diff --git a/main/document/document.php b/main/document/document.php index 8fa5306b32..24b8565735 100755 --- a/main/document/document.php +++ b/main/document/document.php @@ -612,7 +612,7 @@ if (isset($document_id) && empty($action)) { $visibility = DocumentManager::check_visibility_tree( $document_id, - api_get_course_id(), + $courseInfo, $sessionId, api_get_user_id(), $groupIid diff --git a/main/document/edit_odf.php b/main/document/edit_odf.php index 0266557074..74703d5a16 100755 --- a/main/document/edit_odf.php +++ b/main/document/edit_odf.php @@ -27,7 +27,7 @@ if (empty($documentInfo)) { //Check user visibility $is_visible = DocumentManager::check_visibility_tree( $documentId, - api_get_course_id(), + api_get_course_info(), api_get_session_id(), api_get_user_id(), api_get_group_id() diff --git a/main/document/show_content.php b/main/document/show_content.php index a84d576623..1505155790 100755 --- a/main/document/show_content.php +++ b/main/document/show_content.php @@ -76,7 +76,7 @@ if ($is_allowed_in_course == false) { // Check user visibility $is_visible = DocumentManager::check_visibility_tree( $document_id, - api_get_course_id(), + api_get_course_info(), api_get_session_id(), api_get_user_id(), api_get_group_id() diff --git a/main/document/showinframes.php b/main/document/showinframes.php index 416ba937af..ac3939816b 100755 --- a/main/document/showinframes.php +++ b/main/document/showinframes.php @@ -91,7 +91,7 @@ if ($is_allowed_in_course == false) { // Check user visibility. $is_visible = DocumentManager::check_visibility_tree( $document_id, - api_get_course_id(), + api_get_course_info(), api_get_session_id(), api_get_user_id(), api_get_group_id() diff --git a/main/inc/lib/document.lib.php b/main/inc/lib/document.lib.php index fbab73797e..ee16882df4 100644 --- a/main/inc/lib/document.lib.php +++ b/main/inc/lib/document.lib.php @@ -601,7 +601,7 @@ class DocumentManager foreach ($documentData as $row) { $isVisible = self::check_visibility_tree( $row['id'], - $courseInfo['code'], + $courseInfo, $sessionId, api_get_user_id(), $toGroupId @@ -3508,8 +3508,8 @@ class DocumentManager /** * @param int $doc_id - * @param string $course_code - * @param int $session_id + * @param array $courseInfo + * @param int $sessionId * @param int $user_id * @param int $groupId iid * @@ -3517,21 +3517,32 @@ class DocumentManager */ public static function check_visibility_tree( $doc_id, - $course_code, - $session_id, + $courseInfo, + $sessionId, $user_id, $groupId = 0 ) { + if (empty($courseInfo)) { + return false; + } + + $courseCode = $courseInfo['code']; + + if (empty($courseCode)) { + return false; + } + $document_data = self::get_document_data_by_id( $doc_id, - $course_code, + $courseCode, null, - $session_id + $sessionId ); - if ($session_id != 0 && !$document_data) { + + if ($sessionId != 0 && !$document_data) { $document_data = self::get_document_data_by_id( $doc_id, - $course_code, + $courseCode, null, 0 ); @@ -3539,27 +3550,27 @@ class DocumentManager if (!empty($document_data)) { // If admin or course teacher, allow anyway - if (api_is_platform_admin() || CourseManager::is_course_teacher($user_id, $course_code)) { + if (api_is_platform_admin() || CourseManager::is_course_teacher($user_id, $courseCode)) { return true; } - $course_info = api_get_course_info($course_code); + if ($document_data['parent_id'] == false || empty($document_data['parent_id'])) { if (!empty($groupId)) { return true; } - $visible = self::is_visible_by_id($doc_id, $course_info, $session_id, $user_id); + $visible = self::is_visible_by_id($doc_id, $courseInfo, $sessionId, $user_id); return $visible; } else { - $visible = self::is_visible_by_id($doc_id, $course_info, $session_id, $user_id); + $visible = self::is_visible_by_id($doc_id, $courseInfo, $sessionId, $user_id); if (!$visible) { return false; } else { return self::check_visibility_tree( $document_data['parent_id'], - $course_code, - $session_id, + $courseInfo, + $sessionId, $user_id, $groupId );