aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorMurtaza Sultani <sultani@data-quest.de>2025-07-14 12:42:13 +0200
committerMurtaza Sultani <sultani@data-quest.de>2025-07-14 12:42:13 +0200
commit74076ca20b80311c19f3b32870f1c8eba82bc09d (patch)
tree80bcb0d7b58269e947c006e6a51cc8b94c1938be /lib
parentc76e8045a8113b3d5837459c521371921a592279 (diff)
Resolve "Forum funktioniert nicht mehr an Einrichtungen"
Closes #5700 Merge request studip/studip!4351
Diffstat (limited to 'lib')
-rw-r--r--lib/classes/JsonApi/RouteMap.php2
-rw-r--r--lib/classes/JsonApi/Routes/Courses/Authority.php2
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumCategoryIndex.php11
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumCategoryShow.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumCategoryTopics.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumCategoryUpdateSort.php13
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumConfigIndex.php20
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumDiscussionIndex.php11
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumDiscussionPostings.php10
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumDiscussionShow.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumPostingReactionStore.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumPostingReactions.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumPostingShow.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumPostingStore.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumSubscriptionIndex.php11
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumTopicDiscussions.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumTopicIndex.php11
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumTopicShow.php9
-rw-r--r--lib/classes/JsonApi/Routes/Forum/ForumTopicUpdateSort.php11
-rw-r--r--lib/classes/JsonApi/Routes/Institutes/Authority.php5
-rw-r--r--lib/classes/JsonApi/Routes/RangeAuthority.php41
-rw-r--r--lib/classes/JsonApi/Schemas/Forum/ForumSubscription.php2
-rw-r--r--lib/functions.php8
-rw-r--r--lib/models/Forum/ForumCategory.php15
-rw-r--r--lib/models/Forum/ForumDiscussion.php4
-rw-r--r--lib/models/Forum/ForumPosting.php6
-rw-r--r--lib/models/Forum/ForumSubscription.php22
-rw-r--r--lib/models/Forum/ForumTopic.php21
28 files changed, 184 insertions, 123 deletions
diff --git a/lib/classes/JsonApi/RouteMap.php b/lib/classes/JsonApi/RouteMap.php
index 9393776..d85b12d 100644
--- a/lib/classes/JsonApi/RouteMap.php
+++ b/lib/classes/JsonApi/RouteMap.php
@@ -672,7 +672,7 @@ class RouteMap
private function addAuthenticatedForumRoutes(RouteCollectorProxy $group): void
{
- $group->group('/courses/{course_id}', function ($forum) {
+ $group->group('/courses/{range_id}', function ($forum) {
$forum->get('/forum-configs', Routes\Forum\ForumConfigIndex::class);
$forum->get('/forum-categories', Routes\Forum\ForumCategoryIndex::class);
$forum->get('/forum-discussions', Routes\Forum\ForumDiscussionIndex::class);
diff --git a/lib/classes/JsonApi/Routes/Courses/Authority.php b/lib/classes/JsonApi/Routes/Courses/Authority.php
index 7abc097..05a3cc8 100644
--- a/lib/classes/JsonApi/Routes/Courses/Authority.php
+++ b/lib/classes/JsonApi/Routes/Courses/Authority.php
@@ -13,7 +13,7 @@ class Authority
/**
* @SuppressWarnings(PHPMD.Superglobals)
*/
- public static function canShowCourse(User $user, Course $course, $scope)
+ public static function canShowCourse(User $user, Course $course, $scope = self::SCOPE_BASIC): bool
{
switch ($scope) {
case self::SCOPE_BASIC:
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumCategoryIndex.php b/lib/classes/JsonApi/Routes/Forum/ForumCategoryIndex.php
index c70df2b..9518736 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumCategoryIndex.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumCategoryIndex.php
@@ -1,10 +1,9 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -19,17 +18,17 @@ class ForumCategoryIndex extends JsonApiController
public function __invoke(Request $request, Response $response, $args)
{
- $course = Course::find($args['course_id']);
- if (!$course) {
+ $range = get_object_by_range_id($args['range_id']);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
- $categories = ForumCategory::getCourseCategories($course->id);
+ $categories = ForumCategory::getCourseCategories($range->id);
return $this->getPaginatedContentResponse(
array_slice($categories, ...$this->getOffsetAndLimit()),
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumCategoryShow.php b/lib/classes/JsonApi/Routes/Forum/ForumCategoryShow.php
index e85d49d..f0ee1e1 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumCategoryShow.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumCategoryShow.php
@@ -1,11 +1,10 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use Forum\ForumCategory;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -23,13 +22,13 @@ class ForumCategoryShow extends JsonApiController
throw new RecordNotFoundException();
}
- $course = Course::find($category->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($category->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumCategoryTopics.php b/lib/classes/JsonApi/Routes/Forum/ForumCategoryTopics.php
index 88a212c..cfa7937 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumCategoryTopics.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumCategoryTopics.php
@@ -1,9 +1,8 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\Errors\AuthorizationFailedException;
@@ -24,13 +23,13 @@ class ForumCategoryTopics extends JsonApiController
throw new RecordNotFoundException();
}
- $course = Course::find($category->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($category->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumCategoryUpdateSort.php b/lib/classes/JsonApi/Routes/Forum/ForumCategoryUpdateSort.php
index b8e41f0..39fbb9d 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumCategoryUpdateSort.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumCategoryUpdateSort.php
@@ -2,7 +2,6 @@
namespace JsonApi\Routes\Forum;
use CoreForum;
-use Course;
use JsonApi\Errors\RecordNotFoundException;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
@@ -18,14 +17,14 @@ class ForumCategoryUpdateSort extends JsonApiController
public function __invoke(Request $request, Response $response, $args)
{
$json = $this->validate($request);
- $course_id = self::arrayGet($json, 'data.relationships.range.data.id');
+ $range_id = self::arrayGet($json, 'data.relationships.range.data.id');
- $course = Course::find($course_id);
- if (!$course) {
+ $range = get_object_by_range_id($range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
- if (!CoreForum::isModerator($course->id)) {
+ if (!CoreForum::isModerator($range->id)) {
throw new AuthorizationFailedException();
}
@@ -36,10 +35,10 @@ class ForumCategoryUpdateSort extends JsonApiController
$category->position = (int) array_search($category->category_id, $category_ids);
$category->store();
},
- "category_id IN (:category_ids) AND range_id = :course_id",
+ "category_id IN (:category_ids) AND range_id = :range_id",
[
"category_ids" => $category_ids,
- "course_id" => $course->id
+ "range_id" => $range->id
]
);
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumConfigIndex.php b/lib/classes/JsonApi/Routes/Forum/ForumConfigIndex.php
index 973dd12..507e2de 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumConfigIndex.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumConfigIndex.php
@@ -2,10 +2,12 @@
namespace JsonApi\Routes\Forum;
-use Course;
+use Config;
+use CoreForum;
+use JsonApi\Routes\RangeAuthority;
+use UserConfig;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -14,21 +16,21 @@ class ForumConfigIndex extends JsonApiController
{
public function __invoke(Request $request, Response $response, $args)
{
- $course = Course::find($args['course_id']);
- if (!$course) {
+ $range = get_object_by_range_id($args['range_id']);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
return $this->getMetaResponse([
- 'is-admin' => \CoreForum::isAdmin($course->id),
- 'is-moderator' => \CoreForum::isModerator($course->id),
- 'anonymous-post' => (bool) \Config::get()->FORUM_ANONYMOUS_POSTINGS,
- 'tile-layout' => (bool) \UserConfig::get($user->user_id)->FORUM_TILE_LAYOUT
+ 'is-admin' => CoreForum::isAdmin($range->id),
+ 'is-moderator' => CoreForum::isModerator($range->id),
+ 'anonymous-post' => (bool) Config::get()->FORUM_ANONYMOUS_POSTINGS,
+ 'tile-layout' => (bool) UserConfig::get($user->user_id)->FORUM_TILE_LAYOUT
]);
}
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumDiscussionIndex.php b/lib/classes/JsonApi/Routes/Forum/ForumDiscussionIndex.php
index a9ef436..d3920a3 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumDiscussionIndex.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumDiscussionIndex.php
@@ -1,10 +1,9 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -25,20 +24,20 @@ class ForumDiscussionIndex extends JsonApiController
public function __invoke(Request $request, Response $response, $args)
{
- $course = Course::find($args['course_id']);
- if (!$course) {
+ $range = get_object_by_range_id($args['range_id']);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
$filtering = $this->getQueryParameters()->getFilteringParameters() ?: [];
$last_visit = $filtering['last-visit'] ?? 0;
- $discussions = ForumDiscussion::getCourseDiscussions($course->id, $last_visit);
+ $discussions = ForumDiscussion::getCourseDiscussions($range->id, $last_visit);
return $this->getPaginatedContentResponse(
array_slice($discussions, ...$this->getOffsetAndLimit()),
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumDiscussionPostings.php b/lib/classes/JsonApi/Routes/Forum/ForumDiscussionPostings.php
index a33c808..2e07c87 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumDiscussionPostings.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumDiscussionPostings.php
@@ -1,15 +1,13 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use Forum\ForumDiscussion;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
-use Forum\ForumPosting;
use Forum\ForumPostingRead;
class ForumDiscussionPostings extends JsonApiController
@@ -31,13 +29,13 @@ class ForumDiscussionPostings extends JsonApiController
throw new RecordNotFoundException();
}
- $course = Course::find($discussion->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($discussion->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumDiscussionShow.php b/lib/classes/JsonApi/Routes/Forum/ForumDiscussionShow.php
index 077a910..93bc970 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumDiscussionShow.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumDiscussionShow.php
@@ -1,11 +1,10 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use Forum\ForumDiscussion;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -26,13 +25,13 @@ class ForumDiscussionShow extends JsonApiController
throw new RecordNotFoundException();
}
- $course = Course::find($discussion->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($discussion->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumPostingReactionStore.php b/lib/classes/JsonApi/Routes/Forum/ForumPostingReactionStore.php
index cb8fc85..a913e9b 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumPostingReactionStore.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumPostingReactionStore.php
@@ -1,11 +1,10 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\BadRequestException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -31,12 +30,12 @@ class ForumPostingReactionStore extends JsonApiController
throw new BadRequestException();
}
- $course = Course::find($posting->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($posting->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumPostingReactions.php b/lib/classes/JsonApi/Routes/Forum/ForumPostingReactions.php
index dfdc0ab..9c6a182 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumPostingReactions.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumPostingReactions.php
@@ -1,11 +1,10 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use Forum\ForumPosting;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -26,13 +25,13 @@ class ForumPostingReactions extends JsonApiController
throw new RecordNotFoundException();
}
- $course = Course::find($posting->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($posting->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumPostingShow.php b/lib/classes/JsonApi/Routes/Forum/ForumPostingShow.php
index 8d29654..4a810b2 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumPostingShow.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumPostingShow.php
@@ -1,11 +1,10 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use Forum\ForumPosting;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -27,13 +26,13 @@ class ForumPostingShow extends JsonApiController
throw new RecordNotFoundException();
}
- $course = Course::find($posting->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($posting->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumPostingStore.php b/lib/classes/JsonApi/Routes/Forum/ForumPostingStore.php
index d32d75e..70c5792 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumPostingStore.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumPostingStore.php
@@ -1,9 +1,8 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\Errors\AuthorizationFailedException;
@@ -35,14 +34,14 @@ class ForumPostingStore extends JsonApiController
$user = $this->getUser($request);
$discussion = ForumDiscussion::find(self::arrayGet($json, 'data.relationships.discussion.data.id'));
- $course = Course::find($discussion->range_id);
+ $range = get_object_by_range_id($discussion->range_id);
- if (!$discussion || !$course) {
+ if (!$discussion || !$range) {
throw new RecordNotFoundException();
}
if (
- !CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC) ||
+ !RangeAuthority::canShowRange($user, $range) ||
$discussion->closed_at
) {
throw new AuthorizationFailedException();
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumSubscriptionIndex.php b/lib/classes/JsonApi/Routes/Forum/ForumSubscriptionIndex.php
index 015f959..8e0cee8 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumSubscriptionIndex.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumSubscriptionIndex.php
@@ -1,10 +1,9 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -21,17 +20,17 @@ class ForumSubscriptionIndex extends JsonApiController
public function __invoke(Request $request, Response $response, $args)
{
- $course = Course::find($args['course_id']);
- if (!$course) {
+ $range = get_object_by_range_id($args['range_id']);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
- $subscriptions = ForumSubscription::getUserSubscriptions($course->id, $user->user_id);
+ $subscriptions = ForumSubscription::getUserSubscriptions($range->id, $user->user_id);
return $this->getPaginatedContentResponse(
array_slice($subscriptions, ...$this->getOffsetAndLimit()),
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumTopicDiscussions.php b/lib/classes/JsonApi/Routes/Forum/ForumTopicDiscussions.php
index d2cbb70..935d9e3 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumTopicDiscussions.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumTopicDiscussions.php
@@ -1,10 +1,9 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use Forum\ForumTopic;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\Errors\AuthorizationFailedException;
@@ -28,13 +27,13 @@ class ForumTopicDiscussions extends JsonApiController
throw new RecordNotFoundException();
}
- $course = Course::find($topic->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($topic->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumTopicIndex.php b/lib/classes/JsonApi/Routes/Forum/ForumTopicIndex.php
index 8be3018..038d0c9 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumTopicIndex.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumTopicIndex.php
@@ -1,10 +1,9 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
use JsonApi\Errors\AuthorizationFailedException;
use JsonApi\Errors\RecordNotFoundException;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\JsonApiController;
@@ -20,17 +19,17 @@ class ForumTopicIndex extends JsonApiController
public function __invoke(Request $request, Response $response, $args)
{
- $course = Course::find($args['course_id']);
- if (!$course) {
+ $range = get_object_by_range_id($args['range_id']);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
- $topics = ForumTopic::getCourseTopics($course->id);
+ $topics = ForumTopic::getCourseTopics($range->id);
return $this->getPaginatedContentResponse(
array_slice($topics, ...$this->getOffsetAndLimit()),
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumTopicShow.php b/lib/classes/JsonApi/Routes/Forum/ForumTopicShow.php
index 99dd427..32704b7 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumTopicShow.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumTopicShow.php
@@ -1,8 +1,7 @@
<?php
namespace JsonApi\Routes\Forum;
-use Course;
-use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\RangeAuthority;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use JsonApi\Errors\AuthorizationFailedException;
@@ -21,13 +20,13 @@ class ForumTopicShow extends JsonApiController
throw new RecordNotFoundException();
}
- $course = Course::find($topic->range_id);
- if (!$course) {
+ $range = get_object_by_range_id($topic->range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
$user = $this->getUser($request);
- if (!CourseAuthority::canShowCourse($user, $course, CourseAuthority::SCOPE_BASIC)) {
+ if (!RangeAuthority::canShowRange($user, $range)) {
throw new AuthorizationFailedException();
}
diff --git a/lib/classes/JsonApi/Routes/Forum/ForumTopicUpdateSort.php b/lib/classes/JsonApi/Routes/Forum/ForumTopicUpdateSort.php
index 8f9e93b..3e77b40 100644
--- a/lib/classes/JsonApi/Routes/Forum/ForumTopicUpdateSort.php
+++ b/lib/classes/JsonApi/Routes/Forum/ForumTopicUpdateSort.php
@@ -2,7 +2,6 @@
namespace JsonApi\Routes\Forum;
use CoreForum;
-use Course;
use JsonApi\Errors\RecordNotFoundException;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
@@ -18,14 +17,14 @@ class ForumTopicUpdateSort extends JsonApiController
public function __invoke(Request $request, Response $response, $args)
{
$json = $this->validate($request);
- $course_id = self::arrayGet($json, 'data.relationships.range.data.id');
+ $range_id = self::arrayGet($json, 'data.relationships.range.data.id');
- $course = Course::find($course_id);
- if (!$course) {
+ $range = get_object_by_range_id($range_id);
+ if (!$range) {
throw new RecordNotFoundException();
}
- if (!CoreForum::isModerator($course->id)) {
+ if (!CoreForum::isModerator($range->id)) {
throw new AuthorizationFailedException();
}
@@ -39,7 +38,7 @@ class ForumTopicUpdateSort extends JsonApiController
"topic_id IN (:topic_ids) AND range_id = :course_id",
[
"topic_ids" => $topic_ids,
- "course_id" => $course->id
+ "course_id" => $range->id
]
);
diff --git a/lib/classes/JsonApi/Routes/Institutes/Authority.php b/lib/classes/JsonApi/Routes/Institutes/Authority.php
index c6ee43b..2f35c23 100644
--- a/lib/classes/JsonApi/Routes/Institutes/Authority.php
+++ b/lib/classes/JsonApi/Routes/Institutes/Authority.php
@@ -7,6 +7,11 @@ use User;
class Authority
{
+ public static function canShowInstitute(User $user, Institute $institute): bool
+ {
+ return $GLOBALS['perm']->have_studip_perm('user', $institute->id, $user->id);
+ }
+
/**
* @SuppressWarnings(PHPMD.Superglobals)
*/
diff --git a/lib/classes/JsonApi/Routes/RangeAuthority.php b/lib/classes/JsonApi/Routes/RangeAuthority.php
new file mode 100644
index 0000000..447ae60
--- /dev/null
+++ b/lib/classes/JsonApi/Routes/RangeAuthority.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace JsonApi\Routes;
+
+use Course;
+use Institute;
+use Range;
+use User;
+use JsonApi\Routes\Courses\Authority as CourseAuthority;
+use JsonApi\Routes\Institutes\Authority as InstituteAuthority;
+
+class RangeAuthority
+{
+ const SCOPE_BASIC = 'basic';
+
+ public static function canShowRange(User $user, Range $range, $scope = self::SCOPE_BASIC): bool
+ {
+ if ($range instanceof Course) {
+ return CourseAuthority::canShowCourse($user, $range, $scope);
+ }
+
+ if ($range instanceof Institute) {
+ return InstituteAuthority::canShowInstitute($user, $range);
+ }
+
+ return false;
+ }
+
+ public static function canEditRange(User $user, Range $range): bool
+ {
+ if ($range instanceof Course) {
+ return CourseAuthority::canEditCourse($user, $range);
+ }
+
+ if ($range instanceof Institute) {
+ return InstituteAuthority::canEditInstitute($user, $range);
+ }
+
+ return false;
+ }
+}
diff --git a/lib/classes/JsonApi/Schemas/Forum/ForumSubscription.php b/lib/classes/JsonApi/Schemas/Forum/ForumSubscription.php
index ecfb699..6cc82e0 100644
--- a/lib/classes/JsonApi/Schemas/Forum/ForumSubscription.php
+++ b/lib/classes/JsonApi/Schemas/Forum/ForumSubscription.php
@@ -39,8 +39,8 @@ class ForumSubscription extends SchemaProvider
$relationships = [];
if ($isPrimary) {
$relationships = $this->addUserRelationship($relationships, $subscription, $includeList);
- $relationships = $this->addRangeRelationship($relationships, $subscription, $includeList);
$relationships = $this->addSubjectRelationship($relationships, $subscription, $includeList);
+ $relationships = $this->addRangeRelationship($relationships, $subscription, $includeList);
}
return $relationships;
diff --git a/lib/functions.php b/lib/functions.php
index cd52968..0849162 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -107,16 +107,18 @@ function get_object_name($range_id, $object_type)
* Returns a sorm object for a given range_id
*
* @param string the range_id
- * @return bool|SimpleORMap Course/Institute/User/Statusgruppen/
+ * @return Course | Institute | User | null
*/
-function get_object_by_range_id($range_id) {
+function get_object_by_range_id($range_id): Course | Institute | User | null
+{
$possible_sorms = "Course Institute User";
foreach(words($possible_sorms) as $sorm) {
if ($object = $sorm::find($range_id)) {
return $object;
}
}
- return false;
+
+ return null;
}
/**
diff --git a/lib/models/Forum/ForumCategory.php b/lib/models/Forum/ForumCategory.php
index de90cab..bf42092 100644
--- a/lib/models/Forum/ForumCategory.php
+++ b/lib/models/Forum/ForumCategory.php
@@ -2,6 +2,7 @@
namespace Forum;
use DBManager;
+use Range;
use User;
/**
@@ -14,6 +15,7 @@ use User;
* @property int $mkdate
* @property int $chdate
*
+ * @property Range $range
* @property ForumTopic[] $topics
* @property array $metadata
*/
@@ -30,6 +32,15 @@ class ForumCategory extends \SimpleORMap
'order_by' => 'ORDER BY position ASC, mkdate DESC',
];
+ $config['additional_fields']['range'] = [
+ 'set' => function (ForumCategory $category, string $field, Range $range) {
+ $category->range_id = $range->getRangeId();
+ },
+ 'get' => function (ForumCategory $category): Range {
+ return get_object_by_range_id($category->range_id);
+ },
+ ];
+
$config['additional_fields']['metadata']['get'] = 'getMetaData';
$config['registered_callbacks']['after_delete'][] = 'onDelete';
@@ -40,9 +51,9 @@ class ForumCategory extends \SimpleORMap
/**
* @return self[]
*/
- public static function getCourseCategories($course_id): array
+ public static function getCourseCategories($range_id): array
{
- return self::findBySQL("range_id = ? ORDER BY position ASC, mkdate DESC", [$course_id]);
+ return self::findBySQL("range_id = ? ORDER BY position ASC, mkdate DESC", [$range_id]);
}
public function getMetaData(): array
diff --git a/lib/models/Forum/ForumDiscussion.php b/lib/models/Forum/ForumDiscussion.php
index 51225bc..70aeab5 100644
--- a/lib/models/Forum/ForumDiscussion.php
+++ b/lib/models/Forum/ForumDiscussion.php
@@ -75,7 +75,7 @@ class ForumDiscussion extends SimpleORMap
/**
* @return self[]
*/
- public static function getCourseDiscussions($course_id, $last_visit = 0): array
+ public static function getCourseDiscussions($range_id, $last_visit = 0): array
{
$query = [
"SELECT
@@ -85,7 +85,7 @@ class ForumDiscussion extends SimpleORMap
JOIN forum_postings as postings USING (discussion_id)
JOIN forum_topics AS topics USING (topic_id)
WHERE topics.range_id = :range_id",
- ['range_id' => $course_id]
+ ['range_id' => $range_id]
];
if ($last_visit) {
diff --git a/lib/models/Forum/ForumPosting.php b/lib/models/Forum/ForumPosting.php
index 55bcce2..11be45d 100644
--- a/lib/models/Forum/ForumPosting.php
+++ b/lib/models/Forum/ForumPosting.php
@@ -74,7 +74,7 @@ class ForumPosting extends SimpleORMap
return null;
}
- public static function getRecentPosts($course_id, int $last_visit = 0): array
+ public static function getRecentPosts($range_id, int $last_visit = 0): array
{
$query = [
"SELECT
@@ -83,10 +83,10 @@ class ForumPosting extends SimpleORMap
FROM forum_topics
JOIN forum_discussions USING(topic_id)
JOIN forum_postings USING(discussion_id)
- WHERE forum_topics.range_id = :course_id AND forum_postings.user_id != :user_id
+ WHERE forum_topics.range_id = :range_id AND forum_postings.user_id != :user_id
",
[
- 'course_id' => $course_id,
+ 'range_id' => $range_id,
'user_id' => User::findCurrent()->user_id
]
];
diff --git a/lib/models/Forum/ForumSubscription.php b/lib/models/Forum/ForumSubscription.php
index fc044a4..2ba8335 100644
--- a/lib/models/Forum/ForumSubscription.php
+++ b/lib/models/Forum/ForumSubscription.php
@@ -1,7 +1,7 @@
<?php
namespace Forum;
-use Course;
+use Range;
use SimpleORMap;
use User;
use Forum\Enum\SubscriptionNotificationType;
@@ -17,7 +17,7 @@ use Forum\Enum\SubscriptionNotificationType;
*
* @property ForumDiscussion | ForumTopic $subject_object
* @property User $user
- * @property Course $range
+ * @property Range $range
*/
class ForumSubscription extends SimpleORMap
@@ -32,10 +32,13 @@ class ForumSubscription extends SimpleORMap
'assoc_foreign_key' => 'user_id'
];
- $config['belongs_to']['range'] = [
- 'class_name' => Course::class,
- 'foreign_key' => 'range_id',
- 'assoc_foreign_key' => 'Seminar_id'
+ $config['additional_fields']['range'] = [
+ 'set' => function (ForumSubscription $subscription, string $field, Range $range) {
+ $subscription->range_id = $range->getRangeId();
+ },
+ 'get' => function (ForumSubscription $subscription): Range {
+ return get_object_by_range_id($subscription->range_id);
+ },
];
$config['additional_fields']['subject_object']['get'] = 'getSubjectObject';
@@ -43,12 +46,15 @@ class ForumSubscription extends SimpleORMap
parent::configure($config);
}
- public static function getUserSubscriptions($course_id, $user_id)
+ /**
+ * @return self[]
+ */
+ public static function getUserSubscriptions(string $range_id, string $user_id): array
{
return self::findBySQL(
"range_id = :range_id AND user_id = :user_id ORDER BY mkdate DESC",
[
- 'range_id' => $course_id,
+ 'range_id' => $range_id,
'user_id' => $user_id
]
);
diff --git a/lib/models/Forum/ForumTopic.php b/lib/models/Forum/ForumTopic.php
index 4d7bf69..8dd5404 100644
--- a/lib/models/Forum/ForumTopic.php
+++ b/lib/models/Forum/ForumTopic.php
@@ -2,6 +2,7 @@
namespace Forum;
use DBManager;
+use Range;
use SimpleORMap;
use User;
@@ -15,6 +16,7 @@ use User;
* @property int $mkdate
* @property int $chdate
*
+ * @property Range $range
* @property ForumCategory $category
* @property ForumDiscussion[] $discussions
* @property User[] $users
@@ -40,6 +42,15 @@ class ForumTopic extends SimpleORMap
'assoc_foreign_key' => 'topic_id',
];
+ $config['additional_fields']['range'] = [
+ 'set' => function (ForumTopic $topic, string $field, Range $range) {
+ $topic->range_id = $range->getRangeId();
+ },
+ 'get' => function (ForumTopic $topic): Range {
+ return get_object_by_range_id($topic->range_id);
+ },
+ ];
+
$config['additional_fields']['users']['get'] = 'getUsers';
$config['additional_fields']['metadata']['get'] = 'getMetaData';
$config['registered_callbacks']['after_delete'][] = 'onDelete';
@@ -50,19 +61,19 @@ class ForumTopic extends SimpleORMap
/**
* @return self[]
*/
- public static function getCourseTopics($course_id): array
+ public static function getCourseTopics(string $range_id): array
{
return self::findBySQL(
- "range_id = :course_id
+ "range_id = :range_id
GROUP BY CASE WHEN category_id IS NULL THEN topic_id ELSE category_id END
ORDER BY position ASC, mkdate DESC",
- ["course_id" => $course_id]
+ ["range_id" => $range_id]
);
}
- public static function getCourseTopic($course_id, $topic_id): self
+ public static function getCourseTopic(string $range_id, string $topic_id): self
{
- return self::findOneBySQL("range_id = ? AND topic_id = ?", [$course_id, $topic_id]);
+ return self::findOneBySQL("range_id = ? AND topic_id = ?", [$range_id, $topic_id]);
}
public function getUsers($last_visit = null): array
generated by cgit v1.0 at 2026-05-27 08:07:10 +0000