/** * Get project data * @author Jim Ahlstrand * @param int, $id, Id of the project to be fetched defaults to null * @return obj, stdClassObject * TODO return only projects that the user own or has permission to view */ function getProject($id = null, $checkPerm = true) { // If id is null return a list of all projects listed for the course if ($id === null) { // If user can view all submissions or listing is allowed if ($GLOBALS['user']->hasPrivilege('canViewAllProjects') || !$checkPerm) { return $this->projects; } else { $canView = array(); foreach ($this->projects as $key => $value) { $project = new Project($value); if ($project->userIsAssigned($GLOBALS['user']->id)) { $canView[] = $value; } } return $canView; } } $id = intval($id); // Check for invalid id if ($id <= 0) { throw new Exception("Invalid parameter"); } // Check so project exists in the course if (!in_array($id, $this->projects)) { throw new Exception("Invalid project request"); } return new Project($id); }
/** * Gets the current PID * @author Jim Ahlstrand * @param bool $checkPerm Check for access rights * @return int course id */ function getPID($checkPerm = true, $assignRoles = true) { if (isset($_GET['pid']) && intval($_GET['pid']) > 0) { $pid = intval($_GET['pid']); // Get the project, if it does not exist exit try { $project = new Project($pid); } catch (Exception $e) { header("Location: ?view=accessdenied"); exit; } // Auto add roles if ($assignRoles) { $course = new Course($project->course); $course->assignRoles(); } // Check if user has access to this course if ($checkPerm && !$GLOBALS['user']->hasPrivilege('canViewAllProjects')) { if (!$project->userIsAssigned($GLOBALS['user']->id)) { header("Location: ?view=accessdenied"); exit; } } } else { throw new Exception("Invalid PID"); } return $pid; }