enable users wathcin videos in courseware block again, set correct permissions...

enable users wathcin videos in courseware block again, set correct permissions for videos that are only linked to a courseware block (#1092)

courseware/vueapp/components/VideoRow.vue

 <template>
-    <tr class="oc--episode" :class="{'oc-cw-video-selected' : selected}" v-if="event.refresh === undefined" :key="event.id" @click="$emit('setVideo', event)" style="cursor: pointer" title="Video auswählen">
+    <tr class="oc--episode" :class="{'oc-cw-video-selected' : selected}"
+        v-if="event.refresh === undefined"
+        :key="event.id"
+        @click="$emit('setVideo', event)"
+        style="cursor: pointer"
+        title="Video auswählen"
+    >
         <td class="oc--playercontainer">
             <span v-if="event.publication && event.preview && (event.available && event.available != '0')">
                 <span class="oc--previewimage">

courseware/vueapp/courseware-plugin-opencast-video.vue

@@ -230,8 +230,12 @@ export default {
             }
         },
 
-        loadVideos() {
+        loadVideos()
+        {
             let view = this;
+
+            // if user can edit this block, load all accesible videos
+            if (this.canEdit) {
                 view.loadingVideos = true;
                 const params = new URLSearchParams();
                 params.append('offset', this.paging.currPage * this.limit);
@@ -254,6 +258,15 @@ export default {
                         view.videos = data.videos;
                         view.loadingVideos = false;
                     })
+            } else {
+                // load only the current video if user has no edit perms
+                axios
+                    .get(STUDIP.ABSOLUTE_URI_STUDIP + 'plugins.php/opencastv3/api/videos/' + view.currentVideoId)
+                    .then(({ data }) => {
+                        view.videos = [];
+                        view.videos.push(data.video);
+                    });
+            }
         },
 
         checkLTIAuthentication(server)

lib/RouteMap.php

@@ -53,6 +53,7 @@ class RouteMap
         // Video routes
         $group->get("/videos", Routes\Video\VideoList::class);
 
+        $group->get("/videos/{token}", Routes\Video\VideoShow::class);
         $group->put("/videos/{token}", Routes\Video\VideoUpdate::class);
         $group->put("/videos/{token}/restore", Routes\Video\VideoRestore::class);
         $group->delete("/videos/{token}", Routes\Video\VideoDelete::class);

lib/Routes/Opencast/UserRoles.php

@@ -14,6 +14,7 @@ use Opencast\Models\Filter;
 use Opencast\Models\VideosShares;
 use Opencast\Models\Playlists;
 use Opencast\Models\PlaylistsUserPerms;
+use Opencast\Models\VideoCoursewareBlocks;
 
 
 
@@ -99,6 +100,18 @@ class UserRoles extends OpencastController
                     }
                 }
 
+                // get all videos in courseware blocks in courses and add them to the permission list as well
+                $stmt_courseware = \DBManager::get()->prepare("SELECT episode FROM oc_video_cw_blocks
+                    LEFT JOIN oc_video USING (token)
+                    LEFT JOIN seminar_user USING (seminar_id)
+                    WHERE seminar_user.user_id = :user_id");#
+
+                $stmt_courseware->execute([':user_id' => $user_id]);
+
+                while($episode = $stmt_courseware->fetchColumn()) {
+                    $roles[$episode . '_read'] = $episode . '_read';
+                }
+
                 $stmt_courses = \DBManager::get()->prepare("SELECT seminar_id FROM seminar_user
                         WHERE user_id = ? AND status IN (:status)");
 

lib/Routes/Video/VideoShow.php

+<?php
+
+namespace Opencast\Routes\Video;
+
+use Psr\Http\Message\ResponseInterface as Response;
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Opencast\Errors\AuthorizationFailedException;
+use Opencast\Errors\Error;
+use Opencast\OpencastTrait;
+use Opencast\OpencastController;
+use Opencast\Models\Filter;
+use Opencast\Models\Videos;
+
+class VideoShow extends OpencastController
+{
+    use OpencastTrait;
+
+    public function __invoke(Request $request, Response $response, $args)
+    {
+        // select all videos the current user has perms on
+        $video = Videos::findByToken($args['token']);
+
+        // if no perms are found only return the token back with the config_id the video resides on,
+        // so the courseware-block can do its magic
+        if (empty($video) || !$video->getUserPerm()) {
+            return $this->createResponse([
+                'video' => [
+                    'token'     => $video->token,
+                    'config_id' => $video->config_id
+                ]
+            ], $response);
+        }
+
+        $video_array = $video->toSanitizedArray();
+        if (!empty($video_array['perm']) && ($video_array['perm'] == 'owner' || $video_array['perm'] == 'write'))
+        {
+            $video_array['perms'] = $video->perms->toSanitizedArray();
+        }
+
+        return $this->createResponse([
+            'video' => $video_array
+        ], $response);
+    }
+}