chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Adding recursive function to get the parents visibility

Browse Source
skala
Julio Montoya 15 years ago
parent 11a827d4f1
commit e8a1b3afe4
5 changed files with 101 additions and 30 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 29
      main/document/document.php
  2. 4
      main/document/download.php
  3. 4
      main/document/showinframes.php
  4. 3
      main/document/showinframesmin.php
  5. 91
      main/inc/lib/document.lib.php

29
main/document/document.php
Unescape View File

@ -179,20 +179,25 @@ $is_certificate_mode = DocumentManager::is_certificate_mode($_GET['curdirpath'])
//If no actions we proceed to show the document (Hack in order to use document.php?id=X)
if (isset($document_id)) {
$document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true);
$document_data = DocumentManager::get_document_data_by_id($document_id, api_get_course_id(), true);
//If the document is not a folder we show the document
if ($document_data) {
$parent_id = $document_data['parent_id'];
if (!empty($document_data['filetype']) && $document_data['filetype'] == 'file') {
$visibility = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id());
//$visibility = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id());
$visibility = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id());
if (!empty($document_data['filetype']) && $document_data['filetype'] == 'file') {
if ($visibility && api_is_allowed_to_session_edit()) {
$url = api_get_path(WEB_COURSE_PATH).$course_info['path'].'/document'.$document_data['path'].'?'.api_get_cidreq();
header("Location: $url");
}
exit;
} else {
if (!$visibility) {
api_not_allowed();
}
}
$_GET['curdirpath'] = $document_data['path'];
}
@ -370,8 +375,13 @@ if ($is_certificate_mode) {
}
// Interbreadcrumb for the current directory root path
if (empty($document_data['parents'])) {
$interbreadcrumb[] = array('url' => '#', 'name' => $document_data['title']);
if (isset($_GET['createdir'])) {
$interbreadcrumb[] = array('url' => $document_data['document_url'], 'name' => $document_data['title']);
} else {
$interbreadcrumb[] = array('url' => '#', 'name' => $document_data['title']);
}
} else {
foreach($document_data['parents'] as $document_sub_data) {
if (!isset($_GET['createdir']) && $document_sub_data['id'] == $document_data['id']) {
@ -851,7 +861,7 @@ if (isset($_GET['curdirpath']) && $_GET['curdirpath'] == '/certificates' && isse
}
/* GET ALL DOCUMENT DATA FOR CURDIRPATH */
if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
if (isset($_GET['keyword']) && !empty($_GET['keyword'])) {
$docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, true);
} else {
$docs_and_folders = DocumentManager::get_all_document_data($_course, $curdirpath, $to_group_id, null, $is_allowed_to_edit || $group_member_with_upload_rights, false);
@ -863,7 +873,7 @@ if ($folders === false) {
}
echo '<div class="actions">';
if ($is_allowed_to_edit || $group_member_with_upload_rights){
//if ($is_allowed_to_edit || $group_member_with_upload_rights){
/* BUILD SEARCH FORM */
echo '<span style="display:inline-block;">';
$form = new FormValidator('search_document', 'get', '', '', null, false);
@ -873,7 +883,7 @@ if ($is_allowed_to_edit || $group_member_with_upload_rights){
$form->addElement('style_submit_button', 'submit', get_lang('Search'), 'class="search"');
$form->display();
echo '</span>';
}
//}
/* GO TO PARENT DIRECTORY */
if ($curdirpath!= '/' && $curdirpath != $group_properties['directory'] && !$is_certificate_mode) {
@ -899,7 +909,7 @@ if (isset($docs_and_folders) && is_array($docs_and_folders)) {
// Create a sortable table with our data
$sortable_data = array();
$count = 1;
$count = 1;
foreach ($docs_and_folders as $key => $document_data) {
$row = array();
$row['id'] = $document_data['id'];
@ -1199,5 +1209,6 @@ if (!empty($table_footer)) {
Display::display_warning_message($table_footer);
}
// Footer
Display::display_footer();

4
main/document/download.php
Unescape View File

@ -72,7 +72,9 @@ if (substr($refer_script, 0, 15) == '/fillsurvey.php') {
if (Security::check_abs_path($sys_course_path.$doc_url, $sys_course_path.'/')) {
$full_file_name = $sys_course_path.$doc_url;
// Check visibility of document and paths
if (!api_is_allowed_to_edit() && !DocumentManager::is_visible($doc_url, $_course, api_get_session_id())) {
$is_visible = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id());
//$is_visible = DocumentManager::is_visible($doc_url, $_course, api_get_session_id());
if (!api_is_allowed_to_edit() && !$is_visible) {
Display::display_error_message(get_lang('ProtectedDocument'));//api_not_allowed backbutton won't work.
exit; // You shouldn't be here anyway.
}

4
main/document/showinframes.php
Unescape View File

@ -83,7 +83,9 @@ if ($is_allowed_in_course == false) {
}
//Check user visibility
$is_visible = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id());
//$is_visible = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id());
$is_visible = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id());
if (!api_is_allowed_to_edit() && !$is_visible) {
api_not_allowed(true);
}

3
main/document/showinframesmin.php
Unescape View File

@ -69,7 +69,8 @@ if ($is_allowed_in_course == false) {
}
//Check user visibility
$is_visible = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id());
//$is_visible = DocumentManager::is_visible_by_id($document_id, $course_info, api_get_session_id(), api_get_user_id());
$is_visible = DocumentManager::check_visibility_tree($document_id, api_get_course_id(), api_get_session_id(), api_get_user_id());
if (!api_is_allowed_to_edit() && !$is_visible) {
api_not_allowed(true);
}

91
main/inc/lib/document.lib.php
Unescape View File

@ -476,7 +476,7 @@ return 'application/octet-stream';
* @param boolean $can_see_invisible
* @return array with all document data
*/
public static function get_all_document_data($_course, $path = '/', $to_group_id = 0, $to_user_id = NULL, $can_see_invisible = false, $search =false) {
public static function get_all_document_data($_course, $path = '/', $to_group_id = 0, $to_user_id = NULL, $can_see_invisible = false, $search = false) {
$TABLE_ITEMPROPERTY = Database::get_course_table(TABLE_ITEM_PROPERTY, $_course['dbName']);
$TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT, $_course['dbName']);
$TABLE_COURSE = Database::get_main_table(TABLE_MAIN_COURSE);
@ -497,7 +497,7 @@ return 'application/octet-stream';
$to_value = Database::escape_string($to_value);
//if they can't see invisible files, they can only see files with visibility 1
$visibility_bit = ' = 1';
//$visibility_bit = ' = 1';
//if they can see invisible files, only deleted files (visibility 2) are filtered out
//if ($can_see_invisible) {
$visibility_bit = ' <> 2';
@ -533,7 +533,7 @@ return 'application/octet-stream';
AND ".$to_field." = ".$to_value."
AND last.visibility".$visibility_bit.$condition_session;
}
$result = Database::query($sql);
$doc_list = array();
@ -587,7 +587,8 @@ return 'application/octet-stream';
}
$temp[$row['id']] = $row;
}
//@todo use the DocumentManager::is_visible function
//Checking disponibility in a session
foreach($my_repeat_ids as $id) {
foreach($doc_list as $row ) {
@ -623,8 +624,19 @@ return 'application/octet-stream';
unset($document_data[$row['id']]);
}
}
//Checking parents visibility
$final_document_data = array();
foreach($document_data as $row) {
$is_visible = DocumentManager::check_visibility_tree($row['id'], $_course['code'], $current_session_id, api_get_user_id());
if ($is_visible) {
$final_document_data[$row['id']]=$row;
}
}
} else {
$final_document_data = $document_data;
}
return $document_data;
return $final_document_data;
} else {
//display_error("Error getting document info from database (".Database::error().")!");
return false;
@ -1014,29 +1026,51 @@ return 'application/octet-stream';
$result = Database::query($sql);
if ($result && Database::num_rows($result) == 1) {
$row = Database::fetch_array($result,'ASSOC');
//Public document URL
$row['url'] = api_get_path(WEB_CODE_PATH).'document/showinframes.php?cidReq='.$course_code.'&id='.$id;
$row['document_url'] = api_get_path(WEB_CODE_PATH).'document/document.php?cidReq='.$course_code.'&id='.$id;
//@todo need to clarify the name of the URLs not nice right now
$url_path = urlencode($row['path']);
$path = str_replace('%2F', '/',$url_path);
$row['direct_url'] = $www.$path;
$row['parent_id'] = self::get_document_id($course_info, dirname($row['path']));
$path = str_replace('%2F', '/',$url_path);
$row['url'] = api_get_path(WEB_CODE_PATH).'document/showinframes.php?cidReq='.$course_code.'&id='.$id;
$row['document_url'] = api_get_path(WEB_CODE_PATH).'document/document.php?cidReq='.$course_code.'&id='.$id;
$row['direct_url'] = $www.$path;
if (dirname($row['path']) == '.') {
$row['parent_id'] = '0';
} else {
$row['parent_id'] = self::get_document_id($course_info, dirname($row['path']));
}
$parents = array();
//Use to generate the breadcrumb
if ($load_parents) {
//Use to generate parents (needed for the breadcrumb)
//@todo sorry but this for is here because there's not a parent_id in the document table so we parsed the path!!
$visibility = true;
if ($load_parents) {
$dir_array = explode('/', $row['path']);
$dir_array = array_filter($dir_array);
$array_len = count($dir_array) +1 ;
$real_dir = '';
$real_dir = '';
for ($i = 1; $i < $array_len; $i++) {
for ($i = 1; $i < $array_len; $i++) {
$sub_visibility = true;
$real_dir .= '/'.$dir_array[$i];
$parent_id = self::get_document_id($course_info, $real_dir);
if (!empty($parent_id)) {
$parents[] = self::get_document_data_by_id($parent_id, $course_code, false);
$sub_document_data = self::get_document_data_by_id($parent_id, $course_code, false);
//@todo add visibility here
/*$sub_visibility = self::is_visible_by_id($parent_id, $course_info, api_get_session_id(), api_get_user_id());
if ($visibility && $sub_visibility == false) {
$visibility = false;
}
*/
$parents[] = $sub_document_data;
}
}
}
}
}
//$row['visibility_for_user'] = $visibility;
$row['parents'] = $parents;
return $row;
}
@ -2841,5 +2875,26 @@ return 'application/octet-stream';
return $return;
}
public function check_visibility_tree($doc_id, $course_code, $session_id, $user_id) {
$document_data = self::get_document_data_by_id($doc_id, $course_code);
if (!empty($document_data)) {
if ($document_data['parent_id'] == false) {
$visible = self::is_visible_by_id($doc_id, $course_info, $session_id, $user_id);
return $visible;
} else {
$course_info = api_get_course_info($course_code);
$visible = self::is_visible_by_id($doc_id, $course_info, $session_id, $user_id);
if (!$visible) {
return false;
} else {
return self::check_visibility_tree($document_data['parent_id'], $course_code, $session_id, $user_id);
}
}
} else {
return false;
}
}
}
//end class DocumentManager
Write Preview
Loading…
Cancel
Save