diff --git a/main/attendance/index.php b/main/attendance/index.php index 89b46d9f9b..4ed95638e6 100644 --- a/main/attendance/index.php +++ b/main/attendance/index.php @@ -14,11 +14,11 @@ $language_file = array ('course_description', 'course_info', 'pedaSuggest', 'use // including files require_once '../inc/global.inc.php'; +require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/gradebook_functions.inc.php'; require_once api_get_path(LIBRARY_PATH).'attendance.lib.php'; require_once api_get_path(LIBRARY_PATH).'app_view.php'; require_once api_get_path(LIBRARY_PATH).'ezpdf/class.ezpdf.php'; require_once 'attendance_controller.php'; -require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/gradebook_functions.inc.php'; require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/fe/exportgradebook.php'; $current_course_tool = TOOL_ATTENDANCE; diff --git a/main/exercice/exercice.php b/main/exercice/exercice.php index 7304e64048..355f57258b 100644 --- a/main/exercice/exercice.php +++ b/main/exercice/exercice.php @@ -214,7 +214,7 @@ if ($is_allowedToEdit) { $objExerciseTmp = new Exercise(); $check = Security::check_token('get'); - $exercise_action_locked = api_resource_is_locked_by_gradebook($exerciseId); + $exercise_action_locked = api_resource_is_locked_by_gradebook($exerciseId, LINK_EXERCISE); if ($objExerciseTmp->read($exerciseId)) { if ($check) { @@ -456,7 +456,7 @@ if (!empty($exercise_list)) { foreach ($exercise_list as $row) { $my_exercise_id = $row['id']; - $locked = api_resource_is_locked_by_gradebook($my_exercise_id); + $locked = api_resource_is_locked_by_gradebook($my_exercise_id, LINK_EXERCISE); //echo '
'; $i++; diff --git a/main/exercice/exercise.lib.php b/main/exercice/exercise.lib.php index 7c5780d7bd..004f3fc37a 100644 --- a/main/exercice/exercise.lib.php +++ b/main/exercice/exercise.lib.php @@ -1030,7 +1030,7 @@ function get_exam_results_data($from, $number_of_items, $column, $direction, $ex $user_list_id = array (); $duration_list = ''; - $locked = api_resource_is_locked_by_gradebook($exercise_id); + $locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE); for ($i = 0; $i < $sizeof; $i++) { $revised = $results[$i]['revised']; diff --git a/main/exercice/exercise_report.php b/main/exercice/exercise_report.php index fde5ef6280..add55be9be 100644 --- a/main/exercice/exercise_report.php +++ b/main/exercice/exercise_report.php @@ -59,7 +59,7 @@ $course_id = api_get_course_int_id(); $exercise_id = isset($_REQUEST['exerciseId']) ? intval($_REQUEST['exerciseId']) : null; -$locked = api_resource_is_locked_by_gradebook($exercise_id); +$locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE); if (empty($exercise_id)) { api_not_allowed(); diff --git a/main/exercice/exercise_show.php b/main/exercice/exercise_show.php index 6846d3e32c..be7be23660 100644 --- a/main/exercice/exercise_show.php +++ b/main/exercice/exercise_show.php @@ -79,7 +79,7 @@ $learnpath_item_id = $track_exercise_info['orig_lp_item_id']; $lp_item_view_id = $track_exercise_info['orig_lp_item_view_id']; $current_user_id = api_get_user_id(); -$locked = api_resource_is_locked_by_gradebook($exercise_id); +$locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE); if (empty($objExercise)) { $objExercise = new Exercise(); diff --git a/main/forum/editpost.php b/main/forum/editpost.php index f212f6b2f4..bda90c4820 100644 --- a/main/forum/editpost.php +++ b/main/forum/editpost.php @@ -81,7 +81,7 @@ $current_forum = get_forum_information($_GET['forum']); // Note: This h $current_forum_category = get_forumcategory_information($current_forum['forum_category']); $current_post = get_post_information($_GET['post']); -block_course_item_locked_by_gradebook($_GET['thread']); +block_course_item_locked_by_gradebook($_GET['thread'], LINK_FORUM_THREAD); /* Header and Breadcrumbs */ diff --git a/main/forum/forumfunction.inc.php b/main/forum/forumfunction.inc.php index a5a089ea70..0e557388ec 100644 --- a/main/forum/forumfunction.inc.php +++ b/main/forum/forumfunction.inc.php @@ -823,7 +823,14 @@ function display_visible_invisible_icon($content, $id, $current_visibility_statu * @version february 2006, dokeos 1.8 */ function display_lock_unlock_icon($content, $id, $current_lock_status, $additional_url_parameters = '') { - $id = Security::remove_XSS($id); + $id = intval($id); + //check if the forum is blocked due + if ($content == 'thread') { + if (api_resource_is_locked_by_gradebook($id, LINK_FORUM_THREAD)) { + echo Display::return_icon('lock_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL); + return; + } + } if ($current_lock_status == '1') { echo ''.Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL).''; if (api_resource_is_locked_by_gradebook($row['thread_id'])) { - echo Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL); + echo Display::return_icon('delete_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL); } else { echo '".Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).''; } diff --git a/main/gradebook/lib/be.inc.php b/main/gradebook/lib/be.inc.php index e845612307..f4fd2b427d 100644 --- a/main/gradebook/lib/be.inc.php +++ b/main/gradebook/lib/be.inc.php @@ -13,5 +13,4 @@ require_once 'be/gradebookitem.class.php'; require_once 'be/category.class.php'; require_once 'be/evaluation.class.php'; require_once 'be/result.class.php'; -require_once 'be/linkfactory.class.php'; // this contains the include declarations - // to all link classes +require_once 'be/linkfactory.class.php'; diff --git a/main/gradebook/lib/gradebook_functions.inc.php b/main/gradebook/lib/gradebook_functions.inc.php index 8d726a1e2b..7e5df117c2 100644 --- a/main/gradebook/lib/gradebook_functions.inc.php +++ b/main/gradebook/lib/gradebook_functions.inc.php @@ -11,6 +11,7 @@ * @author Julio Montoya adding security functions * @version april 2007 */ +require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be.inc.php'; require_once 'gradebook_functions_users.inc.php'; require_once api_get_path(LIBRARY_PATH).'grade_model.lib.php'; @@ -319,10 +320,6 @@ function build_edit_icons_link($link, $selectcat) { * @return int false on error or link ID */ function is_resource_in_course_gradebook($course_code, $resource_type, $resource_id, $session_id = 0) { - require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be/linkfactory.class.php'; - require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be.inc.php'; - require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be/linkfactory.class.php'; - // TODO find the corresponding category (the first one for this course, ordered by ID) $t = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY); $l = Database::get_main_table(TABLE_MAIN_GRADEBOOK_LINK); diff --git a/main/inc/lib/attendance.lib.php b/main/inc/lib/attendance.lib.php index ba2f557f98..dde33e3854 100644 --- a/main/inc/lib/attendance.lib.php +++ b/main/inc/lib/attendance.lib.php @@ -1053,7 +1053,7 @@ class Attendance */ public function is_locked_attendance($attendance_id) { //use gradebook lock - $result = api_resource_is_locked_by_gradebook($attendance_id); + $result = api_resource_is_locked_by_gradebook($attendance_id, LINK_ATTENDANCE); return $result; /* diff --git a/main/inc/lib/main_api.lib.php b/main/inc/lib/main_api.lib.php index 4ec2af7e05..62aac76513 100644 --- a/main/inc/lib/main_api.lib.php +++ b/main/inc/lib/main_api.lib.php @@ -5732,7 +5732,7 @@ function api_get_course_table_condition($and = true) { * @param int the item id (tool id, exercise id, lp id) * */ -function api_resource_is_locked_by_gradebook($item_id, $course_code = null) { +function api_resource_is_locked_by_gradebook($item_id, $link_type, $course_code = null) { if (api_is_platform_admin()) { return false; } @@ -5742,7 +5742,8 @@ function api_resource_is_locked_by_gradebook($item_id, $course_code = null) { } $table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_LINK); $item_id = intval($item_id); - $sql = "SELECT locked FROM $table WHERE locked = 1 AND ref_id = $item_id AND type = 1 AND course_code = '$course_code' "; + $link_type = intval($link_type); + $sql = "SELECT locked FROM $table WHERE locked = 1 AND ref_id = $item_id AND type = $link_type AND course_code = '$course_code' "; $result = Database::query($sql); if (Database::num_rows($result)) { return true; @@ -5751,12 +5752,20 @@ function api_resource_is_locked_by_gradebook($item_id, $course_code = null) { return false; } -function block_course_item_locked_by_gradebook($item_id, $course_code = null) { +/** + * Blocks a page if the item was added in a gradebook + * + * @param int exercise id, work id, thread id, + * @param int LINK_EXERCISE, LINK_STUDENTPUBLICATION, LINK_LEARNPATH LINK_FORUM_THREAD, LINK_ATTENDANCE see gradebook/lib/be/linkfactory + * @param string course code + * @return boolean + */ +function block_course_item_locked_by_gradebook($item_id, $link_type, $course_code = null) { if (api_is_platform_admin()) { return false; } - if (api_resource_is_locked_by_gradebook($item_id, $course_code)) { + if (api_resource_is_locked_by_gradebook($item_id, $link_type, $course_code)) { $message = Display::return_message(get_lang('ResourceLockedByGradebook'), 'warning'); api_not_allowed(true, $message); } diff --git a/main/work/work.lib.php b/main/work/work.lib.php index b9229c0a03..06ec794707 100644 --- a/main/work/work.lib.php +++ b/main/work/work.lib.php @@ -468,7 +468,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor $is_assignment = $row['has_properties']; $id2 = $row['id']; //work id - $locked = api_resource_is_locked_by_gradebook($id2); + $locked = api_resource_is_locked_by_gradebook($id2, LINK_STUDENTPUBLICATION); if ($is_allowed_to_edit && $locked == false) { // form edit directory @@ -811,7 +811,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor if ($origin != 'learnpath') { if ($is_allowed_to_edit) { - if (api_resource_is_locked_by_gradebook($id2)) { + if (api_resource_is_locked_by_gradebook($id2, LINK_STUDENTPUBLICATION)) { $action .= Display::return_icon('edit_na.png', get_lang('Edit'), array(), ICON_SIZE_SMALL); $action .= Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL); } else { @@ -1559,7 +1559,7 @@ function get_work_user_list($start, $limit, $column, $direction, $work_id, $wher $is_allowed_to_edit = api_is_allowed_to_edit(null, true); $condition_session = api_get_session_condition($session_id); - $locked = api_resource_is_locked_by_gradebook($work_id); + $locked = api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION); if (!empty($work_data)) { diff --git a/main/work/work.php b/main/work/work.php index 696728e596..ce11736099 100644 --- a/main/work/work.php +++ b/main/work/work.php @@ -495,7 +495,7 @@ switch ($action) { //fixes bug when showing modification form if (!empty($work_id)) { if ($is_allowed_to_edit) { - if (api_resource_is_locked_by_gradebook($work_id)) { + if (api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION)) { echo Display::display_warning_message(get_lang('ResourceLockedByGradebook')); } else { $form->display(); @@ -1023,7 +1023,7 @@ switch ($action) { if ($is_allowed_to_edit && !empty($_REQUEST['delete_dir'])) { $delete_dir_id = intval($_REQUEST['delete_dir']); - $locked = api_resource_is_locked_by_gradebook($delete_dir_id); + $locked = api_resource_is_locked_by_gradebook($delete_dir_id, LINK_STUDENTPUBLICATION); if ($locked == false) { @@ -1062,7 +1062,7 @@ switch ($action) { $file_deleted = false; $is_author = user_is_author($item_id); $work_data = get_work_data_by_id($item_id); - $locked = api_resource_is_locked_by_gradebook($work_data['parent_id']); + $locked = api_resource_is_locked_by_gradebook($work_data['parent_id'], LINK_STUDENTPUBLICATION); if ( ($is_allowed_to_edit && $locked == false) || ($locked == false AND $is_author && api_get_course_setting('student_delete_own_publication') == 1 && $work_data['qualificator_id'] == 0)) { //we found the current user is the author