Merge remote-tracking branch 'origin/master'

1 year ago · 3cef176347
parent d9c0291290 b11445c6a0
commit 3cef176347
4 changed files with 21 additions and 10 deletions
--- a/src/CoreBundle/Controller/ResourceController.php
+++ b/src/CoreBundle/Controller/ResourceController.php
@ -146,9 +146,10 @@ class ResourceController extends AbstractResourceController implements CourseCon

        $user = $this->userHelper->getCurrent();
        $firstResourceLink = $resourceNode->getResourceLinks()->first();
-        if ($firstResourceLink && $user) {
+        $firstResourceFile = $resourceNode->getResourceFiles()->first();
+        if ($firstResourceLink && $user && $firstResourceFile) {
            $resourceLinkId = $firstResourceLink->getId();
-            $url = $resourceNode->getResourceFiles()->first()->getOriginalName();
+            $url = $firstResourceFile->getOriginalName();
            $downloadRepository = $entityManager->getRepository(TrackEDownloads::class);
            $downloadRepository->saveDownload($user->getId(), $resourceLinkId, $url);
        }
--- a/src/CoreBundle/DataFixtures/SettingsCurrentFixtures.php
+++ b/src/CoreBundle/DataFixtures/SettingsCurrentFixtures.php
@ -1302,6 +1302,11 @@ class SettingsCurrentFixtures extends Fixture implements FixtureGroupInterface
                    'title' => 'Time limit for password reset token',
                    'comment' => 'The number of seconds before the generated token automatically expires and cannot be used anymore (a new token needs to be generated).',
                ],
+                [
+                    'name' => 'access_to_personal_file_for_all',
+                    'title' => 'Access to personal file for all',
+                    'comment' => 'Allows access to all personal files without restriction',
+                ],
            ],
            'tracking' => [
                [
--- a/src/CoreBundle/Security/Authorization/Voter/ResourceNodeVoter.php
+++ b/src/CoreBundle/Security/Authorization/Voter/ResourceNodeVoter.php
@ -11,6 +11,7 @@ use Chamilo\CoreBundle\Entity\ResourceLink;
 use Chamilo\CoreBundle\Entity\ResourceNode;
 use Chamilo\CoreBundle\Entity\ResourceRight;
 use Chamilo\CoreBundle\Entity\Session;
+use Chamilo\CoreBundle\Settings\SettingsManager;
 use Chamilo\CourseBundle\Entity\CGroup;
 use ChamiloSession;
 use Laminas\Permissions\Acl\Acl;
@ -41,14 +42,11 @@ class ResourceNodeVoter extends Voter
    public const ROLE_CURRENT_COURSE_SESSION_TEACHER = 'ROLE_CURRENT_COURSE_SESSION_TEACHER';
    public const ROLE_CURRENT_COURSE_SESSION_STUDENT = 'ROLE_CURRENT_COURSE_SESSION_STUDENT';

-    private RequestStack $requestStack;
-    private Security $security;
-
-    public function __construct(Security $security, RequestStack $requestStack)
-    {
-        $this->security = $security;
-        $this->requestStack = $requestStack;
-    }
+    public function __construct(
+        private Security $security,
+        private RequestStack $requestStack,
+        private SettingsManager $settingsManager
+    ) {}

    public static function getReaderMask(): int
    {
@ -170,6 +168,11 @@ class ResourceNodeVoter extends Voter
            if (0 === $groupId && $firstLink->getGroup() instanceof CGroup) {
                $groupId = (int) $firstLink->getGroup()->getIid();
            }
+            if ($firstLink->getUser() instanceof UserInterface
+                && 'true' === $this->settingsManager->getSetting('security.access_to_personal_file_for_all')
+            ) {
+                return true;
+            }
        }

        $linkFound = 0;
--- a/src/CoreBundle/Settings/SecuritySettingsSchema.php
+++ b/src/CoreBundle/Settings/SecuritySettingsSchema.php
@ -42,6 +42,7 @@ class SecuritySettingsSchema extends AbstractSettingsSchema
                'allow_online_users_by_status' => '',
                'security_session_cookie_samesite_none' => 'false',
                'anonymous_autoprovisioning' => 'false',
+                'access_to_personal_file_for_all' => 'false',
            ]
        );
        $allowedTypes = [
@ -161,6 +162,7 @@ class SecuritySettingsSchema extends AbstractSettingsSchema
            )
            ->add('security_session_cookie_samesite_none', YesNoType::class)
            ->add('anonymous_autoprovisioning', YesNoType::class)
+            ->add('access_to_personal_file_for_all', YesNoType::class)
        ;

        $this->updateFormFieldsFromSettingsInfo($builder);