/** * Function to check current user can edit collection * * This is fairly straightforward at the moment but it might require more * if groups are allowed collections and other amendments in the future */ public function can_edit_collection($c) { $owner = $c->get('owner'); if ($owner > 0 && $owner == $this->get('id')) { return true; } $institution = $c->get('institution'); if ($institution && $this->can_edit_institution($institution)) { return true; } $group = $c->get('group'); if ($group) { $this->reset_grouproles(); if (!isset($this->grouproles[$group])) { return false; } require_once 'group.php'; return group_role_can_edit_views($group, $this->grouproles[$group]); } return false; }
/** * Returns a datastructure describing the tabs that appear on a group page * * @param object $group Database record of group to get tabs for * @return array */ function group_get_menu_tabs() { static $menu; $group = group_current_group(); if (!$group) { return null; } $role = group_user_access($group->id); $menu = array('info' => array('path' => 'groups/info', 'url' => group_homepage_url($group, false), 'title' => get_string('About', 'group'), 'weight' => 20)); if (group_can_list_members($group, $role)) { $menu['members'] = array('path' => 'groups/members', 'url' => 'group/members.php?id=' . $group->id, 'title' => get_string('Members', 'group'), 'weight' => 30); } if ($interactionplugins = plugins_installed('interaction')) { foreach ($interactionplugins as $plugin) { safe_require('interaction', $plugin->name); $plugin_menu = call_static_method(generate_class_name('interaction', $plugin->name), 'group_menu_items', $group); $menu = array_merge($menu, $plugin_menu); } } $menu['views'] = array('path' => 'groups/views', 'url' => 'view/groupviews.php?group=' . $group->id, 'title' => get_string('Views', 'group'), 'weight' => 50); $menu['collections'] = array('path' => 'groups/collections', 'url' => 'collection/index.php?group=' . $group->id, 'title' => get_string('Collections', 'group'), 'weight' => 60); if (group_role_can_edit_views($group, $role)) { $menu['share'] = array('path' => 'groups/share', 'url' => 'group/shareviews.php?group=' . $group->id, 'title' => get_string('share', 'view'), 'weight' => 70); } if ($role) { safe_require('grouptype', $group->grouptype); $artefactplugins = call_static_method('GroupType' . $group->grouptype, 'get_group_artefact_plugins'); if ($plugins = plugins_installed('artefact')) { foreach ($plugins as &$plugin) { if (!in_array($plugin->name, $artefactplugins)) { continue; } safe_require('artefact', $plugin->name); $plugin_menu = call_static_method(generate_class_name('artefact', $plugin->name), 'group_tabs', $group->id); $menu = array_merge($menu, $plugin_menu); } } } if (group_role_can_access_report($group, $role)) { $menu['report'] = array('path' => 'groups/report', 'url' => 'group/report.php?group=' . $group->id, 'title' => get_string('report', 'group'), 'weight' => 70); } if (defined('MENUITEM')) { $key = substr(MENUITEM, strlen('groups/')); if ($key && isset($menu[$key])) { $menu[$key]['selected'] = true; } } return $menu; }
} else { if (!$USER->get('admin') && !$USER->is_institutional_admin($institutionname)) { throw new AccessDeniedException(get_string('youarenotanadminof', 'artefact.blog', $institutionname)); } } define('TITLE', get_string('newblog' . $section, 'artefact.blog', institution_display_name($institutionname)) . ': ' . get_string('blogsettings', 'artefact.blog')); PluginArtefactBlog::set_blog_nav(true, $institutionname); } else { if ($groupid = param_alphanum('group', null)) { require_once 'group.php'; $group = get_record('group', 'id', $groupid, 'deleted', 0); $USER->reset_grouproles(); if (!isset($USER->grouproles[$group->id])) { throw new AccessDeniedException(get_string('youarenotamemberof', 'artefact.blog', $group->name)); } if (!group_role_can_edit_views($groupid, $USER->grouproles[$group->id])) { throw new AccessDeniedException(get_string('youarenotaneditingmemberof', 'artefact.blog', $group->name)); } $subsectionheading = get_string('newblog', 'artefact.blog'); define('TITLE', $group->name); PluginArtefactBlog::set_blog_nav(false, null, $groupid); } else { define('TITLE', get_string('newblog', 'artefact.blog') . ': ' . get_string('blogsettings', 'artefact.blog')); } } $form = array('name' => 'newblog', 'method' => 'post', 'action' => '', 'plugintype' => 'artefact', 'pluginname' => 'blog', 'elements' => array('title' => array('type' => 'text', 'title' => get_string('blogtitle', 'artefact.blog'), 'description' => get_string('blogtitledesc', 'artefact.blog'), 'rules' => array('required' => true)), 'description' => array('type' => 'wysiwyg', 'rows' => 10, 'cols' => 70, 'title' => get_string('blogdesc', 'artefact.blog'), 'description' => get_string('blogdescdesc', 'artefact.blog'), 'rules' => array('maxlength' => 65536, 'required' => false)), 'tags' => array('type' => 'tags', 'title' => get_string('tags'), 'description' => get_string('tagsdescprofile'), 'help' => true), 'license' => license_form_el_basic(null), 'licensing_advanced' => license_form_el_advanced(null), 'submit' => array('type' => 'submitcancel', 'class' => 'btn-success', 'value' => array(get_string('createblog', 'artefact.blog'), get_string('cancel', 'artefact.blog'))))); $form['elements']['institution'] = array('type' => 'hidden', 'value' => $institutionname ? $institutionname : 0); $form['elements']['group'] = array('type' => 'hidden', 'value' => $groupid ? $groupid : 0); $form = pieform($form); $smarty =& smarty(); $smarty->assign_by_ref('form', $form);
// offset and limit for pagination $offset = param_integer('offset', 0); $limit = param_integer('limit', 10); $owner = null; $groupid = param_integer('group', 0); $institutionname = param_alphanum('institution', false); $urlparams = array(); $pageIcon = 'icon-folder-open'; $subsectionheading = false; if (!empty($groupid)) { define('MENUITEM', 'groups/collections'); define('GROUP', $groupid); $group = group_current_group(); // Check if user can edit group collections <-> user can edit group views $role = group_user_access($group->id); $canedit = $role && group_role_can_edit_views($group, $role); if (!$role) { throw new GroupAccessDeniedException(get_string('cantlistgroupcollections', 'collection')); } define('SUBTITLE', false); define('TITLE', $group->name); $urlparams['group'] = $groupid; $subsectionheading = get_string('Collections', 'collection'); $pageIcon = ''; } else { if (!empty($institutionname)) { if ($institutionname == 'mahara') { define('ADMIN', 1); define('MENUITEM', 'configsite/collections'); define('TITLE', get_string('sitecollections', 'collection')); // Check if user is a site admin
/** * Checks that the person viewing a personal blog is the owner. * Or the person is an institution admin for an institution blog. * Or a group member if viewing a group blog. * Or a group member with editing permissions if editing a blog. * If not, throws an AccessDeniedException. * Other people see blogs when they are placed in views. */ public function check_permission($editing = true) { global $USER; if (!empty($this->institution)) { if ($this->institution == 'mahara' && !$USER->get('admin')) { throw new AccessDeniedException(get_string('youarenotasiteadmin', 'artefact.blog')); } else { if (!$USER->get('admin') && !$USER->is_institutional_admin($this->institution)) { throw new AccessDeniedException(get_string('youarenotanadminof', 'artefact.blog', $this->institution)); } } } else { if (!empty($this->group)) { $group = get_record('group', 'id', $this->group, 'deleted', 0); $USER->reset_grouproles(); if (!isset($USER->grouproles[$this->group])) { throw new AccessDeniedException(get_string('youarenotamemberof', 'artefact.blog', $group->name)); } require_once 'group.php'; if ($editing && !group_role_can_edit_views($this->group, $USER->grouproles[$this->group])) { throw new AccessDeniedException(get_string('youarenotaneditingmemberof', 'artefact.blog', $group->name)); } } else { if ($USER->get('id') != $this->owner) { throw new AccessDeniedException(get_string('youarenottheownerofthisblogpost', 'artefact.blog')); } } } }
/** * Returns a datastructure describing the tabs that appear on a group page * * @param object $group Database record of group to get tabs for * @return array */ function group_get_menu_tabs() { static $menu; $group = group_current_group(); if (!$group) { return null; } $role = group_user_access($group->id); $menu = array('info' => array('path' => 'groups/info', 'url' => group_homepage_url($group, false), 'title' => get_string('About', 'group'), 'weight' => 20)); if (group_can_list_members($group, $role)) { $menu['members'] = array('path' => 'groups/members', 'url' => 'group/members.php?id=' . $group->id, 'title' => get_string('Members', 'group'), 'weight' => 30); } if ($interactionplugins = plugins_installed('interaction')) { foreach ($interactionplugins as $plugin) { safe_require('interaction', $plugin->name); $plugin_menu = call_static_method(generate_class_name('interaction', $plugin->name), 'group_menu_items', $group); $menu = array_merge($menu, $plugin_menu); } } $menu['subnav'] = array('class' => 'group'); $menu['views'] = array('path' => 'groups/views', 'url' => 'view/groupviews.php?group=' . $group->id, 'title' => get_string('Views', 'group'), 'weight' => 50); $menu['collections'] = array('path' => 'groups/collections', 'url' => 'collection/index.php?group=' . $group->id, 'title' => get_string('Collections', 'group'), 'weight' => 60); if (group_role_can_edit_views($group, $role)) { $menu['share'] = array('path' => 'groups/share', 'url' => 'group/shareviews.php?group=' . $group->id, 'title' => get_string('share', 'view'), 'weight' => 70); } if ($role) { safe_require('grouptype', $group->grouptype); $artefactplugins = call_static_method('GroupType' . $group->grouptype, 'get_group_artefact_plugins'); if ($plugins = plugins_installed('artefact')) { foreach ($plugins as &$plugin) { if (!in_array($plugin->name, $artefactplugins)) { continue; } safe_require('artefact', $plugin->name); $plugin_menu = call_static_method(generate_class_name('artefact', $plugin->name), 'group_tabs', $group->id); $menu = array_merge($menu, $plugin_menu); } } } if (group_role_can_access_report($group, $role)) { $menu['report'] = array('path' => 'groups/report', 'url' => 'group/report.php?group=' . $group->id, 'title' => get_string('report', 'group'), 'weight' => 70); } if (defined('MENUITEM')) { $key = substr(MENUITEM, strlen('groups/')); if ($key && isset($menu[$key])) { $menu[$key]['selected'] = true; } } // Sort the menu items by weight uasort($menu, function ($a, $b) { // Only items with a "weight" component need to get sorted. Ones without weight can go first. if (!array_key_exists('weight', $a)) { return -1; } if (!array_key_exists('weight', $b)) { return 1; } $aweight = $a['weight']; $bweight = $b['weight']; if ($aweight == $bweight) { return 0; } return $aweight < $bweight ? -1 : 1; }); return $menu; }