From a4383fe033cf7a51fbccdedf882b0ad9c94813db Mon Sep 17 00:00:00 2001
From: Frederic Massart <fred@moodle.com>
Date: Thu, 14 Jan 2016 18:18:38 +0800
Subject: [PATCH] MDL-51036 tool_lp: Changed the permissions to grade
 competencies

---
 admin/tool/lp/classes/api.php                 | 19 +++++--
 .../user_competency_summary_exporter.php      |  4 +-
 admin/tool/lp/classes/user_competency.php     | 54 +++++++++++++++++++
 3 files changed, 70 insertions(+), 7 deletions(-)

diff --git a/admin/tool/lp/classes/api.php b/admin/tool/lp/classes/api.php
index 1d063dddb0590..2fb8f021139da 100644
--- a/admin/tool/lp/classes/api.php
+++ b/admin/tool/lp/classes/api.php
@@ -3107,18 +3107,23 @@ public static function grade_competency_in_plan($planorid, $competencyid, $grade
         if (!is_object($planorid)) {
             $plan = new plan($planorid);
         }
+
         $context = $plan->get_context();
         if ($override) {
-            require_capability('tool/lp:competencygrade', $context);
+            if (!user_competency::can_grade_user($plan->get_userid(), $competencyid)) {
+                throw new required_capability_exception($context, 'tool/lp:competencygrade', 'nopermissions', '');
+            }
         } else {
-            require_capability('tool/lp:competencysuggestgrade', $context);
+            if (!user_competency::can_suggest_grade_user($plan->get_userid(), $competencyid)) {
+                throw new required_capability_exception($context, 'tool/lp:competencysuggestgrade', 'nopermissions', '');
+            }
         }
 
         // Throws exception if competency not in plan.
         $competency = $plan->get_competency($competencyid);
         $competencycontext = $competency->get_context();
         if (!has_any_capability(array('tool/lp:competencyread', 'tool/lp:competencymanage'), $competencycontext)) {
-             throw new required_capability_exception($competencycontext, 'tool/lp:competencyread', 'nopermissions', '');
+            throw new required_capability_exception($competencycontext, 'tool/lp:competencyread', 'nopermissions', '');
         }
 
         $action = evidence::ACTION_OVERRIDE;
@@ -3160,9 +3165,13 @@ public static function grade_competency_in_course($courseorid, $userid, $compete
         }
         $context = context_course::instance($course->id);
         if ($override) {
-            require_capability('tool/lp:competencygrade', $context);
+            if (!user_competency::can_grade_user($userid, $competencyid)) {
+                throw new required_capability_exception($context, 'tool/lp:competencygrade', 'nopermissions', '');
+            }
         } else {
-            require_capability('tool/lp:competencysuggestgrade', $context);
+            if (!user_competency::can_suggest_grade_user($userid, $competencyid)) {
+                throw new required_capability_exception($context, 'tool/lp:competencysuggestgrade', 'nopermissions', '');
+            }
         }
 
         // Throws exception if competency not in course.
diff --git a/admin/tool/lp/classes/external/user_competency_summary_exporter.php b/admin/tool/lp/classes/external/user_competency_summary_exporter.php
index be99ec7f5791c..7a46f842879ea 100644
--- a/admin/tool/lp/classes/external/user_competency_summary_exporter.php
+++ b/admin/tool/lp/classes/external/user_competency_summary_exporter.php
@@ -101,8 +101,8 @@ protected function get_other_values(renderer_base $output) {
         $result->competency = $exporter->export($output);
 
         $context = context_user::instance($this->related['user']->id);
-        $result->cangrade = has_capability('tool/lp:competencygrade', $context);
-        $result->cansuggest = has_capability('tool/lp:competencysuggestgrade', $context);
+        $result->cangrade = user_competency::can_grade_user($this->related['user']->id, $competency->get_id());
+        $result->cansuggest = user_competency::can_suggest_grade_user($this->related['user']->id, $competency->get_id());
         $result->cangradeorsuggest = $result->cangrade || $result->cansuggest;
         if ($this->related['user']) {
             $exporter = new user_summary_exporter($this->related['user']);
diff --git a/admin/tool/lp/classes/user_competency.php b/admin/tool/lp/classes/user_competency.php
index 016c3ee028904..fede6cf825416 100644
--- a/admin/tool/lp/classes/user_competency.php
+++ b/admin/tool/lp/classes/user_competency.php
@@ -361,6 +361,33 @@ public static function can_comment_user($userid, $competencyid) {
         return false;
     }
 
+    /**
+     * Can the current user grade a user's user competency?
+     *
+     * This follows the same philosophy as {@link self::can_read_user()}.
+     *
+     * @param int $userid The user ID the competency belongs to.
+     * @param int $competencyid The competency ID.
+     * @return bool
+     */
+    public static function can_grade_user($userid, $competencyid) {
+        $ratecap = 'tool/lp:competencygrade';
+        if (has_capability($ratecap, context_user::instance($userid))) {
+            return true;
+        }
+
+        $courses = course_competency::get_courses_with_competency_and_user($competencyid, $userid);
+        foreach ($courses as $course) {
+            $context = context_course::instance($course->id);
+            if (has_capability($ratecap, $context) && has_capability('tool/lp:coursecompetencygradable', $context, $userid)) {
+                // We must be able to grade, and the user must be 'gradable'.
+                return true;
+            }
+        }
+
+        return false;
+    }
+
     /**
      * Can the current user read the comments on a user's competency?
      *
@@ -492,6 +519,33 @@ public static function can_review_user($userid, $competencyid) {
         return false;
     }
 
+    /**
+     * Can the current user suggest a grade for a user's user competency?
+     *
+     * This follows the same philosophy as {@link self::can_read_user()}.
+     *
+     * @param int $userid The user ID the competency belongs to.
+     * @param int $competencyid The competency ID.
+     * @return bool
+     */
+    public static function can_suggest_grade_user($userid, $competencyid) {
+        $suggestcap = 'tool/lp:competencysuggestgrade';
+        if (has_capability($suggestcap, context_user::instance($userid))) {
+            return true;
+        }
+
+        $courses = course_competency::get_courses_with_competency_and_user($competencyid, $userid);
+        foreach ($courses as $course) {
+            $context = context_course::instance($course->id);
+            if (has_capability($suggestcap, $context) && has_capability('tool/lp:coursecompetencygradable', $context, $userid)) {
+                // We must be able to suggest a grade, and the user must be 'gradable'.
+                return true;
+            }
+        }
+
+        return false;
+    }
+
     /**
      * Create a new user_competency object.
      *