From 15f7a7576ab48a362a479f43034510b4e80bb1b2 Mon Sep 17 00:00:00 2001 From: Steffen Jost Date: Fri, 25 Nov 2022 17:14:52 +0100 Subject: [PATCH] fix(lms): filtering qualifications by supervisor works properly now --- routes | 8 ++++---- src/Foundation/Authorization.hs | 2 ++ src/Handler/LMS.hs | 2 +- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/routes b/routes index da4defb88..090b2585f 100644 --- a/routes +++ b/routes @@ -103,8 +103,8 @@ /user/lang LangR POST !free /user/storage-key StorageKeyR POST !free -/for/#CryptoUUIDUser/user ForProfileR GET POST !supervisor -/for/#CryptoUUIDUser/user/profile ForProfileDataR GET !supervisor +/for/#CryptoUUIDUser/user ForProfileR GET POST !supervisor !self +/for/#CryptoUUIDUser/user/profile ForProfileDataR GET !supervisor !self /exam-office ExamOfficeR !exam-office: @@ -280,8 +280,8 @@ -- !/*{CI FilePath} CryptoFileNameDispatchR GET !free -- Disabled until preliminary check for valid cID exists -- for users -/qualification QualificationAllR GET !free -- TODO repurpose -/qualification/#SchoolId QualificationSchoolR GET !free -- TODO repurpose +/qualification QualificationAllR GET -- TODO repurpose +/qualification/#SchoolId QualificationSchoolR GET -- TODO repurpose /qualification/#SchoolId/#QualificationShorthand QualificationR GET -- TODO repurpose -- SAP export diff --git a/src/Foundation/Authorization.hs b/src/Foundation/Authorization.hs index e792dcbde..1078158c9 100644 --- a/src/Foundation/Authorization.hs +++ b/src/Foundation/Authorization.hs @@ -1665,6 +1665,8 @@ tagAccessPredicate AuthSelf = APDB $ \_ _ mAuthId route _ -> exceptT return retu UserNotificationR cID -> return $ Left cID UserPasswordR cID -> return $ Left cID CourseR _ _ _ (CUserR cID) -> return $ Left cID + ForProfileR cID -> return $ Left cID + ForProfileDataR cID -> return $ Left cID CApplicationR _ _ _ cID _ -> do appId <- catchIfMExceptT (const $ unauthorizedI MsgUnauthorizedSelf) (const True :: CryptoIDError -> Bool) $ decrypt cID CourseApplication{..} <- maybeMExceptT (unauthorizedI MsgUnauthorizedSelf) . $cachedHereBinary appId $ get appId diff --git a/src/Handler/LMS.hs b/src/Handler/LMS.hs index 83101e26f..a5468f722 100644 --- a/src/Handler/LMS.hs +++ b/src/Handler/LMS.hs @@ -560,7 +560,7 @@ postLmsR sid qsh = do where -- i18nLms :: (RenderMessage UniWorX msg, IsDBTable m a) => msg -> DBCell m a i18nLms msg = cell [whamlet|LMS #|] <> i18nCell msg - psValidator = def -- TODO: hier einen Filter für Schützlinge einbauen + psValidator = def & forceFilter "may-access" (Any True) tbl <- mkLmsTable qent acts (const E.true) colChoices psValidator return (tbl, qent)