MDL-50794 workshop: Allow restricting submitted file types
[moodle.git] / mod / workshop / submission.php
CommitLineData
33e4dea6
DM
1<?php
2
53fad4b9
DM
3// This file is part of Moodle - http://moodle.org/
4//
33e4dea6
DM
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
53fad4b9 14//
33e4dea6
DM
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
33e4dea6 18/**
51508f25 19 * View a single (usually the own) submission, submit own work.
33e4dea6 20 *
5cdcfcb9 21 * @package mod_workshop
65601f04
DM
22 * @copyright 2009 David Mudrak <david.mudrak@gmail.com>
23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
33e4dea6
DM
24 */
25
26require_once(dirname(dirname(dirname(__FILE__))).'/config.php');
127032fe 27require_once(dirname(__FILE__).'/locallib.php');
146893d6 28require_once($CFG->dirroot . '/repository/lib.php');
33e4dea6 29
3fa22899
DM
30$cmid = required_param('cmid', PARAM_INT); // Course module id.
31$id = optional_param('id', 0, PARAM_INT); // Submission id.
32$edit = optional_param('edit', false, PARAM_BOOL); // Open the page for editing?
33$assess = optional_param('assess', false, PARAM_BOOL); // Instant assessment required.
34$delete = optional_param('delete', false, PARAM_BOOL); // Submission removal requested.
35$confirm = optional_param('confirm', false, PARAM_BOOL); // Submission removal request confirmed.
33e4dea6 36
3fa22899
DM
37$cm = get_coursemodule_from_id('workshop', $cmid, 0, false, MUST_EXIST);
38$course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
33e4dea6
DM
39
40require_login($course, false, $cm);
33e4dea6 41if (isguestuser()) {
b8ead2e6 42 print_error('guestsarenotallowed');
33e4dea6
DM
43}
44
fef8ee91
RT
45$workshoprecord = $DB->get_record('workshop', array('id' => $cm->instance), '*', MUST_EXIST);
46$workshop = new workshop($workshoprecord, $cm, $course);
51508f25 47
2c75324e
DM
48$PAGE->set_url($workshop->submission_url(), array('cmid' => $cmid, 'id' => $id));
49
50if ($edit) {
51 $PAGE->url->param('edit', $edit);
52}
33e4dea6 53
127032fe 54if ($id) { // submission is specified
51508f25 55 $submission = $workshop->get_submission_by_id($id);
1f013271
AG
56
57 $params = array(
58 'objectid' => $submission->id,
59 'context' => $workshop->context,
60 'courseid' => $workshop->course->id,
61 'relateduserid' => $submission->authorid,
62 'other' => array(
63 'workshopid' => $workshop->id
64 )
65 );
66
67 $event = \mod_workshop\event\submission_viewed::create($params);
68 $event->trigger();
5450f7b6 69
127032fe 70} else { // no submission specified
0dc47fb9 71 if (!$submission = $workshop->get_submission_by_author($USER->id)) {
7a789aa8 72 $submission = new stdclass();
127032fe 73 $submission->id = null;
00aca3c1 74 $submission->authorid = $USER->id;
2e7bd6c2 75 $submission->example = 0;
c6b784f0
DM
76 $submission->grade = null;
77 $submission->gradeover = null;
60719642 78 $submission->published = null;
c6b784f0 79 $submission->feedbackauthor = null;
884482fb 80 $submission->feedbackauthorformat = editors_get_preferred_format();
53fad4b9 81 }
33e4dea6 82}
c1e883bb 83
00aca3c1 84$ownsubmission = $submission->authorid == $USER->id;
67cd00ba
DM
85$canviewall = has_capability('mod/workshop:viewallsubmissions', $workshop->context);
86$cansubmit = has_capability('mod/workshop:submit', $workshop->context);
ac239eba 87$canallocate = has_capability('mod/workshop:allocate', $workshop->context);
232175e4 88$canpublish = has_capability('mod/workshop:publishsubmissions', $workshop->context);
090a7907 89$canoverride = (($workshop->phase == workshop::PHASE_EVALUATION) and has_capability('mod/workshop:overridegrades', $workshop->context));
deabe48b 90$candeleteall = has_capability('mod/workshop:deletesubmissions', $workshop->context);
5a372494
DM
91$userassessment = $workshop->get_assessment_of_submission_by_user($submission->id, $USER->id);
92$isreviewer = !empty($userassessment);
2f289d36 93$editable = ($cansubmit and $ownsubmission);
deabe48b 94$deletable = $candeleteall;
d67c20b8
DM
95$ispublished = ($workshop->phase == workshop::PHASE_CLOSED
96 and $submission->published == 1
97 and has_capability('mod/workshop:viewpublishedsubmissions', $workshop->context));
2f289d36 98
9ddff589 99if (empty($submission->id) and !$workshop->creating_submission_allowed($USER->id)) {
2f289d36
DM
100 $editable = false;
101}
9ddff589 102if ($submission->id and !$workshop->modifying_submission_allowed($USER->id)) {
2f289d36
DM
103 $editable = false;
104}
105
f65bc55f
DM
106if ($canviewall) {
107 // check this flag against the group membership yet
108 if (groups_get_activity_groupmode($workshop->cm) == SEPARATEGROUPS) {
109 // user must have accessallgroups or share at least one group with the submission author
110 if (!has_capability('moodle/site:accessallgroups', $workshop->context)) {
111 $usersgroups = groups_get_activity_allowed_groups($workshop->cm);
112 $authorsgroups = groups_get_all_groups($workshop->course->id, $submission->authorid, $workshop->cm->groupingid, 'g.id');
113 $sharedgroups = array_intersect_key($usersgroups, $authorsgroups);
114 if (empty($sharedgroups)) {
115 $canviewall = false;
116 }
117 }
118 }
119}
120
514d8c22
DM
121if ($editable and $workshop->useexamples and $workshop->examplesmode == workshop::EXAMPLES_BEFORE_SUBMISSION
122 and !has_capability('mod/workshop:manageexamples', $workshop->context)) {
123 // check that all required examples have been assessed by the user
124 $examples = $workshop->get_examples_for_reviewer($USER->id);
125 foreach ($examples as $exampleid => $example) {
126 if (is_null($example->grade)) {
127 $editable = false;
128 break;
129 }
130 }
131}
132$edit = ($editable and $edit);
51508f25 133
deabe48b
PN
134if (!$candeleteall and $ownsubmission and $editable) {
135 // Only allow the student to delete their own submission if it's still editable and hasn't been assessed.
136 if (count($workshop->get_assessments_of_submission($submission->id)) > 0) {
137 $deletable = false;
138 } else {
139 $deletable = true;
140 }
141}
142
143if ($submission->id and $delete and $confirm and $deletable) {
144 require_sesskey();
145 $workshop->delete_submission($submission);
30c52da9
PN
146
147 // Event information.
148 $params = array(
149 'context' => $workshop->context,
150 'courseid' => $workshop->course->id,
151 'relateduserid' => $submission->authorid,
152 'other' => array(
153 'submissiontitle' => $submission->title
154 )
155 );
156 $params['objectid'] = $submission->id;
157 $event = \mod_workshop\event\submission_deleted::create($params);
158 $event->add_record_snapshot('workshop', $workshoprecord);
159 $event->trigger();
160
deabe48b
PN
161 redirect($workshop->view_url());
162}
163
d67c20b8
DM
164$seenaspublished = false; // is the submission seen as a published submission?
165
3dc78e5b
DM
166if ($submission->id and ($ownsubmission or $canviewall or $isreviewer)) {
167 // ok you can go
d67c20b8
DM
168} elseif ($submission->id and $ispublished) {
169 // ok you can go
170 $seenaspublished = true;
3dc78e5b
DM
171} elseif (is_null($submission->id) and $cansubmit) {
172 // ok you can go
173} else {
60719642 174 print_error('nopermissions', 'error', $workshop->view_url(), 'view or create submission');
c1e883bb
DM
175}
176
9ddff589 177if ($assess and $submission->id and !$isreviewer and $canallocate and $workshop->assessing_allowed($USER->id)) {
ac239eba
DM
178 require_sesskey();
179 $assessmentid = $workshop->add_allocation($submission, $USER->id);
180 redirect($workshop->assess_url($assessmentid));
181}
182
514d8c22 183if ($edit) {
67cd00ba
DM
184 require_once(dirname(__FILE__).'/submission_form.php');
185
186 $maxfiles = $workshop->nattachments;
1a282212 187 $filetypes = $workshop->submissionfiletypes;
67cd00ba 188 $maxbytes = $workshop->maxbytes;
e9de1cf4
RT
189 $contentopts = array(
190 'trusttext' => true,
191 'subdirs' => false,
192 'maxfiles' => $maxfiles,
1a282212 193 'filetypes' => $filetypes,
e9de1cf4 194 'maxbytes' => $maxbytes,
c469b396
MG
195 'context' => $workshop->context,
196 'return_types' => FILE_INTERNAL | FILE_EXTERNAL
e9de1cf4
RT
197 );
198
1a282212
K
199 $attachmentopts = array('subdirs' => true, 'maxfiles' => $maxfiles, 'filetypes' => $filetypes, 'maxbytes' => $maxbytes,
200 'return_types' => FILE_INTERNAL);
67cd00ba 201 $submission = file_prepare_standard_editor($submission, 'content', $contentopts, $workshop->context,
64f93798 202 'mod_workshop', 'submission_content', $submission->id);
67cd00ba 203 $submission = file_prepare_standard_filemanager($submission, 'attachment', $attachmentopts, $workshop->context,
64f93798 204 'mod_workshop', 'submission_attachment', $submission->id);
67cd00ba
DM
205
206 $mform = new workshop_submission_form($PAGE->url, array('current' => $submission, 'workshop' => $workshop,
207 'contentopts' => $contentopts, 'attachmentopts' => $attachmentopts));
208
209 if ($mform->is_cancelled()) {
210 redirect($workshop->view_url());
211
212 } elseif ($cansubmit and $formdata = $mform->get_data()) {
2e7bd6c2
DM
213 if ($formdata->example == 0) {
214 // this was used just for validation, it must be set to zero when dealing with normal submissions
215 unset($formdata->example);
216 } else {
217 throw new coding_exception('Invalid submission form data value: example');
218 }
67cd00ba 219 $timenow = time();
2e7bd6c2 220 if (is_null($submission->id)) {
67cd00ba 221 $formdata->workshopid = $workshop->id;
81eccf0a 222 $formdata->example = 0;
67cd00ba
DM
223 $formdata->authorid = $USER->id;
224 $formdata->timecreated = $timenow;
884482fb 225 $formdata->feedbackauthorformat = editors_get_preferred_format();
67cd00ba
DM
226 }
227 $formdata->timemodified = $timenow;
228 $formdata->title = trim($formdata->title);
229 $formdata->content = ''; // updated later
230 $formdata->contentformat = FORMAT_HTML; // updated later
231 $formdata->contenttrust = 0; // updated later
2f289d36
DM
232 $formdata->late = 0x0; // bit mask
233 if (!empty($workshop->submissionend) and ($workshop->submissionend < time())) {
234 $formdata->late = $formdata->late | 0x1;
235 }
236 if ($workshop->phase == workshop::PHASE_ASSESSMENT) {
237 $formdata->late = $formdata->late | 0x2;
238 }
1f013271
AG
239
240 // Event information.
241 $params = array(
242 'context' => $workshop->context,
243 'courseid' => $workshop->course->id,
244 'other' => array(
245 'submissiontitle' => $formdata->title
246 )
247 );
cbf4b0e6 248 $logdata = null;
2e7bd6c2
DM
249 if (is_null($submission->id)) {
250 $submission->id = $formdata->id = $DB->insert_record('workshop_submissions', $formdata);
1f013271
AG
251 $params['objectid'] = $submission->id;
252 $event = \mod_workshop\event\submission_created::create($params);
253 $event->trigger();
2e7bd6c2
DM
254 } else {
255 if (empty($formdata->id) or empty($submission->id) or ($formdata->id != $submission->id)) {
256 throw new moodle_exception('err_submissionid', 'workshop');
257 }
67cd00ba 258 }
1f013271 259 $params['objectid'] = $submission->id;
67cd00ba
DM
260 // save and relink embedded images and save attachments
261 $formdata = file_postupdate_standard_editor($formdata, 'content', $contentopts, $workshop->context,
2e7bd6c2 262 'mod_workshop', 'submission_content', $submission->id);
67cd00ba 263 $formdata = file_postupdate_standard_filemanager($formdata, 'attachment', $attachmentopts, $workshop->context,
2e7bd6c2 264 'mod_workshop', 'submission_attachment', $submission->id);
f1b4b387 265 if (empty($formdata->attachment)) {
ac239eba 266 // explicit cast to zero integer
f1b4b387
DM
267 $formdata->attachment = 0;
268 }
67cd00ba
DM
269 // store the updated values or re-save the new submission (re-saving needed because URLs are now rewritten)
270 $DB->update_record('workshop_submissions', $formdata);
1f013271 271 $event = \mod_workshop\event\submission_updated::create($params);
fef8ee91 272 $event->add_record_snapshot('workshop', $workshoprecord);
1f013271 273 $event->trigger();
67ba9007
KG
274
275 // send submitted content for plagiarism detection
276 $fs = get_file_storage();
277 $files = $fs->get_area_files($workshop->context->id, 'mod_workshop', 'submission_attachment', $submission->id);
cbf4b0e6 278
1f013271
AG
279 $params['other']['content'] = $formdata->content;
280 $params['other']['pathnamehashes'] = array_keys($files);
281
cbf4b0e6
FM
282 $event = \mod_workshop\event\assessable_uploaded::create($params);
283 $event->set_legacy_logdata($logdata);
284 $event->trigger();
67ba9007 285
67cd00ba 286 redirect($workshop->submission_url($formdata->id));
33e4dea6 287 }
33e4dea6
DM
288}
289
232175e4
DM
290// load the form to override grade and/or publish the submission and process the submitted data eventually
291if (!$edit and ($canoverride or $canpublish)) {
292 $options = array(
293 'editable' => true,
294 'editablepublished' => $canpublish,
295 'overridablegrade' => $canoverride);
296 $feedbackform = $workshop->get_feedbackauthor_form($PAGE->url, $submission, $options);
557a1100
DM
297 if ($data = $feedbackform->get_data()) {
298 $data = file_postupdate_standard_editor($data, 'feedbackauthor', array(), $workshop->context);
7a789aa8 299 $record = new stdclass();
557a1100 300 $record->id = $submission->id;
232175e4
DM
301 if ($canoverride) {
302 $record->gradeover = $workshop->raw_grade_value($data->gradeover, $workshop->grade);
303 $record->gradeoverby = $USER->id;
304 $record->feedbackauthor = $data->feedbackauthor;
305 $record->feedbackauthorformat = $data->feedbackauthorformat;
306 }
307 if ($canpublish) {
308 $record->published = !empty($data->published);
309 }
557a1100
DM
310 $DB->update_record('workshop_submissions', $record);
311 redirect($workshop->view_url());
312 }
313}
314
0dc47fb9
DM
315$PAGE->set_title($workshop->name);
316$PAGE->set_heading($course->fullname);
39861053 317if ($edit) {
b761e6d9 318 $PAGE->navbar->add(get_string('mysubmission', 'workshop'), $workshop->submission_url(), navigation_node::TYPE_CUSTOM);
39861053 319 $PAGE->navbar->add(get_string('editingsubmission', 'workshop'));
51508f25 320} elseif ($ownsubmission) {
b761e6d9 321 $PAGE->navbar->add(get_string('mysubmission', 'workshop'));
51508f25
DM
322} else {
323 $PAGE->navbar->add(get_string('submission', 'workshop'));
39861053 324}
33e4dea6 325
c1e883bb 326// Output starts here
81b22887
DM
327$output = $PAGE->get_renderer('mod_workshop');
328echo $output->header();
329echo $output->heading(format_string($workshop->name), 2);
c1e883bb 330
e0142f7e
DM
331// show instructions for submitting as thay may contain some list of questions and we need to know them
332// while reading the submitted answer
333if (trim($workshop->instructauthors)) {
334 $instructions = file_rewrite_pluginfile_urls($workshop->instructauthors, 'pluginfile.php', $PAGE->context->id,
335 'mod_workshop', 'instructauthors', 0, workshop::instruction_editors_options($PAGE->context));
336 print_collapsible_region_start('', 'workshop-viewlet-instructauthors', get_string('instructauthors', 'workshop'));
367a75fa 337 echo $output->box(format_text($instructions, $workshop->instructauthorsformat, array('overflowdiv'=>true)), array('generalbox', 'instructions'));
e0142f7e
DM
338 print_collapsible_region_end();
339}
340
3dc78e5b
DM
341// if in edit mode, display the form to edit the submission
342
514d8c22 343if ($edit) {
67ba9007
KG
344 if (!empty($CFG->enableplagiarism)) {
345 require_once($CFG->libdir.'/plagiarismlib.php');
346 echo plagiarism_print_disclosure($cm->id);
347 }
c1e883bb 348 $mform->display();
81b22887 349 echo $output->footer();
c1e883bb
DM
350 die();
351}
352
deabe48b
PN
353// Confirm deletion (if requested).
354if ($deletable and $delete) {
355 $prompt = get_string('submissiondeleteconfirm', 'workshop');
356 if ($candeleteall) {
58489e11
DM
357 $count = count($workshop->get_assessments_of_submission($submission->id));
358 if ($count > 0) {
359 $prompt = get_string('submissiondeleteconfirmassess', 'workshop', ['count' => $count]);
deabe48b
PN
360 }
361 }
58489e11 362 echo $output->confirm($prompt, new moodle_url($PAGE->url, ['delete' => 1, 'confirm' => 1]), $workshop->view_url());
deabe48b
PN
363}
364
3dc78e5b
DM
365// else display the submission
366
367if ($submission->id) {
d67c20b8
DM
368 if ($seenaspublished) {
369 $showauthor = has_capability('mod/workshop:viewauthorpublished', $workshop->context);
370 } else {
371 $showauthor = has_capability('mod/workshop:viewauthornames', $workshop->context);
372 }
373 echo $output->render($workshop->prepare_submission($submission, $showauthor));
3dc78e5b 374} else {
81b22887 375 echo $output->box(get_string('noyoursubmission', 'workshop'));
c1e883bb
DM
376}
377
58489e11
DM
378// If not at removal confirmation screen, some action buttons can be displayed.
379if (!$delete) {
380 if ($editable) {
381 if ($submission->id) {
382 $btnurl = new moodle_url($PAGE->url, array('edit' => 'on', 'id' => $submission->id));
383 $btntxt = get_string('editsubmission', 'workshop');
384 } else {
385 $btnurl = new moodle_url($PAGE->url, array('edit' => 'on'));
386 $btntxt = get_string('createsubmission', 'workshop');
387 }
388 echo $output->single_button($btnurl, $btntxt, 'get');
2f289d36 389 }
c1e883bb 390
58489e11
DM
391 if ($submission->id and $deletable) {
392 $url = new moodle_url($PAGE->url, array('delete' => 1));
393 echo $output->single_button($url, get_string('deletesubmission', 'workshop'), 'get');
394 }
deabe48b 395
58489e11
DM
396 if ($submission->id and !$edit and !$isreviewer and $canallocate and $workshop->assessing_allowed($USER->id)) {
397 $url = new moodle_url($PAGE->url, array('assess' => 1));
398 echo $output->single_button($url, get_string('assess', 'workshop'), 'post');
399 }
ac239eba
DM
400}
401
0dfb4bad
DM
402if (($workshop->phase == workshop::PHASE_CLOSED) and ($ownsubmission or $canviewall)) {
403 if (!empty($submission->gradeoverby) and strlen(trim($submission->feedbackauthor)) > 0) {
404 echo $output->render(new workshop_feedback_author($submission));
405 }
406}
407
3dc78e5b
DM
408// and possibly display the submission's review(s)
409
3dc78e5b 410if ($isreviewer) {
38504a44
DM
411 // user's own assessment
412 $strategy = $workshop->grading_strategy_instance();
413 $mform = $strategy->get_assessment_form($PAGE->url, 'assessment', $userassessment, false);
414 $options = array(
415 'showreviewer' => true,
416 'showauthor' => $showauthor,
417 'showform' => !is_null($userassessment->grade),
418 'showweight' => true,
419 );
420 $assessment = $workshop->prepare_assessment($userassessment, $mform, $options);
421 $assessment->title = get_string('assessmentbyyourself', 'workshop');
422
423 if ($workshop->assessing_allowed($USER->id)) {
424 if (is_null($userassessment->grade)) {
425 $assessment->add_action($workshop->assess_url($assessment->id), get_string('assess', 'workshop'));
426 } else {
427 $assessment->add_action($workshop->assess_url($assessment->id), get_string('reassess', 'workshop'));
5a372494 428 }
5a372494 429 }
38504a44
DM
430 if ($canoverride) {
431 $assessment->add_action($workshop->assess_url($assessment->id), get_string('assessmentsettings', 'workshop'));
432 }
433
434 echo $output->render($assessment);
f68648e9
DM
435
436 if ($workshop->phase == workshop::PHASE_CLOSED) {
437 if (strlen(trim($userassessment->feedbackreviewer)) > 0) {
438 echo $output->render(new workshop_feedback_reviewer($userassessment));
439 }
440 }
3dc78e5b
DM
441}
442
5a372494 443if (has_capability('mod/workshop:viewallassessments', $workshop->context) or ($ownsubmission and $workshop->assessments_available())) {
38504a44
DM
444 // other assessments
445 $strategy = $workshop->grading_strategy_instance();
446 $assessments = $workshop->get_assessments_of_submission($submission->id);
447 $showreviewer = has_capability('mod/workshop:viewreviewernames', $workshop->context);
5a372494
DM
448 foreach ($assessments as $assessment) {
449 if ($assessment->reviewerid == $USER->id) {
450 // own assessment has been displayed already
451 continue;
452 }
3779dcae
DM
453 if (is_null($assessment->grade) and !has_capability('mod/workshop:viewallassessments', $workshop->context)) {
454 // students do not see peer-assessment that are not graded yet
455 continue;
456 }
38504a44
DM
457 $mform = $strategy->get_assessment_form($PAGE->url, 'assessment', $assessment, false);
458 $options = array(
459 'showreviewer' => $showreviewer,
460 'showauthor' => $showauthor,
461 'showform' => !is_null($assessment->grade),
462 'showweight' => true,
463 );
f68648e9 464 $displayassessment = $workshop->prepare_assessment($assessment, $mform, $options);
38504a44 465 if ($canoverride) {
f68648e9
DM
466 $displayassessment->add_action($workshop->assess_url($assessment->id), get_string('assessmentsettings', 'workshop'));
467 }
468 echo $output->render($displayassessment);
469
470 if ($workshop->phase == workshop::PHASE_CLOSED and has_capability('mod/workshop:viewallassessments', $workshop->context)) {
471 if (strlen(trim($assessment->feedbackreviewer)) > 0) {
472 echo $output->render(new workshop_feedback_reviewer($assessment));
473 }
7a5f4be0 474 }
5a372494 475 }
3dc78e5b
DM
476}
477
557a1100
DM
478if (!$edit and $canoverride) {
479 // display a form to override the submission grade
480 $feedbackform->display();
481}
482
81b22887 483echo $output->footer();