From 60d7df3b7a2d3b60b47ad9eaeb28c0f716201482 Mon Sep 17 00:00:00 2001 From: christian Date: Fri, 13 Oct 2023 22:39:01 -0500 Subject: [PATCH] Forum: Fix visibility of forum in session course - BT#21044 --- public/main/forum/editpost.php | 6 +++--- public/main/forum/editthread.php | 2 +- public/main/forum/forumfunction.inc.php | 6 +++--- public/main/forum/forumqualify.php | 2 +- public/main/forum/iframe_thread.php | 6 +++--- public/main/forum/index.php | 4 ++-- public/main/forum/newthread.php | 6 +++--- public/main/forum/reply.php | 8 ++++---- public/main/forum/viewforum.php | 12 ++++++------ public/main/forum/viewthread.php | 6 +++--- src/CoreBundle/Entity/AbstractResource.php | 14 +++++++++++--- 11 files changed, 40 insertions(+), 32 deletions(-) diff --git a/public/main/forum/editpost.php b/public/main/forum/editpost.php index 6dc51403ae..a79480383d 100644 --- a/public/main/forum/editpost.php +++ b/public/main/forum/editpost.php @@ -122,8 +122,8 @@ $post = $postRepo->find($_GET['post']); $courseEntity = api_get_course_entity(); $sessionEntity = api_get_session_entity(); -$forumIsVisible = $forum->isVisible($courseEntity, $sessionEntity); -$categoryIsVisible = $category->isVisible($courseEntity, $sessionEntity); +$forumIsVisible = $forum->isVisible($courseEntity); +$categoryIsVisible = $category->isVisible($courseEntity); if (empty($post)) { api_not_allowed(true); @@ -208,7 +208,7 @@ JS; // 4. if editing of replies is not allowed // The only exception is the course manager // I have split this is several pieces for clarity. -if (!api_is_allowed_to_edit(null, true) && +if (!api_is_allowed_to_create_course() && ( (false === $categoryIsVisible) || false === $forumIsVisible diff --git a/public/main/forum/editthread.php b/public/main/forum/editthread.php index 49d6de01b2..53ef5d7080 100644 --- a/public/main/forum/editthread.php +++ b/public/main/forum/editthread.php @@ -93,7 +93,7 @@ $sessionEntity = api_get_session_entity(); //$forumIsVisible = $forum->isVisible($courseEntity, $sessionEntity); $category = $forum->getForumCategory(); -$categoryIsVisible = $category->isVisible($courseEntity, $sessionEntity); +$categoryIsVisible = $category->isVisible($courseEntity); if (api_is_in_gradebook()) { $interbreadcrumb[] = [ diff --git a/public/main/forum/forumfunction.inc.php b/public/main/forum/forumfunction.inc.php index 4ae8adcc6f..99f5f2a2b8 100644 --- a/public/main/forum/forumfunction.inc.php +++ b/public/main/forum/forumfunction.inc.php @@ -3291,9 +3291,9 @@ function send_notification_mails(CForum $forum, CForumThread $thread, $reply_inf } $send_mails = false; - if ($thread->isVisible($courseEntity, $sessionEntity) && - $forum->isVisible($courseEntity, $sessionEntity) && - ($current_forum_category && $forum->getForumCategory()->isVisible($courseEntity, $sessionEntity)) && + if ($thread->isVisible($courseEntity) && + $forum->isVisible($courseEntity) && + ($current_forum_category && $forum->getForumCategory()->isVisible($courseEntity)) && '1' != $forum->getApprovalDirectPost() ) { $send_mails = true; diff --git a/public/main/forum/forumqualify.php b/public/main/forum/forumqualify.php index 884d4b2efa..476e238fa5 100644 --- a/public/main/forum/forumqualify.php +++ b/public/main/forum/forumqualify.php @@ -95,7 +95,7 @@ $allowToQualify = false; if ($allowed_to_edit) { $allowToQualify = true; } else { - $allowToQualify = $threadEntity->isThreadPeerQualify() && $forumEntity->isVisible($course, $session) && $userIdToQualify != $currentUserId; + $allowToQualify = $threadEntity->isThreadPeerQualify() && $forumEntity->isVisible($course) && $userIdToQualify != $currentUserId; } if (!$allowToQualify) { diff --git a/public/main/forum/iframe_thread.php b/public/main/forum/iframe_thread.php index cf5b5adac1..182041a561 100644 --- a/public/main/forum/iframe_thread.php +++ b/public/main/forum/iframe_thread.php @@ -53,9 +53,9 @@ $sessionEntity = api_get_session_entity(api_get_session_id()); /* Is the user allowed here? */ // if the user is not a course administrator and the forum is hidden // then the user is not allowed here. -if (!api_is_allowed_to_edit(false, true) && - (false == $forumEntity->isVisible($courseEntity, $sessionEntity) || - false == $threadEntity->isVisible($courseEntity, $sessionEntity) +if (!api_is_allowed_to_create_course() && + (false == $forumEntity->isVisible($courseEntity) || + false == $threadEntity->isVisible($courseEntity) ) ) { api_not_allowed(false); diff --git a/public/main/forum/index.php b/public/main/forum/index.php index 9d3491e39a..f944a4ec3f 100644 --- a/public/main/forum/index.php +++ b/public/main/forum/index.php @@ -338,7 +338,7 @@ if (is_array($forumCategories)) { $tools = null; $forumCategoryInfo['url'] = 'index.php?'.api_get_cidreq().'&forumcategory='.$categoryId; - $visibility = $forumCategory->isVisible($courseEntity, $sessionEntity); + $visibility = $forumCategory->isVisible($courseEntity); if (!empty($categoryId)) { if (api_is_allowed_to_edit(false, true) && @@ -454,7 +454,7 @@ if (is_array($forumCategories)) { } $groupId = $forum->getForumOfGroup(); - $forumInfo['visibility'] = $forumVisibility = $forum->isVisible($courseEntity, $sessionEntity); + $forumInfo['visibility'] = $forumVisibility = $forum->isVisible($courseEntity); /*$forumInfo['number_threads'] = isset($forum['number_of_threads']) ? (int) $forum['number_of_threads'] : 0;*/ diff --git a/public/main/forum/newthread.php b/public/main/forum/newthread.php index ae200a6dc4..02fa7a79cf 100644 --- a/public/main/forum/newthread.php +++ b/public/main/forum/newthread.php @@ -122,8 +122,8 @@ if (api_is_in_gradebook()) { // 1. the forumcategory or forum is invisible (visibility==0) and the user is not a course manager if (!api_is_allowed_to_create_course() && //is a student ( - ($current_forum_category && false == $current_forum_category->isVisible($courseEntity, $sessionEntity)) || - false == $current_forum_category->isVisible($courseEntity, $sessionEntity) + ($current_forum_category && false == $current_forum_category->isVisible($courseEntity)) || + false == $current_forum_category->isVisible($courseEntity) ) ) { api_not_allowed(true); @@ -131,7 +131,7 @@ if (!api_is_allowed_to_create_course() && //is a student // 2. the forumcategory or forum is locked (locked <>0) and the user is not a course manager if (!api_is_allowed_to_edit(false, true) && - (($current_forum_category->isVisible($courseEntity, $sessionEntity) && + (($current_forum_category->isVisible($courseEntity) && 0 != $current_forum_category->getLocked()) || 0 != $forumEntity->getLocked()) ) { api_not_allowed(); diff --git a/public/main/forum/reply.php b/public/main/forum/reply.php index 2b7a0abaf4..b7d1a92dae 100644 --- a/public/main/forum/reply.php +++ b/public/main/forum/reply.php @@ -111,9 +111,9 @@ $current_forum_category = $forum->getForumCategory(); // 3. if anonymous posts are not allowed // The only exception is the course manager // I have split this is several pieces for clarity. -if (!api_is_allowed_to_edit(false, true) && - (($current_forum_category && !$current_forum_category->isVisible($courseEntity, $sessionEntity)) || - !$forum->isVisible($courseEntity, $sessionEntity)) +if (!api_is_allowed_to_create_course() && + (($current_forum_category && !$current_forum_category->isVisible($courseEntity)) || + !$forum->isVisible($courseEntity)) ) { api_not_allowed(true); } @@ -259,7 +259,7 @@ echo '

'; echo Display::url( prepare4display($forum->getForumTitle()), 'viewforum.php?'.api_get_cidreq().'&'.http_build_query(['forum' => $forumId]), - ['class' => empty($forum->isVisible($courseEntity, $sessionEntity)) ? 'text-muted' : null] + ['class' => empty($forum->isVisible($courseEntity)) ? 'text-muted' : null] ); echo '

'; echo '

'.prepare4display($forum->getForumComment()).'

'; diff --git a/public/main/forum/viewforum.php b/public/main/forum/viewforum.php index ab15352efc..cee02ee991 100644 --- a/public/main/forum/viewforum.php +++ b/public/main/forum/viewforum.php @@ -106,8 +106,8 @@ if (!empty($groupId)) { // Course if (!api_is_allowed_to_create_course() && //is a student ( - ($category && false == $category->isVisible($courseEntity, $sessionEntity)) || - !$category->isVisible($courseEntity, $sessionEntity) + ($category && false == $category->isVisible($courseEntity)) || + !$category->isVisible($courseEntity) ) ) { api_not_allowed(true); @@ -116,8 +116,8 @@ if (!empty($groupId)) { // Course if (!api_is_allowed_to_create_course() && //is a student ( - ($category && false == $category->isVisible($courseEntity, $sessionEntity)) || - !$category->isVisible($courseEntity, $sessionEntity) + ($category && false == $category->isVisible($courseEntity)) || + !$category->isVisible($courseEntity) ) ) { api_not_allowed(true); @@ -362,7 +362,7 @@ if (is_array($threads)) { $threadId = $thread->getIid(); // Thread who have no replies yet and the only post is invisible should not be displayed to students. if (api_is_allowed_to_edit(false, true) || - !('0' == $thread->getThreadReplies() && '0' == $thread->isVisible($courseEntity, $sessionEntity)) + !('0' == $thread->getThreadReplies() && '0' == $thread->isVisible($courseEntity)) ) { $title = 'getIid(), - $thread->isVisible($courseEntity, $sessionEntity), + $thread->isVisible($courseEntity), [ 'forum' => $forumId, 'gid' => $groupId, diff --git a/public/main/forum/viewthread.php b/public/main/forum/viewthread.php index 7aaf4f69ce..15728c761b 100644 --- a/public/main/forum/viewthread.php +++ b/public/main/forum/viewthread.php @@ -278,8 +278,8 @@ if (!empty($groupId)) { // then the user is not allowed here. if (!api_is_allowed_to_create_course() && ( - !$forumEntity->isVisible($courseEntity, $sessionEntity) || - !$threadEntity->isVisible($courseEntity, $sessionEntity) + !$forumEntity->isVisible($courseEntity) || + !$threadEntity->isVisible($courseEntity) ) ) { api_not_allowed(); @@ -712,7 +712,7 @@ $template->assign('posts', $postList); $formToString = ''; $showForm = true; if (!api_is_allowed_to_edit(false, true) && - (($current_forum_category && 0 == !$current_forum_category->isVisible($courseEntity, $sessionEntity)) || !$forumEntity->isVisible($courseEntity, $sessionEntity)) + (($current_forum_category && 0 == !$current_forum_category->isVisible($courseEntity)) || !$forumEntity->isVisible($courseEntity)) ) { $showForm = false; } diff --git a/src/CoreBundle/Entity/AbstractResource.php b/src/CoreBundle/Entity/AbstractResource.php index bbc6f5da49..182f2239e9 100644 --- a/src/CoreBundle/Entity/AbstractResource.php +++ b/src/CoreBundle/Entity/AbstractResource.php @@ -461,10 +461,18 @@ abstract class AbstractResource $found = false; $link = null; foreach ($links as $link) { - if ($link->getCourse() === $course && $link->getSession() === $session) { - $found = true; + if ($session) { + if ($link->getCourse() === $course && $link->getSession() === $session) { + $found = true; - break; + break; + } + } else { + if ($link->getCourse() === $course) { + $found = true; + + break; + } } }