diff --git a/main/inc/lib/main_api.lib.php b/main/inc/lib/main_api.lib.php index 694e08a892..c33cc7a8e1 100644 --- a/main/inc/lib/main_api.lib.php +++ b/main/inc/lib/main_api.lib.php @@ -2744,4 +2744,211 @@ function api_add_setting($val,$var,$sk=null,$type='textfield',$c=null,$title='', return $res; } } -?> +/** + * Returns wether a user can or can't view the contents of a course. + * + * @param int $userid User id or NULL to get it from $_SESSION + * @param int $cid Course id to check whether the user is allowed. + * @return bool + */ +function api_is_course_visible_for_user( $userid = null, $cid = null ) { + if ($userid == NULL) + $userid = $_SESSION['_user']['user_id']; + + $course_table = Database::get_main_table(TABLE_MAIN_COURSE); + $course_cat_table = Database::get_main_table(TABLE_MAIN_CATEGORY); + + $sql = "SELECT + $course_table.category_code, + $course_table.visibility, + $course_table.code, + $course_cat_table.code + FROM $course_table + LEFT JOIN $course_cat_table + ON $course_table.category_code = $course_cat_table.code + WHERE + $course_table.code = '$cid' + LIMIT 1"; + + $result = api_sql_query($sql, __FILE__, __LINE__); + + if (Database::num_rows($result) > 0) { + $visibility = Database::fetch_array($result); + $visibility = $visibility[0]['visibility']; + } + + if (api_get_setting('use_session_mode') != 'true') { + $course_user_table = Database::get_main_table(TABLE_MAIN_COURSE_USER); + + $sql = "SELECT + tutor_id, status + FROM $course_user_table + WHERE + user_id = '$userid' + AND + course_code = '$cid' + LIMIT 1"; + + $result = api_sql_query($sql, __FILE__, __LINE__); + + if (Database::num_rows($result) > 0) { + // this user have a recorded state for this course + $cuData = Database::fetch_array($result); + + $is_courseMember = true; + $is_courseTutor = ($cuData['tutor_id' ] == 1); + $is_courseAdmin = ($cuData['status'] == 1); + + } else { + // this user has no status related to this course + $is_courseMember = false; + $is_courseAdmin = false; + $is_courseTutor = false; + } + + $is_courseAdmin = ($is_courseAdmin || $is_platformAdmin); + } else { + $tbl_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER); + + $sql = "SELECT + tutor_id, status, role + FROM $tbl_course_user + WHERE + user_id = '$userid' + AND + course_code = '$cid' + LIMIT 1"; + + $result = api_sql_query($sql, __FILE__, __LINE__); + + if (Database::num_rows($result) > 0) { + // this user have a recorded state for this course + $cuData = Database::fetch_array($result); + + $_courseUser['role'] = $cuData['role']; + $is_courseMember = true; + $is_courseTutor = ($cuData['tutor_id' ] == 1); + $is_courseAdmin = ($cuData['status'] == 1); + } + if (!$is_courseAdmin) { + // this user has no status related to this course + // is it the session coach or the session admin ? + $tbl_session = + Database::get_main_table(TABLE_MAIN_SESSION); + $tbl_session_course = + Database::get_main_table(TABLE_MAIN_SESSION_COURSE); + $tbl_session_course_user = + Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER); + + $sql = "SELECT + session.id_coach, session_admin_id, session.id + FROM + $tbl_session as session + INNER JOIN $tbl_session_course + ON session_rel_course.id_session = session.id + AND session_rel_course.course_code = $cid + LIMIT 1"; + + $result = api_sql_query($sql, __FILE__, __LINE__); + $row = api_store_result($result); + + if($row[0]['id_coach']==$userid) { + $_courseUser['role'] = 'Professor'; + $is_courseMember = true; + $is_courseTutor = true; + $is_courseAdmin = false; + $is_courseCoach = true; + $is_sessionAdmin = false; + + api_session_register('_courseUser'); + } else if($row[0]['session_admin_id']==$userid) { + $_courseUser['role'] = 'Professor'; + $is_courseMember = false; + $is_courseTutor = false; + $is_courseAdmin = false; + $is_courseCoach = false; + $is_sessionAdmin = true; + } else { + // Check if the current user is the course coach + $sql = "SELECT + 1 + FROM $tbl_session_course + WHERE + session_rel_course.course_code = $cid + AND + session_rel_course.id_coach = '$userid' + LIMIT 1"; + + $result = api_sql_query($sql,__FILE__,__LINE__); + + if ($row = Database::fetch_array($result)) { + $_courseUser['role'] = 'Professor'; + $is_courseMember = true; + $is_courseTutor = true; + $is_courseCoach = true; + $is_sessionAdmin = false; + + $tbl_user = Database :: get_main_table(TABLE_MAIN_USER); + + $sql = "SELECT + status + FROM $tbl_user + WHERE + user_id = $userid + LIMIT 1"; + + $result = api_sql_query($sql); + + if (Database::result($result, 0, 0) == 1){ + $is_courseAdmin = true; + } else { + $is_courseAdmin = false; + } + } else { + // Check if the user is a student is this session + $sql = "SELECT + id + FROM $tbl_session_course_user + WHERE + `id_user` = '$userid' + AND + `course_code` = '$cid' + LIMIT 1"; + + if (Database::num_rows($result) > 0) { + // this user have a recorded state for this course + while ($row = Database::fetch_array($result)) { + $is_courseMember = true; + $is_courseTutor = false; + $is_courseAdmin = false; + $is_sessionAdmin = false; + } + } + } + } + } + } + + $is_allowed_in_course = false; + + switch ($visibility) { + case COURSE_VISIBILITY_OPEN_WORLD: + $is_allowed_in_course = true; + break; + case COURSE_VISIBILITY_OPEN_PLATFORM: + if (isset($userid)) + $is_allowed_in_course = true; + break; + case COURSE_VISIBILITY_REGISTERED: + case COURSE_VISIBILITY_CLOSED: + if ($is_platformAdmin || $is_courseMember || $is_courseAdmin) + $is_allowed_in_course = true; + break; + default: + $is_allowed_in_course = false; + break; + } + + return $is_allowed_in_course; +} +?> \ No newline at end of file