MDL-62062 tool_policy: Avoid access to consent page after agreeding

Once the policies have been accepted, only users with permission to
revoke them will be able to access again to the user consent page.

admin/tool/policy/classes/output/page_agreedocs.php

@@ -237,13 +237,13 @@ protected function redirect_to_policies($userid, $returnurl = null) {
      * Redirect to $SESSION->wantsurl if defined or to $CFG->wwwroot if not.
      */
     protected function redirect_to_previous_url() {
-        global $SESSION, $CFG;
+        global $SESSION;
 
         if (!empty($SESSION->wantsurl)) {
             $returnurl = $SESSION->wantsurl;
             unset($SESSION->wantsurl);
         } else {
-            $returnurl = $CFG->wwwroot.'/';
+            $returnurl = (new moodle_url('/admin/tool/policy/user.php'))->out();
         }
 
         redirect($returnurl);
@@ -278,7 +278,9 @@ protected function prepare_global_page_access($userid) {
         // and $SESSION->wantsurl is defined, redirect to the return page.
         $hasagreedsignupuser = empty($USER->id) && $this->signupuserpolicyagreed;
         $hasagreedloggeduser = $USER->id == $userid && !empty($USER->policyagreed);
-        if (!is_siteadmin() && ($hasagreedsignupuser || ($hasagreedloggeduser && !empty($SESSION->wantsurl)))) {
+        $canrevoke = api::can_revoke_policies($USER->id);
+        if (!is_siteadmin() && ($hasagreedsignupuser ||
+            ($hasagreedloggeduser && !$canrevoke))) {
             $this->redirect_to_previous_url();
         }