From 31958121e903a2121acd8a4dd22cc78a35fb4afd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Marsza=C5=82?= Date: Wed, 20 Mar 2024 15:13:04 +0100 Subject: [PATCH 1/4] feat: add restricted roles to RoleBasedContextRestrictAccess --- models/classes/ServiceProvider/LtiServiceProvider.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/models/classes/ServiceProvider/LtiServiceProvider.php b/models/classes/ServiceProvider/LtiServiceProvider.php index 3f8a6725..3ed07734 100644 --- a/models/classes/ServiceProvider/LtiServiceProvider.php +++ b/models/classes/ServiceProvider/LtiServiceProvider.php @@ -47,6 +47,7 @@ use oat\oatbox\cache\factory\CacheItemPoolFactory; use oat\oatbox\cache\ItemPoolSimpleCacheAdapter; use oat\oatbox\log\LoggerService; +use oat\tao\model\accessControl\RoleBasedContextRestrictAccess; use oat\taoLti\models\classes\Client\LtiClientFactory; use oat\taoLti\models\classes\LtiAgs\LtiAgsScoreService; use oat\taoLti\models\classes\LtiAgs\LtiAgsScoreServiceInterface; @@ -259,5 +260,11 @@ public function __invoke(ContainerConfigurator $configurator): void param('rolesAllowed') ] ); + + $services + ->get(RoleBasedContextRestrictAccess::class) + ->arg('$restrictedRoles', [ + 'ltiAuthoringLaunchRestrictRoles' => param('rolesAllowed') + ]); } } From d5711b47a881d5e3c0c0d2b6a1b3b02b65a142e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Marsza=C5=82?= Date: Thu, 21 Mar 2024 10:40:44 +0100 Subject: [PATCH 2/4] feat: RoleBasedContextRestrictAccess decoration --- .../ServiceProvider/LtiServiceProvider.php | 22 +++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/models/classes/ServiceProvider/LtiServiceProvider.php b/models/classes/ServiceProvider/LtiServiceProvider.php index 3ed07734..34389cfb 100644 --- a/models/classes/ServiceProvider/LtiServiceProvider.php +++ b/models/classes/ServiceProvider/LtiServiceProvider.php @@ -48,6 +48,7 @@ use oat\oatbox\cache\ItemPoolSimpleCacheAdapter; use oat\oatbox\log\LoggerService; use oat\tao\model\accessControl\RoleBasedContextRestrictAccess; +use oat\tao\model\menu\SectionVisibilityByRoleFilter; use oat\taoLti\models\classes\Client\LtiClientFactory; use oat\taoLti\models\classes\LtiAgs\LtiAgsScoreService; use oat\taoLti\models\classes\LtiAgs\LtiAgsScoreServiceInterface; @@ -72,6 +73,12 @@ class LtiServiceProvider implements ContainerServiceProviderInterface { + const PORTAL_ACCESS_ROLES = [ + LtiRoles::CONTEXT_LTI1P3_ADMINISTRATOR_SUB_DEVELOPER, + LtiRoles::CONTEXT_LTI1P3_CONTENT_DEVELOPER_SUB_CONTENT_DEVELOPER, + LTIRoles::CONTEXT_INSTITUTION_LTI1P3_ADMINISTRATOR, + LtiRoles::CONTEXT_LTI1P3_INSTRUCTOR + ]; public function __invoke(ContainerConfigurator $configurator): void { $services = $configurator->services(); @@ -84,11 +91,14 @@ public function __invoke(ContainerConfigurator $configurator): void $parameters->set( 'rolesAllowed', + self::PORTAL_ACCESS_ROLES + ); + + $parameters->set( + 'restrictedRolesForSectionMap', [ - LtiRoles::CONTEXT_LTI1P3_ADMINISTRATOR_SUB_DEVELOPER, - LtiRoles::CONTEXT_LTI1P3_CONTENT_DEVELOPER_SUB_CONTENT_DEVELOPER, - LTIRoles::CONTEXT_INSTITUTION_LTI1P3_ADMINISTRATOR, - LtiRoles::CONTEXT_LTI1P3_INSTRUCTOR + 'help' => self::PORTAL_ACCESS_ROLES, + 'settings_my_password' => self::PORTAL_ACCESS_ROLES, ] ); @@ -266,5 +276,9 @@ public function __invoke(ContainerConfigurator $configurator): void ->arg('$restrictedRoles', [ 'ltiAuthoringLaunchRestrictRoles' => param('rolesAllowed') ]); + + $services->set(SectionVisibilityByRoleFilter::class, SectionVisibilityByRoleFilter::class) + ->public() + ->args([param('restrictedRolesForSectionMap')]); } } From 40e22152ca6c5756e098ea9d04c43f7029893dea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Marsza=C5=82?= Date: Fri, 22 Mar 2024 10:24:50 +0100 Subject: [PATCH 3/4] feat: fix const visibility --- models/classes/ServiceProvider/LtiServiceProvider.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/classes/ServiceProvider/LtiServiceProvider.php b/models/classes/ServiceProvider/LtiServiceProvider.php index 34389cfb..705a881a 100644 --- a/models/classes/ServiceProvider/LtiServiceProvider.php +++ b/models/classes/ServiceProvider/LtiServiceProvider.php @@ -73,7 +73,7 @@ class LtiServiceProvider implements ContainerServiceProviderInterface { - const PORTAL_ACCESS_ROLES = [ + private const PORTAL_ACCESS_ROLES = [ LtiRoles::CONTEXT_LTI1P3_ADMINISTRATOR_SUB_DEVELOPER, LtiRoles::CONTEXT_LTI1P3_CONTENT_DEVELOPER_SUB_CONTENT_DEVELOPER, LTIRoles::CONTEXT_INSTITUTION_LTI1P3_ADMINISTRATOR, From be7d03c443376847a20441fbe131566e96953a0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Marsza=C5=82?= Date: Thu, 4 Apr 2024 17:26:27 +0200 Subject: [PATCH 4/4] feat: bump tao-core dependency --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index d5c0e2ed..1d243504 100644 --- a/composer.json +++ b/composer.json @@ -61,7 +61,7 @@ "oat-sa/lib-lti1p3-ags": "^1.2", "oat-sa/lib-lti1p3-core": "^6.0.0", "oat-sa/generis" : ">=15.22", - "oat-sa/tao-core" : ">=54.8.0" + "oat-sa/tao-core" : ">=54.10.0" }, "autoload" : { "psr-4" : {