diff --git a/src/main/java/org/olat/course/CoursefolderWebDAVMergeSource.java b/src/main/java/org/olat/course/CoursefolderWebDAVMergeSource.java
index 5da00b21b83657a2922fd6f459492775a418916b..2ddd8393db1d80163eda9937fc8c45a024830e8f 100644
--- a/src/main/java/org/olat/course/CoursefolderWebDAVMergeSource.java
+++ b/src/main/java/org/olat/course/CoursefolderWebDAVMergeSource.java
@@ -103,7 +103,12 @@ class CoursefolderWebDAVMergeSource extends WebDAVMergeSource {
//add bookmarked courses
if(webDAVModule.isEnableLearnersBookmarksCourse()) {
- List<RepositoryEntry> bookmarkedEntries = repositoryManager.getLearningResourcesAsBookmark(getIdentity(), identityEnv.getRoles(), "CourseModule", 0, -1);
+ List<RepositoryEntry> bookmarkedEntries = repositoryManager.getLearningResourcesAsBookmarkedMember(getIdentity(), identityEnv.getRoles(), "CourseModule", 0, -1);
+ for(RepositoryEntry bookmarkedEntry:bookmarkedEntries) {
+ System.out.println(bookmarkedEntry.getDisplayname());
+ }
+
+
appendCourses(bookmarkedEntries, containers, terms, noTermContainer, namingAndGrouping, false);
}
diff --git a/src/main/java/org/olat/repository/RepositoryManager.java b/src/main/java/org/olat/repository/RepositoryManager.java
index d033d501472aab08b0dbb5a05d12312713ea6e33..9b581fc5e48d66c67e3dc81972919fb3b1b0b506 100644
--- a/src/main/java/org/olat/repository/RepositoryManager.java
+++ b/src/main/java/org/olat/repository/RepositoryManager.java
@@ -1741,7 +1741,17 @@ public class RepositoryManager {
.getResultList();
}
- public List<RepositoryEntry> getLearningResourcesAsBookmark(Identity identity, Roles roles, String type, int firstResult, int maxResults) {
+ /**
+ * This method only returns entries with a valid membership.
+ *
+ * @param identity The identity
+ * @param roles The roles of the identity
+ * @param type The type of resource to search for
+ * @param firstResult The first result
+ * @param maxResults The max. numbers of results to return or -1 if all
+ * @return A list of repository entries
+ */
+ public List<RepositoryEntry> getLearningResourcesAsBookmarkedMember(Identity identity, Roles roles, String type, int firstResult, int maxResults) {
if(roles.isGuestOnly()) {
return Collections.emptyList();
}
@@ -1756,7 +1766,7 @@ public class RepositoryManager {
.append(" ) ")
.append(" and res.resName=:resourceType")
.append(" and exists (select rel from repoentrytogroup as rel, bgroup as baseGroup, bgroupmember as membership")
- .append(" where rel.entry=v and rel.group=baseGroup and membership.group=baseGroup and membership.identity.key=:identityKey")
+ .append(" where rel.entry.key=v.key and rel.group.key=baseGroup.key and membership.group.key=baseGroup.key and membership.identity.key=:identityKey")
.append(" and (")
.append(" (")
.append(" membership.role ").in(OrganisationRoles.administrator, OrganisationRoles.learnresourcemanager, GroupRoles.owner).append(" and v.status").in(RepositoryEntryStatusEnum.preparationToClosed())
@@ -1764,9 +1774,6 @@ public class RepositoryManager {
.append(" membership.role ").in(GroupRoles.coach).append(" and v.status").in(RepositoryEntryStatusEnum.coachPublishedToClosed())
.append(" ) or (")
.append(" membership.role ").in(GroupRoles.participant).append(" and v.status").in(RepositoryEntryStatusEnum.publishedAndClosed())
- .append(" ) or (")
- .append(" (v.allUsers=true or v.bookable=true) and v.status ").in(RepositoryEntryStatusEnum.publishedAndClosed())
- .append(" and membership.role not ").in(OrganisationRoles.invitee, OrganisationRoles.guest, GroupRoles.waiting)
.append(" )")
.append(" )")
.append(" )");
diff --git a/src/test/java/org/olat/repository/RepositoryManagerTest.java b/src/test/java/org/olat/repository/RepositoryManagerTest.java
index 5b36d648d67af12c5a9559b0f4ed1d38bf1d0380..226776aa336d3844a88eea41da4b4e5a7507a563 100644
--- a/src/test/java/org/olat/repository/RepositoryManagerTest.java
+++ b/src/test/java/org/olat/repository/RepositoryManagerTest.java
@@ -36,6 +36,7 @@ import java.util.List;
import java.util.Set;
import java.util.UUID;
+import org.apache.logging.log4j.Logger;
import org.hibernate.LazyInitializationException;
import org.junit.Assert;
import org.junit.Test;
@@ -49,7 +50,6 @@ import org.olat.core.id.OLATResourceable;
import org.olat.core.id.Organisation;
import org.olat.core.id.Roles;
import org.olat.core.logging.AssertException;
-import org.apache.logging.log4j.Logger;
import org.olat.core.logging.Tracing;
import org.olat.core.util.CodeHelper;
import org.olat.core.util.resource.OresHelper;
@@ -63,6 +63,12 @@ import org.olat.repository.model.RepositoryEntryMembership;
import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
+import org.olat.resource.accesscontrol.ACService;
+import org.olat.resource.accesscontrol.Offer;
+import org.olat.resource.accesscontrol.OfferAccess;
+import org.olat.resource.accesscontrol.manager.ACMethodDAO;
+import org.olat.resource.accesscontrol.model.AccessMethod;
+import org.olat.resource.accesscontrol.model.TokenAccessMethod;
import org.olat.test.JunitTestHelper;
import org.olat.test.OlatTestCase;
import org.springframework.beans.factory.annotation.Autowired;
@@ -95,8 +101,12 @@ public class RepositoryManagerTest extends OlatTestCase {
@Autowired
private RepositoryEntryRelationDAO repositoryEntryRelationDao;
@Autowired
+ private ACService acService;
+ @Autowired
private MarkManager markManager;
@Autowired
+ private ACMethodDAO acMethodManager;
+ @Autowired
private RepositoryEntryLifecycleDAO lifecycleDao;
/**
@@ -418,11 +428,12 @@ public class RepositoryManagerTest extends OlatTestCase {
Identity participant = JunitTestHelper.createAndPersistIdentityAsRndUser("webdav-courses-2");
RepositoryEntry course = JunitTestHelper.deployBasicCourse(owner);
markManager.setMark(course, participant, null, "[RepositoryEntry:" + course.getKey() + "]");
+ repositoryEntryRelationDao.addRole(participant, course, GroupRoles.participant.name());
dbInstance.commitAndCloseSession();
//participant bookmarks
Roles roles = Roles.userRoles();
- List<RepositoryEntry> courses = repositoryManager.getLearningResourcesAsBookmark(participant, roles, "CourseModule", 0, -1);
+ List<RepositoryEntry> courses = repositoryManager.getLearningResourcesAsBookmarkedMember(participant, roles, "CourseModule", 0, -1);
Assert.assertNotNull(courses);
Assert.assertEquals(1, courses.size());
}
@@ -437,16 +448,73 @@ public class RepositoryManagerTest extends OlatTestCase {
RepositoryEntry course = JunitTestHelper.deployBasicCourse(owner);
markManager.setMark(course, participant, null, "[RepositoryEntry:" + course.getKey() + "]");
dbInstance.commitAndCloseSession();
- repositoryManager.setAccess(course, RepositoryEntryStatusEnum.preparation, false, false);
+ repositoryManager.setAccess(course, RepositoryEntryStatusEnum.published, false, false);
dbInstance.commitAndCloseSession();
//participant bookmarks
Roles roles = Roles.userRoles();
- List<RepositoryEntry> courses = repositoryManager.getLearningResourcesAsBookmark(participant, roles, "CourseModule", 0, -1);
+ List<RepositoryEntry> courses = repositoryManager.getLearningResourcesAsBookmarkedMember(participant, roles, "CourseModule", 0, -1);
Assert.assertNotNull(courses);
Assert.assertEquals(0, courses.size());
}
+ /**
+ * Check that the method return only courses within the permissions of the user.
+ */
+ @Test
+ public void getLearningResourcesAsBookmark_notPublished() {
+ Identity owner = JunitTestHelper.createAndPersistIdentityAsRndUser("webdav-courses-1");
+ Identity participant = JunitTestHelper.createAndPersistIdentityAsRndUser("webdav-courses-2");
+ RepositoryEntry course = JunitTestHelper.deployBasicCourse(owner);
+ markManager.setMark(course, participant, null, "[RepositoryEntry:" + course.getKey() + "]");
+ repositoryEntryRelationDao.addRole(participant, course, GroupRoles.participant.name());
+ dbInstance.commitAndCloseSession();
+ repositoryManager.setAccess(course, RepositoryEntryStatusEnum.coachpublished, false, false);
+ dbInstance.commitAndCloseSession();
+
+ //participant bookmarks
+ Roles roles = Roles.userRoles();
+ List<RepositoryEntry> courses = repositoryManager.getLearningResourcesAsBookmarkedMember(participant, roles, "CourseModule", 0, -1);
+ Assert.assertNotNull(courses);
+ Assert.assertEquals(0, courses.size());
+ }
+
+ /**
+ * Check that the method return only courses within the permissions of the user.
+ */
+ @Test
+ public void getLearningResourcesAsBookmark_noPermissionsBookable() {
+ Identity owner = JunitTestHelper.createAndPersistIdentityAsRndUser("webdav-courses-1");
+ Identity participant = JunitTestHelper.createAndPersistIdentityAsRndUser("webdav-courses-2");
+ RepositoryEntry course = JunitTestHelper.deployBasicCourse(owner);
+ markManager.setMark(course, participant, null, "[RepositoryEntry:" + course.getKey() + "]");
+ repositoryManager.setAccess(course, false, false, true, RepositoryEntryAllowToLeaveOptions.never, null);
+ repositoryManager.setAccess(course, RepositoryEntryStatusEnum.published, false, false);
+
+ //create and save an offer
+ Offer offer = acService.createOffer(course.getOlatResource(), course.getDisplayname());
+ offer = acService.save(offer);
+ dbInstance.commitAndCloseSession();
+
+ //create a link offer to method
+ List<AccessMethod> methods = acMethodManager.getAvailableMethodsByType(TokenAccessMethod.class);
+ AccessMethod method = methods.get(0);
+ OfferAccess access = acMethodManager.createOfferAccess(offer, method);
+ acMethodManager.save(access);
+
+ dbInstance.commitAndCloseSession();
+
+ //participant bookmarks
+ Roles roles = Roles.userRoles();
+ List<RepositoryEntry> courses = repositoryManager.getLearningResourcesAsBookmarkedMember(participant, roles, "CourseModule", 0, -1);
+ Assert.assertNotNull(courses);
+ Assert.assertEquals(0, courses.size());
+
+ // beacause it triggers issues with other tests
+ repositoryManager.setAccess(course, RepositoryEntryStatusEnum.preparation, false, false);
+
+ }
+
@Test
public void getParticipantRepositoryEntry() {
Identity id = JunitTestHelper.createAndPersistIdentityAsRndUser("re-stud-lc-");