Skip to content
Snippets Groups Projects
Commit 562fb696 authored by srosse's avatar srosse
Browse files

no-jira: post merge changes

parent ab37ee70
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/main/java/org/olat/core/gui/control/winmgr/WindowManagerImpl.java
+ 0
2
View file @ 562fb696
...@@ -39,8 +39,6 @@ import org.olat.core.gui.WindowManager; ...@@ -39,8 +39,6 @@ import org.olat.core.gui.WindowManager;
import org.olat.core.gui.WindowSettings; import org.olat.core.gui.WindowSettings;
import org.olat.core.gui.components.Component; import org.olat.core.gui.components.Component;
import org.olat.core.gui.components.ComponentRenderer; import org.olat.core.gui.components.ComponentRenderer;
import org.olat.core.gui.components.velocity.VelocityContainer;
import org.olat.core.gui.components.velocity.VelocityContainerRenderer;
import org.olat.core.gui.control.ChiefController; import org.olat.core.gui.control.ChiefController;
import org.olat.core.gui.control.ContentableChiefController; import org.olat.core.gui.control.ContentableChiefController;
import org.olat.core.gui.control.WindowBackOffice; import org.olat.core.gui.control.WindowBackOffice;
......
src/main/java/org/olat/restapi/repository/course/CourseWebService.java
+ 74
203
View file @ 562fb696
...@@ -41,7 +41,6 @@ import javax.ws.rs.Path; ...@@ -41,7 +41,6 @@ import javax.ws.rs.Path;
import javax.ws.rs.PathParam; import javax.ws.rs.PathParam;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam; import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.CacheControl; import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Context; import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
...@@ -60,19 +59,15 @@ import org.olat.commons.calendar.ui.components.KalendarRenderWrapper; ...@@ -60,19 +59,15 @@ import org.olat.commons.calendar.ui.components.KalendarRenderWrapper;
import org.olat.core.CoreSpringFactory; import org.olat.core.CoreSpringFactory;
import org.olat.core.gui.UserRequest; import org.olat.core.gui.UserRequest;
import org.olat.core.gui.media.MediaResource; import org.olat.core.gui.media.MediaResource;
import org.olat.core.helpers.Settings;
import org.olat.core.id.Identity; import org.olat.core.id.Identity;
import org.olat.core.id.OLATResourceable;
import org.olat.core.logging.OLog; import org.olat.core.logging.OLog;
import org.olat.core.logging.Tracing; import org.olat.core.logging.Tracing;
import org.olat.core.util.StringHelper; import org.olat.core.util.StringHelper;
import org.olat.core.util.coordinate.LockResult; import org.olat.core.util.coordinate.LockResult;
import org.olat.core.util.mail.MailPackage; import org.olat.core.util.mail.MailPackage;
import org.olat.core.util.resource.OresHelper;
import org.olat.core.util.vfs.VFSItem; import org.olat.core.util.vfs.VFSItem;
import org.olat.core.util.xml.XStreamHelper; import org.olat.core.util.xml.XStreamHelper;
import org.olat.course.CourseFactory; import org.olat.course.CourseFactory;
import org.olat.course.CourseModule;
import org.olat.course.ICourse; import org.olat.course.ICourse;
import org.olat.course.config.CourseConfig; import org.olat.course.config.CourseConfig;
import org.olat.course.nodes.cal.CourseCalendars; import org.olat.course.nodes.cal.CourseCalendars;
...@@ -104,7 +99,6 @@ import com.thoughtworks.xstream.XStream; ...@@ -104,7 +99,6 @@ import com.thoughtworks.xstream.XStream;
* Initial Date: 27 apr. 2010 <br> * Initial Date: 27 apr. 2010 <br>
* @author srosse, stephane.rosse@frentix.com * @author srosse, stephane.rosse@frentix.com
*/ */
@Path("repo/courses/{courseId}")
public class CourseWebService { public class CourseWebService {
private static final OLog log = Tracing.createLoggerFor(CourseWebService.class); private static final OLog log = Tracing.createLoggerFor(CourseWebService.class);
...@@ -128,9 +122,9 @@ public class CourseWebService { ...@@ -128,9 +122,9 @@ public class CourseWebService {
/** /**
* The version of the Course Web Service * The version of the Course Web Service
* @response.representation.200.mediaType text/plain * @response.representation.200.mediaType text/plain
* @response.representation.200.doc The version of this specific Web Service * @response.representation.200.doc The version of this specific Web Service
* @response.representation.200.example 1.0 * @response.representation.200.example 1.0
* @return * @return
*/ */
@GET @GET
...@@ -141,13 +135,9 @@ public class CourseWebService { ...@@ -141,13 +135,9 @@ public class CourseWebService {
} }
@Path("groups") @Path("groups")
public CourseGroupWebService getCourseGroupWebService(@PathParam("courseId") Long courseId) { public CourseGroupWebService getCourseGroupWebService() {
OLATResource ores = getCourseOLATResource(courseId); RepositoryEntry re = RepositoryManager.getInstance().lookupRepositoryEntry(courseOres, false);
if(ores == null) { return new CourseGroupWebService(re, courseOres);
throw new WebApplicationException(Response.serverError().status(Status.NOT_FOUND).build());
}
RepositoryEntry re = getCourseEntry(ores);
return new CourseGroupWebService(re, ores);
} }
@Path("calendar") @Path("calendar")
...@@ -163,12 +153,11 @@ public class CourseWebService { ...@@ -163,12 +153,11 @@ public class CourseWebService {
/** /**
* Publish the course. * Publish the course.
* @response.representation.200.qname {http://www.example.com}courseVO * @response.representation.200.qname {http://www.example.com}courseVO
* @response.representation.200.mediaType application/xml, application/json * @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The metadatas of the created course * @response.representation.200.doc The metadatas of the created course
* @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_COURSEVO} * @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_COURSEVO}
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course not found * @response.representation.404.doc The course not found
* @param courseId The course resourceable's id
* @param locale The course locale * @param locale The course locale
* @param request The HTTP request * @param request The HTTP request
* @return It returns the metadatas of the published course. * @return It returns the metadatas of the published course.
...@@ -176,7 +165,7 @@ public class CourseWebService { ...@@ -176,7 +165,7 @@ public class CourseWebService {
@POST @POST
@Path("publish") @Path("publish")
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
public Response publishCourse(@PathParam("courseId") Long courseId, @QueryParam("locale") Locale locale, public Response publishCourse(@QueryParam("locale") Locale locale,
@QueryParam("access") Integer access, @QueryParam("membersOnly") Boolean membersOnly, @QueryParam("access") Integer access, @QueryParam("membersOnly") Boolean membersOnly,
@Context HttpServletRequest request) { @Context HttpServletRequest request) {
if(!isAuthor(request)) { if(!isAuthor(request)) {
...@@ -184,10 +173,7 @@ public class CourseWebService { ...@@ -184,10 +173,7 @@ public class CourseWebService {
} }
UserRequest ureq = getUserRequest(request); UserRequest ureq = getUserRequest(request);
ICourse course = loadCourse(courseId); if (!isAuthorEditor(course, request)) {
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
...@@ -197,56 +183,42 @@ public class CourseWebService { ...@@ -197,56 +183,42 @@ public class CourseWebService {
CourseVO vo = ObjectFactory.get(course); CourseVO vo = ObjectFactory.get(course);
return Response.ok(vo).build(); return Response.ok(vo).build();
} }
/** /**
* Get the metadatas of the course by id * Get the metadatas of the course by id
* @response.representation.200.qname {http://www.example.com}courseVO * @response.representation.200.qname {http://www.example.com}courseVO
* @response.representation.200.mediaType application/xml, application/json * @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The metadatas of the created course * @response.representation.200.doc The metadatas of the created course
* @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_COURSEVO} * @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_COURSEVO}
* @response.representation.404.doc The course not found * @response.representation.404.doc The course not found
* @param courseId The course resourceable's id
* @return It returns the <code>CourseVO</code> object representing the course. * @return It returns the <code>CourseVO</code> object representing the course.
*/ */
@GET @GET
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
public Response findById(@PathParam("courseId") Long courseId, @Context HttpServletRequest httpRequest) { public Response findById(@Context HttpServletRequest httpRequest) {
ICourse course = loadCourse(courseId); if (!isCourseAccessible(course, false, httpRequest)) {
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isCourseAccessible(course, false, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
CourseVO vo = ObjectFactory.get(course); CourseVO vo = ObjectFactory.get(course);
return Response.ok(vo).build(); return Response.ok(vo).build();
} }
/** /**
* Export the course * Export the course
* @response.representation.200.mediaType application/zip * @response.representation.200.mediaType application/zip
* @response.representation.200.doc The course as a ZIP file * @response.representation.200.doc The course as a ZIP file
* @response.representation.401.doc Not authorized to export the course * @response.representation.401.doc Not authorized to export the course
* @response.representation.404.doc The course not found * @response.representation.404.doc The course not found
* @param courseId The course resourceable's id
* @return It returns the <code>CourseVO</code> object representing the course. * @return It returns the <code>CourseVO</code> object representing the course.
*/ */
@GET @GET
@Path("file") @Path("file")
@Produces({ "application/zip", MediaType.APPLICATION_OCTET_STREAM }) @Produces({ "application/zip", MediaType.APPLICATION_OCTET_STREAM })
public Response getRepoFileById(@PathParam("courseId") Long courseId, @Context HttpServletRequest request) { public Response getRepoFileById(@Context HttpServletRequest request) {
if(!isAuthor(request)) { if(!isAuthor(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
ICourse course = loadCourse(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
RepositoryManager rm = RepositoryManager.getInstance(); RepositoryManager rm = RepositoryManager.getInstance();
RepositoryService rs = CoreSpringFactory.getImpl(RepositoryService.class); RepositoryService rs = CoreSpringFactory.getImpl(RepositoryService.class);
RepositoryEntry re = rm.lookupRepositoryEntry(course, true); RepositoryEntry re = rm.lookupRepositoryEntry(course, true);
...@@ -299,47 +271,37 @@ public class CourseWebService { ...@@ -299,47 +271,37 @@ public class CourseWebService {
/** /**
* Delete a course by id * Delete a course by id
* @response.representation.200.doc The metadatas of the created course * @response.representation.200.doc The metadatas of the created course
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course not found * @response.representation.404.doc The course not found
* @param courseId The course resourceable's id
* @param request The HTTP request * @param request The HTTP request
* @return It returns the XML representation of the <code>Structure</code> * @return It returns the XML representation of the <code>Structure</code>
* object representing the course. * object representing the course.
*/ */
@DELETE @DELETE
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
public Response deleteCourse(@PathParam("courseId") Long courseId, @Context HttpServletRequest request) { public Response deleteCourse(@Context HttpServletRequest request) {
if(!isAuthor(request)) { if(!isAuthor(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
}
ICourse course = loadCourse(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, request)) { } else if (!isAuthorEditor(course, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
UserRequest ureq = getUserRequest(request); UserRequest ureq = getUserRequest(request);
//fxdiff
ErrorWindowControl error = new ErrorWindowControl(); ErrorWindowControl error = new ErrorWindowControl();
RepositoryManager rm = RepositoryManager.getInstance(); RepositoryManager rm = RepositoryManager.getInstance();
RepositoryEntry re = rm.lookupRepositoryEntry(course, true); RepositoryEntry re = rm.lookupRepositoryEntry(course, true);
rm.deleteRepositoryEntryWithAllData(ureq, error, re); rm.deleteRepositoryEntryWithAllData(ureq, error, re);
return Response.ok().build(); return Response.ok().build();
} }
/** /**
* Get the configuration of the course * Get the configuration of the course
* @response.representation.200.qname {http://www.example.com}courseConfigVO * @response.representation.200.qname {http://www.example.com}courseConfigVO
* @response.representation.200.mediaType application/xml, application/json * @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The configuration of the course * @response.representation.200.doc The configuration of the course
* @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_COURSECONFIGVO} * @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_COURSECONFIGVO}
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course not found * @response.representation.404.doc The course not found
* @param courseId The course resourceable's id
* @param request The HTTP request * @param request The HTTP request
* @return It returns the XML representation of the <code>Structure</code> * @return It returns the XML representation of the <code>Structure</code>
* object representing the course. * object representing the course.
...@@ -347,14 +309,9 @@ public class CourseWebService { ...@@ -347,14 +309,9 @@ public class CourseWebService {
@GET @GET
@Path("configuration") @Path("configuration")
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
public Response getConfiguration(@PathParam("courseId") Long courseId, @Context HttpServletRequest request) { public Response getConfiguration(@Context HttpServletRequest request) {
if(!isAuthor(request)) { if(!isAuthor(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
}
ICourse course = loadCourse(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, request)) { } else if (!isAuthorEditor(course, request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
...@@ -425,11 +382,10 @@ public class CourseWebService { ...@@ -425,11 +382,10 @@ public class CourseWebService {
/** /**
* Get the runstructure of the course by id * Get the runstructure of the course by id
* @response.representation.200.mediaType application/xml * @response.representation.200.mediaType application/xml
* @response.representation.200.doc The run structure of the course * @response.representation.200.doc The run structure of the course
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course not found * @response.representation.404.doc The course not found
* @param courseId The course resourceable's id
* @param httpRequest The HTTP request * @param httpRequest The HTTP request
* @param request The REST request * @param request The REST request
* @return It returns the XML representation of the <code>Structure</code> * @return It returns the XML representation of the <code>Structure</code>
...@@ -438,20 +394,13 @@ public class CourseWebService { ...@@ -438,20 +394,13 @@ public class CourseWebService {
@GET @GET
@Path("runstructure") @Path("runstructure")
@Produces(MediaType.APPLICATION_XML) @Produces(MediaType.APPLICATION_XML)
public Response findRunStructureById(@PathParam("courseId") Long courseId, @Context HttpServletRequest httpRequest, @Context Request request) { public Response findRunStructureById(@Context HttpServletRequest httpRequest, @Context Request request) {
if(!isAuthor(httpRequest)) { if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
ICourse course = loadCourse(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
VFSItem runStructureItem = course.getCourseBaseContainer().resolve("runstructure.xml"); VFSItem runStructureItem = course.getCourseBaseContainer().resolve("runstructure.xml");
Date lastModified = new Date(runStructureItem.getLastModified()); Date lastModified = new Date(runStructureItem.getLastModified());
Response.ResponseBuilder response = request.evaluatePreconditions(lastModified); Response.ResponseBuilder response = request.evaluatePreconditions(lastModified);
if(response == null) { if(response == null) {
return Response.ok(myXStream.toXML(course.getRunStructure())).build(); return Response.ok(myXStream.toXML(course.getRunStructure())).build();
...@@ -461,11 +410,10 @@ public class CourseWebService { ...@@ -461,11 +410,10 @@ public class CourseWebService {
/** /**
* Get the editor tree model of the course by id * Get the editor tree model of the course by id
* @response.representation.200.mediaType application/xml * @response.representation.200.mediaType application/xml
* @response.representation.200.doc The editor tree model of the course * @response.representation.200.doc The editor tree model of the course
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course not found * @response.representation.404.doc The course not found
* @param courseId The course resourceable's id
* @param httpRequest The HTTP request * @param httpRequest The HTTP request
* @param request The REST request * @param request The REST request
* @return It returns the XML representation of the <code>Editor model</code> * @return It returns the XML representation of the <code>Editor model</code>
...@@ -474,15 +422,8 @@ public class CourseWebService { ...@@ -474,15 +422,8 @@ public class CourseWebService {
@GET @GET
@Path("editortreemodel") @Path("editortreemodel")
@Produces(MediaType.APPLICATION_XML) @Produces(MediaType.APPLICATION_XML)
public Response findEditorTreeModelById(@PathParam("courseId") Long courseId, @Context HttpServletRequest httpRequest, @Context Request request) { public Response findEditorTreeModelById(@Context HttpServletRequest httpRequest, @Context Request request) {
if(!isAuthor(httpRequest)) { if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
ICourse course = loadCourse(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
VFSItem editorModelItem = course.getCourseBaseContainer().resolve("editortreemodel.xml"); VFSItem editorModelItem = course.getCourseBaseContainer().resolve("editortreemodel.xml");
...@@ -498,26 +439,18 @@ public class CourseWebService { ...@@ -498,26 +439,18 @@ public class CourseWebService {
/** /**
* Get all owners and authors of the course * Get all owners and authors of the course
* @response.representation.200.qname {http://www.example.com}userVO * @response.representation.200.qname {http://www.example.com}userVO
* @response.representation.200.mediaType application/xml, application/json * @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The array of authors * @response.representation.200.doc The array of authors
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course not found * @response.representation.404.doc The course not found
* @param courseId The course resourceable's id
* @param httpRequest The HTTP request * @param httpRequest The HTTP request
* @return It returns an array of <code>UserVO</code> * @return It returns an array of <code>UserVO</code>
*/ */
@GET @GET
@Path("authors") @Path("authors")
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
public Response getAuthors(@PathParam("courseId") Long courseId, @Context HttpServletRequest httpRequest) { public Response getAuthors(@Context HttpServletRequest httpRequest) {
if(!isAuthor(httpRequest)) { if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
OLATResourceable course = getCourseOLATResource(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
...@@ -539,11 +472,10 @@ public class CourseWebService { ...@@ -539,11 +472,10 @@ public class CourseWebService {
/** /**
* Get this specific author and owner of the course * Get this specific author and owner of the course
* @response.representation.200.qname {http://www.example.com}userVO * @response.representation.200.qname {http://www.example.com}userVO
* @response.representation.200.mediaType application/xml, application/json * @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The author * @response.representation.200.doc The author
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course not found or the user is not an onwer or author of the course * @response.representation.404.doc The course not found or the user is not an onwer or author of the course
* @param courseId The course resourceable's id
* @param identityKey The user identifier * @param identityKey The user identifier
* @param httpRequest The HTTP request * @param httpRequest The HTTP request
* @return It returns an <code>UserVO</code> * @return It returns an <code>UserVO</code>
...@@ -551,23 +483,15 @@ public class CourseWebService { ...@@ -551,23 +483,15 @@ public class CourseWebService {
@GET @GET
@Path("authors/{identityKey}") @Path("authors/{identityKey}")
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
public Response getAuthor(@PathParam("courseId") Long courseId, @PathParam("identityKey") Long identityKey, public Response getAuthor(@PathParam("identityKey") Long identityKey,
@Context HttpServletRequest httpRequest) { @Context HttpServletRequest httpRequest) {
if(!isAuthor(httpRequest)) { if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
OLATResourceable course = getCourseOLATResource(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
RepositoryManager rm = RepositoryManager.getInstance(); RepositoryManager rm = RepositoryManager.getInstance();
RepositoryService repositoryService = CoreSpringFactory.getImpl(RepositoryService.class); RepositoryService repositoryService = CoreSpringFactory.getImpl(RepositoryService.class);
RepositoryEntry repositoryEntry = rm.lookupRepositoryEntry(course, true); RepositoryEntry repositoryEntry = rm.lookupRepositoryEntry(course, true);
BaseSecurity securityManager = BaseSecurityManager.getInstance(); BaseSecurity securityManager = BaseSecurityManager.getInstance();
SecurityGroup authorGroup = securityManager.findSecurityGroupByName(Constants.GROUP_AUTHORS); SecurityGroup authorGroup = securityManager.findSecurityGroupByName(Constants.GROUP_AUTHORS);
...@@ -583,26 +507,18 @@ public class CourseWebService { ...@@ -583,26 +507,18 @@ public class CourseWebService {
/** /**
* Add an owner and author to the course * Add an owner and author to the course
* @response.representation.200.doc The user is an author and owner of the course * @response.representation.200.doc The user is an author and owner of the course
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course or the user not found * @response.representation.404.doc The course or the user not found
* @param courseId The course resourceable's id
* @param identityKey The user identifier * @param identityKey The user identifier
* @param httpRequest The HTTP request * @param httpRequest The HTTP request
* @return It returns 200 if the user is added as owner and author of the course * @return It returns 200 if the user is added as owner and author of the course
*/ */
@PUT @PUT
@Path("authors/{identityKey}") @Path("authors/{identityKey}")
public Response addAuthor(@PathParam("courseId") Long courseId, @PathParam("identityKey") Long identityKey, public Response addAuthor(@PathParam("identityKey") Long identityKey,
@Context HttpServletRequest httpRequest) { @Context HttpServletRequest httpRequest) {
if(!isAuthor(httpRequest)) { if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
OLATResourceable course = getCourseOLATResource(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
...@@ -634,10 +550,9 @@ public class CourseWebService { ...@@ -634,10 +550,9 @@ public class CourseWebService {
/** /**
* Remove an owner and author to the course * Remove an owner and author to the course
* @response.representation.200.doc The user was successfully removed as owner of the course * @response.representation.200.doc The user was successfully removed as owner of the course
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course or the user not found * @response.representation.404.doc The course or the user not found
* @param courseId The course resourceable's id
* @param identityKey The user identifier * @param identityKey The user identifier
* @param httpRequest The HTTP request * @param httpRequest The HTTP request
* @return It returns 200 if the user is removed as owner of the course * @return It returns 200 if the user is removed as owner of the course
...@@ -645,16 +560,9 @@ public class CourseWebService { ...@@ -645,16 +560,9 @@ public class CourseWebService {
@DELETE @DELETE
@Path("authors/{identityKey}") @Path("authors/{identityKey}")
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
public Response removeAuthor(@PathParam("courseId") Long courseId, @PathParam("identityKey") Long identityKey, public Response removeAuthor(@PathParam("identityKey") Long identityKey,
@Context HttpServletRequest httpRequest) { @Context HttpServletRequest httpRequest) {
if(!isAuthor(httpRequest)) { if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
OLATResourceable course = getCourseOLATResource(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
...@@ -677,26 +585,18 @@ public class CourseWebService { ...@@ -677,26 +585,18 @@ public class CourseWebService {
/** /**
* Add a coach to the course * Add a coach to the course
* @response.representation.200.doc The user is a coach of the course * @response.representation.200.doc The user is a coach of the course
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course or the user not found * @response.representation.404.doc The course or the user not found
* @param courseId The course resourceable's id
* @param identityKey The user identifier * @param identityKey The user identifier
* @param httpRequest The HTTP request * @param httpRequest The HTTP request
* @return It returns 200 if the user is added as coach of the course * @return It returns 200 if the user is added as coach of the course
*/ */
@PUT @PUT
@Path("tutors/{identityKey}") @Path("tutors/{identityKey}")
public Response addCoach(@PathParam("courseId") Long courseId, @PathParam("identityKey") Long identityKey, public Response addCoach(@PathParam("identityKey") Long identityKey,
@Context HttpServletRequest httpRequest) { @Context HttpServletRequest httpRequest) {
if(!isAuthor(httpRequest)) { if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
OLATResourceable course = getCourseOLATResource(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
...@@ -721,26 +621,18 @@ public class CourseWebService { ...@@ -721,26 +621,18 @@ public class CourseWebService {
/** /**
* Add an participant to the course * Add an participant to the course
* @response.representation.200.doc The user is a participant of the course * @response.representation.200.doc The user is a participant of the course
* @response.representation.401.doc The roles of the authenticated user are not sufficient * @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The course or the user not found * @response.representation.404.doc The course or the user not found
* @param courseId The course resourceable's id
* @param identityKey The user identifier * @param identityKey The user identifier
* @param httpRequest The HTTP request * @param httpRequest The HTTP request
* @return It returns 200 if the user is added as owner and author of the course * @return It returns 200 if the user is added as owner and author of the course
*/ */
@PUT @PUT
@Path("participants/{identityKey}") @Path("participants/{identityKey}")
public Response addParticipant(@PathParam("courseId") Long courseId, @PathParam("identityKey") Long identityKey, public Response addParticipant(@PathParam("identityKey") Long identityKey,
@Context HttpServletRequest httpRequest) { @Context HttpServletRequest httpRequest) {
if(!isAuthor(httpRequest)) { if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
OLATResourceable course = getCourseOLATResource(courseId);
if(course == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
} else if (!isAuthorEditor(course, httpRequest)) {
return Response.serverError().status(Status.UNAUTHORIZED).build(); return Response.serverError().status(Status.UNAUTHORIZED).build();
} }
...@@ -763,21 +655,10 @@ public class CourseWebService { ...@@ -763,21 +655,10 @@ public class CourseWebService {
return Response.ok().build(); return Response.ok().build();
} }
private OLATResource getCourseOLATResource(Long courseId) {
String typeName = OresHelper.calculateTypeName(CourseModule.class);
OLATResource ores = OLATResourceManager.getInstance().findResourceable(courseId, typeName);
if(ores == null && Settings.isJUnitTest()) {
//hack for the BGContextManagerImpl which load the course
ores = OLATResourceManager.getInstance().findResourceable(courseId, "junitcourse");
}
return ores;
}
private RepositoryEntry getCourseEntry(OLATResource courseResource) {
return RepositoryManager.getInstance().lookupRepositoryEntry(courseResource, false);
}
public static boolean isCourseAccessible(ICourse course, boolean authorRightsMandatory, HttpServletRequest request) { public static boolean isCourseAccessible(ICourse course, boolean authorRightsMandatory, HttpServletRequest request) {
if(isAdmin(request)) {
return true;
}
if(authorRightsMandatory && !isAuthor(request)) { if(authorRightsMandatory && !isAuthor(request)) {
return false; return false;
} }
...@@ -791,14 +672,4 @@ public class CourseWebService { ...@@ -791,14 +672,4 @@ public class CourseWebService {
} }
return false; return false;
} }
public static ICourse loadCourse(Long courseId) {
try {
ICourse course = CourseFactory.loadCourse(courseId);
return course;
} catch(Exception ex) {
log.error("cannot load course with id: " + courseId, ex);
return null;
}
}
} }
src/main/java/org/olat/restapi/repository/course/CoursesWebService.java
+ 4
20
View file @ 562fb696
...@@ -50,7 +50,6 @@ import org.olat.core.CoreSpringFactory; ...@@ -50,7 +50,6 @@ import org.olat.core.CoreSpringFactory;
import org.olat.core.commons.persistence.DBFactory; import org.olat.core.commons.persistence.DBFactory;
import org.olat.core.gui.UserRequest; import org.olat.core.gui.UserRequest;
import org.olat.core.gui.control.Controller; import org.olat.core.gui.control.Controller;
import org.olat.core.helpers.Settings;
import org.olat.core.id.Identity; import org.olat.core.id.Identity;
import org.olat.core.id.OLATResourceable; import org.olat.core.id.OLATResourceable;
import org.olat.core.id.Roles; import org.olat.core.id.Roles;
...@@ -147,7 +146,6 @@ public class CoursesWebService { ...@@ -147,7 +146,6 @@ public class CoursesWebService {
@Context HttpServletRequest httpRequest, @Context Request request) { @Context HttpServletRequest httpRequest, @Context Request request) {
RepositoryManager rm = RepositoryManager.getInstance(); RepositoryManager rm = RepositoryManager.getInstance();
//fxdiff VCRP-1,2: access control of resources
Roles roles = getRoles(httpRequest); Roles roles = getRoles(httpRequest);
Identity identity = getIdentity(httpRequest); Identity identity = getIdentity(httpRequest);
SearchRepositoryEntryParameters params = new SearchRepositoryEntryParameters(identity, roles, CourseModule.getCourseTypeName()); SearchRepositoryEntryParameters params = new SearchRepositoryEntryParameters(identity, roles, CourseModule.getCourseTypeName());
...@@ -180,7 +178,7 @@ public class CoursesWebService { ...@@ -180,7 +178,7 @@ public class CoursesWebService {
int count=0; int count=0;
for (RepositoryEntry repoEntry : repoEntries) { for (RepositoryEntry repoEntry : repoEntries) {
try { try {
ICourse course = CourseWebService.loadCourse(repoEntry.getOlatResource().getResourceableId()); ICourse course = loadCourse(repoEntry.getOlatResource().getResourceableId());
voList.add(ObjectFactory.get(repoEntry, course)); voList.add(ObjectFactory.get(repoEntry, course));
if(count % 33 == 0) { if(count % 33 == 0) {
DBFactory.getInstance().commitAndCloseSession(); DBFactory.getInstance().commitAndCloseSession();
...@@ -197,13 +195,10 @@ public class CoursesWebService { ...@@ -197,13 +195,10 @@ public class CoursesWebService {
@Path("{courseId}") @Path("{courseId}")
public CourseWebService getCourse(@PathParam("courseId") Long courseId) { public CourseWebService getCourse(@PathParam("courseId") Long courseId) {
OLATResource ores = getCourseOLATResource(courseId); ICourse course = loadCourse(courseId);
if(ores == null) return null;
ICourse course = CourseFactory.loadCourse(courseId);
if(course == null) return null; if(course == null) return null;
CourseWebService courseWs = new CourseWebService(ores, course); OLATResource ores = course.getCourseEnvironment().getCourseGroupManager().getCourseResource();
return new CourseWebService(ores, course);
return courseWs;
} }
/** /**
...@@ -328,16 +323,6 @@ public class CoursesWebService { ...@@ -328,16 +323,6 @@ public class CoursesWebService {
return Response.ok(vo).build(); return Response.ok(vo).build();
} }
private OLATResource getCourseOLATResource(Long courseId) {
String typeName = OresHelper.calculateTypeName(CourseModule.class);
OLATResource ores = OLATResourceManager.getInstance().findResourceable(courseId, typeName);
if(ores == null && Settings.isJUnitTest()) {
//hack for the BGContextManagerImpl which load the course
ores = OLATResourceManager.getInstance().findResourceable(courseId, "junitcourse");
}
return ores;
}
public static boolean isCourseAccessible(ICourse course, boolean authorRightsMandatory, HttpServletRequest request) { public static boolean isCourseAccessible(ICourse course, boolean authorRightsMandatory, HttpServletRequest request) {
if(authorRightsMandatory && !isAuthor(request)) { if(authorRightsMandatory && !isAuthor(request)) {
return false; return false;
...@@ -363,7 +348,6 @@ public class CoursesWebService { ...@@ -363,7 +348,6 @@ public class CoursesWebService {
} }
} }
public static ICourse importCourse(UserRequest ureq, Identity identity, File fCourseImportZIP, public static ICourse importCourse(UserRequest ureq, Identity identity, File fCourseImportZIP,
String displayName, String softKey, int access, boolean membersOnly) { String displayName, String softKey, int access, boolean membersOnly) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment