/**
   * Assessment notification rights check.<br>
   * Tests if an <code>Identity</code> can subscribe for assessment notification for the specified
   * <code>ICourse</code>.<br>
   * <br>
   * <b>PRE CONDITIONS</b>
   *
   * <ul>
   *   <li><code>course != null</code>
   * </ul>
   *
   * @param ident the identity to check rights for. Can be <code>null</code>
   * @param course the course to check rights against
   * @return if <code>ident == null</code> this method always returns false; otherwise subscriptions
   *     rights are met only by course administrators and course coaches
   */
  private boolean canSubscribeForAssessmentNotification(Identity ident, ICourse course) {
    if (ident == null) return false;

    CourseGroupManager grpMan = course.getCourseEnvironment().getCourseGroupManager();

    boolean isInstitutionalResourceManager =
        BaseSecurityManager.getInstance()
            .isIdentityInSecurityGroup(
                ident,
                BaseSecurityManager.getInstance()
                    .findSecurityGroupByName(Constants.GROUP_INST_ORES_MANAGER));
    return isInstitutionalResourceManager
        || grpMan.isIdentityCourseAdministrator(ident)
        || grpMan.isIdentityCourseCoach(ident)
        || grpMan.hasRight(ident, CourseRights.RIGHT_ASSESSMENT);
  }
 /**
  * @see org.olat.search.service.indexer.Indexer#checkAccess(org.olat.core.id.context.ContextEntry,
  *     org.olat.core.id.context.BusinessControl, org.olat.core.id.Identity,
  *     org.olat.core.id.Roles)
  */
 @Override
 public boolean checkAccess(
     final ContextEntry contextEntry,
     final BusinessControl businessControl,
     final Identity identity,
     final Roles roles) {
   // TODO:chg: check with collabTools if forum is enabled
   final ContextEntry ce = businessControl.popLauncherContextEntry();
   final Long resourceableId = ce.getOLATResourceable().getResourceableId();
   final Message message = ForumManager.getInstance().loadMessage(resourceableId);
   Message threadtop = message.getThreadtop();
   if (threadtop == null) {
     threadtop = message;
   }
   final boolean isMessageHidden = Status.getStatus(threadtop.getStatusCode()).isHidden();
   // assumes that if is owner then is moderator so it is allowed to see the hidden forum threads
   // TODO: (LD) fix this!!!
   // here it is checked if the identity is owner of the forum tool but it has no way to find out
   // whether is owner of the group that owns the forum tool
   final boolean isOwner =
       BaseSecurityManager.getInstance()
           .isIdentityPermittedOnResourceable(
               identity, Constants.PERMISSION_ACCESS, contextEntry.getOLATResourceable());
   if (isMessageHidden && !isOwner) {
     return false;
   }
   return true;
 }
  @Override
  protected void event(UserRequest ureq, Controller source, Event event) {
    if (event instanceof OpenAuthorProfilEvent) {
      OpenAuthorProfilEvent uriEvent = (OpenAuthorProfilEvent) event;
      Long identityKey = uriEvent.getKey();
      if (identityKey == null) return;
      final Identity identity =
          BaseSecurityManager.getInstance().loadIdentityByKey(identityKey, false);
      if (identity == null) return;
      final HomePageConfig homePageConfig =
          HomePageConfigManagerImpl.getInstance().loadConfigFor(identity.getName());

      ControllerCreator ctrlCreator =
          new ControllerCreator() {
            public Controller createController(UserRequest lureq, WindowControl lwControl) {
              HomePageDisplayController homePageCtrl =
                  new HomePageDisplayController(lureq, lwControl, identity, homePageConfig);
              LayoutMain3ColsController layoutCtr =
                  new LayoutMain3ColsController(
                      lureq, lwControl, null, null, homePageCtrl.getInitialComponent(), null);
              // dispose glossary on layout dispose
              layoutCtr.addDisposableChildController(homePageCtrl);
              return layoutCtr;
            }
          };

      ControllerCreator layoutCtrlr =
          BaseFullWebappPopupLayoutFactory.createAuthMinimalPopupLayout(ureq, ctrlCreator);
      // open in new browser window
      openInNewBrowserWindow(ureq, layoutCtrlr);
      return; // immediate return after opening new browser window!
    } else {
      super.event(ureq, source, event);
    }
  }
Beispiel #4
0
 private void doNoLockingEnrol(Identity i, SecurityGroup group) {
   // check that below max
   try {
     StringBuilder sb = new StringBuilder();
     int cnt = BaseSecurityManager.getInstance().countIdentitiesOfSecurityGroup(group);
     sb.append("enrol:cnt:" + cnt);
     if (cnt < MAX_COUNT) {
       // now sleep a while to allow others to think also that there is still space left in the
       // group
       sleep(100);
       // now add the user to the security group
       sb.append(" adding " + i.getName() + ": current.. " + cnt + ", max = " + MAX_COUNT);
       BaseSecurityManager.getInstance().addIdentityToSecurityGroup(i, group);
     }
     log.info(sb.toString());
   } catch (Exception e) {
     log.error("", e);
   }
 }
 @Override
 public Object getValueAt(final int row, final int col) {
   final MediaFileElement entry = getEntryAt(row);
   switch (col) {
     case 0:
       final String filename = entry.getFilename();
       if (filename.length() > 40) {
         if (filename.endsWith(WikiMainController.METADATA_SUFFIX)) {
           return entry.getFilename().substring(0, 40) + WikiMainController.METADATA_SUFFIX;
         }
         return entry.getFilename().substring(0, 40) + "...";
       }
       return entry.getFilename();
     case 1:
       final long identKey = entry.getCreatedBy();
       if (identKey == 0) {
         return "---";
       }
       return BaseSecurityManager.getInstance().loadIdentityByKey(identKey).getName();
     case 2:
       return formatter.formatDateAndTime(new Date(entry.getCreationDate()));
     case 3:
       final long key = entry.getDeletedBy();
       if (key == 0) {
         return "---";
       }
       return BaseSecurityManager.getInstance().loadIdentityByKey(key).getName();
     case 4:
       final long delDate = entry.getDeletionDate();
       if (delDate == 0) {
         return "---";
       }
       return formatter.formatDateAndTime(new Date(delDate));
     default:
       return "ERROR";
   }
 }
Beispiel #6
0
 /** @return The name of the modifier */
 public String getModifier() {
   String modifierName = null;
   if (modifierKey > 0) {
     Identity identity = BaseSecurityManager.getInstance().loadIdentityByKey(modifierKey, false);
     if (identity != null) {
       User user = identity.getUser();
       if (user == null) {
         modifierName = modifier = identity.getName();
       } else {
         modifierName =
             modifier = CoreSpringFactory.getImpl(UserManager.class).getUserDisplayName(identity);
       }
     }
   }
   if (modifierName == null && StringHelper.containsNonWhitespace(modifier)) {
     modifierName = modifier;
   }
   return modifierName;
 }
  private UserSession afterAuthorization(Identity identity, HttpServletRequest request) {
    UserSession usess = sessionManager.getUserSession(request);
    synchronized (usess) {
      // double check to prevent severals concurrent login
      if (usess.isAuthenticated()) {
        return usess;
      }

      sessionManager.signOffAndClear(usess);
      usess.setIdentity(identity);
      UserDeletionManager.getInstance().setIdentityAsActiv(identity);
      // set the roles (admin, author, guest)
      Roles roles = BaseSecurityManager.getInstance().getRoles(identity);
      usess.setRoles(roles);
      // set session info
      SessionInfo sinfo =
          new SessionInfo(identity.getKey(), identity.getName(), request.getSession());
      User usr = identity.getUser();
      sinfo.setFirstname(usr.getProperty(UserConstants.FIRSTNAME, null));
      sinfo.setLastname(usr.getProperty(UserConstants.LASTNAME, null));

      String remoteAddr = request.getRemoteAddr();
      sinfo.setFromIP(remoteAddr);
      sinfo.setFromFQN(remoteAddr);
      try {
        InetAddress[] iaddr = InetAddress.getAllByName(request.getRemoteAddr());
        if (iaddr.length > 0) sinfo.setFromFQN(iaddr[0].getHostName());
      } catch (UnknownHostException e) {
        // ok, already set IP as FQDN
      }
      sinfo.setAuthProvider(BaseSecurityModule.getDefaultAuthProviderIdentifier());
      sinfo.setUserAgent(request.getHeader("User-Agent"));
      sinfo.setSecure(request.isSecure());
      sinfo.setWebDAV(true);
      sinfo.setWebModeFromUreq(null);
      // set session info for this session
      usess.setSessionInfo(sinfo);
      //
      sessionManager.signOn(usess);
      return usess;
    }
  }
Beispiel #8
0
 /** @return The name of the author */
 public String getAuthor() {
   String authorName = null;
   if (authorKey > 0) {
     Identity identity = BaseSecurityManager.getInstance().loadIdentityByKey(authorKey, false);
     if (identity != null) {
       User user = identity.getUser();
       if (user == null) {
         authorName = author = identity.getName();
       } else {
         authorName =
             author =
                 user.getProperty(UserConstants.FIRSTNAME, null)
                     + " "
                     + user.getProperty(UserConstants.LASTNAME, null);
       }
     }
   }
   if (authorName == null && StringHelper.containsNonWhitespace(author)) {
     authorName = author;
   }
   return authorName;
 }
  /**
   * @see org.olat.course.nodes.GenericCourseNode#importNode(java.io.File, org.olat.course.ICourse,
   *     org.olat.core.gui.UserRequest, org.olat.core.gui.control.WindowControl)
   */
  @Override
  public Controller importNode(
      final File importDirectory,
      final ICourse course,
      final boolean unattendedImport,
      final UserRequest ureq,
      final WindowControl wControl) {
    final File importSubdir = new File(importDirectory, getIdent());
    final RepositoryEntryImportExport rie = new RepositoryEntryImportExport(importSubdir);
    if (!rie.anyExportedPropertiesAvailable()) {
      return null;
    }

    // do import referenced repository entries
    if (unattendedImport) {
      final Identity admin = BaseSecurityManager.getInstance().findIdentityByName("administrator");
      ImportReferencesController.doImport(
          rie, this, ImportReferencesController.IMPORT_WIKI, true, admin);
      return null;
    } else {
      return new ImportReferencesController(
          ureq, wControl, this, ImportReferencesController.IMPORT_WIKI, rie);
    }
  }
Beispiel #10
0
  @Test
  public void testSync() {
    log.info("testing enrollment");
    //	 ------------------ now check with lock -------------------
    // create a group
    //	 create users
    final List<Identity> identities = new ArrayList<Identity>();
    for (int i = 0; i < MAX_COUNT + MAX_USERS_MORE; i++) {
      Identity id =
          JunitTestHelper.createAndPersistIdentityAsUser(
              "u-" + i + "-" + UUID.randomUUID().toString());
      identities.add(id);
      log.info("testSync: Identity=" + id.getName() + " created");
    }
    dbInstance.closeSession();

    final SecurityGroup group2 = BaseSecurityManager.getInstance().createAndPersistSecurityGroup();
    // make sure the lock has been written to the disk (tests for createOrFind see other methods)
    dbInstance.closeSession();

    // prepare threads
    int numOfThreads = MAX_COUNT + MAX_USERS_MORE;
    final CountDownLatch finishCount = new CountDownLatch(numOfThreads);

    // try to enrol all in the same group
    for (int i = 0; i < numOfThreads; i++) {
      final int j = i;
      new Thread(
              new Runnable() {
                public void run() {
                  try {
                    log.info("testSync: thread started j=" + j);
                    Identity id = identities.get(j);
                    //
                    PLock p2 = pessimisticLockManager.findOrPersistPLock("befinsert");
                    assertNotNull(p2);
                    doNoLockingEnrol(id, group2);
                    dbInstance.commit();
                    dbInstance.closeSession();
                  } catch (Exception e) {
                    e.printStackTrace();
                  } finally {
                    finishCount.countDown();
                  }
                }
              })
          .start();
    }

    try {
      finishCount.await(120, TimeUnit.SECONDS);
    } catch (InterruptedException e) {
      log.error("", e);
    }

    // now count
    dbInstance.closeSession();
    int cnt2 = BaseSecurityManager.getInstance().countIdentitiesOfSecurityGroup(group2);
    assertTrue(
        "cnt should be smaller or eq than allowed since synced with select for update. cnt:"
            + cnt2
            + ", max "
            + MAX_COUNT,
        cnt2 <= MAX_COUNT);
    assertTrue(
        "cnt should be eq to allowed since synced with select for update. cnt:"
            + cnt2
            + ", max "
            + MAX_COUNT,
        cnt2 == MAX_COUNT);
    log.info("cnt lock " + cnt2);
  }
 public WikiPageDocument() {
   super();
   identityManager = BaseSecurityManager.getInstance();
 }