Adding the link type in the api_resource_is_locked_by_gradebook() function

13 years ago · 1a2058d4c4
parent 7e977dac71
commit 1a2058d4c4
14 changed files with 39 additions and 27 deletions
--- a/main/attendance/index.php
+++ b/main/attendance/index.php
@ -14,11 +14,11 @@ $language_file = array ('course_description', 'course_info', 'pedaSuggest', 'use
 // including files 
 require_once '../inc/global.inc.php';
 require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/gradebook_functions.inc.php';
 require_once api_get_path(LIBRARY_PATH).'attendance.lib.php';
 require_once api_get_path(LIBRARY_PATH).'app_view.php';
 require_once api_get_path(LIBRARY_PATH).'ezpdf/class.ezpdf.php';
 require_once 'attendance_controller.php';
 require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/gradebook_functions.inc.php';
 require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/fe/exportgradebook.php';
 $current_course_tool  = TOOL_ATTENDANCE;
--- a/main/exercice/exercice.php
+++ b/main/exercice/exercice.php
@ -214,7 +214,7 @@ if ($is_allowedToEdit) {
 		$objExerciseTmp = new Exercise();
 		$check = Security::check_token('get');
-        $exercise_action_locked = api_resource_is_locked_by_gradebook($exerciseId);
+        $exercise_action_locked = api_resource_is_locked_by_gradebook($exerciseId, LINK_EXERCISE);
 		if ($objExerciseTmp->read($exerciseId)) {
 			if ($check) {
@ -456,7 +456,7 @@ if (!empty($exercise_list)) {
        foreach ($exercise_list as $row) {
            $my_exercise_id = $row['id'];                
-            $locked = api_resource_is_locked_by_gradebook($my_exercise_id);
+            $locked = api_resource_is_locked_by_gradebook($my_exercise_id, LINK_EXERCISE);
            //echo '<div  id="tabs-'.$i.'">';
            $i++;                    
--- a/main/exercice/exercise.lib.php
+++ b/main/exercice/exercise.lib.php
@ -1030,7 +1030,7 @@ function get_exam_results_data($from, $number_of_items, $column, $direction, $ex
            $user_list_id = array ();                        
            $duration_list = '';
-            $locked = api_resource_is_locked_by_gradebook($exercise_id);
+            $locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE);
            for ($i = 0; $i < $sizeof; $i++) {                
                $revised = $results[$i]['revised'];	
--- a/main/exercice/exercise_report.php
+++ b/main/exercice/exercise_report.php
@ -59,7 +59,7 @@ $course_id      = api_get_course_int_id();
 $exercise_id    = isset($_REQUEST['exerciseId']) ? intval($_REQUEST['exerciseId']) : null;
-$locked = api_resource_is_locked_by_gradebook($exercise_id);
+$locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE);
 if (empty($exercise_id)) {
    api_not_allowed();
--- a/main/exercice/exercise_show.php
+++ b/main/exercice/exercise_show.php
@ -79,7 +79,7 @@ $learnpath_item_id  = $track_exercise_info['orig_lp_item_id'];
 $lp_item_view_id    = $track_exercise_info['orig_lp_item_view_id'];
 $current_user_id    = api_get_user_id();
-$locked = api_resource_is_locked_by_gradebook($exercise_id);
+$locked = api_resource_is_locked_by_gradebook($exercise_id, LINK_EXERCISE);
 if (empty($objExercise)) {
 	$objExercise = new Exercise();
--- a/main/forum/editpost.php
+++ b/main/forum/editpost.php
@ -81,7 +81,7 @@ $current_forum          = get_forum_information($_GET['forum']); // Note: This h
 $current_forum_category = get_forumcategory_information($current_forum['forum_category']);
 $current_post           = get_post_information($_GET['post']);
-block_course_item_locked_by_gradebook($_GET['thread']);
+block_course_item_locked_by_gradebook($_GET['thread'], LINK_FORUM_THREAD);
 /* Header and Breadcrumbs */
--- a/main/forum/forumfunction.inc.php
+++ b/main/forum/forumfunction.inc.php
@ -823,7 +823,14 @@ function display_visible_invisible_icon($content, $id, $current_visibility_statu
 * @version february 2006, dokeos 1.8
 */
 function display_lock_unlock_icon($content, $id, $current_lock_status, $additional_url_parameters = '') {
-    $id = Security::remove_XSS($id);
+    $id = intval($id);
    //check if the forum is blocked due 
    if ($content == 'thread') {
        if (api_resource_is_locked_by_gradebook($id, LINK_FORUM_THREAD)) {
            echo Display::return_icon('lock_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL);
            return;
        }
    }
    if ($current_lock_status == '1') {
        echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;gidReq='.Security::remove_XSS($_GET['gidReq']).'&amp;';
        if (is_array($additional_url_parameters)) {
--- a/main/forum/viewforum.php
+++ b/main/forum/viewforum.php
@ -142,7 +142,7 @@ if (($my_action == 'lock' OR $my_action == 'unlock') AND isset($_GET['content'])
 // Deleting.
 if ($my_action == 'delete' AND isset($_GET['content']) AND isset($_GET['id']) AND api_is_allowed_to_edit(false, true) && api_is_allowed_to_session_edit(false, true)) {
-    $locked = api_resource_is_locked_by_gradebook($_GET['id']);
+    $locked = api_resource_is_locked_by_gradebook($_GET['id'], LINK_FORUM_THREAD);
    if ($locked == false) {    
        $message = delete_forum_forumcategory_thread($_GET['content'], $_GET['id']); // Note: This has to be cleaned first.
        // Delete link    
@ -405,7 +405,7 @@ if (is_array($threads)) {
                    echo '<a href="editpost.php?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($my_forum).'&amp;thread='.Security::remove_XSS($row['thread_id']).'&amp;post='.$row_post_id['post_id'].'&amp;gidReq='.$_SESSION['toolgroup'].'&amp;origin='.$origin.'&amp;id_attach='.$id_attach.'">'.Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL).'</a>';
                    if (api_resource_is_locked_by_gradebook($row['thread_id'])) {
-                        echo Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL);
+                        echo Display::return_icon('delete_na.png', get_lang('ResourceLockedByGradebook'), array(), ICON_SIZE_SMALL);
                    } else {
                        echo '<a href="'.api_get_self().'?'.api_get_cidreq().'&amp;forum='.Security::remove_XSS($my_forum).'&amp;action=delete&amp;content=thread&amp;gidReq='.$_SESSION['toolgroup'].'&amp;id='.$row['thread_id'].$origin_string."\" onclick=\"javascript:if(!confirm('".addslashes(api_htmlentities(get_lang('DeleteCompleteThread'), ENT_QUOTES))."')) return false;\">".Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
                    }
--- a/main/gradebook/lib/be.inc.php
+++ b/main/gradebook/lib/be.inc.php
@ -13,5 +13,4 @@ require_once 'be/gradebookitem.class.php';
 require_once 'be/category.class.php';
 require_once 'be/evaluation.class.php';
 require_once 'be/result.class.php';
-require_once 'be/linkfactory.class.php';	// this contains the include declarations
+require_once 'be/linkfactory.class.php';
 											// to all link classes
--- a/main/gradebook/lib/gradebook_functions.inc.php
+++ b/main/gradebook/lib/gradebook_functions.inc.php
@ -11,6 +11,7 @@
 * @author Julio Montoya <gugli100@gmail.com> adding security functions
 * @version april 2007
 */
 require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be.inc.php';
 require_once 'gradebook_functions_users.inc.php';
 require_once api_get_path(LIBRARY_PATH).'grade_model.lib.php';
@ -319,10 +320,6 @@ function build_edit_icons_link($link, $selectcat) {
 * @return   int     false on error or link ID
 */
 function is_resource_in_course_gradebook($course_code, $resource_type, $resource_id, $session_id = 0) {
    require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be/linkfactory.class.php';
    require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be.inc.php';
 	require_once api_get_path(SYS_CODE_PATH).'gradebook/lib/be/linkfactory.class.php';
    // TODO find the corresponding category (the first one for this course, ordered by ID)
    $t = Database::get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY);
    $l = Database::get_main_table(TABLE_MAIN_GRADEBOOK_LINK);
--- a/main/inc/lib/attendance.lib.php
+++ b/main/inc/lib/attendance.lib.php
@ -1053,7 +1053,7 @@ class Attendance
         */
        public function is_locked_attendance($attendance_id) {
            //use gradebook lock
-            $result = api_resource_is_locked_by_gradebook($attendance_id);            
+            $result = api_resource_is_locked_by_gradebook($attendance_id, LINK_ATTENDANCE);            
            return $result;
            /*
--- a/main/inc/lib/main_api.lib.php
+++ b/main/inc/lib/main_api.lib.php
@ -5732,7 +5732,7 @@ function api_get_course_table_condition($and = true) {
 * @param int the item id (tool id, exercise id, lp id)
 * 
 */
-function api_resource_is_locked_by_gradebook($item_id, $course_code = null) {
+function api_resource_is_locked_by_gradebook($item_id, $link_type, $course_code = null) {
    if (api_is_platform_admin()) {
        return false;
    }
@ -5742,7 +5742,8 @@ function api_resource_is_locked_by_gradebook($item_id, $course_code = null) {
        }
        $table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_LINK);
        $item_id = intval($item_id);
-        $sql = "SELECT locked FROM $table WHERE locked = 1 AND ref_id = $item_id AND type = 1 AND course_code = '$course_code' ";                        
+        $link_type = intval($link_type);
        $sql = "SELECT locked FROM $table WHERE locked = 1 AND ref_id = $item_id AND type = $link_type AND course_code = '$course_code' ";                        
        $result = Database::query($sql);
        if (Database::num_rows($result)) {
            return true;
@ -5751,12 +5752,20 @@ function api_resource_is_locked_by_gradebook($item_id, $course_code = null) {
    return false;
 }
-function block_course_item_locked_by_gradebook($item_id, $course_code = null) {
+/**
 * Blocks a page if the item was added in a gradebook
 * 
 * @param int       exercise id, work id, thread id,
 * @param int       LINK_EXERCISE, LINK_STUDENTPUBLICATION, LINK_LEARNPATH LINK_FORUM_THREAD, LINK_ATTENDANCE see gradebook/lib/be/linkfactory
 * @param string    course code
 * @return boolean 
 */
 function block_course_item_locked_by_gradebook($item_id, $link_type, $course_code = null) {
    if (api_is_platform_admin()) {
        return false;
    }
-    if (api_resource_is_locked_by_gradebook($item_id, $course_code)) {
+    if (api_resource_is_locked_by_gradebook($item_id, $link_type, $course_code)) {
        $message = Display::return_message(get_lang('ResourceLockedByGradebook'), 'warning');
        api_not_allowed(true, $message);
    }    
--- a/main/work/work.lib.php
+++ b/main/work/work.lib.php
@ -468,7 +468,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 			$is_assignment   = $row['has_properties'];
 			$id2             = $row['id']; //work id
-            $locked = api_resource_is_locked_by_gradebook($id2);
+            $locked = api_resource_is_locked_by_gradebook($id2, LINK_STUDENTPUBLICATION);
 			if ($is_allowed_to_edit && $locked == false) {
 			    // form edit directory
@ -811,7 +811,7 @@ function display_student_publications_list($id, $link_target_parameter, $dateFor
 			if ($origin != 'learnpath') {
 				if ($is_allowed_to_edit) {
-                    if (api_resource_is_locked_by_gradebook($id2)) {
+                    if (api_resource_is_locked_by_gradebook($id2, LINK_STUDENTPUBLICATION)) {
                        $action .= Display::return_icon('edit_na.png', get_lang('Edit'), array(), ICON_SIZE_SMALL);
                        $action .= Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL);
                    } else {
@ -1559,7 +1559,7 @@ function get_work_user_list($start, $limit, $column, $direction, $work_id, $wher
    $is_allowed_to_edit = api_is_allowed_to_edit(null, true);    
    $condition_session  = api_get_session_condition($session_id);
-    $locked = api_resource_is_locked_by_gradebook($work_id);
+    $locked = api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION);
    if (!empty($work_data)) {
--- a/main/work/work.php
+++ b/main/work/work.php
@ -495,7 +495,7 @@ switch ($action) {
        //fixes bug when showing modification form		
        if (!empty($work_id)) {
            if ($is_allowed_to_edit) {
-                if (api_resource_is_locked_by_gradebook($work_id)) {
+                if (api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION)) {
                    echo Display::display_warning_message(get_lang('ResourceLockedByGradebook'));
                } else {
                    $form->display();
@ -1023,7 +1023,7 @@ switch ($action) {
 		if ($is_allowed_to_edit && !empty($_REQUEST['delete_dir'])) {
            $delete_dir_id = intval($_REQUEST['delete_dir']);
-            $locked = api_resource_is_locked_by_gradebook($delete_dir_id);
+            $locked = api_resource_is_locked_by_gradebook($delete_dir_id, LINK_STUDENTPUBLICATION);
            if ($locked == false) {
@ -1062,7 +1062,7 @@ switch ($action) {
            $file_deleted = false;	
            $is_author = user_is_author($item_id);     
            $work_data = get_work_data_by_id($item_id);            
-            $locked = api_resource_is_locked_by_gradebook($work_data['parent_id']);
+            $locked = api_resource_is_locked_by_gradebook($work_data['parent_id'], LINK_STUDENTPUBLICATION);
            if ( ($is_allowed_to_edit && $locked == false) || ($locked == false AND $is_author && api_get_course_setting('student_delete_own_publication') == 1 && $work_data['qualificator_id'] == 0)) {
                //we found the current user is the author