Commit df2b47a6 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Prevent editing & deleting of files in submitted views


Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 4596acf4
......@@ -787,7 +787,7 @@ function pieform_element_filebrowser_update(Pieform $form, $element, $data) {
$collide = !empty($data['collide']) ? $data['collide'] : 'fail';
$artefact = artefact_instance_from_id($data['artefact']);
if (!$USER->can_edit_artefact($artefact)) {
if (!$USER->can_edit_artefact($artefact) || $artefact->get('locked')) {
return array('error' => true, 'message' => get_string('noeditpermission', 'mahara'));
}
......@@ -840,7 +840,7 @@ function pieform_element_filebrowser_update(Pieform $form, $element, $data) {
function pieform_element_filebrowser_delete(Pieform $form, $element, $artefact) {
global $USER;
$artefact = artefact_instance_from_id($artefact);
if (!$USER->can_edit_artefact($artefact)) {
if (!$USER->can_edit_artefact($artefact) || $artefact->get('locked')) {
return array('error' => true, get_string('nodeletepermission', 'mahara'));
}
$parentfolder = $artefact->get('parent');
......
......@@ -300,7 +300,7 @@ abstract class ArtefactTypeFileBase extends ArtefactType {
global $USER;
$select = '
SELECT
a.id, a.artefacttype, a.mtime, f.size, a.title, a.description,
a.id, a.artefacttype, a.mtime, f.size, a.title, a.description, a.locked,
COUNT(DISTINCT c.id) AS childcount, COUNT (DISTINCT aa.artefact) AS attachcount, COUNT(DISTINCT va.view) AS viewcount';
$from = '
FROM {artefact} a
......@@ -325,7 +325,7 @@ abstract class ArtefactTypeFileBase extends ArtefactType {
$groupby = '
GROUP BY
a.id, a.artefacttype, a.mtime, f.size, a.title, a.description';
a.id, a.artefacttype, a.mtime, f.size, a.title, a.description, a.locked';
$phvals = array();
......
......@@ -53,7 +53,9 @@
{/if}
{if $editmeta}
<td>
{if !$file->isparent}
{if $file->locked}
<span class="s dull">{str tag=Submitted section=view}</span>
{elseif !$file->isparent}
{if !isset($file->can_edit) || $file->can_edit !== 0}<input type="submit" class="tag-edit submit" name="{$prefix}_edit[{$file->id}]" value="{str tag=edit}" />{/if}
{/if}
</td>
......@@ -61,7 +63,9 @@
<td class="right">
{if $editable && !$file->isparent}
{if $file->artefacttype == 'archive'}<a href="{$WWWROOT}artefact/file/extract.php?file={$file->id}">{str tag=Unzip section=artefact.file}</a>{/if}
{if !isset($file->can_edit) || $file->can_edit !== 0}<input type="submit" class="submit btn-edit s" name="{$prefix}_edit[{$file->id}]" value="{str tag=edit}" />
{if $file->locked}
<span class="s dull">{str tag=Submitted section=view}</span>
{elseif !isset($file->can_edit) || $file->can_edit !== 0}<input type="submit" class="submit btn-edit s" name="{$prefix}_edit[{$file->id}]" value="{str tag=edit}" />
<input type="submit" class="submit btn-del s" name="{$prefix}_delete[{$file->id}]" value="{str tag=delete}" />{/if}
{/if}
{if $selectable && ($file->artefacttype != 'folder' || $selectfolders) && $publishable && !$file->isparent}
......
......@@ -153,6 +153,7 @@ $string['viewinformationsaved'] = 'View information saved successfully';
$string['canteditdontown'] = 'You can\'t edit this View because you don\'t own it';
$string['canteditsubmitted'] = 'You can\'t edit this View because it has been submitted for assessment to "%s". You will have to wait until a tutor releases your view.';
$string['Submitted'] = 'Submitted';
$string['submittedforassessment'] = 'Submitted for assessment';
$string['addtutors'] = 'Add Tutors';
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment