From 1e4f9fc795dda2b1fe80e6f7013e273b7eef9a1a Mon Sep 17 00:00:00 2001
From: noackorama <noackorama@gmail.com>
Date: Wed, 13 Oct 2021 17:06:30 +0200
Subject: [PATCH] check folder visibility
---
app/controllers/files.php | 11 ++++++-----
lib/classes/globalsearch/GlobalSearchFiles.php | 2 +-
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/app/controllers/files.php b/app/controllers/files.php
index 5181f974a36..bfc2e98af10 100644
--- a/app/controllers/files.php
+++ b/app/controllers/files.php
@@ -387,10 +387,12 @@ class FilesController extends AuthenticatedController
$this->all_files = [];
$count_visible = 0;
foreach ($all_file_refs as $file_ref) {
- $vue_data = FilesystemVueDataManager::getFileVueData(
- $file_ref->getFileType(),
- $this->topFolder
- );
+ if ($file_ref->getFileType()->isVisible($GLOBALS['user']->id)) {
+ $vue_data = FilesystemVueDataManager::getFileVueData(
+ $file_ref->getFileType(),
+ $this->topFolder
+ );
+ }
if (isset($vue_data['download_url'])) {
$this->all_files[] = $vue_data;
if (++$count_visible === 5) break;
@@ -471,7 +473,6 @@ class FilesController extends AuthenticatedController
//]
$folders = [];
$new_file_refs = FileRef::findAll($GLOBALS['user']->id, $this->begin, $this->end, $this->course_id, $this->page_size, $offset);
-
//Group the file refs by their folder:
foreach ($new_file_refs as $file_ref) {
if (!is_array($folders[$file_ref->folder_id])) {
diff --git a/lib/classes/globalsearch/GlobalSearchFiles.php b/lib/classes/globalsearch/GlobalSearchFiles.php
index 7d36860a00d..e0cd9f4356f 100644
--- a/lib/classes/globalsearch/GlobalSearchFiles.php
+++ b/lib/classes/globalsearch/GlobalSearchFiles.php
@@ -191,7 +191,7 @@ class GlobalSearchFiles extends GlobalSearchModule implements GlobalSearchFullte
return Folder::find($fileref->folder_id)->getTypedFolder();
});
- if (!$folder->isFileDownloadable($fileref, $GLOBALS['user']->id)) {
+ if (!($folder->isVisible($GLOBALS['user']->id) && $folder->isReadable($GLOBALS['user']->id))) {
return null;
}
--
GitLab