Code review and uniformization

Small fixes on forum, chat and techproject New lesson_document handler for lesson pages.
moodle · Nov 4, 2007 · 16a34cc · 16a34cc
1 parent 36edf5e
commit 16a34cc
Show file tree

Hide file tree

Showing 8 changed files with 439 additions and 99 deletions.
diff --git a/search/documents/chat_document.php b/search/documents/chat_document.php
@@ -9,6 +9,10 @@
 *
 * Functions for iterating and retrieving the necessary records are now also included
 * in this file, rather than mod/chat/lib.php
+*
+* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+* @package search
+* @version 2007110400
 **/
 
 require_once("$CFG->dirroot/search/documents/document.php");
@@ -155,21 +159,24 @@ function chat_get_content_for_index(&$chat) {
     $documents = array();
     $course = get_record('course', 'id', $chat->course);
     $coursemodule = get_field('modules', 'id', 'name', 'chat');
-    $cm = get_record('course_modules', 'course', $course->id, 'module', $coursemodule, 'instance', $chat->id);
-    $context = get_context_instance(CONTEXT_MODULE, $cm->id);
-
-    // getting records for indexing
-    $sessionTracks = chat_get_session_tracks($chat->id);
-    if ($sessionTracks){
-        foreach($sessionTracks as $aTrackId => $aTrack) {
-            foreach($aTrack->sessionusers as $aUserId){
-                $user = get_record('user', 'id', $aUserId);
-                $aTrack->authors = ($user) ? $user->firstname.' '.$user->lastname : '' ;
-                $documents[] = new ChatTrackSearchDocument(get_object_vars($aTrack), $cm->id, $chat->course, $aTrack->groupid, $context->id);
+    $cm = get_record('course_modules', 'course', $chat->course, 'module', $coursemodule, 'instance', $chat->id);
+    if ($cm){
+        $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+
+        // getting records for indexing
+        $sessionTracks = chat_get_session_tracks($chat->id);
+        if ($sessionTracks){
+            foreach($sessionTracks as $aTrackId => $aTrack) {
+                foreach($aTrack->sessionusers as $aUserId){
+                    $user = get_record('user', 'id', $aUserId);
+                    $aTrack->authors = ($user) ? $user->firstname.' '.$user->lastname : '' ;
+                    $documents[] = new ChatTrackSearchDocument(get_object_vars($aTrack), $cm->id, $chat->course, $aTrack->groupid, $context->id);
+                }
             }
         }
+        return $documents;
     }
-    return $documents;
+    return array();
 } //chat_get_content_for_index
 
 /**
@@ -187,14 +194,18 @@ function chat_single_document($id, $itemtype) {
     $course = get_record('course', 'id', $chat->course);
     $coursemodule = get_field('modules', 'id', 'name', 'chat');
     $cm = get_record('course_modules', 'course', $course->id, 'module', $coursemodule, 'instance', $chat->id);
-    $context = get_context_instance(CONTEXT_MODULE, $cm->id);
-
-    // should be only one
-    $tracks = chat_get_session_tracks($chat->id, $sessionstart, $sessionstart);
-    if ($tracks){
-        $aTrack = $tracks[0];
-        $documents[] = new ChatTrackSearchDocument(get_object_vars($aTrack), $cm->id, $chat->course, $aTrack->groupid, $context->id);
+    if ($cm){
+        $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+
+        // should be only one
+        $tracks = chat_get_session_tracks($chat->id, $sessionstart, $sessionstart);
+        if ($tracks){
+            $aTrack = $tracks[0];
+            $document = new ChatTrackSearchDocument(get_object_vars($aTrack), $cm->id, $chat->course, $aTrack->groupid, $context->id);
+        }
+        return $document;
     }
+    return null;
 } //chat_single_document
 
 /**
@@ -241,20 +252,32 @@ function chat_check_text_access($path, $itemtype, $this_id, $user, $group_id, $c
 
     // get the chat session and all related stuff
     $chat = get_record('chat', 'id', $chat_id);
-    $course = get_record('course', 'id', $chat->course);
-    $module_context = get_record('context', 'id', $context_id);
-    $cm = get_record('course_modules', 'id', $module_context->instanceid);
-    if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $module_context)) return false;
+    $context = get_record('context', 'id', $context_id);
+    $cm = get_record('course_modules', 'id', $context->instanceid);
+    // $cm = get_coursemodule_from_instance('chat', $chat->id, $chat->course);
+    // $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+
+    if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)){
+        if (!empty($CFG->search_access_debug)) echo "search reject : hidden chat ";
+        return false;
+    }
 
     //group consistency check : checks the following situations about groups
     // trap if user is not same group and groups are separated
     $current_group = get_current_group($course->id);
-    if ((groupmode($course) == SEPARATEGROUPS) && !groups_is_member($group_id) && !has_capability('moodle/site:accessallgroups', $module_context)) return false;
+    $course = get_record('course', 'id', $chat->course);
+    if ((groupmode($course, $cm) == SEPARATEGROUPS) && !ismember($group_id) && !has_capability('moodle/site:accessallgroups', $context)){ 
+        if (!empty($CFG->search_access_debug)) echo "search reject : chat element is in separated group ";
+        return false;
+    }
 
     //ownership check : checks the following situations about user
     // trap if user is not owner and has cannot see other's entries
     // TODO : typically may be stored into indexing cache
-    if (!has_capability('mod/chat:readlog', $module_context)) return false;
+    if (!has_capability('mod/chat:readlog', $context)){
+        if (!empty($CFG->search_access_debug)) echo "search reject : cannot read past sessions ";
+        return false;
+    }
 
     return true;
 } //chat_check_text_access

diff --git a/search/documents/data_document.php b/search/documents/data_document.php
@@ -9,6 +9,10 @@
 *
 * Functions for iterating and retrieving the necessary records are now also included
 * in this file, rather than mod/data/lib.php
+*
+* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+* @package search
+* @version 2007110400
 **/
 
 require_once("$CFG->dirroot/search/documents/document.php");
@@ -328,42 +332,66 @@ function data_check_text_access($path, $itemtype, $this_id, $user, $group_id, $c
       return false;
     }
     $data = get_record('data', 'id', $record->dataid);
-    $course = get_record('course', 'id', $data->course);
-    $module_context = get_record('context', 'id', $context_id);
-    $cm = get_record('course_modules', 'id', $module_context->instanceid);
-    if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $module_context)) return false;
+    $context = get_record('context', 'id', $context_id);
+    $cm = get_record('course_modules', 'id', $context->instanceid);
+    // $cm = get_coursemodule_from_instance('data', $data->id, $data->course);
+    // $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+
+    if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)) {
+        if (!empty($CFG->search_access_debug)) echo "search reject : hidden database ";
+        return false;
+    }
 
     //group consistency check : checks the following situations about groups
     // trap if user is not same group and groups are separated
     $current_group = get_current_group($course->id);
-    if ((groupmode($course) == SEPARATEGROUPS) && !groups_is_member($group_id) && !has_capability('moodle/site:accessallgroups', $module_context)) return false;
+    $course = get_record('course', 'id', $data->course);
+    if ((groupmode($course, $cm) == SEPARATEGROUPS) && !ismember($group_id) && !has_capability('moodle/site:accessallgroups', $context)){ 
+        if (!empty($CFG->search_access_debug)) echo "search reject : separated group owned resource ";
+        return false;
+    }
 
     //ownership check : checks the following situations about user
     // trap if user is not owner and has cannot see other's entries
     if ($itemtype == 'record'){
-        if ($user->id != $record->userid && !has_capability('mod/data:viewentry', $module_context) && !has_capability('mod/data:manageentries', $module_context)) return false;
+        if ($user->id != $record->userid && !has_capability('mod/data:viewentry', $context) && !has_capability('mod/data:manageentries', $context)){ 
+            if (!empty($CFG->search_access_debug)) echo "search reject : not owned resource ";
+            return false;
+        }
     }
 
     //approval check
     // trap if unapproved and has not approval capabilities
     // TODO : report a potential capability lack of : mod/data:approve
     $approval = get_field('data_records', 'approved', 'id', $record->id);
-    if (!$approval && !isteacher($data->course) && !has_capability('mod/data:manageentries', $module_context)) return false;
+    if (!$approval && !isteacher($data->course) && !has_capability('mod/data:manageentries', $context)){
+        if (!empty($CFG->search_access_debug)) echo "search reject : unapproved resource ";
+        return false;
+    }
 
     //minimum records to view check
     // trap if too few records
     // TODO : report a potential capability lack of : mod/data:viewhiddenentries
     $recordsAmount = count_records('data_records', 'dataid', $data->id);
-    if ($data->requiredentriestoview > $recordsAmount && !isteacher($data->course) && !has_capability('mod/data:manageentries', $module_context)) return false;
+    if ($data->requiredentriestoview > $recordsAmount && !isteacher($data->course) && !has_capability('mod/data:manageentries', $context)) {
+        if (!empty($CFG->search_access_debug)) echo "search reject : not enough records to view ";
+        return false;
+    }
 
     //opening periods check
     // trap if user has not capability to see hidden records and date is out of opening range
     // TODO : report a potential capability lack of : mod/data:viewhiddenentries
     $now = usertime(time());
     if ($data->timeviewfrom > 0)
-        if ($now < $data->timeviewfrom && !isteacher($data->course) && !has_capability('mod/data:manageentries', $module_context)) return false;
+        if ($now < $data->timeviewfrom && !isteacher($data->course) && !has_capability('mod/data:manageentries', $context)) {
+            if (!empty($CFG->search_access_debug)) echo "search reject : still not open activity ";
+            return false;
+        }
     if ($data->timeviewto > 0)
-        if ($now > $data->timeviewto && !isteacher($data->course) && !has_capability('mod/data:manageentries', $module_context)) return false;
+        if ($now > $data->timeviewto && !isteacher($data->course) && !has_capability('mod/data:manageentries', $context)) {
+            if (!empty($CFG->search_access_debug)) echo "search reject : closed activity ";
+            return false;
+        }
 
     return true;
 } // data_check_text_access

diff --git a/search/documents/forum_document.php b/search/documents/forum_document.php
@@ -10,6 +10,10 @@
 *
 * Functions for iterating and retrieving the necessary records are now also included
 * in this file, rather than mod/forum/lib.php
+*
+* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+* @package search
+* @version 2007110400
 **/
 /* see wiki_document.php for descriptions */
 
@@ -34,7 +38,9 @@ public function __construct(&$post, $forum_id, $course_id, $itemtype, $context_i
         $doc->contextid    = $context_id;
 
         $doc->title        = $post['subject'];
-        $doc->author       = $post['firstname']." ".$post['lastname'];
+
+        $user = get_record('user', 'id', $post['userid']);
+        $doc->author       = fullname($user);
         $doc->contents     = $post['message'];
         $doc->date         = $post['created'];
         $doc->url          = forum_make_link($post['discussion'], $post['id']);
@@ -95,7 +101,7 @@ function forum_get_content_for_index(&$forum) {
                 foreach($children as $aChild) {
                     $aChild->itemtype = 'post';
                     if (strlen($aChild->message) > 0) {
-                        $documents[] = new ForumSearchDocument(get_object_vars($child), $forum->id, $forum->course, 'post', $context->id);
+                        $documents[] = new ForumSearchDocument(get_object_vars($aChild), $forum->id, $forum->course, 'post', $context->id);
                     } 
                 } 
             } 
@@ -116,8 +122,12 @@ function forum_single_document($id, $itemtype) {
     $discussion = get_record('forum_discussions', 'id', $post->discussion);
     $coursemodule = get_field('modules', 'id', 'name', 'forum');
     $cm = get_record('course_modules', 'course', $discussion->course, 'module', $coursemodule, 'instance', $discussion->forum);
-    $context = get_context_instance(CONTEXT_MODULE, $cm->id);
-    return new ForumSearchDocument(get_object_vars($post), $discussion->forum, $discussion->course, $itemtype, $context->id);
+    if ($cm){
+        $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+        $post->groupid = $discussion->groupid;
+        return new ForumSearchDocument(get_object_vars($post), $discussion->forum, $discussion->course, $itemtype, $context->id);
+    }
+    return null;
 } //forum_single_document
 
 /**
@@ -211,12 +221,17 @@ function forum_get_child_posts_fast($parent, $forum_id) {
             p.message, 
             p.created, 
             {$forum_id} AS forum,
-            p.userid, 
+            p.userid,
+            d.groupid,
             u.firstname, 
             u.lastname
         FROM 
-            {$CFG->prefix}forum_posts p
-        LEFT JOIN 
+            {$CFG->prefix}forum_discussions d
+        JOIN 
+            {$CFG->prefix}forum_posts p 
+        ON 
+            p.discussion = d.id
+        JOIN 
             {$CFG->prefix}user u 
         ON 
             p.userid = u.id
@@ -243,27 +258,38 @@ function forum_get_child_posts_fast($parent, $forum_id) {
 * @param group_id the current group used by the user when searching
 * @return true if access is allowed, false elsewhere
 */
-function forum_check_text_access($path, $itemtype, $this_id, $user, $group_id){
-    global $CFG;
+function forum_check_text_access($path, $itemtype, $this_id, $user, $group_id, $context_id){
+    global $CFG, $USER;
 
     include_once("{$CFG->dirroot}/{$path}/lib.php");
 
-    // get the glossary object and all related stuff
+    // get the forum post and all related stuff
     $post = get_record('forum_posts', 'id', $this_id);
     $discussion = get_record('forum_discussions', 'id', $post->discussion);
-    $course = get_record('course', 'id', $discussion->course);
-    $cm = get_coursemodule_from_instance('forum', $discussion->forum, $course->id);
-    $context_module = get_context_instance(CONTEXT_MODULE, $cm->id);
-    if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context_module)) return false;
+    $context = get_record('context', 'id', $context_id);
+    $cm = get_record('course_modules', 'id', $context->instanceid);
+    // $cm = get_coursemodule_from_instance('forum', $discussion->forum, $discussion->course);
+    // $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+    if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)){
+        if (!empty($CFG->search_access_debug)) echo "search reject : hidden forum resource ";
+        return false;
+    }
 
     // approval check : entries should be approved for being viewed, or belongs to the user 
-    if (!$post->mailed && !has_capability('mod/forum:viewhiddentimeposts', $context_module)) return false;
+    if (($post->userid != $USER->id) && !$post->mailed && !has_capability('mod/forum:viewhiddentimeposts', $context)){
+        if (!empty($CFG->search_access_debug)) echo "search reject : time hidden forum item";
+        return false;
+    }
 
     // group check : entries should be in accessible groups
-    $current_group = get_current_group($course->id);
-    if ((groupmode($course, $cm)  == SEPARATEGROUPS) && ($group_id != $current_group) && !has_capability('mod/forum:viewdiscussionsfromallgroups', $context_module)) return false;
+    $current_group = get_current_group($discussion->course);
+    $course = get_record('course', 'id', $discussion->course);
+    if ($group_id >= 0 && (groupmode($course, $cm)  == SEPARATEGROUPS) && ($group_id != $current_group) && !has_capability('mod/forum:viewdiscussionsfromallgroups', $context)){
+        if (!empty($CFG->search_access_debug)) echo "search reject : separated grouped forum item";
+        return false;
+    }
 
     return true;
 } //forum_check_text_access
 
-?>
+?>
diff --git a/search/documents/glossary_document.php b/search/documents/glossary_document.php
@@ -10,6 +10,10 @@
 *
 * Functions for iterating and retrieving the necessary records are now also included
 * in this file, rather than mod/glossary/lib.php
+*
+* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+* @package search
+* @version 2007110400
 **/
 
 require_once("$CFG->dirroot/search/documents/document.php");
@@ -207,12 +211,13 @@ function glossary_db_names() {
 * - user is legitimate in the surrounding context
 * - user may be guest and guest access is allowed to the module
 * - the function may perform local checks within the module information logic
-* @param path the access path to the module script code
-* @param itemtype the information subclassing (usefull for complex modules, defaults to 'standard')
-* @param this_id the item id within the information class denoted by itemtype. In glossaries, this id 
+* @param string $path the access path to the module script code
+* @param string $itemtype the information subclassing (usefull for complex modules, defaults to 'standard')
+* @param int $this_id the item id within the information class denoted by itemtype. In glossaries, this id 
 * points out the indexed glossary item.
-* @param user the user record denoting the user who searches
-* @param group_id the current group used by the user when searching
+* @param object $user the user record denoting the user who searches
+* @param int $group_id the current group used by the user when searching
+* @param int $context_id the current group used by the user when searching
 * @return true if access is allowed, false elsewhere
 */
 function glossary_check_text_access($path, $itemtype, $this_id, $user, $group_id, $context_id){
@@ -221,13 +226,19 @@ function glossary_check_text_access($path, $itemtype, $this_id, $user, $group_id
     // get the glossary object and all related stuff
     $entry = get_record('glossary_entries', 'id', $id);
     $glossary = get_record('glossary', 'id', $entry->glossaryid);
-    $course = get_record('course', 'id', $glossary->course);
-    $module_context = get_record('context', 'id', $context_id);
-    $cm = get_record('course_modules', 'id', $module_context->instanceid);
-    if (!$cm->visible && !has_capability('moodle/course:viewhiddenactivities', $module_context)) return false;
+    $context = get_record('context', 'id', $context_id);
+    $cm = get_record('course_modules', 'id', $context->instanceid);
+    // $cm = get_coursemodule_from_instance('glossary', $glossary->id, $glossary->course);
+    // $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+
+    if (!$cm->visible && !has_capability('moodle/course:viewhiddenactivities', $context)) {
+        return false;
+    }
 
     //approval check : entries should be approved for being viewed, or belongs to the user unless the viewer can approve them or manage them 
-    if (!$entry->approved && $user != $entry->userid && !has_capability('mod/glossary:approve', $module_context) && !has_capability('mod/glossary:manageentries', $module_context)) return false;
+    if (!$entry->approved && $user != $entry->userid && !has_capability('mod/glossary:approve', $context) && !has_capability('mod/glossary:manageentries', $context)) {
+        return false;
+    }
 
     return true;
 } //glossary_check_text_access