/** * Assessment notification rights check.<br> * Tests if an <code>Identity</code> can subscribe for assessment notification for the specified * <code>ICourse</code>.<br> * <br> * <b>PRE CONDITIONS</b> * * <ul> * <li><code>course != null</code> * </ul> * * @param ident the identity to check rights for. Can be <code>null</code> * @param course the course to check rights against * @return if <code>ident == null</code> this method always returns false; otherwise subscriptions * rights are met only by course administrators and course coaches */ private boolean canSubscribeForAssessmentNotification(Identity ident, ICourse course) { if (ident == null) return false; CourseGroupManager grpMan = course.getCourseEnvironment().getCourseGroupManager(); boolean isInstitutionalResourceManager = BaseSecurityManager.getInstance() .isIdentityInSecurityGroup( ident, BaseSecurityManager.getInstance() .findSecurityGroupByName(Constants.GROUP_INST_ORES_MANAGER)); return isInstitutionalResourceManager || grpMan.isIdentityCourseAdministrator(ident) || grpMan.isIdentityCourseCoach(ident) || grpMan.hasRight(ident, CourseRights.RIGHT_ASSESSMENT); }
/** * @see org.olat.search.service.indexer.Indexer#checkAccess(org.olat.core.id.context.ContextEntry, * org.olat.core.id.context.BusinessControl, org.olat.core.id.Identity, * org.olat.core.id.Roles) */ @Override public boolean checkAccess( final ContextEntry contextEntry, final BusinessControl businessControl, final Identity identity, final Roles roles) { // TODO:chg: check with collabTools if forum is enabled final ContextEntry ce = businessControl.popLauncherContextEntry(); final Long resourceableId = ce.getOLATResourceable().getResourceableId(); final Message message = ForumManager.getInstance().loadMessage(resourceableId); Message threadtop = message.getThreadtop(); if (threadtop == null) { threadtop = message; } final boolean isMessageHidden = Status.getStatus(threadtop.getStatusCode()).isHidden(); // assumes that if is owner then is moderator so it is allowed to see the hidden forum threads // TODO: (LD) fix this!!! // here it is checked if the identity is owner of the forum tool but it has no way to find out // whether is owner of the group that owns the forum tool final boolean isOwner = BaseSecurityManager.getInstance() .isIdentityPermittedOnResourceable( identity, Constants.PERMISSION_ACCESS, contextEntry.getOLATResourceable()); if (isMessageHidden && !isOwner) { return false; } return true; }
@Override protected void event(UserRequest ureq, Controller source, Event event) { if (event instanceof OpenAuthorProfilEvent) { OpenAuthorProfilEvent uriEvent = (OpenAuthorProfilEvent) event; Long identityKey = uriEvent.getKey(); if (identityKey == null) return; final Identity identity = BaseSecurityManager.getInstance().loadIdentityByKey(identityKey, false); if (identity == null) return; final HomePageConfig homePageConfig = HomePageConfigManagerImpl.getInstance().loadConfigFor(identity.getName()); ControllerCreator ctrlCreator = new ControllerCreator() { public Controller createController(UserRequest lureq, WindowControl lwControl) { HomePageDisplayController homePageCtrl = new HomePageDisplayController(lureq, lwControl, identity, homePageConfig); LayoutMain3ColsController layoutCtr = new LayoutMain3ColsController( lureq, lwControl, null, null, homePageCtrl.getInitialComponent(), null); // dispose glossary on layout dispose layoutCtr.addDisposableChildController(homePageCtrl); return layoutCtr; } }; ControllerCreator layoutCtrlr = BaseFullWebappPopupLayoutFactory.createAuthMinimalPopupLayout(ureq, ctrlCreator); // open in new browser window openInNewBrowserWindow(ureq, layoutCtrlr); return; // immediate return after opening new browser window! } else { super.event(ureq, source, event); } }
private void doNoLockingEnrol(Identity i, SecurityGroup group) { // check that below max try { StringBuilder sb = new StringBuilder(); int cnt = BaseSecurityManager.getInstance().countIdentitiesOfSecurityGroup(group); sb.append("enrol:cnt:" + cnt); if (cnt < MAX_COUNT) { // now sleep a while to allow others to think also that there is still space left in the // group sleep(100); // now add the user to the security group sb.append(" adding " + i.getName() + ": current.. " + cnt + ", max = " + MAX_COUNT); BaseSecurityManager.getInstance().addIdentityToSecurityGroup(i, group); } log.info(sb.toString()); } catch (Exception e) { log.error("", e); } }
@Override public Object getValueAt(final int row, final int col) { final MediaFileElement entry = getEntryAt(row); switch (col) { case 0: final String filename = entry.getFilename(); if (filename.length() > 40) { if (filename.endsWith(WikiMainController.METADATA_SUFFIX)) { return entry.getFilename().substring(0, 40) + WikiMainController.METADATA_SUFFIX; } return entry.getFilename().substring(0, 40) + "..."; } return entry.getFilename(); case 1: final long identKey = entry.getCreatedBy(); if (identKey == 0) { return "---"; } return BaseSecurityManager.getInstance().loadIdentityByKey(identKey).getName(); case 2: return formatter.formatDateAndTime(new Date(entry.getCreationDate())); case 3: final long key = entry.getDeletedBy(); if (key == 0) { return "---"; } return BaseSecurityManager.getInstance().loadIdentityByKey(key).getName(); case 4: final long delDate = entry.getDeletionDate(); if (delDate == 0) { return "---"; } return formatter.formatDateAndTime(new Date(delDate)); default: return "ERROR"; } }
/** @return The name of the modifier */ public String getModifier() { String modifierName = null; if (modifierKey > 0) { Identity identity = BaseSecurityManager.getInstance().loadIdentityByKey(modifierKey, false); if (identity != null) { User user = identity.getUser(); if (user == null) { modifierName = modifier = identity.getName(); } else { modifierName = modifier = CoreSpringFactory.getImpl(UserManager.class).getUserDisplayName(identity); } } } if (modifierName == null && StringHelper.containsNonWhitespace(modifier)) { modifierName = modifier; } return modifierName; }
private UserSession afterAuthorization(Identity identity, HttpServletRequest request) { UserSession usess = sessionManager.getUserSession(request); synchronized (usess) { // double check to prevent severals concurrent login if (usess.isAuthenticated()) { return usess; } sessionManager.signOffAndClear(usess); usess.setIdentity(identity); UserDeletionManager.getInstance().setIdentityAsActiv(identity); // set the roles (admin, author, guest) Roles roles = BaseSecurityManager.getInstance().getRoles(identity); usess.setRoles(roles); // set session info SessionInfo sinfo = new SessionInfo(identity.getKey(), identity.getName(), request.getSession()); User usr = identity.getUser(); sinfo.setFirstname(usr.getProperty(UserConstants.FIRSTNAME, null)); sinfo.setLastname(usr.getProperty(UserConstants.LASTNAME, null)); String remoteAddr = request.getRemoteAddr(); sinfo.setFromIP(remoteAddr); sinfo.setFromFQN(remoteAddr); try { InetAddress[] iaddr = InetAddress.getAllByName(request.getRemoteAddr()); if (iaddr.length > 0) sinfo.setFromFQN(iaddr[0].getHostName()); } catch (UnknownHostException e) { // ok, already set IP as FQDN } sinfo.setAuthProvider(BaseSecurityModule.getDefaultAuthProviderIdentifier()); sinfo.setUserAgent(request.getHeader("User-Agent")); sinfo.setSecure(request.isSecure()); sinfo.setWebDAV(true); sinfo.setWebModeFromUreq(null); // set session info for this session usess.setSessionInfo(sinfo); // sessionManager.signOn(usess); return usess; } }
/** @return The name of the author */ public String getAuthor() { String authorName = null; if (authorKey > 0) { Identity identity = BaseSecurityManager.getInstance().loadIdentityByKey(authorKey, false); if (identity != null) { User user = identity.getUser(); if (user == null) { authorName = author = identity.getName(); } else { authorName = author = user.getProperty(UserConstants.FIRSTNAME, null) + " " + user.getProperty(UserConstants.LASTNAME, null); } } } if (authorName == null && StringHelper.containsNonWhitespace(author)) { authorName = author; } return authorName; }
/** * @see org.olat.course.nodes.GenericCourseNode#importNode(java.io.File, org.olat.course.ICourse, * org.olat.core.gui.UserRequest, org.olat.core.gui.control.WindowControl) */ @Override public Controller importNode( final File importDirectory, final ICourse course, final boolean unattendedImport, final UserRequest ureq, final WindowControl wControl) { final File importSubdir = new File(importDirectory, getIdent()); final RepositoryEntryImportExport rie = new RepositoryEntryImportExport(importSubdir); if (!rie.anyExportedPropertiesAvailable()) { return null; } // do import referenced repository entries if (unattendedImport) { final Identity admin = BaseSecurityManager.getInstance().findIdentityByName("administrator"); ImportReferencesController.doImport( rie, this, ImportReferencesController.IMPORT_WIKI, true, admin); return null; } else { return new ImportReferencesController( ureq, wControl, this, ImportReferencesController.IMPORT_WIKI, rie); } }
@Test public void testSync() { log.info("testing enrollment"); // ------------------ now check with lock ------------------- // create a group // create users final List<Identity> identities = new ArrayList<Identity>(); for (int i = 0; i < MAX_COUNT + MAX_USERS_MORE; i++) { Identity id = JunitTestHelper.createAndPersistIdentityAsUser( "u-" + i + "-" + UUID.randomUUID().toString()); identities.add(id); log.info("testSync: Identity=" + id.getName() + " created"); } dbInstance.closeSession(); final SecurityGroup group2 = BaseSecurityManager.getInstance().createAndPersistSecurityGroup(); // make sure the lock has been written to the disk (tests for createOrFind see other methods) dbInstance.closeSession(); // prepare threads int numOfThreads = MAX_COUNT + MAX_USERS_MORE; final CountDownLatch finishCount = new CountDownLatch(numOfThreads); // try to enrol all in the same group for (int i = 0; i < numOfThreads; i++) { final int j = i; new Thread( new Runnable() { public void run() { try { log.info("testSync: thread started j=" + j); Identity id = identities.get(j); // PLock p2 = pessimisticLockManager.findOrPersistPLock("befinsert"); assertNotNull(p2); doNoLockingEnrol(id, group2); dbInstance.commit(); dbInstance.closeSession(); } catch (Exception e) { e.printStackTrace(); } finally { finishCount.countDown(); } } }) .start(); } try { finishCount.await(120, TimeUnit.SECONDS); } catch (InterruptedException e) { log.error("", e); } // now count dbInstance.closeSession(); int cnt2 = BaseSecurityManager.getInstance().countIdentitiesOfSecurityGroup(group2); assertTrue( "cnt should be smaller or eq than allowed since synced with select for update. cnt:" + cnt2 + ", max " + MAX_COUNT, cnt2 <= MAX_COUNT); assertTrue( "cnt should be eq to allowed since synced with select for update. cnt:" + cnt2 + ", max " + MAX_COUNT, cnt2 == MAX_COUNT); log.info("cnt lock " + cnt2); }
public WikiPageDocument() { super(); identityManager = BaseSecurityManager.getInstance(); }