Permalink
Browse files

Clean up of forum_user_can_view_post()

  • Loading branch information...
moodler
moodler committed Apr 7, 2006
1 parent 794bdef commit c781c781fbd4d16d6fbe90a71715991dda89a2b0
Showing with 16 additions and 31 deletions.
  1. +2 −3 mod/forum/discuss.php
  2. +14 −28 mod/forum/lib.php
View
@@ -95,9 +95,8 @@
$navtail = format_string($discussion->name);
}
//check if user can view this post
if (!forum_user_can_view_post($parent,$course)){
error('You do not have permissions to view this post');
if (!forum_user_can_view_post($parent, $course, $cm, $forum, $discussion)) {
error('You do not have permissions to view this post', "$CFG->wwwroot/mod/forum/view.php?f=$forum->id");
}
if (! $post = forum_get_post_full($parent)) {
View
@@ -2555,51 +2555,37 @@ function forum_user_can_post($forum, $user=NULL) {
}
//checks to see if a user can view a particular post
function forum_user_can_view_post($post, $course, $user=NULL){
function forum_user_can_view_post($post, $course, $cm, $forum, $discussion, $user=NULL){
global $CFG, $USER;
if (!$user){
$user = $USER;
}
$SQL = 'SELECT f.id, f.type, fd.course, fd.groupid FROM '.
$CFG->prefix.'forum_posts fp, '.
$CFG->prefix.'forum_discussions fd, '.
$CFG->prefix.'forum f
WHERE fp.id = '.$post.'
AND fp.discussion = fd.id
AND fd.forum = f.id';
$forumcourse = get_record_sql($SQL);
if (isteacheredit($forumcourse->course)){
return true; //if is editting teacher, you can see all post for this course
if (isteacheredit($course->id)) {
return true;
}
if ($forumcourse->type == 'teacher'){ //teacher type forum
return isteacher($forumcourse->course);
if ($forum->type == 'teacher'){ //teacher type forum
return isteacher($course->id);
}
//first of all, the user must be in this course
if (!(isstudent($forumcourse->course) or
isteacher($forumcourse->course) or
/// Make sure the user is allowed in the course
if (!(isstudent($course->id) or
isteacher($course->id) or
($course->id == SITEID && !$CFG->forcelogin) or
(isguest() && $course->guest) )){
return false;
}
if (! $cm = get_coursemodule_from_instance('forum', $forumcourse->id, $forumcourse->course)) {
return false;
}
//if a group is specified, and the forum is in SPG mode
if (($forumcourse->groupid != -1) and ($cm->groupmode == SEPARATEGROUPS)){
//check membership
return ismember($forumcourse->groupid);
}
else { //if visiblegorups or no groups,
return true;
/// If it's a grouped discussion, make sure the user is a member
if ($discussion->groupid > 0) {
if ($cm->groupmode == SEPARATEGROUPS) {
return ismember($discussion->groupid);
}
}
return true;
}
/**

0 comments on commit c781c78

Please sign in to comment.