/**
* Assessment notification rights check.<br>
* Tests if an <code>Identity</code> can subscribe for assessment notification for the specified
* <code>ICourse</code>.<br>
* <br>
* <b>PRE CONDITIONS</b>
*
* <ul>
* <li><code>course != null</code>
* </ul>
*
* @param ident the identity to check rights for. Can be <code>null</code>
* @param course the course to check rights against
* @return if <code>ident == null</code> this method always returns false; otherwise subscriptions
* rights are met only by course administrators and course coaches
*/
private boolean canSubscribeForAssessmentNotification(Identity ident, ICourse course) {
if (ident == null) return false;
CourseGroupManager grpMan = course.getCourseEnvironment().getCourseGroupManager();
boolean isInstitutionalResourceManager =
BaseSecurityManager.getInstance()
.isIdentityInSecurityGroup(
ident,
BaseSecurityManager.getInstance()
.findSecurityGroupByName(Constants.GROUP_INST_ORES_MANAGER));
return isInstitutionalResourceManager
|| grpMan.isIdentityCourseAdministrator(ident)
|| grpMan.isIdentityCourseCoach(ident)
|| grpMan.hasRight(ident, CourseRights.RIGHT_ASSESSMENT);
}
/**
* @see org.olat.search.service.indexer.Indexer#checkAccess(org.olat.core.id.context.ContextEntry,
* org.olat.core.id.context.BusinessControl, org.olat.core.id.Identity,
* org.olat.core.id.Roles)
*/
@Override
public boolean checkAccess(
final ContextEntry contextEntry,
final BusinessControl businessControl,
final Identity identity,
final Roles roles) {
// TODO:chg: check with collabTools if forum is enabled
final ContextEntry ce = businessControl.popLauncherContextEntry();
final Long resourceableId = ce.getOLATResourceable().getResourceableId();
final Message message = ForumManager.getInstance().loadMessage(resourceableId);
Message threadtop = message.getThreadtop();
if (threadtop == null) {
threadtop = message;
}
final boolean isMessageHidden = Status.getStatus(threadtop.getStatusCode()).isHidden();
// assumes that if is owner then is moderator so it is allowed to see the hidden forum threads
// TODO: (LD) fix this!!!
// here it is checked if the identity is owner of the forum tool but it has no way to find out
// whether is owner of the group that owns the forum tool
final boolean isOwner =
BaseSecurityManager.getInstance()
.isIdentityPermittedOnResourceable(
identity, Constants.PERMISSION_ACCESS, contextEntry.getOLATResourceable());
if (isMessageHidden && !isOwner) {
return false;
}
return true;
}
@Override
protected void event(UserRequest ureq, Controller source, Event event) {
if (event instanceof OpenAuthorProfilEvent) {
OpenAuthorProfilEvent uriEvent = (OpenAuthorProfilEvent) event;
Long identityKey = uriEvent.getKey();
if (identityKey == null) return;
final Identity identity =
BaseSecurityManager.getInstance().loadIdentityByKey(identityKey, false);
if (identity == null) return;
final HomePageConfig homePageConfig =
HomePageConfigManagerImpl.getInstance().loadConfigFor(identity.getName());
ControllerCreator ctrlCreator =
new ControllerCreator() {
public Controller createController(UserRequest lureq, WindowControl lwControl) {
HomePageDisplayController homePageCtrl =
new HomePageDisplayController(lureq, lwControl, identity, homePageConfig);
LayoutMain3ColsController layoutCtr =
new LayoutMain3ColsController(
lureq, lwControl, null, null, homePageCtrl.getInitialComponent(), null);
// dispose glossary on layout dispose
layoutCtr.addDisposableChildController(homePageCtrl);
return layoutCtr;
}
};
ControllerCreator layoutCtrlr =
BaseFullWebappPopupLayoutFactory.createAuthMinimalPopupLayout(ureq, ctrlCreator);
// open in new browser window
openInNewBrowserWindow(ureq, layoutCtrlr);
return; // immediate return after opening new browser window!
} else {
super.event(ureq, source, event);
}
}
private void doNoLockingEnrol(Identity i, SecurityGroup group) {
// check that below max
try {
StringBuilder sb = new StringBuilder();
int cnt = BaseSecurityManager.getInstance().countIdentitiesOfSecurityGroup(group);
sb.append("enrol:cnt:" + cnt);
if (cnt < MAX_COUNT) {
// now sleep a while to allow others to think also that there is still space left in the
// group
sleep(100);
// now add the user to the security group
sb.append(" adding " + i.getName() + ": current.. " + cnt + ", max = " + MAX_COUNT);
BaseSecurityManager.getInstance().addIdentityToSecurityGroup(i, group);
}
log.info(sb.toString());
} catch (Exception e) {
log.error("", e);
}
}
@Override
public Object getValueAt(final int row, final int col) {
final MediaFileElement entry = getEntryAt(row);
switch (col) {
case 0:
final String filename = entry.getFilename();
if (filename.length() > 40) {
if (filename.endsWith(WikiMainController.METADATA_SUFFIX)) {
return entry.getFilename().substring(0, 40) + WikiMainController.METADATA_SUFFIX;
}
return entry.getFilename().substring(0, 40) + "...";
}
return entry.getFilename();
case 1:
final long identKey = entry.getCreatedBy();
if (identKey == 0) {
return "---";
}
return BaseSecurityManager.getInstance().loadIdentityByKey(identKey).getName();
case 2:
return formatter.formatDateAndTime(new Date(entry.getCreationDate()));
case 3:
final long key = entry.getDeletedBy();
if (key == 0) {
return "---";
}
return BaseSecurityManager.getInstance().loadIdentityByKey(key).getName();
case 4:
final long delDate = entry.getDeletionDate();
if (delDate == 0) {
return "---";
}
return formatter.formatDateAndTime(new Date(delDate));
default:
return "ERROR";
}
}
/** @return The name of the modifier */
public String getModifier() {
String modifierName = null;
if (modifierKey > 0) {
Identity identity = BaseSecurityManager.getInstance().loadIdentityByKey(modifierKey, false);
if (identity != null) {
User user = identity.getUser();
if (user == null) {
modifierName = modifier = identity.getName();
} else {
modifierName =
modifier = CoreSpringFactory.getImpl(UserManager.class).getUserDisplayName(identity);
}
}
}
if (modifierName == null && StringHelper.containsNonWhitespace(modifier)) {
modifierName = modifier;
}
return modifierName;
}
private UserSession afterAuthorization(Identity identity, HttpServletRequest request) {
UserSession usess = sessionManager.getUserSession(request);
synchronized (usess) {
// double check to prevent severals concurrent login
if (usess.isAuthenticated()) {
return usess;
}
sessionManager.signOffAndClear(usess);
usess.setIdentity(identity);
UserDeletionManager.getInstance().setIdentityAsActiv(identity);
// set the roles (admin, author, guest)
Roles roles = BaseSecurityManager.getInstance().getRoles(identity);
usess.setRoles(roles);
// set session info
SessionInfo sinfo =
new SessionInfo(identity.getKey(), identity.getName(), request.getSession());
User usr = identity.getUser();
sinfo.setFirstname(usr.getProperty(UserConstants.FIRSTNAME, null));
sinfo.setLastname(usr.getProperty(UserConstants.LASTNAME, null));
String remoteAddr = request.getRemoteAddr();
sinfo.setFromIP(remoteAddr);
sinfo.setFromFQN(remoteAddr);
try {
InetAddress[] iaddr = InetAddress.getAllByName(request.getRemoteAddr());
if (iaddr.length > 0) sinfo.setFromFQN(iaddr[0].getHostName());
} catch (UnknownHostException e) {
// ok, already set IP as FQDN
}
sinfo.setAuthProvider(BaseSecurityModule.getDefaultAuthProviderIdentifier());
sinfo.setUserAgent(request.getHeader("User-Agent"));
sinfo.setSecure(request.isSecure());
sinfo.setWebDAV(true);
sinfo.setWebModeFromUreq(null);
// set session info for this session
usess.setSessionInfo(sinfo);
//
sessionManager.signOn(usess);
return usess;
}
}
/** @return The name of the author */
public String getAuthor() {
String authorName = null;
if (authorKey > 0) {
Identity identity = BaseSecurityManager.getInstance().loadIdentityByKey(authorKey, false);
if (identity != null) {
User user = identity.getUser();
if (user == null) {
authorName = author = identity.getName();
} else {
authorName =
author =
user.getProperty(UserConstants.FIRSTNAME, null)
+ " "
+ user.getProperty(UserConstants.LASTNAME, null);
}
}
}
if (authorName == null && StringHelper.containsNonWhitespace(author)) {
authorName = author;
}
return authorName;
}
/**
* @see org.olat.course.nodes.GenericCourseNode#importNode(java.io.File, org.olat.course.ICourse,
* org.olat.core.gui.UserRequest, org.olat.core.gui.control.WindowControl)
*/
@Override
public Controller importNode(
final File importDirectory,
final ICourse course,
final boolean unattendedImport,
final UserRequest ureq,
final WindowControl wControl) {
final File importSubdir = new File(importDirectory, getIdent());
final RepositoryEntryImportExport rie = new RepositoryEntryImportExport(importSubdir);
if (!rie.anyExportedPropertiesAvailable()) {
return null;
}
// do import referenced repository entries
if (unattendedImport) {
final Identity admin = BaseSecurityManager.getInstance().findIdentityByName("administrator");
ImportReferencesController.doImport(
rie, this, ImportReferencesController.IMPORT_WIKI, true, admin);
return null;
} else {
return new ImportReferencesController(
ureq, wControl, this, ImportReferencesController.IMPORT_WIKI, rie);
}
}
@Test
public void testSync() {
log.info("testing enrollment");
// ------------------ now check with lock -------------------
// create a group
// create users
final List<Identity> identities = new ArrayList<Identity>();
for (int i = 0; i < MAX_COUNT + MAX_USERS_MORE; i++) {
Identity id =
JunitTestHelper.createAndPersistIdentityAsUser(
"u-" + i + "-" + UUID.randomUUID().toString());
identities.add(id);
log.info("testSync: Identity=" + id.getName() + " created");
}
dbInstance.closeSession();
final SecurityGroup group2 = BaseSecurityManager.getInstance().createAndPersistSecurityGroup();
// make sure the lock has been written to the disk (tests for createOrFind see other methods)
dbInstance.closeSession();
// prepare threads
int numOfThreads = MAX_COUNT + MAX_USERS_MORE;
final CountDownLatch finishCount = new CountDownLatch(numOfThreads);
// try to enrol all in the same group
for (int i = 0; i < numOfThreads; i++) {
final int j = i;
new Thread(
new Runnable() {
public void run() {
try {
log.info("testSync: thread started j=" + j);
Identity id = identities.get(j);
//
PLock p2 = pessimisticLockManager.findOrPersistPLock("befinsert");
assertNotNull(p2);
doNoLockingEnrol(id, group2);
dbInstance.commit();
dbInstance.closeSession();
} catch (Exception e) {
e.printStackTrace();
} finally {
finishCount.countDown();
}
}
})
.start();
}
try {
finishCount.await(120, TimeUnit.SECONDS);
} catch (InterruptedException e) {
log.error("", e);
}
// now count
dbInstance.closeSession();
int cnt2 = BaseSecurityManager.getInstance().countIdentitiesOfSecurityGroup(group2);
assertTrue(
"cnt should be smaller or eq than allowed since synced with select for update. cnt:"
+ cnt2
+ ", max "
+ MAX_COUNT,
cnt2 <= MAX_COUNT);
assertTrue(
"cnt should be eq to allowed since synced with select for update. cnt:"
+ cnt2
+ ", max "
+ MAX_COUNT,
cnt2 == MAX_COUNT);
log.info("cnt lock " + cnt2);
}
public WikiPageDocument() {
super();
identityManager = BaseSecurityManager.getInstance();
}
