Skip to content

Commit

Permalink
Merge branch 'main' into THR-18-dev-feature-h5p-editor
Browse files Browse the repository at this point in the history
  • Loading branch information
SteKrause authored Sep 29, 2023
2 parents ca463cc + 6168b3d commit fe11f49
Show file tree
Hide file tree
Showing 46 changed files with 593 additions and 320 deletions.
9 changes: 5 additions & 4 deletions .github/workflows/push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,6 @@ jobs:

- name: test image exists
run: |
mkdir -p ~/.docker
echo '{"experimental": "enabled"}' >> ~/.docker/config.json
echo "IMAGE_EXISTS=$(docker manifest inspect ghcr.io/${{ github.repository }}-${{ matrix.tenants }}:${{ needs.branch_meta.outputs.sha }} > /dev/null && echo 1 || echo 0)" >> $GITHUB_ENV
- name: Set up Docker Buildx
Expand Down Expand Up @@ -159,8 +157,11 @@ jobs:
- deploy
uses: hpi-schul-cloud/e2e-system-tests/.github/workflows/remote-trigger.yml@main
with:
ref: ${{ needs.branch_meta.outputs.branch }}
secrets: inherit
ref: ${{ needs.branch_meta.outputs.branch }}
secrets:
service-account-token: ${{ secrets.CYPRESS_ONEPWD_SERVICE_ACCOUNT_TOKEN }}



test-successful:
runs-on: ubuntu-latest
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ data:
},
'^/impressum': {
},
'^/datenschutz': {
'^/privacypolicy': {
}, */
'^/about': {
defaultSrc: 'https://www10-fms.hpi.uni-potsdam.de https://cloud-instances.s3.hidrive.strato.com https://s3.hidrive.strato.com',
Expand Down
4 changes: 4 additions & 0 deletions config/default.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -597,6 +597,10 @@
"type": "boolean",
"default": false,
"description": "If enabled, adds H5P editor to course topics."
"FEATURE_SHOW_NEW_CLASS_VIEW_ENABLED": {
"type": "boolean",
"default": false,
"description": "Enables the new class list view"
}
},
"allOf": [
Expand Down
2 changes: 2 additions & 0 deletions config/global.js
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ const {
FEATURE_NEW_SCHOOL_ADMINISTRATION_PAGE_AS_DEFAULT_ENABLED,
FEATURE_ALERTS_ON_HOMEPAGE_ENABLED,
FEATURE_BUTTONS_ON_LOGINPAGE_ENABLED,
FEATURE_SHOW_NEW_CLASS_VIEW_ENABLED,
} = process.env;

const exp = {
Expand Down Expand Up @@ -80,6 +81,7 @@ const exp = {
FEATURE_NEW_SCHOOL_ADMINISTRATION_PAGE_AS_DEFAULT_ENABLED,
FEATURE_ALERTS_ON_HOMEPAGE_ENABLED,
FEATURE_BUTTONS_ON_LOGINPAGE_ENABLED,
FEATURE_SHOW_NEW_CLASS_VIEW_ENABLED,
};

// eslint-disable-next-line no-console
Expand Down
2 changes: 1 addition & 1 deletion config/http-headers.js
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ const config = {
},
'^/impressum': {
},
'^/datenschutz': {
'^/privacypolicy': {
}, */
'^/about': {
defaultSrc: 'https://www10-fms.hpi.uni-potsdam.de https://cloud-instances.s3.hidrive.strato.com',
Expand Down
21 changes: 8 additions & 13 deletions controllers/administration.js
Original file line number Diff line number Diff line change
Expand Up @@ -1737,17 +1737,15 @@ router.get(
$sort: 'lastName',
$limit: false,
});
const yearsPromise = getSelectOptions(req, 'years', { $limit: false });

const usersWithConsentsPromise = getUsersWithoutConsent(req, 'student', currentClass._id);

Promise.all([
classesPromise,
teachersPromise,
studentsPromise,
yearsPromise,
usersWithConsentsPromise,
]).then(([classes, teachers, students, schoolyears, allUsersWithoutConsent]) => {
]).then(([classes, teachers, students, allUsersWithoutConsent]) => {
const isAdmin = res.locals.currentUser.permissions.includes(
'ADMIN_VIEW',
);
Expand Down Expand Up @@ -1849,7 +1847,6 @@ router.get(
teachers,
students: filterStudents(res, students),
schoolUsesLdap: res.locals.currentSchoolData.ldapSchoolIdentifier,
schoolyears,
notes,
referrer: '/administration/classes/',
consentsMissing: usersWithoutConsent.length !== 0,
Expand Down Expand Up @@ -2101,16 +2098,14 @@ router.get(
const schoolYears = res.locals.currentSchoolData.years.schoolYears
.sort((a, b) => b.startDate.localeCompare(a.startDate));
const lastDefinedSchoolYear = (schoolYears[0] || {})._id;
const currentYear = res.locals.currentSchoolData.currentYear;

const currentYearObj = schoolYears.filter((year) => year._id === currentYear).pop();

const showTab = (req.query || {}).showTab || 'current';

const currentYear = res.locals.currentSchoolData.currentYear;
const upcomingYears = schoolYears
.filter((year) => year.startDate > currentYearObj.endDate);
.filter((year) => year.startDate > currentYear.endDate);
const archivedYears = schoolYears
.filter((year) => year.endDate < currentYearObj.startDate);
.filter((year) => year.endDate < currentYear.startDate);

let defaultYear;
switch (showTab) {
Expand All @@ -2123,7 +2118,7 @@ router.get(
break;
case 'current':
default:
query['year[$in]'] = [currentYear];
query['year[$in]'] = [currentYear._id];
break;
}

Expand All @@ -2138,7 +2133,7 @@ router.get(
},
{
key: 'current',
title: `${currentYearObj.name}`,
title: `${currentYear.name}`,
link: `/administration/classes/?showTab=current${filterQueryString}`,
}, {
key: 'archive',
Expand Down Expand Up @@ -2217,7 +2212,7 @@ router.get(
};

const years = schoolYears
.filter((year) => year.endDate < currentYearObj.startDate)
.filter((year) => year.endDate < currentYear.startDate)
.map((year) => [
year._id,
year.name,
Expand Down Expand Up @@ -2814,7 +2809,7 @@ router.use(
const [school, totalStorage, schoolMaintanance, consentVersions] = await Promise.all([
api(req).get(`/schools/${res.locals.currentSchool}`, {
qs: {
$populate: ['systems', 'currentYear', 'federalState'],
$populate: ['systems', 'federalState'],
$sort: req.query.sort,
},
}),
Expand Down
27 changes: 26 additions & 1 deletion controllers/courses.js
Original file line number Diff line number Diff line change
Expand Up @@ -726,7 +726,7 @@ router.get('/:courseId/', async (req, res, next) => {

router.patch('/:courseId', async (req, res, next) => {
try {
const redirectUrl = req.query.redirectUrl || getDefaultRedirectUrl(req.params.courseId);
let redirectUrl = req.query.redirectUrl || getDefaultRedirectUrl(req.params.courseId);

// map course times to fit model
req.body.times = req.body.times || [];
Expand Down Expand Up @@ -774,6 +774,20 @@ router.patch('/:courseId', async (req, res, next) => {
}
const { courseId } = req.params;

const isAdministrator = res.locals.currentRole === 'Administrator';
const currentUserId = res.locals.currentUser._id;
const isRemovingYourself = !isAdministrator
&& req.body.teacherIds
&& req.body.substitutionIds
&& !req.body.teacherIds.some((id) => id === currentUserId)
&& !req.body.substitutionIds.some((id) => id === currentUserId);

if (isRemovingYourself) {
// if you are removing yourself from a course you will not have permissions to create events anymore
// so temporarily add yourself to the list of teachers
req.body.teacherIds.push(currentUserId);
}

await deleteEventsForCourse(req, res, courseId);
await api(req).patch(`/courses/${courseId}`, {
json: req.body,
Expand All @@ -782,6 +796,17 @@ router.patch('/:courseId', async (req, res, next) => {
// instead of using the response from patch
const course = await api(req).get(`/courses/${courseId}`);
await createEventsForCourse(req, res, course);

if (isRemovingYourself) {
await api(req).patch(`/courses/${courseId}`, {
json: {
teacherIds: course.teacherIds.filter((id) => id !== currentUserId),
substitutionIds: course.substitutionIds.filter((id) => id !== currentUserId),
},
});
redirectUrl = '/rooms-overview';
}

res.redirect(303, redirectUrl);
} catch (e) {
next(e);
Expand Down
50 changes: 6 additions & 44 deletions controllers/dataprivacy.js
Original file line number Diff line number Diff line change
@@ -1,60 +1,22 @@
const express = require('express');
const { URL } = require('url');
const api = require('../api');
const authHelper = require('../helpers/authentication');
const { DOCUMENT_BASE_DIR, SC_THEME } = require('../config/global');
const { specificFiles } = require('../config/documents');
const { getBase64File } = require('../helpers/fileHelper');
const { getConsentVersion } = require('../helpers/consentVersionHelper');

const router = express.Router();

const privacyUrl = () => {
return new URL(`${SC_THEME}/${specificFiles.privacyExemplary}`, DOCUMENT_BASE_DIR);
};

const downloadPolicyPdf = (res, fileData, fileTitle) => {
// ERR_INVALID_CHAR will get thrown on ukrainian translation without encoding
const encodedFileTitle = encodeURI(fileTitle);
const download = Buffer.from(fileData, 'base64');
res.writeHead(200, {
'Content-Type': 'application/pdf',
'Content-Disposition': `attachment; filename="${encodedFileTitle}.pdf"`,
}).end(download);
};

const getBase64File = async (req, res, fileId, fileTitle) => {
if (fileId) {
const base64File = await api(req).get(`/base64Files/${fileId}`);
if (base64File.data) {
const fileData = base64File.data.replace(
'data:application/pdf;base64,',
'',
);
downloadPolicyPdf(res, fileData, fileTitle);
}
}
};
const privacyUrl = () => new URL(`${SC_THEME}/${specificFiles.privacyExemplary}`, DOCUMENT_BASE_DIR);

router.get('/', async (req, res, next) => {
try {
const isAuthenticated = await authHelper.isAuthenticated(req);
const qs = {
$limit: 1,
consentTypes: 'privacy',
$sort: {
publishedAt: -1,
},
};

if (isAuthenticated && res.locals.currentSchool) {
qs.schoolId = res.locals.currentSchool;
}

const consentVersions = await api(req).get('/consentVersions', { qs });
const consentVersions = await getConsentVersion(req, res, 'privacy');

if (consentVersions.data.length) {
const fileId = consentVersions.data[0].consentDataId;
if (!fileId) {
res.redirect(privacyUrl());
res.redirect(privacyUrl().toString());
}

const fileTitle = res.locals.theme.name === 'thr'
Expand All @@ -63,7 +25,7 @@ router.get('/', async (req, res, next) => {

await getBase64File(req, res, fileId, fileTitle);
} else {
res.redirect(privacyUrl());
res.redirect(privacyUrl().toString());
}
} catch (err) {
next(err);
Expand Down
11 changes: 8 additions & 3 deletions controllers/firstLogin.js
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,14 @@ const hasAccount = (req, res) => api(req).get('/consents', {
},
});

const getSchoolPrivacy = async (req, res) => {
const getSchoolConsentVersionByType = async (req, res, consentType) => {
if (consentType !== 'privacy' && consentType !== 'termsOfUse') {
return undefined;
}

const qs = {
schoolId: res.locals.currentUser.schoolId,
consentTypes: ['privacy'],
consentTypes: [consentType],
consentDataId: { $exists: true },
$limit: 1,
$sort: {
Expand Down Expand Up @@ -249,7 +253,8 @@ router.get('/', async (req, res, next) => {
sso: !!(res.locals.currentPayload || {}).systemId,
now: Date.now(),
sections: sections.map((name) => `firstLogin/sections/${name}`),
schoolPrivacyLink: await getSchoolPrivacy(req, res),
schoolPrivacyLink: await getSchoolConsentVersionByType(req, res, 'privacy'),
schoolTermsLink: await getSchoolConsentVersionByType(req, res, 'termsOfUse'),
schoolPrivacyName: res.$t('global.text.dataProtection'),
submitPageIndex,
userConsent,
Expand Down
3 changes: 1 addition & 2 deletions controllers/homework.js
Original file line number Diff line number Diff line change
Expand Up @@ -370,8 +370,7 @@ const getDeleteHandler = (service, redirectToReferer) => (req, res, next) => {
if (redirectToReferer) {
redirectHelper.safeBackRedirect(req, res);
} else {
res.sendStatus(200);
res.redirect(`/${service}`);
res.redirect(200, `/${service}`);
}
}).catch((err) => {
next(err);
Expand Down
3 changes: 2 additions & 1 deletion controllers/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,8 @@ router.use('/partner/', require('./partner'));
router.use('/community/', require('./community'));
router.use('/about/', require('./about'));
router.use('/help/', require('./help'));
router.use('/datenschutz/', require('./dataprivacy'));
router.use('/privacypolicy/', require('./dataprivacy'));
router.use('/termsofuse/', require('./termsofuse'));
router.use('/my-material', require('./my-material'));
router.use('/base64Files', require('./base64Files'));
router.use('/logs', require('./logs'));
Expand Down
Loading

0 comments on commit fe11f49

Please sign in to comment.