diff options
author | Simon Rettberg | 2021-04-21 15:55:29 +0200 |
---|---|---|
committer | Simon Rettberg | 2021-04-21 15:55:29 +0200 |
commit | 283097468556ee9f501ada2e80fd815307e89d41 (patch) | |
tree | 0dc884c633ab155b9faffabfa55b1cf7264c3be2 | |
parent | [server] Fix download of images for students (diff) | |
download | tutor-module-28309746.tar.gz tutor-module-28309746.tar.xz tutor-module-28309746.zip |
[server] Reject student logins if student download is disabled
-rw-r--r-- | dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/RuntimeConfig.java | 4 | ||||
-rw-r--r-- | dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/RuntimeConfig.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/RuntimeConfig.java index 30d2f4a8..ea450717 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/RuntimeConfig.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/RuntimeConfig.java @@ -101,4 +101,8 @@ public class RuntimeConfig { return cache.get().allowLoginByDefault; } + public static boolean allowStudentDownload() { + return cache.get().allowStudentDownload; + } + } diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java index abea5433..43cdebe0 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java @@ -2,6 +2,7 @@ package org.openslx.bwlp.sat.permissions; import java.sql.SQLException; +import org.openslx.bwlp.sat.RuntimeConfig; import org.openslx.bwlp.sat.database.mappers.DbImage; import org.openslx.bwlp.sat.database.mappers.DbLecture; import org.openslx.bwlp.sat.database.mappers.DbOrganization; @@ -58,6 +59,9 @@ public class User { * @return null if user is allowed, {@link AuthorizationError} otherwise */ public static AuthorizationError canLogin(UserInfo user) { + // Student download allowed? If not, reject students right away + if (!RuntimeConfig.allowStudentDownload() && user.role == Role.STUDENT) + return AuthorizationError.ACCOUNT_SUSPENDED; LocalUser localData = LocalData.getLocalUser(user); if (localData != null) { if (localData.canLogin) |