package fi.otavanopisto.muikku.rest; import javax.ejb.Stateful; import javax.enterprise.context.RequestScoped; import javax.inject.Inject; import javax.validation.ConstraintViolationException; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; import fi.otavanopisto.muikku.controller.PermissionController; import fi.otavanopisto.muikku.dao.security.PermissionDAO; import fi.otavanopisto.muikku.model.security.Permission; import fi.otavanopisto.muikku.model.security.WorkspaceGroupPermission; import fi.otavanopisto.muikku.model.users.UserGroupEntity; import fi.otavanopisto.muikku.model.workspace.WorkspaceEntity; import fi.otavanopisto.muikku.rest.model.WorkspaceUserGroupPermission; import fi.otavanopisto.muikku.schooldata.WorkspaceController; import fi.otavanopisto.muikku.security.MuikkuPermissions; import fi.otavanopisto.muikku.session.SessionController; import fi.otavanopisto.muikku.users.UserGroupEntityController; import fi.otavanopisto.security.rest.RESTPermit; import fi.otavanopisto.security.rest.RESTPermit.Handling; @Stateful @RequestScoped @Path("/permission") @Produces ("application/json") public class PermissionRESTService extends AbstractRESTService { @Inject private PermissionDAO permissionDAO; @Inject private WorkspaceController workspaceController; @Inject private UserGroupEntityController userGroupEntityController; @Inject private PermissionController permissionController; @Inject private SessionController sessionController; @PUT @Path ("/workspaceUserGroupPermissions") @RESTPermit(handling = Handling.INLINE, requireLoggedIn = true) public Response setWorkspaceUserGroupPermission(WorkspaceUserGroupPermission payload) { UserGroupEntity userGroupEntity = userGroupEntityController.findUserGroupEntityById(payload.getUserGroupId()); Permission permission = permissionDAO.findById(payload.getPermissionId()); WorkspaceEntity workspaceEntity = workspaceController.findWorkspaceEntityById(payload.getWorkspaceId()); if (!sessionController.hasPermission(MuikkuPermissions.WORKSPACE_MANAGEWORKSPACESETTINGS, workspaceEntity)) { return Response.status(Status.FORBIDDEN).build(); } if ((userGroupEntity == null) || (permission == null)) { return Response.status(Response.Status.NOT_FOUND).build(); } try { if (payload.getPermitted()) permissionController.addWorkspaceGroupPermission(workspaceEntity, userGroupEntity, permission); else { WorkspaceGroupPermission workspaceGroupPermission = permissionController.findWorkspaceGroupPermission(workspaceEntity, userGroupEntity, permission); if (workspaceGroupPermission != null) permissionController.removeWorkspaceGroupPermission(workspaceGroupPermission); else return Response.status(Response.Status.NOT_FOUND).build(); } return Response.noContent().build(); } catch (ConstraintViolationException violationException) { return getConstraintViolations(violationException); } } }