[Building Sakai] Use of GradebookService as a web service
Steve Swinsburg
steve.swinsburg at gmail.com
Mon May 21 08:00:02 PDT 2012
The code that does the permission check looks fine to me:
*public* *boolean* isUserAbleToGrade(String gradebookUid) {81
<http://source.sakaiproject.org/release/edu-services/1.1.5/xref/org/sakaiproject/tool/gradebook/facades/sakai2impl/AuthzSakai2Impl.html#81>
*return* (hasPermission(gradebookUid, PERMISSION_GRADE_ALL) ||
hasPermission(gradebookUid, PERMISSION_GRADE_SECTION));82
<http://source.sakaiproject.org/release/edu-services/1.1.5/xref/org/sakaiproject/tool/gradebook/facades/sakai2impl/AuthzSakai2Impl.html#82>
}83 <http://source.sakaiproject.org/release/edu-services/1.1.5/xref/org/sakaiproject/tool/gradebook/facades/sakai2impl/AuthzSakai2Impl.html#83>
where those permissions are:
PERMISSION_GRADE_ALL = "gradebook.gradeAll",
PERMISSION_GRADE_SECTION = "gradebook.gradeSection",
and:
*private* *boolean* hasPermission(User user, String gradebookUid,
String permission) {132
<http://source.sakaiproject.org/release/edu-services/1.1.5/xref/org/sakaiproject/tool/gradebook/facades/sakai2impl/AuthzSakai2Impl.html#132>
*return* SecurityService.unlock(user, permission,
SiteService.siteReference(gradebookUid));133
<http://source.sakaiproject.org/release/edu-services/1.1.5/xref/org/sakaiproject/tool/gradebook/facades/sakai2impl/AuthzSakai2Impl.html#133>
}
So I'd check that your user's role has the correct permissions as above.
ref: http://source.sakaiproject.org/release/edu-services/1.1.5/xref/
cheers,
Steve
On Tue, May 22, 2012 at 12:50 AM, Aaron Zeckoski <azeckoski at unicon.net>wrote:
> Yeah, that should probably check a permission like site.upd or
> section.role.instructor or something to that effect. Checking the role
> directly is definitely not the way to go.
>
> -AZ
>
>
> On Mon, May 21, 2012 at 10:42 AM, David Horwitz <david.horwitz at uct.ac.za>
> wrote:
> > Also assuming that Role.INSTRUCTOR is "Instructor" this fails on systems
> > that use other role names (for localisation or i18n)
> >
> > D
> >
> >
> > On 05/21/2012 04:32 PM, Matthew Jones wrote:
> >
> > Hmm,
> >
> > It's possible that could be a bug, try it in a course site with an
> > instructor.
> >
> > It looks like the call for isUserAbleToGrade checks specific INSTRUCTOR
> and
> > QA roles, so might not work in a project site. It should probably check
> > against the specific maintain role defined on the site as well.
> >
> > public boolean isUserAbleToGrade(String gradebookUid, String userUid) {
> > return (getSectionAwareness().isSiteMemberInRole(gradebookUid,
> > userUid, Role.INSTRUCTOR) ||
> > getSectionAwareness().isSiteMemberInRole(gradebookUid, userUid,
> Role.TA));
> > }
> >
> > Otherwise verify that in that realm that user has all permissions to
> grade.
> > This looks suspicious though.
> >
> > On Mon, May 21, 2012 at 7:16 AM, Shoji Kajita <kajita at nagoya-u.jp>
> wrote:
> >>
> >> Hi Chuck and Matthew,
> >>
> >> Thank you for your advices.
> >>
> >> I'm now taking a look on these pointers and getting close to
> >> work. However, I'm still getting the following exception:
> >>
> >> java.lang.SecurityException : User shoji attempted to access grade
> >> information for student kajita without permission in gb
> >> 8e328a23-c343-40cc-bcb0-547553b9cd46 using
> >> gradebookService.getGradesForStudentsForItem
> >>
> >> As far as I see, "shoji" has the permission to grade because he has the
> >> maintain role.
> >>
> >> Any thoughts?
> >>
> >> Best regards,
> >> Shoji
> >>
> >> At Sun, 20 May 2012 12:59:33 -0400,
> >> Charles Severance wrote:
> >> >
> >> > [1 <text/plain; us-ascii (quoted-printable)>]
> >> > Shoji,
> >> >
> >> > If you look here
> >> >
> >> >
> >> >
> https://source.sakaiproject.org/svn//basiclti/trunk/basiclti-blis/src/java/org/sakaiproject/blti/ServiceServlet.java
> >> >
> >> > You will find some simple calls to the gradebook service to set
> grades.
> >> >
> >> > Here
> >> >
> >> >
> >> >
> https://source.sakaiproject.org/svn//basiclti/trunk/basiclti-portlet/src/java/org/sakaiproject/portlets/IMSBLTIPortlet.java
> >> >
> >> > It makes gradebook items.
> >> >
> >> > I borrowed the code from the Assignments tool/
> >> >
> >> > /Chuck
> >> >
> >>
> >> At Sat, 19 May 2012 23:50:30 -0400,
> >> Matthew Jones wrote:
> >> >
> >> > Hi Shoji!
> >> >
> >> > This probably just looks like a confusing special case. You have to
> use
> >> > component manager to get the beans from the spring components, then
> cast
> >> > it
> >> > to the interfaces (apis) that are in shared.
> >> >
> >> > For gradebook, they're probably just named differently, for whatever
> >> > reason.
> >> >
> >> > Look at this webservice for some example gradebook code for getting
> >> > gradebooks and grades. Hopefully you can use this for whatever you
> need.
> >> >
> >> >
> https://source.sakaiproject.org/svn/msub/longsight.com/webservices/webservices-1.0.x/axis/src/webapp/WSLongsight.jws
> >> >
> >> >
> >> > And I think this one on confluence still works too?
> >> >
> >> >
> https://confluence.sakaiproject.org/display/~steve.swinsburg/Additional+web+services+for+Sakai#AdditionalwebservicesforSakai-SakaiGradebook
> >> >
> >> > -Matthew
> >> >
> >> > On Sat, May 19, 2012 at 10:13 PM, Shoji Kajita <kajita at nagoya-u.jp>
> >> > wrote:
> >> >
> >> > > Dear Sakai Developers,
> >> > >
> >> > > I'm trying to develop a new web service for getting information from
> >> > > Gradebook, but I have been struggling from using GradebookService.
> >> > >
> >> > > For example, I can call
> >> > >
> >> > > gradebookService.isGradebookDefined
> >> > >
> >> > > successfully when I use
> >> > >
> >> > > gradebookService = (GradebookService)
> >> > >
> >> > >
> ComponentManager.get("org.sakaiproject.service.gradebook.GradebookService");
> >> > >
> >> > > as seen in the following simple code. But, it is failed when I use
> >> > >
> >> > > gradebookService = (GradebookService)
> >> > >
> >> > >
> ComponentManager.get("org.sakaiproject.service.gradebook.shared.GradebookService");
> >> > >
> >> > > in line 31. I'm probably misunderstanding something.
> >> > >
> >> > > I really appreciate if someone gives me any pointer to address this.
> >> > >
> >> > > Best regards,
> >> > > Shoji Kajita
> >> > > Kyoto University
> >> > > ----
> >> > > 01: import org.apache.axis.AxisFault;
> >> > > 02: import org.apache.commons.logging.Log;
> >> > > 03: import org.apache.commons.logging.LogFactory;
> >> > > 04: import
> org.sakaiproject.service.gradebook.shared.GradebookService;
> >> > > 05: import org.sakaiproject.tool.api.Session;
> >> > > 06: import org.sakaiproject.tool.api.SessionManager;
> >> > > 07: import org.sakaiproject.component.cover.ComponentManager;
> >> > > 08:
> >> > > 09: public class CourseGradebook {
> >> > > 10:
> >> > > 11: private GradebookService gradebookService;
> >> > > 12: private SessionManager sessionManager;
> >> > > 13:
> >> > > 14: private static Log LOG =
> >> > > LogFactory.getLog(CourseGradebook.class);
> >> > > 15:
> >> > > 16: private Session establishSession(String sessionId) throws
> >> > > AxisFault
> >> > > 17: {
> >> > > 18: Session s = sessionManager.getSession(sessionId);
> >> > > 19:
> >> > > 20: if (s == null)
> >> > > 21: {
> >> > > 22: throw new AxisFault("Session
> \""+sessionId+"\"
> >> > > is
> >> > > not active");
> >> > > 23: }
> >> > > 24: s.setActive();
> >> > > 25: sessionManager.setCurrentSession(s);
> >> > > 26: return s;
> >> > > 27: }
> >> > > 28:
> >> > > 29: public CourseGradebook() {
> >> > > 30: // gradebookService = (GradebookService)
> >> > > ComponentManager.get(GradebookService.class.getName());
> >> > > 31: gradebookService = (GradebookService)
> >> > >
> >> > >
> ComponentManager.get("org.sakaiproject.service.gradebook.shared.GradebookService");
> >> > > 32: // gradebookService = (GradebookService)
> >> > >
> >> > >
> ComponentManager.get("org.sakaiproject.service.gradebook.GradebookService");
> >> > > 33: sessionManager = (SessionManager)
> >> > > ComponentManager.get(SessionManager.class.getName());
> >> > > 34: }
> >> > > 35:
> >> > > 36: public String getCompletedDate(String sessionId, String
> >> > > siteId)
> >> > > throws AxisFault {
> >> > > 37:
> >> > > 38: Session session = establishSession(sessionId);
> >> > > 39:
> >> > > 40: String gbID = siteId;
> >> > > 41: if (!gradebookService.isGradebookDefined(gbID)) {
> >> > > 42: System.out.println("Debug: Not found.");
> >> > > 43: return "No gradebook found for this site.";
> >> > > 44: }
> >> > > 45: return "Gradebook found for this site.";
> >> > > 46: }
> >> > > 47:
> >> > > 48: }
> >> > > -----
> >> > > _______________________________________________
> >> > > sakai-dev mailing list
> >> > > sakai-dev at collab.sakaiproject.org
> >> > > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >> > >
> >> > > TO UNSUBSCRIBE: send email to
> >> > > sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> >> > > "unsubscribe"
> >> > >
> >
> >
> >
> >
> > _______________________________________________
> > sakai-dev mailing list
> > sakai-dev at collab.sakaiproject.org
> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >
> > TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org
> > with a subject of "unsubscribe"
> >
> >
> >
> > _______________________________________________
> > sakai-dev mailing list
> > sakai-dev at collab.sakaiproject.org
> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> >
> > TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org
> > with a subject of "unsubscribe"
>
>
>
> --
> Aaron Zeckoski - Software Architect - http://tinyurl.com/azprofile
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20120522/767a978a/attachment.html
More information about the sakai-dev
mailing list