chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Groups: Fix course group permissions

Browse Source
pull/3844/head
Julio Montoya 4 years ago
parent a86a3fd9e9
commit 93981da74b
12 changed files with 118 additions and 84 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      config/packages/security.yaml
  2. 6
      public/main/inc/lib/api.lib.php
  3. 20
      src/CoreBundle/Entity/Course.php
  4. 5
      src/CoreBundle/Entity/ResourceLink.php
  5. 4
      src/CoreBundle/EventListener/CourseListener.php
  6. 21
      src/CoreBundle/Security/Authorization/Voter/GroupVoter.php
  7. 62
      src/CoreBundle/Security/Authorization/Voter/ResourceNodeVoter.php
  8. 6
      src/CoreBundle/Security/Authorization/Voter/ResourceVoter.php
  9. 14
      src/CoreBundle/Security/Authorization/Voter/SessionVoter.php
  10. 2
      src/CourseBundle/Entity/CDocument.php
  11. 20
      src/CourseBundle/Entity/CGroup.php
  12. 4
      src/LtiBundle/Util/Utils.php

6
config/packages/security.yaml
Unescape View File

@ -28,7 +28,7 @@ security:
- ROLE_DIRECTOR - ROLE_DIRECTOR
- ROLE_JURY_PRESIDENT - ROLE_JURY_PRESIDENT
- ROLE_CURRENT_COURSE_TEACHER - ROLE_CURRENT_COURSE_TEACHER
- ROLE_CURRENT_SESSION_COURSE_TEACHER - ROLE_CURRENT_COURSE_SESSION_TEACHER
- ROLE_CURRENT_COURSE_GROUP_TEACHER - ROLE_CURRENT_COURSE_GROUP_TEACHER
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
ROLE_GLOBAL_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] ROLE_GLOBAL_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
@ -41,8 +41,8 @@ security:
ROLE_CURRENT_COURSE_TEACHER: [ROLE_CURRENT_COURSE_TEACHER, ROLE_CURRENT_COURSE_STUDENT] # Set in the course listener ROLE_CURRENT_COURSE_TEACHER: [ROLE_CURRENT_COURSE_TEACHER, ROLE_CURRENT_COURSE_STUDENT] # Set in the course listener
ROLE_CURRENT_COURSE_GROUP_STUDENT: [ROLE_CURRENT_COURSE_GROUP_STUDENT] # Set in the CourseListener ROLE_CURRENT_COURSE_GROUP_STUDENT: [ROLE_CURRENT_COURSE_GROUP_STUDENT] # Set in the CourseListener
ROLE_CURRENT_COURSE_GROUP_TEACHER: [ROLE_CURRENT_COURSE_GROUP_TEACHER, ROLE_CURRENT_COURSE_GROUP_STUDENT] ROLE_CURRENT_COURSE_GROUP_TEACHER: [ROLE_CURRENT_COURSE_GROUP_TEACHER, ROLE_CURRENT_COURSE_GROUP_STUDENT]
ROLE_CURRENT_SESSION_COURSE_STUDENT: [ROLE_CURRENT_SESSION_COURSE_STUDENT] ROLE_CURRENT_COURSE_SESSION_STUDENT: [ROLE_CURRENT_COURSE_SESSION_STUDENT]
ROLE_CURRENT_SESSION_COURSE_TEACHER: [ROLE_CURRENT_SESSION_COURSE_STUDENT, ROLE_CURRENT_SESSION_COURSE_TEACHER] ROLE_CURRENT_COURSE_SESSION_TEACHER: [ROLE_CURRENT_COURSE_SESSION_STUDENT, ROLE_CURRENT_COURSE_SESSION_TEACHER]
ROLE_ANONYMOUS: [ROLE_ANONYMOUS] ROLE_ANONYMOUS: [ROLE_ANONYMOUS]
#access_decision_manager: #access_decision_manager:
# strategy can be: affirmative, unanimous or consensus # strategy can be: affirmative, unanimous or consensus

6
public/main/inc/lib/api.lib.php
Unescape View File

@ -3240,7 +3240,7 @@ function api_is_course_admin()
$user = api_get_current_user(); $user = api_get_current_user();
if ($user) { if ($user) {
if ( if (
$user->hasRole('ROLE_CURRENT_SESSION_COURSE_TEACHER') || $user->hasRole('ROLE_CURRENT_COURSE_SESSION_TEACHER') ||
$user->hasRole('ROLE_CURRENT_COURSE_TEACHER') $user->hasRole('ROLE_CURRENT_COURSE_TEACHER')
) { ) {
return true; return true;
@ -7400,8 +7400,8 @@ function api_is_allowed_in_course()
$user = api_get_current_user(); $user = api_get_current_user();
if ($user instanceof User) { if ($user instanceof User) {
if ($user->hasRole('ROLE_CURRENT_SESSION_COURSE_STUDENT') || if ($user->hasRole('ROLE_CURRENT_COURSE_SESSION_STUDENT') ||
$user->hasRole('ROLE_CURRENT_SESSION_COURSE_TEACHER') || $user->hasRole('ROLE_CURRENT_COURSE_SESSION_TEACHER') ||
$user->hasRole('ROLE_CURRENT_COURSE_STUDENT') || $user->hasRole('ROLE_CURRENT_COURSE_STUDENT') ||
$user->hasRole('ROLE_CURRENT_COURSE_TEACHER') $user->hasRole('ROLE_CURRENT_COURSE_TEACHER')
) { ) {

20
src/CoreBundle/Entity/Course.php
Unescape View File

@ -549,10 +549,7 @@ class Course extends AbstractResource implements ResourceInterface, ResourceWith
return $this; return $this;
} }
/** public function hasUser(User $user): bool
* @return bool
*/
public function hasUser(User $user)
{ {
$criteria = Criteria::create()->where( $criteria = Criteria::create()->where(
Criteria::expr()->eq('user', $user) Criteria::expr()->eq('user', $user)
@ -561,10 +558,7 @@ class Course extends AbstractResource implements ResourceInterface, ResourceWith
return $this->getUsers()->matching($criteria)->count() > 0; return $this->getUsers()->matching($criteria)->count() > 0;
} }
/** public function hasStudent(User $user): bool
* @return bool
*/
public function hasStudent(User $user)
{ {
$criteria = Criteria::create()->where( $criteria = Criteria::create()->where(
Criteria::expr()->eq('user', $user) Criteria::expr()->eq('user', $user)
@ -573,10 +567,7 @@ class Course extends AbstractResource implements ResourceInterface, ResourceWith
return $this->getStudents()->matching($criteria)->count() > 0; return $this->getStudents()->matching($criteria)->count() > 0;
} }
/** public function hasTeacher(User $user): bool
* @return bool
*/
public function hasTeacher(User $user)
{ {
$criteria = Criteria::create()->where( $criteria = Criteria::create()->where(
Criteria::expr()->eq('user', $user) Criteria::expr()->eq('user', $user)
@ -585,10 +576,7 @@ class Course extends AbstractResource implements ResourceInterface, ResourceWith
return $this->getTeachers()->matching($criteria)->count() > 0; return $this->getTeachers()->matching($criteria)->count() > 0;
} }
/** public function hasGroup(CGroup $group): bool
* @return bool
*/
public function hasGroup(CGroup $group)
{ {
/*$criteria = Criteria::create()->where( /*$criteria = Criteria::create()->where(
Criteria::expr()->eq('groups', $group) Criteria::expr()->eq('groups', $group)

5
src/CoreBundle/Entity/ResourceLink.php
Unescape View File

@ -199,6 +199,11 @@ class ResourceLink
return $this; return $this;
} }
public function hasCourse(): bool
{
return null !== $this->course;
}
public function hasGroup(): bool public function hasGroup(): bool
{ {
return null !== $this->group; return null !== $this->group;

4
src/CoreBundle/EventListener/CourseListener.php
Unescape View File

@ -319,8 +319,8 @@ class CourseListener
$user->removeRole('ROLE_CURRENT_COURSE_GROUP_STUDENT'); $user->removeRole('ROLE_CURRENT_COURSE_GROUP_STUDENT');
$user->removeRole('ROLE_CURRENT_COURSE_STUDENT'); $user->removeRole('ROLE_CURRENT_COURSE_STUDENT');
$user->removeRole('ROLE_CURRENT_COURSE_TEACHER'); $user->removeRole('ROLE_CURRENT_COURSE_TEACHER');
$user->removeRole('ROLE_CURRENT_SESSION_COURSE_STUDENT'); $user->removeRole('ROLE_CURRENT_COURSE_SESSION_STUDENT');
$user->removeRole('ROLE_CURRENT_SESSION_COURSE_TEACHER'); $user->removeRole('ROLE_CURRENT_COURSE_SESSION_TEACHER');
} }
} }

21
src/CoreBundle/Security/Authorization/Voter/GroupVoter.php
Unescape View File

@ -72,12 +72,23 @@ class GroupVoter extends Voter
$group = $subject; $group = $subject;
// Legacy // Legacy
return \GroupManager::userHasAccessToBrowse($user->getId(), $group); //\GroupManager::userHasAccessToBrowse($user->getId(), $group);
$isTutor = $group->hasTutor($user);
switch ($attribute) { switch ($attribute) {
case self::VIEW: case self::VIEW:
if (!$group->hasUserInCourse($user, $course)) { if ($isTutor) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_STUDENT); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_GROUP_TEACHER);
return true;
}
if (0 === $group->getStatus()) {
return false;
}
if ($group->hasMember($user)) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_GROUP_STUDENT);
return true; return true;
} }
@ -85,8 +96,8 @@ class GroupVoter extends Voter
break; break;
case self::EDIT: case self::EDIT:
case self::DELETE: case self::DELETE:
if (!$session->hasCoachInCourseWithStatus($user, $course)) { if ($isTutor) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_TEACHER); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_GROUP_TEACHER);
return true; return true;
} }

62
src/CoreBundle/Security/Authorization/Voter/ResourceNodeVoter.php
Unescape View File

@ -33,8 +33,8 @@ class ResourceNodeVoter extends Voter
public const ROLE_CURRENT_COURSE_STUDENT = 'ROLE_CURRENT_COURSE_STUDENT'; public const ROLE_CURRENT_COURSE_STUDENT = 'ROLE_CURRENT_COURSE_STUDENT';
public const ROLE_CURRENT_COURSE_GROUP_TEACHER = 'ROLE_CURRENT_COURSE_GROUP_TEACHER'; public const ROLE_CURRENT_COURSE_GROUP_TEACHER = 'ROLE_CURRENT_COURSE_GROUP_TEACHER';
public const ROLE_CURRENT_COURSE_GROUP_STUDENT = 'ROLE_CURRENT_COURSE_GROUP_STUDENT'; public const ROLE_CURRENT_COURSE_GROUP_STUDENT = 'ROLE_CURRENT_COURSE_GROUP_STUDENT';
public const ROLE_CURRENT_SESSION_COURSE_TEACHER = 'ROLE_CURRENT_SESSION_COURSE_TEACHER'; public const ROLE_CURRENT_COURSE_SESSION_TEACHER = 'ROLE_CURRENT_COURSE_SESSION_TEACHER';
public const ROLE_CURRENT_SESSION_COURSE_STUDENT = 'ROLE_CURRENT_SESSION_COURSE_STUDENT'; public const ROLE_CURRENT_COURSE_SESSION_STUDENT = 'ROLE_CURRENT_COURSE_SESSION_STUDENT';
private $requestStack; private $requestStack;
private $security; private $security;
@ -93,10 +93,9 @@ class ResourceNodeVoter extends Voter
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{ {
error_log('resourceNode voteOnAttribute'); error_log('resourceNode voteOnAttribute');
$user = $token->getUser();
// Make sure there is a user object (i.e. that the user is logged in) // Make sure there is a user object (i.e. that the user is logged in)
// Update. No, anons can enter a node depending in the visibility. // Update. No, anons can enter a node depending in the visibility.
// $user = $token->getUser();
/*if (!$user instanceof UserInterface) { /*if (!$user instanceof UserInterface) {
return false; return false;
}*/ }*/
@ -127,6 +126,7 @@ class ResourceNodeVoter extends Voter
break; break;
} }
$user = $token->getUser();
// Check if I'm the owner. // Check if I'm the owner.
$creator = $resourceNode->getCreator(); $creator = $resourceNode->getCreator();
if ($creator instanceof UserInterface && if ($creator instanceof UserInterface &&
@ -144,14 +144,14 @@ class ResourceNodeVoter extends Voter
$groupId = (int) $request->get('gid'); $groupId = (int) $request->get('gid');
$links = $resourceNode->getResourceLinks(); $links = $resourceNode->getResourceLinks();
$linkFound = 0;
//$courseManager = $this->entityManager->getRepository(Course::class); //$courseManager = $this->entityManager->getRepository(Course::class);
//$sessionManager = $this->entityManager->getRepository(Session::class); //$sessionManager = $this->entityManager->getRepository(Session::class);
$course = null; $linkFound = 0;
$link = null; $link = null;
$case = 0;
// @todo implement view, edit, delete. // @todo implement view, edit, delete.
/** @var ResourceLink $link */
foreach ($links as $link) { foreach ($links as $link) {
// Block access if visibility is deleted. Creator and admin have already access. // Block access if visibility is deleted. Creator and admin have already access.
if (ResourceLink::VISIBILITY_DELETED === $link->getVisibility()) { if (ResourceLink::VISIBILITY_DELETED === $link->getVisibility()) {
@ -241,9 +241,9 @@ class ResourceNodeVoter extends Voter
break; break;
}*/ }*/
} }
//var_dump($linkFound, $link->getId()); exit; //var_dump($linkFound, $link->getId(), $link->getVisibility()); exit;
// No link was found or not available. // No link was found.
if (0 === $linkFound) { if (0 === $linkFound) {
return false; return false;
} }
@ -253,7 +253,7 @@ class ResourceNodeVoter extends Voter
$allowAnonsToSee = false; $allowAnonsToSee = false;
$rights = []; $rights = [];
if ($rightFromResourceLink->count() > 0) { if ($rightFromResourceLink->count() > 0) {
// Taken rights from the link // Taken rights from the link.
$rights = $rightFromResourceLink; $rights = $rightFromResourceLink;
} else { } else {
// Taken the rights from the default tool // Taken the rights from the default tool
@ -267,8 +267,8 @@ class ResourceNodeVoter extends Voter
$readerMask = self::getReaderMask(); $readerMask = self::getReaderMask();
$editorMask = self::getEditorMask(); $editorMask = self::getEditorMask();
if ($courseId) { if ($courseId && $link->hasCourse() && $link->getCourse()->getId() === $courseId) {
// If is teacher. // If teacher.
if ($this->security->isGranted(self::ROLE_CURRENT_COURSE_TEACHER)) { if ($this->security->isGranted(self::ROLE_CURRENT_COURSE_TEACHER)) {
$resourceRight = new ResourceRight(); $resourceRight = new ResourceRight();
$resourceRight $resourceRight
@ -277,7 +277,7 @@ class ResourceNodeVoter extends Voter
$rights[] = $resourceRight; $rights[] = $resourceRight;
} }
// If is student. // If student.
if ($this->security->isGranted(self::ROLE_CURRENT_COURSE_STUDENT) && if ($this->security->isGranted(self::ROLE_CURRENT_COURSE_STUDENT) &&
ResourceLink::VISIBILITY_PUBLISHED === $link->getVisibility() ResourceLink::VISIBILITY_PUBLISHED === $link->getVisibility()
) { ) {
@ -289,7 +289,9 @@ class ResourceNodeVoter extends Voter
} }
// For everyone. // For everyone.
if (ResourceLink::VISIBILITY_PUBLISHED === $link->getVisibility() && $link->getCourse()->isPublic()) { if (ResourceLink::VISIBILITY_PUBLISHED === $link->getVisibility() &&
$link->getCourse()->isPublic()
) {
$allowAnonsToSee = true; $allowAnonsToSee = true;
$resourceRight = new ResourceRight(); $resourceRight = new ResourceRight();
$resourceRight $resourceRight
@ -300,36 +302,44 @@ class ResourceNodeVoter extends Voter
} }
if (!empty($groupId)) { if (!empty($groupId)) {
/*var_dump($groupId);
foreach ($user->getRoles() as $role) {
var_dump($role);
}*/
if ($this->security->isGranted(self::ROLE_CURRENT_COURSE_GROUP_TEACHER)) {
$resourceRight = new ResourceRight(); $resourceRight = new ResourceRight();
$resourceRight $resourceRight
->setMask($editorMask) ->setMask($editorMask)
->setRole(self::ROLE_CURRENT_COURSE_GROUP_TEACHER) ->setRole(self::ROLE_CURRENT_COURSE_GROUP_TEACHER);
;
$rights[] = $resourceRight; $rights[] = $resourceRight;
}
if ($this->security->isGranted(self::ROLE_CURRENT_COURSE_GROUP_STUDENT)) {
$resourceRight = new ResourceRight(); $resourceRight = new ResourceRight();
$resourceRight $resourceRight
->setMask($readerMask) ->setMask($readerMask)
->setRole(self::ROLE_CURRENT_COURSE_GROUP_STUDENT) ->setRole(self::ROLE_CURRENT_COURSE_GROUP_STUDENT);
;
$rights[] = $resourceRight; $rights[] = $resourceRight;
} }
}
if (!empty($sessionId)) { if (!empty($sessionId)) {
if ($this->security->isGranted(self::ROLE_CURRENT_COURSE_SESSION_TEACHER)) {
$resourceRight = new ResourceRight(); $resourceRight = new ResourceRight();
$resourceRight $resourceRight
->setMask($editorMask) ->setMask($editorMask)
->setRole(self::ROLE_CURRENT_SESSION_COURSE_TEACHER) ->setRole(self::ROLE_CURRENT_COURSE_SESSION_TEACHER);
;
$rights[] = $resourceRight; $rights[] = $resourceRight;
}
if ($this->security->isGranted(self::ROLE_CURRENT_COURSE_SESSION_STUDENT)) {
$resourceRight = new ResourceRight(); $resourceRight = new ResourceRight();
$resourceRight $resourceRight
->setMask($readerMask) ->setMask($readerMask)
->setRole(self::ROLE_CURRENT_SESSION_COURSE_STUDENT) ->setRole(self::ROLE_CURRENT_COURSE_SESSION_STUDENT);
;
$rights[] = $resourceRight; $rights[] = $resourceRight;
} }
}
if (empty($rights) && ResourceLink::VISIBILITY_PUBLISHED === $link->getVisibility()) { if (empty($rights) && ResourceLink::VISIBILITY_PUBLISHED === $link->getVisibility()) {
// Give just read access. // Give just read access.
@ -341,7 +351,7 @@ class ResourceNodeVoter extends Voter
$rights[] = $resourceRight; $rights[] = $resourceRight;
} }
} }
//exit;
//var_dump($allowAnonsToSee); //var_dump($allowAnonsToSee);
/*foreach ($rights as $right) { /*foreach ($rights as $right) {
var_dump($right->getRole()); var_dump($right->getRole());
@ -367,8 +377,8 @@ class ResourceNodeVoter extends Voter
$currentStudentGroup = new Role(self::ROLE_CURRENT_COURSE_GROUP_STUDENT); $currentStudentGroup = new Role(self::ROLE_CURRENT_COURSE_GROUP_STUDENT);
$currentTeacherGroup = new Role(self::ROLE_CURRENT_COURSE_GROUP_TEACHER); $currentTeacherGroup = new Role(self::ROLE_CURRENT_COURSE_GROUP_TEACHER);
$currentStudentSession = new Role(self::ROLE_CURRENT_SESSION_COURSE_STUDENT); $currentStudentSession = new Role(self::ROLE_CURRENT_COURSE_SESSION_STUDENT);
$currentTeacherSession = new Role(self::ROLE_CURRENT_SESSION_COURSE_TEACHER); $currentTeacherSession = new Role(self::ROLE_CURRENT_COURSE_SESSION_TEACHER);
$superAdmin = new Role('ROLE_SUPER_ADMIN'); $superAdmin = new Role('ROLE_SUPER_ADMIN');
$admin = new Role('ROLE_ADMIN'); $admin = new Role('ROLE_ADMIN');
@ -385,7 +395,7 @@ class ResourceNodeVoter extends Voter
->addRole($currentTeacher, self::ROLE_CURRENT_COURSE_STUDENT) ->addRole($currentTeacher, self::ROLE_CURRENT_COURSE_STUDENT)
->addRole($currentStudentSession) ->addRole($currentStudentSession)
->addRole($currentTeacherSession, self::ROLE_CURRENT_SESSION_COURSE_STUDENT) ->addRole($currentTeacherSession, self::ROLE_CURRENT_COURSE_SESSION_STUDENT)
->addRole($currentStudentGroup) ->addRole($currentStudentGroup)
->addRole($currentTeacherGroup, self::ROLE_CURRENT_COURSE_GROUP_STUDENT) ->addRole($currentTeacherGroup, self::ROLE_CURRENT_COURSE_GROUP_STUDENT)

6
src/CoreBundle/Security/Authorization/Voter/ResourceVoter.php
Unescape View File

@ -59,7 +59,7 @@ class ResourceVoter extends Voter
self::DELETE, self::DELETE,
self::EXPORT, self::EXPORT,
]; ];
error_log('resource supports'); //error_log('resource supports');
// if the attribute isn't one we support, return false // if the attribute isn't one we support, return false
if (!in_array($attribute, $options)) { if (!in_array($attribute, $options)) {
return false; return false;
@ -75,8 +75,8 @@ class ResourceVoter extends Voter
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{ {
error_log('resource voteOnAttribute'); /*error_log('resource voteOnAttribute');
$user = $token->getUser(); $user = $token->getUser();*/
return true; return true;
} }

14
src/CoreBundle/Security/Authorization/Voter/SessionVoter.php
Unescape View File

@ -89,21 +89,21 @@ class SessionVoter extends Voter
if (empty($session->getDuration())) { if (empty($session->getDuration())) {
// General coach. // General coach.
if ($userIsGeneralCoach && $session->isActiveForCoach()) { if ($userIsGeneralCoach && $session->isActiveForCoach()) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_TEACHER); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_SESSION_TEACHER);
return true; return true;
} }
// Course-Coach access. // Course-Coach access.
if ($userIsCourseCoach && $session->isActiveForCoach()) { if ($userIsCourseCoach && $session->isActiveForCoach()) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_TEACHER); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_SESSION_TEACHER);
return true; return true;
} }
// Student access // Student access
if ($userIsStudent && $session->isActiveForStudent()) { if ($userIsStudent && $session->isActiveForStudent()) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_STUDENT); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_SESSION_STUDENT);
//$token->setUser($user); //$token->setUser($user);
@ -113,19 +113,19 @@ class SessionVoter extends Voter
if ($this->sessionIsAvailableByDuration($session, $user)) { if ($this->sessionIsAvailableByDuration($session, $user)) {
if ($userIsGeneralCoach) { if ($userIsGeneralCoach) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_TEACHER); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_SESSION_TEACHER);
return true; return true;
} }
if ($userIsCourseCoach) { if ($userIsCourseCoach) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_TEACHER); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_SESSION_TEACHER);
return true; return true;
} }
if ($userIsStudent) { if ($userIsStudent) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_STUDENT); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_SESSION_STUDENT);
return true; return true;
} }
@ -137,7 +137,7 @@ class SessionVoter extends Voter
$canEdit = $this->canEditSession($user, $session, false); $canEdit = $this->canEditSession($user, $session, false);
if ($canEdit) { if ($canEdit) {
$user->addRole(ResourceNodeVoter::ROLE_CURRENT_SESSION_COURSE_TEACHER); $user->addRole(ResourceNodeVoter::ROLE_CURRENT_COURSE_SESSION_TEACHER);
return true; return true;
} }

2
src/CourseBundle/Entity/CDocument.php
Unescape View File

@ -41,7 +41,7 @@ use Symfony\Component\Validator\Constraints as Assert;
* "post"={ * "post"={
* "controller"=CreateResourceNodeFileAction::class, * "controller"=CreateResourceNodeFileAction::class,
* "deserialize"=false, * "deserialize"=false,
* "security"="is_granted('ROLE_CURRENT_COURSE_TEACHER') or is_granted('ROLE_CURRENT_SESSION_COURSE_TEACHER')", * "security"="is_granted('ROLE_CURRENT_COURSE_TEACHER') or is_granted('ROLE_CURRENT_COURSE_SESSION_TEACHER')",
* "validation_groups"={"Default", "media_object_create", "document:write"}, * "validation_groups"={"Default", "media_object_create", "document:write"},
* "openapi_context"={ * "openapi_context"={
* "requestBody"={ * "requestBody"={

20
src/CourseBundle/Entity/CGroup.php
Unescape View File

@ -368,7 +368,7 @@ class CGroup extends AbstractResource implements ResourceInterface
/** /**
* Set wikiState. * Set wikiState.
* *
* @param bool $wikiState * @param int $wikiState
*/ */
public function setWikiState($wikiState): self public function setWikiState($wikiState): self
{ {
@ -501,6 +501,24 @@ class CGroup extends AbstractResource implements ResourceInterface
return $this->members->count() > 0; return $this->members->count() > 0;
} }
public function hasMember(User $user): bool
{
$criteria = Criteria::create()->where(
Criteria::expr()->eq('user', $user)
);
return $this->members->matching($criteria)->count() > 0;
}
public function hasTutor(User $user): bool
{
$criteria = Criteria::create()->where(
Criteria::expr()->eq('user', $user)
);
return $this->tutors->matching($criteria)->count() > 0;
}
public function getTutors() public function getTutors()
{ {
return $this->tutors; return $this->tutors;

4
src/LtiBundle/Util/Utils.php
Unescape View File

@ -61,7 +61,9 @@ class Utils
// return 'Learner,urn:lti:role:ims/lis/Learner/GuestLearner'; // return 'Learner,urn:lti:role:ims/lis/Learner/GuestLearner';
//} //}
if ($user->hasRole('ROLE_CURRENT_COURSE_STUDENT') || $user->hasRole('ROLE_CURRENT_SESSION_COURSE_STUDENT')) { if ($user->hasRole('ROLE_CURRENT_COURSE_STUDENT') ||
$user->hasRole('ROLE_CURRENT_COURSE_SESSION_STUDENT')
) {
return 'Learner'; return 'Learner';
} }

Write Preview
Loading…
Cancel
Save