Skip to content
Snippets Groups Projects
Commit c14cdd1a authored by Rasmus Fuhse's avatar Rasmus Fuhse
Browse files

Resolve "Wiki: Exception taucht auf, wenn ich mit autor-Berechtigungen eine...

Resolve "Wiki: Exception taucht auf, wenn ich mit autor-Berechtigungen eine nicht existierende Seite aufrufe"

Closes #4991

Merge request studip/studip!3750
parent 44b518ce
No related branches found
No related tags found
No related merge requests found
......@@ -1338,6 +1338,8 @@ class Course_WikiController extends AuthenticatedController
private function validateWikiPage(WikiPage $page, Range $context, bool $for_edit = false): void
{
$page->range_id = $page->range_id ?: $context->id;
if (
!$page->isNew()
&& $page->range_id !== $context->id
......@@ -1349,7 +1351,11 @@ class Course_WikiController extends AuthenticatedController
}
if ($for_edit && !$page->isEditable()) {
throw new Exception(_('Sie dürfen diese Wikiseite nicht bearbeiten'));
if ($page->isNew()) {
throw new AccessDeniedException(_('Sie dürfen keine neue Wikiseite anlegen.'));
} else {
throw new AccessDeniedException(_('Sie dürfen diese Wikiseite nicht bearbeiten'));
}
}
}
}
......@@ -8,16 +8,24 @@
*/
final class RangeFactory
{
const TYPE_MAPPING = [
public const TYPE_MAPPING = [
'sem' => 'course',
'user' => 'user',
'inst' => 'institute',
'fak' => 'institute',
];
public static function find($id)
{
$type = get_object_type($id, ['sem', 'user', 'inst', 'fak']);
/**
* Finds a Range for a given id or false if there is no Range with the id.
* @param string $id Range id
* @param array $search_types array can have values of 'sem', 'user', 'inst' and/or 'fak'
* @return Range|false
*/
public static function find(
string $id,
array $search_types = ['sem', 'user', 'inst', 'fak']
) {
$type = get_object_type($id, $search_types);
if ($type === false) {
return false;
}
......@@ -30,12 +38,10 @@ final class RangeFactory
*
* @param string $type Range type
* @param mixed $id Range id
* @return mixed any of the supported range types
* @return Range any of the supported range types
* @throws Exception when an invalid range type was given
*
* @todo Should this be more dynamic in case any more ranges are added?
*/
public static function createRange($type, $id)
public static function createRange(string $type, string $id): Range
{
if ($type === 'user') {
return new User($id);
......
......@@ -191,6 +191,15 @@ class WikiPage extends SimpleORMap implements PrivacyObject
return false;
}
// Check create permission if page is new
if ($this->isNew()) {
$range = RangeFactory::find($this->range_id, ['sem', 'inst']);
$permission = $range->getConfiguration()->getValue('WIKI_CREATE_PERMISSION');
return $permission === 'all'
|| $GLOBALS['perm']->have_studip_perm($permission, $this->range_id, $user_id);
}
// Otherwise check write permissions
if ($this->write_permission === 'all') {
return true;
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment