Commit b36a7868 authored by Robert Lyon's avatar Robert Lyon

Bug 1686336: Allow matrix page to be visible to secret url users

Also do not show the annotation feedback comment form if not logged in
Also goto the matrix page if exists and the token cookie doesn't
rather than frist page of collection

behatnotneeded

Change-Id: Ibf05bfde95d257090bd7aa4aabb9e28025ad3a07
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 07734f78)
parent 2822ce02
......@@ -963,7 +963,7 @@ class ArtefactTypeAnnotationfeedback extends ArtefactType {
$smarty->assign('annotationfeedbackcount', $annotationfeedbackcount);
$smarty->assign('annotationfeedback', $annotationfeedback);
if ($annotationartefact->get('allowcomments')) {
if ($annotationartefact->get('allowcomments') && is_logged_in()) {
$form = ArtefactTypeAnnotationfeedback::add_annotation_feedback_form($annotationartefact, $view, null, $blockid, false, $annotationartefact->get('approvecomments'));
// Replace the submit/cancel with just a submit button
$submit = array(
......
......@@ -2859,10 +2859,23 @@ function can_view_view($view, $user_id=null) {
/**
* Return the view associated with a given token, and set the
* appropriate access cookie.
*
* @param int $token the token string to check on
* @param bool $visible Switch between setting an mnet or secreturl cookie
*
* @return object Containing viewid, // the id of first view
collectionid, // the id of collection (if exists)
gotomatrix // go to the collection matrix page on first arrival
*/
function get_view_from_token($token, $visible=true) {
// Set up object to return
$result = new stdClass();
$result->viewid = null;
$result->collectionid = null;
$result->gotomatrix = false;
if (!$token) {
return false;
return $result;
}
$viewids = get_column_sql('
SELECT "view"
......@@ -2874,23 +2887,30 @@ function get_view_from_token($token, $visible=true) {
', array($token, (int)$visible)
);
if (empty($viewids)) {
return false;
return $result;
}
if (count($viewids) > 1) {
// if any of the views are in collection(s), pick one of the ones
// with the lowest displayorder.
// if any of the views are in collection(s), either pick the view
// with the lowest displayorder or if there is a matrix page go to that.
$order = get_records_sql_array('
SELECT cv.view, collection
SELECT cv.view, cv.collection, c.framework
FROM {collection_view} cv
JOIN {collection} c ON c.id = cv.collection
WHERE cv.view IN (' . join(',', $viewids) . ')
ORDER BY displayorder, collection',
array()
);
if ($order) {
if ($token != get_cookie('caccess:'.$order[0]->collection)) {
if (!empty($order[0]->framework)) {
$result->gotomatrix = true;
}
set_cookie('caccess:'.$order[0]->collection, $token, 0, true);
}
return $order[0]->view;
$result->viewid = $order[0]->view;
$result->collectionid = $order[0]->collection;
return $result;
}
}
$viewid = $viewids[0];
......@@ -2900,7 +2920,8 @@ function get_view_from_token($token, $visible=true) {
if ($visible && $token != get_cookie('viewaccess:'.$viewid)) {
set_cookie('viewaccess:'.$viewid, $token, 0, true);
}
return $viewid;
$result->viewid = $viewid;
return $result;
}
/**
......
......@@ -56,6 +56,10 @@ jQuery(function($) {
params.view = $(this).data("view");
params.option = $(this).data("option");
sendjsonrequest('matrixpoint.json.php', params, 'POST', function(data) {
var hastinymce = false;
if (typeof tinyMCE !== 'undefined') {
hastinymce = true;
}
function show_se_desc(id) {
$("#instconf_smartevidencedesc_container div:not(.description)").addClass('hidden');
$("#option_" + id).removeClass('hidden');
......@@ -86,9 +90,11 @@ jQuery(function($) {
params.blockconfig = $('#instconf_blockconfig').val();
editmatrix_update(params);
}
tinyMCE.execCommand('mceRemoveEditor', false, "instconf_text");
if (hastinymce) {
tinyMCE.execCommand('mceRemoveEditor', false, "instconf_text");
}
feedbacktextarea = $("#addfeedbackmatrix textarea");
if (feedbacktextarea.length) {
if (feedbacktextarea.length && hastinymce) {
tinyMCE.execCommand('mceRemoveEditor', false, feedbacktextarea.attr('id'));
}
hide_dock();
......@@ -109,21 +115,25 @@ jQuery(function($) {
params.blockconfig = $('#instconf_blockconfig').val();
editmatrix_update(params);
}
tinyMCE.execCommand('mceRemoveEditor', false, "instconf_text");
if (hastinymce) {
tinyMCE.execCommand('mceRemoveEditor', false, "instconf_text");
}
feedbacktextarea = $("#addfeedbackmatrix textarea");
if (feedbacktextarea.length) {
if (feedbacktextarea.length && hastinymce) {
tinyMCE.execCommand('mceRemoveEditor', false, feedbacktextarea.attr('id'));
}
hide_dock();
}
});
tinyMCE.idCounter=0;
if ($("#instconf_text").length) {
tinyMCE.execCommand('mceAddEditor', false, "instconf_text");
}
if ($("#addfeedbackmatrix").length) {
textareaid = $("#addfeedbackmatrix textarea").attr('id');
tinyMCE.execCommand('mceAddEditor', false, textareaid);
if (hastinymce) {
tinyMCE.idCounter=0;
if ($("#instconf_text").length) {
tinyMCE.execCommand('mceAddEditor', false, "instconf_text");
}
if ($("#addfeedbackmatrix").length) {
textareaid = $("#addfeedbackmatrix textarea").attr('id');
tinyMCE.execCommand('mceAddEditor', false, textareaid);
}
}
// Only allow the point selected to be active in the 'Standard' dropdown
$("#instconf_smartevidence option:not(:selected)").prop('disabled', true);
......@@ -146,7 +156,7 @@ jQuery(function($) {
if (item.name == 'tags[]') {
tags.push(item.value);
}
else if (item.name == 'text') {
else if (item.name == 'text' && hastinymce) {
values[item.name] = tinyMCE.get('instconf_text').getContent();
}
else {
......@@ -158,7 +168,9 @@ jQuery(function($) {
values['view'] = params.view;
values['option'] = params.option;
values['action'] = 'update';
tinyMCE.execCommand('mceRemoveEditor', false, "instconf_text");
if (hastinymce) {
tinyMCE.execCommand('mceRemoveEditor', false, "instconf_text");
}
editmatrix_update(values);
hide_dock();
});
......@@ -180,9 +192,11 @@ jQuery(function($) {
values['option'] = params.option;
values['action'] = 'evidence';
editmatrix_update(values);
tinyMCE.execCommand('mceRemoveEditor', false, "instconf_text");
if (hastinymce) {
tinyMCE.execCommand('mceRemoveEditor', false, "instconf_text");
}
feedbacktextarea = $("#addfeedbackmatrix textarea");
if (feedbacktextarea.length) {
if (feedbacktextarea.length && hastinymce) {
tinyMCE.execCommand('mceRemoveEditor', false, feedbacktextarea.attr('id'));
}
hide_dock();
......@@ -238,8 +252,10 @@ jQuery(function($) {
$("#matrixfeedbacklist").html('<ul class="annotationfeedbacktable list-group list-group-lite list-unstyled"></div>');
}
$("#matrixfeedbacklist .annotationfeedbacktable").html(results.data.tablerows);
textareaid = $("#addfeedbackmatrix textarea").attr('id');
tinyMCE.get(textareaid).setContent('');
if (hastinymce) {
textareaid = $("#addfeedbackmatrix textarea").attr('id');
tinyMCE.get(textareaid).setContent('');
}
}
});
}
......
......@@ -10,6 +10,7 @@
*/
define('INTERNAL', 1);
define('PUBLIC', 1);
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'view');
define('SECTION_PAGE', 'framework');
......
......@@ -10,6 +10,7 @@
*/
define('INTERNAL', 1);
define('PUBLIC', 1);
define('JSON', 1);
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
......
......@@ -45,16 +45,20 @@ $mnettoken = $SESSION->get('mnetuser') ? param_alphanum('mt', null) : null;
// access key for logged out users
$usertoken = (is_null($mnettoken) && get_config('allowpublicviews')) ? param_alphanum('t', null) : null;
$viewtoken = null;
if ($mnettoken) {
if (!$viewid = get_view_from_token($mnettoken, false)) {
$viewtoken = get_view_from_token($mnettoken, false);
if (!$viewtoken->viewid) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
}
$viewid = $viewtoken->viewid;
}
else if ($usertoken) {
if (!$viewid = get_view_from_token($usertoken, true)) {
$viewtoken = get_view_from_token($usertoken, true);
if (!$viewtoken->viewid) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
}
$viewid = $viewtoken->viewid;
}
else if ($pageurl = param_alphanumext('page', null)) {
if ($profile = param_alphanumext('profile', null)) {
......@@ -119,6 +123,10 @@ if ($viewtype == 'profile' || $viewtype == 'dashboard' || $viewtype == 'grouphom
define('TITLE', $view->get('title'));
$collection = $view->get('collection');
// Do we need to redirect to the matrix page on first visit via token access?
if ($viewtoken && $viewtoken->gotomatrix && $collection && $collection->has_framework()) {
redirect($collection->get_framework_url($collection, true));
}
$submittedgroup = (int)$view->get('submittedgroup');
if ($USER->is_logged_in() && $submittedgroup && group_user_can_assess_submitted_views($submittedgroup, $USER->get('id'))) {
// The user is a tutor of the group that this view has
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment