From a348c8f4d24889198850e3f7d2f4ff93e3e2a66a Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Tue, 16 Jul 2019 12:14:41 +0200 Subject: [PATCH] Improve function is_lp_visible_for_student see BT#15881 --- main/document/download_scorm.php | 2 +- main/inc/lib/course_home.lib.php | 8 +-- main/inc/lib/display.lib.php | 2 +- main/inc/lib/groupmanager.lib.php | 10 +-- main/inc/lib/webservices/Rest.php | 2 +- main/lp/download.php | 1 + main/lp/learnpath.class.php | 18 +++--- main/lp/learnpathList.class.php | 2 +- main/lp/lp_controller.php | 2 +- main/lp/lp_impress.php | 2 +- main/lp/lp_list.php | 104 ++++++++++++------------------ 11 files changed, 67 insertions(+), 86 deletions(-) diff --git a/main/document/download_scorm.php b/main/document/download_scorm.php index 20b84e829a..51b76a49ad 100755 --- a/main/document/download_scorm.php +++ b/main/document/download_scorm.php @@ -29,7 +29,7 @@ if (empty($obj)) { } // If is visible for the current user -if (!learnpath::is_lp_visible_for_student($obj->get_id(), api_get_user_id())) { +if (!learnpath::is_lp_visible_for_student($obj->get_id(), api_get_user_id(), $_course)) { api_not_allowed(); } diff --git a/main/inc/lib/course_home.lib.php b/main/inc/lib/course_home.lib.php index 5cb1bd2599..4d9c85f493 100755 --- a/main/inc/lib/course_home.lib.php +++ b/main/inc/lib/course_home.lib.php @@ -140,7 +140,7 @@ class CourseHome !learnpath::is_lp_visible_for_student( $lpId, api_get_user_id(), - api_get_course_id(), + api_get_course_info(), api_get_session_id() ) ) { @@ -352,7 +352,7 @@ class CourseHome !learnpath::is_lp_visible_for_student( $lpId, api_get_user_id(), - api_get_course_id(), + api_get_course_info(), api_get_session_id() ) ) { @@ -679,7 +679,7 @@ class CourseHome $add = learnpath::is_lp_visible_for_student( $lpId, $userId, - $courseInfo['code'], + $courseInfo, $sessionId ); } @@ -868,7 +868,7 @@ class CourseHome !learnpath::is_lp_visible_for_student( $lpId, api_get_user_id(), - api_get_course_id(), + api_get_course_info(), api_get_session_id() ) ) { diff --git a/main/inc/lib/display.lib.php b/main/inc/lib/display.lib.php index 07e40ce92f..7df4d067db 100755 --- a/main/inc/lib/display.lib.php +++ b/main/inc/lib/display.lib.php @@ -1725,7 +1725,7 @@ class Display } if ($notification['tool'] == TOOL_LEARNPATH) { - if (!learnpath::is_lp_visible_for_student($notification['ref'], $user_id, $course_code)) { + if (!learnpath::is_lp_visible_for_student($notification['ref'], $user_id, $courseInfo)) { continue; } } diff --git a/main/inc/lib/groupmanager.lib.php b/main/inc/lib/groupmanager.lib.php index f66443b27d..297711f772 100755 --- a/main/inc/lib/groupmanager.lib.php +++ b/main/inc/lib/groupmanager.lib.php @@ -2233,16 +2233,18 @@ class GroupManager * Get all groups where a specific user is subscribed. * * @param int $user_id + * @param int $courseId * * @return array */ - public static function getAllGroupPerUserSubscription($user_id) + public static function getAllGroupPerUserSubscription($user_id, $courseId = 0) { $table_group_user = Database::get_course_table(TABLE_GROUP_USER); $table_tutor_user = Database::get_course_table(TABLE_GROUP_TUTOR); $table_group = Database::get_course_table(TABLE_GROUP); - $user_id = intval($user_id); - $course_id = api_get_course_int_id(); + $user_id = (int) $user_id; + $courseId = empty($courseId) ? api_get_course_int_id() : (int) $courseId; + $sql = "SELECT DISTINCT g.* FROM $table_group g LEFT JOIN $table_group_user gu @@ -2250,7 +2252,7 @@ class GroupManager LEFT JOIN $table_tutor_user tu ON (tu.group_id = g.iid AND g.c_id = tu.c_id) WHERE - g.c_id = $course_id AND + g.c_id = $courseId AND (gu.user_id = $user_id OR tu.user_id = $user_id) "; $res = Database::query($sql); $groups = []; diff --git a/main/inc/lib/webservices/Rest.php b/main/inc/lib/webservices/Rest.php index 2a388b23b4..061b346473 100644 --- a/main/inc/lib/webservices/Rest.php +++ b/main/inc/lib/webservices/Rest.php @@ -760,7 +760,7 @@ class Rest extends WebService if (!learnpath::is_lp_visible_for_student( $lpId, $this->user->getId(), - $this->course->getCode(), + api_get_course_info($this->course->getCode()), $sessionId )) { continue; diff --git a/main/lp/download.php b/main/lp/download.php index 58f620647a..1d3f720431 100755 --- a/main/lp/download.php +++ b/main/lp/download.php @@ -14,6 +14,7 @@ $this_section = SECTION_COURSES; // Protection api_protect_course_script(); +$_course = api_get_course_info(); if (!isset($_course)) { api_not_allowed(true); diff --git a/main/lp/learnpath.class.php b/main/lp/learnpath.class.php index 6a68079d41..c7d084e83c 100755 --- a/main/lp/learnpath.class.php +++ b/main/lp/learnpath.class.php @@ -2491,20 +2491,20 @@ class learnpath * of its prerequisite is completed, considering the time availability and * the LP visibility. * - * @param int $lp_id - * @param int $student_id - * @param null $courseCode - * @param int $sessionId + * @param int $lp_id + * @param int $student_id + * @param array $courseInfo + * @param int $sessionId * * @return bool */ public static function is_lp_visible_for_student( $lp_id, $student_id, - $courseCode = null, + $courseInfo = [], $sessionId = 0 ) { - $courseInfo = api_get_course_info($courseCode); + $courseInfo = empty($courseInfo) ? api_get_course_info() : $courseInfo; $lp_id = (int) $lp_id; $sessionId = (int) $sessionId; @@ -2516,8 +2516,10 @@ class learnpath $sessionId = api_get_session_id(); } + $courseId = $courseInfo['real_id']; + $itemInfo = api_get_item_property_info( - $courseInfo['real_id'], + $courseId, TOOL_LEARNPATH, $lp_id, $sessionId @@ -2599,7 +2601,7 @@ class learnpath if ($userVisibility == 1) { $is_visible = true; } else { - $userGroups = GroupManager::getAllGroupPerUserSubscription($student_id); + $userGroups = GroupManager::getAllGroupPerUserSubscription($student_id, $courseId); if (!empty($userGroups)) { foreach ($userGroups as $groupInfo) { $groupId = $groupInfo['iid']; diff --git a/main/lp/learnpathList.class.php b/main/lp/learnpathList.class.php index 71c554c1e2..8094a07c8e 100755 --- a/main/lp/learnpathList.class.php +++ b/main/lp/learnpathList.class.php @@ -152,7 +152,7 @@ class LearnpathList $lpVisibility = learnpath::is_lp_visible_for_student( $row->getId(), $user_id, - $course_code + $course_info ); if ($lpVisibility === false) { continue; diff --git a/main/lp/lp_controller.php b/main/lp/lp_controller.php index ecae877fd7..9878478d6d 100755 --- a/main/lp/lp_controller.php +++ b/main/lp/lp_controller.php @@ -895,7 +895,7 @@ switch ($action) { // Teachers can export to PDF if (!$is_allowed_to_edit) { - if (!learnpath::is_lp_visible_for_student($_SESSION['oLP']->lp_id, api_get_user_id())) { + if (!learnpath::is_lp_visible_for_student($_SESSION['oLP']->lp_id, api_get_user_id(), $_course)) { api_not_allowed(); } } diff --git a/main/lp/lp_impress.php b/main/lp/lp_impress.php index dcfdc3868b..f50ae03853 100755 --- a/main/lp/lp_impress.php +++ b/main/lp/lp_impress.php @@ -19,7 +19,7 @@ $lp_id = intval($_GET['lp_id']); // Check if the learning path is visible for student - (LP requisites) if (!api_is_allowed_to_edit(null, true) && - !learnpath::is_lp_visible_for_student($lp_id, api_get_user_id()) + !learnpath::is_lp_visible_for_student($lp_id, api_get_user_id(), api_get_course_info()) ) { api_not_allowed(); } diff --git a/main/lp/lp_list.php b/main/lp/lp_list.php index 6c6d0199ec..e00819f500 100755 --- a/main/lp/lp_list.php +++ b/main/lp/lp_list.php @@ -189,6 +189,8 @@ $courseSettingsDisableIcon = Display::return_icon( get_lang('CourseSettings') ); +$enableAutoLaunch = api_get_course_setting('enable_lp_auto_launch'); + $data = []; /** @var CLpCategory $item */ foreach ($categories as $item) { @@ -261,19 +263,19 @@ foreach ($categories as $item) { continue; } - $lpVisibility = learnpath::is_lp_visible_for_student($id, $userId); - $isBlocked = learnpath::isBlockedByPrerequisite( - $userId, - $details['prerequisite'], - $courseInfo, - api_get_session_id() - ); + $lpVisibility = learnpath::is_lp_visible_for_student($id, $userId, $courseInfo); // Check if the learnpath is visible for student. - if (!$is_allowed_to_edit && $lpVisibility === false - && ($isBlocked && $showBlockedPrerequisite === false) - ) { - continue; + if (!$is_allowed_to_edit) { + $isBlocked = learnpath::isBlockedByPrerequisite( + $userId, + $details['prerequisite'], + $courseInfo, + api_get_session_id() + ); + if ($lpVisibility === false && $isBlocked && $showBlockedPrerequisite === false) { + continue; + } } $start_time = $end_time = ''; @@ -537,22 +539,20 @@ foreach ($categories as $item) { 'invisible.png', get_lang('Show') ), - api_get_self().'?'.$cidReq - ."&lp_id=$id&action=toggle_visible&new_status=1" + api_get_self().'?'.$cidReq."&lp_id=$id&action=toggle_visible&new_status=1" ); } else { $dsp_visible = Display::url( Display::return_icon('visible.png', get_lang('Hide')), - api_get_self().'?'.$cidReq - ."&lp_id=$id&action=toggle_visible&new_status=0" + api_get_self().'?'.$cidReq."&lp_id=$id&action=toggle_visible&new_status=0" ); } } // Tracking command - $trackingActionUrl = 'lp_controller.php?' - .$cidReq.'&' - .http_build_query(['action' => 'report', 'lp_id' => $id]); + $trackingActionUrl = 'lp_controller.php?'.$cidReq.'&'.http_build_query( + ['action' => 'report', 'lp_id' => $id] + ); $trackingAction = Display::url( Display::return_icon( @@ -597,17 +597,14 @@ foreach ($categories as $item) { * It is thus a mix betwenn multiple attempt and mono attempt */ if ($sessionId == $details['lp_session']) { - if ($details['seriousgame_mode'] == 1 - && $details['lp_prevent_reinit'] == 1 - ) { + if ($details['seriousgame_mode'] == 1 && $details['lp_prevent_reinit'] == 1) { // seriousgame mode | next = single $dsp_reinit = Display::url( Display::return_icon( 'reload.png', get_lang('PreventMultipleAttempts') ), - 'lp_controller.php?'.$cidReq - ."&action=switch_attempt_mode&lp_id=$id" + 'lp_controller.php?'.$cidReq."&action=switch_attempt_mode&lp_id=$id" ); } if ($details['seriousgame_mode'] == 0 && @@ -619,8 +616,7 @@ foreach ($categories as $item) { 'reload_na.png', get_lang('AllowMultipleAttempts') ), - 'lp_controller.php?'.$cidReq - ."&action=switch_attempt_mode&lp_id=$id" + 'lp_controller.php?'.$cidReq."&action=switch_attempt_mode&lp_id=$id" ); } if ($details['seriousgame_mode'] == 0 && @@ -632,8 +628,7 @@ foreach ($categories as $item) { 'reload.png', get_lang('AllowMultipleAttempts') ), - 'lp_controller.php?'.$cidReq - ."&action=switch_attempt_mode&lp_id=$id" + 'lp_controller.php?'.$cidReq."&action=switch_attempt_mode&lp_id=$id" ); } } else { @@ -652,9 +647,7 @@ foreach ($categories as $item) { 'view_fullscreen.png', get_lang('ViewModeFullScreen') ), - 'lp_controller.php?'.$cidReq - .'&action=switch_view_mode&lp_id='.$id - .$token_parameter + 'lp_controller.php?'.$cidReq.'&action=switch_view_mode&lp_id='.$id.$token_parameter ); break; case 'embedded': @@ -663,9 +656,7 @@ foreach ($categories as $item) { 'view_left_right.png', get_lang('ViewModeEmbedded') ), - 'lp_controller.php?'.$cidReq - .'&action=switch_view_mode&lp_id='.$id - .$token_parameter + 'lp_controller.php?'.$cidReq.'&action=switch_view_mode&lp_id='.$id.$token_parameter ); break; case 'embedframe': @@ -674,9 +665,7 @@ foreach ($categories as $item) { 'view_nofullscreen.png', get_lang('ViewModeEmbedFrame') ), - 'lp_controller.php?'.$cidReq - .'&action=switch_view_mode&lp_id='.$id - .$token_parameter + 'lp_controller.php?'.$cidReq.'&action=switch_view_mode&lp_id='.$id.$token_parameter ); break; case 'impress': @@ -685,9 +674,7 @@ foreach ($categories as $item) { 'window_list_slide.png', get_lang('ViewModeImpress') ), - 'lp_controller.php?'.$cidReq - .'&action=switch_view_mode&lp_id='.$id - .$token_parameter + 'lp_controller.php?'.$cidReq.'&action=switch_view_mode&lp_id='.$id.$token_parameter ); break; } @@ -730,15 +717,13 @@ foreach ($categories as $item) { if ($details['lp_type'] == 1) { $dsp_disk = Display::url( Display::return_icon('cd.png', get_lang('ExportShort')), - api_get_self()."?".$cidReq - ."&action=export&lp_id=$id" + api_get_self()."?$cidReq&action=export&lp_id=$id" ); } elseif ($details['lp_type'] == 2) { $dsp_disk = Display::url( Display::return_icon('cd.png', get_lang('ExportShort')), - api_get_self()."?".$cidReq - ."&action=export&lp_id=$id&export_name=" - .api_replace_dangerous_char($name).".zip" + api_get_self()."?$cidReq&action=export&lp_id=$id&export_name=" + .api_replace_dangerous_char($name).'.zip' ); } else { $dsp_disk = Display::return_icon( @@ -768,7 +753,7 @@ foreach ($categories as $item) { } /* Auto launch LP code */ - if (api_get_course_setting('enable_lp_auto_launch') == 1) { + if ($enableAutoLaunch == 1) { if ($details['autolaunch'] == 1 && $autolaunch_exists == false ) { @@ -778,8 +763,7 @@ foreach ($categories as $item) { 'launch.png', get_lang('DisableLPAutoLaunch') ), - api_get_self().'?'.$cidReq - ."&action=auto_launch&status=0&lp_id=$id" + api_get_self().'?'.$cidReq."&action=auto_launch&status=0&lp_id=$id" ); } else { $lp_auto_launch_icon = Display::url( @@ -787,8 +771,7 @@ foreach ($categories as $item) { 'launch_na.png', get_lang('EnableLPAutoLaunch') ), - api_get_self().'?'.$cidReq - ."&action=auto_launch&status=1&lp_id=$id" + api_get_self().'?'.$cidReq."&action=auto_launch&status=1&lp_id=$id" ); } } @@ -799,8 +782,7 @@ foreach ($categories as $item) { 'pdf.png', get_lang('ExportToPDFOnlyHTMLAndImages') ), - api_get_self().'?'.$cidReq - ."&action=export_to_pdf&lp_id=$id" + api_get_self().'?'.$cidReq."&action=export_to_pdf&lp_id=$id" ); /* Delete */ @@ -828,27 +810,23 @@ foreach ($categories as $item) { if ($details['lp_display_order'] == 1 && $max != 1) { $dsp_order .= Display::url( Display::return_icon('down.png', get_lang('MoveDown')), - "lp_controller.php?".$cidReq - ."&action=move_lp_down&lp_id=$id&category_id=$categoryId" + "lp_controller.php?$cidReq&action=move_lp_down&lp_id=$id&category_id=$categoryId" ); } elseif ($current == $max - 1 && $max != 1) { $dsp_order .= Display::url( Display::return_icon('up.png', get_lang('MoveUp')), - "lp_controller.php?".$cidReq - ."&action=move_lp_up&lp_id=$id&category_id=$categoryId" + "lp_controller.php?$cidReq&action=move_lp_up&lp_id=$id&category_id=$categoryId" ); } elseif ($max == 1) { $dsp_order = ''; } else { $dsp_order .= Display::url( Display::return_icon('down.png', get_lang('MoveDown')), - "lp_controller.php?".$cidReq - ."&action=move_lp_down&lp_id=$id&category_id=$categoryId" + "lp_controller.php?$cidReq&action=move_lp_down&lp_id=$id&category_id=$categoryId" ); $dsp_order .= Display::url( Display::return_icon('up.png', get_lang('MoveUp')), - "lp_controller.php?".$cidReq - ."&action=move_lp_up&lp_id=$id&category_id=$categoryId" + "lp_controller.php?$cidReq&action=move_lp_up&lp_id=$id&category_id=$categoryId" ); } } @@ -867,8 +845,7 @@ foreach ($categories as $item) { 'backup.png', get_lang('ExportToChamiloFormat') ), - api_get_self().'?'.$cidReq - ."&action=export_to_course_build&lp_id=$id" + api_get_self().'?'.$cidReq."&action=export_to_course_build&lp_id=$id" ); } @@ -910,8 +887,7 @@ foreach ($categories as $item) { // Student $export_icon = Display::url( Display::return_icon('pdf.png', get_lang('ExportToPDF')), - api_get_self().'?'.$cidReq - ."&action=export_to_pdf&lp_id=$id" + api_get_self().'?'.$cidReq."&action=export_to_pdf&lp_id=$id" ); } @@ -994,7 +970,7 @@ DocumentManager::removeGeneratedAudioTempFile(); $template = new Template($nameTools); $template->assign('subscription_settings', $subscriptionSettings); $template->assign('is_allowed_to_edit', $is_allowed_to_edit); -$template->assign('is_invitee', api_is_invitee()); +$template->assign('is_invitee', $isInvitee); $template->assign('is_ending', $ending); $template->assign('actions', $actions); $template->assign('categories', $categories);