Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
Stud.IP
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package registry
Container registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Jan-Hendrik Willms
Stud.IP
Commits
20bc39a5
Commit
20bc39a5
authored
10 months ago
by
Jan-Hendrik Willms
Committed by
Jan-Hendrik Willms
10 months ago
Browse files
Options
Downloads
Patches
Plain Diff
fix access to institute administration, fixes #4458
Closes #4458 Merge request
studip/studip!3243
parent
0e78bb5d
No related branches found
No related tags found
No related merge requests found
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
app/controllers/course/contentmodules.php
+13
-16
13 additions, 16 deletions
app/controllers/course/contentmodules.php
lib/models/Institute.class.php
+3
-2
3 additions, 2 deletions
lib/models/Institute.class.php
lib/modules/CoreAdmin.class.php
+122
-93
122 additions, 93 deletions
lib/modules/CoreAdmin.class.php
with
138 additions
and
111 deletions
app/controllers/course/contentmodules.php
+
13
−
16
View file @
20bc39a5
...
@@ -100,13 +100,12 @@ class Course_ContentmodulesController extends AuthenticatedController
...
@@ -100,13 +100,12 @@ class Course_ContentmodulesController extends AuthenticatedController
public
function
trigger_action
()
public
function
trigger_action
()
{
{
$context
=
Context
::
get
();
$context
=
Context
::
get
();
if
(
!
$context
->
isEditableByUser
())
{
$required_perm
=
$context
->
getRangeType
()
===
'course'
?
'tutor'
:
'admin'
;
if
(
!
$GLOBALS
[
'perm'
]
->
have_studip_perm
(
$required_perm
,
$context
->
id
))
{
throw
new
AccessDeniedException
();
throw
new
AccessDeniedException
();
}
}
if
(
Request
::
isPost
())
{
if
(
Request
::
isPost
())
{
if
(
$context
->
getRangeType
()
===
'c
ourse
'
)
{
if
(
$context
instanceof
C
ourse
)
{
$sem_class
=
$context
->
getSemClass
();
$sem_class
=
$context
->
getSemClass
();
}
else
{
}
else
{
$sem_class
=
SemClass
::
getDefaultInstituteClass
(
$context
->
type
);
$sem_class
=
SemClass
::
getDefaultInstituteClass
(
$context
->
type
);
...
@@ -128,6 +127,7 @@ class Course_ContentmodulesController extends AuthenticatedController
...
@@ -128,6 +127,7 @@ class Course_ContentmodulesController extends AuthenticatedController
$this
->
redirect
(
"course/contentmodules/trigger"
,
[
'cid'
=>
$context
->
getId
(),
'plugin_id'
=>
$module
->
getPluginId
()]);
$this
->
redirect
(
"course/contentmodules/trigger"
,
[
'cid'
=>
$context
->
getId
(),
'plugin_id'
=>
$module
->
getPluginId
()]);
return
;
return
;
}
}
$active_tool
=
ToolActivation
::
find
([
$context
->
id
,
Request
::
int
(
'plugin_id'
)]);
$active_tool
=
ToolActivation
::
find
([
$context
->
id
,
Request
::
int
(
'plugin_id'
)]);
$template
=
$GLOBALS
[
'template_factory'
]
->
open
(
'tabs.php'
);
$template
=
$GLOBALS
[
'template_factory'
]
->
open
(
'tabs.php'
);
$template
->
navigation
=
Navigation
::
getItem
(
'/course'
);
$template
->
navigation
=
Navigation
::
getItem
(
'/course'
);
...
@@ -141,11 +141,10 @@ class Course_ContentmodulesController extends AuthenticatedController
...
@@ -141,11 +141,10 @@ class Course_ContentmodulesController extends AuthenticatedController
public
function
reorder_action
()
public
function
reorder_action
()
{
{
$context
=
Context
::
get
();
$context
=
Context
::
get
();
if
(
!
$context
->
isEditableByUser
())
{
$required_perm
=
$context
->
getRangeType
()
===
'course'
?
'tutor'
:
'admin'
;
if
(
!
$GLOBALS
[
'perm'
]
->
have_studip_perm
(
$required_perm
,
$context
->
id
))
{
throw
new
AccessDeniedException
();
throw
new
AccessDeniedException
();
}
}
if
(
Request
::
isPost
())
{
if
(
Request
::
isPost
())
{
$position
=
0
;
$position
=
0
;
foreach
(
Request
::
getArray
(
'order'
)
as
$plugin_id
)
{
foreach
(
Request
::
getArray
(
'order'
)
as
$plugin_id
)
{
...
@@ -156,6 +155,7 @@ class Course_ContentmodulesController extends AuthenticatedController
...
@@ -156,6 +155,7 @@ class Course_ContentmodulesController extends AuthenticatedController
$this
->
redirect
(
$this
->
reorderURL
());
$this
->
redirect
(
$this
->
reorderURL
());
return
;
return
;
}
}
Navigation
::
getItem
(
'/course/admin'
)
->
setActive
(
true
);
Navigation
::
getItem
(
'/course/admin'
)
->
setActive
(
true
);
$template
=
$GLOBALS
[
'template_factory'
]
->
open
(
'tabs.php'
);
$template
=
$GLOBALS
[
'template_factory'
]
->
open
(
'tabs.php'
);
$template
->
navigation
=
Navigation
::
getItem
(
'/course'
);
$template
->
navigation
=
Navigation
::
getItem
(
'/course'
);
...
@@ -169,12 +169,12 @@ class Course_ContentmodulesController extends AuthenticatedController
...
@@ -169,12 +169,12 @@ class Course_ContentmodulesController extends AuthenticatedController
if
(
!
Request
::
isPost
())
{
if
(
!
Request
::
isPost
())
{
throw
new
AccessDeniedException
();
throw
new
AccessDeniedException
();
}
}
$context
=
Context
::
get
();
$
required_perm
=
$c
ontext
->
get
RangeType
()
===
'course'
?
'tutor'
:
'admin'
;
$
context
=
C
ontext
::
get
()
;
if
(
!
$
GLOBALS
[
'perm'
]
->
have_studip_perm
(
$required_perm
,
$context
->
id
))
{
if
(
!
$
context
->
isEditableByUser
(
))
{
throw
new
AccessDeniedException
();
throw
new
AccessDeniedException
();
}
}
$moduleclass
=
Request
::
get
(
'moduleclass'
);
$moduleclass
=
Request
::
get
(
'moduleclass'
);
$module
=
new
$moduleclass
;
$module
=
new
$moduleclass
;
...
@@ -207,15 +207,15 @@ class Course_ContentmodulesController extends AuthenticatedController
...
@@ -207,15 +207,15 @@ class Course_ContentmodulesController extends AuthenticatedController
public
function
rename_action
(
$module_id
)
public
function
rename_action
(
$module_id
)
{
{
$context
=
Context
::
get
();
$context
=
Context
::
get
();
if
(
!
$context
->
isEditableByUser
())
{
$required_perm
=
$context
->
getRangeType
()
===
'course'
?
'tutor'
:
'admin'
;
if
(
!
$GLOBALS
[
'perm'
]
->
have_studip_perm
(
$required_perm
,
$context
->
id
))
{
throw
new
AccessDeniedException
();
throw
new
AccessDeniedException
();
}
}
$this
->
module
=
PluginManager
::
getInstance
()
->
getPluginById
(
$module_id
);
$this
->
module
=
PluginManager
::
getInstance
()
->
getPluginById
(
$module_id
);
$this
->
metadata
=
$this
->
module
->
getMetadata
();
$this
->
metadata
=
$this
->
module
->
getMetadata
();
PageLayout
::
setTitle
(
_
(
'Werkzeug umbenennen'
));
PageLayout
::
setTitle
(
_
(
'Werkzeug umbenennen'
));
$this
->
tool
=
ToolActivation
::
find
([
$context
->
id
,
$module_id
]);
$this
->
tool
=
ToolActivation
::
find
([
$context
->
id
,
$module_id
]);
if
(
Request
::
isPost
())
{
if
(
Request
::
isPost
())
{
$metadata
=
$this
->
tool
->
metadata
->
getArrayCopy
();
$metadata
=
$this
->
tool
->
metadata
->
getArrayCopy
();
if
(
!
trim
(
Request
::
get
(
'displayname'
))
||
Request
::
submitted
(
'delete'
))
{
if
(
!
trim
(
Request
::
get
(
'displayname'
))
||
Request
::
submitted
(
'delete'
))
{
...
@@ -358,8 +358,5 @@ class Course_ContentmodulesController extends AuthenticatedController
...
@@ -358,8 +358,5 @@ class Course_ContentmodulesController extends AuthenticatedController
}
catch
(
Exception
$e
)
{
}
catch
(
Exception
$e
)
{
return
null
;
return
null
;
}
}
}
}
}
}
This diff is collapsed.
Click to expand it.
lib/models/Institute.class.php
+
3
−
2
View file @
20bc39a5
...
@@ -311,10 +311,11 @@ class Institute extends SimpleORMap implements Range
...
@@ -311,10 +311,11 @@ class Institute extends SimpleORMap implements Range
public
function
isEditableByUser
(
$user_id
=
null
):
bool
public
function
isEditableByUser
(
$user_id
=
null
):
bool
{
{
if
(
$user_id
===
null
)
{
if
(
$user_id
===
null
)
{
$user_id
=
$GLOBALS
[
'user'
]
->
id
;
$user_id
=
User
::
findCurrent
()
->
id
;
}
}
$member
=
$this
->
members
->
findOneBy
(
'user_id'
,
$user_id
);
$member
=
$this
->
members
->
findOneBy
(
'user_id'
,
$user_id
);
return
(
$member
&&
in_array
(
$member
->
inst_perms
,
[
'tutor'
,
'dozent'
,
'admin'
])
)
return
(
$member
&&
$member
->
inst_perms
===
'admin'
)
||
User
::
find
(
$user_id
)
->
perms
===
'root'
;
||
User
::
find
(
$user_id
)
->
perms
===
'root'
;
}
}
...
...
This diff is collapsed.
Click to expand it.
lib/modules/CoreAdmin.class.php
+
122
−
93
View file @
20bc39a5
...
@@ -24,15 +24,38 @@ class CoreAdmin extends CorePlugin implements StudipModule
...
@@ -24,15 +24,38 @@ class CoreAdmin extends CorePlugin implements StudipModule
*/
*/
public
function
getTabNavigation
(
$course_id
)
public
function
getTabNavigation
(
$course_id
)
{
{
if
(
$GLOBALS
[
'perm'
]
->
have_studip_perm
(
'tutor'
,
$course_id
))
{
$range
=
RangeFactory
::
find
(
$course_id
);
$navigation
=
new
Navigation
(
_
(
'Verwaltung'
));
$navigation
->
setImage
(
Icon
::
create
(
'admin'
,
Icon
::
ROLE_INFO_ALT
));
// Given range is invalid, leave early
$navigation
->
setActiveImage
(
Icon
::
create
(
'admin'
,
Icon
::
ROLE_INFO
));
if
(
!
$range
)
{
return
[];
}
// Special case: Tutors of institutes may manage votes
if
(
Config
::
get
()
->
VOTE_ENABLE
&&
$range
instanceof
Institute
&&
!
$range
->
isEditableByUser
()
&&
Seminar_Perm
::
get
()
->
have_studip_perm
(
'tutor'
,
$range
->
id
)
)
{
$navigation
=
$this
->
getRootNavigation
();
$this
->
addVoteNavigation
(
$navigation
);
return
[
'admin'
=>
$navigation
];
}
// User may not edit this range
if
(
!
$range
->
isEditableByUser
())
{
return
[];
}
// Build regular admin navigation
$navigation
=
$this
->
getRootNavigation
();
$main
=
new
Navigation
(
_
(
'Werkzeuge'
),
'dispatch.php/course/contentmodules'
);
$main
=
new
Navigation
(
_
(
'Werkzeuge'
),
'dispatch.php/course/contentmodules'
);
$navigation
->
addSubNavigation
(
'contentmodules'
,
$main
);
$navigation
->
addSubNavigation
(
'contentmodules'
,
$main
);
if
(
!
Context
::
isInstitute
()
)
{
if
(
$range
instanceof
Course
)
{
$item
=
new
Navigation
(
_
(
'Grunddaten'
),
'dispatch.php/course/basicdata/view/'
.
$course_id
);
$item
=
new
Navigation
(
_
(
'Grunddaten'
),
'dispatch.php/course/basicdata/view/'
.
$course_id
);
$item
->
setImage
(
Icon
::
create
(
'edit'
));
$item
->
setImage
(
Icon
::
create
(
'edit'
));
$item
->
setDescription
(
_
(
'Bearbeiten der Grundeinstellungen dieser Veranstaltung.'
));
$item
->
setDescription
(
_
(
'Bearbeiten der Grundeinstellungen dieser Veranstaltung.'
));
...
@@ -48,8 +71,7 @@ class CoreAdmin extends CorePlugin implements StudipModule
...
@@ -48,8 +71,7 @@ class CoreAdmin extends CorePlugin implements StudipModule
$item
->
setDescription
(
_
(
'Zuordnung dieser Veranstaltung zu Studienbereichen für die Darstellung im Verzeichnis aller Veranstaltungen.'
));
$item
->
setDescription
(
_
(
'Zuordnung dieser Veranstaltung zu Studienbereichen für die Darstellung im Verzeichnis aller Veranstaltungen.'
));
$navigation
->
addSubNavigation
(
'study_areas'
,
$item
);
$navigation
->
addSubNavigation
(
'study_areas'
,
$item
);
$current_course
=
Course
::
find
(
$course_id
);
if
(
$range
->
getSemClass
()[
'module'
])
{
if
(
$current_course
&&
$current_course
->
getSemClass
()
->
offsetGet
(
'module'
))
{
$item
=
new
Navigation
(
_
(
'LV-Gruppen'
),
'dispatch.php/course/lvgselector/index/'
.
$course_id
,
[
'list'
=>
'TRUE'
]);
$item
=
new
Navigation
(
_
(
'LV-Gruppen'
),
'dispatch.php/course/lvgselector/index/'
.
$course_id
,
[
'list'
=>
'TRUE'
]);
$item
->
setImage
(
Icon
::
create
(
'learnmodule'
));
$item
->
setImage
(
Icon
::
create
(
'learnmodule'
));
$item
->
setDescription
(
_
(
'Zuordnung der Veranstaltung zu Lehrveranstaltungsgruppen um die Einordnung innerhalb des Modulverzeichnisses festzulegen.'
));
$item
->
setDescription
(
_
(
'Zuordnung der Veranstaltung zu Lehrveranstaltungsgruppen um die Einordnung innerhalb des Modulverzeichnisses festzulegen.'
));
...
@@ -73,12 +95,8 @@ class CoreAdmin extends CorePlugin implements StudipModule
...
@@ -73,12 +95,8 @@ class CoreAdmin extends CorePlugin implements StudipModule
}
// endif modules only seminars
}
// endif modules only seminars
if
(
$GLOBALS
[
'perm'
]
->
have_studip_perm
(
'tutor'
,
$course_id
))
{
if
(
Config
::
get
()
->
VOTE_ENABLE
)
{
if
(
Config
::
get
()
->
VOTE_ENABLE
)
{
$item
=
new
Navigation
(
_
(
'Fragebögen'
),
'dispatch.php/questionnaire/courseoverview'
);
$this
->
addVoteNavigation
(
$navigation
);
$item
->
setImage
(
Icon
::
create
(
'vote'
));
$item
->
setDescription
(
_
(
'Erstellen und bearbeiten von Fragebögen.'
));
$navigation
->
addSubNavigation
(
'questionnaires'
,
$item
);
}
}
if
(
Config
::
get
()
->
EVAL_ENABLE
)
{
if
(
Config
::
get
()
->
EVAL_ENABLE
)
{
$item
=
new
Navigation
(
_
(
'Evaluationen'
),
'admin_evaluation.php?view=eval_sem'
);
$item
=
new
Navigation
(
_
(
'Evaluationen'
),
'admin_evaluation.php?view=eval_sem'
);
...
@@ -86,15 +104,13 @@ class CoreAdmin extends CorePlugin implements StudipModule
...
@@ -86,15 +104,13 @@ class CoreAdmin extends CorePlugin implements StudipModule
$item
->
setDescription
(
_
(
'Richten Sie fragebogenbasierte Umfragen und Lehrevaluationen ein.'
));
$item
->
setDescription
(
_
(
'Richten Sie fragebogenbasierte Umfragen und Lehrevaluationen ein.'
));
$navigation
->
addSubNavigation
(
'evaluation'
,
$item
);
$navigation
->
addSubNavigation
(
'evaluation'
,
$item
);
}
}
}
/*
/*
* Is the current SemClass available for grouping other courses?
* Is the current SemClass available for grouping other courses?
* -> show child management
* -> show child management
*/
*/
$course
=
Course
::
find
(
$course_id
);
if
(
$range
instanceof
Course
)
{
if
(
$course
)
{
$c
=
$range
->
getSemClass
();
$c
=
$course
->
getSemClass
();
if
(
$c
->
isGroup
())
{
if
(
$c
->
isGroup
())
{
$item
=
new
Navigation
(
_
(
'Unterveranstaltungen'
),
'dispatch.php/course/grouping/children'
);
$item
=
new
Navigation
(
_
(
'Unterveranstaltungen'
),
'dispatch.php/course/grouping/children'
);
...
@@ -120,9 +136,6 @@ class CoreAdmin extends CorePlugin implements StudipModule
...
@@ -120,9 +136,6 @@ class CoreAdmin extends CorePlugin implements StudipModule
}
}
return
[
'admin'
=>
$navigation
];
return
[
'admin'
=>
$navigation
];
}
else
{
return
[];
}
}
}
/**
/**
...
@@ -145,4 +158,20 @@ class CoreAdmin extends CorePlugin implements StudipModule
...
@@ -145,4 +158,20 @@ class CoreAdmin extends CorePlugin implements StudipModule
// TODO: Implement getInfoTemplate() method.
// TODO: Implement getInfoTemplate() method.
return
null
;
return
null
;
}
}
private
function
getRootNavigation
():
Navigation
{
$navigation
=
new
Navigation
(
_
(
'Verwaltung'
));
$navigation
->
setImage
(
Icon
::
create
(
'admin'
,
Icon
::
ROLE_INFO_ALT
));
$navigation
->
setActiveImage
(
Icon
::
create
(
'admin'
,
Icon
::
ROLE_INFO
));
return
$navigation
;
}
private
function
addVoteNavigation
(
Navigation
&
$navigation
):
void
{
$item
=
new
Navigation
(
_
(
'Fragebögen'
),
'dispatch.php/questionnaire/courseoverview'
);
$item
->
setImage
(
Icon
::
create
(
'vote'
));
$item
->
setDescription
(
_
(
'Erstellen und bearbeiten von Fragebögen.'
));
$navigation
->
addSubNavigation
(
'questionnaires'
,
$item
);
}
}
}
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment