Skip to content

Commit

Permalink
Merge pull request #409 from oat-sa/feat/AUT-3576/add-restricted-role…
Browse files Browse the repository at this point in the history
…s-to-RoleBasedContextRestrictAccess

Feat/aut 3576/add restricted roles to role based context restrict access
  • Loading branch information
bartlomiejmarszal authored Apr 4, 2024
2 parents 97aeffc + be7d03c commit fd434bf
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 5 deletions.
2 changes: 1 addition & 1 deletion composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@
"oat-sa/lib-lti1p3-ags": "^1.2",
"oat-sa/lib-lti1p3-core": "^6.0.0",
"oat-sa/generis" : ">=15.22",
"oat-sa/tao-core" : ">=54.8.0"
"oat-sa/tao-core" : ">=54.10.0"
},
"autoload" : {
"psr-4" : {
Expand Down
29 changes: 25 additions & 4 deletions models/classes/ServiceProvider/LtiServiceProvider.php
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@
use oat\oatbox\cache\factory\CacheItemPoolFactory;
use oat\oatbox\cache\ItemPoolSimpleCacheAdapter;
use oat\oatbox\log\LoggerService;
use oat\tao\model\accessControl\RoleBasedContextRestrictAccess;
use oat\tao\model\menu\SectionVisibilityByRoleFilter;
use oat\taoLti\models\classes\Client\LtiClientFactory;
use oat\taoLti\models\classes\LtiAgs\LtiAgsScoreService;
use oat\taoLti\models\classes\LtiAgs\LtiAgsScoreServiceInterface;
Expand All @@ -71,6 +73,12 @@

class LtiServiceProvider implements ContainerServiceProviderInterface
{
private const PORTAL_ACCESS_ROLES = [
LtiRoles::CONTEXT_LTI1P3_ADMINISTRATOR_SUB_DEVELOPER,
LtiRoles::CONTEXT_LTI1P3_CONTENT_DEVELOPER_SUB_CONTENT_DEVELOPER,
LTIRoles::CONTEXT_INSTITUTION_LTI1P3_ADMINISTRATOR,
LtiRoles::CONTEXT_LTI1P3_INSTRUCTOR
];
public function __invoke(ContainerConfigurator $configurator): void
{
$services = $configurator->services();
Expand All @@ -83,11 +91,14 @@ public function __invoke(ContainerConfigurator $configurator): void

$parameters->set(
'rolesAllowed',
self::PORTAL_ACCESS_ROLES
);

$parameters->set(
'restrictedRolesForSectionMap',
[
LtiRoles::CONTEXT_LTI1P3_ADMINISTRATOR_SUB_DEVELOPER,
LtiRoles::CONTEXT_LTI1P3_CONTENT_DEVELOPER_SUB_CONTENT_DEVELOPER,
LTIRoles::CONTEXT_INSTITUTION_LTI1P3_ADMINISTRATOR,
LtiRoles::CONTEXT_LTI1P3_INSTRUCTOR
'help' => self::PORTAL_ACCESS_ROLES,
'settings_my_password' => self::PORTAL_ACCESS_ROLES,
]
);

Expand Down Expand Up @@ -259,5 +270,15 @@ public function __invoke(ContainerConfigurator $configurator): void
param('rolesAllowed')
]
);

$services
->get(RoleBasedContextRestrictAccess::class)
->arg('$restrictedRoles', [
'ltiAuthoringLaunchRestrictRoles' => param('rolesAllowed')
]);

$services->set(SectionVisibilityByRoleFilter::class, SectionVisibilityByRoleFilter::class)
->public()
->args([param('restrictedRolesForSectionMap')]);
}
}

0 comments on commit fd434bf

Please sign in to comment.