Allow sharing options for the documents inside a group BT#10769

//ALTER TABLE c_group_info ADD document_access INT DEFAULT 0 NOT NULL; //$_configuration['group_document_access'] = false;
chamilo · Apr 18, 2018 · c056499 · c056499
1 parent 9bbf9e2
commit c056499
Show file tree

Hide file tree

Showing 9 changed files with 100 additions and 5 deletions.
diff --git a/main/document/document.php b/main/document/document.php
@@ -198,6 +198,11 @@
             $groupMemberWithUploadRights = true;
         }
     }
+
+    // Group mode
+    if (!GroupManager::allowUploadEditDocument($userId , $courseId, $group_properties)) {
+        $groupMemberWithUploadRights = false;
+    }
     Session::write('group_member_with_upload_rights', $groupMemberWithUploadRights);
 } else {
     Session::write('group_member_with_upload_rights', false);

diff --git a/main/document/edit_document.php b/main/document/edit_document.php
@@ -61,6 +61,8 @@
 
 if (api_is_in_group()) {
     $group_properties = GroupManager::get_group_properties($group_id);
+
+    GroupManager::allowUploadEditDocument(api_get_user_id() , api_get_course_int_id(), $group_properties, true);
 }
 
 $dir = '/';

diff --git a/main/document/upload.php b/main/document/upload.php
@@ -120,6 +120,8 @@ function setFocus() {
     } else {
         api_not_allowed(true);
     }
+
+    GroupManager::allowUploadEditDocument(api_get_user_id() , api_get_course_int_id(), $group_properties, true);
 } elseif ($is_allowed_to_edit ||
     DocumentManager::is_my_shared_folder(api_get_user_id(), $path, api_get_session_id())) {
 } else {

diff --git a/main/group/settings.php b/main/group/settings.php
@@ -103,9 +103,39 @@
     false
 );
 
+$allowDocumentGroupAccess = api_get_configuration_value('group_document_access');
+if ($allowDocumentGroupAccess) {
+    $group = [
+        $form->createElement(
+            'radio',
+            'document_access',
+            get_lang('GroupDocument'),
+            get_lang('DocumentGroupCollaborationMode'),
+            0
+        ),
+        $form->createElement('radio', 'document_access', null, get_lang('DocumentGroupReadOnlyMode'), 1),
+    ];
+    $form->addGroup(
+        $group,
+        '',
+        Display::return_icon(
+            'folder.png',
+            get_lang('GroupDocumentAccess')
+        ).'<span>'.get_lang('GroupDocumentAccess').'</span>',
+        null,
+        false
+    );
+}
+
 // Work settings
 $group = [
-    $form->createElement('radio', 'work_state', get_lang('GroupWork'), get_lang('NotAvailable'), GroupManager::TOOL_NOT_AVAILABLE),
+    $form->createElement(
+        'radio',
+        'work_state',
+        get_lang('GroupWork'),
+        get_lang('NotAvailable'),
+        GroupManager::TOOL_NOT_AVAILABLE
+    ),
     $form->createElement('radio', 'work_state', null, get_lang('Public'), GroupManager::TOOL_PUBLIC),
     $form->createElement('radio', 'work_state', null, get_lang('Private'), GroupManager::TOOL_PRIVATE),
 ];
@@ -221,7 +251,8 @@
         $values['chat_state'],
         $self_registration_allowed,
         $self_unregistration_allowed,
-        $categoryId
+        $categoryId,
+        isset($values['document_access']) ? $values['document_access'] : 0
     );
     if (isset($_POST['group_members']) &&
         count($_POST['group_members']) > $max_member &&
@@ -256,7 +287,7 @@
     echo '<br/>'.get_lang('SearchResultsFor').' <span style="font-style: italic ;"> '.$keyword_name.' </span><br>';
 }
 
-Display :: display_header($nameTools, 'Group');
+Display::display_header($nameTools, 'Group');
 
 $form->setDefaults($defaults);
 echo GroupManager::getSettingBar('settings');

diff --git a/main/inc/ajax/document.ajax.php b/main/inc/ajax/document.ajax.php
@@ -40,6 +40,9 @@
             $groupInfo = GroupManager::get_group_properties(api_get_group_id());
             // Only course admin or group members allowed
             if ($is_allowed_to_edit || GroupManager::is_user_in_group(api_get_user_id(), $groupInfo)) {
+                if (!GroupManager::allowUploadEditDocument(api_get_user_id() , api_get_course_int_id(), $groupInfo)) {
+                    exit;
+                }
             } else {
                 exit;
             }

diff --git a/main/inc/lib/course.lib.php b/main/inc/lib/course.lib.php
@@ -5567,7 +5567,8 @@ public static function getCourseSettingVariables(AppPlugin $appPlugin)
             'email_to_teachers_on_new_work_feedback',
         ];
 
-        if (!empty(ExerciseLib::getScoreModels())) {
+        $courseModels = ExerciseLib::getScoreModels();
+        if (!empty($courseModels)) {
             $courseSettings[] = 'score_model_id';
         }
 

diff --git a/main/inc/lib/groupmanager.lib.php b/main/inc/lib/groupmanager.lib.php
@@ -531,6 +531,7 @@ public static function get_group_properties($group_id, $useIid = false)
                 self::get_subscribed_tutors($result)
             );
             $result['count_all'] = $result['count_users'] + $result['count_tutor'];
+            $result['document_access'] = isset($db_object->document_access) ? $db_object->document_access : 0;
         }
 
         return $result;
@@ -620,6 +621,7 @@ public static function getGroupListFilterByName($name, $categoryId, $courseId)
      * @param bool Whether self registration is allowed or not
      * @param bool Whether self unregistration is allowed or not
      * @param int $categoryId
+     * @param int $documentAccess
      *
      * @return bool TRUE if properties are successfully changed, false otherwise
      */
@@ -637,14 +639,22 @@ public static function set_group_properties(
         $chat_state,
         $self_registration_allowed,
         $self_unregistration_allowed,
-        $categoryId = null
+        $categoryId = null,
+        $documentAccess = 0
     ) {
         $table_group = Database::get_course_table(TABLE_GROUP);
         $table_forum = Database::get_course_table(TABLE_FORUM);
         $categoryId = intval($categoryId);
         $group_id = intval($group_id);
         $course_id = api_get_course_int_id();
 
+        $allowDocumentAccess = api_get_configuration_value('group_document_access');
+        $documentCondition = '';
+        if ($allowDocumentAccess) {
+            $documentAccess = (int) $documentAccess;
+            $documentCondition = " document_access = $documentAccess, ";
+        }
+
         $sql = "UPDATE ".$table_group." SET
                     name='".Database::escape_string(trim($name))."',
                     doc_state = '".Database::escape_string($doc_state)."',
@@ -658,10 +668,12 @@ public static function set_group_properties(
                     max_student = '".Database::escape_string($maximum_number_of_students)."',
                     self_registration_allowed = '".Database::escape_string($self_registration_allowed)."',
                     self_unregistration_allowed = '".Database::escape_string($self_unregistration_allowed)."',
+                    $documentCondition
                     category_id = ".intval($categoryId)."
                 WHERE c_id = $course_id AND id=".$group_id;
         $result = Database::query($sql);
 
+
         /* Here we are updating a field in the table forum_forum that perhaps
         duplicates the table group_info.forum_state cvargas*/
         $forum_state = (int) $forum_state;
@@ -2955,4 +2967,32 @@ public static function setInvisible($groupId)
     {
         self::setStatus($groupId, 0);
     }
+
+    /**
+     * @param int   $userId
+     * @param int   $courseId
+     * @param array $groupInfo
+     * @param bool  $blockPage
+     */
+    public static function allowUploadEditDocument($userId, $courseId, $groupInfo, $blockPage = false)
+    {
+        $allow = api_get_configuration_value('group_document_access');
+        if (!$allow) {
+            return true;
+        }
+
+        if (isset($groupInfo['document_access']) &&
+            $groupInfo['document_access'] == 1 &&
+            (!api_is_allowed_to_edit() ||
+            (!api_is_allowed_to_edit() && !GroupManager::is_tutor_of_group($userId, $groupInfo, $courseId))
+            )
+        ) {
+            if ($blockPage) {
+                api_not_allowed(true);
+            }
+            return false;
+        }
+
+        return true;
+    }
 }
diff --git a/main/install/configuration.dist.php b/main/install/configuration.dist.php
@@ -815,6 +815,10 @@
 // Allow teachers to access student skills BT#14161 (skills setting must be enabled in the platform)
 //$_configuration['allow_teacher_access_student_skills'] = false;
 
+// Allow sharing options for the documents inside a group
+//ALTER TABLE c_group_info ADD document_access INT DEFAULT 0 NOT NULL;
+//$_configuration['group_document_access'] = false;
+
 // ------ Custom DB changes (keep this at the end)
 // Add user activation by confirmation email
 // This option prevents the new user to login in the platform if your account is not confirmed via email

diff --git a/src/Chamilo/CourseBundle/Entity/CGroupInfo.php b/src/Chamilo/CourseBundle/Entity/CGroupInfo.php
@@ -154,6 +154,13 @@ class CGroupInfo
      */
     private $sessionId;
 
+    /**
+     * @var int needed for setting $_configuration['group_document_access']
+     *
+     * ORM\Column(name="doc_access", type="integer", nullable=false, options={"default":0})
+     */
+    //private $docAccess;
+
     /**
      * Set name.
      *