From f5cdb0a2fbe581e0e395e20a5c387bf3bd881876 Mon Sep 17 00:00:00 2001 From: Harald Bamberger Date: Wed, 1 Jul 2026 12:10:06 +0200 Subject: [PATCH] add configs to define grace period and roles, add logic to benutzerberechtigungs class --- config/global.config-default.inc.php | 4 +++ include/benutzerberechtigung.class.php | 37 +++++++++++++++++++++++++- 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/config/global.config-default.inc.php b/config/global.config-default.inc.php index 943363f6d..7351b865b 100644 --- a/config/global.config-default.inc.php +++ b/config/global.config-default.inc.php @@ -373,4 +373,8 @@ define('TESTTOOL_EXTERNE_UEBERWACHUNG_ALLOWED', false); //enable tags in StudVW define('STV_TAGS_ENABLED', false); + +//student accounts grace period +define('STUDENTS_KEEP_PERMISSIONS_AFTER_USER_INACTIVE_PERIOD', '0 days'); +define('STUDENTS_KEEP_PERMISSIONS_AFTER_USER_INACTIVE_ROLES', serialize(array('NO_DEFINED_ROLE'))); ?> diff --git a/include/benutzerberechtigung.class.php b/include/benutzerberechtigung.class.php index 69d4947bf..4685f4bbb 100644 --- a/include/benutzerberechtigung.class.php +++ b/include/benutzerberechtigung.class.php @@ -340,6 +340,40 @@ class benutzerberechtigung extends basis_db return true; } + protected function hasPreStudentStatusInGracePeriod($uid) + { + $period = defined('STUDENTS_KEEP_PERMISSIONS_AFTER_USER_INACTIVE_PERIOD') + ? STUDENTS_KEEP_PERMISSIONS_AFTER_USER_INACTIVE_PERIOD + : '0 days'; + $mapfunc = function($val) { + return $this->db_add_param($val); + }; + $roles = defined('STUDENTS_KEEP_PERMISSIONS_AFTER_USER_INACTIVE_ROLES') + ? implode(', ', array_map($mapfunc, unserialize(STUDENTS_KEEP_PERMISSIONS_AFTER_USER_INACTIVE_ROLES))) + : 'NO_DEFINED_ROLE'; + + $sql = <<db_add_param($uid)} + AND + vs.aktiv = false + AND + public.get_rolle_prestudent(vs.prestudent_id, null) IN ({$roles}) + AND + (vs.updateaktivam + INTERVAL {$this->db_add_param($period)})::date >= CURRENT_DATE +EOSQL; + $result = $this->db_query($sql); + if($result && $this->db_num_rows($result) > 0) + { + return true; + } + return false; + } + /** * Laedt die Berechtigungen eines Users * @param $uid @@ -355,7 +389,8 @@ class benutzerberechtigung extends basis_db if($row = $this->db_fetch_object($result)) { // Wenn die Person nicht aktiv ist dann hat diese auch keine Rechte - if($this->db_parse_bool($row->aktiv) == false) + if($this->db_parse_bool($row->aktiv) == false + && $this->hasPreStudentStatusInGracePeriod($uid) === false) return false; } else