new VisibleTreeFilter());
    FolderVOes voes = new FolderVOes();
    voes.setFolders(folderVOs.toArray(new FolderVO[folderVOs.size()]));
    voes.setTotalCount(folderVOs.size());
    return Response.ok(voes).build();
}
Also used : INode(org.olat.core.util.nodes.INode) FolderVOes(org.olat.restapi.support.vo.FolderVOes) Visitor(org.olat.core.util.tree.Visitor) CourseTreeVisitor(org.olat.course.run.userview.CourseTreeVisitor) FolderVO(org.olat.restapi.support.vo.FolderVO) VisibleTreeFilter(org.olat.course.run.userview.VisibleTreeFilter) CourseTreeVisitor(org.olat.course.run.userview.CourseTreeVisitor) ArrayList(java.util.ArrayList) ICourse(org.olat.course.ICourse) RepositoryEntry(org.olat.repository.RepositoryEntry) BCCourseNode(org.olat.course.nodes.BCCourseNode) Subscriber(org.olat.core.commons.services.notifications.Subscriber) NotificationsManager(org.olat.core.commons.services.notifications.NotificationsManager) ACService(org.olat.resource.accesscontrol.ACService) AccessResult(org.olat.resource.accesscontrol.AccessResult) RestSecurityHelper.getUserRequest(org.olat.restapi.security.RestSecurityHelper.getUserRequest) UserRequest(org.olat.core.gui.UserRequest) HashSet(java.util.HashSet) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Aggregations

ACService (org.olat.resource.accesscontrol.ACService)20 AccessResult (org.olat.resource.accesscontrol.AccessResult)12 RepositoryEntry (org.olat.repository.RepositoryEntry)10 ArrayList (java.util.ArrayList)6 Identity (org.olat.core.id.Identity)6 ICourse (org.olat.course.ICourse)6 BCCourseNode (org.olat.course.nodes.BCCourseNode)6 CourseTreeVisitor (org.olat.course.run.userview.CourseTreeVisitor)6 VisibleTreeFilter (org.olat.course.run.userview.VisibleTreeFilter)6 BusinessGroup (org.olat.group.BusinessGroup)6 BusinessGroupService (org.olat.group.BusinessGroupService)6 RepositoryManager (org.olat.repository.RepositoryManager)6 OfferAccess (org.olat.resource.accesscontrol.OfferAccess)6 IdentityEnvironment (org.olat.core.id.IdentityEnvironment)4 INode (org.olat.core.util.nodes.INode)4 Visitor (org.olat.core.util.tree.Visitor)4 FOCourseNode (org.olat.course.nodes.FOCourseNode)4 RestSecurityHelper.getIdentity (org.olat.restapi.security.RestSecurityHelper.getIdentity)4 FolderVO (org.olat.restapi.support.vo.FolderVO)3 Date (java.util.Date)2