use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method removeOwner.
/**
* Removes the owner from the repository entry.
* @response.representation.200.doc The user is removed as owner from the repository entry
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The repository entry or the user cannot be found
* @param repoEntryKey The key of the repository entry
* @param identityKey The user's id
* @param request The HTTP request
* @return
*/
@DELETE
@Path("owners/{identityKey}")
public Response removeOwner(@PathParam("repoEntryKey") String repoEntryKey, @PathParam("identityKey") Long identityKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
Identity identityToRemove = securityManager.loadIdentityByKey(identityKey);
if (identityToRemove == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
final UserRequest ureq = RestSecurityHelper.getUserRequest(request);
repositoryManager.removeOwners(ureq.getIdentity(), Collections.singletonList(identityToRemove), repoEntry, new MailPackage(false));
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to remove an owner to a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method addParticipants.
@PUT
@Path("participants")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response addParticipants(UserVO[] participants, @PathParam("repoEntryKey") String repoEntryKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
List<Identity> participantList = loadIdentities(participants);
UserRequest ureq = RestSecurityHelper.getUserRequest(request);
IdentitiesAddEvent iae = new IdentitiesAddEvent(participantList);
repositoryManager.addParticipants(ureq.getIdentity(), ureq.getUserSession().getRoles(), iae, repoEntry, null);
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to add a participant to a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method addOwner.
/**
* Adds an owner to the repository entry.
* @response.representation.200.doc The user is added as owner of the repository entry
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The repository entry or the user cannot be found
* @param repoEntryKey The key of the repository entry
* @param identityKey The user's id
* @param request The HTTP request
* @return
*/
@PUT
@Path("owners/{identityKey}")
public Response addOwner(@PathParam("repoEntryKey") String repoEntryKey, @PathParam("identityKey") Long identityKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
Identity identityToAdd = securityManager.loadIdentityByKey(identityKey);
if (identityToAdd == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
UserRequest ureq = RestSecurityHelper.getUserRequest(request);
IdentitiesAddEvent iae = new IdentitiesAddEvent(identityToAdd);
repositoryManager.addOwners(ureq.getIdentity(), iae, repoEntry, new MailPackage(false));
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to add an owner to a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method removeCoach.
/**
* Removes the coach from the repository entry.
* @response.representation.200.doc The user is removed as coach from the repository entry
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The repository entry or the user cannot be found
* @param repoEntryKey The key of the repository entry
* @param identityKey The user's id
* @param request The HTTP request
* @return
*/
@DELETE
@Path("coaches/{identityKey}")
public Response removeCoach(@PathParam("repoEntryKey") String repoEntryKey, @PathParam("identityKey") Long identityKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
Identity identityToRemove = securityManager.loadIdentityByKey(identityKey);
if (identityToRemove == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
final UserRequest ureq = RestSecurityHelper.getUserRequest(request);
repositoryManager.removeTutors(ureq.getIdentity(), Collections.singletonList(identityToRemove), repoEntry, new MailPackage(false));
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to remove a coach from a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.olat.restapi.security.RestSecurityHelper.getUserRequest in project openolat by klemens.
the class RepositoryEntryResource method addParticipant.
/**
* Adds a participant to the repository entry.
* @response.representation.200.doc The user is added as participant of the repository entry
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The repository entry or the user cannot be found
* @param repoEntryKey The key of the repository entry
* @param identityKey The user's id
* @param request The HTTP request
* @return
*/
@PUT
@Path("participants/{identityKey}")
public Response addParticipant(@PathParam("repoEntryKey") String repoEntryKey, @PathParam("identityKey") Long identityKey, @Context HttpServletRequest request) {
try {
RepositoryEntry repoEntry = lookupRepositoryEntry(repoEntryKey);
if (repoEntry == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(repoEntry, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
Identity identityToAdd = securityManager.loadIdentityByKey(identityKey);
if (identityToAdd == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
UserRequest ureq = RestSecurityHelper.getUserRequest(request);
IdentitiesAddEvent iae = new IdentitiesAddEvent(identityToAdd);
repositoryManager.addParticipants(ureq.getIdentity(), ureq.getUserSession().getRoles(), iae, repoEntry, null);
return Response.ok().build();
} catch (Exception e) {
log.error("Trying to add a participant to a repository entry", e);
return Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build();
}
}
Aggregations