Examples of org.olat.basesecurity.SecurityGroup

• org.olat.basesecurity.SecurityGroup
  Description:
  @author Felix Jost

    RepositoryHandler rh = RepositoryHandlerFactory.getInstance().getRepositoryHandler(importedRepositoryEntry);
    importedRepositoryEntry.setCanLaunch(rh.supportsLaunch());

    // create security group
    Manager securityManager = ManagerFactory.getManager();
    SecurityGroup newGroup = securityManager.createAndPersistSecurityGroup();
    // member of this group may modify member's membership
    securityManager.createAndPersistPolicy(newGroup, Constants.PERMISSION_ACCESS, newGroup);
    // members of this group are always authors also
    securityManager.createAndPersistPolicy(newGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_AUTHOR);
    securityManager.addIdentityToSecurityGroup(owner, newGroup);

        return;
      }

      Manager secMgr = ManagerFactory.getManager();
      //filter all admins
      SecurityGroup adminGroup = secMgr.findSecurityGroupByName(Constants.GROUP_ADMIN);
      //get all identities

      int count = 0;
      List<Identity> identitiesList = secMgr.getIdentitiesByPowerSearch(null, null, true, null, null, null, null, null, null);
      DBFactory.getInstance().intermediateCommit();

    cgm.importCourseLearningGroups(courseExportData);
    cgm.importCourseRightGroups(courseExportData);

    // create security group
    Manager securityManager = ManagerFactory.getManager();
    SecurityGroup ownerGroup = securityManager.createAndPersistSecurityGroup();
    // member of this group may modify member's membership
    securityManager.createAndPersistPolicy(ownerGroup, Constants.PERMISSION_ACCESS, ownerGroup);
    // members of this group are always authors also
    securityManager.createAndPersistPolicy(ownerGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_AUTHOR);
    securityManager.addIdentityToSecurityGroup(securityManager.findIdentityByName("administrator"), ownerGroup);

    Iterator iter = catalogEntries.iterator();
    while (iter.hasNext()) {
      CatalogEntry cate = (CatalogEntry) iter.next();
      if (cate.getType() == CatalogEntry.TYPE_LEAF) {
        RepositoryEntry repe = cate.getRepositoryEntry();
        SecurityGroup secGroup = repe.getOwnerGroup();
        if (securityManager.isIdentityInSecurityGroup(identity, secGroup)) {
          ownedEntries.add(cate);
        }
      }
    }

  private void findEntriesOf(Identity owner, CatalogEntry root, List entries) {
    /*
     * check if node is owned by identity
     */
    Manager secMgr = ManagerFactory.getManager();
    SecurityGroup owners = root.getOwnerGroup();
    if(owners!=null && secMgr.isIdentityInSecurityGroup(owner, owners)) {
      entries.add(root);
    }
    /*
     * check subtree, by visit children first strategy

  public void deleteCatalogEntry(CatalogEntry ce) {
    log.debug("deleteCatalogEntry start... ce=" + ce);
    Manager securityManager = ManagerFactory.getManager();
    if (ce.getType() == CatalogEntry.TYPE_LEAF) {
      //delete catalog entry, then delete owner group
      SecurityGroup owner = ce.getOwnerGroup();
      DBFactory.getInstance().deleteObject(ce);
      if (owner != null) {
        log.debug("deleteCatalogEntry case_1: delete owner-group=" + owner);
        securityManager.deleteSecurityGroup(owner);
      }
    } else {
      List secGroupsToBeDeleted = new ArrayList();
      //FIXME pb: the transaction must also include the deletion of the security
      // groups. Why not using this method as a recursion and seperating the
      // deletion of the ce and the groups by collecting the groups? IMHO there
      // are not less db queries. This way the code is much less clear, e.g. the method
      // deleteCatalogSubtree does not really delete the subtree, it leaves the
      // security groups behind. I would preferre to have one delete method that
      // deletes its children first by calling itself on the children and then deletes
      // itself ant its security group. The nested transaction that occures is actually
      // not a problem, the DB object can handel this.
      deleteCatalogSubtree(ce,secGroupsToBeDeleted);
      // after deleting all entries, delete all secGroups corresponding
      for (Iterator iter = secGroupsToBeDeleted.iterator(); iter.hasNext();) {
        SecurityGroup grp = (SecurityGroup) iter.next();
        log.debug("deleteCatalogEntry case_2: delete groups of deleteCatalogSubtree grp=" + grp);
        securityManager.deleteSecurityGroup(grp);
      }
    }
    log.debug("deleteCatalogEntry END");

      CatalogEntry nextCe = (CatalogEntry) iter.next();
      deleteCatalogSubtree(nextCe,secGroupsToBeDeleted);
    }
    ce = (CatalogEntry) db.loadObject(ce);
    //mark owner group for deletion.
    SecurityGroup owner = ce.getOwnerGroup();
    if (owner != null) secGroupsToBeDeleted.add(owner);
    // delete user bookmarks
    OLATResourceable ores = createOLATResouceableFor(ce);
    BookmarkManager.getInstance().deleteAllBookmarksFor(ores);
    // delete catalog entry itself

      /*
       * copy a snapshot of olatAdmins into catalogAdmins do not put
       * secMgr.findSecurityGroupByName(Constants.GROUP_ADMIN) directly into a
       * CatalogEntry!!
       */
      SecurityGroup olatAdmins = secMgr.findSecurityGroupByName(Constants.GROUP_ADMIN);
      List olatAdminIdents = secMgr.getIdentitiesOfSecurityGroup(olatAdmins);
      SecurityGroup catalogAdmins = secMgr.createAndPersistSecurityGroup();
      for (int i = 0; i < olatAdminIdents.size(); i++) {
        secMgr.addIdentityToSecurityGroup((Identity) olatAdminIdents.get(i), catalogAdmins);
      }
      /*
       * start with something called CATALOGROOT, you can rename it to whatever

    changeEmail = new ContactMessage(ureq.getIdentity());

    RepositoryManager rm = RepositoryManager.getInstance();
    // the owners of this qtiPkg
    RepositoryEntry myEntry = rm.lookupRepositoryEntry(qtiPackage.getRepresentingResourceable(), false);
    SecurityGroup qtiPkgOwners = myEntry.getOwnerGroup();

    // add qti resource owners as group
    ContactList cl = new ContactList("qtiPkgOwners");
    cl.addAllIdentites(ManagerFactory.getManager().getIdentitiesOfSecurityGroup(qtiPkgOwners));
    changeEmail.addEmailTo(cl);

    StringBuilder result = new StringBuilder();
    result.append(translate("qti.restricted.leading"));
    for (Iterator iter = referencees.iterator(); iter.hasNext();) {
      ReferenceImpl element = (ReferenceImpl) iter.next();
      // FIXME:discuss:possible performance/cache problem
      if ("CourseModule".equals(element.getSource().getResourceableTypeName())) {
        ICourse course = CourseFactory.loadCourse(element.getSource().getResourceableId());

        // the course owners

        RepositoryEntry entry = rm.lookupRepositoryEntry(course, false);
        String courseTitle = course.getCourseTitle();
        SecurityGroup owners = entry.getOwnerGroup();
        List stakeHoldersIds = ManagerFactory.getManager().getIdentitiesOfSecurityGroup(owners);

        // add stakeholders as group
        cl = new ContactList(courseTitle);
        cl.addAllIdentites(stakeHoldersIds);

      System.out.println("testSync: Identity=" + "u"+i + "created");
      DBFactory.getInstance().closeSession();
    }


    final SecurityGroup group2 = ManagerFactory.getManager().createAndPersistSecurityGroup();
    // make sure the lock has been written to the disk (tests for createOrFind see other methods)
    DBFactory.getInstance().closeSession();
    //PLock p1 = PessimisticLockManager.getInstance().findOrPersistPLock("befinsert");
    //assertNotNull(p1);