Use function "api_protect_course_group"

- Format code - Fix phpdoc - Use function "api_protect_course_group" instead of GroupManager::user_has_access - Add optional course id
8 years ago · 3f6dbcf6d7
parent 0cb4d56942
commit 3f6dbcf6d7
4 changed files with 8 additions and 29 deletions
--- a/main/calendar/agenda_js.php
+++ b/main/calendar/agenda_js.php
@ -57,7 +57,8 @@ if (!empty($group_id)) {
    $group_properties = GroupManager::get_group_properties($group_id);
    $is_group_tutor = GroupManager::is_tutor_of_group(
        api_get_user_id(),
-        $group_properties
+        $group_properties,
        $courseId
    );
    $interbreadcrumb[] = array(
        "url" => api_get_path(WEB_CODE_PATH)."group/group.php?".api_get_cidreq(),
--- a/main/forum/viewforum.php
+++ b/main/forum/viewforum.php
@ -29,6 +29,7 @@ $current_course_tool = TOOL_FORUM;
 // Notification for unauthorized people.
 api_protect_course_script(true);
 api_protect_course_group(GroupManager::GROUP_TOOL_FORUM);
 // The section (tabs).
 $this_section = SECTION_COURSES;
@ -74,12 +75,6 @@ $is_group_tutor = false;
 if (!empty($groupId)) {
    //Group info & group category info
    $group_properties = GroupManager::get_group_properties($groupId);
    //User has access in the group?
    $user_has_access_in_group = GroupManager::user_has_access(
        $userId,
        $group_properties['iid'],
        GroupManager::GROUP_TOOL_FORUM
    );
    $is_group_tutor = GroupManager::is_tutor_of_group(
        api_get_user_id(),
        $group_properties
@ -88,7 +83,7 @@ if (!empty($groupId)) {
    // Course
    if (!api_is_allowed_to_edit(false, true) && //is a student
        (($current_forum_category && $current_forum_category['visibility'] == 0) ||
-        $current_forum['visibility'] == 0 || !$user_has_access_in_group)
+        $current_forum['visibility'] == 0)
    ) {
        api_not_allowed(true);
    }
--- a/main/inc/lib/api.lib.php
+++ b/main/inc/lib/api.lib.php
@ -8274,9 +8274,8 @@ function api_mail_html(
 }
 /**
- * @param string $tool Possible values:
+ * @param string $tool Possible values: GroupManager::GROUP_TOOL_*
- * GroupManager::GROUP_TOOL_*
+ * @param bool $showHeader
 *
 */
 function api_protect_course_group($tool, $showHeader = true)
 {
--- a/main/work/student_work.php
+++ b/main/work/student_work.php
@ -7,6 +7,7 @@ require_once __DIR__.'/../inc/global.inc.php';
 $current_course_tool = TOOL_STUDENTPUBLICATION;
 api_protect_course_script(true);
 api_protect_course_group(GroupManager::GROUP_TOOL_WORK);
 require_once 'work.lib.php';
 $this_section = SECTION_COURSES;
@ -29,24 +30,7 @@ if (empty($userInfo) || empty($courseInfo)) {
 // Only a teachers page.
 if (!empty($group_id)) {
-    $group_properties = GroupManager :: get_group_properties($group_id);
+    $group_properties = GroupManager::get_group_properties($group_id);
    $show_work = false;
    if (api_is_allowed_to_edit(false, true)) {
        $show_work = true;
    } else {
        // you are not a teacher
        $show_work = GroupManager::user_has_access(
            api_get_user_id(),
            $group_properties['iid'],
            GroupManager::GROUP_TOOL_WORK
        );
    }
    if (!$show_work) {
        api_not_allowed();
    }
    $interbreadcrumb[] = array(
        'url' => api_get_path(WEB_CODE_PATH).'group/group.php?'.api_get_cidreq(),
        'name' => get_lang('Groups')