Example 1 with RestSecurityHelper.getRoles
use of org.olat.restapi.security.RestSecurityHelper.getRoles in project openolat by klemens.
the class SharedFolderWebService method getVFSWebservice.
/**
* This retrieves the files in the shared folder and give full access to
* the folder, read, write, delete.
*
* @response.representation.200.doc The list of files
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course or the file not found
* @param repoEntryKey The course resourceable's id
* @param httpRequest The HTTP request
* @return
*/
@Path("{repoEntryKey}/files")
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML, MediaType.TEXT_HTML, MediaType.APPLICATION_OCTET_STREAM })
public VFSWebservice getVFSWebservice(@PathParam("repoEntryKey") Long repoEntryKey, @Context HttpServletRequest httpRequest) {
RepositoryEntry re = repositoryManager.lookupRepositoryEntry(repoEntryKey);
if (re == null) {
throw new WebApplicationException(Response.serverError().status(Status.NOT_FOUND).build());
}
VFSContainer container = SharedFolderManager.getInstance().getNamedSharedFolder(re, true);
if (container == null) {
throw new WebApplicationException(Response.serverError().status(Status.NOT_FOUND).build());
}
Roles roles = getRoles(httpRequest);
if (roles.isOLATAdmin()) {
// all ok
} else {
RepositoryEntrySecurity reSecurity = repositoryManager.isAllowed(RestSecurityHelper.getIdentity(httpRequest), RestSecurityHelper.getRoles(httpRequest), re);
if (reSecurity.isEntryAdmin()) {
// all ok
} else if (reSecurity.isMember()) {
container.setLocalSecurityCallback(new ReadOnlyCallback());
} else {
throw new WebApplicationException(Response.serverError().status(Status.UNAUTHORIZED).build());
}
}
return new VFSWebservice(container);
}
Also used :
WebApplicationException(javax.ws.rs.WebApplicationException)
ReadOnlyCallback(org.olat.core.util.vfs.callbacks.ReadOnlyCallback)
RepositoryEntrySecurity(org.olat.repository.model.RepositoryEntrySecurity)
VFSContainer(org.olat.core.util.vfs.VFSContainer)
RestSecurityHelper.getRoles(org.olat.restapi.security.RestSecurityHelper.getRoles)
Roles(org.olat.core.id.Roles)
RepositoryEntry(org.olat.repository.RepositoryEntry)
VFSWebservice(org.olat.core.util.vfs.restapi.VFSWebservice)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
Example 2 with RestSecurityHelper.getRoles
use of org.olat.restapi.security.RestSecurityHelper.getRoles in project OpenOLAT by OpenOLAT.
the class SharedFolderWebService method getVFSWebservice.
/**
* This retrieves the files in the shared folder and give full access to
* the folder, read, write, delete.
*
* @response.representation.200.doc The list of files
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course or the file not found
* @param repoEntryKey The course resourceable's id
* @param httpRequest The HTTP request
* @return
*/
@Path("{repoEntryKey}/files")
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML, MediaType.TEXT_HTML, MediaType.APPLICATION_OCTET_STREAM })
public VFSWebservice getVFSWebservice(@PathParam("repoEntryKey") Long repoEntryKey, @Context HttpServletRequest httpRequest) {
RepositoryEntry re = repositoryManager.lookupRepositoryEntry(repoEntryKey);
if (re == null) {
throw new WebApplicationException(Response.serverError().status(Status.NOT_FOUND).build());
}
VFSContainer container = SharedFolderManager.getInstance().getNamedSharedFolder(re, true);
if (container == null) {
throw new WebApplicationException(Response.serverError().status(Status.NOT_FOUND).build());
}
Roles roles = getRoles(httpRequest);
if (roles.isOLATAdmin()) {
// all ok
} else {
RepositoryEntrySecurity reSecurity = repositoryManager.isAllowed(RestSecurityHelper.getIdentity(httpRequest), RestSecurityHelper.getRoles(httpRequest), re);
if (reSecurity.isEntryAdmin()) {
// all ok
} else if (reSecurity.isMember()) {
container.setLocalSecurityCallback(new ReadOnlyCallback());
} else {
throw new WebApplicationException(Response.serverError().status(Status.UNAUTHORIZED).build());
}
}
return new VFSWebservice(container);
}
Also used :
WebApplicationException(javax.ws.rs.WebApplicationException)
ReadOnlyCallback(org.olat.core.util.vfs.callbacks.ReadOnlyCallback)
RepositoryEntrySecurity(org.olat.repository.model.RepositoryEntrySecurity)
VFSContainer(org.olat.core.util.vfs.VFSContainer)
RestSecurityHelper.getRoles(org.olat.restapi.security.RestSecurityHelper.getRoles)
Roles(org.olat.core.id.Roles)
RepositoryEntry(org.olat.repository.RepositoryEntry)
VFSWebservice(org.olat.core.util.vfs.restapi.VFSWebservice)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
Aggregations
Path (javax.ws.rs.Path)2
Produces (javax.ws.rs.Produces)2
WebApplicationException (javax.ws.rs.WebApplicationException)2
Roles (org.olat.core.id.Roles)2
VFSContainer (org.olat.core.util.vfs.VFSContainer)2
ReadOnlyCallback (org.olat.core.util.vfs.callbacks.ReadOnlyCallback)2
VFSWebservice (org.olat.core.util.vfs.restapi.VFSWebservice)2
RepositoryEntry (org.olat.repository.RepositoryEntry)2
RepositoryEntrySecurity (org.olat.repository.model.RepositoryEntrySecurity)2
RestSecurityHelper.getRoles (org.olat.restapi.security.RestSecurityHelper.getRoles)2
