diff --git a/CHANGELOG.md b/CHANGELOG.md
index ffc55cc4b0c7cc109e8921811407920b0d36f72d..bd947bae2767ebb4275453db5455a2becbdb0e9f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -65,3 +65,10 @@ Ajout d'un lien pour revenir au cours, visible par l'étudiant et l'enseignant.
#### Lien vers l'édition
Ajout d'un bouton en haut de page pour éditer le parcours, visible uniquement par l'enseignant.
+
+### Gestion des droits
+
+Ajout de vérification du droit d'éditer le cours pour les interfaces d'édition de parcours. Modification de noms de paramètres.
+
+
+
diff --git a/block_career.php b/block_career.php
index 845f6c7ca71050b7b5b688da23460cdd8f8bbdad..27a5b2d70473be93ed51aa25914e5f12cdc5ef95 100644
--- a/block_career.php
+++ b/block_career.php
@@ -52,9 +52,7 @@ class block_career extends block_base
*/
public function get_content()
{
- global $CFG;
- global $COURSE;
- global $DB;
+ global $CFG, $COURSE, $DB, $USER;
if ($this->content !== null) {
return $this->content;
@@ -97,8 +95,11 @@ class block_career extends block_base
if (empty($request)) {
$this->content->text .= "<p>" . get_string('any_carrer', 'block_career') . "</p>";
}
+
+ if (has_capability('moodle/course:update', $context = context_course::instance($COURSE->id), $USER->id)) {
+ $this->content->text .= '<a href="' . $CFG->wwwroot . '/blocks/career/career_list.php?courseid=' . $COURSE->id . '" type="button " class="btn btn-primary btn-career-block mt-3">Gérer les parcours</a>';
+ }
- $this->content->text .= '<a href="' . $CFG->wwwroot . '/blocks/career/career_list.php?course=' . $COURSE->id . '" type="button " class="btn btn-primary btn-career-block mt-3">Gérer les parcours</a>';
// $this->content->text .= "<p></p>";
diff --git a/career_list.php b/career_list.php
index 1617256211775f9c4a27f711a985dc6f7866864b..f90bc9b4383a08a8ee4c7e944ef888bdf28f7225 100644
--- a/career_list.php
+++ b/career_list.php
@@ -1,38 +1,36 @@
<?php
- define('NO_OUTPUT_BUFFERING', true);
- require_once('../../config.php');
- require_once('entity/block_career_ressource.php');
- require_once('entity/block_career_section.php');
- require_once('view/view_career_list.php');
-
- global $COURSE;
- global $USER;
- global $DB;
- global $CFG;
- require_once($CFG->libdir . '/adminlib.php');
-
- $id_course = required_param('course', PARAM_INT);
-
- $url = new moodle_url('/blocks/career/career_list.php', array('course' => $id_course));
+ // define('NO_OUTPUT_BUFFERING', true);
+require_once('../../config.php');
+require_once('entity/block_career_ressource.php');
+require_once('entity/block_career_section.php');
+require_once('view/view_career_list.php');
+
+global $USER, $DB, $CFG;
+require_once($CFG->libdir . '/adminlib.php');
+
+$id_course = required_param('courseid', PARAM_INT);
+
+$url = new moodle_url('/blocks/career/career_list.php', array('courseid' => $id_course));
//Check if the user has capability to update course
- if (!has_capability('moodle/course:update', $context = context_course::instance($id_course), $USER->id)) {
- header("Location: {$_SERVER['HTTP_REFERER']}");
- exit;
- }
-
- $PAGE->set_url($url);
- $PAGE->set_pagelayout('admin');
-
- $course = $DB->get_record('course', array('id' => $id_course), '*', MUST_EXIST);
- require_login($course, false, NULL);
-
- $PAGE->set_title(get_string('title_plugin', 'block_career'));
- $PAGE->set_heading($OUTPUT->heading($COURSE->fullname, 2, 'headingblock header outline'));
-
- $ressource = new block_career_ressource();
- $section = new block_career_section();
- echo $OUTPUT->header();
- echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"styles.css\">";
- $content = new view_career_list();
- echo $content->get_content();
- echo $OUTPUT->footer();
\ No newline at end of file
+if (!has_capability('moodle/course:update', $context = context_course::instance($id_course), $USER->id)) {
+ $link = $CFG->wwwroot . '/course/view.php?id=' . $id_course;
+ header("Location: {$link}");
+ exit;
+}
+
+$PAGE->set_url($url);
+$PAGE->set_pagelayout('admin');
+
+$course = $DB->get_record('course', array('id' => $id_course), '*', MUST_EXIST);
+require_login($course, false, NULL);
+
+$PAGE->set_title(get_string('title_plugin', 'block_career'));
+$PAGE->set_heading($OUTPUT->heading($COURSE->fullname, 2, 'headingblock header outline'));
+
+// $ressource = new block_career_ressource();
+// $section = new block_career_section();
+echo $OUTPUT->header();
+ // echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"styles.css\">";
+$content = new view_career_list();
+echo $content->get_content();
+echo $OUTPUT->footer();
\ No newline at end of file
diff --git a/career_setting.php b/career_setting.php
index d0bc22a5b06bf89285b46f195216a80a606a86d0..f2d1f62f7e266a36a005cd9ddf3b47d9cd14a01f 100644
--- a/career_setting.php
+++ b/career_setting.php
@@ -1,58 +1,65 @@
<?php
-
- ob_start();
-
- require_once('../../config.php');
- global $COURSE, $DB, $CFG;
- require_once("$CFG->libdir/formslib.php");
- require_once('entity/block_career_ressource.php');
- require_once('entity/block_career_section.php');
- require_once('view/view_career_setting.php');
-
- $id_course = required_param('course', PARAM_INT);
- $url = new moodle_url('/blocks/career/career_setting.php', array('course' => $id_course));
-
- $PAGE->set_pagelayout('course');
- $PAGE->set_url($url);
-
- $course = $DB->get_record('course', array('id' => $id_course), '*', MUST_EXIST);
- require_login($course, false, NULL);
-
-
- $PAGE->set_title(get_string('title_plugin', 'block_career'));
- $PAGE->set_heading($OUTPUT->heading($COURSE->fullname, 2, 'headingblock header outline'));
- echo $OUTPUT->header();
- $PAGE->requires->js("/blocks/career/js/jquery.min.js");
- $PAGE->requires->js("/blocks/career/js/file.js");
+
+ob_start();
+
+require_once('../../config.php');
+global $COURSE, $DB, $CFG, $USER;
+require_once("$CFG->libdir/formslib.php");
+require_once('entity/block_career_ressource.php');
+require_once('entity/block_career_section.php');
+require_once('view/view_career_setting.php');
+
+$id_course = required_param('courseid', PARAM_INT);
+$url = new moodle_url('/blocks/career/career_setting.php', array('courseid' => $id_course));
+
+$PAGE->set_pagelayout('course');
+$PAGE->set_url($url);
+
+// $course = $DB->get_record('course', array('id' => $id_course), '*', MUST_EXIST);
+require_login($id_course, false, NULL);
+
+// $COURSE is === "1" before require_login !!!
+
+if (!has_capability('moodle/course:update', $context = context_course::instance($COURSE->id), $USER->id)) {
+ $link = $CFG->wwwroot . '/course/view.php?id=' . $COURSE->id;
+ header("Location: {$link}");
+ exit;
+}
+
+$PAGE->set_title(get_string('title_plugin', 'block_career'));
+$PAGE->set_heading($OUTPUT->heading($COURSE->fullname, 2, 'headingblock header outline'));
+echo $OUTPUT->header();
+$PAGE->requires->js("/blocks/career/js/jquery.min.js");
+$PAGE->requires->js("/blocks/career/js/file.js");
// echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"styles.css\">";
-
- $content = new view_career_setting();
- echo $content->get_content();
+
+$content = new view_career_setting();
+echo $content->get_content();
// Delete career
- if (isset($_GET["delete"]) && $_GET["delete"] == 1) {
- $DB->execute("DELETE FROM {block_career} WHERE id = ?", array($_GET["id"]));
- header("Location: $CFG->wwwroot/blocks/career/career_list.php?course=" . $_GET["course"]);
- }
-
- if (!empty($_POST["careerName"])) {
-
- $ressourses = "";
-
- foreach ($_POST["ressource"] as $value) {
- if ($value === end($_POST["ressource"])) {
- $ressourses .= "$value";
- } else {
- $ressourses .= "$value,";
- }
+if (isset($_GET["delete"]) && $_GET["delete"] == 1) {
+ $DB->execute("DELETE FROM {block_career} WHERE id = ?", array($_GET["id"]));
+ header("Location: $CFG->wwwroot/blocks/career/career_list.php?courseid=" . $_GET["courseid"]);
+}
+
+if (!empty($_POST["careerName"])) {
+
+ $ressourses = "";
+
+ foreach ($_POST["ressource"] as $value) {
+ if ($value === end($_POST["ressource"])) {
+ $ressourses .= "$value";
+ } else {
+ $ressourses .= "$value,";
}
-
+ }
+
//$record is use for insert/update in database
- $record = new stdClass();
- $record->course = intval($_GET["course"]);
- $record->name = $_POST["careerName"];
- $record->description = $_POST["descriptionName"]["text"];
-
+ $record = new stdClass();
+ $record->course = intval($_GET["courseid"]);
+ $record->name = $_POST["careerName"];
+ $record->description = $_POST["descriptionName"]["text"];
+
// if (isset($_FILES['imageName']['tmp_name'])) {
// $pathDir = "img/";
// $pathFile = $pathDir . basename($_FILES["imageName"]["name"]);
@@ -61,22 +68,22 @@
// } else {
// $record->image = $_POST["imagePath"];
// }
- $record->image = "";
-
- $record->ressources = $ressourses;
-
- if ($_POST["careerId"] != 0) {
- $record->id = intval($_POST["careerId"]);
- $lastinsertid = $DB->update_record('block_career', $record);
- } else {
- $lastinsertid = $DB->insert_record('block_career', $record);
- }
-
- if ($lastinsertid != 0) {
- header("Location: $CFG->wwwroot/blocks/career/career_list.php?course=" . $_GET["course"]);
- }
-
+ $record->image = "";
+
+ $record->ressources = $ressourses;
+
+ if ($_POST["careerId"] != 0) {
+ $record->id = intval($_POST["careerId"]);
+ $lastinsertid = $DB->update_record('block_career', $record);
+ } else {
+ $lastinsertid = $DB->insert_record('block_career', $record);
+ }
+
+ if ($lastinsertid != 0) {
+ header("Location: $CFG->wwwroot/blocks/career/career_list.php?courseid=" . $_GET["courseid"]);
}
-
-
- echo $OUTPUT->footer();
+
+}
+
+
+echo $OUTPUT->footer();
diff --git a/view/view_career_list.php b/view/view_career_list.php
index 1e04a0c70632e649de7c0f8a99097fd3f724ae5e..b030f813506489df5b8ab8eeb9cf177bb122f2ca 100644
--- a/view/view_career_list.php
+++ b/view/view_career_list.php
@@ -1,36 +1,42 @@
<?php
-
-
- class view_career_list
- {
-
- /**
- * @return string
- */
- public function get_content()
- {
- global $DB, $CFG;
-
- $content = "<h2>" . get_string('title_plugin', 'block_career') . "</h2>";
- $content .= "<div class='alert alert-info'>" . get_string('heading_plugin', 'block_career') . "</div>";
-
- $request = $DB->get_records_sql('SELECT * FROM {block_career} WHERE course = ?', array($_GET["course"]));
-
+
+
+class view_career_list
+{
+
+/**
+ * @return string
+ */
+public function get_content()
+{
+ global $DB, $CFG, $COURSE, $USER;
+
+ if (!has_capability('moodle/course:update', $context = context_course::instance($COURSE->id), $USER->id)) {
+ $link = $CFG->wwwroot . '/course/view.php?id=' . $COURSE->id;
+ header("Location: {$link}");
+ exit;
+ }
+
+ $content = "<h2>" . get_string('title_plugin', 'block_career') . "</h2>";
+ $content .= "<div class='alert alert-info'>" . get_string('heading_plugin', 'block_career') . "</div>";
+
+ $request = $DB->get_records_sql('SELECT * FROM {block_career} WHERE course = ?', array($_GET["courseid"]));
+
// $image = "";
-
- foreach ($request as $value) {
-
+
+ foreach ($request as $value) {
+
// if (file_get_contents($value->image) != null) {
// $image = "<img src='$value->image' class='img_moodle_course'/>";
// }
-
- $content .= "<div class='card card-block mb-3'>
- <div class='card-body'>
- <h2 class='card-title'>$value->name</h2>
- <p class='card-text'>$value->description</p>
- <a href='$CFG->wwwroot/blocks/career/career_setting.php?course=" . $_GET["course"] . "&id=$value->id' class='btn btn-primary btn-sm path-list-edit-link'>Modifier</a>
- </div>
- </div>";
+
+ $content .= "<div class='card card-block mb-3'>
+ <div class='card-body'>
+ <h2 class='card-title'>$value->name</h2>
+ <p class='card-text'>$value->description</p>
+ <a href='$CFG->wwwroot/blocks/career/career_setting.php?courseid=" . $_GET["courseid"] . "&pathid=$value->id' class='btn btn-primary btn-sm path-list-edit-link'>Modifier</a>
+ </div>
+ </div>";
// $content .= "<div class='card card_block'>
// <div class='row'>
@@ -39,17 +45,17 @@
// <div class='col-lg-1 col-md-1 padding_column'><a style='color:black' href='$CFG->wwwroot/blocks/career/career_setting.php?course=" . $_GET["course"] . "&id=$value->id'><i class=\"fa fa-cog fa-2x\"></a></i></div>
// </div>
// </div>";
- }
-
- if (empty($request)) {
- $content .= "<p>" . get_string('any_carrer', 'block_career') . "</p>";
- }
+ }
+
+ if (empty($request)) {
+ $content .= "<p>" . get_string('any_carrer', 'block_career') . "</p>";
+ }
// Button for adding course to the list
- $content .= "<a href='$CFG->wwwroot/blocks/career/career_setting.php?course=" . $_GET["course"] . "' class='btn btn-primary'>" . get_string('add_path', 'block_career') . "</a>";
-
-
- return $content;
-
- }
-
- }
\ No newline at end of file
+ $content .= "<a href='$CFG->wwwroot/blocks/career/career_setting.php?courseid=" . $COURSE->id . "' class='btn btn-primary'>" . get_string('add_path', 'block_career') . "</a>";
+
+
+ return $content;
+
+}
+
+}
\ No newline at end of file
diff --git a/view/view_career_setting.php b/view/view_career_setting.php
index cfe03254582f2020198cd7d84c63ac8cf1d3f6fb..ca97280d5a43015957d3d648e9e98420ca30ec81 100644
--- a/view/view_career_setting.php
+++ b/view/view_career_setting.php
@@ -28,8 +28,8 @@ class view_career_setting extends moodleform
global $DB, $CFG;
$mform = $this->_form;
- $careerId = optional_param('id', NULL, PARAM_INT);
- $course = required_param('course', PARAM_INT);
+ $careerId = optional_param('pathid', NULL, PARAM_INT);
+ $course = required_param('courseid', PARAM_INT);
$name = "";
$description = "";
@@ -74,7 +74,7 @@ class view_career_setting extends moodleform
$sections = block_career_section::get_sections_by_id_course($course);
- $content .= '<div class="row"><form class="col-12" action="career_setting.php?course=' . $course . '" method="post" enctype="multipart/form-data">';
+ $content .= '<div class="row"><form class="col-12" action="career_setting.php?courseid=' . $course . '" method="post" enctype="multipart/form-data">';
$content .= $temp;
@@ -173,12 +173,12 @@ class view_career_setting extends moodleform
<div class="row mt-3">
<div class="col">
<input type="hidden" name="careerId" value="'.$careerId.'">
- <a href=' . $CFG->wwwroot . "/blocks/career/career_list.php?course=" . $course . ' class="btn btn-secondary">Annuler</a> ';
+ <a href=' . $CFG->wwwroot . "/blocks/career/career_list.php?courseid=" . $course . ' class="btn btn-secondary">Annuler</a> ';
if ($careerId != 0) {
- $content .= "<a href='$CFG->wwwroot/blocks/career/career_setting.php?course=$course&delete=1&id=$careerId' class='btn btn-danger'>Supprimer</a> ";
+ $content .= "<a href='$CFG->wwwroot/blocks/career/career_setting.php?courseid=$course&delete=1&id=$careerId' class='btn btn-danger'>Supprimer</a> ";
}
$content .= '
diff --git a/view/view_career_unit.php b/view/view_career_unit.php
index 52696f478e7bbfdb96483375c046b0a92a4924d8..695349daf281d690ae020d4ea00ed8ccdb092819 100644
--- a/view/view_career_unit.php
+++ b/view/view_career_unit.php
@@ -52,7 +52,7 @@ $sections = array_combine($keys,$sections);
ksort($sections);
$cours_url = $CFG->wwwroot . "/course/view.php?id=" . $COURSE->id;
-$edit_url = $CFG->wwwroot . "/blocks/career/career_setting.php?course=" . $COURSE->id . "&id=" . $careerId;
+$edit_url = $CFG->wwwroot . "/blocks/career/career_setting.php?courseid=" . $COURSE->id . "&pathid=" . $careerId;
?>