Merge remote-tracking branch 'origin/OpenOLAT_13.2' into OpenOLAT_14.0

836a41db · srosse · b7f7451b · 19bee52a · 836a41db · 836a41db
Commit 836a41db authored 5 years ago by srosse
--- a/src/main/java/de/bps/course/nodes/CourseNodePasswordManager.java
+++ b/src/main/java/de/bps/course/nodes/CourseNodePasswordManager.java
@@ -20,8 +20,7 @@
 package de.bps.course.nodes;
 import org.olat.core.id.Identity;
-import org.olat.core.id.OLATResourceable;
+import org.olat.core.id.IdentityEnvironment;
-import org.olat.course.condition.additionalconditions.AdditionalConditionAnswerContainer;
 public interface CourseNodePasswordManager {
@@ -30,9 +29,9 @@ public interface CourseNodePasswordManager {
 	 * @param identity
 	 * @return
 	 */
-	public AdditionalConditionAnswerContainer getAnswerContainer(Identity identity);
+	public String getAnswer(IdentityEnvironment identityEnv, Long courseId, String nodeIdentifier);
-	public AdditionalConditionAnswerContainer removeAnswerContainerFromCache(Identity identity);
+	public void removeAnswerContainerFromCache(Identity identity);
 	/**
 	 * updates inputted password
@@ -41,12 +40,7 @@ public interface CourseNodePasswordManager {
 	 * @param courseId
 	 * @param value
 	 */
-	public void updatePwd(Identity identity, String nodeIdentifier, Long courseId, String value);
+	public void updatePwd(IdentityEnvironment identityEnv, String nodeIdentifier, Long courseId, String value);
-	/**
-	 * deletes password for a repository entry
-	 * @param key
-	 */
-	public void deleteAllPasswordsFor(OLATResourceable ores);
 }
--- a/src/main/java/de/bps/course/nodes/CourseNodePasswordManagerImpl.java
+++ b/src/main/java/de/bps/course/nodes/CourseNodePasswordManagerImpl.java
@@ -20,13 +20,11 @@
 package de.bps.course.nodes;
 import java.util.List;
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
 import org.olat.core.id.Identity;
-import org.olat.core.id.OLATResourceable;
+import org.olat.core.id.IdentityEnvironment;
+import org.olat.core.id.Roles;
 import org.olat.course.condition.additionalconditions.AdditionalConditionAnswerContainer;
-import org.olat.course.condition.additionalconditions.PasswordStore;
 import org.olat.course.run.preview.PreviewIdentity;
 import org.olat.properties.Property;
 import org.olat.properties.PropertyManager;
@@ -43,7 +41,7 @@ import org.olat.properties.PropertyManager;
 */
 public class CourseNodePasswordManagerImpl implements CourseNodePasswordManager {
-	private final Map<Long, AdditionalConditionAnswerContainer> cache = new ConcurrentHashMap<Long, AdditionalConditionAnswerContainer>();
+	private static final String ATTR_COURSE_NODE_PREFIX = "course-node-password-prfx-";
 	private static CourseNodePasswordManagerImpl INSTANCE;
 	static {
@@ -61,41 +59,37 @@ public class CourseNodePasswordManagerImpl implements CourseNodePasswordManager
 		// no public constructor
 	}
-	/**
-	 * @see de.bps.course.nodes.CourseNodePasswordManager#getAnswerContainer(org.olat.core.id.Identity)
-	 */
 	@Override
-	public AdditionalConditionAnswerContainer getAnswerContainer(Identity identity) {
+	public String getAnswer(IdentityEnvironment identityEnv, Long courseId, String nodeIdent) {
-		AdditionalConditionAnswerContainer acac;
+		Identity identity = identityEnv == null ? null : identityEnv.getIdentity();
-		if(identity == null) {
-			acac = new AdditionalConditionAnswerContainer();
+		String value;
-		} else if (cache.containsKey(identity.getKey())) {
+		if(identityEnv == null || identityEnv.getAttributes() == null) {// REST calls
-			acac = cache.get(identity.getKey());
+			value = null;
 		} else {
-			PropertyManager pm = PropertyManager.getInstance();
+			String key = generateKey(courseId, Long.valueOf(nodeIdent));
-			List<Property> properties = pm.listProperties(identity, null, AdditionalConditionAnswerContainer.RESOURCE_NAME, null, null, AdditionalConditionAnswerContainer.RESOURCE_NAME);
+			value = identityEnv.getAttributes().get(key);
-			if(properties == null) {
+			if(value == null && !identityEnv.getRoles().isGuestOnly()) {
-				acac = null;
+				PropertyManager pm = PropertyManager.getInstance();
-			} else {
+				List<Property> properties = pm.listProperties(identity, null, AdditionalConditionAnswerContainer.RESOURCE_NAME,
-				acac = new AdditionalConditionAnswerContainer();
+						Long.valueOf(nodeIdent), null, AdditionalConditionAnswerContainer.RESOURCE_NAME);
-				for (Object object : properties) {
+				for (Property property : properties) {
-					Property property = (Property) object;
+					String pKey = generateKey(property.getLongValue(), property.getResourceTypeId());
-					PasswordStore store = new PasswordStore();
+					identityEnv.getAttributes().put(pKey, property.getStringValue());
-					store.setPassword(property.getStringValue());
-					store.setCourseId(property.getLongValue());
-					store.setNodeIdent(property.getResourceTypeId());
-					acac.insertAnswer(Long.toString(property.getResourceTypeId()), property.getLongValue(), store);
 				}
-				cache.put(identity.getKey(), acac);
+				value = identityEnv.getAttributes().get(key);
 			}
 		}
-		return acac;
+		return value;
+	}
+	private String generateKey(Long courseId, Long nodeIdent) {
+		return ATTR_COURSE_NODE_PREFIX + courseId + " " + nodeIdent;
 	}
 	@Override
-	public AdditionalConditionAnswerContainer removeAnswerContainerFromCache(Identity identity) {
+	public void removeAnswerContainerFromCache(Identity identity) {
-		if(identity == null) return null;
+		//
-		return cache.remove(identity.getKey());
 	}
 	/**
@@ -104,104 +98,52 @@ public class CourseNodePasswordManagerImpl implements CourseNodePasswordManager
 	 * @param identity
 	 * @param answers
 	 */
-	private void persistAnswerContainer(Identity identity, AdditionalConditionAnswerContainer answers) {
+	private void persistAnswerContainer(IdentityEnvironment identityEnv, Long courseId, Long nodeIdent, String value) {
-		if(identity instanceof PreviewIdentity) {
+		if(identityEnv == null || identityEnv.getRoles() == null
-			//preview identity are not persistable
+				|| identityEnv.getIdentity() == null || identityEnv.getAttributes() == null) return;
-			cache.put(identity.getKey(), answers);
-		} else if (!answers.isContainerEmpty()) {
+		identityEnv.getAttributes().put(generateKey(courseId, nodeIdent), value);
-			boolean updateInDatabase = false;
+		Roles roles = identityEnv.getRoles();
+		Identity identity = identityEnv.getIdentity();
+		if(!(identity instanceof PreviewIdentity) && !roles.isGuestOnly()) {
 			PropertyManager pm = PropertyManager.getInstance();
-			Map<String, Object> container = answers.getContainer();
+			List<Property> properties = pm.listProperties(identity, null, AdditionalConditionAnswerContainer.RESOURCE_NAME,
-			for (String key : container.keySet()) {
+					nodeIdent, null, AdditionalConditionAnswerContainer.RESOURCE_NAME);
-				PasswordStore store = (PasswordStore) container.get(key);
+			if (properties != null && !properties.isEmpty()) {
-				List<Property> properties = pm.listProperties(identity, null, AdditionalConditionAnswerContainer.RESOURCE_NAME,
+				// it exists properties with this key and from this identity
-						Long.valueOf(store.getNodeIdent()), null, AdditionalConditionAnswerContainer.RESOURCE_NAME);
+				boolean pwdFounded = false;
-				if (properties != null && properties.size() > 0) {
+				for (Property prop : properties) {
-					// it exists properties with this key and from this identity
+					if (courseId.equals(prop.getLongValue())) {
-					boolean pwdFounded = false;
+						if(!value.equals(prop.getStringValue())) {
-					for (Property prop : properties) {
+							// same course id and same node id
-						if (store.getCourseId().equals(prop.getLongValue())) {
+							// not same pwd --> update
-							if(!store.getPassword().equals(prop.getStringValue())) {
+							prop.setStringValue(value);
-								// same course id and same node id
+							pm.updateProperty(prop);
-								// not same pwd --> update
-								prop.setStringValue(store.getPassword());
-								pm.updateProperty(prop);
-								updateInDatabase = true;
-							}
-							// same store
-							pwdFounded = true;
-							break;
 						}
+						// same store
+						pwdFounded = true;
+						break;
 					}
-					if (!pwdFounded) {
+				}
-						Property p = pm.createUserPropertyInstance(identity, null, AdditionalConditionAnswerContainer.RESOURCE_NAME, null, store.getCourseId(),
+				if (!pwdFounded) {
-								store.getPassword(), null);
+					Property p = pm.createUserPropertyInstance(identity, null, AdditionalConditionAnswerContainer.RESOURCE_NAME, null, courseId, value, null);
-						p.setResourceTypeName(AdditionalConditionAnswerContainer.RESOURCE_NAME);
-						p.setResourceTypeId(Long.valueOf(store.getNodeIdent()));
-						pm.saveProperty(p);
-						updateInDatabase = true;
-					}
-				} else {
-					// it exists nothing properties with this key and from this identity
-					Property p = pm.createUserPropertyInstance(identity, null, AdditionalConditionAnswerContainer.RESOURCE_NAME, null, store.getCourseId(),
-							store.getPassword(), null);
 					p.setResourceTypeName(AdditionalConditionAnswerContainer.RESOURCE_NAME);
-					p.setResourceTypeId(Long.valueOf(store.getNodeIdent()));
+					p.setResourceTypeId(nodeIdent);
 					pm.saveProperty(p);
-					updateInDatabase = true;
 				}
-			}
+			} else {
-			if (updateInDatabase) {
+				// it exists nothing properties with this key and from this identity
-				cache.put(identity.getKey(), answers);
+				Property p = pm.createUserPropertyInstance(identity, null, AdditionalConditionAnswerContainer.RESOURCE_NAME, null, courseId, value, null);
+				p.setResourceTypeName(AdditionalConditionAnswerContainer.RESOURCE_NAME);
+				p.setResourceTypeId(nodeIdent);
+				pm.saveProperty(p);
 			}
 		}
 	}
-	/**
-	 * @see de.bps.course.nodes.CourseNodePasswordManager#updatePwd(org.olat.core.id.Identity, java.lang.String, java.lang.String, java.lang.String)
-	 */
 	@Override
-	public void updatePwd(Identity identity, String nodeIdentifier, Long courseId, String value) {
+	public void updatePwd(IdentityEnvironment identityEnv, String nodeIdentifier, Long courseId, String value) {
-		AdditionalConditionAnswerContainer answers = getAnswerContainer(identity);
+		persistAnswerContainer(identityEnv, courseId, Long.valueOf(nodeIdentifier), value);
-		if (answers == null) {
-			answers = new AdditionalConditionAnswerContainer();
-		}
-		PasswordStore pwdStore = (PasswordStore)answers.getAnswers(nodeIdentifier, courseId);
-		if(pwdStore != null) {
-			pwdStore.setPassword(value);
-		} else {
-			PasswordStore store = new PasswordStore();
-			store.setPassword(value);
-			store.setNodeIdent(Long.valueOf(nodeIdentifier));
-			store.setCourseId(Long.valueOf(courseId));
-			answers.insertAnswer(nodeIdentifier, courseId, store);
-		}
-		persistAnswerContainer(identity, answers);
-	}
-	/**
-	 * @see de.bps.course.nodes.CourseNodePasswordManager#deleteAllPasswordsFor(java.lang.Long)
-	 */
-	public void deleteAllPasswordsFor(OLATResourceable ores) {
-		PropertyManager pm = PropertyManager.getInstance();
-		List<Property> properties = pm.listProperties(null, null, AdditionalConditionAnswerContainer.RESOURCE_NAME,
-				null, null, AdditionalConditionAnswerContainer.RESOURCE_NAME, ores.getResourceableId(), null);
-		for (Property p : properties) {
-			Long nodeId = p.getResourceTypeId();
-			Long courseId = p.getLongValue();
-			removeAnswers(nodeId, courseId);
-			pm.deleteProperty(p);
-		}
-	}
-	private void removeAnswers(Long nodeId, Long courseId) {
-		for (Long key : cache.keySet()) {
-			AdditionalConditionAnswerContainer acac = cache.get(key);
-			if (acac.containsAnswer(Long.toString(nodeId), courseId)) {
-				acac.removeAnswer(Long.toString(nodeId), courseId);
-			}
-		}
 	}
 }
--- a/src/main/java/org/olat/course/condition/additionalconditions/AdditionalConditionManager.java
+++ b/src/main/java/org/olat/course/condition/additionalconditions/AdditionalConditionManager.java
@@ -22,6 +22,7 @@ package org.olat.course.condition.additionalconditions;
 import org.olat.core.gui.UserRequest;
 import org.olat.core.gui.control.Controller;
 import org.olat.core.gui.control.WindowControl;
+import org.olat.core.id.IdentityEnvironment;
 import org.olat.course.nodes.AbstractAccessableCourseNode;
 import org.olat.course.nodes.CourseNodeConfiguration;
 import org.olat.course.nodes.CourseNodeFactory;
@@ -31,12 +32,12 @@ import org.olat.course.run.userview.UserCourseEnvironment;
 public class AdditionalConditionManager {
 	private AbstractAccessableCourseNode node ;
-	private final AdditionalConditionAnswerContainer answers;
+	private final IdentityEnvironment identityEnv;
 	private Long courseId;
-	public AdditionalConditionManager(AbstractAccessableCourseNode node, Long courseId, AdditionalConditionAnswerContainer answers){
+	public AdditionalConditionManager(AbstractAccessableCourseNode node, Long courseId, IdentityEnvironment identityEnv) {
 		this.node = node;
-		this.answers = answers;
+		this.identityEnv = identityEnv;
 		this.courseId = courseId;
 	}
@@ -45,7 +46,7 @@ public class AdditionalConditionManager {
 		for(AdditionalCondition cond : node.getAdditionalConditions()) {
 			cond.setNode(node);
 			cond.setCourseId(courseId);
-			retVal = cond.evaluate(answers);
+			retVal = cond.evaluate(identityEnv);
 			//otherwise all users on this node can enter the course if one user had known the correct answer 
 			if(!retVal) {
 				break;
@@ -66,7 +67,7 @@ public class AdditionalConditionManager {
 		for(AdditionalCondition cond : node.getAdditionalConditions()){
 			cond.setNode(node);
 			cond.setCourseId(courseId);
-			boolean retVal = cond.evaluate(answers);
+			boolean retVal = cond.evaluate(identityEnv);
 			if(!retVal) {
 				Controller ctrl = cond.getUserInputController(ureq, wControl, userCourseEnv);
 				CourseNodeConfiguration config = CourseNodeFactory.getInstance().getCourseNodeConfiguration(node.getType());

--- a/src/main/java/org/olat/course/condition/additionalconditions/PasswordCondition.java
+++ b/src/main/java/org/olat/course/condition/additionalconditions/PasswordCondition.java
@@ -22,9 +22,12 @@ package org.olat.course.condition.additionalconditions;
 import org.olat.core.gui.UserRequest;
 import org.olat.core.gui.control.Controller;
 import org.olat.core.gui.control.WindowControl;
+import org.olat.core.id.IdentityEnvironment;
 import org.olat.course.nodes.AbstractAccessableCourseNode;
 import org.olat.course.run.userview.UserCourseEnvironment;
+import de.bps.course.nodes.CourseNodePasswordManagerImpl;
 /**
 * Only a placeholder to import courses from other vendors
 * 
@@ -41,7 +44,7 @@ public class PasswordCondition extends AdditionalCondition {
 	@SuppressWarnings("unused") @Deprecated
 	private String answer;
-	public final static String PASSWORD_ENDING = "password";
+	public static final String PASSWORD_ENDING = "password";
 	// </OLATCE-91>
 	public AbstractAccessableCourseNode getNode() {
@@ -52,17 +55,13 @@ public class PasswordCondition extends AdditionalCondition {
 	@Override
 	public boolean evaluate(Object userAnswerObj) {
 		String userAnswer = null;
-		if(userAnswerObj instanceof AdditionalConditionAnswerContainer) {
+		if(userAnswerObj instanceof IdentityEnvironment) {
-			AdditionalConditionAnswerContainer answersContainer = (AdditionalConditionAnswerContainer)userAnswerObj;
+			IdentityEnvironment identityEnv = (IdentityEnvironment)userAnswerObj;
-			Object obj = answersContainer.getAnswers(node.getIdent(), courseId); 
+			userAnswer = CourseNodePasswordManagerImpl.getInstance().getAnswer(identityEnv, courseId, node.getIdent());
-			if(obj instanceof PasswordStore){
-				userAnswer = ((PasswordStore)obj).getPassword();
-			}
 		} else if(userAnswerObj instanceof String) {
 			userAnswer = (String)userAnswerObj;
 		}
+		return password == null || password.equals(userAnswer); 
-		return password==null ? true : password.equals(userAnswer); 
 	}
 	@Override

--- a/src/main/java/org/olat/course/condition/additionalconditions/PasswordVerificationController.java
+++ b/src/main/java/org/olat/course/condition/additionalconditions/PasswordVerificationController.java
@@ -91,7 +91,7 @@ public class PasswordVerificationController extends FormBasicController {
 			if (valid) {
 				CourseNodePasswordManager cnpm = CourseNodePasswordManagerImpl.getInstance();
 				//used the identity of the user course environment for the preview of courses
-				cnpm.updatePwd(userCourseEnv.getIdentityEnvironment().getIdentity(), condition.getNodeIdentifier(), condition.getCourseId(), pwElement.getValue());
+				cnpm.updatePwd(userCourseEnv.getIdentityEnvironment(), condition.getNodeIdentifier(), condition.getCourseId(), pwElement.getValue());
 			} else {
 				pwElement.setErrorKey("password.incorrect", new String[0]);
 			}

--- a/src/main/java/org/olat/course/nodes/AbstractAccessableCourseNode.java
+++ b/src/main/java/org/olat/course/nodes/AbstractAccessableCourseNode.java
@@ -28,19 +28,16 @@ package org.olat.course.nodes;
 import java.util.ArrayList;
 import java.util.List;
-import org.olat.core.id.Identity;
+import org.olat.core.id.IdentityEnvironment;
 import org.olat.course.ICourse;
 import org.olat.course.condition.Condition;
 import org.olat.course.condition.additionalconditions.AdditionalCondition;
-import org.olat.course.condition.additionalconditions.AdditionalConditionAnswerContainer;
 import org.olat.course.condition.additionalconditions.AdditionalConditionManager;
 import org.olat.course.condition.interpreter.ConditionExpression;
 import org.olat.course.condition.interpreter.ConditionInterpreter;
 import org.olat.course.export.CourseEnvironmentMapper;
 import org.olat.course.run.userview.NodeEvaluation;
-import de.bps.course.nodes.CourseNodePasswordManagerImpl;
 /**
 * Initial Date: May 28, 2004
 * 
@@ -120,21 +117,19 @@ public abstract class AbstractAccessableCourseNode extends GenericCourseNode {
 	protected void calcAccessAndVisibility(ConditionInterpreter ci, NodeEvaluation nodeEval) {
 		// </OLATCE-91>
 		// for this node: only one role: accessing the node
-		boolean accessible = (getPreConditionAccess().getConditionExpression() == null ? true : ci.evaluateCondition(getPreConditionAccess()));
+		boolean accessible = getPreConditionAccess().getConditionExpression() == null || ci.evaluateCondition(getPreConditionAccess());
 		// <OLATCE-91>
 		if(accessible){
 			Long courseId = ci.getUserCourseEnvironment().getCourseEnvironment().getCourseResourceableId();
-			Identity identity = ci.getUserCourseEnvironment().getIdentityEnvironment().getIdentity();
+			IdentityEnvironment identityEnv = ci.getUserCourseEnvironment().getIdentityEnvironment();
-			AdditionalConditionAnswerContainer answers= CourseNodePasswordManagerImpl.getInstance().getAnswerContainer(identity);
 			nodeEval.putAccessStatus(BLOCKED_BY_ORIGINAL_ACCESS_RULES, false);
-			AdditionalConditionManager addMan = new AdditionalConditionManager(this, courseId, answers);
+			AdditionalConditionManager addMan = new AdditionalConditionManager(this, courseId, identityEnv);
 			accessible = addMan.evaluateConditions();
 		}
 		// </OLATCE-91>
 		nodeEval.putAccessStatus("access", accessible);
-		boolean visible = (getPreConditionVisibility().getConditionExpression() == null ? true : ci
+		boolean visible = getPreConditionVisibility().getConditionExpression() == null
-				.evaluateCondition(getPreConditionVisibility()));
+				|| ci.evaluateCondition(getPreConditionVisibility());
 		nodeEval.setVisible(visible);
 	}

--- a/src/main/java/org/olat/course/nodes/SurveyCourseNode.java
+++ b/src/main/java/org/olat/course/nodes/SurveyCourseNode.java
@@ -228,7 +228,7 @@ public class SurveyCourseNode extends AbstractAccessableCourseNode {
 			RepositoryEntry re = handler.importResource(owner, rie.getInitialAuthor(), rie.getDisplayName(),
 				rie.getDescription(), false, organisation, locale, rie.importGetExportedFile(), null);
 			setEvaluationFormReference(re, getModuleConfiguration());
-			postImportCopy(course);
+			postImportCopy(course, getIdent());
 		} else {
 			removeEvaluationFormReference(getModuleConfiguration());
 		}
@@ -237,7 +237,7 @@ public class SurveyCourseNode extends AbstractAccessableCourseNode {
 	@Override
 	public void postCopy(CourseEnvironmentMapper envMapper, Processing processType, ICourse course, ICourse sourceCrourse) {
 		super.postCopy(envMapper, processType, course, sourceCrourse);
-		postImportCopy(course);
+		postImportCopy(course, getIdent());
 	}
 	@Override
@@ -247,10 +247,6 @@ public class SurveyCourseNode extends AbstractAccessableCourseNode {
 		return copyInstance;
 	}
-	private void postImportCopy(ICourse course) {
-		postImportCopy(course, getIdent());
-	}
 	private void postImportCopy(ICourse course, String nodeIdent) {
 		RepositoryEntry ores = RepositoryManager.getInstance().lookupRepositoryEntry(course, true);
 		EvaluationFormManager evaluationFormManager = CoreSpringFactory.getImpl(EvaluationFormManager.class);

--- a/src/main/java/org/olat/course/run/navigation/NavigationHandler.java
+++ b/src/main/java/org/olat/course/run/navigation/NavigationHandler.java
@@ -47,7 +47,7 @@ import org.olat.core.gui.control.WindowControl;
 import org.olat.core.gui.control.generic.messages.MessageUIFactory;
 import org.olat.core.gui.control.generic.title.TitledWrapperController;
 import org.olat.core.gui.translator.Translator;
-import org.olat.core.id.Identity;
+import org.olat.core.id.IdentityEnvironment;
 import org.olat.core.id.OLATResourceable;
 import org.olat.core.id.context.BusinessControlFactory;
 import org.olat.core.id.context.ContextEntry;
@@ -61,7 +61,6 @@ import org.olat.core.util.Util;
 import org.olat.core.util.nodes.INode;
 import org.olat.core.util.resource.OresHelper;
 import org.olat.core.util.xml.XStreamHelper;
-import org.olat.course.condition.additionalconditions.AdditionalConditionAnswerContainer;
 import org.olat.course.condition.additionalconditions.AdditionalConditionManager;
 import org.olat.course.editor.EditorMainController;
 import org.olat.course.nodes.AbstractAccessableCourseNode;
@@ -75,13 +74,8 @@ import org.olat.course.run.userview.TreeFilter;
 import org.olat.course.run.userview.UserCourseEnvironment;
 import org.olat.util.logging.activity.LoggingResourceable;
-import de.bps.course.nodes.CourseNodePasswordManager;
-import de.bps.course.nodes.CourseNodePasswordManagerImpl;
 /**
- * Description: <br>
- * TODO: Felix Jost Class Description for NavigationHandler
 * Initial Date: 19.01.2005 <br>
 * @author Felix Jost
 */
@@ -93,9 +87,9 @@ public class NavigationHandler implements Disposable {
 	private String selectedCourseNodeId;
 	private TreeFilter filter;
-	private Set<String> openCourseNodeIds = new HashSet<String>();
+	private Set<String> openCourseNodeIds = new HashSet<>();
-	private List<String> openTreeNodeIds = new ArrayList<String>();
+	private List<String> openTreeNodeIds = new ArrayList<>();
-	private Map<String,SubTree> externalTreeModels = new HashMap<String,SubTree>();
+	private Map<String,SubTree> externalTreeModels = new HashMap<>();
 	/**
 	 * @param userCourseEnv
@@ -181,7 +175,6 @@ public class NavigationHandler implements Disposable {
 			}
 			if (subtreemodelListener == null) {
-				//throw new AssertException("no handler for subtreemodelcall!");
 				//reattach the subtreemodellistener
 				TreeNode internNode = getFirstInternParentNode(selTN);
 				NodeEvaluation prevEval = (NodeEvaluation) internNode.getUserObject();
@@ -374,10 +367,8 @@ public class NavigationHandler implements Disposable {
 			AdditionalConditionManager addMan = null;
 			if (courseNode instanceof AbstractAccessableCourseNode) {
 				Long courseId = userCourseEnv.getCourseEnvironment().getCourseResourceableId();
-				CourseNodePasswordManager cnpm = CourseNodePasswordManagerImpl.getInstance();
+				IdentityEnvironment identityEnv = userCourseEnv.getIdentityEnvironment();
-				Identity identity = userCourseEnv.getIdentityEnvironment().getIdentity();
+				addMan = new AdditionalConditionManager((AbstractAccessableCourseNode)courseNode, courseId, identityEnv);
-				AdditionalConditionAnswerContainer answerContainer = cnpm.getAnswerContainer(identity);
-				addMan = new AdditionalConditionManager( (AbstractAccessableCourseNode) courseNode, courseId, answerContainer);
 			}
 			if (!mayAccessWholeTreeUp|| (addMan != null && !addMan.evaluateConditions())) {

--- a/src/main/java/org/olat/search/service/indexer/identity/IdentityIndexer.java
+++ b/src/main/java/org/olat/search/service/indexer/identity/IdentityIndexer.java
@@ -20,12 +20,18 @@
 package org.olat.search.service.indexer.identity;
 import java.io.IOException;
+import java.util.Collections;
 import java.util.List;
 import org.olat.basesecurity.BaseSecurity;
 import org.olat.basesecurity.BaseSecurityManager;
+import org.olat.basesecurity.IdentityPowerSearchQueries;
+import org.olat.basesecurity.OrganisationRoles;
+import org.olat.basesecurity.SearchIdentityParams;
+import org.olat.core.CoreSpringFactory;
 import org.olat.core.commons.persistence.DBFactory;
 import org.olat.core.id.Identity;
+import org.olat.core.id.OrganisationRef;
 import org.olat.core.id.Roles;
 import org.olat.core.id.context.BusinessControl;
 import org.olat.core.id.context.ContextEntry;
@@ -52,9 +58,7 @@ public class IdentityIndexer extends AbstractHierarchicalIndexer {
 	public static final String TYPE = "type.identity";
-	/**
+	@Override
-	 * @see org.olat.search.service.indexer.Indexer#getSupportedTypeName()
-	 */
 	public String getSupportedTypeName() {
 		return Identity.class.getSimpleName();	
 	}
@@ -104,6 +108,14 @@ public class IdentityIndexer extends AbstractHierarchicalIndexer {
 		if(roles.isGuestOnly()) {
 			return false;
 		}
-		return true;
+		Long identityKey = contextEntry.getOLATResourceable().getResourceableId();
+		List<OrganisationRef> organisations = roles.getOrganisationsWithRoles(OrganisationRoles.valuesWithoutGuestAndInvitee());
+		SearchIdentityParams params = new SearchIdentityParams(null, null, false, null, 
+				null, null, null, null, null, Identity.STATUS_VISIBLE_LIMIT);
+		params.setOrganisations(organisations);
+		params.setIdentityKeys(Collections.singletonList(identityKey));
+		List<Identity> ids = CoreSpringFactory.getImpl(IdentityPowerSearchQueries.class).getIdentitiesByPowerSearch(params, 0, 1);
+		return !ids.isEmpty();
 	}
 }
--- a/src/main/java/org/olat/upgrade/OLATUpgrade_13_2_8.java
+++ b/src/main/java/org/olat/upgrade/OLATUpgrade_13_2_8.java
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.upgrade;
+import java.util.List;
+import org.apache.logging.log4j.Logger;
+import org.olat.basesecurity.BaseSecurity;
+import org.olat.basesecurity.OrganisationRoles;
+import org.olat.basesecurity.SearchIdentityParams;
+import org.olat.core.commons.persistence.DB;
+import org.olat.core.id.Identity;
+import org.olat.core.logging.Tracing;
+import org.olat.course.condition.additionalconditions.AdditionalConditionAnswerContainer;
+import org.olat.properties.Property;
+import org.olat.properties.PropertyManager;
+import org.springframework.beans.factory.annotation.Autowired;
+/**
+ * 
+ * Initial date: 3 avr. 2019<br>
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
+ *
+ */
+public class OLATUpgrade_13_2_8 extends OLATUpgrade {
+	private static final Logger log = Tracing.createLoggerFor(OLATUpgrade_13_2_8.class);
+	private static final String VERSION = "OLAT_13.2.8";
+	private static final String GUEST_COURSE_NODES_PASSWORDS = "GUEST COURSE NODES PASSWORDS";
+	@Autowired
+	private DB dbInstance;
+	@Autowired
+	private BaseSecurity securityManager;
+	@Autowired
+	private PropertyManager propertyManager;
+	public OLATUpgrade_13_2_8() {
+		super();
+	}
+	@Override
+	public String getVersion() {
+		return VERSION;
+	}
+	@Override
+	public boolean doPostSystemInitUpgrade(UpgradeManager upgradeManager) {
+		UpgradeHistoryData uhd = upgradeManager.getUpgradesHistory(VERSION);
+		if (uhd == null) {
+			// has never been called, initialize
+			uhd = new UpgradeHistoryData();
+		} else if (uhd.isInstallationComplete()) {
+			return false;
+		}
+		boolean allOk = true;
+		allOk &= deleteCourseNodePassworsForGuests(upgradeManager, uhd);
+		uhd.setInstallationComplete(allOk);
+		upgradeManager.setUpgradesHistory(uhd, VERSION);
+		if(allOk) {
+			log.info(Tracing.M_AUDIT, "Finished OLATUpgrade_13_2_8 successfully!");
+		} else {
+			log.info(Tracing.M_AUDIT, "OLATUpgrade_13_2_8 not finished, try to restart OpenOLAT!");
+		}
+		return allOk;
+	}
+	/**
+	 * Find identities without organizations but not deleted.
+	 * 
+	 * @param upgradeManager The upgrade manager
+	 * @param uhd The upgrade history
+	 * @return true if successful
+	 */
+	private boolean deleteCourseNodePassworsForGuests(UpgradeManager upgradeManager, UpgradeHistoryData uhd) {
+		boolean allOk = true;
+		if (!uhd.getBooleanDataValue(GUEST_COURSE_NODES_PASSWORDS)) {
+			SearchIdentityParams params = new SearchIdentityParams();
+			params.setRoles(new OrganisationRoles[] { OrganisationRoles.guest });
+			List<Identity> guests = securityManager.getIdentitiesByPowerSearch(params, 0, -1);
+			for(Identity guest:guests) {
+				List<Property> properties = propertyManager.listProperties(guest, null, AdditionalConditionAnswerContainer.RESOURCE_NAME,
+						null, null, AdditionalConditionAnswerContainer.RESOURCE_NAME);
+				for(Property property:properties) {
+					propertyManager.deleteProperty(property);
+				}
+				dbInstance.commitAndCloseSession();
+			}
+			uhd.setBooleanDataValue(GUEST_COURSE_NODES_PASSWORDS, allOk);
+			upgradeManager.setUpgradesHistory(uhd, VERSION);
+		}
+		return allOk;
+	}
+}
--- a/src/main/java/org/olat/upgrade/_spring/upgradeContext.xml
+++ b/src/main/java/org/olat/upgrade/_spring/upgradeContext.xml
@@ -48,6 +48,7 @@
 				<bean id="upgrade_13_1_0" class="org.olat.upgrade.OLATUpgrade_13_1_0"/>
 				<bean id="upgrade_13_2_0" class="org.olat.upgrade.OLATUpgrade_13_2_0"/>
 				<bean id="upgrade_13_2_4" class="org.olat.upgrade.OLATUpgrade_13_2_4"/>
+				<bean id="upgrade_13_2_8" class="org.olat.upgrade.OLATUpgrade_13_2_8"/>
 				<bean id="upgrade_14_0_0" class="org.olat.upgrade.OLATUpgrade_14_0_0"/>
 			</list>
 		</property>

--- a/src/main/webapp/static/themes/light/theme.css
+++ b/src/main/webapp/static/themes/light/theme.css
--- a/src/main/webapp/static/themes/light/theme.css.map
+++ b/src/main/webapp/static/themes/light/theme.css.map
--- a/src/main/webapp/static/themes/openolat/theme.css
+++ b/src/main/webapp/static/themes/openolat/theme.css
--- a/src/main/webapp/static/themes/openolat/theme.css.map
+++ b/src/main/webapp/static/themes/openolat/theme.css.map