Commit 1ab0d9a2 authored by Cecilia Vela Gurovic's avatar Cecilia Vela Gurovic

Bug 1784781: Display/hide block content depending on user roles

Change-Id: I17608fe4f6a4b2f9a82206cf3752e675bf4e0058
behatnotneeded: will be added later
parent d1d6880e
......@@ -38,6 +38,10 @@ class PluginBlocktypePeerassessment extends MaharaCoreBlocktype {
return array('portfolio');
}
public static function display_for_roles($roles) {
return true;
}
public static function render_instance(BlockInstance $instance, $editing=false) {
global $USER;
......@@ -73,9 +77,9 @@ class PluginBlocktypePeerassessment extends MaharaCoreBlocktype {
$smarty = smarty_core();
$smarty->assign('blockid', $instance->get('id'));
$smarty->assign('instructions', $instructions);
$smarty->assign('allowfeedback', true); // @TODO: restrict to peer/manager
$smarty->assign('allowfeedback', $feedback->canedit);
$smarty->assign('addassessmentfeedbackform', pieform($feedbackform));
if ($feedback && $feedback->count > 0) {
if ($feedback && !$editing) {
$smarty->assign('feedback', $feedback);
}
else {
......
......@@ -343,7 +343,7 @@ class ArtefactTypePeerassessment extends ArtefactType {
}
$userid = $USER->get('id');
$viewid = $view->get('id');
$canedit = get_field_sql("SELECT role FROM {view_access} WHERE view = ? AND usr = ? AND role IN('peer','peermanager')", array($viewid, $userid));
$canedit = $USER->can_peer_assess($view);
$owner = $view->get('owner');
$isowner = $userid && $userid == $owner;
......@@ -360,13 +360,14 @@ class ArtefactTypePeerassessment extends ArtefactType {
'data' => array(),
);
$where = 'pa.view = ' . (int)$viewid;
if (!$canedit) {
$where .= ' AND (';
$where .= 'pa.private = 0 '; // assessment is public
$where .= 'OR a.author = ' . (int) $userid; // You are the peer assessment author
$where .= ')';
}
$where = 'pa.view = ? ';
// select assessments that are published
// or select assessments where the user is the author, published or not
$where.= 'AND ( (pa.private = 0) ';
$where.= ' OR (a.author = ?))';
$values = array((int)$viewid, (int)$userid, $block);
$result->count = count_records_sql('
SELECT COUNT(*)
......@@ -377,7 +378,7 @@ class ArtefactTypePeerassessment extends ArtefactType {
LEFT JOIN {artefact} p
ON a.parent = p.id
WHERE ' . $where . '
AND pa.block = ?', array($block));
AND pa.block = ?', $values);
if ($result->count > 0) {
......@@ -402,7 +403,7 @@ class ArtefactTypePeerassessment extends ArtefactType {
WHERE ' . $where . '
AND pa.block = ?
ORDER BY ' . $orderby,
array($block)
$values
);
$found = false;
foreach ($ids as $k => $v) {
......@@ -433,7 +434,7 @@ class ArtefactTypePeerassessment extends ArtefactType {
LEFT JOIN {usr} u ON a.author = u.id
WHERE ' . $where . '
AND pa.block = ?
ORDER BY ' . $orderby, array($block), $offset, $limit);
ORDER BY ' . $orderby, $values, $offset, $limit);
$result->data = array_values($assessments);
}
......
......@@ -1288,6 +1288,22 @@ class User {
return false;
}
/**
* Function to check if the user can add peer assessments to the view
*
* @param $v View object where to add the peer assessment
*/
public function can_peer_assess($v) {
$user_roles = get_column('view_access', 'role', 'usr', $this->get('id'), 'view', $v->get('id'));
if (!empty($user_roles)) {
foreach ($user_roles as $i => $role) {
if ($role == 'peer' || $role == 'peermanager') {
return true;
}
}
}
return false;
}
/**
* Function to check current user can edit collection
*
......
......@@ -588,6 +588,19 @@ abstract class PluginBlocktype extends Plugin implements IPluginBlocktype {
return true;
}
/**
* Defines if the block is viewable by the logged in user
*
* This method should be overridden in the child class, if peer role
* should be able to see the block
*
* @param array user access role for the view
* @return boolean whether display the block content for the roles
*/
public static function display_for_roles($roles) {
return !(count($roles) == 1 && $roles[0] == 'peer');
}
}
......@@ -956,6 +969,8 @@ class BlockInstance {
* javascript to run
*/
public function render_editing($configure=false, $new=false, $jsreply=false) {
global $USER;
safe_require('blocktype', $this->get('blocktype'));
$movecontrols = array();
......@@ -973,11 +988,19 @@ class BlockInstance {
}
else {
try {
$user_roles = get_column('view_access', 'role', 'usr', $USER->get('id'), 'view', $this->view);
if (!call_static_method($blocktypeclass, 'display_for_roles', $user_roles)) {
$content = '';
$css = '';
$js = '';
}
else {
$content = call_static_method(generate_class_name('blocktype', $this->get('blocktype')), 'render_instance', $this, true);
$jsfiles = call_static_method($blocktypeclass, 'get_instance_javascript', $this);
$inlinejs = call_static_method($blocktypeclass, 'get_instance_inline_javascript', $this);
$js = $this->get_get_javascript_javascript($jsfiles) . $inlinejs;
$css = '';
}
}
catch (NotFoundException $e) {
// Whoops - where did the image go? There is possibly a bug
......@@ -1101,6 +1124,7 @@ class BlockInstance {
* @return the rendered block
*/
public function render_viewing($exporting=false) {
global $USER;
if (!safe_require_plugin('blocktype', $this->get('blocktype'))) {
return;
......@@ -1108,8 +1132,15 @@ class BlockInstance {
$smarty = smarty_core();
$user_roles = get_column('view_access', 'role', 'usr', $USER->get('id'), 'view', $this->view);
$classname = generate_class_name('blocktype', $this->get('blocktype'));
if (get_config('ajaxifyblocks') && call_static_method($classname, 'should_ajaxify') && $exporting === false) {
$displayforrole = call_static_method($classname, 'display_for_roles', $user_roles);
if (!$displayforrole) {
$content = '';
$smarty->assign('loadbyajax', false);
}
else if (get_config('ajaxifyblocks') && call_static_method($classname, 'should_ajaxify') && $exporting === false) {
$content = '';
$smarty->assign('loadbyajax', true);
}
......@@ -1150,20 +1181,20 @@ class BlockInstance {
// If this block is for just one artefact, we set the title of the
// block to be a link to view more information about that artefact
$configdata = $this->get('configdata');
if (!empty($configdata['artefactid'])) {
if (!empty($configdata['artefactid']) && $displayforrole) {
if (call_static_method($classname, 'has_title_link')) {
$smarty->assign('viewartefacturl', get_config('wwwroot') . 'artefact/artefact.php?artefact='
. $configdata['artefactid'] . '&view=' . $this->get('view') . '&block=' . $this->get('id'));
}
}
if (method_exists($classname, 'feed_url')) {
$smarty->assign('feedlink', call_static_method($classname, 'feed_url', $this));
}
$smarty->assign('link', call_static_method($classname, 'get_link', $this));
if ($displayforrole) {
if (method_exists($classname, 'feed_url')) {
$smarty->assign('feedlink', call_static_method($classname, 'feed_url', $this));
}
$smarty->assign('link', call_static_method($classname, 'get_link', $this));
}
$smarty->assign('content', $content);
if (isset($configdata['retractable']) && $title) {
......
......@@ -2,10 +2,12 @@
<p class="editor-description">{$noassessment}</p>
{else}
<div class="panel-body">
<a id="add_assessment_feedback_link" class="js-peerassessment-modal feedback link-blocktype" href="#" data-toggle="modal-docked" data-target="#assessment_feedbackform_{$blockid}" data-blockid="{$blockid}">
<span class="icon icon-plus" role="presentation" aria-hidden="true"></span>
{str tag=addpeerassessment section=blocktype.peerassessment/peerassessment}
</a>
{if $allowfeedback}
<a id="add_assessment_feedback_link" class="js-peerassessment-modal feedback link-blocktype" href="#" data-toggle="modal-docked" data-target="#assessment_feedbackform_{$blockid}" data-blockid="{$blockid}">
<span class="icon icon-plus" role="presentation" aria-hidden="true"></span>
{str tag=addpeerassessment section=blocktype.peerassessment/peerassessment}
</a>
{/if}
</div>
{/if}
{if !$editing}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment