From 660b1d5fc3a9d391f92b4c037464ed83660b7d37 Mon Sep 17 00:00:00 2001
From: Moritz Strohm <strohm@data-quest.de>
Date: Tue, 5 Nov 2024 11:38:36 +0000
Subject: [PATCH] Course::getEnrolmentInformation: fixed checks for root and
 admin users, fixes #4779

Closes #4779

Merge request studip/studip!3607
---
 lib/models/Course.php | 58 +++++++++++++++++++++++--------------------
 1 file changed, 31 insertions(+), 27 deletions(-)

diff --git a/lib/models/Course.php b/lib/models/Course.php
index 17c06ca382e..68ac7277a5b 100644
--- a/lib/models/Course.php
+++ b/lib/models/Course.php
@@ -1567,6 +1567,36 @@ class Course extends SimpleORMap implements Range, PrivacyObject, StudipItem, Fe
             );
         }
 
+        //Check if the user has root or admin permissions:
+
+        $user = User::find($user_id);
+
+        if ($GLOBALS['perm']->have_perm('root', $user_id)) {
+            return new \Studip\EnrolmentInformation(
+                _('Sie haben root-Rechte und dürfen damit alles in Stud.IP.'),
+                \Studip\Information::INFO,
+                'root',
+                true
+            );
+        }
+
+        if ($GLOBALS['perm']->have_studip_perm('admin', $this->id, $user_id)) {
+            return new \Studip\EnrolmentInformation(
+                _('Sie verwalten diese Veranstaltung.'),
+                \Studip\Information::INFO,
+                'course_admin',
+                true
+            );
+        }
+        if ($GLOBALS['perm']->have_perm('admin', $user_id)) {
+            return new \Studip\EnrolmentInformation(
+                _('Als administrierende Person dürfen Sie sich nicht in eine Veranstaltung eintragen.'),
+                \Studip\Information::INFO,
+                'admin',
+                false
+            );
+        }
+
         //Check the course set and if the user is on an admission list:
 
         if ($course_set = $this->getCourseSet()) {
@@ -1622,9 +1652,7 @@ class Course extends SimpleORMap implements Range, PrivacyObject, StudipItem, Fe
             );
         }
 
-        //Check the permissions of the user:
-
-        $user = User::find($user_id);
+        //Check the permissions of users that are not root or admin:
 
         if (!$user) {
             return new \Studip\EnrolmentInformation(
@@ -1642,30 +1670,6 @@ class Course extends SimpleORMap implements Range, PrivacyObject, StudipItem, Fe
                 false
             );
         }
-        if ($GLOBALS['perm']->have_perm('root', $user_id)) {
-            return new \Studip\EnrolmentInformation(
-                _('Sie haben root-Rechte und dürfen damit alles in Stud.IP.'),
-                \Studip\Information::INFO,
-                'root',
-                true
-            );
-        }
-        if ($GLOBALS['perm']->have_studip_perm('admin', $this->id, $user_id)) {
-            return new \Studip\EnrolmentInformation(
-                _('Sie verwalten diese Veranstaltung.'),
-                \Studip\Information::INFO,
-                'course_admin',
-                true
-            );
-        }
-        if ($GLOBALS['perm']->have_perm('admin', $user_id)) {
-            return new \Studip\EnrolmentInformation(
-                _('Als administrierende Person dürfen Sie sich nicht in eine Veranstaltung eintragen.'),
-                \Studip\Information::INFO,
-                'admin',
-                false
-            );
-        }
 
         //Check the course membership:
 
-- 
GitLab