/**
* Add nodes to myprofile page.
*
* @param \core_user\output\myprofile\tree $tree Tree object
* @param stdClass $user user object
* @param bool $iscurrentuser
* @param stdClass $course Course object
*
* @return bool
*/
function tool_lp_myprofile_navigation(core_user\output\myprofile\tree $tree, $user, $iscurrentuser, $course)
{
if (!get_config('core_competency', 'enabled')) {
return false;
} else {
if (!\core_competency\plan::can_read_user($user->id)) {
return false;
}
}
$url = new moodle_url('/admin/tool/lp/plans.php', array('userid' => $user->id));
$node = new core_user\output\myprofile\node('miscellaneous', 'learningplans', get_string('learningplans', 'tool_lp'), null, $url);
$tree->add_node($node);
return true;
}
/**
* Can the current user read a user's competency?
*
* @param int $userid The user ID the competency belongs to.
* @return bool
*/
public static function can_read_user($userid)
{
$capability = 'moodle/competency:usercompetencyview';
return has_capability($capability, context_user::instance($userid)) || plan::can_read_user($userid);
}
/**
* Lists user plans.
*
* @param int $userid
* @return \core_competency\plan[]
*/
public static function list_user_plans($userid)
{
global $DB, $USER;
static::require_enabled();
$select = 'userid = :userid';
$params = array('userid' => $userid);
$context = context_user::instance($userid);
// Check that we can read something here.
if (!plan::can_read_user($userid) && !plan::can_read_user_draft($userid)) {
throw new required_capability_exception($context, 'moodle/competency:planview', 'nopermissions', '');
}
// The user cannot view the drafts.
if (!plan::can_read_user_draft($userid)) {
list($insql, $inparams) = $DB->get_in_or_equal(plan::get_draft_statuses(), SQL_PARAMS_NAMED, 'param', false);
$select .= " AND status {$insql}";
$params += $inparams;
}
// The user cannot view the non-drafts.
if (!plan::can_read_user($userid)) {
list($insql, $inparams) = $DB->get_in_or_equal(array(plan::STATUS_ACTIVE, plan::STATUS_COMPLETE), SQL_PARAMS_NAMED, 'param', false);
$select .= " AND status {$insql}";
$params += $inparams;
}
return plan::get_records_select($select, $params, 'name ASC');
}
public function test_can_read_user()
{
$this->resetAfterTest(true);
$read = create_role('Read', 'read', 'Plan reader');
$readown = create_role('Readown', 'readown', 'Own plan reader');
$u1 = $this->getDataGenerator()->create_user();
$u2 = $this->getDataGenerator()->create_user();
$u3 = $this->getDataGenerator()->create_user();
$syscontext = context_system::instance();
$u1context = context_user::instance($u1->id);
$u2context = context_user::instance($u2->id);
$u3context = context_user::instance($u3->id);
assign_capability('moodle/competency:planview', CAP_ALLOW, $read, $syscontext->id);
assign_capability('moodle/competency:planviewown', CAP_ALLOW, $readown, $u2context->id);
role_assign($read, $u1->id, $syscontext->id);
role_assign($readown, $u2->id, $syscontext->id);
role_assign($read, $u3->id, $u2context->id);
accesslib_clear_all_caches_for_unit_testing();
$this->setUser($u1);
$this->assertTrue(plan::can_read_user($u1->id));
$this->assertTrue(plan::can_read_user($u2->id));
$this->assertTrue(plan::can_read_user($u3->id));
$this->setUser($u2);
$this->assertFalse(plan::can_read_user($u1->id));
$this->assertTrue(plan::can_read_user($u2->id));
$this->assertFalse(plan::can_read_user($u3->id));
$this->setUser($u3);
$this->assertFalse(plan::can_read_user($u1->id));
$this->assertTrue(plan::can_read_user($u2->id));
$this->assertTrue(plan::can_read_user($u3->id));
// Due to the default capability.
}
