[server] Fnished image-related methods so far, started implementing lecture-related ones....

11 files changed, 412 insertions, 28 deletions

diff --git a/dozentenmodulserver/pom.xml b/dozentenmodulserver/pom.xml
index 5e88da74..e5ab5ae7 100644
--- a/dozentenmodulserver/pom.xml
+++ b/dozentenmodulserver/pom.xml
@@ -142,6 +142,12 @@
 			<artifactId>joda-time</artifactId>
 			<version>2.8</version>
 		</dependency>
+		<dependency>
+			<groupId>com.google.code.gson</groupId>
+			<artifactId>gson</artifactId>
+			<version>2.2.4</version>
+			<scope>compile</scope>
+		</dependency>
 	</dependencies>
 </project>
 
diff --git a/dozentenmodulserver/setup/sat-01-schema.sql b/dozentenmodulserver/setup/sat-01-schema.sql
index e6de9010..08a63be8 100644
--- a/dozentenmodulserver/setup/sat-01-schema.sql
+++ b/dozentenmodulserver/setup/sat-01-schema.sql
@@ -187,6 +187,7 @@ CREATE TABLE IF NOT EXISTS `lecture` (
   `updaterid` char(36) CHARACTER SET ascii COLLATE ascii_bin NOT NULL,
   `runscript` text DEFAULT NULL,
   `nics` VARCHAR(200) CHARACTER SET ascii COLLATE ascii_bin NULL COMMENT 'Freeform text field for future extendability. Format is specified at application layer.',
+  `netrules` text DEFAULT NULL COMMENT 'user defined firewall rules, applied at the linux base system.',
   `isexam` tinyint(1) NOT NULL,
   `hasinternetaccess` tinyint(1) NOT NULL,
   `caneditdefault` tinyint(1) NOT NULL,
@@ -197,16 +198,6 @@ CREATE TABLE IF NOT EXISTS `lecture` (
   KEY `fk_lecture_3_idx` (`updaterid`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
 
-CREATE TABLE IF NOT EXISTS `lecturenetrule` (
-  `ruleid` int(11) NOT NULL AUTO_INCREMENT,
-  `lectureid` char(36) CHARACTER SET ascii COLLATE ascii_bin NOT NULL,
-  `direction` enum('IN','OUT') NOT NULL,
-  `host` varchar(45) NOT NULL,
-  `port` INT NULL,
-  PRIMARY KEY (`ruleid`),
-  KEY `fk_lecturenetrule_1_idx` (`lectureid`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-
 CREATE TABLE IF NOT EXISTS `lecturepermission` (
   `lectureid` char(36) CHARACTER SET ascii COLLATE ascii_bin NOT NULL,
   `userid` char(36) CHARACTER SET ascii COLLATE ascii_bin NOT NULL,
@@ -314,9 +305,6 @@ ALTER TABLE `lecture`
   ADD CONSTRAINT `fk_lecture_owner` FOREIGN KEY (`ownerid`) REFERENCES `user` (`userid`) ON UPDATE CASCADE,
   ADD CONSTRAINT `fk_lecture_updater` FOREIGN KEY (`updaterid`) REFERENCES `user` (`userid`) ON UPDATE CASCADE;
 
-ALTER TABLE `lecturenetrule`
-  ADD CONSTRAINT `fk_lecturenetrule_1` FOREIGN KEY (`lectureid`) REFERENCES `lecture` (`lectureid`) ON UPDATE CASCADE ON DELETE CASCADE;
-
 ALTER TABLE `lecturepermission`
   ADD CONSTRAINT `fk_lecturepermission_1` FOREIGN KEY (`lectureid`) REFERENCES `lecture` (`lectureid`) ON UPDATE CASCADE ON DELETE CASCADE,
   ADD CONSTRAINT `fk_lecturepermission_2` FOREIGN KEY (`userid`) REFERENCES `user` (`userid`) ON UPDATE CASCADE ON DELETE CASCADE;
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/Paginator.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/Paginator.java
new file mode 100644
index 00000000..285d7aa3
--- /dev/null
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/Paginator.java
@@ -0,0 +1,11 @@
+package org.openslx.bwlp.sat.database;
+
+public class Paginator {
+
+	public static final int PER_PAGE = 200;
+
+	public static String limitStatement(int page) {
+		return " LIMIT " + (page * PER_PAGE) + ", " + PER_PAGE;
+	}
+
+}
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java
index 4dae8039..1fb19121 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java
@@ -47,6 +47,7 @@ public class DbImage {
 	 */
 	public static List<ImageSummaryRead> getAllVisible(UserInfo user, List<String> tagSearch)
 			throws SQLException {
+		// TODO: Implement tag search functionality
 		try (MysqlConnection connection = Database.getConnection()) {
 			MysqlStatement stmt = connection.prepareStatement("SELECT"
 					+ " i.imagebaseid, i.currentversionid, i.latestversionid, i.displayname,"
@@ -243,7 +244,7 @@ public class DbImage {
 					+ " SET ownerid = :ownerid WHERE imagebaseid = :baseid");
 			stmt.setString("ownerid", newOwnerId);
 			stmt.setString("baseid", imageBaseId);
-			stmt.executeQuery();
+			stmt.executeUpdate();
 			connection.commit();
 		} catch (SQLException e) {
 			LOGGER.error("Query failed in DbImage.setImageOwner()", e);
@@ -291,6 +292,14 @@ public class DbImage {
 		return ShareMode.valueOf(string);
 	}
 
+	/**
+	 * Update meta data of a specific image version.
+	 * 
+	 * @param user user doing the edit
+	 * @param imageVersionId UUID of image version
+	 * @param image meta data to set
+	 * @throws SQLException
+	 */
 	public static void updateImageVersion(UserInfo user, String imageVersionId, ImageVersionWrite image)
 			throws SQLException {
 		try (MysqlConnection connection = Database.getConnection()) {
@@ -302,7 +311,7 @@ public class DbImage {
 			stmt.setString("userid", user.userId);
 			stmt.setBoolean("isenabled", image.isEnabled);
 			stmt.setBoolean("isrestricted", image.isRestricted);
-			stmt.executeQuery();
+			stmt.executeUpdate();
 			connection.commit();
 		} catch (SQLException e) {
 			LOGGER.error("Query failed in DbImage.updateImageVersion()", e);
@@ -310,4 +319,27 @@ public class DbImage {
 		}
 	}
 
+	/**
+	 * Mark given image for deletion. The image is marked for deletion by
+	 * setting the expire timestamp to the current date, and by setting the
+	 * image disabled and invalid. Next time the cleanup task runs, the image
+	 * will be deleted.
+	 * 
+	 * @param imageVersionId UUID of image version to delete
+	 * @throws SQLException
+	 */
+	public static void markForDeletion(String imageVersionId) throws SQLException {
+		try (MysqlConnection connection = Database.getConnection()) {
+			MysqlStatement stmt = connection.prepareStatement("UPDATE imageversion SET"
+					+ " expiretime = UNIX_TIMESTAMP() - 1, isenabled = 0, isvalid = 0"
+					+ " WHERE imageversionid = :versionid");
+			stmt.setString("versionid", imageVersionId);
+			stmt.executeUpdate();
+			connection.commit();
+		} catch (SQLException e) {
+			LOGGER.error("Query failed in DbImage.markForDeletion()", e);
+			throw e;
+		}
+	}
+
 }
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImagePermissions.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImagePermissions.java
index 9f089b42..7f8bf33f 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImagePermissions.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImagePermissions.java
@@ -101,4 +101,31 @@ public class DbImagePermissions {
 		}
 	}
 
+	public static void writeForImageBase(String imageBaseId, Map<String, ImagePermissions> permissions)
+			throws SQLException {
+		try (MysqlConnection connection = Database.getConnection()) {
+			MysqlStatement stmt = connection.prepareStatement("DELETE FROM imagepermission"
+					+ " WHERE imagebaseid = :baseid");
+			stmt.setString("imagebaseid", imageBaseId);
+			stmt.executeUpdate();
+			stmt = connection.prepareStatement("INSERT INTO imagepermission"
+					+ " (imagebaseid, userid, canlink, candownload, canedit, canadmin)"
+					+ " VALUES (:baseid, :userid, :canlink, :candownload, :canedit, :canadmin)");
+			stmt.setString("baseid", imageBaseId);
+			for (Map.Entry<String, ImagePermissions> entry : permissions.entrySet()) {
+				ImagePermissions perm = entry.getValue();
+				stmt.setString("userid", entry.getKey());
+				stmt.setBoolean("canlink", perm.link);
+				stmt.setBoolean("candownload", perm.download);
+				stmt.setBoolean("canedit", perm.edit);
+				stmt.setBoolean("canadmin", perm.admin);
+				stmt.executeUpdate();
+			}
+			connection.commit();
+		} catch (SQLException e) {
+			LOGGER.error("Query failed in DbImagePermissions.writeForImageBase()", e);
+			throw e;
+		}
+	}
+
 }
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java
new file mode 100644
index 00000000..7f2fa4c5
--- /dev/null
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java
@@ -0,0 +1,137 @@
+package org.openslx.bwlp.sat.database.mappers;
+
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.UUID;
+
+import org.apache.log4j.Logger;
+import org.openslx.bwlp.sat.database.Database;
+import org.openslx.bwlp.sat.database.MysqlConnection;
+import org.openslx.bwlp.sat.database.MysqlStatement;
+import org.openslx.bwlp.sat.util.Json;
+import org.openslx.bwlp.thrift.iface.LecturePermissions;
+import org.openslx.bwlp.thrift.iface.LectureSummary;
+import org.openslx.bwlp.thrift.iface.LectureWrite;
+import org.openslx.bwlp.thrift.iface.TNotFoundException;
+import org.openslx.bwlp.thrift.iface.UserInfo;
+
+public class DbLecture {
+
+	private static final Logger LOGGER = Logger.getLogger(DbLecture.class);
+
+	public static String create(UserInfo user, LectureWrite lecture) throws SQLException {
+		try (MysqlConnection connection = Database.getConnection()) {
+			MysqlStatement stmt = connection.prepareStatement("INSERT INTO lecture"
+					+ " (lectureid, displayname, description, imageversionid, autoupdate,"
+					+ "  isenabled, starttime, endtime, createtime, updatetime,"
+					+ "  ownerid, updaterid, runscript, nics, netrules, isexam,"
+					+ "  hasinternetaccess, caneditdefault, canadmindefault)"
+					+ "         VALUES             "
+					+ " (:lectureid, '<defunct>', '<defunct>', :imageversionid, 0,"
+					+ "  0, 0, 0, UNIX_TIMESTAMP(), UNIX_TIMESTAMP(),"
+					+ "  :userid, :userid, NULL, NULL, NULL, 0, 0, 0, 0)");
+			String lectureId = UUID.randomUUID().toString();
+			stmt.setString("lectureid", lectureId);
+			stmt.setString("imageversionid", lecture.imageVersionId);
+			stmt.setString("userid", user.userId);
+			stmt.executeUpdate();
+			update(connection, user, lectureId, lecture);
+			connection.commit();
+			return lectureId;
+		} catch (SQLException e) {
+			LOGGER.error("Query failed in DbLecture.create()", e);
+			throw e;
+		}
+	}
+
+	public static void setOwner(UserInfo user, String lectureId, String newOwnerId) throws SQLException {
+		try (MysqlConnection connection = Database.getConnection()) {
+			MysqlStatement stmt = connection.prepareStatement("UPDATE lecture"
+					+ " SET ownerid = :ownerid, updaterid = :userid, updatetime = UNIX_TIMESTAMP()"
+					+ " WHERE lectureid = :lectureid");
+			stmt.setString("ownerid", newOwnerId);
+			stmt.setString("userid", user.userId);
+			stmt.setString("lectureid", lectureId);
+			stmt.executeUpdate();
+			connection.commit();
+		} catch (SQLException e) {
+			LOGGER.error("Query failed in DbLecture.setOwner()", e);
+			throw e;
+		}
+	}
+
+	public static void update(UserInfo user, String lectureId, LectureWrite lecture) throws SQLException {
+		try (MysqlConnection connection = Database.getConnection()) {
+			update(connection, user, lectureId, lecture);
+			connection.commit();
+		} catch (SQLException e) {
+			LOGGER.error("Query failed in DbLecture.update()", e);
+			throw e;
+		}
+	}
+
+	private static void update(MysqlConnection connection, UserInfo user, String lectureId,
+			LectureWrite lecture) throws SQLException {
+		String nicsJson = Json.serialize(lecture.nics);
+		String netruleJson = Json.serialize(lecture.networkExceptions);
+		MysqlStatement stmt = connection.prepareStatement("UPDATE lecture SET "
+				+ " displayname = :displayname, description = :description, imageversionid = :imageversionid,"
+				+ " autoupdate = :autoupdate, isenabled = :isenabled, starttime = :starttime,"
+				+ " endtime = :endtime, createtime = :createtime, updatetime = :updatetime,"
+				+ " updaterid = :updaterid, runscript = :runscript, nics = :nics,"
+				+ " netrules = :netrules, isexam = :isexam, hasinternetaccess = :hasinternetaccess,"
+				+ " caneditdefault = :caneditdefault, canadmindefault = :canadmindefault"
+				+ " WHERE lectureid = :lectureid");
+		stmt.setString("lectureid", lectureId);
+		stmt.setString("displayname", lecture.lectureName);
+		stmt.setString("description", lecture.description);
+		stmt.setString("imageversionid", lecture.imageVersionId);
+		stmt.setBoolean("autoupdate", lecture.autoUpdate);
+		stmt.setBoolean("isenabled", lecture.isEnabled);
+		stmt.setLong("starttime", lecture.startTime);
+		stmt.setLong("endtime", lecture.endTime);
+		stmt.setString("updaterid", user.userId);
+		stmt.setString("runscript", lecture.runscript);
+		stmt.setString("nics", nicsJson);
+		stmt.setString("netrules", netruleJson);
+		stmt.setBoolean("isexam", lecture.isExam);
+		stmt.setBoolean("hasinternetaccess", lecture.hasInternetAccess);
+		stmt.setBoolean("caneditdefault", lecture.defaultPermissions.edit);
+		stmt.setBoolean("canadmindefault", lecture.defaultPermissions.admin);
+		stmt.executeUpdate();
+	}
+
+	public static LectureSummary getLectureSummary(UserInfo user, String lectureId) throws SQLException,
+			TNotFoundException {
+		try (MysqlConnection connection = Database.getConnection()) {
+			MysqlStatement stmt = connection.prepareStatement("SELECT"
+					+ " l.lectureid, l.displayname AS lecturename, l.imageversionid, l.isenabled,"
+					+ " l.starttime, l.endtime, l.lastused, l.usecount, l.ownerid, l.updaterid,"
+					+ " l.isexam, l.hasinternetaccess, l.caneditdefault, l.canadmindefault,"
+					+ " perm.canedit, perm.canadmin"
+					+ " LEFT JOIN lecturepermission perm ON (perm.lectureid = l.lectureid AND perm.userid = :userid)"
+					+ " WHERE lectureid = :lectureid");
+			stmt.setString("lectureid", lectureId);
+			stmt.setString("userid", user.userId);
+			ResultSet rs = stmt.executeQuery();
+			if (!rs.next())
+				throw new TNotFoundException();
+			return resultSetToSummary(rs);
+		} catch (SQLException e) {
+			LOGGER.error("Query failed in DbLecture.getLectureSummary()", e);
+			throw e;
+		}
+	}
+
+	private static LectureSummary resultSetToSummary(ResultSet rs) throws SQLException {
+		LecturePermissions defaultPermissions = DbLecturePermissions.fromResultSetDefault(rs);
+		LectureSummary entry = new LectureSummary(rs.getString("lectureid"), rs.getString("lecturename"),
+				rs.getString("imageversionid"), null, rs.getBoolean("isenabled"), rs.getLong("starttime"),
+				rs.getLong("endtime"), rs.getLong("lastused"), rs.getInt("usecount"),
+				rs.getString("ownerid"), rs.getString("updaterid"), rs.getBoolean("isexam"),
+				rs.getBoolean("hasinternetaccess"), defaultPermissions, false);
+		entry.userPermissions = DbLecturePermissions.fromResultSetUser(rs);
+		return entry;
+	}
+
+}
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecturePermissions.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecturePermissions.java
new file mode 100644
index 00000000..e8bd8a07
--- /dev/null
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecturePermissions.java
@@ -0,0 +1,63 @@
+package org.openslx.bwlp.sat.database.mappers;
+
+import java.sql.ResultSet;
+import java.sql.SQLException;
+
+import org.openslx.bwlp.thrift.iface.LecturePermissions;
+
+public class DbLecturePermissions {
+
+	/**
+	 * Build an instance of {@link LecturePermissions} by reading the given
+	 * columns from the given {@link ResultSet}. If there are no permissions
+	 * given in the ResultSet, <code>null</code> is returned.
+	 * 
+	 * @param rs the {@link ResultSet} to read from
+	 * @param canLink Name of the column to read the "can link" permission from
+	 * @param canDownload Name of the column to read the "can download"
+	 *            permission from
+	 * @param canEdit Name of the column to read the "can edit" permission from
+	 * @param canAdmin Name of the column to read the "can admin" permission
+	 *            from
+	 * @return instance of {@link LecturePermissions}, or <code>null</code>
+	 * @throws SQLException
+	 */
+	private static LecturePermissions fromResultSet(ResultSet rs, String canEdit, String canAdmin)
+			throws SQLException {
+		boolean edit = rs.getBoolean(canEdit);
+		if (rs.wasNull())
+			return null;
+		return new LecturePermissions(edit, rs.getBoolean(canAdmin));
+	}
+
+	/**
+	 * Build an instance of {@link LecturePermissions} by reading the
+	 * columns <code>canlink</code>, <code>candownload</code>,
+	 * <code>canedit</code>, <code>canadmin</code> from the given
+	 * {@link ResultSet}. If there are no permissions
+	 * given in the ResultSet, <code>null</code> is returned.
+	 * 
+	 * @param rs the {@link ResultSet} to read from
+	 * @return instance of {@link LecturePermissions}, or <code>null</code>
+	 * @throws SQLException
+	 */
+	public static LecturePermissions fromResultSetUser(ResultSet rs) throws SQLException {
+		return fromResultSet(rs, "canedit", "canadmin");
+	}
+
+	/**
+	 * Build an instance of {@link LecturePermissions} by reading the
+	 * columns <code>canlinkdefault</code>, <code>candownloaddefault</code>,
+	 * <code>caneditdefault</code>, <code>canadmindefault</code> from the given
+	 * {@link ResultSet}. If there are no permissions
+	 * given in the ResultSet, <code>null</code> is returned.
+	 * 
+	 * @param rs the {@link ResultSet} to read from
+	 * @return instance of {@link LecturePermissions}, or <code>null</code>
+	 * @throws SQLException
+	 */
+	public static LecturePermissions fromResultSetDefault(ResultSet rs) throws SQLException {
+		return fromResultSet(rs, "caneditdefault", "canadmindefault");
+	}
+
+}
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java
index d7cabe47..451b3217 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java
@@ -9,6 +9,7 @@ import org.apache.log4j.Logger;
 import org.openslx.bwlp.sat.database.Database;
 import org.openslx.bwlp.sat.database.MysqlConnection;
 import org.openslx.bwlp.sat.database.MysqlStatement;
+import org.openslx.bwlp.sat.database.Paginator;
 import org.openslx.bwlp.sat.database.models.LocalUser;
 import org.openslx.bwlp.thrift.iface.UserInfo;
 
@@ -16,11 +17,9 @@ public class DbUser {
 
 	private static final Logger LOGGER = Logger.getLogger(DbUser.class);
 
-	private static final int PER_PAGE = 200;
-
 	/**
 	 * Get all users, starting at page <code>page</code>.
-	 * This function will return a maximum of {@link #PER_PAGE}(200) results, so
+	 * This function will return a maximum of {@link #PER_PAGE} results, so
 	 * you might need to call this method several times.
 	 * 
 	 * @param page Page to return. The first page is page 0.
@@ -30,10 +29,9 @@ public class DbUser {
 	public static List<UserInfo> getAll(int page) throws SQLException {
 		if (page < 0)
 			return new ArrayList<>(1);
-		final int offset = page * 200;
 		try (MysqlConnection connection = Database.getConnection()) {
 			MysqlStatement stmt = connection.prepareStatement("SELECT userid, firstname, lastname, email, organizationid"
-					+ " FROM user ORDER BY userid ASC LIMIT " + offset + ", " + PER_PAGE);
+					+ " FROM user ORDER BY userid ASC " + Paginator.limitStatement(page));
 			ResultSet rs = stmt.executeQuery();
 			List<UserInfo> list = new ArrayList<>();
 			while (rs.next()) {
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java
index fc3241a9..2ffd281a 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java
@@ -3,7 +3,9 @@ package org.openslx.bwlp.sat.permissions;
 import java.sql.SQLException;
 import java.util.Map;
 
+import org.apache.log4j.Logger;
 import org.openslx.bwlp.sat.database.mappers.DbImage;
+import org.openslx.bwlp.sat.database.mappers.DbLecture;
 import org.openslx.bwlp.sat.database.mappers.DbOrganization;
 import org.openslx.bwlp.sat.database.mappers.DbUser;
 import org.openslx.bwlp.sat.database.models.LocalOrganization;
@@ -11,6 +13,8 @@ import org.openslx.bwlp.sat.database.models.LocalUser;
 import org.openslx.bwlp.thrift.iface.AuthorizationError;
 import org.openslx.bwlp.thrift.iface.ImagePermissions;
 import org.openslx.bwlp.thrift.iface.ImageSummaryRead;
+import org.openslx.bwlp.thrift.iface.LecturePermissions;
+import org.openslx.bwlp.thrift.iface.LectureSummary;
 import org.openslx.bwlp.thrift.iface.Role;
 import org.openslx.bwlp.thrift.iface.TAuthorizationException;
 import org.openslx.bwlp.thrift.iface.TInternalServerError;
@@ -20,6 +24,8 @@ import org.openslx.util.TimeoutHashMap;
 
 public class User {
 
+	private static final Logger LOGGER = Logger.getLogger(User.class);
+
 	public static enum Permission {
 		LINK,
 		DOWNLOAD,
@@ -44,6 +50,24 @@ public class User {
 		return false;
 	}
 
+	private static boolean canActionLecture(UserInfo user, Permission checkPerm,
+			LecturePermissions... lecturePermissions) {
+		if (checkPerm == Permission.DOWNLOAD || checkPerm == Permission.LINK) {
+			LOGGER.warn("Invalid permission check for lecture: " + checkPerm, new RuntimeException(
+					"Here's your stack trace"));
+			return false;
+		}
+		for (LecturePermissions perm : lecturePermissions) {
+			if (perm == null)
+				continue;
+			if (checkPerm == Permission.EDIT)
+				return perm.edit;
+			if (checkPerm == Permission.ADMIN)
+				return perm.admin;
+		}
+		return false;
+	}
+
 	/**
 	 * Cache local user data, might be called quite often.
 	 */
@@ -218,11 +242,37 @@ public class User {
 	public static void hasImageVersionPermissionOrFail(UserInfo user, String imageVersionId,
 			Permission permission) throws TAuthorizationException, TInternalServerError, TNotFoundException {
 		if (!hasImageVersionPermission(user, imageVersionId, permission)) {
-			throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, "Required permission: "
+			throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, "Required image permission: "
 					+ permission.toString());
 		}
 	}
 
+	public static boolean hasLecturePermission(UserInfo user, String lectureId, Permission permission)
+			throws TInternalServerError, TNotFoundException {
+		if (user.role != Role.TUTOR)
+			return false;
+		// Check general permissions
+		LectureSummary lecture;
+		try {
+			lecture = DbLecture.getLectureSummary(user, lectureId);
+		} catch (SQLException e) {
+			throw new TInternalServerError();
+		}
+		// Owner has all permissions
+		if (lecture.ownerId.equals(user.userId))
+			return true;
+		return canActionLecture(user, permission, lecture.userPermissions, lecture.defaultPermissions)
+				|| isSuperUser(user);
+	}
+
+	public static void hasLecturePermissionOrFail(UserInfo user, String lectureId, Permission permission)
+			throws TAuthorizationException, TInternalServerError, TNotFoundException {
+		if (!hasLecturePermission(user, lectureId, permission)) {
+			throw new TAuthorizationException(AuthorizationError.NO_PERMISSION,
+					"Required lecture permission: " + permission.toString());
+		}
+	}
+
 	/**
 	 * Checks whether the given user is allowed to create new images.
 	 * 
@@ -239,4 +289,20 @@ public class User {
 					"No permission to create new image");
 	}
 
+	/**
+	 * Checks whether the given user is allowed to create new lectures.
+	 * 
+	 * @param user {@link UserInfo} instance representing the user in question
+	 * @return true or false
+	 */
+	public static boolean canCreateLecture(UserInfo user) {
+		return user.role == Role.TUTOR;
+	}
+
+	public static void canCreateLectureOrFail(UserInfo user) throws TAuthorizationException {
+		if (!canCreateLecture(user))
+			throw new TAuthorizationException(AuthorizationError.NO_PERMISSION,
+					"No permission to create new lecture");
+	}
+
 }
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
index d4440793..cab355a7 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
@@ -9,6 +9,7 @@ import org.apache.log4j.Logger;
 import org.apache.thrift.TException;
 import org.openslx.bwlp.sat.database.mappers.DbImage;
 import org.openslx.bwlp.sat.database.mappers.DbImagePermissions;
+import org.openslx.bwlp.sat.database.mappers.DbLecture;
 import org.openslx.bwlp.sat.database.mappers.DbUser;
 import org.openslx.bwlp.sat.fileserv.ActiveUpload;
 import org.openslx.bwlp.sat.fileserv.FileServer;
@@ -198,7 +199,11 @@ public class ServerHandler implements SatelliteServer.Iface {
 			TNotFoundException, TInternalServerError {
 		UserInfo user = SessionManager.getOrFail(userToken);
 		User.hasImageVersionPermissionOrFail(user, imageVersionId, Permission.ADMIN);
-		// TODO: Permissions cleared; Now mark image for deletion (set expire time in the past...)
+		try {
+			DbImage.markForDeletion(imageVersionId);
+		} catch (SQLException e) {
+			throw new TInternalServerError();
+		}
 	}
 
 	@Override
@@ -207,7 +212,11 @@ public class ServerHandler implements SatelliteServer.Iface {
 			TInternalServerError {
 		UserInfo user = SessionManager.getOrFail(userToken);
 		User.hasImageBasePermissionOrFail(user, imageBaseId, Permission.ADMIN);
-		// TODO: Permissions cleared; Now write image permissions
+		try {
+			DbImagePermissions.writeForImageBase(imageBaseId, permissions);
+		} catch (SQLException e) {
+			throw new TInternalServerError();
+		}
 	}
 
 	@Override
@@ -235,15 +244,27 @@ public class ServerHandler implements SatelliteServer.Iface {
 	}
 
 	@Override
-	public String createLecture(String userToken, LectureWrite lecture) throws TAuthorizationException {
-		// TODO Auto-generated method stub
-		return null;
+	public String createLecture(String userToken, LectureWrite lecture) throws TAuthorizationException,
+			TInternalServerError {
+		UserInfo user = SessionManager.getOrFail(userToken);
+		User.canCreateLectureOrFail(user);
+		try {
+			return DbLecture.create(user, lecture);
+		} catch (SQLException e) {
+			throw new TInternalServerError();
+		}
 	}
 
 	@Override
 	public void updateLecture(String userToken, String lectureId, LectureWrite lecture)
-			throws TAuthorizationException, TNotFoundException {
-		// TODO Auto-generated method stub
+			throws TAuthorizationException, TNotFoundException, TInternalServerError {
+		UserInfo user = SessionManager.getOrFail(userToken);
+		User.hasLecturePermissionOrFail(user, lectureId, Permission.EDIT);
+		try {
+			DbLecture.update(user, lectureId, lecture);
+		} catch (SQLException e) {
+			throw new TInternalServerError();
+		}
 	}
 
 	@Override
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/util/Json.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/util/Json.java
new file mode 100644
index 00000000..fe43793a
--- /dev/null
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/util/Json.java
@@ -0,0 +1,35 @@
+package org.openslx.bwlp.sat.util;
+
+import com.google.gson.Gson;
+
+public class Json {
+
+	/**
+	 * Global static instance. The Gson object is thread-safe.
+	 */
+	private static final Gson gson = new Gson();
+
+	/**
+	 * Deserialize the given json string to an instance of T.
+	 * This will deserialize all fields, except transient ones.
+	 * 
+	 * @param data JSON formatted data
+	 * @param classOfData class to instantiate
+	 * @return instanceof T
+	 */
+	public static <T> T deserialize(String data, Class<T> classOfData) {
+		return gson.fromJson(data, classOfData);
+	}
+
+	/**
+	 * Serialize the given POJO. All fields except transient ones will be
+	 * serialized.
+	 * 
+	 * @param object some object to serialize
+	 * @return JSON formatted represenatation of <code>object</code>
+	 */
+	public static String serialize(Object object) {
+		return gson.toJson(object);
+	}
+
+}