add api functionality to change session creator

8d145037 · Tom Käsler · 90e88dd2 · 8d145037 · 8d145037 · 8d145037
Commit 8d145037 authored 8 years ago by Tom Käsler
--- a/src/main/java/de/thm/arsnova/controller/SessionController.java
+++ b/src/main/java/de/thm/arsnova/controller/SessionController.java
@@ -146,6 +146,15 @@ public class SessionController extends PaginationController {
 		return sessionService.updateSession(sessionkey, session);
 	}
+	@ApiOperation(value = "change the session creator (owner)", nickname = "changeSessionCreator")
+	@RequestMapping(value = "/{sessionkey}/changecreator", method = RequestMethod.PUT)
+	public Session changeSessionCreator(
+			@ApiParam(value = "session-key from current session", required = true) @PathVariable final String sessionkey,
+			@ApiParam(value = "new session creator", required = true) @RequestBody final String newCreator
+			) {
+		return sessionService.changeSessionCreator(sessionkey, newCreator);
+	}
 	@ApiOperation(value = "Retrieves a list of Sessions",
 			nickname = "getSessions")
 	@ApiResponses(value = {

--- a/src/main/java/de/thm/arsnova/dao/CouchDBDao.java
+++ b/src/main/java/de/thm/arsnova/dao/CouchDBDao.java
@@ -1657,6 +1657,21 @@ public class CouchDBDao implements IDatabaseDao, ApplicationEventPublisherAware
 	@Override
 	@Caching(evict = { @CacheEvict("sessions"), @CacheEvict(cacheNames = "sessions", key = "#p0.keyword") })
+	public Session changeSessionCreator(Session session, final String newCreator) {
+		try {
+			final Document s = database.getDocument(session.get_id());
+			s.put("creator", newCreator);
+			database.saveDocument(s);
+			session.set_rev(s.getRev());
+		} catch (final IOException e) {
+			LOGGER.error("Could not lock session {}", session);
+		}
+		return session;
+	}
+	@Override
+	@Caching(evict = { @CacheEvict("sessions"), @CacheEvict(cacheNames="sessions", key="#p0.keyword") })
 	public void deleteSession(final Session session) {
 		try {
 			deleteDocument(session.get_id());

--- a/src/main/java/de/thm/arsnova/dao/IDatabaseDao.java
+++ b/src/main/java/de/thm/arsnova/dao/IDatabaseDao.java
@@ -143,6 +143,8 @@ public interface IDatabaseDao {
 	Session updateSession(Session session);
+	Session changeSessionCreator(Session session, String newCreator);
 	void deleteSession(Session session);
 	List<Question> getLectureQuestionsForUsers(Session session);

--- a/src/main/java/de/thm/arsnova/services/ISessionService.java
+++ b/src/main/java/de/thm/arsnova/services/ISessionService.java
@@ -62,6 +62,8 @@ public interface ISessionService {
 	Session updateSession(String sessionkey, Session session);
+	Session changeSessionCreator(String sessionkey, String newCreator);
 	Session updateSessionInternal(Session session, User user);
 	void deleteSession(String sessionkey);

--- a/src/main/java/de/thm/arsnova/services/SessionService.java
+++ b/src/main/java/de/thm/arsnova/services/SessionService.java
@@ -345,6 +345,16 @@ public class SessionService implements ISessionService, ApplicationEventPublishe
 		return databaseDao.updateSession(existingSession);
 	}
+	@Override
+	@PreAuthorize("isAuthenticated() and hasPermission(1,'motd','admin')")
+	public Session changeSessionCreator(String sessionkey, String newCreator) {
+		final Session existingSession = databaseDao.getSessionFromKeyword(sessionkey);
+		if (existingSession == null) {
+			throw new RuntimeException("Error while trying to get the session with sessionkey: " + sessionkey);
+		}
+		return databaseDao.changeSessionCreator(existingSession, newCreator);
+	}
 	/*
 	 * The "internal" suffix means it is called by internal services that have no authentication!
 	 * TODO: Find a better way of doing this...