MDL-37473 completion: Add missing cap checks to tracked users functions
[moodle.git] / course / togglecompletion.php
CommitLineData
4e781c7b 1<?php
d9cb06dc 2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
2be4d090
MD
19 * Toggles the manual completion flag for a particular activity or course completion
20 * and the current user.
d9cb06dc 21 *
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 * @package course
24 */
4e781c7b 25
26require_once('../config.php');
27require_once($CFG->libdir.'/completionlib.php');
28
29// Parameters
2be4d090
MD
30$cmid = optional_param('id', 0, PARAM_INT);
31$courseid = optional_param('course', 0, PARAM_INT);
32$confirm = optional_param('confirm', 0, PARAM_BOOL);
33
34if (!$cmid && !$courseid) {
35 print_error('invalidarguments');
36}
37
38// Process self completion
39if ($courseid) {
49a33d8f 40 $PAGE->set_url(new moodle_url('/course/togglecompletion.php', array('course'=>$courseid)));
9cedb80c 41
2be4d090 42 // Check user is logged in
49a33d8f 43 $course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST);
9a5e297b 44 $context = context_course::instance($course->id);
2be4d090
MD
45 require_login($course);
46
47 $completion = new completion_info($course);
10a8581f
AB
48 if (!$completion->is_enabled()) {
49 throw new moodle_exception('completionnotenabled', 'completion');
50 } elseif (!$completion->is_tracked_user($USER->id)) {
51 throw new moodle_exception('nottracked', 'completion');
52 }
2be4d090
MD
53
54 // Check if we are marking a user complete via the completion report
55 $user = optional_param('user', 0, PARAM_INT);
56 $rolec = optional_param('rolec', 0, PARAM_INT);
57
58 if ($user && $rolec) {
9cedb80c
PS
59 require_sesskey();
60
9df81506 61 completion_criteria::factory(array('id'=>$rolec, 'criteriatype'=>COMPLETION_CRITERIA_TYPE_ROLE)); //TODO: this is dumb, because it does not fetch the data?!?!
9cedb80c 62 $criteria = completion_criteria_role::fetch(array('id'=>$rolec));
2be4d090 63
9cedb80c
PS
64 if ($criteria and user_has_role_assignment($USER->id, $criteria->role, $context->id)) {
65 $criteria_completions = $completion->get_completions($user, COMPLETION_CRITERIA_TYPE_ROLE);
2be4d090 66
9cedb80c
PS
67 foreach ($criteria_completions as $criteria_completion) {
68 if ($criteria_completion->criteriaid == $rolec) {
69 $criteria->complete($criteria_completion);
70 break;
71 }
2be4d090
MD
72 }
73 }
74
75 // Return to previous page
76 if (!empty($_SERVER['HTTP_REFERER'])) {
77 redirect($_SERVER['HTTP_REFERER']);
78 } else {
79 redirect('view.php?id='.$course->id);
80 }
81
82 } else {
83
84 // Confirm with user
9cedb80c 85 if ($confirm and confirm_sesskey()) {
2be4d090
MD
86 $completion = $completion->get_completion($USER->id, COMPLETION_CRITERIA_TYPE_SELF);
87
88 if (!$completion) {
89 print_error('noselfcompletioncriteria', 'completion');
90 }
91
92 // Check if the user has already marked themselves as complete
93 if ($completion->is_complete()) {
94 print_error('useralreadymarkedcomplete', 'completion');
95 }
96
97 $completion->mark_complete();
98
99 redirect($CFG->wwwroot.'/course/view.php?id='.$courseid);
100 return;
101 }
102
103 $strconfirm = get_string('confirmselfcompletion', 'completion');
49a33d8f
SH
104 $PAGE->set_title($strconfirm);
105 $PAGE->set_heading($course->fullname);
106 $PAGE->navbar->add($strconfirm);
107 echo $OUTPUT->header();
9cedb80c 108 $buttoncontinue = new single_button(new moodle_url('/course/togglecompletion.php', array('course'=>$courseid, 'confirm'=>1, 'sesskey'=>sesskey())), get_string('yes'), 'post');
49a33d8f
SH
109 $buttoncancel = new single_button(new moodle_url('/course/view.php', array('id'=>$courseid)), get_string('no'), 'get');
110 echo $OUTPUT->confirm($strconfirm, $buttoncontinue, $buttoncancel);
111 echo $OUTPUT->footer();
2be4d090
MD
112 exit;
113 }
114}
115
116
8c194133
PS
117$targetstate = required_param('completionstate', PARAM_INT);
118$fromajax = optional_param('fromajax', 0, PARAM_INT);
d9cb06dc 119
8c194133 120$PAGE->set_url('/course/togglecompletion.php', array('id'=>$cmid, 'completionstate'=>$targetstate));
d9cb06dc 121
4e781c7b 122switch($targetstate) {
123 case COMPLETION_COMPLETE:
124 case COMPLETION_INCOMPLETE:
125 break;
126 default:
9b34dc6e 127 print_error('unsupportedstate');
4e781c7b 128}
4e781c7b 129
130// Get course-modules entry
8c194133
PS
131$cm = get_coursemodule_from_id(null, $cmid, null, false, MUST_EXIST);
132$course = $DB->get_record('course', array('id'=>$cm->course), '*', MUST_EXIST);
4e781c7b 133
8c194133
PS
134// Check user is logged in
135require_login($course, false, $cm);
136
137if (isguestuser() or !confirm_sesskey()) {
138 print_error('error');
4e781c7b 139}
140
8c194133
PS
141// Now change state
142$completion = new completion_info($course);
143if (!$completion->is_enabled()) {
10a8581f
AB
144 throw new moodle_exception('completionnotenabled', 'completion');
145} elseif (!$completion->is_tracked_user($USER->id)) {
146 throw new moodle_exception('nottracked', 'completion');
8c194133 147}
4e781c7b 148
149// Check completion state is manual
8c194133
PS
150if($cm->completion != COMPLETION_TRACKING_MANUAL) {
151 error_or_ajax('cannotmanualctrack', $fromajax);
4e781c7b 152}
153
8c194133 154$completion->update_state($cm, $targetstate);
4e781c7b 155
156// And redirect back to course
8c194133 157if ($fromajax) {
4e781c7b 158 print 'OK';
159} else {
e399d47c 160 // In case of use in other areas of code we allow a 'backto' parameter,
161 // otherwise go back to course page
8c194133 162 $backto = optional_param('backto', 'view.php?id='.$course->id, PARAM_URL);
e399d47c 163 redirect($backto);
4e781c7b 164}
d9cb06dc 165
8c194133
PS
166// utility functions
167
168function error_or_ajax($message, $fromajax) {
169 if ($fromajax) {
170 print get_string($message, 'error');
171 exit;
172 } else {
173 print_error($message);
174 }
175}
176