ARSnova Backend issueshttps://git.thm.de/arsnova/arsnova-backend/-/issues2019-05-28T15:32:58+02:00https://git.thm.de/arsnova/arsnova-backend/-/issues/37Implement role-based views API endpoints2019-05-28T15:32:58+02:00Daniel GerhardtImplement role-based views API endpoints* Introduction of a global `viewas` query parameter for `GET` requests.
* The security system checks if the current user is allowed to view the object as the specified role.
* A Jackson JsonView (`Public.class`, `Owner.class`, `Admin.cla...* Introduction of a global `viewas` query parameter for `GET` requests.
* The security system checks if the current user is allowed to view the object as the specified role.
* A Jackson JsonView (`Public.class`, `Owner.class`, `Admin.class`) is chosen based on this parameter to select properties for inclusion in serialization.3.0-beta1Daniel GerhardtDaniel Gerhardthttps://git.thm.de/arsnova/arsnova-backend/-/issues/36Room moderators2019-07-07T12:47:55+02:00Daniel GerhardtRoom moderatorsAllow room owners to select multiple users as moderators.
Proposal:
* Add a new property `moderators` of type `List<String>` which will contain user IDs to `Room` entity for internal use/persistence only.
* Add new API endpoints:
* ...Allow room owners to select multiple users as moderators.
Proposal:
* Add a new property `moderators` of type `List<String>` which will contain user IDs to `Room` entity for internal use/persistence only.
* Add new API endpoints:
* `GET /room/<Room ID>/moderators`
Response body: `[{"userId": "<User ID>", "roles": ["<Role>"]}]`
* `PUT /room/<Room ID>/moderators/<User ID>`
Request body: `{}` (adds default role `EXECUTIVE_MODERATOR`) or `{"roles": ["<Role>"]}`
* `DELETE /room/<Room ID>/moderators/<User ID>`
* Add new `UserFindQuerySerivce` to lookup user ID by login ID.
* Moderators have the same permissions as the owner but cannot delete the room.
* Adding different roles for moderators might be useful ~~but I wouldn't include this in an initial implementation~~.
* Roles:
* `EDITING_MODERATOR` has almost all permissions the owner has (cannot delete room).
* `EXECUTIVE_MODERATOR` has moderating permissions (delete comments/answers).
(NYI for comment micro service, 07.07.19)
@cthl58 @lmas60 @tksl38: Any thoughts?
Edit (03.06.):
Frontend-Workflow to add new mods:
1. Room owner enters `loginId` of the new mod
2. FE looks up `userId` via POST request to `/user/find`:
```
{
"properties": {
"loginId": "..."
}
}
```
3. FE receives list of users (`loginId` alone is not unique)
4. FE sends PUT request to `/room/<room ID>/moderator/<user ID>`3.0-beta1Daniel GerhardtDaniel Gerhardthttps://git.thm.de/arsnova/arsnova-backend/-/issues/21Determine how content visibility is handled related to content groups2019-07-04T15:29:48+02:00Daniel GerhardtDetermine how content visibility is handled related to content groups3.0-beta1https://git.thm.de/arsnova/arsnova-backend/-/issues/8Reimplement export and import2018-08-09T14:59:31+02:00Daniel GerhardtReimplement export and import3.0-beta1https://git.thm.de/arsnova/arsnova-backend/-/issues/7Adjust handling of non-persistent entities for API v32018-08-09T14:59:12+02:00Daniel GerhardtAdjust handling of non-persistent entities for API v3* Configuration
* Statistics* Configuration
* Statistics3.0-beta1https://git.thm.de/arsnova/arsnova-backend/-/issues/3Review and complete authorization handling2018-08-09T14:53:56+02:00Daniel GerhardtReview and complete authorization handling3.0-beta1