Steps to reproduce:
1. Upload a recording without assigning it a series
2. Log into matterhorn as a user other than superadmin (e.g. admin1) and go to engage
1. Create a series and assign privileges to ootb roles for Series 1 (instructor, student, admin)
2. Upload a recording, assigning it to the series you created in step 1.
3. Log into matterhorn as as a user other than superadmin (e.g. admin1) and go to engage
Don't see the recording in the Media Gallery (although if go to the Media Gallery page without being logged in, you do see it. This is correct in the case of the recording with no series, incorrect in the case of the series for which only series 1 roles were given access)
Workaround (if any):
I went through the following links on my test server to see if any links that should be exposed to all of the users (admin, admin1, student1, anonymous) or shouldn't be exposed to users were available but to me it looks like everything except the videos are still locked down properly.
I wasn't sure how to test the oaipmh and lti links as well I don't know if any services that live at:
I have to say that i don't have much knowledge in this area. How did you test it?
I looked at our default spring security configuration file (https://opencast.jira.com/svn/MH/trunk/docs/felix/conf/security/mh_default_org.xml) and tried to find one asset or web page that fit the requirements for each of those categories. I then classified each of those locations for each of the types of users (anonymous, ROLE_USER, ROLE_COURSE_ADMIN, ROLE_ADMIN) as places they should or shouldn't be able to go. Then I logged in as each user and tried to access all of those links to see if they could or couldn't get to them. I plan to automate this process as part of the integration tests but I am trying to come up with a way that won't break easily
Applied patch by Xavier and Lukas
Reopening to fix role handling in test cases