feat(Survey Unit): Anonymous user can work on unit (#306)

Co-authored-by: Hiroki Terashima <honchikun@gmail.com>
Co-authored-by: Jonathan Lim-Breitbart <breity10@gmail.com>

Author: 3 people

src/main/java/org/wise/portal/domain/run/Run.java

@@ -120,7 +120,7 @@ public interface Run extends Persistable {
 
   /**
    * Returns the period with periodName that is associated with this run
-   * 
+   *
    * @param periodName
    * @return Group the period with the periodName that is associated with this run
    * @throws <code>PeriodNotFoundException</code>
@@ -214,32 +214,42 @@ public interface Run extends Persistable {
 
   /**
    * Sets whether or not student asset uploading is enabled for this run.
-   * 
+   *
    * @return
    */
   void setStudentAssetUploaderEnabled(boolean isStudentAssetUploaderEnabled);
 
   /**
    * Returns whether or not student asset uploading is enabled for this run.
-   * 
+   *
    * @return
    */
   boolean isStudentAssetUploaderEnabled();
 
   /**
    * Sets whether or not idea manager is enabled for this run.
-   * 
+   *
    * @return
    */
   void setIdeaManagerEnabled(boolean isIdeaManagerEnabled);
 
   /**
    * Returns whether or not idea manager is enabled for this run.
-   * 
+   *
    * @return
    */
   boolean isIdeaManagerEnabled();
 
+  /**
+   * @return Whether or not the run a survey
+   */
+  boolean isSurvey();
+
+  /**
+   * @param isSurvey
+   */
+  void setIsSurvey(boolean isSurvey);
+
   /**
    * @return <code>Integer</code> maxWorkgroupSize
    */
@@ -341,7 +351,7 @@ public interface Run extends Persistable {
 
   /**
    * sets student attendance for this run
-   * 
+   *
    * @param studentAttendance
    */
   void setStudentAttendance(List<StudentAttendance> studentAttendance);
@@ -353,29 +363,29 @@ public interface Run extends Persistable {
 
   /**
    * Gets private notes for this run
-   * 
+   *
    * @return String private notes for this run
    */
   String getPrivateNotes();
 
   /**
    * Sets private notes for this run
-   * 
+   *
    * @param privateNotes
    *                       private notes for this run
    */
   void setPrivateNotes(String privateNotes);
 
   /**
    * Gets survey for this run
-   * 
+   *
    * @return String survey for this run
    */
   String getSurvey();
 
   /**
    * Sets survey for this run
-   * 
+   *
    * @return String survey for this run
    */
   void setSurvey(String survey);

src/main/java/org/wise/portal/domain/run/impl/RunImpl.java

@@ -100,6 +100,9 @@ public class RunImpl implements Run {
   @Transient
   private static final String COLUMN_NAME_EXTRAS = "extras";
 
+  @Transient
+  private static final String COLUMN_NAME_IS_SURVEY = "isSurvey";
+
   @Transient
   private static final String COLUMN_NAME_MAX_WORKGROUP_SIZE = "maxWorkgroupSize";
 
@@ -199,6 +202,9 @@ public class RunImpl implements Run {
   @Setter
   private String info; // other info pertaining to the run
 
+  @Column(name = COLUMN_NAME_IS_SURVEY)
+  private boolean isSurvey;
+
   @Column(name = COLUMN_NAME_MAX_WORKGROUP_SIZE, nullable = true)
   @Getter
   @Setter
@@ -427,7 +433,7 @@ public static class UserAlphabeticalComparator implements Comparator<User> {
 
     /**
      * Compares the user names of two User objects
-     * 
+     *
      * @param user1
      *                a user object
      * @param user2
@@ -480,4 +486,12 @@ public boolean isLockedAfterEndDate() {
   public void setLockedAfterEndDate(boolean isLockedAfterEndDate) {
     this.isLockedAfterEndDate = isLockedAfterEndDate;
   }
+
+  public boolean isSurvey() {
+    return isSurvey;
+  }
+
+  public void setIsSurvey(boolean isSurvey) {
+    this.isSurvey = isSurvey;
+  }
 }

src/main/java/org/wise/portal/domain/run/impl/RunParameters.java

@@ -30,7 +30,6 @@
 import org.wise.portal.domain.project.Project;
 import org.wise.portal.domain.user.User;
 
-import java.io.Serializable;
 import java.util.*;
 
 /**
@@ -70,6 +69,8 @@ public class RunParameters implements Serializable {
 
   private Boolean isLockedAfterEndDate = false;
 
+  private boolean isSurvey = false;
+
   public String printAllPeriods() {
     String allPeriods = null;
 

src/main/java/org/wise/portal/domain/user/User.java

@@ -48,6 +48,8 @@ public interface User extends Persistable, Comparable<User> {
 
   boolean isStudent();
 
+  boolean isSurveyStudent();
+
   boolean isTeacher();
 
   boolean isTrustedAuthor();

src/main/java/org/wise/portal/domain/user/impl/UserImpl.java

@@ -78,6 +78,10 @@ public boolean isStudent() {
     return userDetails.hasGrantedAuthority(UserDetailsService.STUDENT_ROLE);
   }
 
+  public boolean isSurveyStudent() {
+    return userDetails.hasGrantedAuthority(UserDetailsService.SURVEY_STUDENT_ROLE);
+  }
+
   public boolean isTeacher() {
     return userDetails.hasGrantedAuthority(UserDetailsService.TEACHER_ROLE);
   }
@@ -111,6 +115,9 @@ public List<String> getRoles() {
     if (this.isStudent()) {
       roles.add("student");
     }
+    if (this.isSurveyStudent()) {
+      roles.add("surveyStudent");
+    }
     return roles;
   }
 

src/main/java/org/wise/portal/presentation/web/controllers/InformationController.java

@@ -679,6 +679,7 @@ private void getRunConfigParameters(HttpServletRequest request, JSONObject confi
     config.put("startTime", run.getStartTimeMilliseconds());
     config.put("endTime", run.getEndTimeMilliseconds());
     config.put("isLockedAfterEndDate", run.isLockedAfterEndDate());
+    config.put("isSurvey", run.isSurvey());
   }
 
   private void printConfigToResponse(HttpServletResponse response, JSONObject config)
@@ -785,6 +786,7 @@ private void addDummyUserInfoToConfig(JSONObject config) {
 
   /**
    * Gets the workgroup for the logged in user
+   * 
    * @param run
    * @return Workgroup for the logged in user
    */

src/main/java/org/wise/portal/presentation/web/controllers/run/RunInfoAPIController.java

@@ -62,6 +62,7 @@ private HashMap<String, Object> getRunInfo(Run run) {
     info.put("teacherFirstName", owner.getUserDetails().getFirstname());
     info.put("teacherLastName", owner.getUserDetails().getLastname());
     info.put("wiseVersion", run.getProject().getWiseVersion());
+    info.put("isSurvey", run.isSurvey());
     return info;
   }
 

src/main/java/org/wise/portal/presentation/web/controllers/survey/SurveyAPIController.java

@@ -0,0 +1,150 @@
+package org.wise.portal.presentation.web.controllers.survey;
+
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import org.wise.portal.dao.ObjectNotFoundException;
+import org.wise.portal.domain.PeriodNotFoundException;
+import org.wise.portal.domain.RunHasEndedException;
+import org.wise.portal.domain.StudentUserAlreadyAssociatedWithRunException;
+import org.wise.portal.domain.authentication.Gender;
+import org.wise.portal.domain.authentication.impl.StudentUserDetails;
+import org.wise.portal.domain.project.impl.Projectcode;
+import org.wise.portal.domain.run.Run;
+import org.wise.portal.domain.user.User;
+import org.wise.portal.service.authentication.AuthorityNotFoundException;
+import org.wise.portal.service.authentication.DuplicateUsernameException;
+import org.wise.portal.service.authentication.UserDetailsService;
+import org.wise.portal.service.run.RunService;
+import org.wise.portal.service.student.StudentService;
+import org.wise.portal.service.user.UserService;
+import org.wise.portal.service.workgroup.WorkgroupService;
+
+import java.io.IOException;
+import java.util.Date;
+import java.util.Locale;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+
+@RestController
+@RequestMapping("/run-survey")
+public class SurveyAPIController {
+  @Autowired
+  private AuthenticationManager authenticationManager;
+
+  @Autowired
+  private RunService runService;
+
+  @Autowired
+  private StudentService studentService;
+
+  @Autowired
+  private UserDetailsService userDetailsService;
+
+  @Autowired
+  private UserService userService;
+
+  @Autowired
+  private WorkgroupService workgroupService;
+
+  @GetMapping("/{code}")
+  public void launchSurveyRun(@PathVariable String code, HttpServletResponse response,
+      HttpServletRequest request) throws AuthorityNotFoundException, IOException,
+      DuplicateUsernameException, ObjectNotFoundException, PeriodNotFoundException,
+      StudentUserAlreadyAssociatedWithRunException, RunHasEndedException {
+    Projectcode projectCode = new Projectcode(code);
+    Run run = runService.retrieveRunByRuncode(projectCode.getRuncode());
+    if (run.isSurvey() && isActive(run)) {
+      handleSurveyLaunched(response, request, run, projectCode);
+    } else {
+      sendRedirect(response, "/");
+    }
+  }
+
+  private boolean isActive(Run run) {
+    Date now = new Date();
+    Date endTime = run.getEndtime();
+    return run.getStarttime().before(now) && (endTime == null || endTime.after(now));
+  }
+
+  private void handleSurveyLaunched(HttpServletResponse response, HttpServletRequest request,
+      Run run, Projectcode projectCode) throws AuthorityNotFoundException, IOException,
+      DuplicateUsernameException, ObjectNotFoundException, PeriodNotFoundException,
+      StudentUserAlreadyAssociatedWithRunException, RunHasEndedException {
+
+    Object principal = getSecurityContextHolderPrincipal();
+    if (principal instanceof StudentUserDetails
+        && isStudentAssociatedWithRun(run, (StudentUserDetails) principal)) {
+      sendRedirect(response, "/student/unit/" + run.getId());
+      return;
+    } else {
+      SecurityContextHolder.getContext().setAuthentication(null);
+    }
+    if (underWorkgroupLimit(run)) {
+      String password = RandomStringUtils.randomAlphanumeric(10);
+      User user = this.createNewStudentAccount(request.getLocale(), password);
+      loginStudent(request, user, password);
+      studentService.addStudentToRun(user, projectCode);
+      sendRedirect(response, "/student/unit/" + run.getId());
+    } else {
+      sendRedirect(response, "/survey/workgroupLimitReached");
+    }
+  }
+
+  private void sendRedirect(HttpServletResponse response, String redirectUrl) throws IOException {
+    response.sendRedirect(redirectUrl);
+  }
+
+  private Object getSecurityContextHolderPrincipal() {
+    return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+  }
+
+  private boolean isStudentAssociatedWithRun(Run run, StudentUserDetails principal) {
+    return run.isStudentAssociatedToThisRun(userService.retrieveStudentById((principal).getId()));
+  }
+
+  private boolean underWorkgroupLimit(Run run) {
+    return workgroupService.getWorkgroupsForRun(run).size() <= 1000;
+  }
+
+  private void loginStudent(HttpServletRequest request, User user, String password) {
+    UsernamePasswordAuthenticationToken authReq = new UsernamePasswordAuthenticationToken(
+        user.getUserDetails().getUsername(), password);
+    Authentication auth = authenticationManager.authenticate(authReq);
+    SecurityContext sc = SecurityContextHolder.getContext();
+    sc.setAuthentication(auth);
+    HttpSession session = request.getSession(true);
+    session.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, sc);
+  }
+
+  private User createNewStudentAccount(Locale locale, String password)
+      throws AuthorityNotFoundException, DuplicateUsernameException {
+    StudentUserDetails sud = new StudentUserDetails();
+    sud.setFirstname("survey_student_" + RandomStringUtils.randomAlphanumeric(10));
+    sud.setLastname(RandomStringUtils.randomAlphanumeric(10));
+    sud.setBirthday(new Date());
+    sud.setPassword(password);
+    sud.setGender(Gender.UNSPECIFIED);
+    sud.setEmailAddress("null@null.com");
+    sud.setLanguage(locale.getLanguage());
+    sud.setNumberOfLogins(1);
+    sud.setLastLoginTime(new Date());
+
+    User user = userService.createUser(sud);
+    user.getUserDetails().addAuthority(
+        userDetailsService.loadAuthorityByName(UserDetailsService.SURVEY_STUDENT_ROLE));
+    return user;
+  }
+}

src/main/java/org/wise/portal/presentation/web/controllers/teacher/TeacherAPIController.java

@@ -255,6 +255,7 @@ private List<Integer> getSharedOwnerPermissionsList(Run run, User user) {
   @PostMapping("/run/create")
   HashMap<String, Object> createRun(Authentication auth, HttpServletRequest request,
       @RequestParam("projectId") Long projectId, @RequestParam("periods") String periods,
+      @RequestParam boolean isSurvey,
       @RequestParam("maxStudentsPerTeam") Integer maxStudentsPerTeam,
       @RequestParam("startDate") Long startDate,
       @RequestParam(value = "endDate", required = false) Long endDate,
@@ -263,8 +264,8 @@ HashMap<String, Object> createRun(Authentication auth, HttpServletRequest reques
     User user = userService.retrieveUserByUsername(auth.getName());
     Locale locale = request.getLocale();
     Set<String> periodNames = createPeriodNamesSet(periods);
-    Run run = runService.createRun(projectId, user, periodNames, maxStudentsPerTeam, startDate,
-        endDate, isLockedAfterEndDate, locale);
+    Run run = runService.createRun(projectId, user, periodNames, isSurvey, maxStudentsPerTeam,
+        startDate, endDate, isLockedAfterEndDate, locale);
     return getRunMap(user, run);
   }
 

src/main/java/org/wise/portal/presentation/web/controllers/user/UserAPIController.java

@@ -30,7 +30,6 @@
 import org.wise.portal.domain.authentication.MutableUserDetails;
 import org.wise.portal.domain.authentication.impl.StudentUserDetails;
 import org.wise.portal.domain.authentication.impl.TeacherUserDetails;
-import org.wise.portal.domain.group.Group;
 import org.wise.portal.domain.project.Project;
 import org.wise.portal.domain.run.Run;
 import org.wise.portal.domain.user.User;
@@ -262,6 +261,7 @@ protected HashMap<String, Object> getRunMap(User user, Run run) {
     HashMap<String, Object> map = new HashMap<String, Object>();
     map.put("id", run.getId());
     map.put("name", run.getName());
+    map.put("isSurvey", run.isSurvey());
     map.put("maxStudentsPerTeam", run.getMaxWorkgroupSize());
     map.put("runCode", run.getRuncode());
     map.put("startTime", run.getStartTimeMilliseconds());