From 64262b9a67af6888251999b9bc47b2c10463bec5 Mon Sep 17 00:00:00 2001
From: Murtaza Sultani <sultani@data-quest.de>
Date: Thu, 24 Jul 2025 16:46:41 +0200
Subject: Resolve "Fix Range::isAccessibleToUser() implementation"

Closes #5754

Merge request studip/studip!4387
---
 lib/classes/Range.php    | 2 +-
 lib/models/Course.php    | 8 ++++++--
 lib/models/Institute.php | 7 +++++--
 lib/models/User.php      | 2 +-
 4 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/lib/classes/Range.php b/lib/classes/Range.php
index 97aa074..920f2ff 100644
--- a/lib/classes/Range.php
+++ b/lib/classes/Range.php
@@ -48,7 +48,7 @@ interface Range
      * @param string|null $user_id Optional id of a user, defaults to current user
      * @return bool
      */
-    public function isAccessibleToUser($user_id = null);
+    public function isAccessibleToUser($user_id = null): bool;
 
     /**
      * Decides whether the user may edit/alter the range.
diff --git a/lib/models/Course.php b/lib/models/Course.php
index 5678465..5d31ffd 100644
--- a/lib/models/Course.php
+++ b/lib/models/Course.php
@@ -2150,13 +2150,17 @@ class Course extends SimpleORMap implements Range, PrivacyObject, StudipItem, Fe
      *
      * @param string|null $user_id Optional id of a user, defaults to current user
      * @return bool
-     * @todo Check permissions
      */
-    public function isAccessibleToUser($user_id = null)
+    public function isAccessibleToUser($user_id = null): bool
     {
+        if ($this->lesezugriff == 0 && Config::get()->ENABLE_FREE_ACCESS) {
+            return true;
+        }
+
         if ($user_id === null) {
             $user_id = $GLOBALS['user']->id;
         }
+
         return $GLOBALS['perm']->have_studip_perm('user', $this->id, $user_id);
     }
 
diff --git a/lib/models/Institute.php b/lib/models/Institute.php
index fd6a155..79b01cb 100644
--- a/lib/models/Institute.php
+++ b/lib/models/Institute.php
@@ -300,11 +300,14 @@ class Institute extends SimpleORMap implements Range
      *
      * @param string|null $user_id Optional id of a user, defaults to current user
      * @return bool
-     * @todo Check permissions
      */
     public function isAccessibleToUser($user_id = null): bool
     {
-        return true;
+        if (Config::get()->ENABLE_FREE_ACCESS === '1') {
+            return true;
+        }
+
+        return $GLOBALS['perm']->have_perm('user');
     }
 
     /**
diff --git a/lib/models/User.php b/lib/models/User.php
index 8ca8b1b..96bfb7b 100644
--- a/lib/models/User.php
+++ b/lib/models/User.php
@@ -1526,7 +1526,7 @@ class User extends AuthUserMd5 implements Range, PrivacyObject, Studip\Calendar\
      * @param string|null $user_id Optional id of a user, defaults to current user
      * @return bool
      */
-    public function isAccessibleToUser($user_id = null)
+    public function isAccessibleToUser($user_id = null): bool
     {
         if ($user_id === null) {
             $user_id = self::findCurrent()->id;
-- 
cgit v1.0