From 58b1b71c787909c981d58efd2362eb3e460bc379 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Noack?= <noack@data-quest.de>
Date: Wed, 3 Apr 2024 08:15:15 +0000
Subject: [PATCH] =?UTF-8?q?Resolve=20#3907=20"Tempor=C3=A4re=20Buchungsrec?=
 =?UTF-8?q?hte:=20Rechte-=20und=20Buchungszeitraum=20identisch"?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #3907

Merge request studip/studip!2764
---
 lib/models/resources/Resource.class.php | 31 +++++++++++--------------
 1 file changed, 13 insertions(+), 18 deletions(-)

diff --git a/lib/models/resources/Resource.class.php b/lib/models/resources/Resource.class.php
index 531bc4ca869..92d810773bd 100644
--- a/lib/models/resources/Resource.class.php
+++ b/lib/models/resources/Resource.class.php
@@ -2296,29 +2296,14 @@ class Resource extends SimpleORMap implements StudipItem
             return 'admin';
         }
 
-        //Check for a temporary permission first:
 
         $perm_string = '';
         $temp_perm   = null;
 
         $begin = time();
         $end   = $begin;
-
-        //If $time range is set and contains two DateTime objects
-        //we can include that in the search for temporary permissions.
-        if ($time_range) {
-            if ($time_range[0] instanceof DateTime) {
-                $begin = $time_range[0]->getTimestamp();
-            } else {
-                $begin = $time_range[0];
-            }
-            if ($time_range[1] instanceof DateTime) {
-                $end = $time_range[1]->getTimestamp();
-            } else {
-                $end = $time_range[1];
-            }
-        }
-
+        //Check for a temporary permission first:
+        //check only against current timestamp
         if (!$permanent_only) {
             $temp_perm = ResourceTemporaryPermission::findOneBySql(
                 '(resource_id = :resource_id) AND (user_id = :user_id)
@@ -2375,8 +2360,18 @@ class Resource extends SimpleORMap implements StudipItem
             $perm_string = $global_perm;
         }
         //Now we must check for global resource locks:
-
         if ($perm_string && $time_range && $this->lockable) {
+
+            if ($time_range[0] instanceof DateTime) {
+                $begin = $time_range[0]->getTimestamp();
+            } else {
+                $begin = $time_range[0];
+            }
+            if ($time_range[1] instanceof DateTime) {
+                $end = $time_range[1]->getTimestamp();
+            } else {
+                $end = $time_range[1];
+            }
             if (GlobalResourceLock::isLocked($begin, $end)) {
                 //A permission level exists for the user.
                 //The user gets "user" permissions in case
-- 
GitLab