Improve function is_lp_visible_for_student see BT#15881

main/document/download_scorm.php

@@ -29,7 +29,7 @@ if (empty($obj)) {
 }
 
 // If is visible for the current user
-if (!learnpath::is_lp_visible_for_student($obj->get_id(), api_get_user_id())) {
+if (!learnpath::is_lp_visible_for_student($obj->get_id(), api_get_user_id(), $_course)) {
     api_not_allowed();
 }
 

main/inc/lib/course_home.lib.php

@@ -140,7 +140,7 @@ class CourseHome
                     !learnpath::is_lp_visible_for_student(
                         $lpId,
                         api_get_user_id(),
-                        api_get_course_id(),
+                        api_get_course_info(),
                         api_get_session_id()
                     )
                 ) {
@@ -352,7 +352,7 @@ class CourseHome
                         !learnpath::is_lp_visible_for_student(
                             $lpId,
                             api_get_user_id(),
-                            api_get_course_id(),
+                            api_get_course_info(),
                             api_get_session_id()
                         )
                     ) {
@@ -679,7 +679,7 @@ class CourseHome
                         $add = learnpath::is_lp_visible_for_student(
                             $lpId,
                             $userId,
-                            $courseInfo['code'],
+                            $courseInfo,
                             $sessionId
                         );
                     }
@@ -868,7 +868,7 @@ class CourseHome
                         !learnpath::is_lp_visible_for_student(
                             $lpId,
                             api_get_user_id(),
-                            api_get_course_id(),
+                            api_get_course_info(),
                             api_get_session_id()
                         )
                     ) {

main/inc/lib/display.lib.php

@@ -1725,7 +1725,7 @@ class Display
             }
 
             if ($notification['tool'] == TOOL_LEARNPATH) {
-                if (!learnpath::is_lp_visible_for_student($notification['ref'], $user_id, $course_code)) {
+                if (!learnpath::is_lp_visible_for_student($notification['ref'], $user_id, $courseInfo)) {
                     continue;
                 }
             }

main/inc/lib/groupmanager.lib.php

@@ -2233,16 +2233,18 @@ class GroupManager
      * Get all groups where a specific user is subscribed.
      *
      * @param int $user_id
+     * @param int $courseId
      *
      * @return array
      */
-    public static function getAllGroupPerUserSubscription($user_id)
+    public static function getAllGroupPerUserSubscription($user_id, $courseId = 0)
     {
         $table_group_user = Database::get_course_table(TABLE_GROUP_USER);
         $table_tutor_user = Database::get_course_table(TABLE_GROUP_TUTOR);
         $table_group = Database::get_course_table(TABLE_GROUP);
-        $user_id = intval($user_id);
-        $course_id = api_get_course_int_id();
+        $user_id = (int) $user_id;
+        $courseId = empty($courseId) ? api_get_course_int_id() : (int) $courseId;
+
         $sql = "SELECT DISTINCT g.*
                FROM $table_group g
                LEFT JOIN $table_group_user gu
@@ -2250,7 +2252,7 @@ class GroupManager
                LEFT JOIN $table_tutor_user tu
                ON (tu.group_id = g.iid AND g.c_id = tu.c_id)
                WHERE
-                  g.c_id = $course_id AND
+                  g.c_id = $courseId AND
                   (gu.user_id = $user_id OR tu.user_id = $user_id) ";
         $res = Database::query($sql);
         $groups = [];

main/inc/lib/webservices/Rest.php

@@ -760,7 +760,7 @@ class Rest extends WebService
                 if (!learnpath::is_lp_visible_for_student(
                     $lpId,
                     $this->user->getId(),
-                    $this->course->getCode(),
+                    api_get_course_info($this->course->getCode()),
                     $sessionId
                 )) {
                     continue;

main/lp/download.php

@@ -14,6 +14,7 @@ $this_section = SECTION_COURSES;
 
 // Protection
 api_protect_course_script();
+$_course = api_get_course_info();
 
 if (!isset($_course)) {
     api_not_allowed(true);

main/lp/learnpath.class.php

@@ -2493,7 +2493,7 @@ class learnpath
      *
      * @param int   $lp_id
      * @param int   $student_id
-     * @param null $courseCode
+     * @param array $courseInfo
      * @param int   $sessionId
      *
      * @return bool
@@ -2501,10 +2501,10 @@ class learnpath
     public static function is_lp_visible_for_student(
         $lp_id,
         $student_id,
-        $courseCode = null,
+        $courseInfo = [],
         $sessionId = 0
     ) {
-        $courseInfo = api_get_course_info($courseCode);
+        $courseInfo = empty($courseInfo) ? api_get_course_info() : $courseInfo;
         $lp_id = (int) $lp_id;
         $sessionId = (int) $sessionId;
 
@@ -2516,8 +2516,10 @@ class learnpath
             $sessionId = api_get_session_id();
         }
 
+        $courseId = $courseInfo['real_id'];
+
         $itemInfo = api_get_item_property_info(
-            $courseInfo['real_id'],
+            $courseId,
             TOOL_LEARNPATH,
             $lp_id,
             $sessionId
@@ -2599,7 +2601,7 @@ class learnpath
                     if ($userVisibility == 1) {
                         $is_visible = true;
                     } else {
-                        $userGroups = GroupManager::getAllGroupPerUserSubscription($student_id);
+                        $userGroups = GroupManager::getAllGroupPerUserSubscription($student_id, $courseId);
                         if (!empty($userGroups)) {
                             foreach ($userGroups as $groupInfo) {
                                 $groupId = $groupInfo['iid'];

main/lp/learnpathList.class.php

@@ -152,7 +152,7 @@ class LearnpathList
                     $lpVisibility = learnpath::is_lp_visible_for_student(
                         $row->getId(),
                         $user_id,
-                        $course_code
+                        $course_info
                     );
                     if ($lpVisibility === false) {
                         continue;

main/lp/lp_controller.php

@@ -895,7 +895,7 @@ switch ($action) {
 
         // Teachers can export to PDF
         if (!$is_allowed_to_edit) {
-            if (!learnpath::is_lp_visible_for_student($_SESSION['oLP']->lp_id, api_get_user_id())) {
+            if (!learnpath::is_lp_visible_for_student($_SESSION['oLP']->lp_id, api_get_user_id(), $_course)) {
                 api_not_allowed();
             }
         }

main/lp/lp_impress.php

@@ -19,7 +19,7 @@ $lp_id = intval($_GET['lp_id']);
 
 // Check if the learning path is visible for student - (LP requisites)
 if (!api_is_allowed_to_edit(null, true) &&
-    !learnpath::is_lp_visible_for_student($lp_id, api_get_user_id())
+    !learnpath::is_lp_visible_for_student($lp_id, api_get_user_id(), api_get_course_info())
 ) {
     api_not_allowed();
 }

main/lp/lp_list.php

@@ -189,6 +189,8 @@ $courseSettingsDisableIcon = Display::return_icon(
     get_lang('CourseSettings')
 );
 
+$enableAutoLaunch = api_get_course_setting('enable_lp_auto_launch');
+
 $data = [];
 /** @var CLpCategory $item */
 foreach ($categories as $item) {
@@ -261,20 +263,20 @@ foreach ($categories as $item) {
                 continue;
             }
 
-            $lpVisibility = learnpath::is_lp_visible_for_student($id, $userId);
+            $lpVisibility = learnpath::is_lp_visible_for_student($id, $userId, $courseInfo);
+
+            // Check if the learnpath is visible for student.
+            if (!$is_allowed_to_edit) {
                 $isBlocked = learnpath::isBlockedByPrerequisite(
                     $userId,
                     $details['prerequisite'],
                     $courseInfo,
                     api_get_session_id()
                 );
-
-            // Check if the learnpath is visible for student.
-            if (!$is_allowed_to_edit && $lpVisibility === false
-                && ($isBlocked && $showBlockedPrerequisite === false)
-            ) {
+                if ($lpVisibility === false && $isBlocked && $showBlockedPrerequisite === false) {
                     continue;
                 }
+            }
 
             $start_time = $end_time = '';
             if (!$is_allowed_to_edit) {
@@ -537,22 +539,20 @@ foreach ($categories as $item) {
                                 'invisible.png',
                                 get_lang('Show')
                             ),
-                            api_get_self().'?'.$cidReq
-                                ."&lp_id=$id&action=toggle_visible&new_status=1"
+                            api_get_self().'?'.$cidReq."&lp_id=$id&action=toggle_visible&new_status=1"
                         );
                     } else {
                         $dsp_visible = Display::url(
                             Display::return_icon('visible.png', get_lang('Hide')),
-                            api_get_self().'?'.$cidReq
-                                ."&lp_id=$id&action=toggle_visible&new_status=0"
+                            api_get_self().'?'.$cidReq."&lp_id=$id&action=toggle_visible&new_status=0"
                         );
                     }
                 }
 
                 // Tracking command
-                $trackingActionUrl = 'lp_controller.php?'
-                    .$cidReq.'&'
-                    .http_build_query(['action' => 'report', 'lp_id' => $id]);
+                $trackingActionUrl = 'lp_controller.php?'.$cidReq.'&'.http_build_query(
+                    ['action' => 'report', 'lp_id' => $id]
+                );
 
                 $trackingAction = Display::url(
                     Display::return_icon(
@@ -597,17 +597,14 @@ foreach ($categories as $item) {
                  * It is thus a mix betwenn multiple attempt and mono attempt
                  */
                 if ($sessionId == $details['lp_session']) {
-                    if ($details['seriousgame_mode'] == 1
-                        && $details['lp_prevent_reinit'] == 1
-                    ) {
+                    if ($details['seriousgame_mode'] == 1 && $details['lp_prevent_reinit'] == 1) {
                         // seriousgame mode | next = single
                         $dsp_reinit = Display::url(
                             Display::return_icon(
                                 'reload.png',
                                 get_lang('PreventMultipleAttempts')
                             ),
-                            'lp_controller.php?'.$cidReq
-                                ."&action=switch_attempt_mode&lp_id=$id"
+                            'lp_controller.php?'.$cidReq."&action=switch_attempt_mode&lp_id=$id"
                         );
                     }
                     if ($details['seriousgame_mode'] == 0 &&
@@ -619,8 +616,7 @@ foreach ($categories as $item) {
                                 'reload_na.png',
                                 get_lang('AllowMultipleAttempts')
                             ),
-                            'lp_controller.php?'.$cidReq
-                                ."&action=switch_attempt_mode&lp_id=$id"
+                            'lp_controller.php?'.$cidReq."&action=switch_attempt_mode&lp_id=$id"
                         );
                     }
                     if ($details['seriousgame_mode'] == 0 &&
@@ -632,8 +628,7 @@ foreach ($categories as $item) {
                                 'reload.png',
                                 get_lang('AllowMultipleAttempts')
                             ),
-                            'lp_controller.php?'.$cidReq
-                                ."&action=switch_attempt_mode&lp_id=$id"
+                            'lp_controller.php?'.$cidReq."&action=switch_attempt_mode&lp_id=$id"
                         );
                     }
                 } else {
@@ -652,9 +647,7 @@ foreach ($categories as $item) {
                                     'view_fullscreen.png',
                                     get_lang('ViewModeFullScreen')
                                 ),
-                                'lp_controller.php?'.$cidReq
-                                    .'&action=switch_view_mode&lp_id='.$id
-                                    .$token_parameter
+                                'lp_controller.php?'.$cidReq.'&action=switch_view_mode&lp_id='.$id.$token_parameter
                             );
                             break;
                         case 'embedded':
@@ -663,9 +656,7 @@ foreach ($categories as $item) {
                                     'view_left_right.png',
                                     get_lang('ViewModeEmbedded')
                                 ),
-                                'lp_controller.php?'.$cidReq
-                                    .'&action=switch_view_mode&lp_id='.$id
-                                    .$token_parameter
+                                'lp_controller.php?'.$cidReq.'&action=switch_view_mode&lp_id='.$id.$token_parameter
                             );
                             break;
                         case 'embedframe':
@@ -674,9 +665,7 @@ foreach ($categories as $item) {
                                     'view_nofullscreen.png',
                                     get_lang('ViewModeEmbedFrame')
                                 ),
-                                'lp_controller.php?'.$cidReq
-                                    .'&action=switch_view_mode&lp_id='.$id
-                                    .$token_parameter
+                                'lp_controller.php?'.$cidReq.'&action=switch_view_mode&lp_id='.$id.$token_parameter
                             );
                             break;
                         case 'impress':
@@ -685,9 +674,7 @@ foreach ($categories as $item) {
                                     'window_list_slide.png',
                                     get_lang('ViewModeImpress')
                                 ),
-                                'lp_controller.php?'.$cidReq
-                                    .'&action=switch_view_mode&lp_id='.$id
-                                    .$token_parameter
+                                'lp_controller.php?'.$cidReq.'&action=switch_view_mode&lp_id='.$id.$token_parameter
                             );
                             break;
                     }
@@ -730,15 +717,13 @@ foreach ($categories as $item) {
                 if ($details['lp_type'] == 1) {
                     $dsp_disk = Display::url(
                         Display::return_icon('cd.png', get_lang('ExportShort')),
-                        api_get_self()."?".$cidReq
-                            ."&action=export&lp_id=$id"
+                        api_get_self()."?$cidReq&action=export&lp_id=$id"
                     );
                 } elseif ($details['lp_type'] == 2) {
                     $dsp_disk = Display::url(
                         Display::return_icon('cd.png', get_lang('ExportShort')),
-                        api_get_self()."?".$cidReq
-                            ."&action=export&lp_id=$id&export_name="
-                            .api_replace_dangerous_char($name).".zip"
+                        api_get_self()."?$cidReq&action=export&lp_id=$id&export_name="
+                            .api_replace_dangerous_char($name).'.zip'
                     );
                 } else {
                     $dsp_disk = Display::return_icon(
@@ -768,7 +753,7 @@ foreach ($categories as $item) {
                 }
 
                 /* Auto launch LP code */
-                if (api_get_course_setting('enable_lp_auto_launch') == 1) {
+                if ($enableAutoLaunch == 1) {
                     if ($details['autolaunch'] == 1 &&
                         $autolaunch_exists == false
                     ) {
@@ -778,8 +763,7 @@ foreach ($categories as $item) {
                                 'launch.png',
                                 get_lang('DisableLPAutoLaunch')
                             ),
-                            api_get_self().'?'.$cidReq
-                            ."&action=auto_launch&status=0&lp_id=$id"
+                            api_get_self().'?'.$cidReq."&action=auto_launch&status=0&lp_id=$id"
                         );
                     } else {
                         $lp_auto_launch_icon = Display::url(
@@ -787,8 +771,7 @@ foreach ($categories as $item) {
                                 'launch_na.png',
                                 get_lang('EnableLPAutoLaunch')
                             ),
-                            api_get_self().'?'.$cidReq
-                            ."&action=auto_launch&status=1&lp_id=$id"
+                            api_get_self().'?'.$cidReq."&action=auto_launch&status=1&lp_id=$id"
                         );
                     }
                 }
@@ -799,8 +782,7 @@ foreach ($categories as $item) {
                         'pdf.png',
                         get_lang('ExportToPDFOnlyHTMLAndImages')
                     ),
-                    api_get_self().'?'.$cidReq
-                    ."&action=export_to_pdf&lp_id=$id"
+                    api_get_self().'?'.$cidReq."&action=export_to_pdf&lp_id=$id"
                 );
 
                 /* Delete */
@@ -828,27 +810,23 @@ foreach ($categories as $item) {
                     if ($details['lp_display_order'] == 1 && $max != 1) {
                         $dsp_order .= Display::url(
                             Display::return_icon('down.png', get_lang('MoveDown')),
-                            "lp_controller.php?".$cidReq
-                                ."&action=move_lp_down&lp_id=$id&category_id=$categoryId"
+                            "lp_controller.php?$cidReq&action=move_lp_down&lp_id=$id&category_id=$categoryId"
                         );
                     } elseif ($current == $max - 1 && $max != 1) {
                         $dsp_order .= Display::url(
                             Display::return_icon('up.png', get_lang('MoveUp')),
-                            "lp_controller.php?".$cidReq
-                                ."&action=move_lp_up&lp_id=$id&category_id=$categoryId"
+                            "lp_controller.php?$cidReq&action=move_lp_up&lp_id=$id&category_id=$categoryId"
                         );
                     } elseif ($max == 1) {
                         $dsp_order = '';
                     } else {
                         $dsp_order .= Display::url(
                             Display::return_icon('down.png', get_lang('MoveDown')),
-                            "lp_controller.php?".$cidReq
-                                ."&action=move_lp_down&lp_id=$id&category_id=$categoryId"
+                            "lp_controller.php?$cidReq&action=move_lp_down&lp_id=$id&category_id=$categoryId"
                         );
                         $dsp_order .= Display::url(
                             Display::return_icon('up.png', get_lang('MoveUp')),
-                            "lp_controller.php?".$cidReq
-                                ."&action=move_lp_up&lp_id=$id&category_id=$categoryId"
+                            "lp_controller.php?$cidReq&action=move_lp_up&lp_id=$id&category_id=$categoryId"
                         );
                     }
                 }
@@ -867,8 +845,7 @@ foreach ($categories as $item) {
                             'backup.png',
                             get_lang('ExportToChamiloFormat')
                         ),
-                        api_get_self().'?'.$cidReq
-                        ."&action=export_to_course_build&lp_id=$id"
+                        api_get_self().'?'.$cidReq."&action=export_to_course_build&lp_id=$id"
                     );
                 }
 
@@ -910,8 +887,7 @@ foreach ($categories as $item) {
                 // Student
                 $export_icon = Display::url(
                     Display::return_icon('pdf.png', get_lang('ExportToPDF')),
-                    api_get_self().'?'.$cidReq
-                        ."&action=export_to_pdf&lp_id=$id"
+                    api_get_self().'?'.$cidReq."&action=export_to_pdf&lp_id=$id"
                 );
             }
 
@@ -994,7 +970,7 @@ DocumentManager::removeGeneratedAudioTempFile();
 $template = new Template($nameTools);
 $template->assign('subscription_settings', $subscriptionSettings);
 $template->assign('is_allowed_to_edit', $is_allowed_to_edit);
-$template->assign('is_invitee', api_is_invitee());
+$template->assign('is_invitee', $isInvitee);
 $template->assign('is_ending', $ending);
 $template->assign('actions', $actions);
 $template->assign('categories', $categories);