(!$this->is_preview_user() || $this->attempt->preview);
}
+ /**
+ * Is the current user allowed to review this attempt. This applies when
+ * {@link is_own_attempt()} returns false.
+ * @return bool whether the review should be allowed.
+ */
+ public function is_review_allowed() {
+ if (!$this->has_capability('mod/quiz:viewreports')) {
+ return false;
+ }
+
+ $cm = $this->get_cm();
+ if ($this->has_capability('moodle/site:accessallgroups') ||
+ groups_get_activity_groupmode($cm) != SEPARATEGROUPS) {
+ return true;
+ }
+
+ // Check the users have at least one group in common.
+ $teachersgroups = groups_get_activity_allowed_groups($cm);
+ $studentsgroups = groups_get_all_groups($cm->course, $this->attempt->userid, $cm->groupingid);
+ return $teachersgroups && $studentsgroups &&
+ array_intersect(array_keys($teachersgroups), array_keys($studentsgroups));
+ }
+
/**
* Check the appropriate capability to see whether this user may review their own attempt.
* If not, prints an error.
$string['noquestionsonpage'] = 'Empty page';
$string['noresponse'] = 'No response';
$string['noreview'] = 'You are not allowed to review this quiz';
+$string['noreviewattempt'] = 'You are not allowed to review this attempt.';
$string['noreviewshort'] = 'Not permitted';
$string['noreviewuntil'] = 'You are not allowed to review this quiz until {$a}';
$string['noreviewuntilshort'] = 'Available {$a}';
$accessmanager = $attemptobj->get_access_manager(time());
$options = $attemptobj->get_review_options();
-/// Permissions checks for normal users who do not have quiz:viewreports capability.
- if (!$attemptobj->has_capability('mod/quiz:viewreports')) {
- /// Can't review other users' attempts.
- if (!$attemptobj->is_own_attempt()) {
- quiz_error($attemptobj->get_quiz(), 'notyourattempt');
- }
- /// Can't review during the attempt - send them back to the attempt page.
+ // Check permissions.
+ if ($attemptobj->is_own_attempt()) {
if (!$attemptobj->is_finished()) {
redirect($attemptobj->attempt_url(0, $page));
- }
- /// Can't review unless Students may review -> Responses option is turned on.
- if (!$options->responses) {
+ } else if (!$options->responses) {
$accessmanager->back_to_view_page($attemptobj->is_preview_user(),
- $accessmanager->cannot_review_message($options));
+ $accessmanager->cannot_review_message($attemptobj->get_attempt_state()));
}
+
+ } else if (!$attemptobj->is_review_allowed()) {
+ throw new moodle_quiz_exception($attemptobj, 'noreviewattempt');
}
/// Load the questions and states needed by this page.
$accessmanager = $attemptobj->get_access_manager(time());
$options = $attemptobj->get_review_options();
-/// Permissions checks for normal users who do not have quiz:viewreports capability.
- if (!$attemptobj->has_capability('mod/quiz:viewreports')) {
- /// Can't review during the attempt - send them back to the attempt page.
+ // Check permissions.
+ if ($attemptobj->is_own_attempt()) {
if (!$attemptobj->is_finished()) {
echo $OUTPUT->header();
echo $OUTPUT->notification(get_string('cannotreviewopen', 'quiz'));
echo $OUTPUT->close_window_button();
echo $OUTPUT->footer();
die;
- }
- /// Can't review other users' attempts.
- if (!$attemptobj->is_own_attempt()) {
- echo $OUTPUT->header();
- echo $OUTPUT->notification(get_string('notyourattempt', 'quiz'));
- echo $OUTPUT->close_window_button();
- echo $OUTPUT->footer();
- die;
- }
-
- /// Can't review unless Students may review -> Responses option is turned on.
- if (!$options->responses) {
+ } else if (!$options->responses) {
$accessmanager = $attemptobj->get_access_manager(time());
echo $OUTPUT->header();
echo $OUTPUT->notification($accessmanager->cannot_review_message($attemptobj->get_review_options()));
echo $OUTPUT->footer();
die;
}
+
+ } else if (!$attemptobj->is_review_allowed()) {
+ throw new moodle_quiz_exception($attemptobj, 'noreviewattempt');
}
/// Load the questions and states.
