From a29a96c355bd81b35ef3c2bac8655e6088384683 Mon Sep 17 00:00:00 2001
From: srosse <none@none>
Date: Wed, 12 Sep 2012 18:11:50 +0200
Subject: [PATCH] OO-291: implements the rights management in the course
---
.../olat/admin/policy/PolicyController.java | 78 ++---
.../org/olat/basesecurity/BaseSecurity.java | 31 +-
.../basesecurity/BaseSecurityManager.java | 204 +++++-------
.../persistence/PersistenceHelper.java | 18 +-
.../course/groupsandrights/CourseRights.java | 3 +-
.../GroupsAndRightsController.java | 221 +++++++++----
.../_i18n/LocalStrings_de.properties | 4 +-
.../manager/BusinessGroupServiceImpl.java | 12 +-
.../org/olat/group/right/BGRightManager.java | 46 ++-
.../olat/group/right/BGRightManagerImpl.java | 107 +++++-
.../java/org/olat/group/right/BGRights.java | 26 +-
.../org/olat/group/right/BGRightsImpl.java | 73 +++++
.../org/olat/group/right/BGRightsRole.java | 30 ++
.../AbstractBusinessGroupListController.java | 2 +-
.../portfolio/manager/EPFrontendManager.java | 2 +-
.../basesecurity/BaseSecurityManagerTest.java | 33 ++
.../CourseGroupManagementTest.java | 17 +-
.../olat/group/test/BGRightManagerTest.java | 304 +++++++++++++++---
18 files changed, 859 insertions(+), 352 deletions(-)
create mode 100644 src/main/java/org/olat/group/right/BGRightsImpl.java
create mode 100644 src/main/java/org/olat/group/right/BGRightsRole.java
diff --git a/src/main/java/org/olat/admin/policy/PolicyController.java b/src/main/java/org/olat/admin/policy/PolicyController.java
index 4d2c797d6ea..95953ef8879 100644
--- a/src/main/java/org/olat/admin/policy/PolicyController.java
+++ b/src/main/java/org/olat/admin/policy/PolicyController.java
@@ -29,21 +29,18 @@ import java.util.List;
import org.olat.basesecurity.BaseSecurityManager;
import org.olat.basesecurity.Policy;
-import org.olat.basesecurity.SecurityGroup;
import org.olat.core.gui.UserRequest;
import org.olat.core.gui.components.Component;
-import org.olat.core.gui.components.table.BaseTableDataModelWithoutFilter;
import org.olat.core.gui.components.table.ColumnDescriptor;
import org.olat.core.gui.components.table.DefaultColumnDescriptor;
+import org.olat.core.gui.components.table.DefaultTableDataModel;
import org.olat.core.gui.components.table.TableController;
import org.olat.core.gui.components.table.TableDataModel;
import org.olat.core.gui.components.table.TableGuiConfiguration;
-import org.olat.core.gui.control.Controller;
import org.olat.core.gui.control.Event;
import org.olat.core.gui.control.WindowControl;
import org.olat.core.gui.control.controller.BasicController;
import org.olat.core.id.Identity;
-import org.olat.resource.OLATResource;
/**
*
@@ -66,8 +63,8 @@ public class PolicyController extends BasicController {
public PolicyController(UserRequest ureq, WindowControl wControl, Identity identity) {
super(ureq, wControl);
- final List entries = BaseSecurityManager.getInstance().getPoliciesOfIdentity(identity);
- TableDataModel tdm = new PolicyTableDataModel(entries);
+ List<Policy> entries = BaseSecurityManager.getInstance().getPoliciesOfIdentity(identity);
+ TableDataModel<Policy> tdm = new PolicyTableDataModel(entries);
TableGuiConfiguration tableConfig = new TableGuiConfiguration();
@@ -83,65 +80,34 @@ public class PolicyController extends BasicController {
putInitialPanel(tableCtr.getInitialComponent());
}
- /**
- * @see org.olat.core.gui.control.DefaultController#event(org.olat.core.gui.UserRequest, org.olat.core.gui.components.Component, org.olat.core.gui.control.Event)
- */
public void event(UserRequest ureq, Component source, Event event) {
// no component events to listen to
}
-
- /**
- * @see org.olat.core.gui.control.DefaultController#event(org.olat.core.gui.UserRequest, org.olat.core.gui.control.Controller, org.olat.core.gui.control.Event)
- */
- public void event(UserRequest ureq, Controller source, Event event) {
- // no component events to listen to
- }
- /**
- *
- * @see org.olat.core.gui.control.DefaultController#doDispose(boolean)
- */
protected void doDispose() {
//
}
-
-}
-
-
-class PolicyTableDataModel extends BaseTableDataModelWithoutFilter {
- private List entries;
-
- protected PolicyTableDataModel(List entries) {
- this.entries = entries;
- }
- public int getColumnCount() {
- // group key, permission, resource
- return 4;
- }
-
- public int getRowCount() {
- return entries.size();
- }
+ private static class PolicyTableDataModel extends DefaultTableDataModel<Policy> {
+
+ public PolicyTableDataModel(List<Policy> entries) {
+ super(entries);
+ }
+
+ public int getColumnCount() {
+ // group key, permission, resource
+ return 4;
+ }
- public final Object getValueAt(int row, int col) {
- Object[] o = (Object[])entries.get(row);
- Object co = o[(col== 3? 2: col)];
- switch(col) {
- case 0: // secgr
- SecurityGroup sg = (SecurityGroup)co;
- return sg.getKey(); //"key:"+sg.getKey()+" ("+sg.getCreationDate()+")";
- case 1: // permission
- Policy po = (Policy)co;
- String perm = po.getPermission();
- return perm;
- case 2:
- OLATResource or = (OLATResource)co;
- return or.getResourceableId();
- case 3:
- OLATResource ore = (OLATResource)co;
- return ore.getResourceableTypeName();
+ public final Object getValueAt(int row, int col) {
+ Policy o = getObject(row);
+ switch(col) {
+ case 0: return o.getSecurityGroup().getKey();
+ case 1: return o.getPermission();
+ case 2: return o.getOlatResource().getResourceableId();
+ case 3: return o.getOlatResource().getResourceableTypeName();
+ }
+ return o;
}
- return co.toString();
}
}
\ No newline at end of file
diff --git a/src/main/java/org/olat/basesecurity/BaseSecurity.java b/src/main/java/org/olat/basesecurity/BaseSecurity.java
index f9390bf8e66..702acecef15 100644
--- a/src/main/java/org/olat/basesecurity/BaseSecurity.java
+++ b/src/main/java/org/olat/basesecurity/BaseSecurity.java
@@ -420,10 +420,9 @@ public interface BaseSecurity {
* @param permission
* @param olatResourceable
*/
- public void deletePolicy(SecurityGroup secGroup, String permission, OLATResourceable olatResourceable);
-
- // public void deletePolicy(Policy policy); //just deletes the policy, but not
- // the resource
+ public void deletePolicy(SecurityGroup secGroup, String permission, OLATResource olatResourceable);
+
+ public boolean deletePolicies(Collection<SecurityGroup> secGroups, Collection<OLATResource> resources);
// some queries mainly for the group/groupcontext management
/**
@@ -437,7 +436,7 @@ public interface BaseSecurity {
* @param secGroups
* @return
*/
- public List<Policy> getPoliciesOfSecurityGroup(List<SecurityGroup> secGroups);
+ public List<Policy> getPoliciesOfSecurityGroup(List<SecurityGroup> secGroups, OLATResource... resources);
/**
* Return the policies
@@ -445,7 +444,7 @@ public interface BaseSecurity {
* @param securityGroup The securityGroup (optional)
* @return
*/
- public List<Policy> getPoliciesOfResource(OLATResourceable resource, SecurityGroup securityGroup);
+ public List<Policy> getPoliciesOfResource(OLATResource resource, SecurityGroup securityGroup);
/**
* Update the policy valid dates
@@ -454,24 +453,6 @@ public interface BaseSecurity {
* @param to
*/
public void updatePolicy(Policy policy, Date from, Date to);
-
- /**
- * use for testing ONLY.
- *
- * @param permission
- * @param olatResourceable
- * @return a list of SecurityGroup objects
- */
- public List<SecurityGroup> getGroupsWithPermissionOnOlatResourceable(String permission, OLATResourceable olatResourceable);
-
- /**
- * use for testing ONLY.
- *
- * @param permission
- * @param olatResourceable
- * @return a list of Identity objects
- */
- public List<Identity> getIdentitiesWithPermissionOnOlatResourceable(String permission, OLATResourceable olatResourceable);
/**
* for debugging and info by the olat admins:
@@ -480,7 +461,7 @@ public interface BaseSecurity {
* @return scalar query return list of object[] with SecurityGroupImpl,
* PolicyImpl, OLATResourceImpl
*/
- public List<Identity> getPoliciesOfIdentity(Identity identity);
+ public List<Policy> getPoliciesOfIdentity(Identity identity);
/**
* @param authusername
diff --git a/src/main/java/org/olat/basesecurity/BaseSecurityManager.java b/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
index f7185b9637f..dc3c4b5f8d6 100644
--- a/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
+++ b/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
@@ -36,6 +36,8 @@ import java.util.Locale;
import java.util.Map;
import java.util.UUID;
+import javax.persistence.TypedQuery;
+
import org.hibernate.type.StandardBasicTypes;
import org.hibernate.type.Type;
import org.olat.admin.quota.GenericQuotaEditController;
@@ -48,6 +50,7 @@ import org.olat.basesecurity.events.NewIdentityCreatedEvent;
import org.olat.core.commons.persistence.DB;
import org.olat.core.commons.persistence.DBFactory;
import org.olat.core.commons.persistence.DBQuery;
+import org.olat.core.commons.persistence.PersistenceHelper;
import org.olat.core.gui.translator.Translator;
import org.olat.core.id.Identity;
import org.olat.core.id.ModifiedInfo;
@@ -231,59 +234,6 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
createAndPersistPolicyIfNotExists(guestGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_GUESTONLY);
}
- /**
- * @see org.olat.basesecurity.Manager#getGroupsWithPermissionOnOlatResourceable(java.lang.String,
- * org.olat.core.id.OLATResourceable
- */
- public List getGroupsWithPermissionOnOlatResourceable(String permission, OLATResourceable olatResourceable) {
- Long oresid = olatResourceable.getResourceableId();
- if (oresid == null) oresid = new Long(0); //TODO: make a method in
- // OLATResorceManager, since this
- // is implementation detail
- String oresName = olatResourceable.getResourceableTypeName();
-
- List res = DBFactory.getInstance().find(
- "select sgi from"
- + " org.olat.basesecurity.SecurityGroupImpl as sgi,"
- + " org.olat.basesecurity.PolicyImpl as poi,"
- + " org.olat.resource.OLATResourceImpl as ori"
- + " where poi.securityGroup = sgi and poi.permission = ?"
- + " and poi.olatResource = ori"
- + " and (ori.resId = ? or ori.resId = 0) and ori.resName = ?",
- new Object[] { permission, oresid, oresName }, new Type[] { StandardBasicTypes.STRING, StandardBasicTypes.LONG, StandardBasicTypes.STRING });
- return res;
- }
-
- /**
- * @see org.olat.basesecurity.Manager#getIdentitiesWithPermissionOnOlatResourceable(java.lang.String,
- * org.olat.core.id.OLATResourceable
- */
- public List getIdentitiesWithPermissionOnOlatResourceable(String permission, OLATResourceable olatResourceable) {
- Long oresid = olatResourceable.getResourceableId();
- if (oresid == null) oresid = new Long(0); //TODO: make a method in
- // OLATResorceManager, since this
- // is implementation detail
- String oresName = olatResourceable.getResourceableTypeName();
-
- // if the olatResourceable is not persisted as OLATResource, then the answer
- // is false,
- // therefore we can use the query assuming there is an OLATResource
- List res = DBFactory.getInstance().find(
- "select distinct im from"
- + " org.olat.basesecurity.SecurityGroupMembershipImpl as sgmsi,"
- + " org.olat.basesecurity.IdentityImpl as im,"
- + " org.olat.basesecurity.PolicyImpl as poi,"
- + " org.olat.resource.OLATResourceImpl as ori"
- + " where im = sgmsi.identity"
- + " and sgmsi.securityGroup = poi.securityGroup"
- + " and poi.permission = ?"
- + " and poi.olatResource = ori"
- + " and (ori.resId = ? or ori.resId = 0) and ori.resName = ?",
- // if you have a type right, you autom. have all instance rights
- new Object[] { permission, oresid, oresName }, new Type[] { StandardBasicTypes.STRING, StandardBasicTypes.LONG, StandardBasicTypes.STRING });
- return res;
- }
-
/**
* @see org.olat.basesecurity.Manager#getPoliciesOfSecurityGroup(org.olat.basesecurity.SecurityGroup)
*/
@@ -302,21 +252,27 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
}
@Override
- public List<Policy> getPoliciesOfSecurityGroup(List<SecurityGroup> secGroups) {
+ public List<Policy> getPoliciesOfSecurityGroup(List<SecurityGroup> secGroups, OLATResource... resources) {
if(secGroups == null || secGroups.isEmpty()) return Collections.emptyList();
StringBuilder sb = new StringBuilder();
- sb.append("select poi from ").append(PolicyImpl.class.getName()).append(" as poi where poi.securityGroup.key in (:secGroupKeys)");
-
- List<Long> secGroupKeys = new ArrayList<Long>(secGroups.size());
- for(SecurityGroup secGroup:secGroups) {
- secGroupKeys.add(secGroup.getKey());
+ sb.append("select poi from ").append(PolicyImpl.class.getName()).append(" as poi")
+ .append(" inner join fetch poi.securityGroup as secGroup")
+ .append(" inner join fetch poi.olatResource as resource")
+ .append(" where secGroup.key in (:secGroupKeys)");
+ if(resources != null && resources.length > 0) {
+ sb.append(" and resource.key in (:resourceKeys)");
}
- List<Policy> policies = DBFactory.getInstance().getCurrentEntityManager()
+ List<Long> secGroupKeys = PersistenceHelper.toKeys(secGroups);
+ TypedQuery<Policy> queryPolicies = DBFactory.getInstance().getCurrentEntityManager()
.createQuery(sb.toString(), Policy.class)
- .setParameter("secGroupKeys", secGroupKeys)
- .getResultList();
+ .setParameter("secGroupKeys", secGroupKeys);
+ if(resources != null && resources.length > 0) {
+ List<Long> resourceKeys = PersistenceHelper.toKeys(resources);
+ queryPolicies.setParameter("resourceKeys", resourceKeys);
+ }
+ List<Policy> policies = queryPolicies.getResultList();
return policies;
}
@@ -324,48 +280,22 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
* @see org.olat.basesecurity.BaseSecurity#getPoliciesOfResource(org.olat.core.id.OLATResourceable)
*/
@Override
- public List<Policy> getPoliciesOfResource(OLATResourceable olatResourceable, SecurityGroup secGroup) {
+ public List<Policy> getPoliciesOfResource(OLATResource resource, SecurityGroup secGroup) {
StringBuilder sb = new StringBuilder();
sb.append("select poi from ").append(PolicyImpl.class.getName()).append(" poi where ")
- .append("(poi.olatResource.resId=:resId or poi.olatResource.resId=0)")
- .append(" and poi.olatResource.resName=:resName");
+ .append(" poi.olatResource.key=:resourceKey ");
if(secGroup != null) {
- sb.append(" and poi.securityGroup=:secGroup");
+ sb.append(" and poi.securityGroup.key=:secGroupKey");
}
- DBQuery query = DBFactory.getInstance().createQuery(sb.toString());
- query.setLong("resId", olatResourceable.getResourceableId());
- query.setString("resName", olatResourceable.getResourceableTypeName());
+ TypedQuery<Policy> query = DBFactory.getInstance().getCurrentEntityManager()
+ .createQuery(sb.toString(), Policy.class)
+ .setParameter("resourceKey", resource.getKey());
if(secGroup != null) {
- query.setEntity("secGroup", secGroup);
+ query.setParameter("secGroupKey", secGroup.getKey());
}
- return query.list();
+ return query.getResultList();
}
-
- /**
- * @see org.olat.basesecurity.Manager#isIdentityPermittedOnResourceable(org.olat.core.id.Identity, java.lang.String, org.olat.core.id.OLATResourceable
- */
- /*
- * MAY BE USED LATER - do not remove please public boolean
- * isGroupPermittedOnResourceable(SecurityGroup secGroup, String permission,
- * OLATResourceable olatResourceable) { Long oresid =
- * olatResourceable.getResourceableId(); if (oresid == null) oresid = new
- * Long(0); //TODO: make a method in OLATResorceManager, since this is
- * implementation detail String oresName =
- * olatResourceable.getResourceableTypeName(); List res =
- * DB.getInstance().find("select count(poi) from"+ "
- * org.olat.basesecurity.SecurityGroupImpl as sgi,"+ "
- * org.olat.basesecurity.PolicyImpl as poi,"+ "
- * org.olat.resource.OLATResourceImpl as ori"+ " where sgi.key = ?" + " and
- * poi.securityGroup = sgi and poi.permission = ?"+ " and poi.olatResource =
- * ori" + " and (ori.resId = ? or ori.resId = 0) and ori.resName = ?", new
- * Object[] { secGroup.getKey(), permission, oresid, oresName }, new Type[] {
- * Hibernate.LONG, Hibernate.STRING, Hibernate.LONG, Hibernate.STRING } );
- * Integer cntI = (Integer)res.get(0); int cnt = cntI.intValue(); return (cnt >
- * 0); // can be > 1 if identity is in more the one group having the
- * permission on the olatresourceable }
- */
-
public boolean isIdentityPermittedOnResourceable(Identity identity, String permission, OLATResourceable olatResourceable) {
return isIdentityPermittedOnResourceable(identity, permission, olatResourceable, true);
@@ -439,19 +369,18 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
* @param identity
* @return List of policies
*/
- public List getPoliciesOfIdentity(Identity identity) {
- IdentityImpl iimpl = getImpl(identity);
- List res = DBFactory.getInstance().find(
- "select sgi, poi, ori from"
- + " org.olat.basesecurity.SecurityGroupMembershipImpl as sgmsi,"
- + " org.olat.basesecurity.SecurityGroupImpl as sgi,"
- + " org.olat.basesecurity.PolicyImpl as poi,"
- + " org.olat.resource.OLATResourceImpl as ori"
- + " where sgmsi.identity = ? and sgmsi.securityGroup = sgi"
- + " and poi.securityGroup = sgi and poi.olatResource = ori",
- new Object[] { iimpl.getKey() }, new Type[] { StandardBasicTypes.LONG });
- // scalar query, we get a List of Object[]'s
- return res;
+ @Override
+ public List<Policy> getPoliciesOfIdentity(Identity identity) {
+ StringBuilder sb = new StringBuilder();
+ sb.append("select poi from ").append(PolicyImpl.class.getName()).append(" as poi ")
+ .append("inner join fetch poi.securityGroup as secGroup ")
+ .append("inner join fetch poi.olatResource as resource ")
+ .append("where secGroup in (select sgmi.securityGroup from ")
+ .append(SecurityGroupMembershipImpl.class.getName()).append(" as sgmi where sgmi.identity.key=:identityKey)");
+ return DBFactory.getInstance().getCurrentEntityManager()
+ .createQuery(sb.toString(), Policy.class)
+ .setParameter("identityKey", identity.getKey())
+ .getResultList();
}
@Override
@@ -636,39 +565,58 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
return existingPolicy;
}
+ public Policy findPolicy(SecurityGroup secGroup, String permission, OLATResource olatResource) {
+ StringBuilder sb = new StringBuilder();
+ sb.append("select poi from ").append(PolicyImpl.class.getName()).append(" as poi ")
+ .append(" where poi.permission=:permission and poi.olatResource.key=:resourceKey and poi.securityGroup.key=:secGroupKey");
- Policy findPolicy(SecurityGroup secGroup, String permission, OLATResource olatResource) {
- Long secKey = secGroup.getKey();
- Long orKey = olatResource.getKey();
+ List<Policy> policies = DBFactory.getInstance().getCurrentEntityManager()
+ .createQuery(sb.toString(), Policy.class)
+ .setParameter("permission", permission)
+ .setParameter("resourceKey", olatResource.getKey())
+ .setParameter("secGroupKey", secGroup.getKey())
+ .getResultList();
+
- List res = DBFactory.getInstance().find(
- " select poi from org.olat.basesecurity.PolicyImpl as poi"
- + " where poi.permission = ? and poi.olatResource = ? and poi.securityGroup = ?",
- new Object[] { permission, orKey, secKey },
- new Type[] { StandardBasicTypes.STRING, StandardBasicTypes.LONG, StandardBasicTypes.LONG });
- if (res.size() == 0) {
+ if (policies.isEmpty()) {
return null;
}
- else {
- PolicyImpl poi = (PolicyImpl) res.get(0);
- return poi;
- }
+ return policies.get(0);
}
private void deletePolicy(Policy policy) {
DBFactory.getInstance().deleteObject(policy);
}
+ @Override
+ public boolean deletePolicies(Collection<SecurityGroup> secGroups, Collection<OLATResource> resources) {
+ if(secGroups == null || secGroups.isEmpty() || resources == null || resources.isEmpty()) return false;
+
+ StringBuilder sb = new StringBuilder();
+ sb.append("delete from ").append(PolicyImpl.class.getName()).append(" as poi ")
+ .append(" where poi.olatResource.key in (:resourceKey) and poi.securityGroup.key in (:secGroupKeys)");
+
+ List<Long> secGroupKeys = PersistenceHelper.toKeys(secGroups);
+ List<Long> resourceKeys = PersistenceHelper.toKeys(resources);
+ int rows = DBFactory.getInstance().getCurrentEntityManager()
+ .createQuery(sb.toString())
+ .setParameter("resourceKey", resourceKeys)
+ .setParameter("secGroupKeys", secGroupKeys)
+ .executeUpdate();
+ return rows > 0;
+ }
+
/**
* @see org.olat.basesecurity.Manager#deletePolicy(org.olat.basesecurity.SecurityGroup, java.lang.String, org.olat.core.id.OLATResourceable
*/
- public void deletePolicy(SecurityGroup secGroup, String permission, OLATResourceable olatResourceable) {
- OLATResource olatResource = orm.findResourceable(olatResourceable);
- if (olatResource == null) throw new AssertException("cannot delete policy of a null olatresourceable!");
- Policy p = findPolicy(secGroup, permission, olatResource);
+ @Override
+ public void deletePolicy(SecurityGroup secGroup, String permission, OLATResource resource) {
+ if (resource == null) throw new AssertException("cannot delete policy of a null olatresourceable!");
+ Policy p = findPolicy(secGroup, permission, resource);
// fj: introduced strict testing here on purpose
- if (p == null) throw new AssertException("findPolicy returned null, cannot delete policy");
- deletePolicy(p);
+ if (p != null) {
+ deletePolicy(p);
+ }
}
/**
diff --git a/src/main/java/org/olat/core/commons/persistence/PersistenceHelper.java b/src/main/java/org/olat/core/commons/persistence/PersistenceHelper.java
index 3eb40b58f59..db5a30fc356 100644
--- a/src/main/java/org/olat/core/commons/persistence/PersistenceHelper.java
+++ b/src/main/java/org/olat/core/commons/persistence/PersistenceHelper.java
@@ -27,6 +27,7 @@
package org.olat.core.commons.persistence;
import java.util.ArrayList;
+import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
@@ -242,11 +243,26 @@ public class PersistenceHelper {
* @param list
* @return
*/
- public static List<Long> toKeys(List<? extends Persistable> list) {
+ public static List<Long> toKeys(Collection<? extends Persistable> list) {
List<Long> keys = new ArrayList<Long>();
for(Persistable obj:list) {
keys.add(obj.getKey());
}
return keys;
}
+
+ /**
+ *
+ * @param list
+ * @return
+ */
+ public static List<Long> toKeys(Persistable... list) {
+ List<Long> keys = new ArrayList<Long>();
+ if(list != null && list.length > 0) {
+ for(Persistable obj:list) {
+ keys.add(obj.getKey());
+ }
+ }
+ return keys;
+ }
}
diff --git a/src/main/java/org/olat/course/groupsandrights/CourseRights.java b/src/main/java/org/olat/course/groupsandrights/CourseRights.java
index 6545d84c01e..28934e391c2 100644
--- a/src/main/java/org/olat/course/groupsandrights/CourseRights.java
+++ b/src/main/java/org/olat/course/groupsandrights/CourseRights.java
@@ -32,7 +32,6 @@ import java.util.Locale;
import org.olat.core.gui.translator.Translator;
import org.olat.core.util.Util;
import org.olat.group.right.BGRightManager;
-import org.olat.group.right.BGRights;
/**
* Description:<BR/>
@@ -42,7 +41,7 @@ import org.olat.group.right.BGRights;
*
* @author gnaegi
*/
-public class CourseRights implements BGRights {
+public class CourseRights {
// since right are stored as permissions, lenght is limited to 12 chars!!
diff --git a/src/main/java/org/olat/course/groupsandrights/GroupsAndRightsController.java b/src/main/java/org/olat/course/groupsandrights/GroupsAndRightsController.java
index aba50f84b8c..0217712fbe0 100644
--- a/src/main/java/org/olat/course/groupsandrights/GroupsAndRightsController.java
+++ b/src/main/java/org/olat/course/groupsandrights/GroupsAndRightsController.java
@@ -20,7 +20,10 @@
package org.olat.course.groupsandrights;
import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import java.util.UUID;
import org.olat.core.CoreSpringFactory;
@@ -32,7 +35,6 @@ import org.olat.core.gui.components.form.flexible.elements.MultipleSelectionElem
import org.olat.core.gui.components.form.flexible.impl.FormBasicController;
import org.olat.core.gui.components.form.flexible.impl.FormEvent;
import org.olat.core.gui.components.form.flexible.impl.FormLayoutContainer;
-import org.olat.core.gui.components.form.flexible.impl.elements.FormSubmit;
import org.olat.core.gui.components.form.flexible.impl.elements.MultipleSelectionElementImpl;
import org.olat.core.gui.components.form.flexible.impl.elements.table.DefaultFlexiColumnModel;
import org.olat.core.gui.components.form.flexible.impl.elements.table.FlexiTableColumnModel;
@@ -45,6 +47,8 @@ import org.olat.core.gui.control.WindowControl;
import org.olat.group.BusinessGroup;
import org.olat.group.BusinessGroupService;
import org.olat.group.right.BGRightManager;
+import org.olat.group.right.BGRights;
+import org.olat.group.right.BGRightsRole;
import org.olat.resource.OLATResource;
/**
@@ -54,8 +58,7 @@ import org.olat.resource.OLATResource;
public class GroupsAndRightsController extends FormBasicController {
private GroupsAndRightsDataModel tableDataModel;
- private FormLink addAllLink, removeAllLink;
- private FormSubmit saveLink;
+ private FormLink removeAllLink;
private final OLATResource resource;
private final BGRightManager rightManager;
@@ -86,42 +89,58 @@ public class GroupsAndRightsController extends FormBasicController {
}
tableColumnModel.addFlexiColumnModel(new DefaultFlexiColumnModel("table.header.remove"));
- List<RightOption> groupRights = loadModel();
+ List<BGRightsOption> groupRights = loadModel();
tableDataModel = new GroupsAndRightsDataModel(groupRights, tableColumnModel);
uifactory.addTableElement("rightList", tableDataModel, formLayout);
-
FormLayoutContainer buttonsLayout = FormLayoutContainer.createButtonLayout("buttons", getTranslator());
buttonsLayout.setRootForm(mainForm);
formLayout.add("buttons", buttonsLayout);
- saveLink = uifactory.addFormSubmitButton("save", buttonsLayout);
+ uifactory.addFormSubmitButton("save", buttonsLayout);
removeAllLink = uifactory.addFormLink("remove.all", buttonsLayout, Link.BUTTON);
- addAllLink = uifactory.addFormLink("add.all", buttonsLayout, Link.BUTTON);
}
- private List<RightOption> loadModel() {
- List<RightOption> options = new ArrayList<RightOption>();
-
+ private List<BGRightsOption> loadModel() {
+ List<BGRightsOption> options = new ArrayList<BGRightsOption>();
List<BusinessGroup> groups = businessGroupService.findBusinessGroups(null, resource, 0, -1);
+
+ List<BGRights> currentRights = rightManager.findBGRights(groups, resource);
+ Map<Long,BGRights> tutorToRightsMap = new HashMap<Long,BGRights>();
+ Map<Long,BGRights> participantToRightsMap = new HashMap<Long,BGRights>();
+ for(BGRights right:currentRights) {
+ if(right.getRole() == BGRightsRole.tutor) {
+ tutorToRightsMap.put(right.getBusinessGroupKey(), right);
+ } else if(right.getRole() == BGRightsRole.participant) {
+ participantToRightsMap.put(right.getBusinessGroupKey(), right);
+ }
+ }
+
for(BusinessGroup group:groups) {
- RightOption groupRights = new RightOption(group, "tutor");
- fillCheckbox(groupRights);
- FormLink removeLink = uifactory.addFormLink("remove_" + UUID.randomUUID().toString(), "table.header.remove", "table.header.remove", flc, Link.LINK);
- removeLink.setUserObject(groupRights);
- groupRights.setRemoveLink(removeLink);
-
- options.add(groupRights);
+ options.add(getRightsOption(group, tutorToRightsMap.get(group.getKey()), BGRightsRole.tutor));
+ options.add(getRightsOption(group, participantToRightsMap.get(group.getKey()), BGRightsRole.participant));
}
return options;
}
- private void fillCheckbox(RightOption groupRights) {
- List<MultipleSelectionElement> selections = new ArrayList<MultipleSelectionElement>();
- for(String right : CourseRights.getAvailableRights()) {
- MultipleSelectionElement selection = createSelection(false);
- selection.setUserObject(groupRights);
- selections.add(selection);
+ private BGRightsOption getRightsOption(BusinessGroup group, BGRights r, BGRightsRole role) {
+ BGRightsOption options = new BGRightsOption(group, role);
+ fillCheckbox(options, r == null ? null : r.getRights());
+ FormLink rmLink = uifactory.addFormLink("remove_" + UUID.randomUUID().toString(), "table.header.remove", "table.header.remove", flc, Link.LINK);
+ rmLink.setUserObject(options);
+ options.setRemoveLink(rmLink);
+ return options;
+ }
+
+ private void fillCheckbox(BGRightsOption groupRights, List<String> permissions) {
+ List<BGRight> selections = new ArrayList<BGRight>();
+ for(String permission : CourseRights.getAvailableRights()) {
+ BGRight permissionEl = new BGRight(permission);
+ boolean selected = permissions == null ? false : permissions.contains(permission);
+ MultipleSelectionElement selection = createSelection(selected);
+ permissionEl.setSelection(selection);
+ selection.setUserObject(permissionEl);
+ selections.add(permissionEl);
}
groupRights.setRightsEl(selections);
}
@@ -142,15 +161,17 @@ public class GroupsAndRightsController extends FormBasicController {
@Override
protected void formOK(UserRequest ureq) {
- //
-
- System.out.println();
+ doSaveChanges();
}
@Override
protected void formInnerEvent(UserRequest ureq, FormItem source, FormEvent event) {
- if(source == addAllLink) {
-
+ if(source instanceof FormLink && source.getUserObject() instanceof BGRightsOption) {
+ String name = source.getName();
+ if(name.startsWith("remove_")) {
+ BGRightsOption option = (BGRightsOption)source.getUserObject();
+ doRemoveRights(option);
+ }
} else if (source == removeAllLink) {
doRemoveAllRights();
} else {
@@ -158,25 +179,78 @@ public class GroupsAndRightsController extends FormBasicController {
}
}
- private void doRemoveAllRights() {
- List<BusinessGroup> groups = businessGroupService.findBusinessGroups(null, resource, 0, -1);
- for(BusinessGroup group:groups) {
+ private List<BusinessGroup> getGroups() {
+ List<BusinessGroup> groups = new ArrayList<BusinessGroup>();
+ for(BGRightsOption option:tableDataModel.getObjects()) {
+ if(option.getRole() == BGRightsRole.tutor) {
+ groups.add(option.getGroup());
+ }
+ }
+ return groups;
+ }
+
+ private void doSaveChanges() {
+ //collect group
+ List<BGRightsOption> options = tableDataModel.getObjects();
+ List<BusinessGroup> groups = getGroups();
+
+ //collect current rights
+ List<BGRights> currentRights = rightManager.findBGRights(groups, resource);
+ Map<Long,BGRights> tutorToRightsMap = new HashMap<Long,BGRights>();
+ Map<Long,BGRights> participantToRightsMap = new HashMap<Long,BGRights>();
+ for(BGRights right:currentRights) {
+ if(right.getRole() == BGRightsRole.tutor) {
+ tutorToRightsMap.put(right.getBusinessGroupKey(), right);
+ } else if(right.getRole() == BGRightsRole.participant) {
+ participantToRightsMap.put(right.getBusinessGroupKey(), right);
+ }
+ }
+
+ for(BGRightsOption option:options) {
+ List<String> newPermissions = option.getSelectedPermissions();
- List<String> rights = rightManager.findBGRights(group);
+ BGRights rights = null;
+ if(option.getRole() == BGRightsRole.tutor) {
+ rights = tutorToRightsMap.get(option.getGroupKey());
+ } else if(option.getRole() == BGRightsRole.participant) {
+ rights = participantToRightsMap.get(option.getGroupKey());
+ }
+ if(rights == null && newPermissions.isEmpty()) {
+ continue;//nothing to do
+ }
+ List<String> currentPermissions = (rights == null ? Collections.<String>emptyList() : rights.getRights());
+ if(newPermissions.containsAll(currentPermissions) && currentPermissions.containsAll(newPermissions)) {
+ continue;//nothing to do
+ }
+ List<String> newPermissionsTmp = new ArrayList<String>(newPermissions);
+ newPermissionsTmp.removeAll(currentPermissions);
+ for(String newPermission:newPermissionsTmp) {
+ rightManager.addBGRight(newPermission, option.getGroup(), resource, option.getRole());
+ }
+ currentPermissions.removeAll(newPermissions);
+ for(String currentPermission:currentPermissions) {
+ rightManager.removeBGRight(currentPermission, option.getGroup(), resource, option.getRole());
+ }
}
-
-
-
-
+ }
+
+ private void doRemoveRights(BGRightsOption option) {
+ rightManager.removeBGRights(option.getGroup(), resource, option.getRole());
+ }
+
+ private void doRemoveAllRights() {
+ List<BusinessGroup> groups = getGroups();
+ rightManager.removeBGRights(groups, resource);
+ loadModel();
}
- private static class GroupsAndRightsDataModel extends DefaultTableDataModel<RightOption> implements FlexiTableDataModel {
+ private class GroupsAndRightsDataModel extends DefaultTableDataModel<BGRightsOption> implements FlexiTableDataModel {
private FlexiTableColumnModel columnModel;
- public GroupsAndRightsDataModel(List<RightOption> options, FlexiTableColumnModel columnModel) {
+ public GroupsAndRightsDataModel(List<BGRightsOption> options, FlexiTableColumnModel columnModel) {
super(options);
this.columnModel = columnModel;
}
@@ -198,53 +272,90 @@ public class GroupsAndRightsController extends FormBasicController {
@Override
public Object getValueAt(int row, int col) {
- RightOption groupRights = getObject(row);
+ BGRightsOption groupRights = getObject(row);
if(col == 0) {
return groupRights.getGroupName();
} else if (col == 1) {
- return groupRights.getRole();
+ BGRightsRole role = groupRights.getRole();
+ switch(role) {
+ case tutor: return translate("tutor");
+ case participant: return translate("participant");
+ }
+ return "";
} else if (col == (getColumnCount() - 1)) {
return groupRights.getRemoveLink();
}
//rights
int rightPos = col - 2;
- MultipleSelectionElement rightEl = groupRights.getRightsEl().get(rightPos);
- return rightEl;
+ return groupRights.getRightsEl().get(rightPos).getSelection();
+ }
+ }
+
+ private static class BGRight {
+ private final String permission;
+ private MultipleSelectionElement selection;
+
+ public BGRight(String permission) {
+ this.permission = permission;
+ }
+
+ public MultipleSelectionElement getSelection() {
+ return selection;
+ }
+
+ public void setSelection(MultipleSelectionElement selection) {
+ this.selection = selection;
+ }
+
+ public String getPermission() {
+ return permission;
}
}
- private static class RightOption {
- private final String groupName;
- private final Long groupKey;
- private final String role;
+ private static class BGRightsOption {
+ private final BusinessGroup group;
+ private final BGRightsRole role;
- private List<MultipleSelectionElement> rightsEl;
+ private List<BGRight> rightsEl;
private FormLink removeLink;
- public RightOption(BusinessGroup group, String role) {
- groupName = group.getName();
- groupKey = group.getKey();
+ public BGRightsOption(BusinessGroup group, BGRightsRole role) {
+ this.group = group;
this.role = role;
}
public String getGroupName() {
- return groupName;
+ return group.getName();
}
public Long getGroupKey() {
- return groupKey;
+ return group.getKey();
+ }
+
+ public BusinessGroup getGroup() {
+ return group;
}
- public String getRole() {
+ public BGRightsRole getRole() {
return role;
}
- public List<MultipleSelectionElement> getRightsEl() {
+ public List<String> getSelectedPermissions() {
+ List<String> permissions = new ArrayList<String>(rightsEl.size());
+ for(BGRight rightEl:rightsEl) {
+ if(rightEl.getSelection().isAtLeastSelected(1)) {
+ permissions.add(rightEl.getPermission());
+ }
+ }
+ return permissions;
+ }
+
+ public List<BGRight> getRightsEl() {
return rightsEl;
}
- public void setRightsEl(List<MultipleSelectionElement> rightsEl) {
+ public void setRightsEl(List<BGRight> rightsEl) {
this.rightsEl = rightsEl;
}
diff --git a/src/main/java/org/olat/course/groupsandrights/_i18n/LocalStrings_de.properties b/src/main/java/org/olat/course/groupsandrights/_i18n/LocalStrings_de.properties
index 2ecd83f2edf..85bcb1b3e46 100644
--- a/src/main/java/org/olat/course/groupsandrights/_i18n/LocalStrings_de.properties
+++ b/src/main/java/org/olat/course/groupsandrights/_i18n/LocalStrings_de.properties
@@ -12,4 +12,6 @@ table.header.role=Rolle
table.header.remove=Entfernen
menu.rights=Rechte
remove.all=Alle Rechte Entfernen
-add.all=Alle Rechte hinzufügen
\ No newline at end of file
+add.all=Alle Rechte hinzufügen
+tutor=Betreuer
+participant=Teilnehmer
\ No newline at end of file
diff --git a/src/main/java/org/olat/group/manager/BusinessGroupServiceImpl.java b/src/main/java/org/olat/group/manager/BusinessGroupServiceImpl.java
index 3472dff90a6..e1533eb8695 100644
--- a/src/main/java/org/olat/group/manager/BusinessGroupServiceImpl.java
+++ b/src/main/java/org/olat/group/manager/BusinessGroupServiceImpl.java
@@ -88,6 +88,7 @@ import org.olat.group.model.IdentityGroupKey;
import org.olat.group.model.MembershipModification;
import org.olat.group.model.SearchBusinessGroupParams;
import org.olat.group.right.BGRightManager;
+import org.olat.group.right.BGRightsRole;
import org.olat.group.ui.BGMailHelper;
import org.olat.group.ui.edit.BusinessGroupModifiedEvent;
import org.olat.instantMessaging.IMConfigSync;
@@ -422,10 +423,15 @@ public class BusinessGroupServiceImpl implements BusinessGroupService, UserDataD
}
// 7. copy rights
if (copyRights) {
- List<String> sourceRights = rightManager.findBGRights(sourceBusinessGroup);
- for (String sourceRight:sourceRights) {
- rightManager.addBGRight(sourceRight, newGroup);
+ List<String> participantRights = rightManager.findBGRights(sourceBusinessGroup, BGRightsRole.participant);
+ for (String sourceRight:participantRights) {
+ rightManager.addBGRight(sourceRight, newGroup, BGRightsRole.participant);
}
+ List<String> tutorRights = rightManager.findBGRights(sourceBusinessGroup, BGRightsRole.tutor);
+ for (String sourceRight:tutorRights) {
+ rightManager.addBGRight(sourceRight, newGroup, BGRightsRole.tutor);
+ }
+
}
// 8. copy waiting-lisz
if (copyWaitingList) {
diff --git a/src/main/java/org/olat/group/right/BGRightManager.java b/src/main/java/org/olat/group/right/BGRightManager.java
index 91f29d45578..bc5dfa7c75d 100644
--- a/src/main/java/org/olat/group/right/BGRightManager.java
+++ b/src/main/java/org/olat/group/right/BGRightManager.java
@@ -25,6 +25,7 @@
package org.olat.group.right;
+import java.util.Collection;
import java.util.List;
import org.olat.core.id.Identity;
@@ -42,8 +43,8 @@ import org.olat.resource.OLATResource;
*/
public interface BGRightManager {
/**
- * buiness group rights are stored as perminssions. all business group right
- * permission must use this prfix to work properly
+ * Business group rights are stored as permissions. all business group right
+ * permission must use this prefix to work properly
*/
public static final String BG_RIGHT_PREFIX = "bgr.";
@@ -55,7 +56,16 @@ public interface BGRightManager {
* @param bgRight
* @param rightGroup
*/
- public abstract void addBGRight(String bgRight, BusinessGroup rightGroup);
+ public void addBGRight(String bgRight, BusinessGroup group, BGRightsRole role);
+
+ /**
+ *
+ * @param bgRight
+ * @param group
+ * @param resource
+ * @param role
+ */
+ public void addBGRight(String bgRight, BusinessGroup group, OLATResource resource, BGRightsRole role);
/**
* Remove a business group right from a business group
@@ -63,7 +73,21 @@ public interface BGRightManager {
* @param bgRight
* @param rightGroup
*/
- public abstract void removeBGRight(String bgRight, BusinessGroup rightGroup);
+ public void removeBGRight(String bgRight, BusinessGroup group, OLATResource resource, BGRightsRole role);
+
+ /**
+ *
+ * @param rightGroup
+ * @param resource
+ * @param roles
+ */
+ public void removeBGRights(BusinessGroup group, OLATResource resource, BGRightsRole role);
+
+ /**
+ *
+ * @param groups
+ */
+ public void removeBGRights(Collection<BusinessGroup> groups, OLATResource resource);
/**
* @param bgRight
@@ -72,19 +96,27 @@ public interface BGRightManager {
* @return true if an identity is in a group that has this business group
* right in the given resource
*/
- public abstract boolean hasBGRight(String bgRight, Identity identity, OLATResource resource);
+ public boolean hasBGRight(String bgRight, Identity identity, OLATResource resource);
/**
* @param rightGroup
* @return a list of all business group rights associated with the given
* business group
*/
- public List<String> findBGRights(BusinessGroup group);
+ public List<String> findBGRights(BusinessGroup group, BGRightsRole roles);
+
+ /**
+ *
+ * @param groups
+ * @param resource
+ * @return
+ */
+ public List<BGRights> findBGRights(List<BusinessGroup> groups, OLATResource resource);
/**
*
* @param groups
* @return
*/
- public int countBGRight(List<BusinessGroup> groups);
+ public boolean hasBGRight(List<BusinessGroup> groups);
}
\ No newline at end of file
diff --git a/src/main/java/org/olat/group/right/BGRightManagerImpl.java b/src/main/java/org/olat/group/right/BGRightManagerImpl.java
index 5fe32bddbfd..e28d15f204c 100644
--- a/src/main/java/org/olat/group/right/BGRightManagerImpl.java
+++ b/src/main/java/org/olat/group/right/BGRightManagerImpl.java
@@ -26,8 +26,11 @@
package org.olat.group.right;
import java.util.ArrayList;
+import java.util.Collection;
import java.util.Collections;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import org.olat.basesecurity.BaseSecurity;
import org.olat.basesecurity.Policy;
@@ -60,10 +63,23 @@ public class BGRightManagerImpl extends BasicManager implements BGRightManager {
* org.olat.group.BusinessGroup)
*/
@Override
- public void addBGRight(String bgRight, BusinessGroup rightGroup) {
+ public void addBGRight(String bgRight, BusinessGroup rightGroup, BGRightsRole roles) {
List<OLATResource> resources = businessGroupRelationDAO.findResources(Collections.singletonList(rightGroup), 0, -1);
for(OLATResource resource:resources) {
+ if(roles == BGRightsRole.participant) {
+ securityManager.createAndPersistPolicy(rightGroup.getPartipiciantGroup(), bgRight, resource);
+ } else if(roles == BGRightsRole.tutor) {
+ securityManager.createAndPersistPolicy(rightGroup.getOwnerGroup(), bgRight, resource);
+ }
+ }
+ }
+
+ @Override
+ public void addBGRight(String bgRight, BusinessGroup rightGroup, OLATResource resource, BGRightsRole roles) {
+ if(roles == BGRightsRole.participant) {
securityManager.createAndPersistPolicy(rightGroup.getPartipiciantGroup(), bgRight, resource);
+ } else if(roles == BGRightsRole.tutor) {
+ securityManager.createAndPersistPolicy(rightGroup.getOwnerGroup(), bgRight, resource);
}
}
@@ -72,13 +88,33 @@ public class BGRightManagerImpl extends BasicManager implements BGRightManager {
* org.olat.group.BusinessGroup)
*/
@Override
- public void removeBGRight(String bgRight, BusinessGroup rightGroup) {
- List<OLATResource> resources = businessGroupRelationDAO.findResources(Collections.singletonList(rightGroup), 0, -1);
- for(OLATResource resource:resources) {
+ public void removeBGRight(String bgRight, BusinessGroup rightGroup, OLATResource resource, BGRightsRole roles) {
+ if(roles == BGRightsRole.participant) {
securityManager.deletePolicy(rightGroup.getPartipiciantGroup(), bgRight, resource);
+ } else if (roles == BGRightsRole.tutor) {
+ securityManager.deletePolicy(rightGroup.getOwnerGroup(), bgRight, resource);
+ }
+ }
+
+ @Override
+ public void removeBGRights(BusinessGroup rightGroup, OLATResource resource, BGRightsRole role) {
+ if(role == BGRightsRole.tutor) {
+ securityManager.deletePolicies(Collections.singletonList(rightGroup.getOwnerGroup()), Collections.singletonList(resource));
+ } else if(role == BGRightsRole.participant) {
+ securityManager.deletePolicies(Collections.singletonList(rightGroup.getPartipiciantGroup()), Collections.singletonList(resource));
}
}
+ @Override
+ public void removeBGRights(Collection<BusinessGroup> groups, OLATResource resource) {
+ List<SecurityGroup> secGroups = new ArrayList<SecurityGroup>(groups.size() * 2);
+ for(BusinessGroup group:groups) {
+ secGroups.add(group.getOwnerGroup());
+ secGroups.add(group.getPartipiciantGroup());
+ }
+ securityManager.deletePolicies(secGroups, Collections.singletonList(resource));
+ }
+
@Override
public boolean hasBGRight(String bgRight, Identity identity, OLATResource resource) {
return securityManager.isIdentityPermittedOnResourceable(identity, bgRight, resource);
@@ -88,8 +124,17 @@ public class BGRightManagerImpl extends BasicManager implements BGRightManager {
* @see org.olat.group.right.BGRightManager#findBGRights(org.olat.group.BusinessGroup)
*/
@Override
- public List<String> findBGRights(BusinessGroup rightGroup) {
- List<Policy> results = securityManager.getPoliciesOfSecurityGroup(rightGroup.getPartipiciantGroup());
+ public List<String> findBGRights(BusinessGroup group, BGRightsRole role) {
+ SecurityGroup secGroup = null;
+ if(role == BGRightsRole.tutor) {
+ secGroup = group.getOwnerGroup();
+ } else if(role == BGRightsRole.participant) {
+ secGroup = group.getPartipiciantGroup();
+ } else {
+ return Collections.emptyList();
+ }
+
+ List<Policy> results = securityManager.getPoliciesOfSecurityGroup(secGroup);
// filter all business group rights permissions. group right permissions
// start with bgr.
List<String> rights = new ArrayList<String>();
@@ -99,26 +144,66 @@ public class BGRightManagerImpl extends BasicManager implements BGRightManager {
}
return rights;
}
+
+ @Override
+ public List<BGRights> findBGRights(List<BusinessGroup> groups, OLATResource resource) {
+ Map<SecurityGroup,BusinessGroup> secToGroupMap = new HashMap<SecurityGroup,BusinessGroup>();
+ List<SecurityGroup> tutorSecGroups = new ArrayList<SecurityGroup>(groups.size());
+ List<SecurityGroup> participantSecGroups = new ArrayList<SecurityGroup>(groups.size());
+ for(BusinessGroup group:groups) {
+ tutorSecGroups.add(group.getOwnerGroup());
+ secToGroupMap.put(group.getOwnerGroup(), group);
+ participantSecGroups.add(group.getPartipiciantGroup());
+ secToGroupMap.put(group.getPartipiciantGroup(), group);
+ }
+ List<BGRights> rights = new ArrayList<BGRights>();
+ List<Policy> tutorPolicies = securityManager.getPoliciesOfSecurityGroup(tutorSecGroups, resource);
+ rights.addAll(findBGRights(tutorPolicies, secToGroupMap, resource, BGRightsRole.tutor));
+ List<Policy> participantPolicies = securityManager.getPoliciesOfSecurityGroup(participantSecGroups, resource);
+ rights.addAll(findBGRights(participantPolicies, secToGroupMap, resource, BGRightsRole.participant));
+ return rights;
+ }
+
+ private List<BGRights> findBGRights(List<Policy> policies, Map<SecurityGroup,BusinessGroup> secToGroupMap, OLATResource resource, BGRightsRole role) {
+ List<BGRights> rights = new ArrayList<BGRights>();
+ Map<BGRights,BGRights> rightsMap = new HashMap<BGRights,BGRights>();
+ for (Policy policy:policies) {
+ String right = policy.getPermission();
+ if (right.indexOf(BG_RIGHT_PREFIX) == 0 && policy.getOlatResource().equals(resource)) {
+ BusinessGroup group = secToGroupMap.get(policy.getSecurityGroup());
+ BGRights wrapper = new BGRightsImpl(group.getKey(), role);
+ if(rightsMap.containsKey(wrapper)) {
+ wrapper = rightsMap.get(wrapper);
+ } else {
+ rightsMap.put(wrapper, wrapper);
+ }
+ wrapper.getRights().add(right);
+ rights.add(wrapper);
+ }
+ }
+
+ return rights;
+ }
@Override
- public int countBGRight(List<BusinessGroup> groups) {
- if(groups == null || groups.isEmpty()) return 0;
+ public boolean hasBGRight(List<BusinessGroup> groups) {
+ if(groups == null || groups.isEmpty()) return false;
List<SecurityGroup> secGroups = new ArrayList<SecurityGroup>(groups.size());
for(BusinessGroup group:groups) {
+ secGroups.add(group.getOwnerGroup());
secGroups.add(group.getPartipiciantGroup());
}
List<Policy> results = securityManager.getPoliciesOfSecurityGroup(secGroups);
// filter all business group rights permissions. group right permissions
// start with bgr.
- int count = 0;
for (Policy rightPolicy:results) {
String right = rightPolicy.getPermission();
if (right.indexOf(BG_RIGHT_PREFIX) == 0) {
- count++;
+ return true;
}
}
- return count;
+ return false;
}
}
diff --git a/src/main/java/org/olat/group/right/BGRights.java b/src/main/java/org/olat/group/right/BGRights.java
index 7b410dc0711..10429f9fd2f 100644
--- a/src/main/java/org/olat/group/right/BGRights.java
+++ b/src/main/java/org/olat/group/right/BGRights.java
@@ -28,26 +28,28 @@ package org.olat.group.right;
import java.util.List;
/**
- * Description:<BR>
- * Generic callback interface to get a list of all available rights and a
- * translator that can translate the keys stored in the list to
- * internationalized strings.
- * <P>
- * Initial Date: Aug 31, 2004
*
- * @author gnaegi
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
*/
public interface BGRights {
+
+ /**
+ *
+ * @return
+ */
+ public Long getBusinessGroupKey();
+
+ /**
+ *
+ * @return
+ */
+ public BGRightsRole getRole();
/**
* @return A list of right keys
*/
public List<String> getRights();
- /**
- * @param right
- * @return The translated right
- */
- public String transateRight(String right);
+
}
diff --git a/src/main/java/org/olat/group/right/BGRightsImpl.java b/src/main/java/org/olat/group/right/BGRightsImpl.java
new file mode 100644
index 00000000000..537d6a39442
--- /dev/null
+++ b/src/main/java/org/olat/group/right/BGRightsImpl.java
@@ -0,0 +1,73 @@
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.group.right;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ *
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
+ */
+public class BGRightsImpl implements BGRights {
+
+ private final Long groupKey;
+ private final List<String> rights = new ArrayList<String>();
+ private final BGRightsRole role;
+
+ public BGRightsImpl(Long groupKey, BGRightsRole role) {
+ this.groupKey = groupKey;
+ this.role = role;
+ }
+
+
+ @Override
+ public Long getBusinessGroupKey() {
+ return groupKey;
+ }
+
+ @Override
+ public BGRightsRole getRole() {
+ return role;
+ }
+
+ @Override
+ public List<String> getRights() {
+ return rights;
+ }
+
+ @Override
+ public int hashCode() {
+ return groupKey == null ? 49872 : groupKey.hashCode();
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if(obj == this) {
+ return true;
+ }
+ if(obj instanceof BGRightsImpl) {
+ BGRightsImpl rImpl = (BGRightsImpl)obj;
+ return groupKey != null && groupKey.equals(rImpl.groupKey)
+ && role != null && role.equals(rImpl.role);
+ }
+ return super.equals(obj);
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/org/olat/group/right/BGRightsRole.java b/src/main/java/org/olat/group/right/BGRightsRole.java
new file mode 100644
index 00000000000..ca41e0aa30d
--- /dev/null
+++ b/src/main/java/org/olat/group/right/BGRightsRole.java
@@ -0,0 +1,30 @@
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.group.right;
+
+/**
+ *
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
+ */
+public enum BGRightsRole {
+ tutor,
+ participant,
+
+}
diff --git a/src/main/java/org/olat/group/ui/main/AbstractBusinessGroupListController.java b/src/main/java/org/olat/group/ui/main/AbstractBusinessGroupListController.java
index 3bfd1c8df26..abf089b71c2 100644
--- a/src/main/java/org/olat/group/ui/main/AbstractBusinessGroupListController.java
+++ b/src/main/java/org/olat/group/ui/main/AbstractBusinessGroupListController.java
@@ -441,7 +441,7 @@ public abstract class AbstractBusinessGroupListController extends BasicControlle
boolean enableCoursesCopy = businessGroupService.hasResources(groups);
boolean enableAreasCopy = areaManager.countBGAreasOfBusinessGroups(groups) > 0;
- boolean enableRightsCopy = rightManager.countBGRight(groups) > 0;
+ boolean enableRightsCopy = rightManager.hasBGRight(groups);
Step start = new BGCopyPreparationStep(ureq, groups, enableCoursesCopy, enableAreasCopy, enableRightsCopy);
StepRunnerCallback finish = new StepRunnerCallback() {
diff --git a/src/main/java/org/olat/portfolio/manager/EPFrontendManager.java b/src/main/java/org/olat/portfolio/manager/EPFrontendManager.java
index b9a5dd5ac3e..ebb7dfd1a26 100755
--- a/src/main/java/org/olat/portfolio/manager/EPFrontendManager.java
+++ b/src/main/java/org/olat/portfolio/manager/EPFrontendManager.java
@@ -1070,7 +1070,7 @@ public class EPFrontendManager extends BasicManager {
return isMapShared(resource);
}
- public boolean isMapShared(OLATResourceable resource) {
+ public boolean isMapShared(OLATResource resource) {
List<Policy> policies = securityManager.getPoliciesOfResource(resource, null);
for(Policy policy:policies) {
if(policy.getPermission().contains(Constants.PERMISSION_READ)) {
diff --git a/src/test/java/org/olat/basesecurity/BaseSecurityManagerTest.java b/src/test/java/org/olat/basesecurity/BaseSecurityManagerTest.java
index d682ea1c4bf..bb7f56f4ffc 100644
--- a/src/test/java/org/olat/basesecurity/BaseSecurityManagerTest.java
+++ b/src/test/java/org/olat/basesecurity/BaseSecurityManagerTest.java
@@ -236,6 +236,39 @@ public class BaseSecurityManagerTest extends OlatTestCase {
Assert.assertEquals(1, ids.size());
Assert.assertEquals(id, ids.get(0));
}
+
+ @Test
+ public void testGetPoliciesOfSecurityGroup() {
+
+ //securityManager.createAndPersistPolicy(secGroup, permission, olatResourceable);
+
+ //public List<Policy> getPoliciesOfSecurityGroup(SecurityGroup secGroup) {
+
+ }
+ @Test
+ public void testGetPoliciesOfSecurityGroups() {
+ //public List<Policy> getPoliciesOfSecurityGroup(List<SecurityGroup> secGroups, OLATResource... resources) {
+ }
+
+ @Test
+ public void testGetPoliciesOfResource() {
+ //public List<Policy> getPoliciesOfResource(OLATResource resource, SecurityGroup secGroup) {
+ }
+
+ @Test
+ public void testGetPoliciesOfIdentity() {
+ //getPoliciesOfIdentity
+ }
+
+ @Test
+ public void testDeletePolicy() {
+ //public void deletePolicy(SecurityGroup secGroup, String permission, OLATResource resource) {
+ }
+
+ @Test
+ public void testDeletePolicies() {
+ //public boolean deletePolicies(Collection<SecurityGroup> secGroups, Collection<OLATResource> resources) {
+ }
}
diff --git a/src/test/java/org/olat/course/groupsandrights/CourseGroupManagementTest.java b/src/test/java/org/olat/course/groupsandrights/CourseGroupManagementTest.java
index 44cdb823ff0..9fff7458e0d 100644
--- a/src/test/java/org/olat/course/groupsandrights/CourseGroupManagementTest.java
+++ b/src/test/java/org/olat/course/groupsandrights/CourseGroupManagementTest.java
@@ -43,6 +43,7 @@ import org.olat.group.BusinessGroupService;
import org.olat.group.area.BGArea;
import org.olat.group.area.BGAreaManager;
import org.olat.group.right.BGRightManager;
+import org.olat.group.right.BGRightsRole;
import org.olat.resource.OLATResource;
import org.olat.test.JunitTestHelper;
import org.olat.test.OlatTestCase;
@@ -120,10 +121,10 @@ public class CourseGroupManagementTest extends OlatTestCase {
securityManager.addIdentityToSecurityGroup(id1, g4.getPartipiciantGroup());
securityManager.addIdentityToSecurityGroup(id3, g4.getPartipiciantGroup());
// rights
- rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g3);
- rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g3);
- rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g4);
- rightManager.addBGRight(CourseRights.RIGHT_GROUPMANAGEMENT, g4);
+ rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g3, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g3, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g4, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_GROUPMANAGEMENT, g4, BGRightsRole.participant);
DBFactory.getInstance().closeSession(); // simulate user clicks
@@ -194,10 +195,10 @@ public class CourseGroupManagementTest extends OlatTestCase {
securityManager.addIdentityToSecurityGroup(id1, g4.getPartipiciantGroup());
securityManager.addIdentityToSecurityGroup(id3, g4.getPartipiciantGroup());
// rights
- rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g3);
- rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g3);
- rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g4);
- rightManager.addBGRight(CourseRights.RIGHT_GROUPMANAGEMENT, g4);
+ rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g3, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g3, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g4, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_GROUPMANAGEMENT, g4, BGRightsRole.participant);
DBFactory.getInstance().closeSession(); // simulate user clicks
diff --git a/src/test/java/org/olat/group/test/BGRightManagerTest.java b/src/test/java/org/olat/group/test/BGRightManagerTest.java
index 545f6873f16..8ab0397b468 100644
--- a/src/test/java/org/olat/group/test/BGRightManagerTest.java
+++ b/src/test/java/org/olat/group/test/BGRightManagerTest.java
@@ -29,6 +29,7 @@ package org.olat.group.test;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
+import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.UUID;
@@ -41,15 +42,15 @@ import org.junit.Before;
import org.junit.Test;
import org.olat.basesecurity.BaseSecurity;
import org.olat.basesecurity.Policy;
-import org.olat.basesecurity.SecurityGroup;
import org.olat.core.commons.persistence.DB;
import org.olat.core.commons.persistence.DBFactory;
import org.olat.core.id.Identity;
-import org.olat.core.logging.AssertException;
import org.olat.course.groupsandrights.CourseRights;
import org.olat.group.BusinessGroup;
import org.olat.group.BusinessGroupService;
import org.olat.group.right.BGRightManager;
+import org.olat.group.right.BGRights;
+import org.olat.group.right.BGRightsRole;
import org.olat.resource.OLATResource;
import org.olat.test.JunitTestHelper;
import org.olat.test.OlatTestCase;
@@ -116,18 +117,44 @@ public class BGRightManagerTest extends OlatTestCase {
public void addRight() {
OLATResource c1 = JunitTestHelper.createRandomResource();
BusinessGroup g1 = businessGroupService.createBusinessGroup(null, "addRight", null, -1, -1, false, false, c1);
- rightManager.addBGRight("test-right", g1);
+ rightManager.addBGRight("test-right", g1, BGRightsRole.participant);
+ dbInstance.commitAndCloseSession();
+ }
+
+ @Test
+ public void addRightWithResource() {
+ OLATResource c1 = JunitTestHelper.createRandomResource();
+ BusinessGroup g1 = businessGroupService.createBusinessGroup(null, "addRight", null, -1, -1, false, false, c1);
+ rightManager.addBGRight("test-right", g1, c1, BGRightsRole.participant);
dbInstance.commitAndCloseSession();
}
@Test
public void hasBGRight() {
//create a right for the identity
- Identity identity = JunitTestHelper.createAndPersistIdentityAsUser("has-right-" + UUID.randomUUID().toString());
+ Identity identity = JunitTestHelper.createAndPersistIdentityAsUser("has-right-1-" + UUID.randomUUID().toString());
+ OLATResource resource = JunitTestHelper.createRandomResource();
+ BusinessGroup group = businessGroupService.createBusinessGroup(null, "hasBGRight", null, -1, -1, false, false, resource);
+ securityManager.addIdentityToSecurityGroup(identity, group.getPartipiciantGroup());
+ rightManager.addBGRight("bgr.has-right", group, BGRightsRole.participant);
+ dbInstance.commitAndCloseSession();
+
+ //check if the right is set
+ boolean right = rightManager.hasBGRight("bgr.has-right", identity, resource);
+ Assert.assertTrue(right);
+ //check if a dummy is not set
+ boolean notright = rightManager.hasBGRight("bgrblabla", identity, resource);
+ Assert.assertFalse(notright);
+ }
+
+ @Test
+ public void hasBGRightWithResource_participant() {
+ //create a right for the identity
+ Identity identity = JunitTestHelper.createAndPersistIdentityAsUser("has-right-2-" + UUID.randomUUID().toString());
OLATResource resource = JunitTestHelper.createRandomResource();
BusinessGroup group = businessGroupService.createBusinessGroup(null, "hasBGRight", null, -1, -1, false, false, resource);
securityManager.addIdentityToSecurityGroup(identity, group.getPartipiciantGroup());
- rightManager.addBGRight("bgr.has-right", group);
+ rightManager.addBGRight("bgr.has-right", group, resource, BGRightsRole.participant);
dbInstance.commitAndCloseSession();
//check if the right is set
@@ -138,6 +165,75 @@ public class BGRightManagerTest extends OlatTestCase {
Assert.assertFalse(notright);
}
+ @Test
+ public void hasBGRightWithResource_tutor() {
+ //create 2 rights for the identity
+ Identity identity = JunitTestHelper.createAndPersistIdentityAsUser("tp-rights-" + UUID.randomUUID().toString());
+ OLATResource resource = JunitTestHelper.createRandomResource();
+ BusinessGroup group = businessGroupService.createBusinessGroup(null, "tpBGRight", null, -1, -1, false, false, resource);
+ securityManager.addIdentityToSecurityGroup(identity, group.getOwnerGroup());
+ rightManager.addBGRight("bgr.right1", group, resource, BGRightsRole.tutor);
+ dbInstance.commitAndCloseSession();
+
+ //check if the rights are set
+ List<String> rights = rightManager.findBGRights(group, BGRightsRole.tutor);
+ Assert.assertEquals(1, rights.size());
+ Assert.assertTrue(rightManager.hasBGRight("bgr.right1", identity, resource));
+ }
+
+ @Test
+ public void hasBGRightWithResource_tutor_asParticipant() {
+ //create 2 rights for the identity
+ Identity identity = JunitTestHelper.createAndPersistIdentityAsUser("tp-rights-" + UUID.randomUUID().toString());
+ OLATResource resource = JunitTestHelper.createRandomResource();
+ BusinessGroup group = businessGroupService.createBusinessGroup(null, "tpBGRight", null, -1, -1, false, false, resource);
+ securityManager.addIdentityToSecurityGroup(identity, group.getPartipiciantGroup());
+ rightManager.addBGRight("bgr.right1", group, resource, BGRightsRole.tutor);
+ dbInstance.commitAndCloseSession();
+
+ //check if the rights are set
+ List<String> rights = rightManager.findBGRights(group, BGRightsRole.tutor);
+ Assert.assertEquals(1, rights.size());
+ Assert.assertTrue(rights.contains("bgr.right1"));
+ //check that a participant cannot have a tutor right
+ Assert.assertFalse(rightManager.hasBGRight("bgr.right1", identity, resource));
+ }
+
+ @Test
+ public void hasBGRightWithResource_tutor_participant() {
+ //create 2 rights for the three identities
+ Identity id1 = JunitTestHelper.createAndPersistIdentityAsUser("tp-rights-" + UUID.randomUUID().toString());
+ Identity id2 = JunitTestHelper.createAndPersistIdentityAsUser("tp-rights-" + UUID.randomUUID().toString());
+ Identity id3 = JunitTestHelper.createAndPersistIdentityAsUser("tp-rights-" + UUID.randomUUID().toString());
+ OLATResource resource = JunitTestHelper.createRandomResource();
+ BusinessGroup group = businessGroupService.createBusinessGroup(null, "tpBGRight", null, -1, -1, false, false, resource);
+ securityManager.addIdentityToSecurityGroup(id1, group.getPartipiciantGroup());
+ securityManager.addIdentityToSecurityGroup(id2, group.getOwnerGroup());
+ securityManager.addIdentityToSecurityGroup(id2, group.getPartipiciantGroup());
+ securityManager.addIdentityToSecurityGroup(id3, group.getOwnerGroup());
+ rightManager.addBGRight("bgr.right1", group, resource, BGRightsRole.tutor);
+ rightManager.addBGRight("bgr.right2", group, resource, BGRightsRole.participant);
+ dbInstance.commitAndCloseSession();
+
+ //check if the rights are set
+ List<String> tutorRights = rightManager.findBGRights(group, BGRightsRole.tutor);
+ Assert.assertEquals(1, tutorRights.size());
+ Assert.assertEquals("bgr.right1", tutorRights.get(0));
+ List<String> participantRights = rightManager.findBGRights(group, BGRightsRole.participant);
+ Assert.assertEquals(1, participantRights.size());
+ Assert.assertEquals("bgr.right2", participantRights.get(0));
+
+ //id1 -> right2
+ Assert.assertFalse(rightManager.hasBGRight("bgr.right1", id1, resource));
+ Assert.assertTrue(rightManager.hasBGRight("bgr.right2", id1, resource));
+ //id2 -> right1 and right2
+ Assert.assertTrue(rightManager.hasBGRight("bgr.right1", id2, resource));
+ Assert.assertTrue(rightManager.hasBGRight("bgr.right2", id2, resource));
+ //id3 -> right2
+ Assert.assertTrue(rightManager.hasBGRight("bgr.right1", id3, resource));
+ Assert.assertFalse(rightManager.hasBGRight("bgr.right2", id3, resource));
+ }
+
@Test
public void findBGRights() {
//create 2 rights for the identity
@@ -145,12 +241,12 @@ public class BGRightManagerTest extends OlatTestCase {
OLATResource resource = JunitTestHelper.createRandomResource();
BusinessGroup group = businessGroupService.createBusinessGroup(null, "findBGRights", null, -1, -1, false, false, resource);
securityManager.addIdentityToSecurityGroup(identity, group.getPartipiciantGroup());
- rightManager.addBGRight("bgr.findright1", group);
- rightManager.addBGRight("bgr.findright2", group);
+ rightManager.addBGRight("bgr.findright1", group, BGRightsRole.participant);
+ rightManager.addBGRight("bgr.findright2", group, BGRightsRole.participant);
dbInstance.commitAndCloseSession();
//check if the rights are set
- List<String> rights = rightManager.findBGRights(group);
+ List<String> rights = rightManager.findBGRights(group, BGRightsRole.participant);
Assert.assertNotNull(rights);
Assert.assertEquals(2, rights.size());
Assert.assertTrue(rights.contains("bgr.findright1"));
@@ -158,23 +254,23 @@ public class BGRightManagerTest extends OlatTestCase {
}
@Test
- public void countBGRights() {
+ public void hasBGRights() {
//create 2 rights for the identity
Identity identity = JunitTestHelper.createAndPersistIdentityAsUser("find-rights-" + UUID.randomUUID().toString());
OLATResource resource = JunitTestHelper.createRandomResource();
BusinessGroup group = businessGroupService.createBusinessGroup(null, "findBGRights", null, -1, -1, false, false, resource);
securityManager.addIdentityToSecurityGroup(identity, group.getPartipiciantGroup());
- rightManager.addBGRight("bgr.findright1", group);
- rightManager.addBGRight("bgr.findright2", group);
+ rightManager.addBGRight("bgr.findright1", group, BGRightsRole.participant);
+ rightManager.addBGRight("bgr.findright2", group, BGRightsRole.participant);
dbInstance.commitAndCloseSession();
//check with an empty list
- int numOfRights1 = rightManager.countBGRight(Collections.<BusinessGroup>emptyList());
- Assert.assertEquals(0, numOfRights1);
+ boolean hasRights1 = rightManager.hasBGRight(Collections.<BusinessGroup>emptyList());
+ Assert.assertFalse(hasRights1);
//check if the rights are set
- int numOfRights2 = rightManager.countBGRight(Collections.singletonList(group));
- Assert.assertEquals(2, numOfRights2);
+ boolean hasRights2 = rightManager.hasBGRight(Collections.singletonList(group));
+ Assert.assertTrue(hasRights2);
}
@Test
@@ -184,40 +280,172 @@ public class BGRightManagerTest extends OlatTestCase {
OLATResource resource = JunitTestHelper.createRandomResource();
BusinessGroup group = businessGroupService.createBusinessGroup(null, "removeBGRight", null, -1, -1, false, false, resource);
securityManager.addIdentityToSecurityGroup(identity, group.getPartipiciantGroup());
- rightManager.addBGRight("bgr.removeright1", group);
- rightManager.addBGRight("bgr.removeright2", group);
+ rightManager.addBGRight("bgr.removeright1", group, BGRightsRole.participant);
+ rightManager.addBGRight("bgr.removeright2", group, BGRightsRole.participant);
dbInstance.commitAndCloseSession();
//check if the rights are set
- List<String> rights = rightManager.findBGRights(group);
+ List<String> rights = rightManager.findBGRights(group, BGRightsRole.participant);
Assert.assertEquals(2, rights.size());
Assert.assertTrue(rightManager.hasBGRight("bgr.removeright1", identity, resource));
Assert.assertTrue(rightManager.hasBGRight("bgr.removeright2", identity, resource));
//remove right 1
- rightManager.removeBGRight("bgr.removeright1", group);
+ rightManager.removeBGRight("bgr.removeright1", group, resource, BGRightsRole.participant);
dbInstance.commitAndCloseSession();
//check if there is only 1 right
- List<String> rightsAfterDelete = rightManager.findBGRights(group);
+ List<String> rightsAfterDelete = rightManager.findBGRights(group, BGRightsRole.participant);
Assert.assertEquals(1, rightsAfterDelete.size());
Assert.assertTrue(rightsAfterDelete.contains("bgr.removeright2"));
Assert.assertFalse(rightManager.hasBGRight("bgr.removeright1", identity, resource));
Assert.assertTrue(rightManager.hasBGRight("bgr.removeright2", identity, resource));
}
- @Test(expected=AssertException.class)
+ @Test
+ public void removeBGRightWithResources_permissionBased() {
+ //create 2 rights for the identity
+ Identity tutor = JunitTestHelper.createAndPersistIdentityAsUser("remove-rights-" + UUID.randomUUID().toString());
+ Identity participant = JunitTestHelper.createAndPersistIdentityAsUser("remove-rights-" + UUID.randomUUID().toString());
+ OLATResource resource1 = JunitTestHelper.createRandomResource();
+ OLATResource resource2 = JunitTestHelper.createRandomResource();
+
+ BusinessGroup group = businessGroupService.createBusinessGroup(null, "removeBGRight", null, -1, -1, false, false, resource1);
+ businessGroupService.addResourceTo(group, resource2);
+ securityManager.addIdentityToSecurityGroup(tutor, group.getOwnerGroup());
+ securityManager.addIdentityToSecurityGroup(participant, group.getPartipiciantGroup());
+ rightManager.addBGRight("bgr.removeright1", group, resource1, BGRightsRole.tutor);
+ rightManager.addBGRight("bgr.removeright2", group, resource1, BGRightsRole.participant);
+ rightManager.addBGRight("bgr.dontrmght3", group, resource2, BGRightsRole.tutor);
+ rightManager.addBGRight("bgr.dontrmght4", group, resource2, BGRightsRole.participant);
+ dbInstance.commitAndCloseSession();
+
+ //check if the rights are set
+ List<String> rights = rightManager.findBGRights(group, BGRightsRole.participant);
+ Assert.assertEquals(2, rights.size());
+ Assert.assertFalse(rightManager.hasBGRight("bgr.removeright1", participant, resource1));
+ Assert.assertTrue(rightManager.hasBGRight("bgr.removeright2", participant, resource1));
+
+ //remove tutor right 1
+ rightManager.removeBGRight("bgr.removeright1", group, resource1, BGRightsRole.tutor);
+ dbInstance.commitAndCloseSession();
+
+ //check if there is only 1 right
+ List<String> participantRights = rightManager.findBGRights(group, BGRightsRole.participant);
+ Assert.assertEquals(2, participantRights.size());
+
+ //remove participant right 2
+ rightManager.removeBGRight("bgr.removeright2", group, resource1, BGRightsRole.participant);
+ dbInstance.commitAndCloseSession();
+
+ //check tutor rights
+ List<String> tutorRights = rightManager.findBGRights(group, BGRightsRole.tutor);
+ Assert.assertEquals(1, tutorRights.size());
+ Assert.assertTrue(tutorRights.contains("bgr.dontrmght3"));
+
+ List<String> participantRights_2 = rightManager.findBGRights(group, BGRightsRole.participant);
+ Assert.assertEquals(1, participantRights_2.size());
+ Assert.assertTrue(participantRights_2.contains("bgr.dontrmght4"));
+ }
+
+
+ @Test
+ public void removeBGRightWithResources() {
+ //create 2 rights for the identity
+ Identity tutor = JunitTestHelper.createAndPersistIdentityAsUser("remove-rights-" + UUID.randomUUID().toString());
+ Identity participant = JunitTestHelper.createAndPersistIdentityAsUser("remove-rights-" + UUID.randomUUID().toString());
+ OLATResource resource1 = JunitTestHelper.createRandomResource();
+ OLATResource resource2 = JunitTestHelper.createRandomResource();
+
+ BusinessGroup group = businessGroupService.createBusinessGroup(null, "removeBGRight", null, -1, -1, false, false, resource1);
+ businessGroupService.addResourceTo(group, resource2);
+ securityManager.addIdentityToSecurityGroup(tutor, group.getOwnerGroup());
+ securityManager.addIdentityToSecurityGroup(participant, group.getPartipiciantGroup());
+ rightManager.addBGRight("bgr.removeright1", group, resource1, BGRightsRole.tutor);
+ rightManager.addBGRight("bgr.removeright2", group, resource1, BGRightsRole.participant);
+ rightManager.addBGRight("bgr.dontrmght3", group, resource2, BGRightsRole.tutor);
+ rightManager.addBGRight("bgr.dontrmght4", group, resource2, BGRightsRole.participant);
+ dbInstance.commitAndCloseSession();
+
+ //check if the rights are set
+ List<String> rights = rightManager.findBGRights(group, BGRightsRole.participant);
+ Assert.assertEquals(2, rights.size());
+ Assert.assertFalse(rightManager.hasBGRight("bgr.removeright1", participant, resource1));
+ Assert.assertTrue(rightManager.hasBGRight("bgr.removeright2", participant, resource1));
+
+ //remove tutor right 1
+ rightManager.removeBGRights(group, resource1, BGRightsRole.tutor);
+ dbInstance.commitAndCloseSession();
+
+ //check if there is only 1 right
+ List<String> participantRights = rightManager.findBGRights(group, BGRightsRole.participant);
+ Assert.assertEquals(2, participantRights.size());
+
+ //remove participant right 2
+ rightManager.removeBGRights(group, resource1, BGRightsRole.participant);
+ dbInstance.commitAndCloseSession();
+
+ //check tutor rights
+ List<String> tutorRights = rightManager.findBGRights(group, BGRightsRole.tutor);
+ Assert.assertEquals(1, tutorRights.size());
+ Assert.assertTrue(tutorRights.contains("bgr.dontrmght3"));
+
+ List<String> participantRights_2 = rightManager.findBGRights(group, BGRightsRole.participant);
+ Assert.assertEquals(1, participantRights_2.size());
+ Assert.assertTrue(participantRights_2.contains("bgr.dontrmght4"));
+ }
+
+ @Test
+ public void findBGRights_wrapped() {
+ //create
+ OLATResource resource1 = JunitTestHelper.createRandomResource();
+ OLATResource resource2 = JunitTestHelper.createRandomResource();
+ OLATResource resource3 = JunitTestHelper.createRandomResource();
+
+ BusinessGroup group1 = businessGroupService.createBusinessGroup(null, "findRights", null, -1, -1, false, false, resource1);
+ businessGroupService.addResourceTo(group1, resource2);
+ BusinessGroup group2 = businessGroupService.createBusinessGroup(null, "findRights", null, -1, -1, false, false, resource3);
+
+ rightManager.addBGRight("bgr.fr1", group1, resource1, BGRightsRole.tutor);
+ rightManager.addBGRight("bgr.fr2", group1, resource1, BGRightsRole.participant);
+ rightManager.addBGRight("bgr.fr3", group2, resource1, BGRightsRole.tutor);
+ rightManager.addBGRight("bgr.fr4", group2, resource2, BGRightsRole.tutor);
+ rightManager.addBGRight("bgr.fr5", group2, resource3, BGRightsRole.participant);
+ dbInstance.commitAndCloseSession();
+
+ //check
+ List<BGRights> rights1_1 = rightManager.findBGRights(Collections.singletonList(group1), resource1);
+ Assert.assertNotNull(rights1_1);
+ Assert.assertEquals(2, rights1_1.size());
+
+ List<BGRights> rights2_2 = rightManager.findBGRights(Collections.singletonList(group2), resource2);
+ Assert.assertNotNull(rights2_2);
+ Assert.assertEquals(1, rights2_2.size());
+
+ List<BGRights> rights2_3 = rightManager.findBGRights(Collections.singletonList(group2), resource3);
+ Assert.assertNotNull(rights2_3);
+ Assert.assertEquals(1, rights2_3.size());
+
+ List<BusinessGroup> groups = new ArrayList<BusinessGroup>();
+ groups.add(group1);
+ groups.add(group2);
+ List<BGRights> rightsAll_1 = rightManager.findBGRights(groups, resource1);
+ Assert.assertNotNull(rightsAll_1);
+ Assert.assertEquals(3, rightsAll_1.size());
+ }
+
+ @Test
public void removeUnkownRight() {
//create 2 rights for the identity
Identity identity = JunitTestHelper.createAndPersistIdentityAsUser("remove-rights-" + UUID.randomUUID().toString());
OLATResource resource = JunitTestHelper.createRandomResource();
BusinessGroup group = businessGroupService.createBusinessGroup(null, "removeBGRight", null, -1, -1, false, false, resource);
securityManager.addIdentityToSecurityGroup(identity, group.getPartipiciantGroup());
- rightManager.addBGRight("bgr.removeright1", group);
+ rightManager.addBGRight("bgr.removeright1", group, BGRightsRole.participant);
dbInstance.commitAndCloseSession();
//remove a dummy right which doesn't exists
- rightManager.removeBGRight("bgr.removeblabla", group);
+ rightManager.removeBGRight("bgr.removeblabla", group, resource, BGRightsRole.participant);
}
/** BGContextManagerImpl:deleteBGContext() * */
@@ -235,18 +463,12 @@ public class BGRightManagerTest extends OlatTestCase {
securityManager.addIdentityToSecurityGroup(id1, g2.getPartipiciantGroup());
securityManager.addIdentityToSecurityGroup(id3, g3.getPartipiciantGroup());
- rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g1);
- rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g1);
- rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g2);
- rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g3);
+ rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g1, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g1, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_ARCHIVING, g2, BGRightsRole.participant);
+ rightManager.addBGRight(CourseRights.RIGHT_COURSEEDITOR, g3, BGRightsRole.participant);
DBFactory.getInstance().closeSession(); // simulate user clicks
- List<SecurityGroup> groups = securityManager.getGroupsWithPermissionOnOlatResourceable(CourseRights.RIGHT_ARCHIVING, c1);
- Assert.assertEquals(2, groups.size());
-
- List<Identity> identities = securityManager.getIdentitiesWithPermissionOnOlatResourceable(CourseRights.RIGHT_ARCHIVING, c1);
- Assert.assertEquals(2, identities.size());
-
List<Policy> policies = securityManager.getPoliciesOfSecurityGroup(g1.getPartipiciantGroup());
Assert.assertEquals(4, policies.size()); // read, parti, archiving, courseeditor
@@ -265,21 +487,21 @@ public class BGRightManagerTest extends OlatTestCase {
* assertTrue(rm.hasBGRight(CourseRights.RIGHT_ARCHIVING, g2));
* assertFalse(rm.hasBGRight(CourseRights.RIGHT_GROUPMANAGEMENT, g1));
*/
- Assert.assertEquals(2, rightManager.findBGRights(g1).size());
- Assert.assertEquals(1, rightManager.findBGRights(g2).size());
+ Assert.assertEquals(2, rightManager.findBGRights(g1, BGRightsRole.participant).size());
+ Assert.assertEquals(1, rightManager.findBGRights(g2, BGRightsRole.participant).size());
DBFactory.getInstance().closeSession(); // simulate user clicks
- rightManager.removeBGRight(CourseRights.RIGHT_ARCHIVING, g1);
- rightManager.removeBGRight(CourseRights.RIGHT_COURSEEDITOR, g1);
- rightManager.removeBGRight(CourseRights.RIGHT_ARCHIVING, g2);
- rightManager.removeBGRight(CourseRights.RIGHT_COURSEEDITOR, g3);
+ rightManager.removeBGRight(CourseRights.RIGHT_ARCHIVING, g1, c1, BGRightsRole.participant);
+ rightManager.removeBGRight(CourseRights.RIGHT_COURSEEDITOR, g1, c1, BGRightsRole.participant);
+ rightManager.removeBGRight(CourseRights.RIGHT_ARCHIVING, g2, c1, BGRightsRole.participant);
+ rightManager.removeBGRight(CourseRights.RIGHT_COURSEEDITOR, g3, c2, BGRightsRole.participant);
DBFactory.getInstance().closeSession(); // simulate user clicks
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_ARCHIVING, id1, c1));
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_ARCHIVING, id2, c1));
assertFalse(rightManager.hasBGRight(CourseRights.RIGHT_COURSEEDITOR, id3, c2));
- Assert.assertEquals(0, rightManager.findBGRights(g1).size());
- Assert.assertEquals(0, rightManager.findBGRights(g2).size());
+ Assert.assertEquals(0, rightManager.findBGRights(g1, BGRightsRole.participant).size());
+ Assert.assertEquals(0, rightManager.findBGRights(g2, BGRightsRole.participant).size());
}
}
\ No newline at end of file
--
GitLab