/** * Serves assignment submissions and other files. * * @param mixed $course course or id of the course * @param mixed $cm course module or id of the course module * @param context $context * @param string $filearea * @param array $args * @param bool $forcedownload * @return bool false if file not found, does not return if found - just send the file */ function assignsubmission_onenote_pluginfile($course, $cm, context $context, $filearea, $args, $forcedownload) { global $DB, $CFG; if ($context->contextlevel != CONTEXT_MODULE) { return false; } require_login($course, false, $cm); $itemid = (int) array_shift($args); $record = $DB->get_record('assign_submission', array('id' => $itemid), 'userid, assignment, groupid', MUST_EXIST); $userid = $record->userid; $groupid = $record->groupid; require_once $CFG->dirroot . '/mod/assign/locallib.php'; $assign = new assign($context, $cm, $course); if ($assign->get_instance()->id != $record->assignment) { return false; } if ($assign->get_instance()->teamsubmission && !$assign->can_view_group_submission($groupid)) { return false; } if (!$assign->get_instance()->teamsubmission && !$assign->can_view_submission($userid)) { return false; } $relativepath = implode('/', $args); $fullpath = "/{$context->id}/assignsubmission_onenote/{$filearea}/{$itemid}/{$relativepath}"; $fs = get_file_storage(); if (!($file = $fs->get_file_by_hash(sha1($fullpath))) || $file->is_directory()) { return false; } // Download MUST be forced - security! send_stored_file($file, 0, 0, true); }
/** * Permission control method for submission plugin ---- required method for AJAXmoodle based comment API * * @param stdClass $options * @return array */ function assignsubmission_comments_comment_permissions(stdClass $options) { global $USER, $CFG, $DB; if ($options->commentarea != 'submission_comments' && $options->commentarea != 'submission_comments_upgrade') { throw new comment_exception('invalidcommentarea'); } if (!($submission = $DB->get_record('assign_submission', array('id' => $options->itemid)))) { throw new comment_exception('invalidcommentitemid'); } $context = $options->context; require_once $CFG->dirroot . '/mod/assign/locallib.php'; $assignment = new assign($context, null, null); if ($assignment->get_instance()->id != $submission->assignment) { throw new comment_exception('invalidcontext'); } if ($assignment->get_instance()->teamsubmission && !$assignment->can_view_group_submission($submission->groupid)) { return array('post' => false, 'view' => false); } if (!$assignment->get_instance()->teamsubmission && !$assignment->can_view_submission($submission->userid)) { return array('post' => false, 'view' => false); } return array('post' => true, 'view' => true); }