Merge branch 'v1.1' of git.openslx.org:openslx-ng/tutor-module into v1.1

author: Jonathan Bauer 2015-09-07 14:55:12 +0200
committer: Jonathan Bauer 2015-09-07 14:55:12 +0200
commit: ec4fe589a17b18779ea4e2d9315226c764839f44 (patch)
tree: d3bffbf52f88d77242c5a44bbb3b068d7b16e405 /dozentenmodulserver/src/main/java/org
parent: [client] ConfigWindow: when saved, change "Cancel" to "Close". If new changes... (diff)
parent: [server] Check link permissions when creating/editing lecture (diff)
download: tutor-module-ec4fe589a17b18779ea4e2d9315226c764839f44.tar.gz
tutor-module-ec4fe589a17b18779ea4e2d9315226c764839f44.tar.xz
tutor-module-ec4fe589a17b18779ea4e2d9315226c764839f44.zip
2 files changed, 33 insertions, 7 deletions
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java
index 1d06b9bc..e64366bd 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java
@@ -266,7 +266,11 @@ public class User {
 
 	public static void canEditLectureOrFail(UserInfo user, String lectureId) throws TInvocationException,
 			TNotFoundException, TAuthorizationException {
-		LectureSummary lecture = getLectureFromId(user, lectureId);
+		canEditLectureOrFail(user, getLectureFromId(user, lectureId));
+	}
+
+	public static void canEditLectureOrFail(UserInfo user, LectureSummary lecture)
+			throws TAuthorizationException {
 		if (!lecture.userPermissions.edit) {
 			throw new TAuthorizationException(AuthorizationError.NO_PERMISSION,
 					"No permission to edit this image");
@@ -298,6 +302,17 @@ public class User {
 		}
 	}
 
+	public static void canLinkToImageOrFail(UserInfo user, String imageVersionId) throws TNotFoundException,
+			TInvocationException, TAuthorizationException {
+		if (lecture.imageVersionId == null)
+			return;
+		ImageSummaryRead image = getImageFromVersionId(user, imageVersionId);
+		if (!image.userPermissions.link) {
+			throw new TAuthorizationException(AuthorizationError.NO_PERMISSION,
+					"No permission to link to this image");
+		}
+	}
+
 	public static boolean canListImages(UserInfo user) throws TAuthorizationException {
 		return isTutor(user);
 	}
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
index 72049beb..2fe65d86 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
@@ -447,11 +447,12 @@ public class ServerHandler implements SatelliteServer.Iface {
 
 	@Override
 	public String createLecture(String userToken, LectureWrite lecture) throws TAuthorizationException,
-			TInvocationException, TInvalidDateParam {
+			TInvocationException, TInvalidDateParam, TNotFoundException {
 		if (lecture == null || lecture.defaultPermissions == null)
 			throw new TInvocationException(); // TODO Own exception for this
 		UserInfo user = SessionManager.getOrFail(userToken);
 		User.canCreateLectureOrFail(user);
+		User.canLinkToImageOrFail(user, lecture.imageVersionId);
 		Sanitizer.handleLectureDates(lecture);
 		try {
 			return DbLecture.create(user, lecture);
@@ -461,14 +462,24 @@ public class ServerHandler implements SatelliteServer.Iface {
 	}
 
 	@Override
-	public void updateLecture(String userToken, String lectureId, LectureWrite lecture)
+	public void updateLecture(String userToken, String lectureId, LectureWrite newLectureData)
 			throws TAuthorizationException, TNotFoundException, TInvocationException, TInvalidDateParam {
 		UserInfo user = SessionManager.getOrFail(userToken);
-		User.canEditLectureOrFail(user, lectureId);
-		Sanitizer.handleLectureDates(lecture);
-		lecture.defaultPermissions = Sanitizer.handleLecturePermissions(lecture.defaultPermissions);
+		LectureSummary oldLecture;
+		try {
+			oldLecture = DbLecture.getLectureSummary(user, lectureId);
+		} catch (SQLException e1) {
+			throw new TInvocationException();
+		}
+		User.canEditLectureOrFail(user, oldLecture);
+		// TODO Copy empty fields in new from old
+		if (oldLecture.imageVersionId == null
+				|| !oldLecture.imageVersionId.equals(newLectureData.imageVersionId)) {
+			User.canLinkToImageOrFail(user, newLectureData.imageVersionId);
+		}
+		Sanitizer.handleLectureDates(newLectureData);
 		try {
-			DbLecture.update(user, lectureId, lecture);
+			DbLecture.update(user, lectureId, newLectureData);
 		} catch (SQLException e) {
 			throw new TInvocationException();
 		}
author	Jonathan Bauer	2015-09-07 14:55:12 +0200
committer	Jonathan Bauer	2015-09-07 14:55:12 +0200
commit	ec4fe589a17b18779ea4e2d9315226c764839f44 (patch)
tree	d3bffbf52f88d77242c5a44bbb3b068d7b16e405 /dozentenmodulserver/src/main/java/org
parent	[client] ConfigWindow: when saved, change "Cancel" to "Close". If new changes... (diff)
parent	[server] Check link permissions when creating/editing lecture (diff)
download	tutor-module-ec4fe589a17b18779ea4e2d9315226c764839f44.tar.gz tutor-module-ec4fe589a17b18779ea4e2d9315226c764839f44.tar.xz tutor-module-ec4fe589a17b18779ea4e2d9315226c764839f44.zip