Fixed courses and subcategories in an invisible category being visibl…

…e (Bug #4074)

This patch is different from the one form MOODLE_15_STABLE as it used the stored path in category data.

course/lib.php

@@ -2038,4 +2038,24 @@ function move_courses ($courseids, $categoryid) {
     return true;
 }
 
+function course_parent_visible($course = null) {
+    return category_parent_visible($course->category);
+}
+
+function category_parent_visible($parent = 0) {
+    if (!$parent) {
+        return true;
+    }
+    $category = get_record('course_categories', 'id', $parent);
+    $list = explode('/', preg_replace('/^\/(.*)$/', '$1', $category->path));
+    $list[] = $parent;
+    $parents = get_records_list('course_categories', 'id', implode(',', $list), 'depth DESC');
+    foreach ($parents as $parent) {
+        if (!$parent->visible) {
+            return false;
+        }
+    }
+    return true;
+}
+
 ?>

lib/datalib.php

@@ -2250,7 +2250,7 @@ function get_courses_page($categoryid="all", $sort="c.sortorder ASC", $fields="c
  */
 function get_my_courses($userid, $sort='visible DESC,sortorder ASC') {
 
-    global $CFG;
+    global $CFG, $USER;
 
     $course = array();
 
@@ -2259,6 +2259,12 @@ function get_my_courses($userid, $sort='visible DESC,sortorder ASC') {
             $course[$student->course] = $student->course;
         }
     }
+    $courses = get_records_list('course', 'id', implode(',', $course));
+    foreach ($courses as $k => $c) {
+        if (empty($USER->admin) && (!$c->visible || !course_parent_visible($c))) {
+            unset($course[$c->id]);
+        }
+    }
     if ($teachers = get_records('user_teachers', 'userid', $userid, '', 'id, course')) {
         foreach ($teachers as $teacher) {
             $course[$teacher->course] = $teacher->course;
@@ -2350,7 +2356,7 @@ function get_courses_search($searchterms, $sort='fullname ASC', $page=0, $record
 
     if ($courses) {  /// Remove unavailable courses from the list
         foreach ($courses as $key => $course) {
-            if (!$course->visible) {
+            if (!$course->visible || !course_parent_visible($course)) {
                 if (!isteacher($course->id)) {
                     unset($courses[$key]);
                     $totalcount--;
@@ -2381,7 +2387,7 @@ function get_categories($parent='none', $sort='sortorder ASC') {
     if ($categories) {  /// Remove unavailable categories from the list
         $creator = iscreator();
         foreach ($categories as $key => $category) {
-            if (!$category->visible) {
+            if (!$category->visible || !category_parent_visible($category->parent)) {
                 if (!$creator) {
                     unset($categories[$key]);
                 }

lib/moodlelib.php

@@ -1587,6 +1587,13 @@ function require_login($courseid=0, $autologinguest=true, $cm=null) {
             }
             return;
         }
+        if (! $course = get_record('course', 'id', $courseid)) {
+            error('That course doesn\'t exist');
+        }
+        if (!(isteacher($courseid) || !empty($USER->admin)) && (!$course->visible || !course_parent_visible($course))) {
+            print_header();
+            notice(get_string('coursehidden'), $CFG->wwwroot .'/');
+        }
         if (!empty($USER->student[$courseid]) or !empty($USER->teacher[$courseid]) or !empty($USER->admin)) {
             if (isset($USER->realuser)) {   // Make sure the REAL person can also access this course
                 if (!isteacher($courseid, $USER->realuser)) {
@@ -1599,13 +1606,6 @@ function require_login($courseid=0, $autologinguest=true, $cm=null) {
             }
             return;   // user is a member of this course.
         }
-        if (! $course = get_record('course', 'id', $courseid)) {
-            error('That course doesn\'t exist');
-        }
-        if (!$course->visible) {
-            print_header();
-            notice(get_string('coursehidden'), $CFG->wwwroot .'/');
-        }
         if ($USER->username == 'guest') {
             switch ($course->guest) {
                 case 0: // Guests not allowed