a few

2026-03-07 20:58:35 -05:00 · 2026-03-02 09:41:33 +02:00
parent 5ac0515d05
commit 45774fbc8c
19 changed files with 50 additions and 61 deletions
--- a/files/views/media.py
+++ b/files/views/media.py
@@ -178,7 +178,7 @@ class MediaList(APIView):
                    rbac_categories = request.user.get_rbac_categories_as_member()
                    conditions |= Q(category__in=rbac_categories)

-                media = base_queryset.filter(conditions).distinct()
+                media = base_queryset.filter(conditions).exclude(user=request.user).distinct()
        elif author_param:
            user_queryset = User.objects.all()
            user = get_object_or_404(user_queryset, username=author_param)
--- a/frontend/src/static/js/pages/ProfileMediaPage.js
+++ b/frontend/src/static/js/pages/ProfileMediaPage.js
@@ -3,7 +3,7 @@ import PropTypes from 'prop-types';
 import { ApiUrlContext, LinksConsumer, MemberContext } from '../utils/contexts';
 import { PageStore, ProfilePageStore } from '../utils/stores';
 import { ProfilePageActions, PageActions } from '../utils/actions';
-import { inEmbeddedApp, inSelectMediaEmbedMode, associateMediaWithLtiCategory, translateString } from '../utils/helpers/';
+import { inEmbeddedApp, inSelectMediaEmbedMode, translateString } from '../utils/helpers/';
 import { MediaListWrapper } from '../components/MediaListWrapper';
 import ProfilePagesHeader from '../components/profile-page/ProfilePagesHeader';
 import ProfilePagesContent from '../components/profile-page/ProfilePagesContent';
@@ -213,9 +213,6 @@ export class ProfileMediaPage extends Page {
                    newSelectedMedia.add(mediaId);
                    console.log('Selected media item:', mediaId);

-                    // Associate media with the current LTI course category (fire-and-forget)
-                    associateMediaWithLtiCategory(mediaId);
-
                    // Send postMessage to parent window (Moodle TinyMCE plugin)
                    if (window.parent !== window) {
                        // Construct the embed URL
--- a/frontend/src/static/js/pages/ProfileSharedByMePage.js
+++ b/frontend/src/static/js/pages/ProfileSharedByMePage.js
@@ -11,7 +11,7 @@ import { ProfileMediaFilters } from '../components/search-filters/ProfileMediaFi
 import { ProfileMediaTags } from '../components/search-filters/ProfileMediaTags';
 import { ProfileMediaSorting } from '../components/search-filters/ProfileMediaSorting';
 import { BulkActionsModals } from '../components/BulkActionsModals';
-import { inEmbeddedApp, inSelectMediaEmbedMode, associateMediaWithLtiCategory, translateString } from '../utils/helpers';
+import { inEmbeddedApp, inSelectMediaEmbedMode } from '../utils/helpers';
 import { withBulkActions } from '../utils/hoc/withBulkActions';

 import { Page } from './_Page';
@@ -357,9 +357,6 @@ class ProfileSharedByMePage extends Page {
                    newSelectedMedia.add(mediaId);
                    console.log('Selected media item:', mediaId);

-                    // Associate media with the current LTI course category (fire-and-forget)
-                    associateMediaWithLtiCategory(mediaId);
-
                    // Send postMessage to parent window (Moodle TinyMCE plugin)
                    if (window.parent !== window) {
                        // Construct the embed URL
--- a/frontend/src/static/js/pages/ProfileSharedWithMePage.js
+++ b/frontend/src/static/js/pages/ProfileSharedWithMePage.js
@@ -10,7 +10,7 @@ import { LazyLoadItemListAsync } from '../components/item-list/LazyLoadItemListA
 import { ProfileMediaFilters } from '../components/search-filters/ProfileMediaFilters';
 import { ProfileMediaTags } from '../components/search-filters/ProfileMediaTags';
 import { ProfileMediaSorting } from '../components/search-filters/ProfileMediaSorting';
-import { inEmbeddedApp, inSelectMediaEmbedMode, associateMediaWithLtiCategory, translateString } from '../utils/helpers';
+import { inEmbeddedApp, inSelectMediaEmbedMode } from '../utils/helpers';

 import { Page } from './_Page';

@@ -355,9 +355,6 @@ export class ProfileSharedWithMePage extends Page {
                    newSelectedMedia.add(mediaId);
                    console.log('Selected media item:', mediaId);

-                    // Associate media with the current LTI course category (fire-and-forget)
-                    associateMediaWithLtiCategory(mediaId);
-
                    // Send postMessage to parent window (Moodle TinyMCE plugin)
                    if (window.parent !== window) {
                        // Construct the embed URL
--- a/frontend/src/static/js/utils/helpers/embeddedApp.ts
+++ b/frontend/src/static/js/utils/helpers/embeddedApp.ts
@@ -49,33 +49,3 @@ export function getLtiContextId(): string | null {
        return null;
    }
 }
-
-export function associateMediaWithLtiCategory(mediaId: string): void {
-    const ltiContextId = getLtiContextId();
-
-    if (!ltiContextId || !mediaId) {
-        return;
-    }
-
-    const csrfMatch = document.cookie.match(/(?:^|;\s*)csrftoken=([^;]+)/);
-    const csrfToken = csrfMatch ? csrfMatch[1] : '';
-
-    fetch('/api/v1/media/user/bulk_actions', {
-        method: 'POST',
-        headers: {
-            'Content-Type': 'application/json',
-            'X-CSRFToken': csrfToken,
-        },
-        body: JSON.stringify({
-            action: 'add_to_category',
-            media_ids: [mediaId],
-            lti_context_id: ltiContextId,
-        }),
-    }).then(response => {
-        if (!response.ok) {
-            console.warn('[MediaCMS LTI] Failed to associate media with course category:', response.statusText);
-        }
-    }).catch(error => {
-        console.warn('[MediaCMS LTI] Failed to associate media with course category:', error);
-    });
-}
--- a/frontend/src/static/js/utils/helpers/index.js
+++ b/frontend/src/static/js/utils/helpers/index.js
@@ -14,4 +14,4 @@ export * from './quickSort';
 export * from './requests';
 export { translateString } from './translate';
 export { replaceString } from './replacementStrings';
-export { inEmbeddedApp, inSelectMediaEmbedMode, isSelectMediaMode, associateMediaWithLtiCategory } from './embeddedApp';
+export { inEmbeddedApp, inSelectMediaEmbedMode, isSelectMediaMode } from './embeddedApp';
--- a/lti/views.py
+++ b/lti/views.py
@@ -30,7 +30,8 @@ from pylti1p3.exception import LtiException
 from pylti1p3.message_launch import MessageLaunch
 from pylti1p3.oidc_login import OIDCLogin

-from files.models import Media
+from files.models import Media, MediaPermission
+from rbac.models import RBACMembership

 from .adapters import DjangoRequest, DjangoSessionService, DjangoToolConfig
 from .handlers import (
@@ -42,7 +43,7 @@ from .handlers import (
    validate_lti_session,
 )
 from .keys import get_jwks
-from .models import LTILaunchLog, LTIPlatform, LTIToolKeys
+from .models import LTILaunchLog, LTIPlatform, LTIResourceLink, LTIToolKeys

 logger = logging.getLogger(__name__)

@@ -697,10 +698,37 @@ class EmbedMediaLTIView(View):
        can_view = False

        if lti_session and request.user.is_authenticated:
-            if request.user.has_member_access_to_media(media):
-                can_view = True
+            context_id = lti_session.get('context_id')
+            platform_id = lti_session.get('platform_id')
+            if context_id and platform_id:
+                try:
+                    resource_link = (
+                        LTIResourceLink.objects.filter(
+                            platform_id=platform_id,
+                            context_id=context_id,
+                        )
+                        .select_related('rbac_group')
+                        .first()
+                    )
+                    if resource_link and resource_link.rbac_group:
+                        has_course_access = RBACMembership.objects.filter(
+                            user=request.user,
+                            rbac_group=resource_link.rbac_group,
+                        ).exists()
+                        if has_course_access:
+                            MediaPermission.objects.get_or_create(
+                                user=request.user,
+                                media=media,
+                                defaults={
+                                    'owner_user': media.user,
+                                    'permission': 'viewer',
+                                },
+                            )
+                            can_view = True
+                except Exception:
+                    logger.exception('EmbedMediaLTIView: error checking course access for user=%s media=%s', request.user, friendly_token)

-        if media.state in ["public", "unlisted"]:
+        if not can_view and media.state in ["public", "unlisted"]:
            can_view = True

        if not can_view:
--- a/static/js/_commons.js
+++ b/static/js/_commons.js
--- a/static/js/categories.js
+++ b/static/js/categories.js
--- a/static/js/embed.js
+++ b/static/js/embed.js
--- a/static/js/featured.js
+++ b/static/js/featured.js
--- a/static/js/index.js
+++ b/static/js/index.js
--- a/static/js/latest.js
+++ b/static/js/latest.js
--- a/static/js/members.js
+++ b/static/js/members.js
--- a/static/js/profile-shared-by-me.js
+++ b/static/js/profile-shared-by-me.js
--- a/static/js/profile-shared-with-me.js
+++ b/static/js/profile-shared-with-me.js
--- a/static/js/recommended.js
+++ b/static/js/recommended.js
--- a/static/js/search.js
+++ b/static/js/search.js
--- a/static/js/tags.js
+++ b/static/js/tags.js