Commit de30786f authored by Clare Lenihan's avatar Clare Lenihan Committed by Clare Lenihan
Browse files

created function for forum viewing types + updated how group owners/admins/staff are detected

parent e1b86943
......@@ -31,14 +31,16 @@ require(dirname(dirname(__FILE__)) . '/init.php');
require_once(get_config('docroot') . 'interaction/lib.php');
require_once('pieforms/pieform.php');
require_once('group.php');
$id = param_integer('id');
$instance = interaction_instance_from_id($id);
$group = get_record('group', 'id', $instance->get('group'));
if (!$group->owner == $USER->get('id')) {
throw new AccessDeniedException(get_string('notallowedtodeleteinteraction', 'group'));
$membership = user_can_access_group((int)$group->id);
if (!(bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF))) {
throw new AccessDeniedException(get_string('notallowedtodeleteinteractions', 'group'));
}
define('TITLE', get_string('deleteinteraction', 'group', get_string('name', 'interaction.' . $instance->get('plugin')), $instance->get('title')));
......
......@@ -32,6 +32,7 @@ require(dirname(dirname(__FILE__)) . '/init.php');
require_once(get_config('docroot') . 'interaction/lib.php');
require_once('pieforms/pieform.php');
require_once('group.php');
$id = param_integer('id', 0);
......@@ -52,9 +53,9 @@ safe_require('interaction', $plugin);
if (!$group = get_record('group', 'id', $groupid)) {
throw new GroupNotFoundException('groupnotfound', 'group', $groupid);
}
if (!$group->owner == $USER->get('id')) {
throw new AccessDeniedException(get_string('notallowedtoeditinteraction', 'group'));
$membership = user_can_access_group((int)$groupid);
if (!(bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF))) {
throw new AccessDeniedException(get_string('notallowedtoeditinteractions', 'group'));
}
$returnto = param_alpha('returnto', 'view');
......
......@@ -58,11 +58,8 @@ if (!$post) {
throw new NotFoundException(get_string('cantfindpost', 'interaction.forum', $postid));
}
$membership = user_can_access_group((int)$post->group);
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$moderator = $admin || is_forum_moderator((int)$post->forum);
$membership = user_can_access_forum((int)$post->forum);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
if (!$moderator) {
throw new AccessDeniedException(get_string('cantdeletepost', 'interaction.forum'));
......
......@@ -57,11 +57,9 @@ if (!$topic) {
throw new NotFoundException(get_string('cantfindtopic', 'interaction.forum', $topicid));
}
$membership = user_can_access_group((int)$topic->group);
$membership = user_can_access_forum((int)$topic->forumid);
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$moderator = $admin || is_forum_moderator((int)$topic->forumid);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
$topic->ctime = relative_date(get_string('strftimerecentfullrelative', 'interaction.forum'), get_string('strftimerecentfull'), $topic->ctime);
......
......@@ -30,9 +30,6 @@ require(dirname(dirname(dirname(__FILE__))) . '/init.php');
safe_require('interaction', 'forum');
require('group.php');
$userid = $USER->get('id');
$postid = param_integer('id', 0);
if ($postid == 0) { // post reply
unset($postid);
......@@ -64,11 +61,8 @@ if ($postid == 0) { // post reply
throw new NotFoundException(get_string('cantfindpost', 'interaction.forum', $parentid));
}
$membership = user_can_access_group((int)$parent->group);
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$moderator = $admin || is_forum_moderator((int)$parent->forum);
$membership = user_can_access_forum((int)$parent->forum);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
if (!$membership) {
throw new AccessDeniedException(get_string('cantaddposttoforum', 'interaction.forum'));
......@@ -142,11 +136,8 @@ else { // edit post
$topicid = $post->topic;
$membership = user_can_access_group((int)$post->group);
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$moderator = $admin || is_forum_moderator((int)$post->forum);
$membership = user_can_access_forum((int)$post->forum);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
// no record for edits to own posts with 30 minutes
if (user_can_edit_post($post->poster, $post->ctime)) {
......
......@@ -50,11 +50,8 @@ if ($topicid == 0) { // new topic
throw new NotFoundException(get_string('cantfindforum', 'interaction.forum', $forumid));
}
$membership = user_can_access_group((int)$forum->group);
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$moderator = $admin || is_forum_moderator($forumid);
$membership = user_can_access_forum((int)$forumid);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
if (!$membership) {
throw new AccessDeniedException(get_string('cantaddtopic', 'interaction.forum'));
......@@ -100,11 +97,8 @@ else { // edit topic
$forumid = $topic->forumid;
$membership = user_can_access_group((int)$topic->group);
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$moderator = $admin || is_forum_moderator((int)$forumid);
$membership = user_can_access_forum((int)$topic->forumid);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
// no record for edits to own posts with 30 minutes
if (user_can_edit_post($topic->poster, $topic->ctime)) {
......
......@@ -36,9 +36,8 @@ if (!record_exists('group', 'id', $groupid)) {
throw new GroupNotFoundException(get_string('groupnotfound', 'group', $groupid));
}
$group = get_record('group', 'id', $groupid);
$membership = user_can_access_group($groupid);
$membership = user_can_access_group((int)$groupid);
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
if (!$membership) {
throw new AccessDeniedException(get_string('cantviewforums', 'interaction.forum'));
......@@ -46,6 +45,8 @@ if (!$membership) {
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$group = get_record('group', 'id', $groupid);
define('TITLE', $group->name . ' - ' . get_string('nameplural', 'interaction.forum'));
$breadcrumbs = array(
......
......@@ -310,35 +310,47 @@ class ActivityTypeInteractionForumNewPost extends ActivityTypePlugin {
}
}
// constants for forum membership types
define('INTERACTION_FORUM_ADMIN', 1);
define('INTERACTION_FORUM_MOD', 2);
define('INTERACTION_FORUM_MEMBER', 4);
/**
* Is a user a moderator of a given forum
* Can a user access a given forum?
*
* @param int $forumid id of forum
* @param int $userid optional id of user, defaults to logged in user
*
* @returns boolean
* @returns constant access level or false
*/
function is_forum_moderator($forumid, $userid=null) {
function user_can_access_forum($forumid, $userid=null) {
if (empty($userid)) {
global $USER;
$userid = $USER->get('id');
}
else if (!is_int($userid)) {
throw new InvalidArgumentException("non integer user id given to is_forum_moderator: $userid");
throw new InvalidArgumentException("non integer user id given to user_can_access_forum: $userid");
}
if (!is_int($forumid)) {
throw new InvalidArgumentException("non integer forum id given to is_forum_moderator: $forumid");
throw new InvalidArgumentException("non integer forum id given to user_can_access_forum: $forumid");
}
$membership = 0;
$groupid = get_field('interaction_instance', '"group"', 'id', $forumid);
$groupmembership = user_can_access_group((int)$groupid, (int)$userid);
if (!$groupmembership) {
return $membership;
}
$membership = $membership | INTERACTION_FORUM_MEMBER;
if ($groupmembership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF)) {
$membership = $membership | INTERACTION_FORUM_ADMIN | INTERACTION_FORUM_MOD;
}
if(record_exists('interaction_forum_moderator', 'forum', $forumid, 'user', $userid)) {
$membership = $membership | INTERACTION_FORUM_MOD;
}
return record_exists_sql(
'SELECT fm.user
FROM {interaction_forum_moderator} fm
INNER JOIN {interaction_instance} f ON f.id = fm.forum
INNER JOIN {group_member} gm ON (gm.group = f.group AND gm.member = fm.user)
WHERE fm.user = ?
AND fm.forum = ?',
array($userid, $forumid)
);
return $membership;
}
/**
......
......@@ -49,16 +49,12 @@ if (!$topic) {
throw new NotFoundException(get_string('cantfindtopic', 'interaction.forum', $topicid));
}
$membership = user_can_access_group((int)$topic->group);
$membership = user_can_access_forum((int)$topic->forumid);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
if (!$membership) {
throw new AccessDeniedException(get_string('cantviewtopic', 'interaction.forum'));
}
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$moderator = $admin || is_forum_moderator((int)$topic->forumid);
$topic->canedit = $moderator || user_can_edit_post($topic->poster, $topic->ctime);
define('TITLE', $topic->forumtitle . ' - ' . $topic->subject);
......
......@@ -54,16 +54,14 @@ if (!$forum) {
throw new InteractionInstanceNotFoundException(get_string('cantfindforum', 'interaction.forum', $forumid));
}
$membership = user_can_access_group((int)$forum->group);
$membership = user_can_access_forum((int)$forumid);
$admin = (bool)($membership & INTERACTION_FORUM_ADMIN);
$moderator = (bool)($membership & INTERACTION_FORUM_MOD);
if (!$membership) {
throw new AccessDeniedException(get_string('cantviewforums', 'interaction.forum'));
}
$admin = (bool)($membership & (GROUP_MEMBERSHIP_OWNER | GROUP_MEMBERSHIP_ADMIN | GROUP_MEMBERSHIP_STAFF));
$moderator = $admin || is_forum_moderator($forumid);
define('TITLE', $forum->groupname . ' - ' . $forum->title);
$moderators = get_column_sql(
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment