diff --git a/main/calendar/agenda.inc.php b/main/calendar/agenda.inc.php index 490dc15e7b..b24da5cccc 100644 --- a/main/calendar/agenda.inc.php +++ b/main/calendar/agenda.inc.php @@ -1,4 +1,4 @@ -"false" is added to prevent that the visibility is changed after you do the following: // change visibility -> studentview -> course manager view - if ((is_allowed_to_edit() OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous())) and $_GET['isStudentView']<>"false") + if ((api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous())) and $_GET['isStudentView']<>"false") { if (isset($_GET['id'])&&$_GET['id']&&isset($_GET['action'])&&$_GET['action']=="showhide") { @@ -1412,7 +1418,10 @@ function display_agenda_items() //echo "user:".$_SESSION['user']."group: ".$_SESSION['group']; // A. you are a course admin //if ($is_courseAdmin) - if (is_allowed_to_edit() OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous())) + + $session_condition = intval($_SESSION['id_session'])==0 ? '' : ' AND agenda.session_id IN (0,'.intval($_SESSION['id_session']).') '; + + if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous())) { // A.1. you are a course admin with a USER filter // => see only the messages of this specific user + the messages of the group (s)he is member of. @@ -1428,6 +1437,7 @@ function display_agenda_items() AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND ( toolitemproperties.to_user_id=$user_id OR toolitemproperties.to_group_id IN (0, ".implode(", ", $group_memberships).") ) AND toolitemproperties.visibility='1' + $session_condition ORDER BY start_date ".$_SESSION['sort']; } else @@ -1439,6 +1449,7 @@ function display_agenda_items() AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND ( toolitemproperties.to_user_id=$user_id OR toolitemproperties.to_group_id='0') AND toolitemproperties.visibility='1' + $session_condition ORDER BY start_date ".$_SESSION['sort']; } } @@ -1453,6 +1464,7 @@ function display_agenda_items() AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND ( toolitemproperties.to_group_id=$group_id OR toolitemproperties.to_group_id='0') AND toolitemproperties.visibility='1' + $session_condition GROUP BY toolitemproperties.ref ORDER BY start_date ".$_SESSION['sort']; } @@ -1469,6 +1481,7 @@ function display_agenda_items() WHERE agenda.id = toolitemproperties.ref ".$show_all_current." AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND toolitemproperties.visibility='1' + $session_condition GROUP BY toolitemproperties.ref ORDER BY start_date ".$_SESSION['sort']; @@ -1483,6 +1496,7 @@ function display_agenda_items() WHERE agenda.id = toolitemproperties.ref ".$show_all_current." AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND ( toolitemproperties.visibility='0' or toolitemproperties.visibility='1') + $session_condition GROUP BY toolitemproperties.ref ORDER BY start_date ".$_SESSION['sort']; } @@ -1502,6 +1516,7 @@ function display_agenda_items() AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND ( toolitemproperties.to_user_id=$user_id OR toolitemproperties.to_group_id IN (0, ".implode(", ", $group_memberships).") ) AND toolitemproperties.visibility='1' + $session_condition ORDER BY start_date ".$_SESSION['sort']; } else @@ -1515,6 +1530,7 @@ function display_agenda_items() AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND ( toolitemproperties.to_user_id=$user_id OR toolitemproperties.to_group_id='0') AND toolitemproperties.visibility='1' + $session_condition ORDER BY start_date ".$_SESSION['sort']; } else @@ -1526,6 +1542,7 @@ function display_agenda_items() AND toolitemproperties.tool='".TOOL_CALENDAR_EVENT."' AND toolitemproperties.to_group_id='0' AND toolitemproperties.visibility='1' + $session_condition ORDER BY start_date ".$_SESSION['sort']; } } @@ -1621,7 +1638,7 @@ function display_agenda_items() echo $sent_to_form; echo ""; - if (!$is_repeated && (is_allowed_to_edit() OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous()))) + if (!$is_repeated && (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous()))) { echo ''.get_lang('Modify'); echo ''; @@ -1649,7 +1666,7 @@ function display_agenda_items() --------------------------------------------------*/ - if (!$is_repeated && (is_allowed_to_edit() OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous()))) + if (!$is_repeated && (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous()))) { echo ''; // edit @@ -1677,7 +1694,7 @@ function display_agenda_items() echo ''; - if (!$is_repeated && (is_allowed_to_edit() OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous()))) + if (!$is_repeated && (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous()))) { $td_colspan= ''; } @@ -1916,7 +1933,7 @@ function display_one_agenda_item($agenda_id) DISPLAY: edit delete button (course admin only) --------------------------------------------------*/ echo ''; - if (!$repeat && is_allowed_to_edit()) + if (!$repeat && api_is_allowed_to_edit(false,true)) { // edit echo "", @@ -2531,7 +2548,7 @@ function get_agendaitems($month, $year) $group_memberships = GroupManager :: get_group_ids(Database::get_current_course_database(), $_user['user_id']); // if the user is administrator of that course we show all the agenda items - if (api_is_allowed_to_edit()) + if (api_is_allowed_to_edit(false,true)) { //echo "course admin"; $sqlquery = "SELECT @@ -2616,7 +2633,7 @@ function display_upcoming_events() $group_memberships = GroupManager :: get_group_ids($mycourse['dbName'], $myuser['user_id']); // if the user is administrator of that course we show all the agenda items - if (api_is_allowed_to_edit()) + if (api_is_allowed_to_edit(false,true)) { //echo "course admin"; $sqlquery = "SELECT @@ -3823,9 +3840,9 @@ function agenda_add_item($course_info, $title, $content, $db_start_date, $db_end // store in the table calendar_event $sql = "INSERT INTO ".$t_agenda." - (title,content, start_date, end_date".(!empty($parent_id)?',parent_event_id':'').") + (title,content, start_date, end_date".(!empty($parent_id)?',parent_event_id':'').", session_id) VALUES - ('".$title."','".$content."', '".$start_date."','".$end_date."'".(!empty($parent_id)?','.((int)$parent_id):'').")"; + ('".$title."','".$content."', '".$start_date."','".$end_date."'".(!empty($parent_id)?','.((int)$parent_id):'').", ".intval($_SESSION['id_session']).")"; $result = api_sql_query($sql,__FILE__,__LINE__) or die (Database::error()); $last_id=Database::insert_id(); diff --git a/main/calendar/agenda.php b/main/calendar/agenda.php index 070d22d537..69de6d83e1 100644 --- a/main/calendar/agenda.php +++ b/main/calendar/agenda.php @@ -1,4 +1,4 @@ -'; - if (is_allowed_to_edit() OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous())) + if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous())) { display_courseadmin_links(); } @@ -311,7 +311,7 @@ else // THE RIGHT PART echo ""; -if (is_allowed_to_edit() OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous())) +if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_edit_agenda') && !api_is_anonymous())) { switch ($_GET['action']) { diff --git a/main/inc/lib/add_course.lib.inc.php b/main/inc/lib/add_course.lib.inc.php index a3de718c68..1b029ae5e4 100644 --- a/main/inc/lib/add_course.lib.inc.php +++ b/main/inc/lib/add_course.lib.inc.php @@ -701,9 +701,12 @@ function update_Db_course($courseDbName) start_date datetime NOT NULL default '0000-00-00 00:00:00', end_date datetime NOT NULL default '0000-00-00 00:00:00', parent_event_id INT NULL, + session_id SMALLINT unsigned NOT NULL default 0, PRIMARY KEY (id) )"; api_sql_query($sql, __FILE__, __LINE__); + $sql = "ALTER TABLE `".$TABLETOOLAGENDA . "` ADD INDEX ( session_id ) ;"; + api_sql_query($sql, __FILE__, __LINE__); $sql = " CREATE TABLE `".$TABLETOOLAGENDAREPEAT. "` ( @@ -2016,7 +2019,7 @@ function fill_Db_course($courseDbName, $courseRepository, $language,$default_doc Agenda tool ----------------------------------------------------------- */ - api_sql_query("INSERT INTO `".$TABLETOOLAGENDA . "` VALUES ( NULL, '".lang2db(get_lang('AgendaCreationTitle')) . "', '".lang2db(get_lang('AgendaCreationContenu')) . "', now(), now(), NULL)", __FILE__, __LINE__); + api_sql_query("INSERT INTO `".$TABLETOOLAGENDA . "` VALUES ( NULL, '".lang2db(get_lang('AgendaCreationTitle')) . "', '".lang2db(get_lang('AgendaCreationContenu')) . "', now(), now(), NULL, 0)", __FILE__, __LINE__); //we need to add the item properties too! $insert_id = Database :: get_last_insert_id(); $sql = "INSERT INTO `".$TABLEITEMPROPERTY . "` (tool,insert_user_id,insert_date,lastedit_date,ref,lastedit_type,lastedit_user_id,to_group_id,to_user_id,visibility) VALUES ('" . TOOL_CALENDAR_EVENT . "',1,NOW(),NOW(),$insert_id,'AgendaAdded',1,0,NULL,1)"; diff --git a/main/install/migrate-db-1.8.5-1.8.6-pre.sql b/main/install/migrate-db-1.8.5-1.8.6-pre.sql index 9feefdde7a..25167136f8 100644 --- a/main/install/migrate-db-1.8.5-1.8.6-pre.sql +++ b/main/install/migrate-db-1.8.5-1.8.6-pre.sql @@ -60,3 +60,5 @@ ALTER TABLE forum_category ADD session_id SMALLINT UNSIGNED NOT NULL ; ALTER TABLE forum_category ADD INDEX ( session_id ) ; ALTER TABLE student_publication ADD session_id SMALLINT UNSIGNED NOT NULL default 0 ; ALTER TABLE student_publication ADD INDEX ( session_id ) ; +ALTER TABLE calendar_event ADD session_id SMALLINT UNSIGNED NOT NULL default 0 ; +ALTER TABLE calendar_event ADD INDEX ( session_id ) ;