use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method removeParticipant.
/**
* Removes the participant from the repository entry.
* @response.representation.200.doc The user is removed as participant from the repository entry
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The repository entry or the user cannot be found
* @param repoEntryKey The key of the repository entry
* @param identityKey The user's id
* @param request The HTTP request
* @return
*/
@DELETE
@Path("participants/{identityKey}")
public Response removeParticipant(@PathParam("repoEntryKey") String repoEntryKey, @PathParam("identityKey") Long identityKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
Identity identityToRemove = securityManager.loadIdentityByKey(identityKey);
if (identityToRemove == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
final UserRequest ureq = RestSecurityHelper.getUserRequest(request);
repositoryManager.removeParticipants(ureq.getIdentity(), Collections.singletonList(identityToRemove), repoEntry, null, false);
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to remove a participant from a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method addCoach.
/**
* Adds a coach to the repository entry.
* @response.representation.200.doc The user is added as coach of the repository entry
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The repository entry or the user cannot be found
* @param repoEntryKey The key of the repository entry
* @param identityKey The user's id
* @param request The HTTP request
* @return
*/
@PUT
@Path("coaches/{identityKey}")
public Response addCoach(@PathParam("repoEntryKey") String repoEntryKey, @PathParam("identityKey") Long identityKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
Identity identityToAdd = securityManager.loadIdentityByKey(identityKey);
if (identityToAdd == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
UserRequest ureq = RestSecurityHelper.getUserRequest(request);
IdentitiesAddEvent iae = new IdentitiesAddEvent(identityToAdd);
repositoryManager.addTutors(ureq.getIdentity(), ureq.getUserSession().getRoles(), iae, repoEntry, null);
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to add a coach to a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method addOwners.
@PUT
@Path("owners")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response addOwners(UserVO[] owners, @PathParam("repoEntryKey") String repoEntryKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
List<Identity> identityToAdd = loadIdentities(owners);
UserRequest ureq = RestSecurityHelper.getUserRequest(request);
IdentitiesAddEvent iae = new IdentitiesAddEvent(identityToAdd);
repositoryManager.addOwners(ureq.getIdentity(), iae, repoEntry, new MailPackage(false));
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to add an owner to a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method addCoach.
@PUT
@Path("coaches")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response addCoach(UserVO[] coaches, @PathParam("repoEntryKey") String repoEntryKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
List<Identity> identityToAdd = loadIdentities(coaches);
UserRequest ureq = RestSecurityHelper.getUserRequest(request);
IdentitiesAddEvent iae = new IdentitiesAddEvent(identityToAdd);
repositoryManager.addTutors(ureq.getIdentity(), ureq.getUserSession().getRoles(), iae, repoEntry, null);
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to add a coach to a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project OpenOLAT by OpenOLAT.
the class CoursesWebService method importCourse.
/**
* Imports a course from a course archive zip file
* @response.representation.200.qname {http://www.example.com}courseVO
* @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The metadatas of the imported course
* @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_COURSEVO}
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @param ownerUsername set the owner of the imported course to the user of this username.
* @param request The HTTP request
* @return It returns the imported course
*/
@POST
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Consumes({ MediaType.MULTIPART_FORM_DATA })
public Response importCourse(@QueryParam("ownerUsername") String ownerUsername, @Context HttpServletRequest request) {
if (!isAuthor(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
UserRequest ureq = RestSecurityHelper.getUserRequest(request);
Identity identity = null;
// Set the owner of the imported course to the user defined in the parameter
if (ownerUsername != null && !ownerUsername.isEmpty() && isAuthor(request)) {
identity = BaseSecurityManager.getInstance().findIdentityByName(ownerUsername);
if (identity == null) {
return Response.serverError().status(Status.BAD_REQUEST).build();
}
}
if (identity == null) {
identity = ureq.getIdentity();
}
MultipartReader partsReader = null;
try {
partsReader = new MultipartReader(request);
File tmpFile = partsReader.getFile();
long length = tmpFile.length();
if (length > 0) {
Long accessRaw = partsReader.getLongValue("access");
int access = accessRaw != null ? accessRaw.intValue() : RepositoryEntry.ACC_OWNERS;
String membersOnlyRaw = partsReader.getValue("membersOnly");
boolean membersonly = "true".equals(membersOnlyRaw);
String softKey = partsReader.getValue("softkey");
String displayName = partsReader.getValue("displayname");
ICourse course = importCourse(ureq, identity, tmpFile, displayName, softKey, access, membersonly);
CourseVO vo = ObjectFactory.get(course);
return Response.ok(vo).build();
}
return Response.serverError().status(Status.NO_CONTENT).build();
} catch (Exception e) {
log.error("Error while importing a file", e);
} finally {
MultipartReader.closeQuietly(partsReader);
}
CourseVO vo = null;
return Response.ok(vo).build();
}
Aggregations