Skip to content

LTI

Jump to bottom Edit New page
Jan Leißner edited this page Feb 22, 2019 · 11 revisions

Rollen beim Opencast-Server zufügen

ACL Aufbau

Beispielrolle: 'test_Learner', mit 'read = true' wird zu :

<ace><role>test_Learner</role><action>read</action><allow>true</allow></ace>

Und im Gesamtpaket als POST-Body dann zu:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><acl xmlns="http://org.opencastproject.security">
<ace><role>test_Learner</role><action>read</action><allow>true</allow></ace></acl>

Wichtig: Bei der so neu definierten AccessControlList muss mindestens ein Benutzer mit Schreib- und Leserechten existieren! Sollte das der Admin sein:

<ace><role>ROLE_ADMIN</role><action>read</action><allow>true</allow></ace>
<ace><role>ROLE_ADMIN</role><action>write</action><allow>true</allow></ace>

Vollständige Test-ACL:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><acl xmlns="http://org.opencastproject.security"><ace><role>test_Learner</role><action>read</action><allow>true</allow></ace><ace><role>ROLE_ADMIN</role><action>read</action><allow>true</allow></ace><ace><role>ROLE_ADMIN</role><action>write</action><allow>true</allow></ace></acl>

ACL anlegen

Pfad in der API: 'acl-manager/acl' (POST:name;acl)

Benötigt Name und XML-ACL (siehe oben). Nimmt man das obige Beispiel, und wählt als Namen 'test_001_series_acl', ergibt das folgende Antwort vom Opencast-Server:

Status: 200 (OK)

{
  "organizationId": "mh_default_org",
  "name": "test_001_series_acl",
  "id": 7951,
  "acl": {
    "ace": [
      {
        "allow": true,
        "role": "test_Learner",
        "action": "read"
      },
      {
        "allow": true,
        "role": "ROLE_ADMIN",
        "action": "read"
      },
      {
        "allow": true,
        "role": "ROLE_ADMIN",
        "action": "write"
      }
    ]
  }
}

ACL an eine Serie/Episode hängen

Direkt ändern:

Pfad in der API: 'acl-manager/apply/episode/{episodeId}' (POST:aclId;override=true) oder 'acl-manager/apply/series/{seriesId}' (POST:aclId;override=true)

Zeitverzögert ändern:

Pfad in der API: 'acl-manager/episode/{episodeId}' (POST:managedAclId;applicationDate) oder 'acl-manager/series/{seriesId}' (POST:managedAclId;applicationDate)

Generierung des LTI-Mappings und der daraus folgenden ACL's

Mapping:

Array
(
    [s] => Array
        (
            [eb22b326-de01-4301-a511-8ea751fb31f1] => Array
                (
                    [5ccff3d00a4d6e372d3f2d2f37813f8c] => visible
                )

            [b36f979e-39f0-44d0-b4f8-c85c03431143] => Array
                (
                    [a07535cf2f8a72df33c12ddfa4b53dde] => visible
                )

        )

    [e] => Array
        (
        )

ACL's aus dem Mapping:

Array
(
    [s] => Array
        (
            [eb22b326-de01-4301-a511-8ea751fb31f1] => Array
                (
                    [courses] => Array
                        (
                            [0] => 5ccff3d00a4d6e372d3f2d2f37813f8c
                        )

                    [acl] => AccessControlList Object
                        (
                            [entities:AccessControlList:private] => Array
                                (
                                    [0] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => ROLE_ADMIN
                                            [action:AccessControlEntity:private] => read
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                    [1] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => ROLE_ADMIN
                                            [action:AccessControlEntity:private] => write
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                    [2] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => 5ccff3d00a4d6e372d3f2d2f37813f8c_Instructor
                                            [action:AccessControlEntity:private] => read
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                    [3] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => 5ccff3d00a4d6e372d3f2d2f37813f8c_Instructor
                                            [action:AccessControlEntity:private] => write
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                    [4] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => 5ccff3d00a4d6e372d3f2d2f37813f8c_Learner
                                            [action:AccessControlEntity:private] => write
                                            [allow:AccessControlEntity:private] => 
                                        )

                                    [5] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => 5ccff3d00a4d6e372d3f2d2f37813f8c_Learner
                                            [action:AccessControlEntity:private] => read
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                )

                            [name:AccessControlList:private] => combined_5c700f76e6a36_mixed
                        )

                )

            [b36f979e-39f0-44d0-b4f8-c85c03431143] => Array
                (
                    [courses] => Array
                        (
                            [0] => a07535cf2f8a72df33c12ddfa4b53dde
                        )

                    [acl] => AccessControlList Object
                        (
                            [entities:AccessControlList:private] => Array
                                (
                                    [0] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => ROLE_ADMIN
                                            [action:AccessControlEntity:private] => read
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                    [1] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => ROLE_ADMIN
                                            [action:AccessControlEntity:private] => write
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                    [2] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => a07535cf2f8a72df33c12ddfa4b53dde_Instructor
                                            [action:AccessControlEntity:private] => read
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                    [3] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => a07535cf2f8a72df33c12ddfa4b53dde_Instructor
                                            [action:AccessControlEntity:private] => write
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                    [4] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => a07535cf2f8a72df33c12ddfa4b53dde_Learner
                                            [action:AccessControlEntity:private] => write
                                            [allow:AccessControlEntity:private] => 
                                        )

                                    [5] => AccessControlEntity Object
                                        (
                                            [role:AccessControlEntity:private] => a07535cf2f8a72df33c12ddfa4b53dde_Learner
                                            [action:AccessControlEntity:private] => read
                                            [allow:AccessControlEntity:private] => 1
                                        )

                                )

                            [name:AccessControlList:private] => combined_5c700f76e83b0_mixed
                        )

                )

        )

    [e] => Array
        (
        )

)
Add a custom footer
Add a custom sidebar
Clone this wiki locally