From: skodak Date: Fri, 17 Aug 2007 12:15:32 +0000 (+0000) Subject: MDL-10888 groupmembers only checks in require_login() X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=f8e3d5f0c289012e38807a865d0b9466f2691b05;p=moodle.git MDL-10888 groupmembers only checks in require_login() --- diff --git a/lang/en_utf8/group.php b/lang/en_utf8/group.php index d17d98cf66..e3cc4bf03a 100644 --- a/lang/en_utf8/group.php +++ b/lang/en_utf8/group.php @@ -99,6 +99,7 @@ $string['groupsnone'] = 'No groups'; $string['groupsseparate'] = 'Separate groups'; $string['groupsvisible'] = 'Visible groups'; $string['groupmembersonly'] = 'Available for group members only'; +$string['groupmembersonlyerror'] = 'Sorry, you must be member of at least one group that is used in this activity.'; $string['groupaddedsuccesfully'] = 'Group $a added succesfully'; $string['nopermissionforcreation'] = 'Can\'t create group \"$a\" as you dont have the required permissions'; diff --git a/lib/grouplib.php b/lib/grouplib.php index 8c7de05963..daf6d1fd7c 100644 --- a/lib/grouplib.php +++ b/lib/grouplib.php @@ -108,6 +108,35 @@ function groups_is_member($groupid, $userid=null) { return record_exists('groups_members', 'groupid', $groupid, 'userid', $userid); } +/** + * Determines if current or specified is member of any active group in activity + * @param object $cm coruse module object + * @param int $userid id of user, null menas $USER->id + * @return booelan true if user member of at least one group used in activity + */ +function groups_has_membership($cm, $userid=null) { + global $CFG, $USER; + + if (empty($userid)) { + $userid = $USER->id; + } + + if ($cm->groupingid) { + // find out if member of any group in selected activity grouping + $sql = "SELECT 'x' + FROM {$CFG->prefix}groups_members gm, {$CFG->prefix}groupings_groups gg + WHERE gm.userid = $userid AND gm.groupid = gg.groupid AND gg.groupingid = {$cm->groupingid}"; + + } else { + // no grouping used - check all groups in course + $sql = "SELECT 'x' + FROM {$CFG->prefix}groups_members gm, {$CFG->prefix}groups g + WHERE gm.userid = $userid AND gm.groupid = g.id AND g.courseid = {$cm->course}"; + } + + return record_exists_sql($sql); +} + /** * Returns the users in the specified group. * @param int $groupid The groupid to get the users for diff --git a/lib/moodlelib.php b/lib/moodlelib.php index e349806c9d..1c66f07781 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -1707,18 +1707,24 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null) { } /// If the site is currently under maintenance, then print a message - if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM, SITEID))) { + if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM))) { if (file_exists($CFG->dataroot.'/'.SITEID.'/maintenance.html')) { print_maintenance_message(); exit; } } +/// groupmembersonly access control + if (!empty($CFG->enablegroupings) and $cm and $cm->groupmembersonly and !has_capability('moodle/site:accessallgroups', get_context_instance(CONTEXT_MODULE, $cm->id))) { + if (isguestuser() or !groups_has_membership($cm)) { + error(get_string('groupmembersonlyerror', 'group'), $CFG->wwwroot.'/course/view.php?id='.$cm->course); + } + } if ($COURSE->id == SITEID) { /// We can eliminate hidden site activities straight away if (!empty($cm) && !$cm->visible and !has_capability('moodle/course:viewhiddenactivities', - get_context_instance(CONTEXT_SYSTEM, SITEID))) { + get_context_instance(CONTEXT_SYSTEM))) { redirect($CFG->wwwroot, get_string('activityiscurrentlyhidden')); } return; diff --git a/mod/assignment/view.php b/mod/assignment/view.php index d38dcb8e34..495a719a14 100644 --- a/mod/assignment/view.php +++ b/mod/assignment/view.php @@ -30,7 +30,7 @@ } } - require_login($course->id); + require_login($course, true, $cm); require ("$CFG->dirroot/mod/assignment/type/$assignment->assignmenttype/assignment.class.php"); $assignmentclass = "assignment_$assignment->assignmenttype";