From 12744d8b99ceab8c2e32c5ba61c40f9d23aa0fdf Mon Sep 17 00:00:00 2001
From: Ilyassbennanii <ilyass.bennani@beeznest.com>
Date: Tue, 25 Nov 2025 11:36:41 +0100
Subject: [PATCH 1/6] Question manager: Add question bank access to the
 questions manager role refs #6998

---
 assets/vue/composables/sidebarMenu.js | 25 +++++++++++++++++++++++++
 public/main/admin/questions.php       | 19 +++++++++++++++++--
 2 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/assets/vue/composables/sidebarMenu.js b/assets/vue/composables/sidebarMenu.js
index 1d114456474..f6b19a84461 100644
--- a/assets/vue/composables/sidebarMenu.js
+++ b/assets/vue/composables/sidebarMenu.js
@@ -257,6 +257,31 @@ export function useSidebarMenu() {
       }
     }
 
+    {
+      const roles = securityStore.user?.roles || []
+      const isQuestionManager =
+        securityStore.isAdmin ||
+        roles.includes("ROLE_QUESTION_MANAGER")
+
+      if (isQuestionManager) {
+        const questionAdminItems = [
+          {
+            label: t("Questions"),
+            url: "/main/admin/questions.php",
+            icon: "mdi mdi-comment-question-outline",
+            class: "pl-4",
+          },
+        ]
+
+        items.push({
+          icon: "mdi mdi-comment-question-outline",
+          label: t("Admin.questions_admin"),
+          items: questionAdminItems,
+          expanded: isActive({ items: questionAdminItems }),
+        })
+      }
+    }
+
     if (showTabs.value.includes("session_admin") && (securityStore.isAdmin || securityStore.isSessionAdmin)) {
       const sessionAdminItems = [
         {
diff --git a/public/main/admin/questions.php b/public/main/admin/questions.php
index db69552a91d..ce185532383 100644
--- a/public/main/admin/questions.php
+++ b/public/main/admin/questions.php
@@ -14,11 +14,19 @@
 use Symfony\Component\EventDispatcher\EventDispatcher;
 
 $cidReset = true;
-require_once __DIR__.'/../inc/global.inc.php';
+require_once __DIR__ . '/../inc/global.inc.php';
 
 $this_section = SECTION_PLATFORM_ADMIN;
 
-api_protect_admin_script();
+$user = api_get_current_user();
+
+
+if (!api_is_platform_admin() && (!$user || !$user->hasRole('ROLE_QUESTION_MANAGER'))) {
+    api_not_allowed(true);
+    return false;
+}
+
+api_block_inactive_user();
 
 Session::erase('objExercise');
 Session::erase('objQuestion');
@@ -355,6 +363,13 @@
         exit;
 }
 
+global $user;
+
+$backUrl = '/main/admin/';
+if (isset($user) && method_exists($user, 'hasRole') && $user->hasRole('ROLE_QUESTION_MANAGER')) {
+    $backUrl = '/';
+}
+$escapedBackUrl = htmlspecialchars($backUrl, ENT_QUOTES, 'UTF-8');
 $actionsLeft = Display::url(
     Display::return_icon('back.png', get_lang('Administration'), [], ICON_SIZE_MEDIUM),
     Container::getRouter()->generate('admin'),

From a659cff8821c370248b853d2d60ac7f729f4d2b5 Mon Sep 17 00:00:00 2001
From: Ilyassbennanii <ilyass.bennani@beeznest.com>
Date: Tue, 25 Nov 2025 11:40:42 +0100
Subject: [PATCH 2/6] Remove excess lines

---
 public/main/admin/questions.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/public/main/admin/questions.php b/public/main/admin/questions.php
index ce185532383..5edbc926343 100644
--- a/public/main/admin/questions.php
+++ b/public/main/admin/questions.php
@@ -14,13 +14,12 @@
 use Symfony\Component\EventDispatcher\EventDispatcher;
 
 $cidReset = true;
-require_once __DIR__ . '/../inc/global.inc.php';
+require_once __DIR__ .'/../inc/global.inc.php';
 
 $this_section = SECTION_PLATFORM_ADMIN;
 
 $user = api_get_current_user();
 
-
 if (!api_is_platform_admin() && (!$user || !$user->hasRole('ROLE_QUESTION_MANAGER'))) {
     api_not_allowed(true);
     return false;
@@ -369,6 +368,7 @@
 if (isset($user) && method_exists($user, 'hasRole') && $user->hasRole('ROLE_QUESTION_MANAGER')) {
     $backUrl = '/';
 }
+
 $escapedBackUrl = htmlspecialchars($backUrl, ENT_QUOTES, 'UTF-8');
 $actionsLeft = Display::url(
     Display::return_icon('back.png', get_lang('Administration'), [], ICON_SIZE_MEDIUM),

From 8b1101661fea97fa8e88d820840640563145f093 Mon Sep 17 00:00:00 2001
From: Ilyassbennanii <ilyass.bennani@beeznest.com>
Date: Wed, 26 Nov 2025 11:27:59 +0100
Subject: [PATCH 3/6] Refactor backUrl generation

---
 public/main/admin/questions.php | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/public/main/admin/questions.php b/public/main/admin/questions.php
index 5edbc926343..7c683a29434 100644
--- a/public/main/admin/questions.php
+++ b/public/main/admin/questions.php
@@ -14,7 +14,7 @@
 use Symfony\Component\EventDispatcher\EventDispatcher;
 
 $cidReset = true;
-require_once __DIR__ .'/../inc/global.inc.php';
+require_once __DIR__.'/../inc/global.inc.php';
 
 $this_section = SECTION_PLATFORM_ADMIN;
 
@@ -364,15 +364,14 @@
 
 global $user;
 
-$backUrl = '/main/admin/';
-if (isset($user) && method_exists($user, 'hasRole') && $user->hasRole('ROLE_QUESTION_MANAGER')) {
-    $backUrl = '/';
+$backUrl = Container::getRouter()->generate('admin');
+if ($user->hasRole('ROLE_QUESTION_MANAGER')) {
+    $backUrl = Container::getRouter()->generate('index');
 }
 
-$escapedBackUrl = htmlspecialchars($backUrl, ENT_QUOTES, 'UTF-8');
 $actionsLeft = Display::url(
     Display::return_icon('back.png', get_lang('Administration'), [], ICON_SIZE_MEDIUM),
-    Container::getRouter()->generate('admin'),
+    $backUrl,
 );
 
 $exportUrl = '/main/admin/questions.php?'.http_build_query(['action' => 'export_pdf', ...$params]);

From e4a0c6d0c7fbedfaef431ce1766af3762034bf7d Mon Sep 17 00:00:00 2001
From: Ilyassbennanii <ilyass.bennani@beeznest.com>
Date: Wed, 26 Nov 2025 10:32:37 +0000
Subject: [PATCH 4/6] Add Question icon

---
 src/CoreBundle/Enums/ObjectIcon.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/CoreBundle/Enums/ObjectIcon.php b/src/CoreBundle/Enums/ObjectIcon.php
index 9676510a19f..8dc470d1a07 100644
--- a/src/CoreBundle/Enums/ObjectIcon.php
+++ b/src/CoreBundle/Enums/ObjectIcon.php
@@ -156,4 +156,7 @@ enum ObjectIcon: string
     case CATALOGUE = 'bookmark-multiple-outline';
 
     case EVENT_REMINDER = 'alarm';
+    // Question icon
+    case QUESTION = 'comment-question-outline';
+
 }

From b69437b20ebefa681d7facbf9401ae55364b2c99 Mon Sep 17 00:00:00 2001
From: Ilyassbennanii <ilyass.bennani@beeznest.com>
Date: Wed, 26 Nov 2025 11:35:19 +0100
Subject: [PATCH 5/6] Remove unused global user variable

Removed unused global variable declaration for user.
---
 public/main/admin/questions.php | 2 --
 1 file changed, 2 deletions(-)

diff --git a/public/main/admin/questions.php b/public/main/admin/questions.php
index 7c683a29434..fb835fc7711 100644
--- a/public/main/admin/questions.php
+++ b/public/main/admin/questions.php
@@ -362,8 +362,6 @@
         exit;
 }
 
-global $user;
-
 $backUrl = Container::getRouter()->generate('admin');
 if ($user->hasRole('ROLE_QUESTION_MANAGER')) {
     $backUrl = Container::getRouter()->generate('index');

From 5eb14a260ade0e38bb94a129f1ef3ffbbb1c67e2 Mon Sep 17 00:00:00 2001
From: Yannick Warnier <ywarnier@users.noreply.github.com>
Date: Thu, 27 Nov 2025 09:15:54 +0100
Subject: [PATCH 6/6] Minor: Update sidebar menu label for question manager -
 refs #6998

---
 assets/vue/composables/sidebarMenu.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/assets/vue/composables/sidebarMenu.js b/assets/vue/composables/sidebarMenu.js
index f6b19a84461..13fe15b61b7 100644
--- a/assets/vue/composables/sidebarMenu.js
+++ b/assets/vue/composables/sidebarMenu.js
@@ -275,7 +275,7 @@ export function useSidebarMenu() {
 
         items.push({
           icon: "mdi mdi-comment-question-outline",
-          label: t("Admin.questions_admin"),
+          label: t("Question manager"),
           items: questionAdminItems,
           expanded: isActive({ items: questionAdminItems }),
         })