Browse files

Take out debugging & merge branch 'w05_MDL-26198_20_completion' of gi…

…t://github.com/skodak/moodle
  • Loading branch information...
2 parents 45289c3 + 9cedb80 commit e030faee3ea8925004fe37a8c79f5f5f85322eb9 @stronk7 stronk7 committed Jan 31, 2011
Showing with 34 additions and 13 deletions.
  1. +1 −1 course/report/completion/index.php
  2. +15 −9 course/togglecompletion.php
  3. +18 −3 lib/accesslib.php
View
2 course/report/completion/index.php
@@ -632,7 +632,7 @@ function csv_quote($value) {
$describe = get_string('completion-alt-auto-'.$completiontype,'completion');
print '<td class="completion-progresscell">'.
- '<a href="'.$CFG->wwwroot.'/course/togglecompletion.php?user='.$user->id.'&course='.$course->id.'&rolec='.$allow_marking_criteria.'">'.
+ '<a href="'.$CFG->wwwroot.'/course/togglecompletion.php?user='.$user->id.'&amp;course='.$course->id.'&amp;rolec='.$allow_marking_criteria.'&amp;sesskey='.sesskey().'">'.
'<img src="'.$OUTPUT->pix_url('i/completion-manual-'.($is_complete ? 'y' : 'n')).
'" alt="'.$describe.'" class="icon" title="Mark as complete" /></a></td>'; //TODO: localize
} else {
View
24 course/togglecompletion.php
@@ -38,9 +38,10 @@
// Process self completion
if ($courseid) {
$PAGE->set_url(new moodle_url('/course/togglecompletion.php', array('course'=>$courseid)));
-
+
// Check user is logged in
$course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST);
+ $context = get_context_instance(CONTEXT_COURSE, $course->id);
require_login($course);
$completion = new completion_info($course);
@@ -50,14 +51,19 @@
$rolec = optional_param('rolec', 0, PARAM_INT);
if ($user && $rolec) {
+ require_sesskey();
+
+ completion_criteria::factory((object) array('id'=>$rolec, 'criteriatype'=>COMPLETION_CRITERIA_TYPE_ROLE)); //TODO: this is dumb, because it does not fetch the data?!?!
+ $criteria = completion_criteria_role::fetch(array('id'=>$rolec));
- $criteria = completion_criteria::factory((object) array('id'=>$rolec, 'criteriatype'=>COMPLETION_CRITERIA_TYPE_ROLE));
- $criteria_completions = $completion->get_completions($user, COMPLETION_CRITERIA_TYPE_ROLE);
+ if ($criteria and user_has_role_assignment($USER->id, $criteria->role, $context->id)) {
+ $criteria_completions = $completion->get_completions($user, COMPLETION_CRITERIA_TYPE_ROLE);
- foreach ($criteria_completions as $criteria_completion) {
- if ($criteria_completion->criteriaid == $rolec) {
- $criteria->complete($criteria_completion);
- break;
+ foreach ($criteria_completions as $criteria_completion) {
+ if ($criteria_completion->criteriaid == $rolec) {
+ $criteria->complete($criteria_completion);
+ break;
+ }
}
}
@@ -71,7 +77,7 @@
} else {
// Confirm with user
- if ($confirm) {
+ if ($confirm and confirm_sesskey()) {
$completion = $completion->get_completion($USER->id, COMPLETION_CRITERIA_TYPE_SELF);
if (!$completion) {
@@ -94,7 +100,7 @@
$PAGE->set_heading($course->fullname);
$PAGE->navbar->add($strconfirm);
echo $OUTPUT->header();
- $buttoncontinue = new single_button(new moodle_url('/course/togglecompletion.php', array('course'=>$courseid, 'confirm'=>1)), get_string('yes'), 'post');
+ $buttoncontinue = new single_button(new moodle_url('/course/togglecompletion.php', array('course'=>$courseid, 'confirm'=>1, 'sesskey'=>sesskey())), get_string('yes'), 'post');
$buttoncancel = new single_button(new moodle_url('/course/view.php', array('id'=>$courseid)), get_string('no'), 'get');
echo $OUTPUT->confirm($strconfirm, $buttoncontinue, $buttoncancel);
echo $OUTPUT->footer();
View
21 lib/accesslib.php
@@ -5518,18 +5518,33 @@ function get_users_from_role_on_context($role, $context) {
}
/**
- * Simple function returning a boolean true if roles exist, otherwise false
+ * Simple function returning a boolean true if user has roles
+ * in context or parent contexts, otherwise false.
*
* @param int $userid
* @param int $roleid
- * @param int $contextid
+ * @param int $contextid empty means any context
* @return bool
*/
function user_has_role_assignment($userid, $roleid, $contextid = 0) {
global $DB;
if ($contextid) {
- return $DB->record_exists('role_assignments', array('userid'=>$userid, 'roleid'=>$roleid, 'contextid'=>$contextid));
+ if (!$context = get_context_instance_by_id($contextid)) {
+ return false;
+ }
+ $parents = get_parent_contexts($context, true);
+ list($contexts, $params) = $DB->get_in_or_equal($parents, SQL_PARAMS_NAMED, 'r0000');
+ $params['userid'] = $userid;
+ $params['roleid'] = $roleid;
+
+ $sql = "SELECT COUNT(ra.id)
+ FROM {role_assignments} ra
+ WHERE ra.userid = :userid AND ra.roleid = :roleid AND ra.contextid $contexts";
+
+ $count = $DB->get_field_sql($sql, $params);
+ return ($count > 0);
+
} else {
return $DB->record_exists('role_assignments', array('userid'=>$userid, 'roleid'=>$roleid));
}

0 comments on commit e030fae

Please sign in to comment.