Adding Question Manager role see BT#6042

main/admin/user_add.php

@@ -152,7 +152,7 @@ if (api_get_setting('login_is_email') != 'true') {
 $group = array();
 $auth_sources = 0; //make available wider as we need it in case of form reset (see below)
 $nb_ext_auth_source_added = 0;
-if (count($extAuthSource) > 0) {
+if (isset($extAuthSource) && count($extAuthSource) > 0) {
     $auth_sources = array();
     foreach ($extAuthSource as $key => $info) {
         // @todo : make uniform external authentification configuration (ex : cas and external_login ldap)
@@ -187,11 +187,7 @@ $group[] = $form->createElement(
 $form->addGroup($group, 'password', get_lang('Password'), '');
 
 // Status
-$status = array();
-$status[COURSEMANAGER] = get_lang('Teacher');
-$status[STUDENT] = get_lang('Learner');
-$status[DRH] = get_lang('Drh');
-$status[SESSIONADMIN] = get_lang('SessionsAdmin');
+$status = api_get_user_roles();
 
 $form->addElement(
     'select',

main/admin/user_edit.php

@@ -215,12 +215,8 @@ $group[] = $form->createElement(
 );
 $form->addGroup($group, 'password', null, '', false);
 
-// Status
-$status = array();
-$status[COURSEMANAGER] = get_lang('Teacher');
-$status[STUDENT] = get_lang('Learner');
-$status[DRH] = get_lang('Drh');
-$status[SESSIONADMIN] = get_lang('SessionsAdmin');
+// Status.
+$status = api_get_user_roles();
 
 $form->addElement(
     'select',

main/exercice/exercise_result.php

@@ -136,7 +136,7 @@ if ($objExercise->selectAttempts() > 0) {
     }
 }
 
-Display :: display_normal_message(get_lang('Saved').'<br />', false);
+Display::display_normal_message(get_lang('Saved').'<br />', false);
 
 // Display questions.
 ExerciseLib::display_question_list_by_attempt($objExercise, $exe_id, true);

main/exercice/exercise_submit.php

@@ -894,7 +894,7 @@ if ($objExercise->type == ONE_PER_PAGE) {
     }
 
     if (!empty($categoryList)) {
-        echo Display::progress_pagination_bar_with_categories($categoryList, $current_question, $conditions, $link);
+        echo Display::progress_pagination_bar_with_categories($categoryList, $media_questions, $current_question, $conditions, $link);
     } else {
         echo Display::progress_pagination_bar($questionList, $current_question, $conditions, $link);
     }

main/inc/lib/main_api.lib.php

@@ -15,7 +15,6 @@ use \ChamiloSession as Session;
  */
 // PHP version requirement.
 define('REQUIRED_PHP_VERSION', '5.3');
-
 define('REQUIRED_MIN_MEMORY_LIMIT',         '32');
 define('REQUIRED_MIN_UPLOAD_MAX_FILESIZE',  '10');
 define('REQUIRED_MIN_POST_MAX_SIZE',        '10');
@@ -23,20 +22,27 @@ define('REQUIRED_MIN_POST_MAX_SIZE',        '10');
 // USER STATUS CONSTANTS
 /** global status of a user: course manager */
 define('COURSEMANAGER', 1);
+define('TEACHER', 1);
+
+// status 2 ??
+
 /** global status of a user: session admin */
 define('SESSIONADMIN', 3);
+
 /** global status of a user: human ressource manager */
 define('DRH', 4);
+
 /** global status of a user: student */
 define('STUDENT', 5);
+
 /** global status of a user: human ressource manager */
 define('ANONYMOUS', 6);
+
 /** global status of a user: low security, necessary for inserting data from
  * the teacher through HTMLPurifier */
 define('COURSEMANAGERLOWSECURITY', 10);
-define('TEACHER', 1);
 
-//Soft user status
+// Soft user status
 define('PLATFORM_ADMIN', 11);
 define('SESSION_COURSE_COACH', 12);
 define('SESSION_GENERAL_COACH', 13);
@@ -44,6 +50,8 @@ define('COURSE_STUDENT', 14);   //student subscribed in a course
 define('SESSION_STUDENT', 15);  //student subscribed in a session course
 define('COURSE_TUTOR', 16); // student is tutor of a course (NOT in session)
 
+define('QUESTION_MANAGER', 17);
+
 // Table of status
 $_status_list[COURSEMANAGER]    = 'teacher';        // 1
 $_status_list[SESSIONADMIN]     = 'session_admin';  // 3
@@ -2192,10 +2200,15 @@ function api_is_platform_admin($allow_sessions_admins = false) {
     if (isset($_SESSION['is_platformAdmin']) && $_SESSION['is_platformAdmin']) {
         return true;
     }
-    global $_user;
+    $_user = api_get_user_info();
     return $allow_sessions_admins && isset($_user['status']) && $_user['status'] == SESSIONADMIN;
 }
 
+function api_is_question_manager() {
+    $_user = api_get_user_info();
+    return isset($_user['status']) && $_user['status'] == QUESTION_MANAGER;
+}
+
 /**
  * Checks whether the user given as user id is in the admin table.
  * @param int User ID. If none provided, will use current user
@@ -6905,4 +6918,21 @@ function api_get_web_default_course_document()
 }
 
 function load_translations($app) {
+
 }
+
+
+/**
+ * Get user roles
+ * @return array
+ */
+function api_get_user_roles() {
+    // Status
+    $status = array();
+    $status[COURSEMANAGER] = get_lang('Teacher');
+    $status[STUDENT] = get_lang('Learner');
+    $status[DRH] = get_lang('Drh');
+    $status[SESSIONADMIN] = get_lang('SessionsAdmin');
+    $status[QUESTION_MANAGER] = get_lang('QuestionManager');
+    return $status;
+}

main/inc/routes.php

@@ -362,6 +362,14 @@ $cleanCourseSession = function (Request $request) use ($app) {
     Session::erase('_course');
 };
 
+$adminAndQuestionManagerCondition = function (Request $request) use ($app) {
+    if (!(api_is_platform_admin() || api_is_question_manager())) {
+        $app->abort(401);
+    }
+    return null;
+};
+
+
 /**
  * Deletes the exam_password user extra field *only* to students
  * @todo improve the login hook system
@@ -472,10 +480,13 @@ $app->match('/data/upload/users/', 'index.controller:getUserFile', 'GET|POST')
 /** Admin  */
 $app->match('/admin/questions', 'admin.controller:questionsAction', 'GET|POST')
     ->assert('type', '.+')
+    ->before($adminAndQuestionManagerCondition)
     ->bind('admin_questions');
 
 $app->get('/admin/questions/get-categories/{id}', 'admin.controller:getCategoriesAction')
+    ->before($adminAndQuestionManagerCondition)
     ->bind('admin_get_categories');
 
 $app->get('/admin/questions/get-questions-by-category/{categoryId}', 'admin.controller:getQuestionsByCategoryAction')
+    ->before($adminAndQuestionManagerCondition)
     ->bind('admin_get_questions_by_category');