From d9296ee0dbde0ecb9fa35b509bad1ad5628ccb43 Mon Sep 17 00:00:00 2001
From: srosse <none@none>
Date: Tue, 19 Aug 2014 10:50:24 +0200
Subject: [PATCH] OO-990: merge loading of learn resources permissions
---
.../glossary/GlossaryRuntimeController.java | 6 ++-
.../course/run/CourseRuntimeController.java | 34 ++++++------
.../java/org/olat/course/site/CourseSite.java | 10 ++--
...urseSiteContextEntryControllerCreator.java | 6 ++-
.../olat/ims/cp/ui/CPRuntimeController.java | 6 ++-
.../olat/ims/qti/QTIRuntimeController.java | 6 ++-
.../qti/repository/handlers/QTIHandler.java | 3 +-
.../repository/handlers/QTISurveyHandler.java | 7 +--
.../repository/handlers/QTITestHandler.java | 7 +--
.../modules/scorm/ScormRuntimeController.java | 6 ++-
.../webFeed/ui/FeedRuntimeController.java | 6 ++-
.../ui/EPTemplateRuntimeController.java | 11 ++--
.../olat/repository/RepositoryManager.java | 47 ++++++++++++++++
.../ReferencableEntriesSearchController.java | 7 ++-
.../olat/repository/handlers/BlogHandler.java | 9 ++--
.../repository/handlers/CourseHandler.java | 5 +-
.../repository/handlers/GlossaryHandler.java | 9 ++--
.../repository/handlers/ImsCPHandler.java | 5 +-
.../repository/handlers/PodcastHandler.java | 9 ++--
.../repository/handlers/PortfolioHandler.java | 7 +--
.../handlers/RepositoryHandler.java | 8 +--
.../repository/handlers/SCORMCPHandler.java | 5 +-
.../handlers/SharedFolderHandler.java | 9 ++--
.../handlers/WebDocumentHandler.java | 3 +-
.../olat/repository/handlers/WikiHandler.java | 7 +--
.../model/RepositoryEntrySecurity.java | 53 +++++++++++++++++++
.../ui/RepositoryEntryRuntimeController.java | 42 +++++++--------
.../ui/author/AuthorListController.java | 29 ++++++++--
28 files changed, 254 insertions(+), 108 deletions(-)
create mode 100644 src/main/java/org/olat/repository/model/RepositoryEntrySecurity.java
diff --git a/src/main/java/org/olat/core/commons/modules/glossary/GlossaryRuntimeController.java b/src/main/java/org/olat/core/commons/modules/glossary/GlossaryRuntimeController.java
index 35a5e5fe12b..786752724a7 100644
--- a/src/main/java/org/olat/core/commons/modules/glossary/GlossaryRuntimeController.java
+++ b/src/main/java/org/olat/core/commons/modules/glossary/GlossaryRuntimeController.java
@@ -29,6 +29,7 @@ import org.olat.core.gui.control.WindowControl;
import org.olat.modules.glossary.GlossaryEditSettingsController;
import org.olat.modules.glossary.GlossaryRegisterSettingsController;
import org.olat.repository.RepositoryEntry;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
/**
@@ -41,8 +42,9 @@ public class GlossaryRuntimeController extends RepositoryEntryRuntimeController
private Link registerLink, permissionLink;
- public GlossaryRuntimeController(UserRequest ureq, WindowControl wControl, RepositoryEntry re, RuntimeControllerCreator runtimeControllerCreator) {
- super(ureq, wControl, re, runtimeControllerCreator);
+ public GlossaryRuntimeController(UserRequest ureq, WindowControl wControl,
+ RepositoryEntry re, RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator) {
+ super(ureq, wControl, re, reSecurity, runtimeControllerCreator);
}
@Override
diff --git a/src/main/java/org/olat/course/run/CourseRuntimeController.java b/src/main/java/org/olat/course/run/CourseRuntimeController.java
index e8644403600..429146e670a 100644
--- a/src/main/java/org/olat/course/run/CourseRuntimeController.java
+++ b/src/main/java/org/olat/course/run/CourseRuntimeController.java
@@ -97,6 +97,7 @@ import org.olat.repository.RepositoryEntryManagedFlag;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.EntryChangedEvent;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
import org.olat.util.logging.activity.LoggingResourceable;
import org.springframework.beans.factory.annotation.Autowired;
@@ -145,9 +146,9 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
private EfficiencyStatementManager efficiencyStatementManager;
public CourseRuntimeController(UserRequest ureq, WindowControl wControl,
- RepositoryEntry re, RuntimeControllerCreator runtimeControllerCreator,
+ RepositoryEntry re, RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator,
boolean offerBookmark, boolean showCourseConfigLink) {
- super(ureq, wControl, re, runtimeControllerCreator, offerBookmark, showCourseConfigLink);
+ super(ureq, wControl, re, reSecurity, runtimeControllerCreator, offerBookmark, showCourseConfigLink);
ICourse course = CourseFactory.loadCourse(getOlatResourceable());
@@ -179,16 +180,11 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
}
@Override
- protected void loadRights() {
+ protected void loadRights(RepositoryEntrySecurity reSecurity) {
+ super.loadRights(reSecurity);
+
ICourse course = CourseFactory.loadCourse(getOlatResourceable());
CourseGroupManager cgm = course.getCourseEnvironment().getCourseGroupManager();
- // 1) course admins: users who are in repository entry owner group
- // if user has the role InstitutionalResourceManager and has the same institution like author
- // then set isCourseAdmin true
- isOwner = cgm.isIdentityCourseAdministrator(getIdentity());
- isEntryAdmin = isEntryAdmin | isOwner;
- // 2) course coaches: users who are in the owner group of any group of this
- // course
isCourseCoach = cgm.isIdentityCourseCoach(getIdentity());
// 3) all other rights are defined in the groupmanagement using the learning
// group rights
@@ -970,8 +966,8 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
}
@Override
- protected void launchContent(UserRequest ureq) {
- super.launchContent(ureq);
+ protected void launchContent(UserRequest ureq, RepositoryEntrySecurity reSecurity) {
+ super.launchContent(ureq, reSecurity);
if(getRunMainController() != null) {
addCustomCSS(ureq);
getRunMainController().initToolbar();
@@ -1161,7 +1157,8 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
// was adding or removing of the user
if (bgme.wasMyselfAdded(identity) || bgme.wasMyselfRemoved(identity)) {
reloadGroupMemberships();
- loadRights();
+ RepositoryEntrySecurity reSecurity = repositoryManager.isAllowed(getIdentity(), roles, getRepositoryEntry());
+ loadRights(reSecurity);
initToolbar();
} else if (bgme.getCommand().equals(BusinessGroupModifiedEvent.GROUPRIGHTS_MODIFIED_EVENT)) {
// check if this affects a right group where the user does participate.
@@ -1171,7 +1168,8 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
PersistenceHelper.listContainsObjectByKey(uce.getCoachedGroups(), bgme.getModifiedGroupKey()))) {
reloadGroupMemberships();
- loadRights();
+ RepositoryEntrySecurity reSecurity = repositoryManager.isAllowed(getIdentity(), roles, getRepositoryEntry());
+ loadRights(reSecurity);
initToolbar();
}
}
@@ -1195,12 +1193,12 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
//author is not affected
} else {
loadRepositoryEntry();
- boolean canView = repositoryManager.isAllowedToLaunch(getIdentity(), roles, getRepositoryEntry());
- if(canView) {
- loadRights();
+ RepositoryEntrySecurity reSecurity = repositoryManager.isAllowed(getIdentity(), roles, getRepositoryEntry());
+ if(reSecurity.canLaunch()) {
+ loadRights(reSecurity);
} else {
doDisposeAfterEvent();
- loadRights();
+ loadRights(reSecurity);
initToolbar();
}
}
diff --git a/src/main/java/org/olat/course/site/CourseSite.java b/src/main/java/org/olat/course/site/CourseSite.java
index d7748033b4f..e5073ca11d8 100644
--- a/src/main/java/org/olat/course/site/CourseSite.java
+++ b/src/main/java/org/olat/course/site/CourseSite.java
@@ -45,6 +45,7 @@ import org.olat.course.run.userview.UserCourseEnvironmentImpl;
import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
/**
@@ -104,10 +105,10 @@ public class CourseSite extends AbstractSiteInstance {
MainLayoutController c;
ICourse course = CourseFactory.loadCourse(entry.getOlatResource());
- // course-launch-state depending course-settings
- boolean isAllowedToLaunch = rm.isAllowedToLaunch(ureq, entry);
+ // course-launch-state depending course-settings
+ RepositoryEntrySecurity reSecurity = rm.isAllowed(ureq, entry);
+ boolean isAllowedToLaunch = reSecurity.canLaunch();
boolean hasAccess = false;
-
if (isAllowedToLaunch) {
// either check with securityCallback or use access-settings from course-nodes
if (siteSecCallback != null) {
@@ -123,12 +124,13 @@ public class CourseSite extends AbstractSiteInstance {
}
}
+
// load course (admins always see content) or alternative controller if course is not launchable
if (hasAccess || ureq.getUserSession().getRoles().isOLATAdmin()) {
rs.incrementLaunchCounter(entry);
// build up the context path for linked course
WindowControl bwControl = BusinessControlFactory.getInstance().createBusinessWindowControl(ureq, entry, new StateSite(this), wControl, true);
- CourseRuntimeController runCtr = new CourseRuntimeController(ureq, bwControl, entry,
+ CourseRuntimeController runCtr = new CourseRuntimeController(ureq, bwControl, entry, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl,
diff --git a/src/main/java/org/olat/course/site/CourseSiteContextEntryControllerCreator.java b/src/main/java/org/olat/course/site/CourseSiteContextEntryControllerCreator.java
index 1f32d3dd1cc..0b9b2888262 100644
--- a/src/main/java/org/olat/course/site/CourseSiteContextEntryControllerCreator.java
+++ b/src/main/java/org/olat/course/site/CourseSiteContextEntryControllerCreator.java
@@ -46,6 +46,7 @@ import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.handlers.RepositoryHandler;
import org.olat.repository.handlers.RepositoryHandlerFactory;
+import org.olat.repository.model.RepositoryEntrySecurity;
/**
* <h3>Description:</h3>
@@ -94,7 +95,8 @@ public class CourseSiteContextEntryControllerCreator extends DefaultContextEntry
private Controller createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
if (re == null) return null;
RepositoryManager rm = RepositoryManager.getInstance();
- if (!rm.isAllowedToLaunch(ureq, re)) {
+ RepositoryEntrySecurity reSecurity = rm.isAllowed(ureq, re);
+ if (!reSecurity.canLaunch()) {
Translator trans = Util.createPackageTranslator(RepositoryService.class, ureq.getLocale());
String text = trans.translate("launch.noaccess");
Controller c = MessageUIFactory.createInfoMessage(ureq, wControl, null, text);
@@ -119,7 +121,7 @@ public class CourseSiteContextEntryControllerCreator extends DefaultContextEntry
bwControl = BusinessControlFactory.getInstance().createBusinessWindowControl(ce, wControl);
}
- MainLayoutController ctrl = handler.createLaunchController(re, ureq, bwControl);
+ MainLayoutController ctrl = handler.createLaunchController(re, reSecurity, ureq, bwControl);
if (ctrl == null) {
throw new AssertException("could not create controller for repositoryEntry "+re);
}
diff --git a/src/main/java/org/olat/ims/cp/ui/CPRuntimeController.java b/src/main/java/org/olat/ims/cp/ui/CPRuntimeController.java
index df7ae7c864f..ba45c46ca5f 100644
--- a/src/main/java/org/olat/ims/cp/ui/CPRuntimeController.java
+++ b/src/main/java/org/olat/ims/cp/ui/CPRuntimeController.java
@@ -36,6 +36,7 @@ import org.olat.core.util.vfs.QuotaManager;
import org.olat.fileresource.FileResourceManager;
import org.olat.ims.cp.CPManager;
import org.olat.repository.RepositoryEntry;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
import org.olat.resource.OLATResource;
import org.springframework.beans.factory.annotation.Autowired;
@@ -57,8 +58,9 @@ public class CPRuntimeController extends RepositoryEntryRuntimeController {
@Autowired
private QuotaManager quotaManager;
- public CPRuntimeController(UserRequest ureq, WindowControl wControl, RepositoryEntry re, RuntimeControllerCreator runtimeControllerCreator) {
- super(ureq, wControl, re, runtimeControllerCreator);
+ public CPRuntimeController(UserRequest ureq, WindowControl wControl,
+ RepositoryEntry re, RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator) {
+ super(ureq, wControl, re, reSecurity, runtimeControllerCreator);
}
@Override
diff --git a/src/main/java/org/olat/ims/qti/QTIRuntimeController.java b/src/main/java/org/olat/ims/qti/QTIRuntimeController.java
index 2c3009f171d..93b7ecd0984 100644
--- a/src/main/java/org/olat/ims/qti/QTIRuntimeController.java
+++ b/src/main/java/org/olat/ims/qti/QTIRuntimeController.java
@@ -28,6 +28,7 @@ import org.olat.core.gui.control.VetoableCloseController;
import org.olat.core.gui.control.WindowControl;
import org.olat.core.gui.control.generic.dtabs.Activateable2;
import org.olat.repository.RepositoryEntry;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
/**
@@ -42,8 +43,9 @@ public class QTIRuntimeController extends RepositoryEntryRuntimeController imple
private Delayed delayedClose;
- public QTIRuntimeController(UserRequest ureq, WindowControl wControl, RepositoryEntry re, RuntimeControllerCreator runtimeControllerCreator) {
- super(ureq, wControl, re, runtimeControllerCreator);
+ public QTIRuntimeController(UserRequest ureq, WindowControl wControl,
+ RepositoryEntry re, RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator) {
+ super(ureq, wControl, re, reSecurity, runtimeControllerCreator);
}
/**
diff --git a/src/main/java/org/olat/ims/qti/repository/handlers/QTIHandler.java b/src/main/java/org/olat/ims/qti/repository/handlers/QTIHandler.java
index 9cddd52e875..b92fddccc51 100644
--- a/src/main/java/org/olat/ims/qti/repository/handlers/QTIHandler.java
+++ b/src/main/java/org/olat/ims/qti/repository/handlers/QTIHandler.java
@@ -51,6 +51,7 @@ import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.handlers.FileHandler;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
import org.olat.resource.references.ReferenceManager;
@@ -124,7 +125,7 @@ public abstract class QTIHandler extends FileHandler {
}
@Override
- public abstract MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl);
+ public abstract MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl);
@Override
public boolean readyToDelete(OLATResourceable res, Identity identity, Roles roles, Locale locale, ErrorList errors) {
diff --git a/src/main/java/org/olat/ims/qti/repository/handlers/QTISurveyHandler.java b/src/main/java/org/olat/ims/qti/repository/handlers/QTISurveyHandler.java
index df149c64091..c1be91128e8 100644
--- a/src/main/java/org/olat/ims/qti/repository/handlers/QTISurveyHandler.java
+++ b/src/main/java/org/olat/ims/qti/repository/handlers/QTISurveyHandler.java
@@ -52,6 +52,7 @@ import org.olat.modules.iq.IQSecurityCallback;
import org.olat.repository.RepositoryEntry;
import org.olat.repository.controllers.WizardCloseResourceController;
import org.olat.repository.handlers.EditionSupport;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.references.ReferenceImpl;
@@ -131,14 +132,14 @@ public class QTISurveyHandler extends QTIHandler {
}
/**
- * @param res
* @param ureq
* @param wControl
+ * @param res
* @return Controller
*/
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
- return new QTIRuntimeController(ureq, wControl, re,
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
+ return new QTIRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/ims/qti/repository/handlers/QTITestHandler.java b/src/main/java/org/olat/ims/qti/repository/handlers/QTITestHandler.java
index a09f0145b53..eb5273c2427 100644
--- a/src/main/java/org/olat/ims/qti/repository/handlers/QTITestHandler.java
+++ b/src/main/java/org/olat/ims/qti/repository/handlers/QTITestHandler.java
@@ -52,6 +52,7 @@ import org.olat.modules.iq.IQSecurityCallback;
import org.olat.repository.RepositoryEntry;
import org.olat.repository.controllers.WizardCloseResourceController;
import org.olat.repository.handlers.EditionSupport;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.references.ReferenceImpl;
@@ -131,14 +132,14 @@ public class QTITestHandler extends QTIHandler {
}
/**
- * @param res
* @param ureq
* @param wControl
+ * @param res
* @return Controller
*/
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
- return new QTIRuntimeController(ureq, wControl, re,
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
+ return new QTIRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/modules/scorm/ScormRuntimeController.java b/src/main/java/org/olat/modules/scorm/ScormRuntimeController.java
index 51de25121f8..c290ab07187 100644
--- a/src/main/java/org/olat/modules/scorm/ScormRuntimeController.java
+++ b/src/main/java/org/olat/modules/scorm/ScormRuntimeController.java
@@ -33,6 +33,7 @@ import org.olat.core.gui.control.generic.iframe.DeliveryOptions;
import org.olat.core.gui.control.generic.iframe.DeliveryOptionsConfigurationController;
import org.olat.ims.cp.CPManager;
import org.olat.repository.RepositoryEntry;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
import org.olat.resource.OLATResource;
import org.springframework.beans.factory.annotation.Autowired;
@@ -52,8 +53,9 @@ public class ScormRuntimeController extends RepositoryEntryRuntimeController {
@Autowired
private CPManager cpManager;
- public ScormRuntimeController(UserRequest ureq, WindowControl wControl, RepositoryEntry re, RuntimeControllerCreator runtimeControllerCreator) {
- super(ureq, wControl, re, runtimeControllerCreator);
+ public ScormRuntimeController(UserRequest ureq, WindowControl wControl,
+ RepositoryEntry re, RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator) {
+ super(ureq, wControl, re, reSecurity, runtimeControllerCreator);
}
@Override
diff --git a/src/main/java/org/olat/modules/webFeed/ui/FeedRuntimeController.java b/src/main/java/org/olat/modules/webFeed/ui/FeedRuntimeController.java
index 853785fb925..92ee7c219d8 100644
--- a/src/main/java/org/olat/modules/webFeed/ui/FeedRuntimeController.java
+++ b/src/main/java/org/olat/modules/webFeed/ui/FeedRuntimeController.java
@@ -32,6 +32,7 @@ import org.olat.core.gui.control.WindowControl;
import org.olat.core.util.vfs.QuotaManager;
import org.olat.fileresource.FileResourceManager;
import org.olat.repository.RepositoryEntry;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
import org.springframework.beans.factory.annotation.Autowired;
@@ -50,8 +51,9 @@ public class FeedRuntimeController extends RepositoryEntryRuntimeController {
@Autowired
private QuotaManager quotaManager;
- public FeedRuntimeController(UserRequest ureq, WindowControl wControl, RepositoryEntry re, RuntimeControllerCreator runtimeControllerCreator) {
- super(ureq, wControl, re, runtimeControllerCreator);
+ public FeedRuntimeController(UserRequest ureq, WindowControl wControl,
+ RepositoryEntry re, RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator) {
+ super(ureq, wControl, re, reSecurity, runtimeControllerCreator);
}
@Override
diff --git a/src/main/java/org/olat/portfolio/ui/EPTemplateRuntimeController.java b/src/main/java/org/olat/portfolio/ui/EPTemplateRuntimeController.java
index f70ea112616..b1950500cee 100644
--- a/src/main/java/org/olat/portfolio/ui/EPTemplateRuntimeController.java
+++ b/src/main/java/org/olat/portfolio/ui/EPTemplateRuntimeController.java
@@ -22,13 +22,13 @@ package org.olat.portfolio.ui;
import org.olat.core.gui.UserRequest;
import org.olat.core.gui.components.Component;
import org.olat.core.gui.components.dropdown.Dropdown;
-import org.olat.core.gui.components.link.Link;
import org.olat.core.gui.components.link.LinkFactory;
import org.olat.core.gui.components.stack.RootEvent;
import org.olat.core.gui.control.Event;
import org.olat.core.gui.control.WindowControl;
import org.olat.portfolio.ui.structel.EPMapViewController;
import org.olat.repository.RepositoryEntry;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
/**
@@ -40,11 +40,10 @@ import org.olat.repository.ui.RepositoryEntryRuntimeController;
*
*/
public class EPTemplateRuntimeController extends RepositoryEntryRuntimeController {
-
- private Link editLink;
-
- public EPTemplateRuntimeController(UserRequest ureq, WindowControl wControl, RepositoryEntry re, RuntimeControllerCreator runtimeControllerCreator) {
- super(ureq, wControl, re, runtimeControllerCreator);
+
+ public EPTemplateRuntimeController(UserRequest ureq, WindowControl wControl,
+ RepositoryEntry re, RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator) {
+ super(ureq, wControl, re, reSecurity, runtimeControllerCreator);
}
@Override
diff --git a/src/main/java/org/olat/repository/RepositoryManager.java b/src/main/java/org/olat/repository/RepositoryManager.java
index 1d9d8e7af2f..7e554a9e231 100644
--- a/src/main/java/org/olat/repository/RepositoryManager.java
+++ b/src/main/java/org/olat/repository/RepositoryManager.java
@@ -77,6 +77,7 @@ import org.olat.repository.manager.RepositoryEntryRelationDAO;
import org.olat.repository.model.RepositoryEntryLifecycle;
import org.olat.repository.model.RepositoryEntryMembership;
import org.olat.repository.model.RepositoryEntryPermissionChangeEvent;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.model.RepositoryEntryShortImpl;
import org.olat.repository.model.SearchRepositoryEntryParameters;
import org.olat.resource.OLATResource;
@@ -468,6 +469,10 @@ public class RepositoryManager extends BasicManager {
public boolean isAllowedToLaunch(UserRequest ureq, RepositoryEntry re) {
return isAllowedToLaunch(ureq.getIdentity(), ureq.getUserSession().getRoles(), re);
}
+
+ public RepositoryEntrySecurity isAllowed(UserRequest ureq, RepositoryEntry re) {
+ return isAllowed(ureq.getIdentity(), ureq.getUserSession().getRoles(), re);
+ }
/**
* Test a repo entry if identity is allowed to launch.
@@ -502,6 +507,48 @@ public class RepositoryManager extends BasicManager {
return false;
}
+
+ public RepositoryEntrySecurity isAllowed(Identity identity, Roles roles, RepositoryEntry re) {
+ boolean isOwner = false;
+ boolean isEntryAdmin = false;
+ boolean canLaunch = false;
+
+ if (roles.isGuestOnly()) {
+ if (re.getAccess() >= RepositoryEntry.ACC_USERS_GUESTS) {
+ // allow for guests if access granted for guests
+ canLaunch = true;
+ }
+ } else {
+ // allow if identity is owner
+ if (repositoryEntryRelationDao.hasRole(identity, re, GroupRoles.owner.name())) {
+ canLaunch = true;
+ isOwner = true;
+ isEntryAdmin = true;
+ }
+ // allow if access limit matches identity's role
+ // allow for olat administrators
+ else if (roles.isOLATAdmin()) {
+ canLaunch = true;
+ isEntryAdmin = true;
+ }
+ // allow for institutional resource manager
+ else if (isInstitutionalRessourceManagerFor(identity, roles, re)) {
+ canLaunch = true;
+ isEntryAdmin = true;
+ }
+ if (roles.isAuthor() && re.getAccess() >= RepositoryEntry.ACC_OWNERS_AUTHORS) {
+ // allow for authors if access granted at least for authors
+ canLaunch = true;
+ } else if(re.getAccess() >= RepositoryEntry.ACC_USERS) {
+ // allow if access granted for users
+ canLaunch = true;
+ } else if (re.getAccess() == RepositoryEntry.ACC_OWNERS && re.isMembersOnly()) {
+ canLaunch = repositoryEntryRelationDao.isMember(identity, re);
+ }
+ }
+
+ return new RepositoryEntrySecurity(isEntryAdmin, isOwner, canLaunch);
+ }
private RepositoryEntry loadForUpdate(RepositoryEntry re) {
//first remove it from caches
diff --git a/src/main/java/org/olat/repository/controllers/ReferencableEntriesSearchController.java b/src/main/java/org/olat/repository/controllers/ReferencableEntriesSearchController.java
index 9e9e75b5068..74a50ea142b 100644
--- a/src/main/java/org/olat/repository/controllers/ReferencableEntriesSearchController.java
+++ b/src/main/java/org/olat/repository/controllers/ReferencableEntriesSearchController.java
@@ -56,10 +56,12 @@ import org.olat.ims.qti.fileresource.SurveyFileResource;
import org.olat.ims.qti.fileresource.TestFileResource;
import org.olat.portfolio.EPTemplateMapResource;
import org.olat.repository.RepositoryEntry;
+import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.RepositorySearchController.Can;
import org.olat.repository.handlers.RepositoryHandler;
import org.olat.repository.handlers.RepositoryHandlerFactory;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryTableModel;
import org.olat.repository.ui.author.CreateRepositoryEntryController;
import org.olat.repository.ui.author.ImportRepositoryEntryController;
@@ -110,6 +112,8 @@ public class ReferencableEntriesSearchController extends BasicController {
private Object userObject;
+ @Autowired
+ private RepositoryManager repositoryManager;
@Autowired
private RepositoryHandlerFactory repositoryHandlerFactory;
@@ -358,7 +362,8 @@ public class ReferencableEntriesSearchController extends BasicController {
}
// do skip the increment launch counter, this is only a preview!
removeAsListenerAndDispose(previewCtr);
- previewCtr = typeToLaunch.createLaunchController(repositoryEntry, ureq, getWindowControl());
+ RepositoryEntrySecurity reSecurity = repositoryManager.isAllowed(ureq, repositoryEntry);
+ previewCtr = typeToLaunch.createLaunchController(repositoryEntry, reSecurity, ureq, getWindowControl());
listenTo(previewCtr);
removeAsListenerAndDispose(previewModalCtr);
diff --git a/src/main/java/org/olat/repository/handlers/BlogHandler.java b/src/main/java/org/olat/repository/handlers/BlogHandler.java
index b30ad0d53a5..f90b19d37bb 100644
--- a/src/main/java/org/olat/repository/handlers/BlogHandler.java
+++ b/src/main/java/org/olat/repository/handlers/BlogHandler.java
@@ -56,6 +56,7 @@ import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
@@ -165,7 +166,7 @@ public class BlogHandler implements RepositoryHandler {
@Override
public Controller createEditorController(RepositoryEntry re, UserRequest ureq, WindowControl control, TooledStackedPanel panel) {
- return createLaunchController(re, ureq, control);
+ return null;
}
/**
@@ -174,12 +175,12 @@ public class BlogHandler implements RepositoryHandler {
* org.olat.core.gui.control.WindowControl)
*/
@Override
- public MainLayoutController createLaunchController(final RepositoryEntry re, UserRequest ureq,
- WindowControl wControl) {
+ public MainLayoutController createLaunchController(final RepositoryEntry re, RepositoryEntrySecurity reSecurity,
+ UserRequest ureq, WindowControl wControl) {
boolean isAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isOwner = RepositoryManager.getInstance().isOwnerOfRepositoryEntry(ureq.getIdentity(), re);
final FeedSecurityCallback callback = new FeedResourceSecurityCallback(isAdmin, isOwner);
- return new FeedRuntimeController(ureq, wControl, re,
+ return new FeedRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/repository/handlers/CourseHandler.java b/src/main/java/org/olat/repository/handlers/CourseHandler.java
index 69228bbb6b3..b930dbf8741 100644
--- a/src/main/java/org/olat/repository/handlers/CourseHandler.java
+++ b/src/main/java/org/olat/repository/handlers/CourseHandler.java
@@ -102,6 +102,7 @@ import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseCourseController;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
@@ -421,8 +422,8 @@ public class CourseHandler implements RepositoryHandler {
}
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
- return new CourseRuntimeController(ureq, wControl, re,
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
+ return new CourseRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/repository/handlers/GlossaryHandler.java b/src/main/java/org/olat/repository/handlers/GlossaryHandler.java
index 800b3a24771..b215fdca270 100644
--- a/src/main/java/org/olat/repository/handlers/GlossaryHandler.java
+++ b/src/main/java/org/olat/repository/handlers/GlossaryHandler.java
@@ -66,6 +66,7 @@ import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
@@ -171,15 +172,15 @@ public class GlossaryHandler implements RepositoryHandler {
}
/**
- * @param res
- * @param initialViewIdentifier
* @param ureq
* @param wControl
+ * @param res
+ * @param initialViewIdentifier
* @return Controller
*/
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
- return new GlossaryRuntimeController(ureq, wControl, re,
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
+ return new GlossaryRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/repository/handlers/ImsCPHandler.java b/src/main/java/org/olat/repository/handlers/ImsCPHandler.java
index 868b2301c58..28f62657fa2 100644
--- a/src/main/java/org/olat/repository/handlers/ImsCPHandler.java
+++ b/src/main/java/org/olat/repository/handlers/ImsCPHandler.java
@@ -67,6 +67,7 @@ import org.olat.modules.cp.CPOfflineReadableManager;
import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
@@ -181,7 +182,7 @@ public class ImsCPHandler extends FileHandler {
}
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
OLATResource res = re.getOlatResource();
File cpRoot = FileResourceManager.getInstance().unzipFileResource(res);
final LocalFolderImpl vfsWrapper = new LocalFolderImpl(cpRoot);
@@ -212,7 +213,7 @@ public class ImsCPHandler extends FileHandler {
}
*/
- CPRuntimeController runtime = new CPRuntimeController(ureq, wControl, re,
+ CPRuntimeController runtime = new CPRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/repository/handlers/PodcastHandler.java b/src/main/java/org/olat/repository/handlers/PodcastHandler.java
index 6efa2e85edb..b3476274972 100644
--- a/src/main/java/org/olat/repository/handlers/PodcastHandler.java
+++ b/src/main/java/org/olat/repository/handlers/PodcastHandler.java
@@ -56,6 +56,7 @@ import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
@@ -165,17 +166,15 @@ public class PodcastHandler implements RepositoryHandler {
@Override
public Controller createEditorController(RepositoryEntry re, UserRequest ureq, WindowControl control, TooledStackedPanel panel) {
- // Return the launch controller. Owners and admins will be able to edit the
- // podcast 'inline'.
- return createLaunchController(re, ureq, control);
+ return null;
}
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
boolean isAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isOwner = RepositoryManager.getInstance().isOwnerOfRepositoryEntry(ureq.getIdentity(), re);
final FeedSecurityCallback callback = new FeedResourceSecurityCallback(isAdmin, isOwner);
- return new FeedRuntimeController(ureq, wControl, re,
+ return new FeedRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/repository/handlers/PortfolioHandler.java b/src/main/java/org/olat/repository/handlers/PortfolioHandler.java
index 177e1e214b9..beed593903a 100644
--- a/src/main/java/org/olat/repository/handlers/PortfolioHandler.java
+++ b/src/main/java/org/olat/repository/handlers/PortfolioHandler.java
@@ -64,6 +64,7 @@ import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.references.ReferenceManager;
@@ -234,12 +235,12 @@ public class PortfolioHandler implements RepositoryHandler {
@Override
public Controller createEditorController(RepositoryEntry re, UserRequest ureq, WindowControl control, TooledStackedPanel panel) {
- return createLaunchController(re, ureq, control);
+ return null;
}
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
- return new EPTemplateRuntimeController(ureq, wControl, re,
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
+ return new EPTemplateRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/repository/handlers/RepositoryHandler.java b/src/main/java/org/olat/repository/handlers/RepositoryHandler.java
index ed8299ec8f7..01ae541295f 100644
--- a/src/main/java/org/olat/repository/handlers/RepositoryHandler.java
+++ b/src/main/java/org/olat/repository/handlers/RepositoryHandler.java
@@ -44,6 +44,7 @@ import org.olat.fileresource.types.ResourceEvaluation;
import org.olat.repository.ErrorList;
import org.olat.repository.RepositoryEntry;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
/**
@@ -135,13 +136,14 @@ public interface RepositoryHandler {
/**
* Called if a user launches a Resourceable that this handler can handle.
- * @param res
- * @param initialViewIdentifier if null the default view will be started, otherwise a controllerfactory type dependant view will be activated (subscription subtype)
+ * @param reSecurity TODO
* @param ureq
* @param wControl
+ * @param res
+ * @param initialViewIdentifier if null the default view will be started, otherwise a controllerfactory type dependant view will be activated (subscription subtype)
* @return Controller able to launch resourceable.
*/
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl);
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl);
/**
* Called if a user wants to edit a Resourceable that this handler can provide an editor for.
diff --git a/src/main/java/org/olat/repository/handlers/SCORMCPHandler.java b/src/main/java/org/olat/repository/handlers/SCORMCPHandler.java
index badd9b6fa31..558835a4be6 100644
--- a/src/main/java/org/olat/repository/handlers/SCORMCPHandler.java
+++ b/src/main/java/org/olat/repository/handlers/SCORMCPHandler.java
@@ -52,6 +52,7 @@ import org.olat.modules.scorm.ScormRuntimeController;
import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
@@ -154,12 +155,12 @@ public class SCORMCPHandler extends FileHandler {
}
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
if (re != null) {
ThreadLocalUserActivityLogger.addLoggingResourceInfo(LoggingResourceable.wrapScormRepositoryEntry(re));
}
- return new ScormRuntimeController(ureq, wControl, re,
+ return new ScormRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/repository/handlers/SharedFolderHandler.java b/src/main/java/org/olat/repository/handlers/SharedFolderHandler.java
index 4131aca233c..6b5281b416d 100644
--- a/src/main/java/org/olat/repository/handlers/SharedFolderHandler.java
+++ b/src/main/java/org/olat/repository/handlers/SharedFolderHandler.java
@@ -61,6 +61,7 @@ import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.resource.OLATResource;
@@ -159,16 +160,16 @@ public class SharedFolderHandler implements RepositoryHandler {
}
/**
- * @param res
- * @param initialViewIdentifier
* @param ureq
* @param wControl
+ * @param res
+ * @param initialViewIdentifier
* @return Controller
*/
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
- RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re,
+ RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
diff --git a/src/main/java/org/olat/repository/handlers/WebDocumentHandler.java b/src/main/java/org/olat/repository/handlers/WebDocumentHandler.java
index 70d14635fe7..ee32addb622 100644
--- a/src/main/java/org/olat/repository/handlers/WebDocumentHandler.java
+++ b/src/main/java/org/olat/repository/handlers/WebDocumentHandler.java
@@ -61,6 +61,7 @@ import org.olat.fileresource.types.XlsFileResource;
import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.resource.OLATResource;
import org.olat.resource.OLATResourceManager;
@@ -209,7 +210,7 @@ public class WebDocumentHandler extends FileHandler {
}
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
return null;
}
diff --git a/src/main/java/org/olat/repository/handlers/WikiHandler.java b/src/main/java/org/olat/repository/handlers/WikiHandler.java
index 954f53c402e..f2d258557cb 100644
--- a/src/main/java/org/olat/repository/handlers/WikiHandler.java
+++ b/src/main/java/org/olat/repository/handlers/WikiHandler.java
@@ -79,6 +79,7 @@ import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryManager;
import org.olat.repository.RepositoryService;
import org.olat.repository.controllers.WizardCloseResourceController;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.RepositoryEntryRuntimeController;
import org.olat.repository.ui.RepositoryEntryRuntimeController.RuntimeControllerCreator;
import org.olat.repository.ui.RepositoyUIFactory;
@@ -221,7 +222,7 @@ public class WikiHandler implements RepositoryHandler {
}
@Override
- public MainLayoutController createLaunchController(RepositoryEntry re, UserRequest ureq, WindowControl wControl) {
+ public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
// first handle special case: disabled wiki for security (XSS Attacks) reasons
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
if (!securityModule.isWikiEnabled()) {
@@ -245,7 +246,7 @@ public class WikiHandler implements RepositoryHandler {
SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
- RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re,
+ RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity,
new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry) {
@@ -268,7 +269,7 @@ public class WikiHandler implements RepositoryHandler {
@Override
public Controller createEditorController(RepositoryEntry re, UserRequest ureq, WindowControl wControl, TooledStackedPanel panel) {
- return createLaunchController(re, ureq, wControl);
+ return null;
}
@Override
diff --git a/src/main/java/org/olat/repository/model/RepositoryEntrySecurity.java b/src/main/java/org/olat/repository/model/RepositoryEntrySecurity.java
new file mode 100644
index 00000000000..62c9c47d731
--- /dev/null
+++ b/src/main/java/org/olat/repository/model/RepositoryEntrySecurity.java
@@ -0,0 +1,53 @@
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.repository.model;
+
+/**
+ *
+ * Initial date: 19.08.2014<br>
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
+ *
+ */
+public class RepositoryEntrySecurity {
+
+ private final boolean owner;
+ private final boolean canLaunch;
+ private final boolean entryAdmin;
+
+ public RepositoryEntrySecurity(boolean entryAdmin, boolean owner, boolean canLaunch) {
+ this.owner = owner;
+ this.canLaunch = canLaunch;
+ this.entryAdmin = entryAdmin;
+ }
+
+ public boolean isOwner() {
+ return owner;
+ }
+
+ public boolean isEntryAdmin() {
+ return entryAdmin;
+ }
+
+ public boolean canLaunch() {
+ return canLaunch;
+ }
+
+
+}
diff --git a/src/main/java/org/olat/repository/ui/RepositoryEntryRuntimeController.java b/src/main/java/org/olat/repository/ui/RepositoryEntryRuntimeController.java
index 6735646d271..922c91ee1e1 100644
--- a/src/main/java/org/olat/repository/ui/RepositoryEntryRuntimeController.java
+++ b/src/main/java/org/olat/repository/ui/RepositoryEntryRuntimeController.java
@@ -23,7 +23,6 @@ import java.util.Collections;
import java.util.List;
import org.olat.NewControllerFactory;
-import org.olat.basesecurity.GroupRoles;
import org.olat.core.commons.services.mark.Mark;
import org.olat.core.commons.services.mark.MarkManager;
import org.olat.core.gui.UserRequest;
@@ -42,7 +41,6 @@ import org.olat.core.gui.control.generic.dtabs.Activateable2;
import org.olat.core.gui.control.generic.dtabs.DTab;
import org.olat.core.gui.control.generic.dtabs.DTabs;
import org.olat.core.gui.control.generic.layout.MainLayoutController;
-import org.olat.core.id.Identity;
import org.olat.core.id.OLATResourceable;
import org.olat.core.id.Roles;
import org.olat.core.id.context.BusinessControl;
@@ -60,6 +58,7 @@ import org.olat.repository.RepositoryService;
import org.olat.repository.handlers.EditionSupport;
import org.olat.repository.handlers.RepositoryHandler;
import org.olat.repository.handlers.RepositoryHandlerFactory;
+import org.olat.repository.model.RepositoryEntrySecurity;
import org.olat.repository.ui.author.AuthoringEditAccessController;
import org.olat.repository.ui.author.CatalogSettingsController;
import org.olat.repository.ui.author.RepositoryEditDescriptionController;
@@ -103,8 +102,6 @@ public class RepositoryEntryRuntimeController extends MainLayoutBasicController
protected final boolean isOlatAdmin;
protected final boolean isGuestOnly;
- protected final boolean isInstitutionalResourceManager;
- protected final boolean isAuthor;
protected boolean isOwner;
protected boolean isEntryAdmin;
@@ -131,12 +128,12 @@ public class RepositoryEntryRuntimeController extends MainLayoutBasicController
private RepositoryHandlerFactory handlerFactory;
public RepositoryEntryRuntimeController(UserRequest ureq, WindowControl wControl, RepositoryEntry re,
- RuntimeControllerCreator runtimeControllerCreator) {
- this(ureq, wControl, re, runtimeControllerCreator, true, true);
+ RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator) {
+ this(ureq, wControl, re, reSecurity, runtimeControllerCreator, true, true);
}
public RepositoryEntryRuntimeController(UserRequest ureq, WindowControl wControl, RepositoryEntry re,
- RuntimeControllerCreator runtimeControllerCreator, boolean allowBookmark, boolean showInfos) {
+ RepositoryEntrySecurity reSecurity, RuntimeControllerCreator runtimeControllerCreator, boolean allowBookmark, boolean showInfos) {
super(ureq, wControl);
setTranslator(Util.createPackageTranslator(RepositoryService.class, getLocale(), getTranslator()));
@@ -166,21 +163,19 @@ public class RepositoryEntryRuntimeController extends MainLayoutBasicController
handler = handlerFactory.getRepositoryHandler(re);
- Identity identity = getIdentity();
roles = ureq.getUserSession().getRoles();
isOlatAdmin = roles.isOLATAdmin();
- isInstitutionalResourceManager = !roles.isGuestOnly()
- && RepositoryManager.getInstance().isInstitutionalRessourceManagerFor(identity, roles, re);
- isAuthor = isOlatAdmin || roles.isAuthor() || isInstitutionalResourceManager;
isGuestOnly = roles.isGuestOnly();
+ isOwner = reSecurity.isOwner();
+ isEntryAdmin = reSecurity.isEntryAdmin();
// set up the components
toolbarPanel = new TooledStackedPanel("courseStackPanel", getTranslator(), this);
toolbarPanel.setInvisibleCrumb(0); // show root (course) level
toolbarPanel.setShowCloseLink(true, true);
putInitialPanel(toolbarPanel);
- doRun(ureq);
- loadRights();
+ doRun(ureq, reSecurity);
+ loadRights(reSecurity);
initToolbar();
}
@@ -191,9 +186,9 @@ public class RepositoryEntryRuntimeController extends MainLayoutBasicController
/**
* If override, need to set isOwner and isEntryAdmin
*/
- protected void loadRights() {
- isOwner = repositoryService.hasRole(getIdentity(), re, GroupRoles.owner.name());
- isEntryAdmin = isOlatAdmin | isOwner | isInstitutionalResourceManager;
+ protected void loadRights(RepositoryEntrySecurity reSecurity) {
+ isOwner = reSecurity.isOwner();
+ isEntryAdmin = reSecurity.isEntryAdmin();
}
protected RepositoryEntry getRepositoryEntry() {
@@ -375,7 +370,8 @@ public class RepositoryEntryRuntimeController extends MainLayoutBasicController
protected void event(UserRequest ureq, Controller source, Event event) {
if (source == accessController) {
if(event.equals(AccessEvent.ACCESS_OK_EVENT)) {
- launchContent(ureq);
+ RepositoryEntrySecurity reSecurity = repositoryManager.isAllowed(ureq, getRepositoryEntry());
+ launchContent(ureq, reSecurity);
cleanUp();
} else if(event.equals(AccessEvent.ACCESS_FAILED_EVENT)) {
String msg = ((AccessEvent)event).getMessage();
@@ -517,17 +513,17 @@ public class RepositoryEntryRuntimeController extends MainLayoutBasicController
currentToolCtr = ordersCtlr;
}
- private void doRun(UserRequest ureq) {
+ private void doRun(UserRequest ureq, RepositoryEntrySecurity reSecurity) {
if(ureq.getUserSession().getRoles().isOLATAdmin()) {
- launchContent(ureq);
+ launchContent(ureq, reSecurity);
} else {
// guest are allowed to see resource with BARG
if(re.getAccess() == RepositoryEntry.ACC_USERS_GUESTS && ureq.getUserSession().getRoles().isGuestOnly()) {
- launchContent(ureq);
+ launchContent(ureq, reSecurity);
} else {
AccessResult acResult = acService.isAccessible(re, getIdentity(), false);
if(acResult.isAccessible()) {
- launchContent(ureq);
+ launchContent(ureq, reSecurity);
} else if (re != null && acResult.getAvailableMethods().size() > 0) {
accessController = new AccessListController(ureq, getWindowControl(), acResult.getAvailableMethods());
listenTo(accessController);
@@ -553,8 +549,8 @@ public class RepositoryEntryRuntimeController extends MainLayoutBasicController
}
}
- protected void launchContent(UserRequest ureq) {
- if(repositoryManager.isAllowedToLaunch(getIdentity(), roles, getRepositoryEntry())) {
+ protected void launchContent(UserRequest ureq, RepositoryEntrySecurity reSecurity) {
+ if(reSecurity.canLaunch()) {
runtimeController = runtimeControllerCreator.create(ureq, getWindowControl(), toolbarPanel, re);
listenTo(runtimeController);
toolbarPanel.rootController(re.getDisplayname(), runtimeController);
diff --git a/src/main/java/org/olat/repository/ui/author/AuthorListController.java b/src/main/java/org/olat/repository/ui/author/AuthorListController.java
index 85275672edc..86f2b519555 100644
--- a/src/main/java/org/olat/repository/ui/author/AuthorListController.java
+++ b/src/main/java/org/olat/repository/ui/author/AuthorListController.java
@@ -84,6 +84,7 @@ import org.olat.core.util.coordinate.CoordinatorManager;
import org.olat.core.util.coordinate.LockResult;
import org.olat.core.util.resource.OresHelper;
import org.olat.course.CorruptedCourseException;
+import org.olat.course.CourseModule;
import org.olat.course.run.RunMainController;
import org.olat.repository.RepositoryEntry;
import org.olat.repository.RepositoryEntryManagedFlag;
@@ -734,6 +735,8 @@ public class AuthorListController extends FormBasicController implements Activat
isOwner = isOlatAdmin || repositoryService.hasRole(ureq.getIdentity(), entry, GroupRoles.owner.name())
|| isInstitutionalResourceManager;
isAuthor = isOlatAdmin || roles.isAuthor() | isInstitutionalResourceManager;
+
+ RepositoryHandler handler = repositoryHandlerFactory.getRepositoryHandler(entry);
mainVC = createVelocityContainer("tools");
List<String> links = new ArrayList<>();
@@ -745,12 +748,30 @@ public class AuthorListController extends FormBasicController implements Activat
}
addLink("details.members", "members", "o_icon o_icon-fw o_icon_membersmanagement", links);
}
- links.add("-");
+
boolean copyManaged = RepositoryEntryManagedFlag.isManaged(entry, RepositoryEntryManagedFlag.copy);
- if ((isAuthor || isOwner) && !copyManaged) {
- addLink("details.copy", "copy", "o_icon o_icon-fw o_icon_copy", links);
+ boolean canCopy = (isAuthor || isOwner) && (entry.getCanCopy() || isOwner) && !copyManaged;
+
+ boolean canDownload = entry.getCanDownload() && handler.supportsDownload();
+ // disable download for courses if not author or owner
+ if (entry.getOlatResource().getResourceableTypeName().equals(CourseModule.getCourseTypeName()) && !(isOwner || isAuthor)) {
+ canDownload = false;
}
- addLink("details.download", "download", "o_icon o_icon-fw o_icon_download", links);
+ // always enable download for owners
+ if (isOwner && handler.supportsDownload()) {
+ canDownload = true;
+ }
+
+ if(canCopy || canDownload) {
+ links.add("-");
+ if (canCopy) {
+ addLink("details.copy", "copy", "o_icon o_icon-fw o_icon_copy", links);
+ }
+ if(canDownload) {
+ addLink("details.download", "download", "o_icon o_icon-fw o_icon_download", links);
+ }
+ }
+
if(isOwner) {
boolean closeManaged = RepositoryEntryManagedFlag.isManaged(entry, RepositoryEntryManagedFlag.close);
boolean deleteManaged = RepositoryEntryManagedFlag.isManaged(entry, RepositoryEntryManagedFlag.delete);
--
GitLab