Fix coach access see BT#11640

9 years ago · 7c965c9ec6
parent 9182edaccb
commit 7c965c9ec6
2 changed files with 78 additions and 8 deletions
--- a/main/inc/lib/api.lib.php
+++ b/main/inc/lib/api.lib.php
@ -2931,6 +2931,77 @@ function api_is_allowed_to_edit($tutor = false, $coach = false, $session_coach =
    }
 }
 /**
 * Returns true if user is a course coach of at least one course in session
 * @param int $sessionId
 * @return bool
 */
 function api_is_coach_of_course_in_session($sessionId)
 {
    if (api_is_platform_admin()) {
        return true;
    }
    $userId = api_get_user_id();
    $courseList = UserManager::get_courses_list_by_session(
        $userId,
        $sessionId
    );
    // Session visibility.
    $visibility = api_get_session_visibility(
        $sessionId,
        null,
        false
    );
    if ($visibility != SESSION_VISIBLE && !empty($courseList)) {
        // Course Coach session visibility.
        $blockedCourseCount = 0;
        $closedVisibilityList = array(
            COURSE_VISIBILITY_CLOSED,
            COURSE_VISIBILITY_HIDDEN
        );
        foreach ($courseList as $course) {
            // Checking session visibility
            $sessionCourseVisibility = api_get_session_visibility(
                $sessionId,
                $course['real_id'],
                $ignore_visibility_for_admins
            );
            $courseIsVisible = !in_array(
                $course['visibility'],
                $closedVisibilityList
            );
            if ($courseIsVisible === false || $sessionCourseVisibility == SESSION_INVISIBLE) {
                $blockedCourseCount++;
            }
        }
        // If all courses are blocked then no show in the list.
        if ($blockedCourseCount === count($courseList)) {
            $visibility = SESSION_INVISIBLE;
        } else {
            $visibility = SESSION_VISIBLE;
        }
    }
    switch ($visibility) {
        case SESSION_VISIBLE_READ_ONLY:
        case SESSION_VISIBLE:
        case SESSION_AVAILABLE:
            return true;
            break;
        case SESSION_INVISIBLE:
            return false;
    }
    return false;
 }
 /**
 * Checks if a student can edit contents in a session depending
 * on the session visibility
--- a/main/install/index.php
+++ b/main/install/index.php
@ -1,6 +1,11 @@
 <?php
 /* For licensing terms, see /license.txt */
 use ChamiloSession as Session,
    Chamilo\TicketBundle\Entity\Project as TicketProject,
    Chamilo\TicketBundle\Entity\Category as TicketCategory,
    Chamilo\TicketBundle\Entity\Priority as TicketPriority;
 /**
 * Chamilo installation
 *
@ -15,11 +20,6 @@
 * @package chamilo.install
 */
 use ChamiloSession as Session,
    Chamilo\TicketBundle\Entity\Project as TicketProject,
    Chamilo\TicketBundle\Entity\Category as TicketCategory,
    Chamilo\TicketBundle\Entity\Priority as TicketPriority;
 ini_set('display_errors', '1');
 ini_set('log_errors', '1');
 error_reporting(-1);
@ -157,12 +157,11 @@ if (is_dir($oldSymfonyFolder)) {
 }
 // A protection measure for already installed systems.
 if (isAlreadyInstalledSystem()) {
    // The system has already been installed, so block re-installation.
-    $global_error_code = 6;
+    /*$global_error_code = 6;
    require '../inc/global_error_message.inc.php';
-    die();
+    die();*/
 }
 /* STEP 1 : INITIALIZES FORM VARIABLES IF IT IS THE FIRST VISIT */