예제 #1
0
function create_backup_is_admin($_cid)
{
    $this_section = SECTION_COURSES;
    if (isset($_GET['session']) && $_GET['session']) {
        $archive_path = api_get_path(SYS_ARCHIVE_PATH);
        $_cid = true;
        $is_courseAdmin = true;
    } else {
        $archive_path = api_get_path(SYS_ARCHIVE_PATH);
    }
    $archive_file = $_GET['archive'];
    $archive_file = str_replace(array('..', '/', '\\'), '', $archive_file);
    list($extension) = getextension($archive_file);
    if (empty($extension) || !file_exists($archive_path . $archive_file)) {
        return false;
    }
    $extension = strtolower($extension);
    $content_type = '';
    if (in_array($extension, array('xml', 'csv')) && (api_is_platform_admin(true) || api_is_drh())) {
        $content_type = 'application/force-download';
        // TODO: The following unclear condition is commented ant is to be checked. A replacement has been proposed.
        //} elseif (strtolower($extension) == 'zip' || ('html' && $_cid && (api_is_platform_admin(true) || $is_courseAdmin))) {
    } elseif ($extension == 'zip' && $_cid && (api_is_platform_admin(true) || $is_courseAdmin)) {
        //
        $content_type = 'application/force-download';
    }
    if (empty($content_type)) {
        return false;
    }
    return true;
}
예제 #2
0
function storage_can_set($sv_user) {
	// platform admin can change any user's stored values, other users can only change their own values
	$allowed = ((api_is_platform_admin()) || ($sv_user == api_get_user_id()));
	if (!$allowed) {
		print "ERROR : Not allowed";
	}
	return $allowed;
}
예제 #3
0
 /**
  * @param string $name
  * @param Request $request
  * @return Response
  */
 public function classicAction($name, Request $request)
 {
     // get.
     $_GET = $request->query->all();
     // post.
     $_POST = $request->request->all();
     $rootDir = $this->get('kernel')->getRealRootDir();
     //$_REQUEST = $request->request->all();
     $mainPath = $rootDir . 'main/';
     $fileToLoad = $mainPath . $name;
     // Setting legacy values inside the container
     /** @var Connection $dbConnection */
     $dbConnection = $this->container->get('database_connection');
     $em = $this->get('kernel')->getContainer()->get('doctrine.orm.entity_manager');
     $database = new \Database($dbConnection, array());
     $database->setConnection($dbConnection);
     $database->setManager($em);
     Container::$container = $this->container;
     Container::$dataDir = $this->container->get('kernel')->getDataDir();
     Container::$courseDir = $this->container->get('kernel')->getDataDir();
     //Container::$configDir = $this->container->get('kernel')->getConfigDir();
     $this->container->get('twig')->addGlobal('api_get_cidreq', api_get_cidreq());
     //$breadcrumb = $this->container->get('chamilo_core.block.breadcrumb');
     if (is_file($fileToLoad) && \Security::check_abs_path($fileToLoad, $mainPath)) {
         // Files inside /main need this variables to be set
         $is_allowed_in_course = api_is_allowed_in_course();
         $is_courseAdmin = api_is_course_admin();
         $is_platformAdmin = api_is_platform_admin();
         $toolNameFromFile = basename(dirname($fileToLoad));
         $charset = 'UTF-8';
         // Default values
         $_course = api_get_course_info();
         $_user = api_get_user_info();
         $debug = $this->container->get('kernel')->getEnvironment() == 'dev' ? true : false;
         // Loading file
         ob_start();
         require_once $fileToLoad;
         $out = ob_get_contents();
         ob_end_clean();
         // No browser cache when executing an exercise.
         if ($name == 'exercice/exercise_submit.php') {
             $responseHeaders = array('cache-control' => 'no-store, no-cache, must-revalidate');
         }
         $js = isset($htmlHeadXtra) ? $htmlHeadXtra : array();
         // $interbreadcrumb is loaded in the require_once file.
         $interbreadcrumb = isset($interbreadcrumb) ? $interbreadcrumb : null;
         $template = Container::$legacyTemplate;
         $defaultLayout = 'layout_one_col.html.twig';
         if (!empty($template)) {
             $defaultLayout = $template;
         }
         return $this->render('ChamiloCoreBundle::' . $defaultLayout, array('legacy_breadcrumb' => $interbreadcrumb, 'content' => $out, 'js' => $js));
     } else {
         // Found does not exist
         throw new NotFoundHttpException();
     }
 }
 /**
  * Handles default Chamilo scripts handled by Display::display_header() and display_footer()
  *
  * @param \Silex\Application $app
  * @param string $file
  *
  * @return \Symfony\Component\HttpFoundation\RedirectResponse|\Symfony\Component\HttpFoundation\Response|void
  */
 public function classicAction(Application $app, $file)
 {
     $responseHeaders = array();
     /** @var Request $request */
     $request = $app['request'];
     // get.
     $_GET = $request->query->all();
     // post.
     $_POST = $request->request->all();
     // echo $request->getMethod();
     //$_REQUEST = $request->request->all();
     $mainPath = $app['paths']['sys_root'] . 'main/';
     $fileToLoad = $mainPath . $file;
     if (is_file($fileToLoad) && \Security::check_abs_path($fileToLoad, $mainPath)) {
         // Default values
         $_course = api_get_course_info();
         $_user = api_get_user_info();
         $charset = 'UTF-8';
         $debug = $app['debug'];
         $text_dir = api_get_text_direction();
         $is_platformAdmin = api_is_platform_admin();
         $_cid = api_get_course_id();
         // Loading file
         ob_start();
         require_once $mainPath . $file;
         $out = ob_get_contents();
         ob_end_clean();
         // No browser cache when executing an exercise.
         if ($file == 'exercice/exercise_submit.php') {
             $responseHeaders = array('cache-control' => 'no-store, no-cache, must-revalidate');
         }
         // Setting page header/footer conditions (important for LPs)
         $app['template']->setFooter($app['template.show_footer']);
         $app['template']->setHeader($app['template.show_header']);
         if (isset($htmlHeadXtra)) {
             $app['template']->addJsFiles($htmlHeadXtra);
         }
         if (isset($interbreadcrumb)) {
             $app['template']->setBreadcrumb($interbreadcrumb);
             $app['template']->loadBreadcrumbToTemplate();
         }
         if (isset($tpl)) {
             $response = $app['twig']->render($app['default_layout']);
         } else {
             $app['template']->assign('content', $out);
             $response = $app['twig']->render($app['default_layout']);
         }
     } else {
         return $app->abort(404, 'File not found');
     }
     return new Response($response, 200, $responseHeaders);
 }
예제 #5
0
 /**
  *
  * @return string
  */
 public function indexAction(Application $app, $id)
 {
     $actions = null;
     if (api_is_platform_admin()) {
         $actions = '<a href="' . api_get_path(WEB_PATH) . 'main/admin/system_announcements.php">' . \Display::return_icon('edit.png', get_lang('EditSystemAnnouncement'), array(), 32) . '</a>';
     }
     if (api_is_anonymous()) {
         $visibility = \SystemAnnouncementManager::VISIBLE_GUEST;
     } else {
         $visibility = api_is_allowed_to_create_course() ? \SystemAnnouncementManager::VISIBLE_TEACHER : \SystemAnnouncementManager::VISIBLE_STUDENT;
     }
     $content = \SystemAnnouncementManager::display_announcements_slider($visibility, $id);
     $app['template']->assign('content', $content);
     $app['template']->assign('actions', $actions);
     $response = $app['template']->renderLayout('layout_1_col.tpl');
     return new Response($response, 200, array());
 }
예제 #6
0
 /**
  * @inheritdoc
  */
 public function __construct($router, $toolbar = null, $config = array(), $prefix = null)
 {
     // Adding plugins depending of platform conditions
     $plugins = array();
     if (api_get_setting('document.show_glossary_in_documents') == 'ismanual') {
         $plugins[] = 'glossary';
     }
     if (api_get_setting('editor.youtube_for_students') == 'true') {
         $plugins[] = 'youtube';
     } else {
         if (api_is_allowed_to_edit() || api_is_platform_admin()) {
             $plugins[] = 'youtube';
         }
     }
     if (api_get_setting('editor.enabled_googlemaps') == 'true') {
         $plugins[] = 'leaflet';
     }
     if (api_get_setting('editor.math_asciimathML') == 'true') {
         $plugins[] = 'asciimath';
     }
     if (api_get_setting('editor.enabled_mathjax') == 'true') {
         $plugins[] = 'mathjax';
         $config['mathJaxLib'] = api_get_path(WEB_PATH) . 'web/assets/MathJax/MathJax.js?config=AM_HTMLorMML';
     }
     if (api_get_setting('editor.enabled_asciisvg') == 'true') {
         $plugins[] = 'asciisvg';
     }
     if (api_get_setting('editor.enabled_wiris') == 'true') {
         // Commercial plugin
         $plugins[] = 'ckeditor_wiris';
     }
     if (api_get_setting('editor.enabled_imgmap') == 'true') {
         $plugins[] = 'mapping';
     }
     /*if (api_get_setting('block_copy_paste_for_students') == 'true') {
           // Missing
       }*/
     if (api_get_setting('editor.more_buttons_maximized_mode') == 'true') {
         $plugins[] = 'toolbarswitch';
     }
     if (api_get_setting('editor.allow_spellcheck') == 'true') {
         $plugins[] = 'scayt';
     }
     $this->defaultPlugins = array_merge($this->defaultPlugins, $plugins);
     parent::__construct($router, $toolbar, $config, $prefix);
 }
예제 #7
0
/**
 * Get course data to display
 * @param int $from
 * @param int $number_of_items
 * @param int $column
 * @param string $direction
 *
 * @return array
 */
function get_course_data($from, $number_of_items, $column, $direction)
{
    $course_table = Database::get_main_table(TABLE_MAIN_COURSE);
    $sql = "SELECT  code AS col0,\n                    title AS col1,\n                    code AS col2,\n                    course_language AS col3,\n                    category_code AS col4,\n                    subscribe AS col5,\n                    unsubscribe AS col6,\n                    code AS col7,\n                    visibility AS col8,\n                    directory as col9,\n                    visual_code\n    \t\tFROM {$course_table}";
    if ((api_is_platform_admin() || api_is_session_admin()) && api_is_multiple_url_enabled() && api_get_current_access_url_id() != -1) {
        $access_url_rel_course_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
        $sql .= " INNER JOIN {$access_url_rel_course_table} url_rel_course ON (id = url_rel_course.c_id)";
    }
    if (isset($_GET['keyword'])) {
        $keyword = Database::escape_string("%" . trim($_GET['keyword']) . "%");
        $sql .= " WHERE (\n            title LIKE '" . $keyword . "' OR\n            code LIKE '" . $keyword . "' OR\n            visual_code LIKE '" . $keyword . "'\n        )\n        ";
    } elseif (isset($_GET['keyword_code'])) {
        $keyword_code = Database::escape_string("%" . $_GET['keyword_code'] . "%");
        $keyword_title = Database::escape_string("%" . $_GET['keyword_title'] . "%");
        $keyword_category = Database::escape_string("%" . $_GET['keyword_category'] . "%");
        $keyword_language = Database::escape_string("%" . $_GET['keyword_language'] . "%");
        $keyword_visibility = Database::escape_string("%" . $_GET['keyword_visibility'] . "%");
        $keyword_subscribe = Database::escape_string($_GET['keyword_subscribe']);
        $keyword_unsubscribe = Database::escape_string($_GET['keyword_unsubscribe']);
        $sql .= " WHERE\n                (code LIKE '" . $keyword_code . "' OR visual_code LIKE '" . $keyword_code . "') AND\n                title LIKE '" . $keyword_title . "' AND\n                category_code LIKE '" . $keyword_category . "' AND\n                course_language LIKE '" . $keyword_language . "' AND\n                visibility LIKE '" . $keyword_visibility . "' AND\n                subscribe LIKE '" . $keyword_subscribe . "' AND\n                unsubscribe LIKE '" . $keyword_unsubscribe . "'";
    }
    // Adding the filter to see the user's only of the current access_url.
    if ((api_is_platform_admin() || api_is_session_admin()) && api_is_multiple_url_enabled() && api_get_current_access_url_id() != -1) {
        $sql .= " AND url_rel_course.access_url_id=" . api_get_current_access_url_id();
    }
    $sql .= " ORDER BY col{$column} {$direction} ";
    $sql .= " LIMIT {$from}, {$number_of_items}";
    $res = Database::query($sql);
    $courses = array();
    $languages = api_get_languages_to_array();
    while ($course = Database::fetch_array($res)) {
        // Place colour icons in front of courses.
        $show_visual_code = $course['visual_code'] != $course[2] ? Display::label($course['visual_code'], 'info') : null;
        $course[1] = get_course_visibility_icon($course[8]) . '<a href="' . api_get_path(WEB_COURSE_PATH) . $course[9] . '/index.php">' . $course[1] . '</a> ' . $show_visual_code;
        $course[5] = $course[5] == SUBSCRIBE_ALLOWED ? get_lang('Yes') : get_lang('No');
        $course[6] = $course[6] == UNSUBSCRIBE_ALLOWED ? get_lang('Yes') : get_lang('No');
        $language = isset($languages[$course[3]]) ? $languages[$course[3]] : $course[3];
        $course_rem = array($course[0], $course[1], $course[2], $language, $course[4], $course[5], $course[6], $course[7]);
        $courses[] = $course_rem;
    }
    return $courses;
}
예제 #8
0
 /**
  * @param int $group_id
  * @param int $user_id
  * @return bool
  */
 public function is_group_member($group_id, $user_id = 0)
 {
     if (api_is_platform_admin()) {
         return true;
     }
     if (empty($user_id)) {
         $user_id = api_get_user_id();
     }
     $roles = array(GROUP_USER_PERMISSION_ADMIN, GROUP_USER_PERMISSION_MODERATOR, GROUP_USER_PERMISSION_READER, GROUP_USER_PERMISSION_HRM);
     $user_role = self::get_user_group_role($user_id, $group_id);
     if (in_array($user_role, $roles)) {
         return true;
     } else {
         return false;
     }
 }
예제 #9
0
$from = isset($_GET['from']) ? $_GET['from'] : null;

// Starting the output buffering when we are exporting the information.
$export_csv = isset($_GET['export']) && $_GET['export'] == 'csv' ? true : false;
$session_id = intval($_REQUEST['id_session']);

if ($from == 'myspace') {
    $from_myspace = true;
    $this_section = "session_my_space";
} else {
    $this_section = SECTION_COURSES;
}

// Access restrictions.
$is_allowedToTrack =
    api_is_platform_admin() ||
    api_is_allowed_to_create_course() ||
    api_is_session_admin() ||
    api_is_drh() ||
    api_is_course_tutor() ||
    api_is_course_admin();

if (!$is_allowedToTrack) {
    api_not_allowed(true);
    exit;
}

// If the user is a HR director (drh)
if (api_is_drh()) {
    // Blocking course for drh
    if (api_drh_can_access_all_session_content()) {
예제 #10
0
 * @author Isaac Flores Paz <*****@*****.**>
 * @todo use Display::panel()
 * @package chamilo.social
 */
$cidReset = true;
require_once '../inc/global.inc.php';
// Include OpenGraph NOT AVAILABLE
require_once api_get_path(LIBRARY_PATH) . 'opengraph/OpenGraph.php';
if (api_get_setting('allow_social_tool') != 'true') {
    $url = api_get_path(WEB_PATH) . 'whoisonline.php?id=' . intval($_GET['u']);
    header('Location: ' . $url);
    exit;
}
$user_id = api_get_user_id();
$friendId = isset($_GET['u']) ? intval($_GET['u']) : api_get_user_id();
$isAdmin = api_is_platform_admin($user_id);
$userGroup = new UserGroup();
$show_full_profile = true;
//social tab
$this_section = SECTION_SOCIAL;
//Initialize blocks
$social_extra_info_block = null;
$social_course_block = null;
$social_group_info_block = null;
$social_rss_block = null;
$social_session_block = null;
if (!empty($_POST['social_wall_new_msg_main']) || !empty($_FILES['picture']['tmp_name'])) {
    $messageId = 0;
    $messageContent = $_POST['social_wall_new_msg_main'];
    if (!empty($_POST['url_content'])) {
        $messageContent = $_POST['social_wall_new_msg_main'] . '<br><br>' . $_POST['url_content'];
예제 #11
0
 /**
  * Removes the category with id=in_id from the database if no question use this category
  * @todo I'm removing the $in_id parameter because it seems that you're using $this->id instead of $in_id after confirmation delete this
  * jmontoya
  */
 public function removeCategory()
 {
     $category = Database::getManager()->find('Chamilo\\CoreBundle\\CQuizCategory', $this->id);
     if (!$category) {
         return false;
     }
     //Only admins can delete global categories
     $courseId = $category->getCId();
     //Only admins can delete global categories
     if (empty($courseId) && !api_is_platform_admin() || api_is_question_manager()) {
         return false;
     }
     $repo = Database::getManager()->getRepository('ChamiloCoreBundle:CQuizCategory');
     $repo->removeFromTree($category);
     // clear cached nodes
     Database::getManager()->clear();
     return true;
 }
예제 #12
0
    /**
     * Set footer parameters
     */
    private function set_footer_parameters()
    {
        global $_configuration;

        //Show admin data
        //$this->assign('show_administrator_data', api_get_setting('show_administrator_data'));

        if (api_get_setting('show_administrator_data') == 'true') {
            //Administrator name
            $administrator_data = get_lang('Manager').' : '.Display::encrypted_mailto_link(
                    api_get_setting('emailAdministrator'),
                    api_get_person_name(api_get_setting('administratorName'), api_get_setting('administratorSurname'))
                );
            $this->assign('administrator_name', $administrator_data);
        }

        //Loading footer extra content
        if (!api_is_platform_admin()) {
            $extra_footer = trim(api_get_setting('footer_extra_content'));
            if (!empty($extra_footer)) {
                $this->assign('footer_extra_content', $extra_footer);
            }
        }

        //Tutor name
        if (api_get_setting('show_tutor_data') == 'true') {
            // Course manager
            $id_course  = api_get_course_id();
            $id_session = api_get_session_id();
            if (isset($id_course) && $id_course != -1) {
                $tutor_data = '';
                if ($id_session != 0) {
                    $coachs_email = CourseManager::get_email_of_tutor_to_session($id_session, $id_course);
                    $email_link   = array();
                    foreach ($coachs_email as $coach) {
                        $email_link[] = Display::encrypted_mailto_link($coach['email'], $coach['complete_name']);
                    }
                    if (count($coachs_email) > 1) {
                        $tutor_data .= get_lang('Coachs').' : ';
                        $tutor_data .= array_to_string($email_link, CourseManager::USER_SEPARATOR);
                    } elseif (count($coachs_email) == 1) {
                        $tutor_data .= get_lang('Coach').' : ';
                        $tutor_data .= array_to_string($email_link, CourseManager::USER_SEPARATOR);
                    } elseif (count($coachs_email) == 0) {
                        $tutor_data .= '';
                    }
                }
                $this->assign('session_teachers', $tutor_data);
            }
        }

        if (api_get_setting('show_teacher_data') == 'true') {
            // course manager
            $id_course = api_get_course_id();
            if (isset($id_course) && $id_course != -1) {
                $teacher_data = '';
                $mail         = CourseManager::get_emails_of_tutors_to_course($id_course);
                if (!empty($mail)) {
                    $teachers_parsed = array();
                    foreach ($mail as $value) {
                        foreach ($value as $email => $name) {
                            $teachers_parsed[] = Display::encrypted_mailto_link($email, $name);
                        }
                    }
                    $label = get_lang('Teacher');
                    if (count($mail) > 1) {
                        $label = get_lang('Teachers');
                    }
                    $teacher_data .= $label.' : '.array_to_string($teachers_parsed, CourseManager::USER_SEPARATOR);
                }
                $this->assign('teachers', $teacher_data);
            }
        }
        /* $stats = '';
          $this->assign('execution_stats', $stats); */
    }
예제 #13
0
파일: user.php 프로젝트: KRCM13/chamilo-lms
/**
 * Build the modify-column of the table
 * @param int $user_id The user id
 * @return string Some HTML-code
 */
function modify_filter($user_id, $row, $data)
{
    global $is_allowed_to_track, $charset;
    $user_id = $data[0];
    $course_info = $_course = api_get_course_info();
    $current_user_id = api_get_user_id();
    $sessionId = api_get_session_id();
    $type = isset($_REQUEST['type']) ? intval($_REQUEST['type']) : STUDENT;
    $result = "";
    if ($is_allowed_to_track) {
        $result .= '<a href="../mySpace/myStudents.php?' . api_get_cidreq() . '&student=' . $user_id . '&details=true&course=' . $_course['id'] . '&origin=user_course&id_session=' . api_get_session_id() . '" title="' . get_lang('Tracking') . '"  >
            <img border="0" alt="' . get_lang('Tracking') . '" src="../img/icons/22/stats.png" />
        </a>';
    }
    // If platform admin, show the login_as icon (this drastically shortens
    // time taken by support to test things out)
    if (api_is_platform_admin()) {
        $result .= ' <a href="' . api_get_path(WEB_CODE_PATH) . 'admin/user_list.php?action=login_as&user_id=' . $user_id . '&sec_token=' . $_SESSION['sec_token'] . '">' . Display::return_icon('login_as.gif', get_lang('LoginAs')) . '</a>&nbsp;&nbsp;';
    }
    if (api_is_allowed_to_edit(null, true)) {
        if (empty($sessionId)) {
            $isTutor = isset($data['is_tutor']) ? intval($data['is_tutor']) : 0;
            $isTutor = empty($isTutor) ? 1 : 0;
            $text = get_lang('RemoveTutorStatus');
            if ($isTutor) {
                $text = get_lang('SetTutor');
            }
            $disabled = '';
            if ($data['user_status_in_course'] == STUDENT) {
                $result .= Display::url($text, 'user.php?' . api_get_cidreq() . '&action=set_tutor&is_tutor=' . $isTutor . '&user_id=' . $user_id . '&type=' . $type, array('class' => 'btn btn-default ' . $disabled)) . '&nbsp;';
            }
        }
        // edit
        if (api_get_setting('allow_user_course_subscription_by_course_admin') == 'true' or api_is_platform_admin()) {
            // unregister
            if ($user_id != $current_user_id || api_is_platform_admin()) {
                $result .= '<a class="btn btn-small btn-danger" href="' . api_get_self() . '?' . api_get_cidreq() . '&type=' . $type . '&unregister=yes&user_id=' . $user_id . '" title="' . get_lang('Unreg') . ' " onclick="javascript:if(!confirm(\'' . addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)) . '\')) return false;">' . get_lang('Unreg') . '</a>&nbsp;';
            } else {
                //$result .= Display::return_icon('unsubscribe_course_na.png', get_lang('Unreg'),'',ICON_SIZE_SMALL).'</a>&nbsp;';
            }
        }
    } else {
        // Show buttons for unsubscribe
        if ($course_info['unsubscribe'] == 1) {
            if ($user_id == $current_user_id) {
                $result .= '<a class="btn btn-small btn-danger" href="' . api_get_self() . '?' . api_get_cidreq() . '&type=' . $type . '&unregister=yes&user_id=' . $user_id . '" title="' . get_lang('Unreg') . ' " onclick="javascript:if(!confirm(\'' . addslashes(api_htmlentities(get_lang('ConfirmYourChoice'), ENT_QUOTES, $charset)) . '\')) return false;">' . get_lang('Unreg') . '</a>&nbsp;';
            }
        }
    }
    return $result;
}
예제 #14
0
//todo @this validation could be in a function in group_portal_manager
if (empty($group_id)) {
    api_not_allowed(true);
} else {
    $group_info = $usergroup->get($group_id);
    if (empty($group_info)) {
        api_not_allowed(true);
    }
    $is_member = $usergroup->is_group_member($group_id);
    if ($group_info['visibility'] == GROUP_PERMISSION_CLOSED && !$is_member) {
        api_not_allowed(true);
    }
}
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'delete') {
    $group_role = $usergroup->get_user_group_role(api_get_user_id(), $group_id);
    if (api_is_platform_admin() || in_array($group_role, array(GROUP_USER_PERMISSION_ADMIN, GROUP_USER_PERMISSION_MODERATOR))) {
        $usergroup->delete_topic($group_id, $topic_id);
        Display::addFlash(DIsplay::return_message(get_lang('Deleted')));
        header("Location: group_view.php?id={$group_id}");
        exit;
    }
}
$content = null;
$social_right_content = '';
if (isset($_POST['action'])) {
    $title = isset($_POST['title']) ? $_POST['title'] : null;
    $content = $_POST['content'];
    $group_id = intval($_POST['group_id']);
    $parent_id = intval($_POST['parent_id']);
    if ($_POST['action'] == 'reply_message_group') {
        $title = cut($content, 50);
예제 #15
0
 /**
  * @param int $userId
  * @param array $groupInfo
  * @param int $sessionId
  *
  * @return bool
  */
 public static function userHasAccessToBrowse($userId, $groupInfo, $sessionId = 0)
 {
     if (empty($groupInfo)) {
         return false;
     }
     if (api_is_platform_admin()) {
         return true;
     }
     if (api_is_allowed_to_edit(false, true)) {
         return true;
     }
     $groupId = $groupInfo['id'];
     $tutors = self::get_subscribed_tutors($groupId, true);
     if (in_array($userId, $tutors)) {
         return true;
     }
     if ($groupInfo['status'] == 0) {
         return false;
     }
     if (self::user_has_access($userId, $groupId, self::GROUP_TOOL_FORUM) || self::user_has_access($userId, $groupId, self::GROUP_TOOL_DOCUMENTS) || self::user_has_access($userId, $groupId, self::GROUP_TOOL_CALENDAR) || self::user_has_access($userId, $groupId, self::GROUP_TOOL_ANNOUNCEMENT) || self::user_has_access($userId, $groupId, self::GROUP_TOOL_WORK) || self::user_has_access($userId, $groupId, self::GROUP_TOOL_WIKI) || self::user_has_access($userId, $groupId, self::GROUP_TOOL_CHAT)) {
         return true;
     }
     if (api_is_course_coach() && $groupInfo['session_id'] == $sessionId) {
         return true;
     }
     return false;
 }
예제 #16
0
 /**
  * Checks whether a user is teacher in the current course
  * @return bool True if the user can be considered a teacher in this course, false otherwise
  */
 public function isTeacher()
 {
     return api_is_course_admin() || api_is_coach() || api_is_platform_admin();
 }
예제 #17
0
 function check_lock_permissions()
 {
     if (api_is_platform_admin()) {
         return true;
     } else {
         if ($this->is_locked()) {
             api_not_allowed();
         }
     }
 }
예제 #18
0
        Database::query($sql);
        if ($origin == 'tracking_course') {
            //Redirect to the course detail in lp
            header('location: exercise.php?course=' . Security::remove_XSS($_GET['course']));
            exit;
        } else {
            //Redirect to the reporting
            header('location: ../mySpace/myStudents.php?origin=' . $origin . '&student=' . $student_id . '&details=true&course=' . $course_id . '&session_id=' . $session_id);
            exit;
        }
    }
}
$actions = null;
if ($is_allowedToEdit && $origin != 'learnpath') {
    // the form
    if (api_is_platform_admin() || api_is_course_admin() || api_is_course_tutor() || api_is_course_coach()) {
        $actions .= '<a href="admin.php?exerciseId=' . intval($_GET['exerciseId']) . '">' . Display::return_icon('back.png', get_lang('GoBackToQuestionList'), '', ICON_SIZE_MEDIUM) . '</a>';
        $actions .= '<a href="live_stats.php?' . api_get_cidreq() . '&exerciseId=' . $exercise_id . '">' . Display::return_icon('activity_monitor.png', get_lang('LiveResults'), '', ICON_SIZE_MEDIUM) . '</a>';
        $actions .= '<a href="stats.php?' . api_get_cidreq() . '&exerciseId=' . $exercise_id . '">' . Display::return_icon('statistics.png', get_lang('ReportByQuestion'), '', ICON_SIZE_MEDIUM) . '</a>';
        $actions .= '<a id="export_opener" href="' . api_get_self() . '?export_report=1&exerciseId=' . intval($_GET['exerciseId']) . '" >' . Display::return_icon('save.png', get_lang('Export'), '', ICON_SIZE_MEDIUM) . '</a>';
        // clean result before a selected date icon
        $actions .= Display::url(Display::return_icon('clean_before_date.png', get_lang('CleanStudentsResultsBeforeDate'), '', ICON_SIZE_MEDIUM), '#', array('onclick' => "javascript:display_date_picker()"));
        // clean result before a selected date datepicker popup
        $actions .= Display::span(Display::input('input', 'datepicker_start', get_lang('SelectADateOnTheCalendar'), array('onmouseover' => 'datepicker_input_mouseover()', 'id' => 'datepicker_start', 'onchange' => 'datepicker_input_changed()', 'readonly' => 'readonly')) . Display::button('delete', get_lang('Delete'), array('onclick' => 'submit_datepicker()')), array('style' => 'display:none', 'id' => 'datepicker_span'));
    }
} else {
    $actions .= '<a href="exercise.php">' . Display::return_icon('back.png', get_lang('GoBackToQuestionList'), '', ICON_SIZE_MEDIUM) . '</a>';
}
//Deleting an attempt
if (($is_allowedToEdit || $is_tutor || api_is_coach()) && isset($_GET['delete']) && $_GET['delete'] == 'delete' && !empty($_GET['did']) && $locked == false) {
    $exe_id = intval($_GET['did']);
예제 #19
0
}
// When loading a chamilo page do not include the hot courses and news
if (!isset($_REQUEST['include'])) {
    if (api_get_setting('show_hot_courses') == 'true') {
        $hot_courses = $controller->return_hot_courses();
    }
    $announcements_block = $controller->return_announcements();
}
$controller->tpl->assign('hot_courses', $hot_courses);
$controller->tpl->assign('announcements_block', $announcements_block);
$controller->tpl->assign('home_page_block', $controller->return_home_page());
$controller->tpl->assign('navigation_course_links', $controller->return_navigation_links());
$controller->tpl->assign('notice_block', $controller->return_notice());
$controller->tpl->assign('main_navigation_block', $controller->return_navigation_links());
$controller->tpl->assign('help_block', $controller->return_help());
if (api_is_platform_admin() || api_is_drh()) {
    $controller->tpl->assign('skills_block', $controller->return_skills_links());
}
if (api_is_anonymous()) {
    $controller->tpl->setLoginBodyClass();
}
// direct login to course
if (isset($_GET['firstpage'])) {
    api_set_firstpage_parameter($_GET['firstpage']);
    // if we are already logged, go directly to course
    if (api_user_is_login()) {
        echo "<script type='text/javascript'>self.location.href='index.php?firstpage=" . Security::remove_XSS($_GET['firstpage']) . "'</script>";
    }
} else {
    api_delete_firstpage_parameter();
}
 /**
  * Removes the category with id=in_id from the database if no question use this category
  * @todo I'm removing the $in_id parameter because it seems that you're using $this->id instead of $in_id after confirmation delete this
  * jmontoya
  */
 public function removeCategory()
 {
     global $app;
     $category = $app['orm.ems']['db_write']->find('\\Entity\\CQuizCategory', $this->id);
     if (!$category) {
         return false;
     }
     //Only admins can delete global categories
     $courseId = $category->getCId();
     //Only admins can delete global categories
     if (empty($courseId) && !api_is_platform_admin() || api_is_question_manager()) {
         return false;
     }
     $repo = $app['orm.ems']['db_write']->getRepository('Entity\\CQuizCategory');
     $repo->removeFromTree($category);
     // clear cached nodes
     $app['orm.ems']['db_write']->clear();
     return true;
 }
        while ($infos = Database::fetch_array($rs)) {
            $arr_infos[] = $infos['user_id'];
        }
    }
}
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
if (api_is_multiple_url_enabled()) {
    $tbl_access_rel_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
    $access_url_id = api_get_current_access_url_id();
    $sql = "SELECT u.user_id,lastname,firstname,username\n            FROM {$tbl_user} u\n            LEFT JOIN {$tbl_access_rel_user}  a\n            ON(u.user_id= a.user_id)\n            WHERE\n                status='1' AND\n                active = 1 AND\n                access_url_id = {$access_url_id} " . $order_clause;
} else {
    $sql = "SELECT user_id,lastname,firstname,username\n            FROM {$tbl_user}\n            WHERE\n                status = '1' AND\n                active = 1 " . $order_clause;
}
$result = Database::query($sql);
$coaches = Database::store_result($result);
if (!api_is_platform_admin() && api_is_teacher()) {
    $userInfo = api_get_user_info();
    $coaches = [$userInfo];
}
Display::display_header($tool_name);
$tool_name = get_lang('ModifySessionCourse');
api_display_tool_title($tool_name);
?>
<div class="session-course-edit">

<form method="post" action="<?php 
echo api_get_self();
?>
?id_session=<?php 
echo $id_session;
?>
예제 #22
0
    if (empty($group_info)) {
        api_not_allowed(true);
    }
    $is_member = GroupPortalManager::is_group_member($group_id);
    if ($group_info['visibility'] == GROUP_PERMISSION_CLOSED && !$is_member) {
        api_not_allowed(true);
    }
}

if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'delete') {
    $group_role = GroupPortalManager::get_user_group_role(
        api_get_user_id(),
        $group_id
    );

    if (api_is_platform_admin() || in_array(
            $group_role,
            array(GROUP_USER_PERMISSION_ADMIN, GROUP_USER_PERMISSION_MODERATOR)
        )
    ) {
        GroupPortalManager::delete_topic($group_id, $topic_id);
        header(
            "Location: groups.php?id=$group_id&action=show_message&msg=topic_deleted"
        );
    }
}

// save message group
if (isset($_POST['token']) && $_POST['token'] === $_SESSION['sec_token']) {

    if (isset($_POST['action'])) {
 */
$pathopen = isset($_REQUEST['pathopen']) ? $_REQUEST['pathopen'] : null;
// Including the global initialization file
require_once '../inc/global.inc.php';
$current_course_tool = TOOL_TRACKING;
$course_info = api_get_course_info();
$from_myspace = false;
$from = isset($_GET['from']) ? $_GET['from'] : null;
if ($from == 'myspace') {
    $from_myspace = true;
    $this_section = "session_my_space";
} else {
    $this_section = SECTION_COURSES;
}
// Access restrictions.
$is_allowedToTrack = api_is_platform_admin() || api_is_allowed_to_create_course() || api_is_session_admin() || api_is_drh() || api_is_course_tutor();
if (!$is_allowedToTrack) {
    api_not_allowed();
    exit;
}
// Including additional libraries.
require_once api_get_path(SYS_CODE_PATH) . 'resourcelinker/resourcelinker.inc.php';
// Starting the output buffering when we are exporting the information.
$export_csv = isset($_GET['export']) && $_GET['export'] == 'csv' ? true : false;
$session_id = intval($_REQUEST['id_session']);
if ($export_csv) {
    ob_start();
}
if (empty($session_id)) {
    $session_id = api_get_session_id();
}
예제 #24
0
$this_section = SECTION_TRACKING;
api_block_anonymous_users();
$htmlHeadXtra[] = api_get_jqgrid_js();
$interbreadcrumb[] = array("url" => "index.php", "name" => get_lang('MySpace'));
Display::display_header(get_lang('Sessions'));
$export_csv = false;
if (isset($_GET['export']) && $_GET['export'] == 'csv') {
    $export_csv = true;
}
/*	MAIN CODE */
if (isset($_GET['id_coach']) && $_GET['id_coach'] != '') {
    $id_coach = intval($_GET['id_coach']);
} else {
    $id_coach = api_get_user_id();
}
if (api_is_drh() || api_is_session_admin() || api_is_platform_admin()) {
    $a_sessions = SessionManager::get_sessions_followed_by_drh(api_get_user_id());
    if (!api_is_session_admin()) {
        $menu_items[] = Display::url(Display::return_icon('stats.png', get_lang('MyStats'), '', ICON_SIZE_MEDIUM), api_get_path(WEB_CODE_PATH) . "auth/my_progress.php");
        $menu_items[] = Display::url(Display::return_icon('user.png', get_lang('Students'), array(), ICON_SIZE_MEDIUM), "index.php?view=drh_students&amp;display=yourstudents");
        $menu_items[] = Display::url(Display::return_icon('teacher.png', get_lang('Trainers'), array(), ICON_SIZE_MEDIUM), 'teachers.php');
        $menu_items[] = Display::url(Display::return_icon('course.png', get_lang('Courses'), array(), ICON_SIZE_MEDIUM), 'course.php');
        $menu_items[] = Display::url(Display::return_icon('session_na.png', get_lang('Sessions'), array(), ICON_SIZE_MEDIUM), '#');
    }
    $actionsLeft = '';
    $nb_menu_items = count($menu_items);
    if ($nb_menu_items > 1) {
        foreach ($menu_items as $key => $item) {
            $actionsLeft .= $item;
        }
    }
예제 #25
0
<?php

/* See license terms in /license.txt */
//require_once '../../main/inc/global.inc.php';
//Add the JS needed to use the jqgrid
$htmlHeadXtra[] = api_get_jqgrid_js();
$allowed = api_is_platform_admin() || api_is_drh();
if (!$allowed) {
    api_not_allowed(true);
}
Display::display_header();
//jqgrid will use this URL to do the selects
$url = api_get_path(WEB_AJAX_PATH) . 'model.ajax.php?a=get_user_list_plugin_widescale';
//The order is important you need to check the the $column variable in the model.ajax.php file
$columns = array(get_lang('Username'), get_lang('Firstname'), get_lang('Lastname'), get_lang('Password'));
//Column config
$column_model = array(array('name' => 'username', 'index' => 'username', 'width' => '100', 'align' => 'left'), array('name' => 'firstname', 'index' => 'firstname', 'width' => '100', 'align' => 'left'), array('name' => 'lastname', 'index' => 'lastname', 'width' => '100', 'align' => 'left'), array('name' => 'exam_password', 'index' => 'exam_password', 'width' => '100', 'align' => 'left', 'sortable' => 'false'));
//Autowidth
$extra_params['autowidth'] = 'true';
//height auto
$extra_params['height'] = 'auto';
//With this function we can add actions to the jgrid (edit, delete, etc)
/*
$action_links = 'function action_formatter(cellvalue, options, rowObject) {
     return \'<a href="?action=edit&id=\'+options.rowId+\'">'.Display::return_icon('edit.png',get_lang('Edit'),'',ICON_SIZE_SMALL).'</a>'.
     '&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;"  href="?sec_token='.$token.'&action=copy&id=\'+options.rowId+\'">'.Display::return_icon('copy.png',get_lang('Copy'),'',ICON_SIZE_SMALL).'</a>'.
     '&nbsp;<a onclick="javascript:if(!confirm('."\'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES))."\'".')) return false;"  href="?sec_token='.$token.'&action=delete&id=\'+options.rowId+\'">'.Display::return_icon('delete.png',get_lang('Delete'),'',ICON_SIZE_SMALL).'</a>'.
     '\';
 }';*/
$action_links = null;
$room = UserManager::get_extra_user_data_by_field(api_get_user_id(), 'exam_room');
$current_user_id = api_get_user_id();
// setting the name of the tool
if (UserManager::is_admin($user_id)) {
    $tool_name = get_lang('AssignSessionsToPlatformAdministrator');
} else {
    if ($user_info['status'] == SESSIONADMIN) {
        $tool_name = get_lang('AssignSessionsToSessionsAdministrator');
    } else {
        $tool_name = get_lang('AssignSessionsToHumanResourcesManager');
    }
}
$add_type = 'multiple';
if (isset($_GET['add_type']) && $_GET['add_type'] != '') {
    $add_type = Security::remove_XSS($_REQUEST['add_type']);
}
if (!api_is_platform_admin() && !api_is_session_admin()) {
    api_not_allowed(true);
}
function search_sessions($needle, $type)
{
    global $_configuration, $tbl_session_rel_access_url, $tbl_session, $user_id;
    $xajax_response = new XajaxResponse();
    $return = '';
    if (!empty($needle) && !empty($type)) {
        // xajax send utf8 datas... datas in db can be non-utf8 datas
        $charset = api_get_system_encoding();
        $needle = api_convert_encoding($needle, $charset, 'utf-8');
        $assigned_sessions_to_hrm = SessionManager::get_sessions_followed_by_drh($user_id);
        $assigned_sessions_id = array_keys($assigned_sessions_to_hrm);
        $without_assigned_sessions = '';
        if (count($assigned_sessions_id) > 0) {
예제 #27
0
    $defaults['activate_start_date_check'] = 1;
}
$form->addElement('html', '<div id="start_date_div" style="display:' . $display_date . ';">');
$form->addElement('datepicker', 'publicated_on', get_lang('PublicationDate'), array('form_name' => 'form1'), 5);
$form->addElement('html', '</div>');
//End date
$form->addElement('checkbox', 'activate_end_date_check', null, get_lang('EnableEndTime'), array('onclick' => 'activate_end_date()'));
$display_date = 'none';
if ($expired_on != '0000-00-00 00:00:00' && !empty($expired_on)) {
    $display_date = 'block';
    $defaults['activate_end_date_check'] = 1;
}
$form->addElement('html', '<div id="end_date_div" style="display:' . $display_date . ';">');
$form->addElement('datepicker', 'expired_on', get_lang('ExpirationDate'), array('form_name' => 'exercise_admin'), 5);
$form->addElement('html', '</div>');
if (api_is_platform_admin()) {
    $form->addElement('checkbox', 'use_max_score', null, get_lang('UseMaxScore100'));
    $defaults['use_max_score'] = $_SESSION['oLP']->use_max_score;
}
$form->addElement('checkbox', 'subscribe_users', null, get_lang('SubscribeUsersToLP'));
$extraField = new ExtraField('lp');
$extra = $extraField->addElements($form, $_SESSION['oLP']->get_id());
$htmlHeadXtra[] = '<script src="' . api_get_path(WEB_LIBRARY_PATH) . 'javascript/tag/jquery.fcbkcomplete.js" type="text/javascript" language="javascript"></script>';
$htmlHeadXtra[] = '<link  href="' . api_get_path(WEB_LIBRARY_PATH) . 'javascript/tag/style.css" rel="stylesheet" type="text/css" />';
$htmlHeadXtra[] = '<script>
$(function() {
    ' . $extra['jquery_ready_content'] . '
});
</script>';
//Submit button
$form->addElement('style_submit_button', 'Submit', get_lang('SaveLPSettings'), 'class="save"');
예제 #28
0
     echo '';
     break;
 }
 $track_online_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ONLINE);
 $tbl_my_user = Database::get_main_table(TABLE_MAIN_USER);
 $tbl_my_user_friend = Database::get_main_table(TABLE_MAIN_USER_REL_USER);
 $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
 $tbl_access_url_rel_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
 $search = Database::escape_string($_REQUEST['q']);
 $access_url_id = api_get_multiple_access_url() == 'true' ? api_get_current_access_url_id() : 1;
 $user_id = api_get_user_id();
 $is_western_name_order = api_is_western_name_order();
 $likeCondition = " AND (firstname LIKE '%{$search}%' OR lastname LIKE '%{$search}%' OR email LIKE '%{$search}%') ";
 if (api_get_setting('social.allow_social_tool') == 'true' && api_get_setting('message.allow_message_tool') == 'true') {
     // All users
     if (api_get_setting('message.allow_send_message_to_all_platform_users') == 'true' || api_is_platform_admin()) {
         if ($access_url_id != 0) {
             $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email\n                            FROM {$tbl_user} u LEFT JOIN {$tbl_access_url_rel_user} r ON u.user_id = r.user_id\n                            WHERE\n                                u.status <> 6  AND\n                                u.user_id <> {$user_id} AND\n                                r.access_url_id = {$access_url_id}\n                                {$likeCondition} ";
         } else {
             $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email\n                            FROM {$tbl_user} u\n                            WHERE\n                                u.status <> 6  AND\n                                u.user_id <> {$user_id}\n                                {$likeCondition} ";
         }
     } else {
         //only my contacts
         if ($access_url_id != 0) {
             $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email\n                            FROM {$tbl_access_url_rel_user} r, {$tbl_my_user_friend} uf\n                            INNER JOIN {$tbl_my_user} AS u\n                            ON uf.friend_user_id = u.user_id\n                            WHERE\n                                u.status <> 6 AND\n                                relation_type NOT IN(" . USER_RELATION_TYPE_DELETED . ", " . USER_RELATION_TYPE_RRHH . ") AND\n                                uf.user_id = {$user_id} AND\n                                friend_user_id <> {$user_id} AND\n                                u.user_id = r.user_id AND\n                                r.access_url_id = {$access_url_id}\n                                {$likeCondition}";
         } else {
             $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email\n                            FROM {$tbl_my_user_friend} uf\n                            INNER JOIN {$tbl_my_user} AS u\n                            ON uf.friend_user_id = u.user_id\n         \t                WHERE\n                                u.status <> 6 AND\n                                relation_type NOT IN(" . USER_RELATION_TYPE_DELETED . ", " . USER_RELATION_TYPE_RRHH . ") AND\n                                uf.user_id = {$user_id} AND\n                                friend_user_id <> {$user_id}\n                                {$likeCondition}";
         }
     }
 } elseif (api_get_setting('social.allow_social_tool') == 'false' && api_get_setting('message.allow_message_tool') == 'true') {
     if (api_get_setting('message.allow_send_message_to_all_platform_users') == 'true') {
예제 #29
0
    Display::display_warning_message(get_lang('NoLinkItems'), false);
}
if (isset($_GET['addallcat'])) {
    Display::display_normal_message(get_lang('AddAllCat'), false);
}
if (isset($confirmation_message)) {
    Display::display_confirmation_message($confirmation_message, $filter_confirm_msg);
}
if (isset($warning_message)) {
    Display::display_warning_message($warning_message, $filter_warning_msg);
}
if (isset($move_form)) {
    Display::display_normal_message($move_form->toHtml(), false);
}
// LOAD DATA & DISPLAY TABLE                             -
$is_platform_admin = api_is_platform_admin();
$is_course_admin = api_is_allowed_to_edit();
//load data for category, evaluation and links
if (!isset($_GET['selectcat']) || empty($_GET['selectcat'])) {
    $category = 0;
} else {
    $category = Security::remove_XSS($_GET['selectcat']);
}
// search form
$simple_search_form = new UserForm(UserForm::TYPE_SIMPLE_SEARCH, null, 'simple_search_form', null, api_get_self() . '?selectcat=' . $selectcat);
$values = $simple_search_form->exportValues();
$keyword = '';
if (isset($_GET['search']) && !empty($_GET['search'])) {
    $keyword = Security::remove_XSS($_GET['search']);
}
if ($simple_search_form->validate() && empty($keyword)) {
예제 #30
0
 /**
  * Check if a user has access to a certain group tool
  * @param int $user_id The user id
  * @param int $group_id The group id
  * @param constant $tool The tool to check the access rights. This should be
  * one of constants: GROUP_TOOL_DOCUMENTS
  * @return bool True if the given user has access to the given tool in the
  * given course.
  */
 public static function user_has_access($user_id, $group_id, $tool)
 {
     // Admin have access everywhere
     if (api_is_platform_admin()) {
         return true;
     }
     // Course admin also have access to everything
     if (api_is_allowed_to_edit()) {
         return true;
     }
     switch ($tool) {
         case self::GROUP_TOOL_FORUM:
             $state_key = 'forum_state';
             break;
         case self::GROUP_TOOL_DOCUMENTS:
             $state_key = 'doc_state';
             break;
         case self::GROUP_TOOL_CALENDAR:
             $state_key = 'calendar_state';
             break;
         case self::GROUP_TOOL_ANNOUNCEMENT:
             $state_key = 'announcements_state';
             break;
         case self::GROUP_TOOL_WORK:
             $state_key = 'work_state';
             break;
         case self::GROUP_TOOL_WIKI:
             $state_key = 'wiki_state';
             break;
         case self::GROUP_TOOL_CHAT:
             $state_key = 'chat_state';
             break;
         default:
             return false;
     }
     $user_is_in_group = self::is_user_in_group($user_id, $group_id);
     // Check group properties
     $group_info = self::get_group_properties($group_id);
     if (empty($group_info)) {
         return false;
     }
     if ($group_info[$state_key] == self::TOOL_NOT_AVAILABLE) {
         return false;
     } elseif ($group_info[$state_key] == self::TOOL_PUBLIC) {
         return true;
     } elseif (api_is_allowed_to_edit(false, true)) {
         return true;
     } elseif ($group_info['tutor_id'] == $user_id) {
         //this tutor implementation was dropped
         return true;
     } elseif ($group_info[$state_key] == self::TOOL_PRIVATE && !$user_is_in_group) {
         return false;
     } else {
         return $user_is_in_group;
     }
 }