protected function isDocumentDownloadableInCourse($requestedUrl) { if (claro_is_in_a_group()) { $groupContext = true; $courseContext = false; $is_allowedToEdit = claro_is_group_member() || claro_is_group_tutor() || claro_is_course_manager(); } else { $groupContext = false; $courseContext = true; $is_allowedToEdit = claro_is_course_manager(); } if ($courseContext) { $courseTblList = claro_sql_get_course_tbl(); $tbl_document = $courseTblList['document']; if (strtoupper(substr(PHP_OS, 0, 3)) == "WIN") { $modifier = ''; } else { $modifier = 'BINARY '; } $sql = "SELECT visibility\n FROM `{$tbl_document}`\n WHERE {$modifier} path = '" . claro_sql_escape($requestedUrl) . "'"; $docVisibilityStatus = claro_sql_query_get_single_value($sql); if (!is_null($docVisibilityStatus) && $docVisibilityStatus == 'i' && !$is_allowedToEdit) { return false; } else { return true; } } else { // ???? } }
protected function isModuleAllowed() { $moduleData = get_module_data($this->moduleLabel); if ($moduleData['type'] == 'tool') { $contextList = get_module_context_list($this->moduleLabel); if (claro_is_in_a_course()) { $_mainToolId = get_tool_id_from_module_label($this->moduleLabel); $_profileId = claro_get_current_user_profile_id_in_course(); $_cid = claro_get_current_course_id(); if (claro_is_in_a_group()) { $_groupProperties = claro_get_main_group_properties(claro_get_current_course_id()); $_mainToolId = get_tool_id_from_module_label('CLGRP'); $is_toolAllowed = array_key_exists($this->moduleLabel, $_groupProperties['tools']) && $_groupProperties['tools'][$this->moduleLabel] && claro_is_allowed_tool_read($_mainToolId, $_profileId, $_cid); if ($_groupProperties['private']) { $is_toolAllowed = $is_toolAllowed && (claro_is_group_member() || claro_is_group_tutor()); } $is_toolAllowed = $is_toolAllowed || (claro_is_course_manager() || claro_is_platform_admin()); } else { // we ignore course visibility if (!claro_is_allowed_tool_edit($_mainToolId, $_profileId, $_cid) && !claro_is_allowed_tool_read($_mainToolId, $_profileId, $_cid)) { $is_toolAllowed = false; } else { $is_toolAllowed = true; } } } else { if (in_array('platform', iterator_to_array($contextList))) { $is_toolAllowed = get_module_data($this->moduleLabel, 'activation') == 'activated'; } else { $is_toolAllowed = false; } } return $is_toolAllowed; } else { // if an applet "tool", return true if activated // and let module manage it's access by itself return $moduleData['activation'] == 'activated'; } }
} } } else { $dialogBox->form(get_lang('Confirm your subscription to the group "<b>%group_name</b>"', array('%group_name' => claro_get_current_group_data('name'))) . "\n" . '<form action="' . claro_htmlspecialchars($_SERVER['PHP_SELF']) . '" method="post">' . "\n" . claro_form_relay_context() . '<input type="hidden" name="registration" value="1" />' . "\n" . '<input type="hidden" name="doReg" value="1" />' . "\n" . '<br />' . "\n" . '<input type="submit" value="' . get_lang("Ok") . '" />' . "\n" . claro_html_button(claro_htmlspecialchars(Url::Contextualize($_SERVER['PHP_SELF'])), get_lang("Cancel")) . "\n" . '</form>' . "\n"); } } } if (isset($_REQUEST['regDone'])) { $dialogBox->success(get_lang("You are now a member of this group.")); } if (isset($_REQUEST['unregistration'])) { //RECHECK if subscribe is aivailable if (claro_is_course_member() && claro_is_group_member() && $is_allowedToSelfUnregInGroup) { if (isset($_REQUEST['doUnreg'])) { //RECHECK if subscribe is aivailable if (claro_is_course_member() && claro_is_group_member() && $is_allowedToSelfUnregInGroup) { $sql = "DELETE FROM `" . $tbl_group_rel_team_user . "`\n WHERE `user` = " . (int) claro_get_current_user_id() . "\n AND `team` = " . (int) claro_get_current_group_id(); if (claro_sql_query($sql)) { // REFRESH THE SCRIPT TO COMPUTE NEW PERMISSIONS ON THE BASSIS OF THIS CHANGE claro_redirect(dirname($_SERVER['PHP_SELF']) . '/group.php?gidReset=1&unregDone=1'); exit; } } } else { $dialogBox->form(get_lang('Confirm your unsubscription from the group "<b>%group_name</b>"', array('%group_name' => claro_get_current_group_data('name'))) . "\n" . '<form action="' . claro_htmlspecialchars($_SERVER['PHP_SELF']) . '" method="post">' . "\n" . claro_form_relay_context() . '<input type="hidden" name="unregistration" value="1" />' . "\n" . '<input type="hidden" name="doUnreg" value="1" />' . "\n" . '<br />' . "\n" . '<input type="submit" value="' . get_lang("Ok") . '" />' . "\n" . claro_html_button(claro_htmlspecialchars(Url::Contextualize($_SERVER['PHP_SELF'])), get_lang("Cancel")) . "\n" . '</form>' . "\n"); } } } /** * TUTOR REGISTRATION PROCESS */
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =*/ $baseServDir = get_path('coursesRepositorySys'); $baseServUrl = get_path('url') . '/'; $dialogBox = new DialogBox(); /* * The following variables depends on the use context * The document tool can be used at course or group level * (one document area for each group) */ if (claro_is_in_a_group() && claro_is_group_allowed()) { $_group = claro_get_current_group_data(); $groupContext = true; $courseContext = false; $maxFilledSpace = get_conf('maxFilledSpace_for_groups'); $courseDir = claro_get_course_path() . '/group/' . claro_get_current_group_data('directory'); $is_allowedToEdit = claro_is_group_member() || claro_is_group_tutor() || claro_is_course_manager(); $is_allowedToUnzip = false; if (!claro_is_group_allowed()) { die('<center>You are not allowed to see this group\'s documents!!!</center>'); } } else { $groupContext = false; $courseContext = true; $courseDir = claro_get_course_path() . '/document'; // initialise view mode tool claro_set_display_mode_available(true); $is_allowedToEdit = claro_is_allowed_to_edit(); $is_allowedToUnzip = claro_is_allowed_to_edit(); $maxFilledSpace = get_conf('maxFilledSpace_for_course'); // table names for learning path (needed to check integrity) /*
} $out .= '</tr>' . "\n"; if (!empty($entry['description'])) { $out .= '<tr>' . "\n"; if ($groupId && claro_is_group_member()) { $colspan = 5; } elseif ($is_allowedToAdmin) { $colspan = 6; } else { $colspan = 3; } $out .= '<td colspan="' . $colspan . '"><div class="comment">' . $entry['description'] . '</div></td>' . "\n" . '</tr>' . "\n"; } } } else { if ($groupId && claro_is_group_member()) { $colspan = 5; } elseif ($is_allowedToAdmin) { $colspan = 6; } else { $colspan = 3; } $out .= '<tr><td colspan="' . $colspan . '" style="text-align: center;">' . get_lang("No Wiki") . '</td></tr>' . "\n"; } $out .= '</tbody>' . '</table>' . "\n\n"; break; default: trigger_error("Invalid action supplied to " . claro_htmlspecialchars($_SERVER['PHP_SELF']), E_USER_ERROR); } $output = ''; $output .= claro_html_tool_title($toolTitle, $helpUrl, $cmdList);
function printInit($selection = "*") { global $uidReset, $cidReset, $gidReset, $tidReset, $uidReq, $cidReq, $gidReq, $tidReq, $tlabelReq, $_user, $_course, $_groupUser, $_courseTool, $_SESSION, $_claro_local_run; if ($_claro_local_run) { echo "local init runned"; } else { echo '<font color="red"> local init never runned during this script </font>'; } echo ' <table width="100%" border="1" cellspacing="4" cellpadding="1" bordercolor="#808080" bgcolor="#C0C0C0" lang="en"> <TR>'; if ($selection == "*" or strstr($selection, "u")) { echo ' <TD valign="top" > <strong>User</strong> : (_uid) : ' . var_export(claro_get_current_user_id(), 1) . ' | (session[_uid]) : ' . var_export($_SESSION["_uid"], 1) . ' <br /> reset = ' . var_export($uidReset, 1) . ' | req = ' . var_export($uidReq, 1) . '<br /> _user : <pre>' . var_export($_user, 1) . '</pre> <br />is_platformAdmin :' . var_export(claro_is_platform_admin(), 1) . ' <br />is_allowedCreateCourse :' . var_export(claro_is_allowed_to_create_course(), 1) . ' </TD>'; } if ($selection == "*" or strstr($selection, "c")) { echo "\n <TD valign=\"top\" >\n <strong>Course</strong> : (_cid)" . var_export(claro_get_current_course_id(), 1) . "\n <br />\n reset = " . var_export($cidReset, 1) . " | req = " . var_export($cidReq, 1) . "\n <br />\n _course : <pre>" . var_export($_course, 1) . "</pre>\n <br />\n _groupProperties :\n <PRE>\n " . var_export(claro_get_current_group_properties_data(), 1) . "\n </PRE>\n </TD>"; } echo ' </TR> <TR>'; if ($selection == "*" or strstr($selection, "g")) { echo '<TD valign="top" ><strong>Group</strong> : (_gid) ' . var_export(claro_get_current_group_id(), 1) . '<br /> reset = ' . var_export($GLOBALS['gidReset'], 1) . ' | req = ' . var_export($gidReq, 1) . "<br />\n _group :<pre>" . var_export(claro_get_current_group_data(), 1) . "</pre></TD>"; } if ($selection == "*" or strstr($selection, "t")) { echo '<TD valign="top" ><strong>Tool</strong> : (_tid)' . var_export(claro_get_current_tool_id(), 1) . '<br /> reset = ' . var_export($tidReset, 1) . ' | req = ' . var_export($tidReq, 1) . '| req = ' . var_export($tlabelReq, 1) . ' <br /> _tool :' . var_export(get_init('_tool'), 1) . "</TD>"; } echo "</TR>"; if ($selection == "*" or strstr($selection, "u") && strstr($selection, "c")) { echo '<TR><TD valign="top" colspan="2"><strong>Course-User</strong>'; if (claro_is_user_authenticated()) { echo '<br /><strong>User</strong> :' . var_export(claro_is_in_a_course(), 1); } if (claro_is_in_a_course()) { echo ' in ' . var_export(claro_get_current_course_id(), 1) . '<br />'; } if (claro_is_user_authenticated() && claro_get_current_course_id()) { echo '_courseUser : <pre>' . var_export(getInit('_courseUser'), 1) . '</pre>'; } echo '<br />is_courseMember : ' . var_export(claro_is_course_member(), 1); echo '<br />is_courseAdmin : ' . var_export(claro_is_course_manager(), 1); echo '<br />is_courseAllowed : ' . var_export(claro_is_course_allowed(), 1); echo '<br />is_courseTutor : ' . var_export(claro_is_course_tutor(), 1); echo '</TD></TR>'; } echo ""; if ($selection == "*" or strstr($selection, "u") && strstr($selection, "g")) { echo '<TR><TD valign="top" colspan="2">' . '<strong>Course-Group-User</strong>'; if (claro_is_user_authenticated()) { echo '<br /><strong>User</strong> :' . var_export(claro_is_in_a_course(), 1); } if (claro_is_in_a_group()) { echo ' in ' . var_export(claro_get_current_group_id(), 1); } if (claro_is_in_a_group()) { echo '<br />_groupUser:'******'_groupUser'), 1); } echo '<br />is_groupMember:' . var_export(claro_is_group_member(), 1) . '<br />is_groupTutor: ' . var_export(claro_is_group_tutor(), 1) . '<br />is_groupAllowed:' . var_export(claro_is_group_allowed(), 1) . '</TD>' . '</tr>'; } if ($selection == "*" or strstr($selection, "c") && strstr($selection, "t")) { echo '<tr> <TD valign="top" colspan="2" ><strong>Course-Tool</strong><br />'; if (claro_get_current_tool_id()) { echo 'Tool :' . claro_get_current_tool_id(); } if (claro_is_in_a_course()) { echo ' in ' . claro_get_current_course_id() . '<br />'; } if (claro_get_current_tool_id()) { echo "_courseTool : <pre>" . var_export($_courseTool, 1) . '</pre><br />'; } echo 'is_toolAllowed : ' . var_export(claro_is_tool_allowed(), 1); echo "</TD>"; } echo "</TR></TABLE>"; }
$wiki = $wikiStore->loadWiki($wikiId); $wikiPage = new WikiPage($con, $config, $wikiId); $wikiRenderer = new Wiki2xhtmlRenderer($wiki); $accessControlList = $wiki->getACL(); // --------------- Start of access rights management -------------- // Wiki access levels $is_allowedToEdit = false; $is_allowedToRead = false; $is_allowedToCreate = false; // set user access rights using user status and wiki access control list if (claro_is_in_a_group() && claro_is_group_allowed()) { // group_context if (is_array($accessControlList)) { $is_allowedToRead = $is_allowedToAdmin || claro_is_group_member() && WikiAccessControl::isAllowedToReadPage($accessControlList, 'group') || claro_is_course_member() && WikiAccessControl::isAllowedToReadPage($accessControlList, 'course') || WikiAccessControl::isAllowedToReadPage($accessControlList, 'other'); $is_allowedToEdit = $is_allowedToRead && ($is_allowedToAdmin || claro_is_group_member() && WikiAccessControl::isAllowedToEditPage($accessControlList, 'group') || claro_is_course_member() && WikiAccessControl::isAllowedToEditPage($accessControlList, 'course') || WikiAccessControl::isAllowedToEditPage($accessControlList, 'other')); $is_allowedToCreate = $is_allowedToEdit && ($is_allowedToAdmin || claro_is_group_member() && WikiAccessControl::isAllowedToCreatePage($accessControlList, 'group') || claro_is_course_member() && WikiAccessControl::isAllowedToCreatePage($accessControlList, 'course') || WikiAccessControl::isAllowedToCreatePage($accessControlList, 'other')); } } else { // course context if (is_array($accessControlList)) { // course member if (claro_is_course_member() || claro_is_platform_admin()) { $is_allowedToRead = $is_allowedToAdmin || WikiAccessControl::isAllowedToReadPage($accessControlList, 'course'); $is_allowedToEdit = $is_allowedToRead && ($is_allowedToAdmin || WikiAccessControl::isAllowedToEditPage($accessControlList, 'course')); $is_allowedToCreate = $is_allowedToEdit && ($is_allowedToAdmin || WikiAccessControl::isAllowedToCreatePage($accessControlList, 'course')); } else { $is_allowedToRead = $is_allowedToAdmin || WikiAccessControl::isAllowedToReadPage($accessControlList, 'other'); $is_allowedToEdit = $is_allowedToRead && ($is_allowedToAdmin || WikiAccessControl::isAllowedToEditPage($accessControlList, 'other')); $is_allowedToCreate = $is_allowedToEdit && ($is_allowedToAdmin || WikiAccessControl::isAllowedToCreatePage($accessControlList, 'other')); } }