summaryrefslogtreecommitdiffstats
path: root/dozentenmodulserver/src
diff options
context:
space:
mode:
authorSimon Rettberg2024-05-14 20:46:57 +0200
committerSimon Rettberg2024-05-14 20:46:57 +0200
commit297fe4557adbc7bf8a622f7c036e4e28d8b94477 (patch)
tree03cc0977049e1b64817d12689ec2ac2edab66a0c /dozentenmodulserver/src
parent[server] ADD FUSDDS STIFF (diff)
downloadtutor-module-297fe4557adbc7bf8a622f7c036e4e28d8b94477.tar.gz
tutor-module-297fe4557adbc7bf8a622f7c036e4e28d8b94477.tar.xz
tutor-module-297fe4557adbc7bf8a622f7c036e4e28d8b94477.zip
[server] DbLecture: Properly handle superadmin in getXml()
Diffstat (limited to 'dozentenmodulserver/src')
-rw-r--r--dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java22
1 files changed, 17 insertions, 5 deletions
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java
index abe30a98..5e418873 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbLecture.java
@@ -515,10 +515,16 @@ public class DbLecture {
// Handle user
String userFields = "";
String userJoin = "";
+ boolean isSuperUser = false;
if (user != null) {
- userFields = " b.candownloaddefault, b.caneditdefault, b.canadmindefault,"
- + " ip.candownload, ip.canedit, ip.canadmin,";
- userJoin = " LEFT JOIN imagepermission ip ON (b.imagebaseid = ip.imagebaseid AND ip.userid = :userid)";
+ if (User.isSuperUser(user)) {
+ isSuperUser = true;
+ user = null;
+ } else {
+ userFields = " b.candownloaddefault, b.caneditdefault, b.canadmindefault, b.ownerid,"
+ + " ip.candownload, ip.canedit, ip.canadmin,";
+ userJoin = " LEFT JOIN imagepermission ip ON (b.imagebaseid = ip.imagebaseid AND ip.userid = :userid)";
+ }
}
// Query
try (MysqlConnection connection = Database.getConnection()) {
@@ -557,11 +563,17 @@ public class DbLecture {
int prio = 100;
// Check permissions
int allowEdit = 0;
- if (user != null) {
+ if (isSuperUser) {
+ allowEdit = 3;
+ } else if (user != null) {
boolean admin;
boolean download;
boolean edit;
- if (rs.getString("canadmin") != null) {
+ if (user.userId.equals(rs.getString("ownerid"))) {
+ admin = true;
+ edit = true;
+ download = true;
+ } else if (rs.getString("canadmin") != null) {
admin = rs.getBoolean("canadmin");
edit = rs.getBoolean("canedit");
download = rs.getBoolean("candownload");