Skip to content

Commit

Permalink
Set acls for videos, playlists and series (#980)
Browse files Browse the repository at this point in the history 
* set acls for videos, playlists and series

* cleanup acl settings, keep other acls

* fix acl retrieval for seriesclient

* fix update metadata for videos

* fix settings of playlist acls
  • Loading branch information
@tgloeggl
tgloeggl committed Jun 28, 2024
1 parent 6abd1ac commit f656475
Show file tree
Hide file tree
Showing 10 changed files with 327 additions and 203 deletions.
79 changes: 79 additions & 0 deletions cronjobs/opencast_sync_acls.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
<?php
require_once __DIR__.'/../bootstrap.php';
require_once __DIR__.'/../vendor/autoload.php';

use Opencast\Models\Config;
use Opencast\Models\VideoSync;
use Opencast\Models\Videos;
use Opencast\Models\ScheduleHelper;
use Opencast\Models\REST\ApiEventsClient;
use Opencast\Models\REST\ApiPlaylistsClient;
use Opencast\Models\REST\Config as OCConfig;

class OpencastSyncAcls extends CronJob
{

public static function getName()
{
return _('Opencast - Synchronisiert ACLs für Events');
}

public static function getDescription()
{
return _('Opencast: Synchronisiert ACLs für Events');
}

/**
* Iterate over all videos andf playlists from opencast known to Stud.IP
* and set the correct ACLs accordingly
*
* @param string $last_result
* @param array $parameters
*
* @return void
*/
public function execute($last_result, $parameters = array())
{
$db = DBManager::get();

// iterate over all active configured oc instances
$configs = Config::findBySql('active = 1');

foreach ($configs as $config) {
// check, if this opencast instance is accessible
$version = false;

echo 'working on config '. $config->id ."\n";
$version = OCConfig::getOCBaseVersion($config->id);

if (!$version) {
echo 'cannot connect to opencast, skipping!' ."\n";
continue;
} else {
echo "found opencast with version $version, continuing\n";
}

// update endpoints, just to make sure
$config->updateEndpoints();

// call opencast to get all event ids
$api_client = ApiEventsClient::getInstance($config['id']);

foreach ($api_client->getAll() as $event) {
// only add videos / reinspect videos if they are readily processed
if ($event->status == 'EVENTS.EVENTS.STATUS.PROCESSED') {
// check if video exists in Stud.IP
$video = Videos::findByEpisode($event->identifier);

if ($video->config_id != $config->id) {
echo 'config id mismatch for Video with id: '. $video->id .", $config->id <> {$video->config_id}\n";
continue;
}

Videos::checkEventACL(null, null, $video);
}
}
}
}

}
41 changes: 2 additions & 39 deletions lib/Helpers/PlaylistMigration.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,23 +40,14 @@ public static function convert()
self::getOcPlaylistData($playlist, $playlist_videos)
);

if ($oc_playlist) {
// Set ACLs
$oc_playlist = $api_playlists_client->updatePlaylist($oc_playlist->id, [
'title' => $oc_playlist->title,
'description' => $oc_playlist->description,
'creator' => $oc_playlist->creator,
'entries' => $oc_playlist->entries,
'accessControlEntries' => self::getDefaultACL($oc_playlist->id)
]);
}

if ($oc_playlist) {
// Store oc playlist reference in Stud.IP if successfully created
$playlist->config_id = $config_id;
$playlist->service_playlist_id = $oc_playlist->id;
$playlist->store();

Playlists::checkPlaylistACL($oc_playlist, $playlist);

// Store entry ids
for ($i = 0; $i < count($playlist_videos); $i++) {
$stmt = $db->prepare("UPDATE oc_playlist_video
Expand Down Expand Up @@ -174,34 +165,6 @@ public static function getPlaylistVideos($playlist)
return $stmt->fetchAll(\PDO::FETCH_ASSOC);
}


/**
* Get default ACL for playlists
*
* @param string $playlist_id playlist id
* @return array[] ACLs list
*/
public static function getDefaultACL($playlist_id)
{
return [
[
'allow' => true,
'role' => "STUDIP_PLAYLIST_{$playlist_id}_read",
'action' => 'read'
],
[
'allow' => true,
'role' => "STUDIP_PLAYLIST_{$playlist_id}_write",
'action' => 'read'
],
[
'allow' => true,
'role' => "STUDIP_PLAYLIST_{$playlist_id}_write",
'action' => 'write'
]
];
}

/**
* Check if the playlists have been converted to OC playlists
*
Expand Down
66 changes: 66 additions & 0 deletions lib/Models/Helpers.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,4 +264,70 @@ public static function ensureCourseHasOneDefaultPlaylist($course_id, $default_pl
$stmt->execute([$course_id, $default_playlist_id]);
return $stmt->rowCount();
}

/**
* Create list of LTI ACLs for the passed courses. Returns an array with the read
* and write ACLs for Instructor and Learner
*
* @param array $course_ids
*
* @return array
*/
public static function createACLsForCourses($course_ids)
{
$acl = [];

foreach ($course_ids as $course_id) {
$acl[] = [
'allow' => true,
'role' => 'STUDIP_'. $course_id . '_Instructor',
'action' => 'read'
];

$acl[] = [
'allow' => true,
'role' => 'STUDIP_'. $course_id . '_Instructor',
'action' => 'write'
];

$acl[] = [
'allow' => true,
'role' => 'STUDIP_'. $course_id . '_Learner',
'action' => 'read'
];
}

return $acl;
}

/**
* Get all ACL entries Stud.IP is responsible for
*
* @param array $acls
*
* @return array
*/
public static function filterACLs($acls)
{
$possible_roles = [
'ROLE_ANONYMOUS'
];

$result = [];
foreach ($acls as $entry) {
if (in_array($entry['role'], $possible_roles) !== false
|| strpos($entry['role'], 'STUDIP_') === 0
) {
$result[$entry['role'] .'_'. $entry['action']] = $entry;
}
}

$result = array_values($result);
sort($result);

return [
'studip' => $result,
'other' => array_diff($acls, $result)
];
}
}

0 comments on commit f656475

Please sign in to comment.