diff options
| author | Murtaza Sultani <sultani@data-quest.de> | 2025-07-24 16:46:41 +0200 |
|---|---|---|
| committer | Murtaza Sultani <sultani@data-quest.de> | 2025-07-24 16:46:41 +0200 |
| commit | 64262b9a67af6888251999b9bc47b2c10463bec5 (patch) | |
| tree | 6be49b9a16b4cbb9eea099846c0da00e0453edca | |
| parent | aa1c581c5eadaa967152c499160a84eb47bf8fbb (diff) | |
Resolve "Fix Range::isAccessibleToUser() implementation"
Closes #5754
Merge request studip/studip!4387
| -rw-r--r-- | lib/classes/Range.php | 2 | ||||
| -rw-r--r-- | lib/models/Course.php | 8 | ||||
| -rw-r--r-- | lib/models/Institute.php | 7 | ||||
| -rw-r--r-- | lib/models/User.php | 2 |
4 files changed, 13 insertions, 6 deletions
diff --git a/lib/classes/Range.php b/lib/classes/Range.php index 97aa074..920f2ff 100644 --- a/lib/classes/Range.php +++ b/lib/classes/Range.php @@ -48,7 +48,7 @@ interface Range * @param string|null $user_id Optional id of a user, defaults to current user * @return bool */ - public function isAccessibleToUser($user_id = null); + public function isAccessibleToUser($user_id = null): bool; /** * Decides whether the user may edit/alter the range. diff --git a/lib/models/Course.php b/lib/models/Course.php index 5678465..5d31ffd 100644 --- a/lib/models/Course.php +++ b/lib/models/Course.php @@ -2150,13 +2150,17 @@ class Course extends SimpleORMap implements Range, PrivacyObject, StudipItem, Fe * * @param string|null $user_id Optional id of a user, defaults to current user * @return bool - * @todo Check permissions */ - public function isAccessibleToUser($user_id = null) + public function isAccessibleToUser($user_id = null): bool { + if ($this->lesezugriff == 0 && Config::get()->ENABLE_FREE_ACCESS) { + return true; + } + if ($user_id === null) { $user_id = $GLOBALS['user']->id; } + return $GLOBALS['perm']->have_studip_perm('user', $this->id, $user_id); } diff --git a/lib/models/Institute.php b/lib/models/Institute.php index fd6a155..79b01cb 100644 --- a/lib/models/Institute.php +++ b/lib/models/Institute.php @@ -300,11 +300,14 @@ class Institute extends SimpleORMap implements Range * * @param string|null $user_id Optional id of a user, defaults to current user * @return bool - * @todo Check permissions */ public function isAccessibleToUser($user_id = null): bool { - return true; + if (Config::get()->ENABLE_FREE_ACCESS === '1') { + return true; + } + + return $GLOBALS['perm']->have_perm('user'); } /** diff --git a/lib/models/User.php b/lib/models/User.php index 8ca8b1b..96bfb7b 100644 --- a/lib/models/User.php +++ b/lib/models/User.php @@ -1526,7 +1526,7 @@ class User extends AuthUserMd5 implements Range, PrivacyObject, Studip\Calendar\ * @param string|null $user_id Optional id of a user, defaults to current user * @return bool */ - public function isAccessibleToUser($user_id = null) + public function isAccessibleToUser($user_id = null): bool { if ($user_id === null) { $user_id = self::findCurrent()->id; |