MDL-40818 calendar: Require login to calendar pages
[moodle.git] / calendar / managesubscriptions.php
CommitLineData
e30390a0
SH
1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * Allows the user to manage calendar subscriptions.
19 *
20 * @copyright 2012 Jonathan Harker
21 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
22 * @package calendar
23 */
24
25require_once('../config.php');
26require_once($CFG->libdir.'/bennu/bennu.inc.php');
27require_once($CFG->dirroot.'/course/lib.php');
28require_once($CFG->dirroot.'/calendar/lib.php');
29require_once($CFG->dirroot.'/calendar/managesubscriptions_form.php');
30
31// Required use.
32$courseid = optional_param('course', SITEID, PARAM_INT);
33// Used for processing subscription actions.
34$subscriptionid = optional_param('id', 0, PARAM_INT);
35$pollinterval = optional_param('pollinterval', 0, PARAM_INT);
ee74a2a1 36$action = optional_param('action', '', PARAM_INT);
e30390a0
SH
37
38$url = new moodle_url('/calendar/managesubscriptions.php');
39if ($courseid != SITEID) {
40 $url->param('course', $courseid);
41}
42navigation_node::override_active_url(new moodle_url('/calendar/view.php', array('view' => 'month')));
43$PAGE->set_url($url);
566889aa 44$PAGE->set_pagelayout('admin');
e30390a0
SH
45$PAGE->navbar->add(get_string('managesubscriptions', 'calendar'));
46
47if ($courseid != SITEID && !empty($courseid)) {
fb1a615d
JP
48 // Course ID must be valid and existing.
49 $course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST);
e30390a0
SH
50 $courses = array($course->id => $course);
51} else {
52 $course = get_site();
53 $courses = calendar_get_default_courses();
54}
fb1a615d
JP
55require_login($course, false);
56
e30390a0
SH
57if (!calendar_user_can_add_event($course)) {
58 print_error('errorcannotimport', 'calendar');
59}
60
61$form = new calendar_addsubscription_form(null);
62$form->set_data(array(
63 'course' => $course->id
64));
65
66$importresults = '';
67
68$formdata = $form->get_data();
69if (!empty($formdata)) {
70 require_sesskey(); // Must have sesskey for all actions.
71 $subscriptionid = calendar_add_subscription($formdata);
72 if ($formdata->importfrom == CALENDAR_IMPORT_FROM_FILE) {
73 // Blank the URL if it's a file import.
74 $formdata->url = '';
c5a82120 75 $calendar = $form->get_file_content('importfile');
e30390a0
SH
76 $ical = new iCalendar();
77 $ical->unserialize($calendar);
78 $importresults = calendar_import_icalendar_events($ical, $courseid, $subscriptionid);
79 } else {
f40c37d0
RT
80 try {
81 $importresults = calendar_update_subscription_events($subscriptionid);
82 } catch (moodle_exception $e) {
83 // Delete newly added subscription and show invalid url error.
84 calendar_delete_subscription($subscriptionid);
85 print_error($e->errorcode, $e->module, $PAGE->url);
86 }
e30390a0
SH
87 }
88 // Redirect to prevent refresh issues.
7af29435 89 redirect($PAGE->url, $importresults);
e30390a0
SH
90} else if (!empty($subscriptionid)) {
91 // The user is wanting to perform an action upon an existing subscription.
92 require_sesskey(); // Must have sesskey for all actions.
7a216229 93 if (calendar_can_edit_subscription($subscriptionid)) {
f40c37d0
RT
94 try {
95 $importresults = calendar_process_subscription_row($subscriptionid, $pollinterval, $action);
96 } catch (moodle_exception $e) {
97 // If exception caught, then user should be redirected to page where he/she came from.
98 print_error($e->errorcode, $e->module, $PAGE->url);
99 }
7a216229
AA
100 } else {
101 print_error('nopermissions', 'error', $PAGE->url, get_string('managesubscriptions', 'calendar'));
102 }
e30390a0
SH
103}
104
105$sql = 'SELECT *
106 FROM {event_subscriptions}
107 WHERE courseid = :courseid
108 OR (courseid = 0 AND userid = :userid)';
109$params = array('courseid' => $courseid, 'userid' => $USER->id);
110$subscriptions = $DB->get_records_sql($sql, $params);
111
112// Print title and header.
113$PAGE->set_title("$course->shortname: ".get_string('calendar', 'calendar').": ".get_string('subscriptions', 'calendar'));
114$PAGE->set_heading($course->fullname);
e30390a0
SH
115
116$renderer = $PAGE->get_renderer('core_calendar');
117
118echo $OUTPUT->header();
9fd0cb9c
RT
119
120// Filter subscriptions which user can't edit.
121foreach($subscriptions as $subscription) {
122 if (!calendar_can_edit_subscription($subscription)) {
123 unset($subscriptions[$subscription->id]);
124 }
125}
126
e30390a0
SH
127// Display a table of subscriptions.
128echo $renderer->subscription_details($courseid, $subscriptions, $importresults);
129// Display the add subscription form.
130$form->display();
c5a82120 131echo $OUTPUT->footer();