diff options
author | Simon Rettberg | 2015-06-24 18:31:59 +0200 |
---|---|---|
committer | Simon Rettberg | 2015-06-24 18:31:59 +0200 |
commit | 9ff2e9adc74f804023ed751a5afe264b596bf93a (patch) | |
tree | bbe395bc463ae0dc562f14b2c6611c726c5fac8d | |
parent | [server] More methods implemented (diff) | |
download | tutor-module-9ff2e9adc74f804023ed751a5afe264b596bf93a.tar.gz tutor-module-9ff2e9adc74f804023ed751a5afe264b596bf93a.tar.xz tutor-module-9ff2e9adc74f804023ed751a5afe264b596bf93a.zip |
[server] Fnished image-related methods so far, started implementing lecture-related ones....
11 files changed, 412 insertions, 28 deletions
diff --git a/dozentenmodulserver/pom.xml b/dozentenmodulserver/pom.xml index 5e88da74..e5ab5ae7 100644 --- a/dozentenmodulserver/pom.xml +++ b/dozentenmodulserver/pom.xml @@ -142,6 +142,12 @@ <artifactId>joda-time</artifactId> <version>2.8</version> </dependency> + <dependency> + <groupId>com.google.code.gson</groupId> + <artifactId>gson</artifactId> + <version>2.2.4</version> + <scope>compile</scope> + </dependency> </dependencies> </project> diff --git a/dozentenmodulserver/setup/sat-01-schema.sql b/dozentenmodulserver/setup/sat-01-schema.sql index e6de9010..08a63be8 100644 --- a/dozentenmodulserver/setup/sat-01-schema.sql +++ b/dozentenmodulserver/setup/sat-01-schema.sql @@ -187,6 +187,7 @@ CREATE TABLE IF NOT EXISTS `lecture` ( `updaterid` char(36) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, `runscript` text DEFAULT NULL, `nics` VARCHAR(200) CHARACTER SET ascii COLLATE ascii_bin NULL COMMENT 'Freeform text field for future extendability. Format is specified at application layer.', + `netrules` text DEFAULT NULL COMMENT 'user defined firewall rules, applied at the linux base system.', `isexam` tinyint(1) NOT NULL, `hasinternetaccess` tinyint(1) NOT NULL, `caneditdefault` tinyint(1) NOT NULL, @@ -197,16 +198,6 @@ CREATE TABLE IF NOT EXISTS `lecture` ( KEY `fk_lecture_3_idx` (`updaterid`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; -CREATE TABLE IF NOT EXISTS `lecturenetrule` ( - `ruleid` int(11) NOT NULL AUTO_INCREMENT, - `lectureid` char(36) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, - `direction` enum('IN','OUT') NOT NULL, - `host` varchar(45) NOT NULL, - `port` INT NULL, - PRIMARY KEY (`ruleid`), - KEY `fk_lecturenetrule_1_idx` (`lectureid`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; - CREATE TABLE IF NOT EXISTS `lecturepermission` ( `lectureid` char(36) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, `userid` char(36) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, @@ -314,9 +305,6 @@ ALTER TABLE `lecture` ADD CONSTRAINT `fk_lecture_owner` FOREIGN KEY (`ownerid`) REFERENCES `user` (`userid`) ON UPDATE CASCADE, ADD CONSTRAINT `fk_lecture_updater` FOREIGN KEY (`updaterid`) REFERENCES `user` (`userid`) ON UPDATE CASCADE; -ALTER TABLE `lecturenetrule` - ADD CONSTRAINT `fk_lecturenetrule_1` FOREIGN KEY (`lectureid`) REFERENCES `lecture` (`lectureid`) ON UPDATE CASCADE ON DELETE CASCADE; - ALTER TABLE `lecturepermission` ADD CONSTRAINT `fk_lecturepermission_1` FOREIGN KEY (`lectureid`) REFERENCES `lecture` (`lectureid`) ON UPDATE CASCADE ON DELETE CASCADE, ADD CONSTRAINT `fk_lecturepermission_2` FOREIGN KEY (`userid`) REFERENCES `user` (`userid`) ON UPDATE CASCADE ON DELETE CASCADE; diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/Paginator.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/Paginator.java new file mode 100644 index 00000000..285d7aa3 --- /dev/null +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/Paginator.java @@ -0,0 +1,11 @@ +package org.openslx.bwlp.sat.database; + +public class Paginator { + + public static final int PER_PAGE = 200; + + public static String limitStatement(int page) { + return " LIMIT " + (page * PER_PAGE) + ", " + PER_PAGE; + } + +} diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java index 4dae8039..1fb19121 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java @@ -47,6 +47,7 @@ public class DbImage { */ public static List<ImageSummaryRead> getAllVisible(UserInfo user, List<String> tagSearch) throws SQLException { + // TODO: Implement tag search functionality try (MysqlConnection connection = Database.getConnection()) { MysqlStatement stmt = connection.prepareStatement("SELECT" + " i.imagebaseid, i.currentversionid, i.latestversionid, i.displayname," @@ -243,7 +244,7 @@ public class DbImage { + " SET ownerid = :ownerid WHERE imagebaseid = :baseid"); stmt.setString("ownerid", newOwnerId); stmt.setString("baseid", imageBaseId); - stmt.executeQuery(); + stmt.executeUpdate(); connection.commit(); } catch (SQLException e) { LOGGER.error("Query failed in DbImage.setImageOwner()", e); @@ -291,6 +292,14 @@ public class DbImage { return ShareMode.valueOf(string); } + /** + * Update meta data of a specific image version. + * + * @param user user doing the edit + * @param imageVersionId UUID of image version + * @param image meta data to set + * @throws SQLException + */ public static void updateImageVersion(UserInfo user, String imageVersionId, ImageVersionWrite image) throws SQLException { try (MysqlConnection connection = Database.getConnection()) { @@ -302,7 +311,7 @@ public class DbImage { stmt.setString("userid", user.userId); stmt.setBoolean("isenabled", image.isEnabled); stmt.setBoolean("isrestricted", image.isRestricted); - stmt.executeQuery(); + stmt.executeUpdate(); connection.commit(); } catch (SQLException e) { LOGGER.error("Query failed in DbImage.updateImageVersion()", e); @@ -310,4 +319,27 @@ public class DbImage { } } + /** + * Mark given image for deletion. The image is marked for deletion by + * setting the expire timestamp to the current date, and by setting the + * image disabled and invalid. Next time the cleanup task runs, the image + * will be deleted. + * + * @param imageVersionId UUID of image version to delete + * @throws SQLException + */ + public static void markForDeletion(String imageVersionId) throws SQLException { + try (MysqlConnection connection = Database.getConnection()) { + MysqlStatement stmt = connection.prepareStatement("UPDATE imageversion SET" + + " expiretime = UNIX_TIMESTAMP() - 1, isenabled = 0, isvalid = 0" + + " WHERE imageversionid = :versionid"); + stmt.setString("versionid", imageVersionId); + stmt.executeUpdate(); + connection.commit(); + } catch (SQLException e) { + LOGGER.error("Query failed in DbImage.markForDeletion()", e); + throw e; + } + } + } diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImagePermissions.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImagePermissions.java index 9f089b42..7f8bf33f 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImagePermissions.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImagePermissions.java @@ -101,4 +101,31 @@ public class DbImagePermissions { } } + public static void writeForImageBase(String imageBaseId, Map<String, ImagePermissions> permissions) + throws SQLException { + try (MysqlConnection connection = Database.getConnection()) { + MysqlStatement stmt = connection.prepareStatement("DELETE FROM imagepermission" + + " WHERE imagebaseid = :baseid"); + stmt.setString("imagebaseid", imageBaseId); + stmt.executeUpdate(); + stmt = connection.prepareStatement("INSERT INTO imagepermission" + + " (imagebaseid, userid, canlink, candownload, canedit, canadmin)" + + " VALUES (:baseid, :userid, :canlink, :candownload, :canedit, :canadmin)"); + stmt.setString("baseid", imageBaseId); + for (Map.Entry<String, ImagePermissions> entry : permissions.entrySet()) { + ImagePermissions perm = entry.getValue(); + stmt.setString("userid", entry.getKey()); + stmt.setBoolean("canlink", perm.link); + stmt.setBoolean("candownload", perm.download); + stmt.setBoolean("canedit", perm.edit); + stmt.setBoolean("canadmin", perm.admin); + stmt.executeUpdate(); + } + connection.commit(); + } catch (SQLException e) { + LOGGER.error("Query failed in DbImagePermissions.writeForImageBase()", e); + throw e; + } + } + } diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java new file mode 100644 index 00000000..7f2fa4c5 --- /dev/null +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java @@ -0,0 +1,137 @@ +package org.openslx.bwlp.sat.database.mappers; + +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.UUID; + +import org.apache.log4j.Logger; +import org.openslx.bwlp.sat.database.Database; +import org.openslx.bwlp.sat.database.MysqlConnection; +import org.openslx.bwlp.sat.database.MysqlStatement; +import org.openslx.bwlp.sat.util.Json; +import org.openslx.bwlp.thrift.iface.LecturePermissions; +import org.openslx.bwlp.thrift.iface.LectureSummary; +import org.openslx.bwlp.thrift.iface.LectureWrite; +import org.openslx.bwlp.thrift.iface.TNotFoundException; +import org.openslx.bwlp.thrift.iface.UserInfo; + +public class DbLecture { + + private static final Logger LOGGER = Logger.getLogger(DbLecture.class); + + public static String create(UserInfo user, LectureWrite lecture) throws SQLException { + try (MysqlConnection connection = Database.getConnection()) { + MysqlStatement stmt = connection.prepareStatement("INSERT INTO lecture" + + " (lectureid, displayname, description, imageversionid, autoupdate," + + " isenabled, starttime, endtime, createtime, updatetime," + + " ownerid, updaterid, runscript, nics, netrules, isexam," + + " hasinternetaccess, caneditdefault, canadmindefault)" + + " VALUES " + + " (:lectureid, '<defunct>', '<defunct>', :imageversionid, 0," + + " 0, 0, 0, UNIX_TIMESTAMP(), UNIX_TIMESTAMP()," + + " :userid, :userid, NULL, NULL, NULL, 0, 0, 0, 0)"); + String lectureId = UUID.randomUUID().toString(); + stmt.setString("lectureid", lectureId); + stmt.setString("imageversionid", lecture.imageVersionId); + stmt.setString("userid", user.userId); + stmt.executeUpdate(); + update(connection, user, lectureId, lecture); + connection.commit(); + return lectureId; + } catch (SQLException e) { + LOGGER.error("Query failed in DbLecture.create()", e); + throw e; + } + } + + public static void setOwner(UserInfo user, String lectureId, String newOwnerId) throws SQLException { + try (MysqlConnection connection = Database.getConnection()) { + MysqlStatement stmt = connection.prepareStatement("UPDATE lecture" + + " SET ownerid = :ownerid, updaterid = :userid, updatetime = UNIX_TIMESTAMP()" + + " WHERE lectureid = :lectureid"); + stmt.setString("ownerid", newOwnerId); + stmt.setString("userid", user.userId); + stmt.setString("lectureid", lectureId); + stmt.executeUpdate(); + connection.commit(); + } catch (SQLException e) { + LOGGER.error("Query failed in DbLecture.setOwner()", e); + throw e; + } + } + + public static void update(UserInfo user, String lectureId, LectureWrite lecture) throws SQLException { + try (MysqlConnection connection = Database.getConnection()) { + update(connection, user, lectureId, lecture); + connection.commit(); + } catch (SQLException e) { + LOGGER.error("Query failed in DbLecture.update()", e); + throw e; + } + } + + private static void update(MysqlConnection connection, UserInfo user, String lectureId, + LectureWrite lecture) throws SQLException { + String nicsJson = Json.serialize(lecture.nics); + String netruleJson = Json.serialize(lecture.networkExceptions); + MysqlStatement stmt = connection.prepareStatement("UPDATE lecture SET " + + " displayname = :displayname, description = :description, imageversionid = :imageversionid," + + " autoupdate = :autoupdate, isenabled = :isenabled, starttime = :starttime," + + " endtime = :endtime, createtime = :createtime, updatetime = :updatetime," + + " updaterid = :updaterid, runscript = :runscript, nics = :nics," + + " netrules = :netrules, isexam = :isexam, hasinternetaccess = :hasinternetaccess," + + " caneditdefault = :caneditdefault, canadmindefault = :canadmindefault" + + " WHERE lectureid = :lectureid"); + stmt.setString("lectureid", lectureId); + stmt.setString("displayname", lecture.lectureName); + stmt.setString("description", lecture.description); + stmt.setString("imageversionid", lecture.imageVersionId); + stmt.setBoolean("autoupdate", lecture.autoUpdate); + stmt.setBoolean("isenabled", lecture.isEnabled); + stmt.setLong("starttime", lecture.startTime); + stmt.setLong("endtime", lecture.endTime); + stmt.setString("updaterid", user.userId); + stmt.setString("runscript", lecture.runscript); + stmt.setString("nics", nicsJson); + stmt.setString("netrules", netruleJson); + stmt.setBoolean("isexam", lecture.isExam); + stmt.setBoolean("hasinternetaccess", lecture.hasInternetAccess); + stmt.setBoolean("caneditdefault", lecture.defaultPermissions.edit); + stmt.setBoolean("canadmindefault", lecture.defaultPermissions.admin); + stmt.executeUpdate(); + } + + public static LectureSummary getLectureSummary(UserInfo user, String lectureId) throws SQLException, + TNotFoundException { + try (MysqlConnection connection = Database.getConnection()) { + MysqlStatement stmt = connection.prepareStatement("SELECT" + + " l.lectureid, l.displayname AS lecturename, l.imageversionid, l.isenabled," + + " l.starttime, l.endtime, l.lastused, l.usecount, l.ownerid, l.updaterid," + + " l.isexam, l.hasinternetaccess, l.caneditdefault, l.canadmindefault," + + " perm.canedit, perm.canadmin" + + " LEFT JOIN lecturepermission perm ON (perm.lectureid = l.lectureid AND perm.userid = :userid)" + + " WHERE lectureid = :lectureid"); + stmt.setString("lectureid", lectureId); + stmt.setString("userid", user.userId); + ResultSet rs = stmt.executeQuery(); + if (!rs.next()) + throw new TNotFoundException(); + return resultSetToSummary(rs); + } catch (SQLException e) { + LOGGER.error("Query failed in DbLecture.getLectureSummary()", e); + throw e; + } + } + + private static LectureSummary resultSetToSummary(ResultSet rs) throws SQLException { + LecturePermissions defaultPermissions = DbLecturePermissions.fromResultSetDefault(rs); + LectureSummary entry = new LectureSummary(rs.getString("lectureid"), rs.getString("lecturename"), + rs.getString("imageversionid"), null, rs.getBoolean("isenabled"), rs.getLong("starttime"), + rs.getLong("endtime"), rs.getLong("lastused"), rs.getInt("usecount"), + rs.getString("ownerid"), rs.getString("updaterid"), rs.getBoolean("isexam"), + rs.getBoolean("hasinternetaccess"), defaultPermissions, false); + entry.userPermissions = DbLecturePermissions.fromResultSetUser(rs); + return entry; + } + +} diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecturePermissions.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecturePermissions.java new file mode 100644 index 00000000..e8bd8a07 --- /dev/null +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecturePermissions.java @@ -0,0 +1,63 @@ +package org.openslx.bwlp.sat.database.mappers; + +import java.sql.ResultSet; +import java.sql.SQLException; + +import org.openslx.bwlp.thrift.iface.LecturePermissions; + +public class DbLecturePermissions { + + /** + * Build an instance of {@link LecturePermissions} by reading the given + * columns from the given {@link ResultSet}. If there are no permissions + * given in the ResultSet, <code>null</code> is returned. + * + * @param rs the {@link ResultSet} to read from + * @param canLink Name of the column to read the "can link" permission from + * @param canDownload Name of the column to read the "can download" + * permission from + * @param canEdit Name of the column to read the "can edit" permission from + * @param canAdmin Name of the column to read the "can admin" permission + * from + * @return instance of {@link LecturePermissions}, or <code>null</code> + * @throws SQLException + */ + private static LecturePermissions fromResultSet(ResultSet rs, String canEdit, String canAdmin) + throws SQLException { + boolean edit = rs.getBoolean(canEdit); + if (rs.wasNull()) + return null; + return new LecturePermissions(edit, rs.getBoolean(canAdmin)); + } + + /** + * Build an instance of {@link LecturePermissions} by reading the + * columns <code>canlink</code>, <code>candownload</code>, + * <code>canedit</code>, <code>canadmin</code> from the given + * {@link ResultSet}. If there are no permissions + * given in the ResultSet, <code>null</code> is returned. + * + * @param rs the {@link ResultSet} to read from + * @return instance of {@link LecturePermissions}, or <code>null</code> + * @throws SQLException + */ + public static LecturePermissions fromResultSetUser(ResultSet rs) throws SQLException { + return fromResultSet(rs, "canedit", "canadmin"); + } + + /** + * Build an instance of {@link LecturePermissions} by reading the + * columns <code>canlinkdefault</code>, <code>candownloaddefault</code>, + * <code>caneditdefault</code>, <code>canadmindefault</code> from the given + * {@link ResultSet}. If there are no permissions + * given in the ResultSet, <code>null</code> is returned. + * + * @param rs the {@link ResultSet} to read from + * @return instance of {@link LecturePermissions}, or <code>null</code> + * @throws SQLException + */ + public static LecturePermissions fromResultSetDefault(ResultSet rs) throws SQLException { + return fromResultSet(rs, "caneditdefault", "canadmindefault"); + } + +} diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java index d7cabe47..451b3217 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java @@ -9,6 +9,7 @@ import org.apache.log4j.Logger; import org.openslx.bwlp.sat.database.Database; import org.openslx.bwlp.sat.database.MysqlConnection; import org.openslx.bwlp.sat.database.MysqlStatement; +import org.openslx.bwlp.sat.database.Paginator; import org.openslx.bwlp.sat.database.models.LocalUser; import org.openslx.bwlp.thrift.iface.UserInfo; @@ -16,11 +17,9 @@ public class DbUser { private static final Logger LOGGER = Logger.getLogger(DbUser.class); - private static final int PER_PAGE = 200; - /** * Get all users, starting at page <code>page</code>. - * This function will return a maximum of {@link #PER_PAGE}(200) results, so + * This function will return a maximum of {@link #PER_PAGE} results, so * you might need to call this method several times. * * @param page Page to return. The first page is page 0. @@ -30,10 +29,9 @@ public class DbUser { public static List<UserInfo> getAll(int page) throws SQLException { if (page < 0) return new ArrayList<>(1); - final int offset = page * 200; try (MysqlConnection connection = Database.getConnection()) { MysqlStatement stmt = connection.prepareStatement("SELECT userid, firstname, lastname, email, organizationid" - + " FROM user ORDER BY userid ASC LIMIT " + offset + ", " + PER_PAGE); + + " FROM user ORDER BY userid ASC " + Paginator.limitStatement(page)); ResultSet rs = stmt.executeQuery(); List<UserInfo> list = new ArrayList<>(); while (rs.next()) { diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java index fc3241a9..2ffd281a 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java @@ -3,7 +3,9 @@ package org.openslx.bwlp.sat.permissions; import java.sql.SQLException; import java.util.Map; +import org.apache.log4j.Logger; import org.openslx.bwlp.sat.database.mappers.DbImage; +import org.openslx.bwlp.sat.database.mappers.DbLecture; import org.openslx.bwlp.sat.database.mappers.DbOrganization; import org.openslx.bwlp.sat.database.mappers.DbUser; import org.openslx.bwlp.sat.database.models.LocalOrganization; @@ -11,6 +13,8 @@ import org.openslx.bwlp.sat.database.models.LocalUser; import org.openslx.bwlp.thrift.iface.AuthorizationError; import org.openslx.bwlp.thrift.iface.ImagePermissions; import org.openslx.bwlp.thrift.iface.ImageSummaryRead; +import org.openslx.bwlp.thrift.iface.LecturePermissions; +import org.openslx.bwlp.thrift.iface.LectureSummary; import org.openslx.bwlp.thrift.iface.Role; import org.openslx.bwlp.thrift.iface.TAuthorizationException; import org.openslx.bwlp.thrift.iface.TInternalServerError; @@ -20,6 +24,8 @@ import org.openslx.util.TimeoutHashMap; public class User { + private static final Logger LOGGER = Logger.getLogger(User.class); + public static enum Permission { LINK, DOWNLOAD, @@ -44,6 +50,24 @@ public class User { return false; } + private static boolean canActionLecture(UserInfo user, Permission checkPerm, + LecturePermissions... lecturePermissions) { + if (checkPerm == Permission.DOWNLOAD || checkPerm == Permission.LINK) { + LOGGER.warn("Invalid permission check for lecture: " + checkPerm, new RuntimeException( + "Here's your stack trace")); + return false; + } + for (LecturePermissions perm : lecturePermissions) { + if (perm == null) + continue; + if (checkPerm == Permission.EDIT) + return perm.edit; + if (checkPerm == Permission.ADMIN) + return perm.admin; + } + return false; + } + /** * Cache local user data, might be called quite often. */ @@ -218,11 +242,37 @@ public class User { public static void hasImageVersionPermissionOrFail(UserInfo user, String imageVersionId, Permission permission) throws TAuthorizationException, TInternalServerError, TNotFoundException { if (!hasImageVersionPermission(user, imageVersionId, permission)) { - throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, "Required permission: " + throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, "Required image permission: " + permission.toString()); } } + public static boolean hasLecturePermission(UserInfo user, String lectureId, Permission permission) + throws TInternalServerError, TNotFoundException { + if (user.role != Role.TUTOR) + return false; + // Check general permissions + LectureSummary lecture; + try { + lecture = DbLecture.getLectureSummary(user, lectureId); + } catch (SQLException e) { + throw new TInternalServerError(); + } + // Owner has all permissions + if (lecture.ownerId.equals(user.userId)) + return true; + return canActionLecture(user, permission, lecture.userPermissions, lecture.defaultPermissions) + || isSuperUser(user); + } + + public static void hasLecturePermissionOrFail(UserInfo user, String lectureId, Permission permission) + throws TAuthorizationException, TInternalServerError, TNotFoundException { + if (!hasLecturePermission(user, lectureId, permission)) { + throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, + "Required lecture permission: " + permission.toString()); + } + } + /** * Checks whether the given user is allowed to create new images. * @@ -239,4 +289,20 @@ public class User { "No permission to create new image"); } + /** + * Checks whether the given user is allowed to create new lectures. + * + * @param user {@link UserInfo} instance representing the user in question + * @return true or false + */ + public static boolean canCreateLecture(UserInfo user) { + return user.role == Role.TUTOR; + } + + public static void canCreateLectureOrFail(UserInfo user) throws TAuthorizationException { + if (!canCreateLecture(user)) + throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, + "No permission to create new lecture"); + } + } diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java index d4440793..cab355a7 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java @@ -9,6 +9,7 @@ import org.apache.log4j.Logger; import org.apache.thrift.TException; import org.openslx.bwlp.sat.database.mappers.DbImage; import org.openslx.bwlp.sat.database.mappers.DbImagePermissions; +import org.openslx.bwlp.sat.database.mappers.DbLecture; import org.openslx.bwlp.sat.database.mappers.DbUser; import org.openslx.bwlp.sat.fileserv.ActiveUpload; import org.openslx.bwlp.sat.fileserv.FileServer; @@ -198,7 +199,11 @@ public class ServerHandler implements SatelliteServer.Iface { TNotFoundException, TInternalServerError { UserInfo user = SessionManager.getOrFail(userToken); User.hasImageVersionPermissionOrFail(user, imageVersionId, Permission.ADMIN); - // TODO: Permissions cleared; Now mark image for deletion (set expire time in the past...) + try { + DbImage.markForDeletion(imageVersionId); + } catch (SQLException e) { + throw new TInternalServerError(); + } } @Override @@ -207,7 +212,11 @@ public class ServerHandler implements SatelliteServer.Iface { TInternalServerError { UserInfo user = SessionManager.getOrFail(userToken); User.hasImageBasePermissionOrFail(user, imageBaseId, Permission.ADMIN); - // TODO: Permissions cleared; Now write image permissions + try { + DbImagePermissions.writeForImageBase(imageBaseId, permissions); + } catch (SQLException e) { + throw new TInternalServerError(); + } } @Override @@ -235,15 +244,27 @@ public class ServerHandler implements SatelliteServer.Iface { } @Override - public String createLecture(String userToken, LectureWrite lecture) throws TAuthorizationException { - // TODO Auto-generated method stub - return null; + public String createLecture(String userToken, LectureWrite lecture) throws TAuthorizationException, + TInternalServerError { + UserInfo user = SessionManager.getOrFail(userToken); + User.canCreateLectureOrFail(user); + try { + return DbLecture.create(user, lecture); + } catch (SQLException e) { + throw new TInternalServerError(); + } } @Override public void updateLecture(String userToken, String lectureId, LectureWrite lecture) - throws TAuthorizationException, TNotFoundException { - // TODO Auto-generated method stub + throws TAuthorizationException, TNotFoundException, TInternalServerError { + UserInfo user = SessionManager.getOrFail(userToken); + User.hasLecturePermissionOrFail(user, lectureId, Permission.EDIT); + try { + DbLecture.update(user, lectureId, lecture); + } catch (SQLException e) { + throw new TInternalServerError(); + } } @Override diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/util/Json.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/util/Json.java new file mode 100644 index 00000000..fe43793a --- /dev/null +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/util/Json.java @@ -0,0 +1,35 @@ +package org.openslx.bwlp.sat.util; + +import com.google.gson.Gson; + +public class Json { + + /** + * Global static instance. The Gson object is thread-safe. + */ + private static final Gson gson = new Gson(); + + /** + * Deserialize the given json string to an instance of T. + * This will deserialize all fields, except transient ones. + * + * @param data JSON formatted data + * @param classOfData class to instantiate + * @return instanceof T + */ + public static <T> T deserialize(String data, Class<T> classOfData) { + return gson.fromJson(data, classOfData); + } + + /** + * Serialize the given POJO. All fields except transient ones will be + * serialized. + * + * @param object some object to serialize + * @return JSON formatted represenatation of <code>object</code> + */ + public static String serialize(Object object) { + return gson.toJson(object); + } + +} |