/** * Check to see if a user's real email address should be used for the "From" field. * * @param object $from The user object for the user we are sending the email from. * @param object $user The user object that we are sending the email to. * @param array $alloweddomains An array of allowed domains that we can send email from. * @return bool Returns true if we can use the from user's email adress in the "From" field. */ function can_send_from_real_email_address($from, $user, $alloweddomains) { // Email is in the list of allowed domains for sending email, // and the senders email setting is either displayed to everyone, or display to only other users that are enrolled // in a course with the sender. if (\core\ip_utils::is_domain_in_allowed_list(substr($from->email, strpos($from->email, '@') + 1), $alloweddomains) && ($from->maildisplay == core_user::MAILDISPLAY_EVERYONE || $from->maildisplay == core_user::MAILDISPLAY_COURSE_MEMBERS_ONLY && enrol_get_shared_courses($user, $from, false, true))) { return true; } return false; }
// see. // In either case we need to decide whether we can show personal information // about the requested user to the current user so we will execute some checks // First check the obvious, its the current user, a specific course has been // provided (require_login has been called), or they have a course contact role. // True to any of those and the current user can see the details of the // requested user. $canviewuser = $iscurrentuser || $isspecificcourse || empty($CFG->forceloginforprofiles) || has_coursecontact_role($userid); // Next we'll check the caps, if the current user has the view details and a // specific course has been requested, or if they have the view all details $canviewuser = $canviewuser || ($isspecificcourse && has_capability('moodle/user:viewdetails', $coursecontext) || has_capability('moodle/user:viewalldetails', $usercontext)); // If none of the above was true the next step is to check a shared relation // through some course if (!$canviewuser) { // Get all of the courses that the users have in common $sharedcourses = enrol_get_shared_courses($USER->id, $user->id, true); foreach ($sharedcourses as $sharedcourse) { // Check the view cap within the course context if (has_capability('moodle/user:viewdetails', get_context_instance(CONTEXT_COURSE, $sharedcourse->id))) { $canviewuser = true; break; } } unset($sharedcourses); } // Prepare the page title $pagetitle = get_string('noposts', 'mod_forum'); // Get the page heading if ($isspecificcourse) { $pageheading = format_string($course->shortname, true, array('context' => $coursecontext)); } else {
public function test_enrol_get_shared_courses() { $this->resetAfterTest(); $user1 = $this->getDataGenerator()->create_user(); $user2 = $this->getDataGenerator()->create_user(); $user3 = $this->getDataGenerator()->create_user(); $course1 = $this->getDataGenerator()->create_course(); $this->getDataGenerator()->enrol_user($user1->id, $course1->id); $this->getDataGenerator()->enrol_user($user2->id, $course1->id); $course2 = $this->getDataGenerator()->create_course(); $this->getDataGenerator()->enrol_user($user1->id, $course2->id); // Test that user1 and user2 have courses in common. $this->assertTrue(enrol_get_shared_courses($user1, $user2, false, true)); // Test that user1 and user3 have no courses in common. $this->assertFalse(enrol_get_shared_courses($user1, $user3, false, true)); // Test retrieving the courses in common. $sharedcourses = enrol_get_shared_courses($user1, $user2, true); // Only should be one shared course. $this->assertCount(1, $sharedcourses); $sharedcourse = array_shift($sharedcourses); // It should be course 1. $this->assertEquals($sharedcourse->id, $course1->id); }
/** * Do these two students share any course? * * The courses has to be visible and enrolments has to be active, * timestart and timeend restrictions are ignored. * * This function calls {@see enrol_get_shared_courses()} setting checkexistsonly * to true. * * @param stdClass|int $user1 * @param stdClass|int $user2 * @return bool */ function enrol_sharing_course($user1, $user2) { return enrol_get_shared_courses($user1, $user2, false, true); }
/** * Check if a user has the permission to viewdetails in a shared course's context. * * @param object $user The other user's details. * @param object $course Use this course to see if we have permission to see this user's profile. * @param context $usercontext The user context if available. * @return bool true for ability to view this user, else false. */ function user_can_view_profile($user, $course = null, $usercontext = null) { global $USER, $CFG; if ($user->deleted) { return false; } // If any of these four things, return true. // Number 1. if ($USER->id == $user->id) { return true; } // Number 2. if (empty($CFG->forceloginforprofiles)) { return true; } if (empty($usercontext)) { $usercontext = context_user::instance($user->id); } // Number 3. if (has_capability('moodle/user:viewdetails', $usercontext)) { return true; } // Number 4. if (has_coursecontact_role($user->id)) { return true; } if (isset($course)) { $sharedcourses = array($course); } else { $sharedcourses = enrol_get_shared_courses($USER->id, $user->id, true); } foreach ($sharedcourses as $sharedcourse) { $coursecontext = context_course::instance($sharedcourse->id); if (has_capability('moodle/user:viewdetails', $coursecontext)) { if (!groups_user_groups_visible($sharedcourse, $user->id)) { // Not a member of the same group. continue; } return true; } } return false; }