From 266634300d0ece8a41108952b2fd9fc6f731e36b Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Mon, 13 Apr 2015 17:03:23 -0500
Subject: [PATCH 01/10] List session from students in groups for admin group -
 refs BT#9442

---
 main/gradebook/certificate_report.php |  5 ++
 main/inc/lib/sessionmanager.lib.php   | 86 +++++++++++++++++++++++++++
 2 files changed, 91 insertions(+)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index e82fe6adc3..ef2fa0e8be 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -26,7 +26,12 @@ $selectedMonth = isset($_POST['month']) && !empty($_POST['month']) ? intval($_PO
 $selectedYear = isset($_POST['year']) && !empty($_POST['year']) ? $_POST['year'] : null;
 
 $userId = api_get_user_id();
+
+if (api_is_student_boss()) {
+    $sessions = SessionManager::getSessionsFollowedForGroupAdmin($userId);
+} else {
 $sessions = SessionManager::getSessionsCoachedByUser($userId);
+}
 
 if ($selectedSession > 0) {
     if (!SessionManager::isValidId($selectedSession)) {
diff --git a/main/inc/lib/sessionmanager.lib.php b/main/inc/lib/sessionmanager.lib.php
index 9f1660f687..8f73d45aca 100755
--- a/main/inc/lib/sessionmanager.lib.php
+++ b/main/inc/lib/sessionmanager.lib.php
@@ -5952,4 +5952,90 @@ class SessionManager
 
         return false;
     }
+
+    /**
+     * Get list of sessions based on users of a group for a group admin
+     * @param int $userId The user id
+     * @return array
+     */
+    public static function getSessionsFollowedForGroupAdmin($userId)
+    {
+        $sessionList = array();
+
+        $sessionTable = Database::get_main_table(TABLE_MAIN_SESSION);
+        $sessionUserTable = Database::get_main_table(TABLE_MAIN_SESSION_USER);
+
+        $groups = GroupPortalManager::get_groups_by_user($userId, GROUP_USER_PERMISSION_ADMIN);
+
+        $groupsId = array_keys($groups);
+        $subgroupsId = [];
+        $userIdList = [];
+
+        foreach ($groupsId as $groupId) {
+            $subgroupsId = array_merge($subgroupsId, GroupPortalManager::getGroupsByDepthLevel($groupId));
+        }
+
+        $groupsId = array_merge($groupsId, $subgroupsId);
+
+        $groupsId = array_unique($groupsId);
+
+        if (empty($groupsId)) {
+            return [];
+        }
+
+        foreach ($groupsId as $groupId) {
+            $groupUsers = GroupPortalManager::get_users_by_group($groupId);
+
+            if (empty($groupUsers)) {
+                continue;
+            }
+
+            foreach ($groupUsers as $member) {
+                if ($member['user_id'] == $userId ) {
+                    continue;
+                }
+
+                $userIdList[] = intval($member['user_id']);
+            }
+        }
+
+        $userIdList = array_unique($userIdList);
+
+        if (empty($userIdList)) {
+            return [];
+        }
+
+        $sql = "SELECT DISTINCT s.* "
+            . "FROM $sessionTable s "
+            . "INNER JOIN $sessionUserTable sru ON s.id = sru.id_session "
+            . "WHERE ( "
+            . "sru.id_user IN (" . implode(', ', $userIdList) . ") "
+            . "AND sru.relation_type = 0"
+            . ")";
+
+        if (api_is_multiple_url_enabled()) {
+            $sessionAccessUrlTable = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
+            $accessUrlId = api_get_current_access_url_id();
+
+            if ($accessUrlId != -1) {
+                $sql = "SELECT DISTINCT s.* "
+                    . "FROM $sessionTable s "
+                    . "INNER JOIN $sessionUserTable sru ON s.id = sru.id_session "
+                    . "INNER JOIN $sessionAccessUrlTable srau ON s.id = srau.session_id "
+                    . "WHERE srau.access_url_id = $accessUrlId "
+                    . "AND ( "
+                    . "sru.id_user IN (" . implode(', ', $userIdList) . ") "
+                    . "AND sru.relation_type = 0"
+                    . ")";
+            }
+        }
+
+        $result = Database::query($sql);
+
+        while ($row = Database::fetch_assoc($result)) {
+            $sessionList[] = $row;
+        }
+
+        return $sessionList;
+    }
 }

From 19e016dc12e7d69d7081ae5267daebcf3ea8253c Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 09:04:44 -0500
Subject: [PATCH 02/10] Use FormValidator in report filter - refs BT#9442

---
 main/gradebook/certificate_report.php         | 60 +++++++++++++------
 .../default/gradebook/certificate_report.tpl  | 52 ++--------------
 2 files changed, 49 insertions(+), 63 deletions(-)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index ef2fa0e8be..9b012a3b95 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -27,10 +27,16 @@ $selectedYear = isset($_POST['year']) && !empty($_POST['year']) ? $_POST['year']
 
 $userId = api_get_user_id();
 
+$sessions = $courses = $months = [0 => get_lang('Select')];
+
 if (api_is_student_boss()) {
-    $sessions = SessionManager::getSessionsFollowedForGroupAdmin($userId);
+    $sessionsList = SessionManager::getSessionsFollowedForGroupAdmin($userId);
 } else {
-$sessions = SessionManager::getSessionsCoachedByUser($userId);
+$sessionsList = SessionManager::getSessionsCoachedByUser($userId);
+}
+
+foreach ($sessionsList as $session) {
+    $sessions[$session['id']] = $session['name'];
 }
 
 if ($selectedSession > 0) {
@@ -41,18 +47,18 @@ if ($selectedSession > 0) {
         exit;
     }
 
-    $courses = SessionManager::get_course_list_by_session_id($selectedSession);
+    $coursesList = SessionManager::get_course_list_by_session_id($selectedSession);
 
-    if (is_array($courses)) {
-        foreach ($courses as &$course) {
+    if (is_array($coursesList)) {
+        foreach ($coursesList as &$course) {
             $course['real_id'] = $course['id'];
         }
     }
 } else {
-    $courses = CourseManager::get_courses_list_by_user_id($userId);
+    $coursesList = CourseManager::get_courses_list_by_user_id($userId);
 
-    if (is_array($courses)) {
-        foreach ($courses as &$course) {
+    if (is_array($coursesList)) {
+        foreach ($coursesList as &$course) {
             $courseInfo = api_get_course_info_by_id($course['real_id']);
 
             $course = array_merge($course, $courseInfo);
@@ -60,13 +66,12 @@ if ($selectedSession > 0) {
     }
 }
 
-$months = array();
+foreach ($coursesList as $course) {
+    $courses[$course['id']] = $course['title'];
+}
 
 for ($key = 1; $key <= 12; $key++) {
-    $months[] = array(
-        'key' => $key,
-        'name' => sprintf("%02d", $key)
-    );
+    $months[$key] = sprintf("%02d", $key);
 }
 
 $exportAllLink = null;
@@ -164,10 +169,31 @@ if (Session::has('reportErrorMessage')) {
     $template->assign('errorMessage', Session::read('reportErrorMessage'));
 }
 
-$template->assign('selectedSession', $selectedSession);
-$template->assign('selectedCourse', $selectedCourse);
-$template->assign('selectedMonth', $selectedMonth);
-$template->assign('selectedYear', $selectedYear);
+$form = new FormValidator(
+    'certificate_report_form',
+    'post',
+    api_get_path(WEB_CODE_PATH) . 'gradebook/certificate_report.php'
+);
+$form->addHeader(get_lang('GradebookListOfStudentsCertificates'));
+$form->addSelect('session', get_lang('Sessions'), $sessions, ['id' => 'session']);
+$form->addSelect('course', get_lang('Courses'), $courses, ['id' => 'course']);
+$form->addGroup(
+    [
+        $form->createElement('select', 'month', null, $months, ['id' => 'month']),
+        $form->createElement('text', 'year', null, ['id' => 'year'])
+    ],
+    null,
+    get_lang('Date')
+);
+$form->addButtonSearch();
+$form->setDefaults([
+    'session' => $selectedSession,
+    'course' => $selectedCourse,
+    'month' => $selectedMonth,
+    'year' => $selectedYear
+]);
+
+$template->assign('form', $form->returnForm());
 $template->assign('sessions', $sessions);
 $template->assign('courses', $courses);
 $template->assign('months', $months);
diff --git a/main/template/default/gradebook/certificate_report.tpl b/main/template/default/gradebook/certificate_report.tpl
index 8fc6dc3a1d..c301708bef 100644
--- a/main/template/default/gradebook/certificate_report.tpl
+++ b/main/template/default/gradebook/certificate_report.tpl
@@ -30,58 +30,18 @@
     });
 </script>
 
-<form action="{{ _p.web_main }}gradebook/certificate_report.php" method="post" class="form-horizontal">
-    <div class="control-group">
-        <label class="control-label" for="session">{{ 'Sessions' | get_lang }}</label>
-        <div class="controls">
-            <select name="session" id="session">
-                <option value="0">{{ 'Select' | get_lang }}</option>
-                {% for session in sessions %}
-                    <option value="{{ session.id }}" {{ selectedSession == session.id ? 'selected' : '' }}>{{ session.name }}</option>
-                {% endfor %}
-            </select>
-        </div>
-    </div>
-    <div class="control-group">
-        <label class="control-label" for="course">{{ 'Courses' | get_lang }}</label>
-        <div class="controls">
-            <select name="course" id="course">
-                <option value="0">{{ 'Select' | get_lang }}</option>
-                {% for course in courses %}
-                    <option value="{{ course.real_id }}" {{ selectedCourse == course.real_id ? 'selected' : ''}}>{{ course.title }}</option>
-                {% endfor %}
-            </select>
-        </div>
-    </div>
-    <div class="control-group">
-        <label class="control-label" for="month">{{ 'Date' | get_lang }}</label>
-        <div class="controls">
-            <select name="month" id="month">
-                <option value="0">{{ 'Select' | get_lang }}</option>
-                {% for month in months %}
-                    <option value="{{ month.key }}" {{ selectedMonth == month.key ? 'selected' : ''}}>{{ month.name }}</option>
-                {% endfor %}
-            </select>
-            <input type="text" name="year" id="year" class="input-mini" value="{{ selectedYear }}">
-        </div>
-    </div>
-    <div class="control-group">
-        <div class="controls">
-            <button type="submit" class="btn btn-primary">{{ 'Search' | get_lang }}</button>
-        </div>
-    </div>
-</form>
-
-<h1 class="page-header">{{ 'GradebookListOfStudentsCertificates' | get_lang }}</h1>
+{{ form }}
 
 {% if errorMessage is defined %}
     <div class="alert alert-error">{{ errorMessage }}</div>
 {% endif %}
 
 {% if not certificateStudents is empty %}
-    <p>
-        <a href="{{ exportAllLink }}" class="btn btn-info">{{ 'ExportAllCertificatesToPDF' | get_lang }}</a>
-    </p>
+    <div class="actions">
+        <a href="{{ exportAllLink }}" class="btn btn-info">
+            <i class="fa fa-check"></i> {{ 'ExportAllCertificatesToPDF' | get_lang }}
+        </a>
+    </div>
 
     <table class="table table-striped">
         <thead>

From b3c096abd4892bd22b5e00cafa5650e87941a517 Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 09:30:47 -0500
Subject: [PATCH 03/10] Fix search with filter by date - refs BT#9442

---
 main/gradebook/certificate_report.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index 9b012a3b95..44877bfcb7 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -23,7 +23,7 @@ $interbreadcrumb[] = array(
 $selectedSession = isset($_POST['session']) && !empty($_POST['session']) ? intval($_POST['session']) : 0;
 $selectedCourse = isset($_POST['course']) && !empty($_POST['course']) ? intval($_POST['course']) : 0;
 $selectedMonth = isset($_POST['month']) && !empty($_POST['month']) ? intval($_POST['month']) : 0;
-$selectedYear = isset($_POST['year']) && !empty($_POST['year']) ? $_POST['year'] : null;
+$selectedYear = isset($_POST['year']) && !empty($_POST['year']) ? trim($_POST['year']) : null;
 
 $userId = api_get_user_id();
 
@@ -143,7 +143,7 @@ if ($searchSessionAndCourse || $searchCourseOnly) {
                             continue;
                         }
                     } elseif ($selectedMonth > 0 && !empty($selectedYear)) {
-                        if ($creationMonthYear != sprintf("%d %s", $selectedMonth, $selectedYear)) {
+                        if ($creationMonthYear != sprintf("%02d %s", $selectedMonth, $selectedYear)) {
                             continue;
                         }
                     }

From 825ca55e49b81f93f92d9348a8f19b65f809726c Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 11:15:55 -0500
Subject: [PATCH 04/10] List courses from students in groups for admin group -
 refs BT#9442

---
 main/gradebook/certificate_report.php |  4 ++
 main/inc/lib/course.lib.php           | 86 +++++++++++++++++++++++++++
 2 files changed, 90 insertions(+)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index 44877bfcb7..d14343d58e 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -55,6 +55,9 @@ if ($selectedSession > 0) {
         }
     }
 } else {
+    if (api_is_student_boss()) {
+        $coursesList = CourseManager::getCoursesFollowedByGroupAdmin($userId);
+    } else {
     $coursesList = CourseManager::get_courses_list_by_user_id($userId);
 
     if (is_array($coursesList)) {
@@ -64,6 +67,7 @@ if ($selectedSession > 0) {
             $course = array_merge($course, $courseInfo);
         }
     }
+    }
 }
 
 foreach ($coursesList as $course) {
diff --git a/main/inc/lib/course.lib.php b/main/inc/lib/course.lib.php
index a303cc0d78..0e6cd5916a 100755
--- a/main/inc/lib/course.lib.php
+++ b/main/inc/lib/course.lib.php
@@ -5682,4 +5682,90 @@ class CourseManager
         }
         return $courses;
     }
+
+    /**
+     * Get list of courses based on users of a group for a group admin
+     * @param int $userId The user id
+     * @return array
+     */
+    public static function getCoursesFollowedByGroupAdmin($userId)
+    {
+        $coursesList = [];
+
+        $courseTable = Database::get_main_table(TABLE_MAIN_COURSE);
+        $courseUserTable = Database::get_main_table(TABLE_MAIN_COURSE_USER);
+
+        $groups = GroupPortalManager::get_groups_by_user($userId, GROUP_USER_PERMISSION_ADMIN);
+
+        $groupsId = array_keys($groups);
+        $subgroupsId = [];
+        $userIdList = [];
+
+        foreach ($groupsId as $groupId) {
+            $subgroupsId = array_merge($subgroupsId, GroupPortalManager::getGroupsByDepthLevel($groupId));
+        }
+
+        $groupsId = array_merge($groupsId, $subgroupsId);
+
+        $groupsId = array_unique($groupsId);
+
+        if (empty($groupsId)) {
+            return [];
+        }
+
+        foreach ($groupsId as $groupId) {
+            $groupUsers = GroupPortalManager::get_users_by_group($groupId);
+
+            if (empty($groupUsers)) {
+                continue;
+            }
+
+            foreach ($groupUsers as $member) {
+                if ($member['user_id'] == $userId ) {
+                    continue;
+                }
+
+                $userIdList[] = intval($member['user_id']);
+            }
+        }
+
+        $userIdList = array_unique($userIdList);
+
+        if (empty($userIdList)) {
+            return [];
+        }
+
+        $sql = "SELECT DISTINCT(c.id), c.title "
+            . "FROM $courseTable c "
+            . "INNER JOIN $courseUserTable cru ON c.code = cru.course_code "
+            . "WHERE ( "
+            . "cru.user_id IN(" . implode(', ', $userIdList) . ") "
+            . "AND cru.relation_type = 0 "
+            . ")";
+
+        if (api_is_multiple_url_enabled()) {
+            $courseAccessUrlTable = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
+            $accessUrlId = api_get_current_access_url_id();
+
+            if ($accessUrlId != -1) {
+                $sql = "SELECT DISTINCT(c.id), c.title "
+                    . "FROM $courseTable c "
+                    . "INNER JOIN $courseUserTable cru ON c.code = cru.course_code "
+                    . "INNER JOIN $courseAccessUrlTable crau ON c.code = crau.course_code "
+                    . "WHERE crau.access_url_id = $accessUrlId "
+                    . "AND ( "
+                    . "cru.id_user IN (" . implode(', ', $userIdList) . ") "
+                    . "AND cru.relation_type = 0 "
+                    . ")";
+            }
+        }
+
+        $result = Database::query($sql);
+
+        while ($row = Database::fetch_assoc($result)) {
+            $coursesList[] = $row;
+        }
+
+        return $coursesList;
+    }
 }

From 69b9175faaf937e7f44d30cc5512e65de21922e9 Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 11:20:19 -0500
Subject: [PATCH 05/10] Filter report result for student boss - BT#9442

---
 main/gradebook/certificate_report.php     |  5 +++
 main/inc/ajax/model.ajax.php              | 37 ++-------------
 main/inc/lib/course.lib.php               | 36 +--------------
 main/inc/lib/group_portal_manager.lib.php | 55 +++++++++++++++++++++++
 main/inc/lib/sessionmanager.lib.php       | 36 +--------------
 5 files changed, 66 insertions(+), 103 deletions(-)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index d14343d58e..412b7a6635 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -30,6 +30,7 @@ $userId = api_get_user_id();
 $sessions = $courses = $months = [0 => get_lang('Select')];
 
 if (api_is_student_boss()) {
+    $userList = GroupPortalManager::getGroupUsersByUser($userId);
     $sessionsList = SessionManager::getSessionsFollowedForGroupAdmin($userId);
 } else {
 $sessionsList = SessionManager::getSessionsCoachedByUser($userId);
@@ -118,6 +119,10 @@ if ($searchSessionAndCourse || $searchCourseOnly) {
 
         if (is_array($studentList) && !empty($studentList)) {
             foreach ($studentList as $student) {
+                if (api_is_student_boss() && !in_array($student['user_id'], $userList)) {
+                    continue;
+                }
+
                 $certificateStudent = array(
                     'fullName' => api_get_person_name($student['firstname'], $student['lastname']),
                     'certificates' => array()
diff --git a/main/inc/ajax/model.ajax.php b/main/inc/ajax/model.ajax.php
index 31a428fbf1..691b26a23c 100755
--- a/main/inc/ajax/model.ajax.php
+++ b/main/inc/ajax/model.ajax.php
@@ -211,39 +211,10 @@ switch ($action) {
         }
 
         if ($searchByGroups) {
-            $groups = GroupPortalManager::get_groups_by_user(api_get_user_id(), GROUP_USER_PERMISSION_ADMIN);
-            $groupsId = array_keys($groups);
-            $subgroupsId = [];
-
-            if (is_array($groupsId)) {
-                foreach ($groupsId as $groupId) {
-                    $subgroupsId = array_merge(
-                        $subgroupsId,
-                        GroupPortalManager::getGroupsByDepthLevel($groupId)
-                    );
-                }
-
-                $groupsId = array_merge(
-                    $groupsId,
-                    $subgroupsId
-                );
-
-                foreach ($groupsId as $groupId) {
-                    $groupUsers = GroupPortalManager::get_users_by_group($groupId);
-
-                    if (!is_array($groupUsers)) {
-                        continue;
-                    }
-
-                    foreach ($groupUsers as $memberId => $member) {
-                        if ($member['user_id'] == $userId ) {
-                            continue;
-                        }
-
-                        $userIdList[] = intval($member['user_id']);
-                    }
-                }
-            }
+            $userIdList = array_merge(
+                $userIdList,
+                GroupPortalManager::getGroupUsersByUser(api_get_user_id())
+            );
         }
 
         if (is_array($userIdList)) {
diff --git a/main/inc/lib/course.lib.php b/main/inc/lib/course.lib.php
index 0e6cd5916a..7fba776465 100755
--- a/main/inc/lib/course.lib.php
+++ b/main/inc/lib/course.lib.php
@@ -5695,41 +5695,7 @@ class CourseManager
         $courseTable = Database::get_main_table(TABLE_MAIN_COURSE);
         $courseUserTable = Database::get_main_table(TABLE_MAIN_COURSE_USER);
 
-        $groups = GroupPortalManager::get_groups_by_user($userId, GROUP_USER_PERMISSION_ADMIN);
-
-        $groupsId = array_keys($groups);
-        $subgroupsId = [];
-        $userIdList = [];
-
-        foreach ($groupsId as $groupId) {
-            $subgroupsId = array_merge($subgroupsId, GroupPortalManager::getGroupsByDepthLevel($groupId));
-        }
-
-        $groupsId = array_merge($groupsId, $subgroupsId);
-
-        $groupsId = array_unique($groupsId);
-
-        if (empty($groupsId)) {
-            return [];
-        }
-
-        foreach ($groupsId as $groupId) {
-            $groupUsers = GroupPortalManager::get_users_by_group($groupId);
-
-            if (empty($groupUsers)) {
-                continue;
-            }
-
-            foreach ($groupUsers as $member) {
-                if ($member['user_id'] == $userId ) {
-                    continue;
-                }
-
-                $userIdList[] = intval($member['user_id']);
-            }
-        }
-
-        $userIdList = array_unique($userIdList);
+        $userIdList = GroupPortalManager::getGroupUsersByUser($userId);
 
         if (empty($userIdList)) {
             return [];
diff --git a/main/inc/lib/group_portal_manager.lib.php b/main/inc/lib/group_portal_manager.lib.php
index 73da630502..81c8cffd04 100755
--- a/main/inc/lib/group_portal_manager.lib.php
+++ b/main/inc/lib/group_portal_manager.lib.php
@@ -1359,4 +1359,59 @@ class GroupPortalManager
         }
         return true;
     }
+
+    /**
+     * Get the group member list by a user and his group role
+     * @param int $userId The user ID
+     * @param int $relationType Optional. The relation type. GROUP_USER_PERMISSION_ADMIN by default
+     * @param boolean $includeSubgroupsUsers Optional. Whether include the users from subgroups
+     * @return array
+     */
+    public static function getGroupUsersByUser(
+        $userId,
+        $relationType = GROUP_USER_PERMISSION_ADMIN,
+        $includeSubgroupsUsers = true
+    )
+    {
+        $userId = intval($userId);
+
+        $groups = GroupPortalManager::get_groups_by_user($userId, $relationType);
+
+        $groupsId = array_keys($groups);
+        $subgroupsId = [];
+        $userIdList = [];
+
+        if ($includeSubgroupsUsers) {
+            foreach ($groupsId as $groupId) {
+                $subgroupsId = array_merge($subgroupsId, GroupPortalManager::getGroupsByDepthLevel($groupId));
+            }
+
+            $groupsId = array_merge($groupsId, $subgroupsId);
+        }
+
+        $groupsId = array_unique($groupsId);
+
+        if (empty($groupsId)) {
+            return [];
+        }
+
+        foreach ($groupsId as $groupId) {
+            $groupUsers = GroupPortalManager::get_users_by_group($groupId);
+
+            if (empty($groupUsers)) {
+                continue;
+            }
+
+            foreach ($groupUsers as $member) {
+                if ($member['user_id'] == $userId) {
+                    continue;
+                }
+
+                $userIdList[] = intval($member['user_id']);
+            }
+        }
+
+        return array_unique($userIdList);
+    }
+
 }
diff --git a/main/inc/lib/sessionmanager.lib.php b/main/inc/lib/sessionmanager.lib.php
index 8f73d45aca..8023cc571e 100755
--- a/main/inc/lib/sessionmanager.lib.php
+++ b/main/inc/lib/sessionmanager.lib.php
@@ -5965,41 +5965,7 @@ class SessionManager
         $sessionTable = Database::get_main_table(TABLE_MAIN_SESSION);
         $sessionUserTable = Database::get_main_table(TABLE_MAIN_SESSION_USER);
 
-        $groups = GroupPortalManager::get_groups_by_user($userId, GROUP_USER_PERMISSION_ADMIN);
-
-        $groupsId = array_keys($groups);
-        $subgroupsId = [];
-        $userIdList = [];
-
-        foreach ($groupsId as $groupId) {
-            $subgroupsId = array_merge($subgroupsId, GroupPortalManager::getGroupsByDepthLevel($groupId));
-        }
-
-        $groupsId = array_merge($groupsId, $subgroupsId);
-
-        $groupsId = array_unique($groupsId);
-
-        if (empty($groupsId)) {
-            return [];
-        }
-
-        foreach ($groupsId as $groupId) {
-            $groupUsers = GroupPortalManager::get_users_by_group($groupId);
-
-            if (empty($groupUsers)) {
-                continue;
-            }
-
-            foreach ($groupUsers as $member) {
-                if ($member['user_id'] == $userId ) {
-                    continue;
-                }
-
-                $userIdList[] = intval($member['user_id']);
-            }
-        }
-
-        $userIdList = array_unique($userIdList);
+        $userIdList = GroupPortalManager::getGroupUsersByUser($userId);
 
         if (empty($userIdList)) {
             return [];

From 5106e2d391fac8a460f18ca26c1a6ca2703415ba Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 12:00:55 -0500
Subject: [PATCH 06/10] Fix course list when user is not student boss - refs
 BT#9442

---
 main/gradebook/certificate_report.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index 412b7a6635..1d3967d135 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -72,7 +72,11 @@ if ($selectedSession > 0) {
 }
 
 foreach ($coursesList as $course) {
+    if (isset($course['real_id'])) {
+        $courses[$course['real_id']] = $course['title'];
+    } else {
     $courses[$course['id']] = $course['title'];
+    }
 }
 
 for ($key = 1; $key <= 12; $key++) {

From c20ca360e69de7329d1a5f2ce51db938d33f737c Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 12:24:48 -0500
Subject: [PATCH 07/10] Add session name and course name columns - refs BT#9442

---
 main/gradebook/certificate_report.php                  | 5 +++++
 main/template/default/gradebook/certificate_report.tpl | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index 1d3967d135..f8535daf35 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -117,6 +117,9 @@ if ($searchSessionAndCourse || $searchCourseOnly) {
             "cat_id" => $gradebook->get_id()
         ));
 
+        $sessionName = api_get_session_name($selectedSession);
+        $courseName = api_get_course_info($selectedCourseInfo['code'])['title'];
+
         $studentList = GradebookUtils::get_list_users_certificates($gradebook->get_id());
 
         $certificateStudents = array();
@@ -129,6 +132,8 @@ if ($searchSessionAndCourse || $searchCourseOnly) {
 
                 $certificateStudent = array(
                     'fullName' => api_get_person_name($student['firstname'], $student['lastname']),
+                    'sessionName' => $sessionName,
+                    'courseName' => $courseName,
                     'certificates' => array()
                 );
 
diff --git a/main/template/default/gradebook/certificate_report.tpl b/main/template/default/gradebook/certificate_report.tpl
index c301708bef..fe91d967f8 100644
--- a/main/template/default/gradebook/certificate_report.tpl
+++ b/main/template/default/gradebook/certificate_report.tpl
@@ -47,6 +47,8 @@
         <thead>
             <tr>
                 <th>{{ 'Student' | get_lang }}</th>
+                <th>{{ 'Sesion' | get_lang }}</th>
+                <th>{{ 'Course' | get_lang }}</th>
                 <th>{{ 'Date' | get_lang }}</th>
                 <th>{{ 'Certificate' | get_lang }}</th>
             </tr>
@@ -54,6 +56,8 @@
         <tfoot>
             <tr>
                 <th>{{ 'Student' | get_lang }}</th>
+                <th>{{ 'Sesion' | get_lang }}</th>
+                <th>{{ 'Course' | get_lang }}</th>
                 <th>{{ 'Date' | get_lang }}</th>
                 <th>{{ 'Certificate' | get_lang }}</th>
             </tr>
@@ -62,6 +66,8 @@
             {% for student in certificateStudents %}
                 <tr>
                     <td>{{ student.fullName }}</td>
+                    <td>{{ student.sessionName }}</td>
+                    <td>{{ student.courseName }}</td>
                     <td>
                         {% for certificate in student.certificates %}
                             <p>{{ certificate.createdAt }}</p>

From 622137fcf2e5706964ba1ffa3e0769d550137686 Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 16:34:56 -0500
Subject: [PATCH 08/10] Add students filters for student boss - refs BT#9442

---
 main/gradebook/certificate_report.php         | 103 ++++++++++++++++--
 .../default/gradebook/certificate_report.tpl  |  11 +-
 2 files changed, 100 insertions(+), 14 deletions(-)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index f8535daf35..2572588479 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -24,10 +24,11 @@ $selectedSession = isset($_POST['session']) && !empty($_POST['session']) ? intva
 $selectedCourse = isset($_POST['course']) && !empty($_POST['course']) ? intval($_POST['course']) : 0;
 $selectedMonth = isset($_POST['month']) && !empty($_POST['month']) ? intval($_POST['month']) : 0;
 $selectedYear = isset($_POST['year']) && !empty($_POST['year']) ? trim($_POST['year']) : null;
+$selectedStudent = isset($_POST['student']) && !empty($_POST['student']) ? intval($_POST['student']) : 0;
 
 $userId = api_get_user_id();
 
-$sessions = $courses = $months = [0 => get_lang('Select')];
+$sessions = $courses = $months = $students = [0 => get_lang('Select')];
 
 if (api_is_student_boss()) {
     $userList = GroupPortalManager::getGroupUsersByUser($userId);
@@ -88,6 +89,7 @@ $certificateStudents = array();
 
 $searchSessionAndCourse = $selectedSession > 0 && $selectedCourse > 0;
 $searchCourseOnly = $selectedSession <= 0 && $selectedCourse > 0;
+$searchStudentOnly = $selectedStudent > 0;
 
 if ($searchSessionAndCourse || $searchCourseOnly) {
     $selectedCourseInfo = api_get_course_info_by_id($selectedCourse);
@@ -172,6 +174,62 @@ if ($searchSessionAndCourse || $searchCourseOnly) {
                     );
                 }
 
+                if (count($certificateStudent['certificates']) > 0) {
+                    $certificateStudents[] = $certificateStudent;
+                }
+            }
+        }
+    }
+} elseif ($searchStudentOnly) {
+    $selectedStudentInfo = api_get_user_info($selectedStudent);
+
+    if (empty($selectedStudentInfo)) {
+        Session::write('reportErrorMessage', get_lang('NoUser'));
+
+        Header::location($selfUrl);
+    }
+
+    $sessionList = SessionManager::getSessionsFollowedByUser($selectedStudent);
+
+    foreach ($sessionList as $session) {
+        $sessionCourseList = SessionManager::get_course_list_by_session_id($session['id']);
+
+        foreach ($sessionCourseList as $sessionCourse) {
+            $gradebookCategories = Category::load(null, null, $sessionCourse['code'], null, false, $session['id']);
+
+            $gradebook = null;
+
+            if (!empty($gradebookCategories)) {
+                $gradebook = current($gradebookCategories);
+            }
+
+            if (!is_null($gradebook)) {
+                $sessionName = $session['name'];
+                $courseName = $sessionCourse['title'];
+
+                $certificateStudent = [
+                    'fullName' => $selectedStudentInfo['complete_name'],
+                    'sessionName' => $sessionName,
+                    'courseName' => $courseName,
+                    'certificates' => []
+                ];
+
+                $studentCertificates = GradebookUtils::get_list_gradebook_certificates_by_user_id(
+                    $selectedStudent,
+                    $gradebook->get_id()
+                );
+
+                if (!is_array($studentCertificates) || empty($studentCertificates)) {
+                    continue;
+                }
+
+                foreach ($studentCertificates as $certificate) {
+                    $certificateStudent['certificates'][] = array(
+                        'createdAt' => api_convert_and_format_date($certificate['created_at']),
+                        'id' => $certificate['id']
+                    );
+                }
+
                 if (count($certificateStudent['certificates']) > 0) {
                     $certificateStudents[] = $certificateStudent;
                 }
@@ -187,31 +245,54 @@ if (Session::has('reportErrorMessage')) {
     $template->assign('errorMessage', Session::read('reportErrorMessage'));
 }
 
-$form = new FormValidator(
+$searchBySessionCourseDateForm = new FormValidator(
     'certificate_report_form',
     'post',
     api_get_path(WEB_CODE_PATH) . 'gradebook/certificate_report.php'
 );
-$form->addHeader(get_lang('GradebookListOfStudentsCertificates'));
-$form->addSelect('session', get_lang('Sessions'), $sessions, ['id' => 'session']);
-$form->addSelect('course', get_lang('Courses'), $courses, ['id' => 'course']);
-$form->addGroup(
+$searchBySessionCourseDateForm->addSelect('session', get_lang('Sessions'), $sessions, ['id' => 'session']);
+$searchBySessionCourseDateForm->addSelect('course', get_lang('Courses'), $courses, ['id' => 'course']);
+$searchBySessionCourseDateForm->addGroup(
     [
-        $form->createElement('select', 'month', null, $months, ['id' => 'month']),
-        $form->createElement('text', 'year', null, ['id' => 'year'])
+        $searchBySessionCourseDateForm->createElement('select', 'month', null, $months, ['id' => 'month']),
+        $searchBySessionCourseDateForm->createElement(
+            'text',
+            'year',
+            null,
+            ['id' => 'year', 'placeholder' => get_lang('Year')]
+        )
     ],
     null,
     get_lang('Date')
 );
-$form->addButtonSearch();
-$form->setDefaults([
+$searchBySessionCourseDateForm->addButtonSearch();
+$searchBySessionCourseDateForm->setDefaults([
     'session' => $selectedSession,
     'course' => $selectedCourse,
     'month' => $selectedMonth,
     'year' => $selectedYear
 ]);
 
-$template->assign('form', $form->returnForm());
+if (api_is_student_boss()) {
+    foreach ($userList as $studentId) {
+        $students[$studentId] = api_get_user_info($studentId)['complete_name_with_username'];
+    }
+
+    $searchByStudentForm = new FormValidator(
+        'certificate_report_form',
+        'post',
+        api_get_path(WEB_CODE_PATH) . 'gradebook/certificate_report.php'
+    );
+    $searchByStudentForm->addSelect('student', get_lang('Students'), $students, ['id' => 'student']);
+    $searchByStudentForm->addButtonSearch();
+    $searchByStudentForm->setDefaults([
+        'student' => $selectedStudent
+    ]);
+
+    $template->assign('searchByStudentForm', $searchByStudentForm->returnForm());
+}
+
+$template->assign('searchBySessionCourseDateForm', $searchBySessionCourseDateForm->returnForm());
 $template->assign('sessions', $sessions);
 $template->assign('courses', $courses);
 $template->assign('months', $months);
diff --git a/main/template/default/gradebook/certificate_report.tpl b/main/template/default/gradebook/certificate_report.tpl
index fe91d967f8..64693316fc 100644
--- a/main/template/default/gradebook/certificate_report.tpl
+++ b/main/template/default/gradebook/certificate_report.tpl
@@ -10,8 +10,6 @@
                 a: 'display_sessions_courses',
                 session: sessionId
             }, function (courseList) {
-                var $option = null;
-
                 $('<option>', {
                     value: 0,
                     text: "{{ 'Select' | get_lang }}"
@@ -30,18 +28,25 @@
     });
 </script>
 
-{{ form }}
+{{ searchBySessionCourseDateForm }}
+
+<hr>
+
+{{ searchByStudentForm }}
 
 {% if errorMessage is defined %}
     <div class="alert alert-error">{{ errorMessage }}</div>
 {% endif %}
 
 {% if not certificateStudents is empty %}
+    <h2 class="page-header">{{ "GradebookListOfStudentsCertificates" | get_lang }}</h2>
+    {% if not exportAllLink is null %}
     <div class="actions">
         <a href="{{ exportAllLink }}" class="btn btn-info">
             <i class="fa fa-check"></i> {{ 'ExportAllCertificatesToPDF' | get_lang }}
         </a>
     </div>
+    {% endif %}
 
     <table class="table table-striped">
         <thead>

From 31570905f72083e3b406a32619fea72b47439d1c Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 16:50:44 -0500
Subject: [PATCH 09/10] Allow export certificates for student boss - refs
 BT#9442

---
 main/gradebook/gradebook_display_certificate.php | 11 +++++++++--
 main/mySpace/company_reports.php                 |  9 +++++++++
 main/mySpace/company_reports_resumed.php         |  9 +++++++++
 main/mySpace/student.php                         |  9 +++++++++
 4 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/main/gradebook/gradebook_display_certificate.php b/main/gradebook/gradebook_display_certificate.php
index 44a5b58cf7..6ea6a703cb 100755
--- a/main/gradebook/gradebook_display_certificate.php
+++ b/main/gradebook/gradebook_display_certificate.php
@@ -8,7 +8,9 @@
 require_once '../inc/global.inc.php';
 $current_course_tool  = TOOL_GRADEBOOK;
 
-api_protect_course_script();
+if (!api_is_student_boss()) {
+    api_protect_course_script();
+}
 
 set_time_limit(0);
 ini_set('max_execution_time', 0);
@@ -25,7 +27,7 @@ function confirmation() {
 </script>";
 api_block_anonymous_users();
 
-if (!api_is_allowed_to_edit()) {
+if (!api_is_allowed_to_edit() && !api_is_student_boss()) {
     api_not_allowed(true);
 }
 
@@ -36,10 +38,15 @@ $filterOfficialCodeGet = isset($_GET['filter']) ? Security::remove_XSS($_GET['fi
 
 switch ($action) {
     case 'export_all_certificates':
+        if (api_is_student_boss()) {
+            $userList = GroupPortalManager::getGroupUsersByUser(api_get_user_id());
+        } else {
         $userList = array();
         if (!empty($filterOfficialCodeGet)) {
             $userList = UserManager::getUsersByOfficialCode($filterOfficialCodeGet);
         }
+        }
+
         Category::exportAllCertificates($cat_id, $userList);
         break;
     case 'generate_all_certificates':
diff --git a/main/mySpace/company_reports.php b/main/mySpace/company_reports.php
index 4eeaeb8aea..315b221248 100755
--- a/main/mySpace/company_reports.php
+++ b/main/mySpace/company_reports.php
@@ -110,6 +110,15 @@ if (api_is_student_boss()) {
         Display::return_icon("statistics.png", get_lang("CompanyReport"), array(), ICON_SIZE_MEDIUM),
         "#"
     );
+    $actions .= Display::url(
+        Display::return_icon(
+            "certificate_list.png",
+            get_lang("GradebookSeeListOfStudentsCertificates"),
+            [],
+            ICON_SIZE_MEDIUM
+        ),
+        api_get_path(WEB_CODE_PATH) . "gradebook/certificate_report.php"
+    );
 }
 
 $content = '<div class="actions">';
diff --git a/main/mySpace/company_reports_resumed.php b/main/mySpace/company_reports_resumed.php
index 48d7ca3037..4c90c87ca6 100755
--- a/main/mySpace/company_reports_resumed.php
+++ b/main/mySpace/company_reports_resumed.php
@@ -99,6 +99,15 @@ if (api_is_student_boss()) {
         Display::return_icon("statistics.png", get_lang("CompanyReport"), array(), ICON_SIZE_MEDIUM),
         api_get_path(WEB_CODE_PATH) . "mySpace/company_reports.php"
     );
+    $actions .= Display::url(
+        Display::return_icon(
+            "certificate_list.png",
+            get_lang("GradebookSeeListOfStudentsCertificates"),
+            [],
+            ICON_SIZE_MEDIUM
+        ),
+        api_get_path(WEB_CODE_PATH) . "gradebook/certificate_report.php"
+    );
 }
 
 $content = '<div class="actions">';
diff --git a/main/mySpace/student.php b/main/mySpace/student.php
index ad2f57e040..5661e207e1 100755
--- a/main/mySpace/student.php
+++ b/main/mySpace/student.php
@@ -211,6 +211,15 @@ if (api_is_drh()) {
         Display::return_icon("statistics.png", get_lang("CompanyReport"), array(), ICON_SIZE_MEDIUM),
         api_get_path(WEB_CODE_PATH) . "mySpace/company_reports.php"
     );
+    $actions .= Display::url(
+        Display::return_icon(
+            "certificate_list.png",
+            get_lang("GradebookSeeListOfStudentsCertificates"),
+            [],
+            ICON_SIZE_MEDIUM
+        ),
+        api_get_path(WEB_CODE_PATH) . "gradebook/certificate_report.php"
+    );
 }
 
 $actions .= '<span style="float:right">';

From 9d4eaf26d55b93a6fae98caff174ca5f0ad424df Mon Sep 17 00:00:00 2001
From: Angel Fernando Quiroz Campos <angelfqc.18@gmail.com>
Date: Tue, 14 Apr 2015 17:01:13 -0500
Subject: [PATCH 10/10] Minor - Format code - refs BT#9442

---
 main/gradebook/certificate_report.php            | 16 ++++++++--------
 main/gradebook/gradebook_display_certificate.php |  8 ++++----
 .../default/gradebook/certificate_report.tpl     | 10 +++++-----
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/main/gradebook/certificate_report.php b/main/gradebook/certificate_report.php
index 2572588479..a01e965e8c 100644
--- a/main/gradebook/certificate_report.php
+++ b/main/gradebook/certificate_report.php
@@ -34,7 +34,7 @@ if (api_is_student_boss()) {
     $userList = GroupPortalManager::getGroupUsersByUser($userId);
     $sessionsList = SessionManager::getSessionsFollowedForGroupAdmin($userId);
 } else {
-$sessionsList = SessionManager::getSessionsCoachedByUser($userId);
+    $sessionsList = SessionManager::getSessionsCoachedByUser($userId);
 }
 
 foreach ($sessionsList as $session) {
@@ -60,23 +60,23 @@ if ($selectedSession > 0) {
     if (api_is_student_boss()) {
         $coursesList = CourseManager::getCoursesFollowedByGroupAdmin($userId);
     } else {
-    $coursesList = CourseManager::get_courses_list_by_user_id($userId);
+        $coursesList = CourseManager::get_courses_list_by_user_id($userId);
 
-    if (is_array($coursesList)) {
-        foreach ($coursesList as &$course) {
-            $courseInfo = api_get_course_info_by_id($course['real_id']);
+        if (is_array($coursesList)) {
+            foreach ($coursesList as &$course) {
+                $courseInfo = api_get_course_info_by_id($course['real_id']);
 
-            $course = array_merge($course, $courseInfo);
+                $course = array_merge($course, $courseInfo);
+            }
         }
     }
-    }
 }
 
 foreach ($coursesList as $course) {
     if (isset($course['real_id'])) {
         $courses[$course['real_id']] = $course['title'];
     } else {
-    $courses[$course['id']] = $course['title'];
+        $courses[$course['id']] = $course['title'];
     }
 }
 
diff --git a/main/gradebook/gradebook_display_certificate.php b/main/gradebook/gradebook_display_certificate.php
index 6ea6a703cb..b91350e250 100755
--- a/main/gradebook/gradebook_display_certificate.php
+++ b/main/gradebook/gradebook_display_certificate.php
@@ -41,10 +41,10 @@ switch ($action) {
         if (api_is_student_boss()) {
             $userList = GroupPortalManager::getGroupUsersByUser(api_get_user_id());
         } else {
-        $userList = array();
-        if (!empty($filterOfficialCodeGet)) {
-            $userList = UserManager::getUsersByOfficialCode($filterOfficialCodeGet);
-        }
+            $userList = array();
+            if (!empty($filterOfficialCodeGet)) {
+                $userList = UserManager::getUsersByOfficialCode($filterOfficialCodeGet);
+            }
         }
 
         Category::exportAllCertificates($cat_id, $userList);
diff --git a/main/template/default/gradebook/certificate_report.tpl b/main/template/default/gradebook/certificate_report.tpl
index 64693316fc..8f9aa2acb1 100644
--- a/main/template/default/gradebook/certificate_report.tpl
+++ b/main/template/default/gradebook/certificate_report.tpl
@@ -41,11 +41,11 @@
 {% if not certificateStudents is empty %}
     <h2 class="page-header">{{ "GradebookListOfStudentsCertificates" | get_lang }}</h2>
     {% if not exportAllLink is null %}
-    <div class="actions">
-        <a href="{{ exportAllLink }}" class="btn btn-info">
-            <i class="fa fa-check"></i> {{ 'ExportAllCertificatesToPDF' | get_lang }}
-        </a>
-    </div>
+        <div class="actions">
+            <a href="{{ exportAllLink }}" class="btn btn-info">
+                <i class="fa fa-check"></i> {{ 'ExportAllCertificatesToPDF' | get_lang }}
+            </a>
+        </div>
     {% endif %}
 
     <table class="table table-striped">