diff options
| -rw-r--r-- | app/controllers/files_dashboard/helpers.php | 2 | ||||
| -rw-r--r-- | app/views/files_dashboard/_search_tr.php | 6 | ||||
| -rw-r--r-- | lib/activities/DocumentsProvider.php | 6 | ||||
| -rw-r--r-- | lib/filesystem/ExerciseFolder.php | 52 | ||||
| -rw-r--r-- | lib/filesystem/FeedbackFolder.php | 52 | ||||
| -rw-r--r-- | lib/filesystem/FileManager.php | 2 | ||||
| -rw-r--r-- | lib/filesystem/FolderType.php | 2 | ||||
| -rw-r--r-- | lib/filesystem/HiddenFolder.php | 5 | ||||
| -rw-r--r-- | lib/filesystem/PermissionEnabledFolder.php | 5 | ||||
| -rw-r--r-- | lib/filesystem/ResponseFolder.php | 52 | ||||
| -rw-r--r-- | lib/filesystem/StandardFolder.php | 14 | ||||
| -rw-r--r-- | lib/models/vips/Exercise.php | 4 |
12 files changed, 49 insertions, 153 deletions
diff --git a/app/controllers/files_dashboard/helpers.php b/app/controllers/files_dashboard/helpers.php index d86fc9f..4489e04 100644 --- a/app/controllers/files_dashboard/helpers.php +++ b/app/controllers/files_dashboard/helpers.php @@ -61,7 +61,7 @@ trait Helpers ); } - if ($folder->isFileDownloadable($fileRef, $user->id)) { + if ($folder->isFileDownloadable($fileRef->id, $user->id)) { $actionMenu->addLink( URLHelper::getURL('dispatch.php/file/choose_destination/copy/'.$fileRef->id), _('Datei kopieren'), diff --git a/app/views/files_dashboard/_search_tr.php b/app/views/files_dashboard/_search_tr.php index 62546da..3927c22 100644 --- a/app/views/files_dashboard/_search_tr.php +++ b/app/views/files_dashboard/_search_tr.php @@ -1,7 +1,7 @@ <tr id="fileref_<?= htmlReady($searchResult['fileRef']->id) ?>"> <td class="files-search-icon"> - <? if ($searchResult['folder']->isFileDownloadable($searchResult['fileRef'], $user->id)) : ?> + <? if ($searchResult['folder']->isFileDownloadable($searchResult['fileRef']->id, $user->id)) : ?> <a href="<?= htmlReady($searchResult['fileRef']->getDownloadURL('force_download')) ?>" target="_blank" rel="noopener noreferrer"> <?= FileManager::getIconForFileRef($searchResult['fileRef'])->asImg(24) ?> </a> @@ -11,7 +11,7 @@ </td> <td> - <? if ($searchResult['folder']->isFileDownloadable($searchResult['fileRef'], $user->id)) : ?> + <? if ($searchResult['folder']->isFileDownloadable($searchResult['fileRef']->id, $user->id)) : ?> <a href="<?= htmlReady($controller->url_for('file/details/'.$searchResult['fileRef']->id)) ?>" data-dialog=""> <? if (mb_strlen(($searchResult['fileRef']->name))) : ?> <?= $controller->markPhrase($searchResult['fileRef']->name, $query->getQuery()) ?> @@ -44,7 +44,7 @@ <td> <? if (mb_strlen($searchResult['fileRef']->description)) : ?> - <? if ($searchResult['folder']->isFileDownloadable($searchResult['fileRef'], $user->id)) : ?> + <? if ($searchResult['folder']->isFileDownloadable($searchResult['fileRef']->id, $user->id)) : ?> <a href="<?= htmlReady($controller->url_for('file/details/'.$searchResult['fileRef']->id)) ?>" data-dialog=""> <?= $controller->markPhrase($searchResult['fileRef']->description, $query->getQuery(), 100) ?> </a> diff --git a/lib/activities/DocumentsProvider.php b/lib/activities/DocumentsProvider.php index fae5df2..0275c3f 100644 --- a/lib/activities/DocumentsProvider.php +++ b/lib/activities/DocumentsProvider.php @@ -23,7 +23,11 @@ class DocumentsProvider implements ActivityProvider $document = \FileRef::find($activity->object_id); // check, if current observer has access to document - if (!$document || !$activity->getContextObject() || !$document->folder->getTypedFolder()->isFileDownloadable($document, $activity->getContextObject()->getObserver()->id)) { + if ( + !$document + || !$activity->getContextObject() + || !$document->folder->getTypedFolder()->isFileDownloadable($document->id, $activity->getContextObject()->getObserver()->id) + ) { return false; } diff --git a/lib/filesystem/ExerciseFolder.php b/lib/filesystem/ExerciseFolder.php index e400bbc..e882de8 100644 --- a/lib/filesystem/ExerciseFolder.php +++ b/lib/filesystem/ExerciseFolder.php @@ -11,21 +11,12 @@ class ExerciseFolder extends StandardFolder { - /** - * @param string|Object $range_id_or_object - * @param string $user_id - * @return bool - */ - public static function availableInRange($range_id_or_object, $user_id) + public static function availableInRange(SimpleORMap|string $range_id_or_object, string $user_id): bool { return false; } - /** - * @param string $user_id - * @return bool - */ - public function isReadable($user_id) + public function isReadable(string $user_id): bool { $exercise = Exercise::find($this->range_id); @@ -42,11 +33,7 @@ class ExerciseFolder extends StandardFolder return false; } - /** - * @param string $user_id - * @return bool - */ - public function isWritable($user_id) + public function isWritable(string $user_id): bool { $exercise = Exercise::find($this->range_id); @@ -61,50 +48,27 @@ class ExerciseFolder extends StandardFolder return false; } - /** - * @param string $user_id - * @return bool - */ - public function isEditable($user_id) + public function isEditable(string $user_id): bool { return false; } - /** - * @param string $user_id - * @return bool - */ - public function isSubfolderAllowed($user_id) + public function isSubfolderAllowed(string $user_id): bool { return false; } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileDownloadable($fileref_or_id, $user_id) + public function isFileDownloadable(string $file_ref_id, string $user_id): bool { return $this->isReadable($user_id); } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileEditable($fileref_or_id, $user_id) + public function isFileEditable(string $file_ref_id, string $user_id): bool { return $this->isWritable($user_id); } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileWritable($fileref_or_id, $user_id) + public function isFileWritable(string $file_ref_id, string $user_id): bool { return $this->isWritable($user_id); } diff --git a/lib/filesystem/FeedbackFolder.php b/lib/filesystem/FeedbackFolder.php index 17511b8..db82a38 100644 --- a/lib/filesystem/FeedbackFolder.php +++ b/lib/filesystem/FeedbackFolder.php @@ -11,21 +11,12 @@ class FeedbackFolder extends StandardFolder { - /** - * @param string|Object $range_id_or_object - * @param string $user_id - * @return bool - */ - public static function availableInRange($range_id_or_object, $user_id) + public static function availableInRange(SimpleORMap|string $range_id_or_object, string $user_id): bool { return false; } - /** - * @param string $user_id - * @return bool - */ - public function isReadable($user_id) + public function isReadable(string $user_id): bool { $solution = VipsSolution::find($this->range_id); $assignment = $solution->assignment; @@ -34,11 +25,7 @@ class FeedbackFolder extends StandardFolder $assignment->checkViewPermission() && $assignment->releaseStatus($user_id) >= 2; } - /** - * @param string $user_id - * @return bool - */ - public function isWritable($user_id) + public function isWritable(string $user_id): bool { $solution = VipsSolution::find($this->range_id); $assignment = $solution->assignment; @@ -46,50 +33,27 @@ class FeedbackFolder extends StandardFolder return $assignment->checkEditPermission(); } - /** - * @param string $user_id - * @return bool - */ - public function isEditable($user_id) + public function isEditable(string $user_id): bool { return false; } - /** - * @param string $user_id - * @return bool - */ - public function isSubfolderAllowed($user_id) + public function isSubfolderAllowed(string $user_id): bool { return false; } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileDownloadable($fileref_or_id, $user_id) + public function isFileDownloadable(string $file_ref_id, string $user_id): bool { return $this->isReadable($user_id); } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileEditable($fileref_or_id, $user_id) + public function isFileEditable(string $file_ref_id, string $user_id): bool { return $this->isWritable($user_id); } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileWritable($fileref_or_id, $user_id) + public function isFileWritable(string $file_ref_id, string $user_id): bool { return $this->isWritable($user_id); } diff --git a/lib/filesystem/FileManager.php b/lib/filesystem/FileManager.php index aafbece..4328fcf 100644 --- a/lib/filesystem/FileManager.php +++ b/lib/filesystem/FileManager.php @@ -1250,7 +1250,7 @@ class FileManager // loop through all files and copy them to the folder path: foreach ($folder->getFiles() as $file_ref) { - if ($folder->isFileDownloadable($file_ref, $user_id) || $ignore_perms) { + if ($folder->isFileDownloadable($file_ref->id, $user_id) || $ignore_perms) { //The user (given by user_id) has the required permissions //to download the file or the permission checks are //ignored. diff --git a/lib/filesystem/FolderType.php b/lib/filesystem/FolderType.php index 4b0501a..ef98af1 100644 --- a/lib/filesystem/FolderType.php +++ b/lib/filesystem/FolderType.php @@ -253,7 +253,7 @@ interface FolderType * Returns an associative array of additional colums with the index the id of the column * and their values as the localized names of the columns * - * @return array('col1' => _("Anfragestatus")) + * @example return ['col1' => _('Anfragestatus')] */ public function getAdditionalColumns(): array; diff --git a/lib/filesystem/HiddenFolder.php b/lib/filesystem/HiddenFolder.php index ef6f23b..df93517 100644 --- a/lib/filesystem/HiddenFolder.php +++ b/lib/filesystem/HiddenFolder.php @@ -132,13 +132,14 @@ class HiddenFolder extends PermissionEnabledFolder */ public function isFileDownloadable(string $file_ref_id, string $user_id): bool { - $fileref = FileRef::toObject($file_ref_id); + $fileref = FileRef::find($file_ref_id); - if (is_object($fileref)) { + if ($fileref) { if ($this->download_allowed || Seminar_Perm::get()->have_studip_perm('tutor', $this->range_id, $user_id)) { return $fileref->terms_of_use->isDownloadable($this->range_id, $this->range_type, true, $user_id); } } + return false; } diff --git a/lib/filesystem/PermissionEnabledFolder.php b/lib/filesystem/PermissionEnabledFolder.php index 032f699..29acb65 100644 --- a/lib/filesystem/PermissionEnabledFolder.php +++ b/lib/filesystem/PermissionEnabledFolder.php @@ -140,13 +140,14 @@ class PermissionEnabledFolder extends StandardFolder */ public function isFileDownloadable(string $file_ref_id, string $user_id): bool { - $fileref = FileRef::toObject($file_ref_id); + $fileref = FileRef::find($file_ref_id); - if (is_object($fileref)) { + if ($fileref) { if ($this->isVisible($user_id) && $this->isFileVisible($fileref, $user_id)) { return $fileref->terms_of_use->isDownloadable($this->range_id, $this->range_type, true, $user_id); } } + return false; } diff --git a/lib/filesystem/ResponseFolder.php b/lib/filesystem/ResponseFolder.php index 598bf28..169405e 100644 --- a/lib/filesystem/ResponseFolder.php +++ b/lib/filesystem/ResponseFolder.php @@ -11,21 +11,12 @@ class ResponseFolder extends StandardFolder { - /** - * @param string|Object $range_id_or_object - * @param string $user_id - * @return bool - */ - public static function availableInRange($range_id_or_object, $user_id) + public static function availableInRange(SimpleORMap|string $range_id_or_object, string $user_id): bool { return false; } - /** - * @param string $user_id - * @return bool - */ - public function isReadable($user_id) + public function isReadable(string $user_id): bool { $solution = VipsSolution::find($this->range_id); $assignment = $solution->assignment; @@ -45,11 +36,7 @@ class ResponseFolder extends StandardFolder && $group->id === $group2->id; } - /** - * @param string $user_id - * @return bool - */ - public function isWritable($user_id) + public function isWritable(string $user_id): bool { $solution = VipsSolution::find($this->range_id); $assignment = $solution->assignment; @@ -57,50 +44,27 @@ class ResponseFolder extends StandardFolder return $assignment->checkEditPermission(); } - /** - * @param string $user_id - * @return bool - */ - public function isEditable($user_id) + public function isEditable(string $user_id): bool { return false; } - /** - * @param string $user_id - * @return bool - */ - public function isSubfolderAllowed($user_id) + public function isSubfolderAllowed(string $user_id): bool { return false; } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileDownloadable($fileref_or_id, $user_id) + public function isFileDownloadable(string $file_ref_id, string $user_id): bool { return $this->isReadable($user_id); } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileEditable($fileref_or_id, $user_id) + public function isFileEditable(string $file_ref_id, string $user_id): bool { return $this->isWritable($user_id); } - /** - * @param FileRef|string $fileref_or_id - * @param string $user_id - * @return bool - */ - public function isFileWritable($fileref_or_id, $user_id) + public function isFileWritable(string $file_ref_id, string $user_id): bool { return $this->isWritable($user_id); } diff --git a/lib/filesystem/StandardFolder.php b/lib/filesystem/StandardFolder.php index 61642e9..6404dd8 100644 --- a/lib/filesystem/StandardFolder.php +++ b/lib/filesystem/StandardFolder.php @@ -423,12 +423,13 @@ class StandardFolder implements FolderType */ public function isFileDownloadable(string $file_ref_id, string $user_id): bool { - $fileref = FileRef::toObject($file_ref_id); if ($this->range_type === 'user') { return $user_id === $this->range_id; } if (in_array($this->range_type, ['course', 'institute'])) { + $fileref = FileRef::find($file_ref_id); + if (is_object($fileref->terms_of_use)) { //terms of use are defined for this file! return $this->isReadable($user_id) @@ -452,7 +453,9 @@ class StandardFolder implements FolderType if ($this->range_type === 'user') { return $user_id === $this->range_id; } - $fileref = FileRef::toObject($file_ref_id); + + $fileref = FileRef::find($file_ref_id); + return $fileref->user_id === $user_id || $GLOBALS['perm']->have_studip_perm('tutor', $this->range_id, $user_id); } @@ -471,12 +474,7 @@ class StandardFolder implements FolderType */ public function isFileWritable(string $file_ref_id, string $user_id): bool { - if ($this->range_type === 'user') { - return $user_id === $this->range_id; - } - $fileref = FileRef::toObject($file_ref_id); - return $fileref->user_id == $user_id - || $GLOBALS['perm']->have_studip_perm('tutor', $this->range_id, $user_id); + return $this->isFileEditable($file_ref_id, $user_id); } /** diff --git a/lib/models/vips/Exercise.php b/lib/models/vips/Exercise.php index a4ef00a..bb142cc 100644 --- a/lib/models/vips/Exercise.php +++ b/lib/models/vips/Exercise.php @@ -15,7 +15,7 @@ abstract class Exercise extends SimpleORMap * The unpacked value from the "task" column in the SORM instance. * This is an array, but type hinting does not work due to SORM * writing the JSON string into this property on restore(). - */ + */ public $task = []; /** @@ -814,7 +814,7 @@ abstract class Exercise extends SimpleORMap if ($file_ref) { $folder = $file_ref->folder->getTypedFolder(); - if ($folder->isFileDownloadable($file_ref, $GLOBALS['user']->id)) { + if ($folder->isFileDownloadable($file_ref->id, $GLOBALS['user']->id)) { if (!$this->folder->file_refs->find($file_id)) { $file = $file_ref->file; // $this->files->append($file); |