list($context, $course, $cm) = get_context_info_array($contextid); require_login($course, false, $cm); $contextid = null; //now we have a context object throw away the id from the user $PAGE->set_context($context); $PAGE->set_url('/rating/rate.php', array('contextid' => $context->id)); if (!confirm_sesskey() || !has_capability('moodle/rating:rate', $context)) { echo $OUTPUT->header(); echo get_string('ratepermissiondenied', 'rating'); echo $OUTPUT->footer(); die; } $rm = new rating_manager(); //check the module rating permissions //doing this check here rather than within rating_manager::get_ratings() so we can return a json error response $pluginpermissionsarray = $rm->get_plugin_permissions_array($context->id, $component, $ratingarea); if (!$pluginpermissionsarray['rate']) { $result->error = get_string('ratepermissiondenied', 'rating'); echo json_encode($result); die; } else { $params = array('context' => $context, 'component' => $component, 'ratingarea' => $ratingarea, 'itemid' => $itemid, 'scaleid' => $scaleid, 'rating' => $userrating, 'rateduserid' => $rateduserid); if (!$rm->check_rating_is_valid($params)) { echo $OUTPUT->header(); echo get_string('ratinginvalid', 'rating'); echo $OUTPUT->footer(); die; } } if ($userrating != RATING_UNSET_RATING) { $ratingoptions = new stdClass();
//now we have a context object throw away the id from the user if (!confirm_sesskey() || $USER->id == $rateduserid) { echo $OUTPUT->header(); echo get_string('ratepermissiondenied', 'rating'); echo $OUTPUT->footer(); die; } $rm = new rating_manager(); //check the module rating permissions //doing this check here rather than within rating_manager::get_ratings so we can return a json error response $pluginrateallowed = true; $pluginpermissionsarray = null; if ($context->contextlevel == CONTEXT_MODULE) { $plugintype = 'mod'; $pluginname = $cm->modname; $pluginpermissionsarray = $rm->get_plugin_permissions_array($context->id, $plugintype, $pluginname); $pluginrateallowed = $pluginpermissionsarray['rate']; if ($pluginrateallowed) { //check the item exists and isn't owned by the current user $pluginrateallowed = $rm->check_item_and_owner($plugintype, $pluginname, $itemid); } } if (!$pluginrateallowed || !has_capability('moodle/rating:rate', $context)) { $result->error = get_string('ratepermissiondenied', 'rating'); echo json_encode($result); die; } $PAGE->set_url('/lib/rate.php', array('contextid' => $context->id)); //rating options used to update the rating then retrieve the aggregate $ratingoptions = new stdClass(); $ratingoptions->context = $context;
list($context, $course, $cm) = get_context_info_array($contextid); require_login($course, false, $cm); $contextid = null; //now we have a context object throw away the id from the user $PAGE->set_context($context); $PAGE->set_url('/rating/rate.php', array('contextid' => $context->id)); if (!confirm_sesskey() || !has_capability('moodle/rating:rate', $context)) { echo $OUTPUT->header(); echo get_string('ratepermissiondenied', 'rating'); echo $OUTPUT->footer(); die; } $rm = new rating_manager(); //check the module rating permissions //doing this check here rather than within rating_manager::get_ratings() so we can return a json error response $pluginpermissionsarray = $rm->get_plugin_permissions_array($context->id, $component); if (!$pluginpermissionsarray['rate']) { $result->error = get_string('ratepermissiondenied', 'rating'); echo json_encode($result); die; } else { $params = array('context' => $context, 'itemid' => $itemid, 'scaleid' => $scaleid, 'rating' => $userrating, 'rateduserid' => $rateduserid); if (!$rm->check_rating_is_valid($component, $params)) { echo $OUTPUT->header(); echo get_string('ratinginvalid', 'rating'); echo $OUTPUT->footer(); die; } } if ($userrating != RATING_UNSET_RATING) { $ratingoptions = new stdClass();
/** * Get ratings created since a given time. * * @param stdClass $context context object * @param string $component component name * @param int $since the time to check * @return array list of ratings db records since the given timelimit * @since Moodle 3.2 */ public function get_component_ratings_since($context, $component, $since) { global $DB, $USER; $ratingssince = array(); $where = 'contextid = ? AND component = ? AND (timecreated > ? OR timemodified > ?)'; $ratings = $DB->get_records_select('rating', $where, array($context->id, $component, $since, $since)); // Check area by area if we have permissions. $permissions = array(); $rm = new rating_manager(); foreach ($ratings as $rating) { // Check if the permission array for the area is cached. if (!isset($permissions[$rating->ratingarea])) { $permissions[$rating->ratingarea] = $rm->get_plugin_permissions_array($context->id, $component, $rating->ratingarea); } if ($permissions[$rating->ratingarea]['view'] and $rating->userid == $USER->id or ($permissions[$rating->ratingarea]['viewany'] or $permissions[$rating->ratingarea]['viewall'])) { $ratingssince[$rating->id] = $rating; } } return $ratingssince; }