MDL-68284 gradebook: Prevent exposing hidden quiz grade item
[moodle.git] / grade / edit / tree / item.php
CommitLineData
e060e33d 1<?php
e060e33d 2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
8ad36f4c 16
a153c9f2
AD
17/**
18 * Edit the grade options for an individual grade item
19 *
20 * @package core_grades
21 * @copyright 2007 Petr Skoda
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
24
25
78ad5f3f 26require_once '../../../config.php';
3af29899 27require_once $CFG->dirroot.'/grade/lib.php';
501e0e34 28require_once $CFG->dirroot.'/grade/report/lib.php';
6fb39a98 29require_once 'item_form.php';
f13002d5 30
31$courseid = required_param('courseid', PARAM_INT);
32$id = optional_param('id', 0, PARAM_INT);
33
a6855934 34$url = new moodle_url('/grade/edit/tree/item.php', array('courseid'=>$courseid));
beebcf26 35if ($id !== 0) {
36 $url->param('id', $id);
37}
38$PAGE->set_url($url);
2821c495 39$PAGE->set_pagelayout('admin');
513d2118
MG
40navigation_node::override_active_url(new moodle_url('/grade/edit/tree/index.php',
41 array('id'=>$courseid)));
beebcf26 42
5c75a0a3 43if (!$course = $DB->get_record('course', array('id' => $courseid))) {
d9ce6a4f 44 print_error('invalidcourseid');
f13002d5 45}
46
47require_login($course);
d4060472 48$context = context_course::instance($course->id);
f10fac96 49require_capability('moodle/grade:manage', $context);
f13002d5 50
51// default return url
3af29899 52$gpr = new grade_plugin_return();
78ad5f3f 53$returnurl = $gpr->get_return_url('index.php?id='.$course->id);
f13002d5 54
dc482cfa 55$heading = get_string('itemsedit', 'grades');
56
e2eb2edb 57if ($grade_item = grade_item::fetch(array('id'=>$id, 'courseid'=>$courseid))) {
f10fac96 58 // redirect if outcomeid present
e2eb2edb 59 if (!empty($grade_item->outcomeid) && !empty($CFG->enableoutcomes)) {
9127bc5d 60 $url = $CFG->wwwroot.'/grade/edit/tree/outcomeitem.php?id='.$id.'&amp;courseid='.$courseid;
f10fac96 61 redirect($gpr->add_url_params($url));
62 }
147cd91c 63 if ($grade_item->is_course_item() or $grade_item->is_category_item()) {
64 $grade_category = $grade_item->get_item_category();
65 $url = $CFG->wwwroot.'/grade/edit/tree/category.php?id='.$grade_category->id.'&amp;courseid='.$courseid;
66 redirect($gpr->add_url_params($url));
67 }
68
e2eb2edb 69 $item = $grade_item->get_record_data();
147cd91c 70 $parent_category = $grade_item->get_parent_category();
71 $item->parentcategory = $parent_category->id;
e2eb2edb 72
76317c73 73} else {
dc482cfa 74 $heading = get_string('newitem', 'grades');
e2eb2edb 75 $grade_item = new grade_item(array('courseid'=>$courseid, 'itemtype'=>'manual'), false);
76 $item = $grade_item->get_record_data();
77 $parent_category = grade_category::fetch_course_category($courseid);
78 $item->parentcategory = $parent_category->id;
76317c73 79}
e2eb2edb 80$decimalpoints = $grade_item->get_decimals();
76317c73 81
82if ($item->hidden > 1) {
83 $item->hiddenuntil = $item->hidden;
84 $item->hidden = 0;
85} else {
86 $item->hiddenuntil = 0;
ce867458 87}
f13002d5 88
76317c73 89$item->locked = !empty($item->locked);
90
91$item->grademax = format_float($item->grademax, $decimalpoints);
92$item->grademin = format_float($item->grademin, $decimalpoints);
93$item->gradepass = format_float($item->gradepass, $decimalpoints);
94$item->multfactor = format_float($item->multfactor, 4);
95$item->plusfactor = format_float($item->plusfactor, 4);
2e0d37fe 96
147cd91c 97if ($parent_category->aggregation == GRADE_AGGREGATE_SUM or $parent_category->aggregation == GRADE_AGGREGATE_WEIGHTED_MEAN2) {
d9ae2ab5 98 $item->aggregationcoef = $item->aggregationcoef == 0 ? 0 : 1;
2e0d37fe 99} else {
100 $item->aggregationcoef = format_float($item->aggregationcoef, 4);
101}
b6a1e366 102if ($parent_category->aggregation == GRADE_AGGREGATE_SUM) {
d6447690 103 $item->aggregationcoef2 = format_float($item->aggregationcoef2 * 100.0);
b6a1e366 104}
455dc0de 105$item->cancontrolvisibility = $grade_item->can_control_visibility();
76317c73 106
d9be236f 107$mform = new edit_item_form(null, array('current'=>$item, 'gpr'=>$gpr));
108
109if ($mform->is_cancelled()) {
110 redirect($returnurl);
76317c73 111
d9be236f 112} else if ($data = $mform->get_data(false)) {
5419cbc9
FM
113
114 // This is a new item, and the category chosen is different than the default category.
115 if (empty($grade_item->id) && isset($data->parentcategory) && $parent_category->id != $data->parentcategory) {
116 $parent_category = grade_category::fetch(array('id' => $data->parentcategory));
117 }
118
119 // If unset, give the aggregation values a default based on parent aggregation method.
120 $defaults = grade_category::get_default_aggregation_coefficient_values($parent_category->aggregation);
33e2e924 121 if (!isset($data->aggregationcoef) || $data->aggregationcoef == '') {
5419cbc9
FM
122 $data->aggregationcoef = $defaults['aggregationcoef'];
123 }
124 if (!isset($data->weightoverride)) {
125 $data->weightoverride = $defaults['weightoverride'];
33e2e924 126 }
127
128 if (!isset($data->gradepass) || $data->gradepass == '') {
129 $data->gradepass = 0;
130 }
d3f14e42 131
33e2e924 132 if (!isset($data->grademin) || $data->grademin == '') {
133 $data->grademin = 0;
2e0d37fe 134 }
135
1ebbd18b
SG
136 $hide = empty($data->hiddenuntil) ? 0 : $data->hiddenuntil;
137 if (!$hide) {
138 $hide = empty($data->hidden) ? 0 : $data->hidden;
139 }
140
15a51159 141 unset($data->hidden);
142 unset($data->hiddenuntil);
143
fb0e3570 144 $locked = empty($data->locked) ? 0: $data->locked;
145 $locktime = empty($data->locktime) ? 0: $data->locktime;
146 unset($data->locked);
147 unset($data->locktime);
148
d6447690 149 $convert = array('grademax', 'grademin', 'gradepass', 'multfactor', 'plusfactor', 'aggregationcoef', 'aggregationcoef2');
76317c73 150 foreach ($convert as $param) {
4cc977a6 151 if (property_exists($data, $param)) {
76317c73 152 $data->$param = unformat_float($data->$param);
153 }
154 }
d6447690
JO
155 if (isset($data->aggregationcoef2) && $parent_category->aggregation == GRADE_AGGREGATE_SUM) {
156 $data->aggregationcoef2 = $data->aggregationcoef2 / 100.0;
5419cbc9
FM
157 } else {
158 $data->aggregationcoef2 = $defaults['aggregationcoef2'];
02817700 159 }
76317c73 160
1ebbd18b
SG
161 $gradeitem = new grade_item(array('id' => $id, 'courseid' => $courseid));
162 $oldmin = $gradeitem->grademin;
163 $oldmax = $gradeitem->grademax;
164 grade_item::set_properties($gradeitem, $data);
165 $gradeitem->outcomeid = null;
78ad5f3f 166
31a6c06c 167 // Handle null decimals value
4cc977a6 168 if (!property_exists($data, 'decimals') or $data->decimals < 0) {
1ebbd18b 169 $gradeitem->decimals = null;
31a6c06c 170 }
171
1ebbd18b
SG
172 if (empty($gradeitem->id)) {
173 $gradeitem->itemtype = 'manual'; // All new items to be manual only.
174 $gradeitem->insert();
f13002d5 175
c267a288 176 // set parent if needed
177 if (isset($data->parentcategory)) {
1ebbd18b 178 $gradeitem->set_parent($data->parentcategory, false);
c267a288 179 }
180
f13002d5 181 } else {
1ebbd18b 182 $gradeitem->update();
d629c601 183
e7c71c18 184 if (!empty($data->rescalegrades) && $data->rescalegrades == 'yes') {
1ebbd18b
SG
185 $newmin = $gradeitem->grademin;
186 $newmax = $gradeitem->grademax;
187 $gradeitem->rescale_grades_keep_percentage($oldmin, $oldmax, $newmin, $newmax, 'gradebook');
d629c601 188 }
f13002d5 189 }
190
1ebbd18b
SG
191 if ($item->cancontrolvisibility) {
192 // Update hiding flag.
193 $gradeitem->set_hidden($hide, false);
15a51159 194 }
195
1ebbd18b
SG
196 $gradeitem->set_locktime($locktime); // Locktime first - it might be removed when unlocking.
197 $gradeitem->set_locked($locked, false, true);
fb0e3570 198
423b2f00 199 redirect($returnurl);
f13002d5 200}
201
513d2118
MG
202$PAGE->navbar->add($heading);
203print_grade_page_head($courseid, 'settings', null, $heading, false, false, false);
f13002d5 204
205$mform->display();
206
5a931394 207echo $OUTPUT->footer();