use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.
the class GroupIndexer method checkAccess.
@Override
public boolean checkAccess(ContextEntry contextEntry, BusinessControl businessControl, Identity identity, Roles roles) {
if (roles.isGuestOnly()) {
return false;
}
Long key = contextEntry.getOLATResourceable().getResourceableId();
BusinessGroupService bgs = CoreSpringFactory.getImpl(BusinessGroupService.class);
BusinessGroup group = bgs.loadBusinessGroup(key);
if (group == null || roles.isGuestOnly()) {
return false;
}
boolean inGroup = bgs.isIdentityInBusinessGroup(identity, group);
if (inGroup) {
return super.checkAccess(contextEntry, businessControl, identity, roles) && super.checkAccess(businessControl, identity, roles);
} else {
AccessControlModule acModule = (AccessControlModule) CoreSpringFactory.getBean("acModule");
if (acModule.isEnabled()) {
ACService acService = CoreSpringFactory.getImpl(ACService.class);
OLATResource resource = group.getResource();
if (acService.isResourceAccessControled(resource, new Date())) {
return super.checkAccess(contextEntry, businessControl, identity, roles) && super.checkAccess(businessControl, identity, roles);
}
}
return false;
}
}
use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.
the class CourseWebService method isCourseAccessible.
public static boolean isCourseAccessible(ICourse course, boolean authorRightsMandatory, HttpServletRequest request) {
if (isAdmin(request)) {
return true;
}
if (authorRightsMandatory && !isAuthor(request)) {
return false;
}
Identity identity = getIdentity(request);
RepositoryEntry entry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
ACService acManager = CoreSpringFactory.getImpl(ACService.class);
AccessResult result = acManager.isAccessible(entry, identity, false);
if (result.isAccessible()) {
return true;
}
return false;
}
use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.
the class UserCalendarWebService method getCalendars.
private void getCalendars(CalendarVisitor calVisitor, UserRequest ureq) {
Roles roles = ureq.getUserSession().getRoles();
Identity retrievedUser = ureq.getIdentity();
CalendarModule calendarModule = CoreSpringFactory.getImpl(CalendarModule.class);
if (calendarModule.isEnabled()) {
if (calendarModule.isEnablePersonalCalendar()) {
KalendarRenderWrapper personalWrapper = getPersonalCalendar(ureq.getIdentity());
calVisitor.visit(personalWrapper);
}
if (calendarModule.isEnableCourseToolCalendar() || calendarModule.isEnableCourseElementCalendar()) {
RepositoryManager rm = RepositoryManager.getInstance();
ACService acManager = CoreSpringFactory.getImpl(ACService.class);
SearchRepositoryEntryParameters repoParams = new SearchRepositoryEntryParameters(retrievedUser, roles, "CourseModule");
repoParams.setOnlyExplicitMember(true);
repoParams.setIdentity(retrievedUser);
IdentityEnvironment ienv = new IdentityEnvironment();
ienv.setIdentity(retrievedUser);
ienv.setRoles(roles);
List<RepositoryEntry> entries = rm.genericANDQueryWithRolesRestriction(repoParams, 0, -1, true);
for (RepositoryEntry entry : entries) {
AccessResult result = acManager.isAccessible(entry, retrievedUser, false);
if (result.isAccessible()) {
try {
final ICourse course = CourseFactory.loadCourse(entry);
CourseConfig config = course.getCourseEnvironment().getCourseConfig();
UserCourseEnvironment userCourseEnv = new UserCourseEnvironmentImpl(ienv, course.getCourseEnvironment());
if (config.isCalendarEnabled()) {
KalendarRenderWrapper wrapper = CourseCalendars.getCourseCalendarWrapper(ureq, userCourseEnv, null);
calVisitor.visit(wrapper);
} else {
CalCourseNodeVisitor visitor = new CalCourseNodeVisitor();
new CourseTreeVisitor(course, ienv).visit(visitor, new VisibleTreeFilter());
if (visitor.isFound()) {
KalendarRenderWrapper wrapper = CourseCalendars.getCourseCalendarWrapper(ureq, userCourseEnv, null);
calVisitor.visit(wrapper);
}
}
} catch (Exception e) {
log.error("", e);
}
}
}
}
if (calendarModule.isEnableGroupCalendar()) {
CollaborationManager collaborationManager = CoreSpringFactory.getImpl(CollaborationManager.class);
// start found forums in groups
BusinessGroupService bgm = CoreSpringFactory.getImpl(BusinessGroupService.class);
SearchBusinessGroupParams params = new SearchBusinessGroupParams(retrievedUser, true, true);
params.addTools(CollaborationTools.TOOL_CALENDAR);
List<BusinessGroup> groups = bgm.findBusinessGroups(params, null, 0, -1);
for (BusinessGroup group : groups) {
KalendarRenderWrapper wrapper = collaborationManager.getCalendar(group, ureq, false);
calVisitor.visit(wrapper);
}
}
}
}
use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.
the class PublishProcess method changeAccessAndProperties.
public void changeAccessAndProperties(Identity author, CourseAccessAndProperties accessAndProps) {
RepositoryManager manager = RepositoryManager.getInstance();
manager.setAccessAndProperties(accessAndProps.getRepositoryEntry(), accessAndProps.getAccess(), accessAndProps.isMembersOnly(), accessAndProps.isCanCopy(), accessAndProps.isCanReference(), accessAndProps.isCanDownload());
manager.setLeaveSetting(accessAndProps.getRepositoryEntry(), accessAndProps.getSetting());
List<OfferAccess> offerAccess = accessAndProps.getOfferAccess();
// 1: add new and update existing offerings
ACService acService = CoreSpringFactory.getImpl(ACService.class);
for (OfferAccess newLink : offerAccess) {
if (accessAndProps.getConfirmationEmail() != null) {
Offer offer = newLink.getOffer();
boolean confirmation = accessAndProps.getConfirmationEmail().booleanValue();
if (offer.isConfirmationEmail() != confirmation) {
offer.setConfirmationEmail(confirmation);
if (offer.getKey() != null) {
offer = acService.save(offer);
}
}
}
acService.saveOfferAccess(newLink);
}
// 2: remove offerings not available anymore
List<OfferAccess> deletedOfferAccess = accessAndProps.getDeletedOfferAccess();
for (OfferAccess deletedLink : deletedOfferAccess) {
acService.deletedLinkToMethod(deletedLink);
}
MultiUserEvent modifiedEvent = new EntryChangedEvent(repositoryEntry, author, Change.modifiedAtPublish, "publish");
CoordinatorManager.getInstance().getCoordinator().getEventBus().fireEventToListenersOf(modifiedEvent, repositoryEntry);
CoordinatorManager.getInstance().getCoordinator().getEventBus().fireEventToListenersOf(modifiedEvent, RepositoryService.REPOSITORY_EVENT_ORES);
}
use of org.olat.resource.accesscontrol.ACService in project openolat by klemens.
the class BCWebService method getFolders.
/**
* Retrieves metadata of the course node
* @response.representation.200.qname {http://www.example.com}folderVOes
* @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The course node metadatas
* @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_FOLDERVOes}
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course or parentNode not found
* @param courseId The course resourceable's id
* @param nodeId The node's id
* @param httpRequest The HTTP request
* @return The persisted structure element (fully populated)
*/
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response getFolders(@PathParam("courseId") Long courseId, @Context HttpServletRequest httpRequest) {
final ICourse course = CoursesWebService.loadCourse(courseId);
if (course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!CourseWebService.isCourseAccessible(course, false, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
final UserRequest ureq = getUserRequest(httpRequest);
RepositoryEntry entry = RepositoryManager.getInstance().lookupRepositoryEntry(course, true);
ACService acManager = CoreSpringFactory.getImpl(ACService.class);
AccessResult result = acManager.isAccessible(entry, ureq.getIdentity(), false);
if (!result.isAccessible()) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
final Set<String> subscribed = new HashSet<String>();
NotificationsManager man = NotificationsManager.getInstance();
List<String> notiTypes = Collections.singletonList("FolderModule");
List<Subscriber> subs = man.getSubscribers(ureq.getIdentity(), notiTypes);
for (Subscriber sub : subs) {
Long courseKey = sub.getPublisher().getResId();
if (courseId.equals(courseKey)) {
subscribed.add(sub.getPublisher().getSubidentifier());
break;
}
}
final List<FolderVO> folderVOs = new ArrayList<FolderVO>();
new CourseTreeVisitor(course, ureq.getUserSession().getIdentityEnvironment()).visit(new Visitor() {
@Override
public void visit(INode node) {
if (node instanceof BCCourseNode) {
BCCourseNode bcNode = (BCCourseNode) node;
FolderVO folder = createFolderVO(ureq.getUserSession().getIdentityEnvironment(), course, bcNode, subscribed);
folderVOs.add(folder);
}
}
}, new VisibleTreeFilter());
FolderVOes voes = new FolderVOes();
voes.setFolders(folderVOs.toArray(new FolderVO[folderVOs.size()]));
voes.setTotalCount(folderVOs.size());
return Response.ok(voes).build();
}
Aggregations