From: diml Date: Sun, 4 Nov 2007 22:29:54 +0000 (+0000) Subject: Code review and uniformization X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=16a34ccad00927b98acd169ebf6a51aab1bc4a01;p=moodle.git Code review and uniformization Small fixes on forum, chat and techproject New lesson_document handler for lesson pages. --- diff --git a/search/documents/chat_document.php b/search/documents/chat_document.php index 6492c2c895..c4db95cee7 100644 --- a/search/documents/chat_document.php +++ b/search/documents/chat_document.php @@ -9,6 +9,10 @@ * * Functions for iterating and retrieving the necessary records are now also included * in this file, rather than mod/chat/lib.php +* +* @license http://www.gnu.org/copyleft/gpl.html GNU Public License +* @package search +* @version 2007110400 **/ require_once("$CFG->dirroot/search/documents/document.php"); @@ -155,21 +159,24 @@ function chat_get_content_for_index(&$chat) { $documents = array(); $course = get_record('course', 'id', $chat->course); $coursemodule = get_field('modules', 'id', 'name', 'chat'); - $cm = get_record('course_modules', 'course', $course->id, 'module', $coursemodule, 'instance', $chat->id); - $context = get_context_instance(CONTEXT_MODULE, $cm->id); - - // getting records for indexing - $sessionTracks = chat_get_session_tracks($chat->id); - if ($sessionTracks){ - foreach($sessionTracks as $aTrackId => $aTrack) { - foreach($aTrack->sessionusers as $aUserId){ - $user = get_record('user', 'id', $aUserId); - $aTrack->authors = ($user) ? $user->firstname.' '.$user->lastname : '' ; - $documents[] = new ChatTrackSearchDocument(get_object_vars($aTrack), $cm->id, $chat->course, $aTrack->groupid, $context->id); + $cm = get_record('course_modules', 'course', $chat->course, 'module', $coursemodule, 'instance', $chat->id); + if ($cm){ + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + + // getting records for indexing + $sessionTracks = chat_get_session_tracks($chat->id); + if ($sessionTracks){ + foreach($sessionTracks as $aTrackId => $aTrack) { + foreach($aTrack->sessionusers as $aUserId){ + $user = get_record('user', 'id', $aUserId); + $aTrack->authors = ($user) ? $user->firstname.' '.$user->lastname : '' ; + $documents[] = new ChatTrackSearchDocument(get_object_vars($aTrack), $cm->id, $chat->course, $aTrack->groupid, $context->id); + } } } + return $documents; } - return $documents; + return array(); } //chat_get_content_for_index /** @@ -187,14 +194,18 @@ function chat_single_document($id, $itemtype) { $course = get_record('course', 'id', $chat->course); $coursemodule = get_field('modules', 'id', 'name', 'chat'); $cm = get_record('course_modules', 'course', $course->id, 'module', $coursemodule, 'instance', $chat->id); - $context = get_context_instance(CONTEXT_MODULE, $cm->id); - - // should be only one - $tracks = chat_get_session_tracks($chat->id, $sessionstart, $sessionstart); - if ($tracks){ - $aTrack = $tracks[0]; - $documents[] = new ChatTrackSearchDocument(get_object_vars($aTrack), $cm->id, $chat->course, $aTrack->groupid, $context->id); + if ($cm){ + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + + // should be only one + $tracks = chat_get_session_tracks($chat->id, $sessionstart, $sessionstart); + if ($tracks){ + $aTrack = $tracks[0]; + $document = new ChatTrackSearchDocument(get_object_vars($aTrack), $cm->id, $chat->course, $aTrack->groupid, $context->id); + } + return $document; } + return null; } //chat_single_document /** @@ -241,20 +252,32 @@ function chat_check_text_access($path, $itemtype, $this_id, $user, $group_id, $c // get the chat session and all related stuff $chat = get_record('chat', 'id', $chat_id); - $course = get_record('course', 'id', $chat->course); - $module_context = get_record('context', 'id', $context_id); - $cm = get_record('course_modules', 'id', $module_context->instanceid); - if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $module_context)) return false; + $context = get_record('context', 'id', $context_id); + $cm = get_record('course_modules', 'id', $context->instanceid); + // $cm = get_coursemodule_from_instance('chat', $chat->id, $chat->course); + // $context = get_context_instance(CONTEXT_MODULE, $cm->id); + + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : hidden chat "; + return false; + } //group consistency check : checks the following situations about groups // trap if user is not same group and groups are separated $current_group = get_current_group($course->id); - if ((groupmode($course) == SEPARATEGROUPS) && !groups_is_member($group_id) && !has_capability('moodle/site:accessallgroups', $module_context)) return false; + $course = get_record('course', 'id', $chat->course); + if ((groupmode($course, $cm) == SEPARATEGROUPS) && !ismember($group_id) && !has_capability('moodle/site:accessallgroups', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : chat element is in separated group "; + return false; + } //ownership check : checks the following situations about user // trap if user is not owner and has cannot see other's entries // TODO : typically may be stored into indexing cache - if (!has_capability('mod/chat:readlog', $module_context)) return false; + if (!has_capability('mod/chat:readlog', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : cannot read past sessions "; + return false; + } return true; } //chat_check_text_access diff --git a/search/documents/data_document.php b/search/documents/data_document.php index b513d616b1..63f3c23bc9 100644 --- a/search/documents/data_document.php +++ b/search/documents/data_document.php @@ -9,6 +9,10 @@ * * Functions for iterating and retrieving the necessary records are now also included * in this file, rather than mod/data/lib.php +* +* @license http://www.gnu.org/copyleft/gpl.html GNU Public License +* @package search +* @version 2007110400 **/ require_once("$CFG->dirroot/search/documents/document.php"); @@ -328,42 +332,66 @@ function data_check_text_access($path, $itemtype, $this_id, $user, $group_id, $c return false; } $data = get_record('data', 'id', $record->dataid); - $course = get_record('course', 'id', $data->course); - $module_context = get_record('context', 'id', $context_id); - $cm = get_record('course_modules', 'id', $module_context->instanceid); - if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $module_context)) return false; + $context = get_record('context', 'id', $context_id); + $cm = get_record('course_modules', 'id', $context->instanceid); + // $cm = get_coursemodule_from_instance('data', $data->id, $data->course); + // $context = get_context_instance(CONTEXT_MODULE, $cm->id); + + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)) { + if (!empty($CFG->search_access_debug)) echo "search reject : hidden database "; + return false; + } //group consistency check : checks the following situations about groups // trap if user is not same group and groups are separated $current_group = get_current_group($course->id); - if ((groupmode($course) == SEPARATEGROUPS) && !groups_is_member($group_id) && !has_capability('moodle/site:accessallgroups', $module_context)) return false; + $course = get_record('course', 'id', $data->course); + if ((groupmode($course, $cm) == SEPARATEGROUPS) && !ismember($group_id) && !has_capability('moodle/site:accessallgroups', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : separated group owned resource "; + return false; + } //ownership check : checks the following situations about user // trap if user is not owner and has cannot see other's entries if ($itemtype == 'record'){ - if ($user->id != $record->userid && !has_capability('mod/data:viewentry', $module_context) && !has_capability('mod/data:manageentries', $module_context)) return false; + if ($user->id != $record->userid && !has_capability('mod/data:viewentry', $context) && !has_capability('mod/data:manageentries', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : not owned resource "; + return false; + } } //approval check // trap if unapproved and has not approval capabilities // TODO : report a potential capability lack of : mod/data:approve $approval = get_field('data_records', 'approved', 'id', $record->id); - if (!$approval && !isteacher($data->course) && !has_capability('mod/data:manageentries', $module_context)) return false; + if (!$approval && !isteacher($data->course) && !has_capability('mod/data:manageentries', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : unapproved resource "; + return false; + } //minimum records to view check // trap if too few records // TODO : report a potential capability lack of : mod/data:viewhiddenentries $recordsAmount = count_records('data_records', 'dataid', $data->id); - if ($data->requiredentriestoview > $recordsAmount && !isteacher($data->course) && !has_capability('mod/data:manageentries', $module_context)) return false; + if ($data->requiredentriestoview > $recordsAmount && !isteacher($data->course) && !has_capability('mod/data:manageentries', $context)) { + if (!empty($CFG->search_access_debug)) echo "search reject : not enough records to view "; + return false; + } //opening periods check // trap if user has not capability to see hidden records and date is out of opening range // TODO : report a potential capability lack of : mod/data:viewhiddenentries $now = usertime(time()); if ($data->timeviewfrom > 0) - if ($now < $data->timeviewfrom && !isteacher($data->course) && !has_capability('mod/data:manageentries', $module_context)) return false; + if ($now < $data->timeviewfrom && !isteacher($data->course) && !has_capability('mod/data:manageentries', $context)) { + if (!empty($CFG->search_access_debug)) echo "search reject : still not open activity "; + return false; + } if ($data->timeviewto > 0) - if ($now > $data->timeviewto && !isteacher($data->course) && !has_capability('mod/data:manageentries', $module_context)) return false; + if ($now > $data->timeviewto && !isteacher($data->course) && !has_capability('mod/data:manageentries', $context)) { + if (!empty($CFG->search_access_debug)) echo "search reject : closed activity "; + return false; + } return true; } // data_check_text_access diff --git a/search/documents/forum_document.php b/search/documents/forum_document.php index b72b2c4502..b8d7755388 100644 --- a/search/documents/forum_document.php +++ b/search/documents/forum_document.php @@ -10,6 +10,10 @@ * * Functions for iterating and retrieving the necessary records are now also included * in this file, rather than mod/forum/lib.php +* +* @license http://www.gnu.org/copyleft/gpl.html GNU Public License +* @package search +* @version 2007110400 **/ /* see wiki_document.php for descriptions */ @@ -34,7 +38,9 @@ class ForumSearchDocument extends SearchDocument { $doc->contextid = $context_id; $doc->title = $post['subject']; - $doc->author = $post['firstname']." ".$post['lastname']; + + $user = get_record('user', 'id', $post['userid']); + $doc->author = fullname($user); $doc->contents = $post['message']; $doc->date = $post['created']; $doc->url = forum_make_link($post['discussion'], $post['id']); @@ -95,7 +101,7 @@ function forum_get_content_for_index(&$forum) { foreach($children as $aChild) { $aChild->itemtype = 'post'; if (strlen($aChild->message) > 0) { - $documents[] = new ForumSearchDocument(get_object_vars($child), $forum->id, $forum->course, 'post', $context->id); + $documents[] = new ForumSearchDocument(get_object_vars($aChild), $forum->id, $forum->course, 'post', $context->id); } } } @@ -116,8 +122,12 @@ function forum_single_document($id, $itemtype) { $discussion = get_record('forum_discussions', 'id', $post->discussion); $coursemodule = get_field('modules', 'id', 'name', 'forum'); $cm = get_record('course_modules', 'course', $discussion->course, 'module', $coursemodule, 'instance', $discussion->forum); - $context = get_context_instance(CONTEXT_MODULE, $cm->id); - return new ForumSearchDocument(get_object_vars($post), $discussion->forum, $discussion->course, $itemtype, $context->id); + if ($cm){ + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + $post->groupid = $discussion->groupid; + return new ForumSearchDocument(get_object_vars($post), $discussion->forum, $discussion->course, $itemtype, $context->id); + } + return null; } //forum_single_document /** @@ -211,12 +221,17 @@ function forum_get_child_posts_fast($parent, $forum_id) { p.message, p.created, {$forum_id} AS forum, - p.userid, + p.userid, + d.groupid, u.firstname, u.lastname FROM - {$CFG->prefix}forum_posts p - LEFT JOIN + {$CFG->prefix}forum_discussions d + JOIN + {$CFG->prefix}forum_posts p + ON + p.discussion = d.id + JOIN {$CFG->prefix}user u ON p.userid = u.id @@ -243,27 +258,38 @@ function forum_get_child_posts_fast($parent, $forum_id) { * @param group_id the current group used by the user when searching * @return true if access is allowed, false elsewhere */ -function forum_check_text_access($path, $itemtype, $this_id, $user, $group_id){ - global $CFG; +function forum_check_text_access($path, $itemtype, $this_id, $user, $group_id, $context_id){ + global $CFG, $USER; include_once("{$CFG->dirroot}/{$path}/lib.php"); - // get the glossary object and all related stuff + // get the forum post and all related stuff $post = get_record('forum_posts', 'id', $this_id); $discussion = get_record('forum_discussions', 'id', $post->discussion); - $course = get_record('course', 'id', $discussion->course); - $cm = get_coursemodule_from_instance('forum', $discussion->forum, $course->id); - $context_module = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context_module)) return false; + $context = get_record('context', 'id', $context_id); + $cm = get_record('course_modules', 'id', $context->instanceid); + // $cm = get_coursemodule_from_instance('forum', $discussion->forum, $discussion->course); + // $context = get_context_instance(CONTEXT_MODULE, $cm->id); + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : hidden forum resource "; + return false; + } // approval check : entries should be approved for being viewed, or belongs to the user - if (!$post->mailed && !has_capability('mod/forum:viewhiddentimeposts', $context_module)) return false; + if (($post->userid != $USER->id) && !$post->mailed && !has_capability('mod/forum:viewhiddentimeposts', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : time hidden forum item"; + return false; + } // group check : entries should be in accessible groups - $current_group = get_current_group($course->id); - if ((groupmode($course, $cm) == SEPARATEGROUPS) && ($group_id != $current_group) && !has_capability('mod/forum:viewdiscussionsfromallgroups', $context_module)) return false; + $current_group = get_current_group($discussion->course); + $course = get_record('course', 'id', $discussion->course); + if ($group_id >= 0 && (groupmode($course, $cm) == SEPARATEGROUPS) && ($group_id != $current_group) && !has_capability('mod/forum:viewdiscussionsfromallgroups', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : separated grouped forum item"; + return false; + } return true; } //forum_check_text_access -?> +?> \ No newline at end of file diff --git a/search/documents/glossary_document.php b/search/documents/glossary_document.php index cc632c80af..b275baabd1 100644 --- a/search/documents/glossary_document.php +++ b/search/documents/glossary_document.php @@ -10,6 +10,10 @@ * * Functions for iterating and retrieving the necessary records are now also included * in this file, rather than mod/glossary/lib.php +* +* @license http://www.gnu.org/copyleft/gpl.html GNU Public License +* @package search +* @version 2007110400 **/ require_once("$CFG->dirroot/search/documents/document.php"); @@ -207,12 +211,13 @@ function glossary_db_names() { * - user is legitimate in the surrounding context * - user may be guest and guest access is allowed to the module * - the function may perform local checks within the module information logic -* @param path the access path to the module script code -* @param itemtype the information subclassing (usefull for complex modules, defaults to 'standard') -* @param this_id the item id within the information class denoted by itemtype. In glossaries, this id +* @param string $path the access path to the module script code +* @param string $itemtype the information subclassing (usefull for complex modules, defaults to 'standard') +* @param int $this_id the item id within the information class denoted by itemtype. In glossaries, this id * points out the indexed glossary item. -* @param user the user record denoting the user who searches -* @param group_id the current group used by the user when searching +* @param object $user the user record denoting the user who searches +* @param int $group_id the current group used by the user when searching +* @param int $context_id the current group used by the user when searching * @return true if access is allowed, false elsewhere */ function glossary_check_text_access($path, $itemtype, $this_id, $user, $group_id, $context_id){ @@ -221,13 +226,19 @@ function glossary_check_text_access($path, $itemtype, $this_id, $user, $group_id // get the glossary object and all related stuff $entry = get_record('glossary_entries', 'id', $id); $glossary = get_record('glossary', 'id', $entry->glossaryid); - $course = get_record('course', 'id', $glossary->course); - $module_context = get_record('context', 'id', $context_id); - $cm = get_record('course_modules', 'id', $module_context->instanceid); - if (!$cm->visible && !has_capability('moodle/course:viewhiddenactivities', $module_context)) return false; + $context = get_record('context', 'id', $context_id); + $cm = get_record('course_modules', 'id', $context->instanceid); + // $cm = get_coursemodule_from_instance('glossary', $glossary->id, $glossary->course); + // $context = get_context_instance(CONTEXT_MODULE, $cm->id); + + if (!$cm->visible && !has_capability('moodle/course:viewhiddenactivities', $context)) { + return false; + } //approval check : entries should be approved for being viewed, or belongs to the user unless the viewer can approve them or manage them - if (!$entry->approved && $user != $entry->userid && !has_capability('mod/glossary:approve', $module_context) && !has_capability('mod/glossary:manageentries', $module_context)) return false; + if (!$entry->approved && $user != $entry->userid && !has_capability('mod/glossary:approve', $context) && !has_capability('mod/glossary:manageentries', $context)) { + return false; + } return true; } //glossary_check_text_access diff --git a/search/documents/lesson_document.php b/search/documents/lesson_document.php new file mode 100644 index 0000000000..b2e176a07f --- /dev/null +++ b/search/documents/lesson_document.php @@ -0,0 +1,205 @@ +dirroot/search/documents/document.php"); +require_once("$CFG->dirroot/mod/lesson/lib.php"); + +/* +* a class for representing searchable information +* +**/ +class LessonPageSearchDocument extends SearchDocument { + + /** + * constructor + * + */ + public function __construct(&$page, $lessonmodule_id, $course_id, $itemtype, $context_id) { + // generic information + $doc->docid = $page['id']; + $doc->documenttype = SEARCH_TYPE_LESSON; + $doc->itemtype = $itemtype; + $doc->contextid = $context_id; + + $doc->title = $page['title']; + + $doc->author = ''; + $doc->contents = $page['contents']; + $doc->date = $page['timecreated']; + $doc->url = lesson_make_link($lessonmodule_id, $page['id'], $itemtype); + + // module specific information + $data->lesson = $page['lessonid']; + + parent::__construct($doc, $data, $course_id, 0, 0, PATH_FOR_SEARCH_TYPE_LESSON); + } //constructor +} //LessonPageSearchDocument + +/** +* constructs a valid link to a chat content +* @param int $lessonid the lesson module +* @param int $itemid the id of a single page +* @return a well formed link to lesson page +*/ +function lesson_make_link($lessonmoduleid, $itemid, $itemtype) { + global $CFG; + + if ($itemtype == 'page'){ + return "{$CFG->wwwroot}/mod/lesson/view.php?id={$lessonmoduleid}&pageid={$itemid}"; + } + return $CFG->wwwroot.'/mod/lesson/view.php?id='.$lessonmoduleid; +} //lesson_make_link + +/** +* search standard API +* +*/ +function lesson_iterator() { + $lessons = get_records('lesson'); + return $lessons; +} //lesson_iterator + +/** +* search standard API +* @param object $lesson a lesson instance (by ref) +* @return an array of searchable documents +*/ +function lesson_get_content_for_index(&$lesson) { + + $documents = array(); + if (!$lesson) return $documents; + + $pages = get_records('lesson_pages', 'lessonid', $lesson->id); + if ($pages){ + $coursemodule = get_field('modules', 'id', 'name', 'lesson'); + $cm = get_record('course_modules', 'course', $lesson->course, 'module', $coursemodule, 'instance', $lesson->id); + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + foreach($pages as $aPage){ + $documents[] = new LessonPageSearchDocument(get_object_vars($aPage), $cm->id, $lesson->course, 'page', $context->id); + } + } + + return $documents; +} //lesson_get_content_for_index + +/** +* returns a single lesson search document based on a lesson page id +* @param int $id an id for a single information item +* @param string $itemtype the type of information +*/ +function lesson_single_document($id, $itemtype) { + + // only page is known yet + $page = get_record('lesson_pages', 'id', $id); + $lesson = get_record('lesson', 'id', $page->lessonid); + $coursemodule = get_field('modules', 'id', 'name', 'lesson'); + $cm = get_record('course_modules', 'course', $lesson->course, 'module', $coursemodule, 'instance', $page->lessonid); + if ($cm){ + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + $lesson->groupid = 0; + return new LessonPageSearchDocument(get_object_vars($page), $cm->id, $lesson->course, $itemtype, $context->id); + } + return null; +} //lesson_single_document + +/** +* dummy delete function that aggregates id with itemtype. +* this was here for a reason, but I can't remember it at the moment. +* +*/ +function lesson_delete($info, $itemtype) { + $object->id = $info; + $object->itemtype = $itemtype; + return $object; +} //lesson_delete + +/** +* returns the var names needed to build a sql query for addition/deletions +* +*/ +function lesson_db_names() { + //[primary id], [table name], [time created field name], [time modified field name] [itemtype] [select for getting itemtype] + return array( + array('id', 'lesson_pages', 'timecreated', 'timemodified', 'page', ''), + ); +} //lesson_db_names + +/** +* this function handles the access policy to contents indexed as searchable documents. If this +* function does not exist, the search engine assumes access is allowed. +* When this point is reached, we already know that : +* - user is legitimate in the surrounding context +* - user may be guest and guest access is allowed to the module +* - the function may perform local checks within the module information logic +* @param string $path the access path to the module script code +* @param string $itemtype the information subclassing (usefull for complex modules, defaults to 'standard') +* @param int $this_id the item id within the information class denoted by itemtype. In lessons, this id +* points out the individual page. +* @param object $user the user record denoting the user who searches +* @param int $group_id the current group used by the user when searching +* @param int $context_id the id of the context used when indexing +* @uses CFG, USER +* @return true if access is allowed, false elsewhere +*/ +function lesson_check_text_access($path, $itemtype, $this_id, $user, $group_id, $context_id){ + global $CFG, $USER; + + include_once("{$CFG->dirroot}/{$path}/lib.php"); + + // get the lesson page + $page = get_record('lesson_pages', 'id', $this_id); + $lesson = get_record('lesson', 'id', $page->lessonid); + $context = get_record('context', 'id', $context_id); + $cm = get_record('course_modules', 'id', $context->instanceid); + // $lesson = get_record('lesson', 'id', $page->lessonid); + // $cm = get_coursemodule_from_instance('lesson', $page->lessonid, $lesson->course); + // $context = get_context_instance(CONTEXT_MODULE, $cm->id); + + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : hidden lesson "; + return false; + } + + $lessonsuperuser = has_capability('mod/lesson:edit', $context) or has_capability('mod/lesson:manage', $context); + // approval check : entries should be approved for being viewed, or belongs to the user + if (time() < $lesson->available && !$lessonsuperuser ){ + if (!empty($CFG->search_access_debug)) echo "search reject : lesson is not available "; + return false; + } + + if ($lesson->usepassword){ + if (!empty($CFG->search_access_debug)) echo "search reject : password required, cannot output in searches "; + return false; + } + + // the user have it seen yet ? did he tried one time at least + $attempt = get_record('lesson_attempts', 'lessonid', $lesson->id, 'pageid', $page->id, 'userid', $USER->id); + if (!$attempt && !$lessonsuperuser){ + if (!empty($CFG->search_access_debug)) echo "search reject : never tried this lesson "; + return false; + } + + if ($attempt && !$attempt->correct && !$lessonsuperuser && !$lesson->retake){ + if (!empty($CFG->search_access_debug)) echo "search reject : one try only, still not good "; + return false; + } + + return true; +} //lesson_check_text_access +?> \ No newline at end of file diff --git a/search/documents/resource_document.php b/search/documents/resource_document.php index 40c2752c68..fe2ca3bce9 100644 --- a/search/documents/resource_document.php +++ b/search/documents/resource_document.php @@ -10,6 +10,10 @@ * * Functions for iterating and retrieving the necessary records are now also included * in this file, rather than mod/resource/lib.php +* +* @license http://www.gnu.org/copyleft/gpl.html GNU Public License +* @package search +* @version 2007110400 **/ require_once("$CFG->dirroot/search/documents/document.php"); @@ -92,10 +96,12 @@ function resource_get_content_for_index(&$notneeded) { foreach($resources as $aResource){ $coursemodule = get_field('modules', 'id', 'name', 'resource'); $cm = get_record('course_modules', 'course', $aResource->course, 'module', $coursemodule, 'instance', $aResource->id); - $context = get_context_instance(CONTEXT_MODULE, $cm->id); - $aResource->id = $cm->id; - $documents[] = new ResourceSearchDocument(get_object_vars($aResource), $context->id); - mtrace("finished $aResource->name"); + if ($cm){ + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + $aResource->id = $cm->id; + $documents[] = new ResourceSearchDocument(get_object_vars($aResource), $context->id); + mtrace("finished $aResource->name"); + } } // special physical files handling @@ -294,11 +300,14 @@ function resource_check_text_access($path, $itemtype, $this_id, $user, $group_id include_once("{$CFG->dirroot}/{$path}/lib.php"); $r = get_record('resource', 'id', $this_id); - $module_context = get_record('context', 'id', $context_id); - $cm = get_record('course_modules', 'id', $module_context->instanceid); + $context = get_record('context', 'id', $context_id); + $cm = get_record('course_modules', 'id', $context->instanceid); + // $cm = get_coursemodule_from_instance('resource', $r->id, $r->course); + // $context = get_context_instance(CONTEXT_MODULE, $cm->id); //check if found course module is visible - if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $module_context)){ + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)){ + if (!empty($CFG->search_access_debug)) echo "search reject : hidden resource "; return false; } diff --git a/search/documents/techproject_document.php b/search/documents/techproject_document.php index ad12228d67..529c948a62 100644 --- a/search/documents/techproject_document.php +++ b/search/documents/techproject_document.php @@ -5,6 +5,10 @@ * 2007/08/02 * * document handling for techproject activity module +* +* @license http://www.gnu.org/copyleft/gpl.html GNU Public License +* @package search +* @version 2007110400 */ /* see wiki_document.php for descriptions */ @@ -83,6 +87,7 @@ function techproject_get_content_for_index(&$techproject) { foreach($entries as $anEntry) { if ($anEntry) { if (strlen($anEntry->description) > 0) { + $anEntry->author = ''; $documents[] = new TechprojectEntrySearchDocument(get_object_vars($anEntry), $techproject->course, $context->id); } } @@ -93,7 +98,7 @@ function techproject_get_content_for_index(&$techproject) { if (strlen($aTask->description) > 0) { if ($aTask->assignee){ $user = get_record('user', 'id', $aTask->assignee); - $aTask->author = $user->firstname.' '.$user->lastname; + $aTask->author = fullname($user); } $documents[] = new TechprojectEntrySearchDocument(get_object_vars($aTask), $techproject->course, $context->id); } @@ -136,10 +141,14 @@ function techproject_single_document($id, $itemtype) { $techprojet_course = get_field('techproject', 'course', 'id', $entry->projectid); $coursemodule = get_field('modules', 'id', 'name', 'techproject'); $cm = get_record('course_modules', 'course', $techproject_course, 'module', $coursemodule, 'instance', $entry->projectid); - $context = get_context_instance(CONTEXT_MODULE, $cm->id); - $entry->type = $itemtype; - $techproject = get_record('techproject', 'id', $requirement->projectid); - return new TechprojectEntrySearchDocument(get_object_vars($anEntry), $techproject->course, $context->id); + if ($cm){ + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + $entry->type = $itemtype; + $techproject = get_record('techproject', 'id', $requirement->projectid); + return new TechprojectEntrySearchDocument(get_object_vars($anEntry), $techproject->course, $context->id); + } + return null; + } //techproject_single_document /** @@ -250,27 +259,42 @@ function techproject_check_text_access($path, $entry_type, $this_id, $user, $gro // get the techproject object and all related stuff $techproject = get_record('techproject', 'id', $this_id); - $course = get_record('course', 'id', $techproject->course); - $module_context = get_record('context', 'id', $context_id); - $cm = get_record('course_modules', 'id', $module_context->instanceid); - if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $module_context)) return false; + $context = get_record('context', 'id', $context_id); + $cm = get_record('course_modules', 'id', $context->instanceid); + // $cm = get_coursemodule_from_instance('techproject', $techproject->id, $techproject->course); + // $context = get_record('context', 'id', $cm->id); + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)) return false; //group consistency check : checks the following situations about groups // if user is guest check access capabilities for guests : // guests can see default project, and other records if groups are liberal // TODO : change guestsallowed in a capability + $course = get_record('course', 'id', $techproject->course); if (isguest() && $techproject->guestsallowed){ - if ($group_id && groupmode($course, $cm) == SEPARATEGROUPS) + if ($group_id && groupmode($course, $cm) == SEPARATEGROUPS){ + if (!empty($CFG->search_access_debug)) echo "search reject : no group access for guests "; return false; + } return true; } // trap if user is not same group and groups are separated $current_group = get_current_group($course->id); - if ((groupmode($course) == SEPARATEGROUPS) && $group_id != $current_group && $group_id) return false; + if ((groupmode($course, $cm) == SEPARATEGROUPS) && $group_id != $current_group && $group_id) { + if (!empty($CFG->search_access_debug)) echo "search reject : resource not in my group when separated "; + return false; + } //trap if ungroupedsees is off in strict access mode and user is not teacher - if ((groupmode($course) == SEPARATEGROUPS) && !$techproject->ungroupedsees && !$group_id && isteacher($user->id)) return false; + if ((groupmode($course, $cm) == SEPARATEGROUPS) && !$techproject->ungroupedsees && !$group_id && isteacher($user->id)){ + if (!empty($CFG->search_access_debug)) echo "search reject : ungrouped cannot see anything here, unless teacher "; + return false; + } + + //opening periods check + // trap if user has not capability to see hidden records and date is out of opening range + // TODO : find a strategy + $now = usertime(time()); return true; } //techproject_check_text_access diff --git a/search/documents/wiki_document.php b/search/documents/wiki_document.php index 3e743f6908..f198a3fec7 100644 --- a/search/documents/wiki_document.php +++ b/search/documents/wiki_document.php @@ -11,6 +11,10 @@ * * Functions for iterating and retrieving the necessary records are now also included * in this file, rather than mod/wiki/lib.php +* +* @license http://www.gnu.org/copyleft/gpl.html GNU Public License +* @package search +* @version 2007110400 **/ require_once("$CFG->dirroot/search/documents/document.php"); @@ -157,24 +161,26 @@ function wiki_get_content_for_index(&$wiki) { $documents = array(); $entries = wiki_get_entries($wiki); - foreach($entries as $entry) { + if ($entries){ $coursemodule = get_field('modules', 'id', 'name', 'wiki'); - $cm = get_record('course_modules', 'course', $entry->course, 'module', $coursemodule, 'instance', $entry->wikiid); + $cm = get_record('course_modules', 'course', $wiki->course, 'module', $coursemodule, 'instance', $wiki->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - - //all pages - //$pages = wiki_get_pages($entry); - - //latest pages - $pages = wiki_get_latest_pages($entry); - if (is_array($pages)) { - foreach($pages as $page) { - if (strlen($page->content) > 0) { - $documents[] = new WikiSearchDocument(get_object_vars($page), $entry->wikiid, $entry->course, $entry->groupid, $page->userid, $context->id); + foreach($entries as $entry) { + + //all pages + //$pages = wiki_get_pages($entry); + + //latest pages + $pages = wiki_get_latest_pages($entry); + if (is_array($pages)) { + foreach($pages as $page) { + if (strlen($page->content) > 0) { + $documents[] = new WikiSearchDocument(get_object_vars($page), $entry->wikiid, $entry->course, $entry->groupid, $page->userid, $context->id); + } } } } - } + } return $documents; } //wiki_get_content_for_index @@ -232,14 +238,22 @@ function wiki_check_text_access($path, $itemtype, $this_id, $user, $group_id, $c $page = get_record('wiki_pages', 'id', $id); $entry = get_record('wiki_entries', 'id', $page->wiki); $course = get_record('course', 'id', $entry->course); - $module_context = get_record('context', 'id', $context_id); - $cm = get_record('course_modules', 'id', $module_context->instanceid); - if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $module_context)) return false; + $context = get_record('context', 'id', $context_id); + $cm = get_record('course_modules', 'id', $context->instanceid); + // $cm = get_coursemodule_from_instance('wiki', $wiki->id, $wiki->course); + // $context = get_record('context', 'id', $cm->id); + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)) { + if (!empty($CFG->search_access_debug)) echo "search reject : hidden wiki "; + return false; + } //group consistency check : checks the following situations about groups // trap if user is not same group and groups are separated $current_group = get_current_group($course->id); - if ((groupmode($course) == SEPARATEGROUPS) && $group_id != $current_group && !has_capability('moodle/site:accessallgroups', $module_context)) return false; + if ((groupmode($course) == SEPARATEGROUPS) && $group_id != $current_group && !has_capability('moodle/site:accessallgroups', $context)) { + if (!empty($CFG->search_access_debug)) echo "search reject : separated group owner wiki "; + return false; + } return true; } //wiki_check_text_access