From f9b56649e710d522f4121fa4033307ef76c3be5b Mon Sep 17 00:00:00 2001 From: Juan Leyva Date: Fri, 25 Sep 2020 14:02:26 +0200 Subject: [PATCH] MDL-63806 glossary: Return user permissions for entries in WS --- mod/glossary/classes/external.php | 12 ++++++++++++ mod/glossary/tests/external_test.php | 17 +++++++++++++++-- mod/glossary/upgrade.txt | 4 ++++ 3 files changed, 31 insertions(+), 2 deletions(-) diff --git a/mod/glossary/classes/external.php b/mod/glossary/classes/external.php index a06d115cc02..683b4923947 100644 --- a/mod/glossary/classes/external.php +++ b/mod/glossary/classes/external.php @@ -1406,10 +1406,16 @@ class mod_glossary_external extends external_api { $entry = glossary_get_entry_by_id($id); self::fill_entry_details($entry, $context); + // Permissions (for entry edition). + $permissions = [ + 'candelete' => mod_glossary_can_delete_entry($entry, $glossary, $context), + ]; + return array( 'entry' => $entry, 'ratinginfo' => \core_rating\external\util::get_rating_info($glossary, $context, 'mod_glossary', 'entry', array($entry)), + 'permissions' => $permissions, 'warnings' => $warnings ); } @@ -1424,6 +1430,12 @@ class mod_glossary_external extends external_api { return new external_single_structure(array( 'entry' => self::get_entry_return_structure(), 'ratinginfo' => \core_rating\external\util::external_ratings_structure(), + 'permissions' => new external_single_structure( + [ + 'candelete' => new external_value(PARAM_BOOL, 'Whether the user can delete the entry.'), + ], + 'User permissions for the managing the entry.', VALUE_OPTIONAL + ), 'warnings' => new external_warnings() )); } diff --git a/mod/glossary/tests/external_test.php b/mod/glossary/tests/external_test.php index 18c3a410042..4f6a849f7cd 100644 --- a/mod/glossary/tests/external_test.php +++ b/mod/glossary/tests/external_test.php @@ -1077,11 +1077,14 @@ class mod_glossary_external_testcase extends externallib_advanced_testcase { $c1 = $this->getDataGenerator()->create_course(); $c2 = $this->getDataGenerator()->create_course(); $g1 = $this->getDataGenerator()->create_module('glossary', array('course' => $c1->id)); - $g2 = $this->getDataGenerator()->create_module('glossary', array('course' => $c1->id, 'visible' => 0)); + $g2 = $this->getDataGenerator()->create_module('glossary', array('course' => $c2->id, 'visible' => 0)); $u1 = $this->getDataGenerator()->create_user(); $u2 = $this->getDataGenerator()->create_user(); + $u3 = $this->getDataGenerator()->create_user(); $ctx = context_module::instance($g1->cmid); $this->getDataGenerator()->enrol_user($u1->id, $c1->id); + $this->getDataGenerator()->enrol_user($u2->id, $c1->id); + $this->getDataGenerator()->enrol_user($u3->id, $c1->id); $e1 = $gg->create_content($g1, array('approved' => 1, 'userid' => $u1->id, 'tags' => array('Cats', 'Dogs'))); // Add a fake inline image to the entry. @@ -1108,10 +1111,12 @@ class mod_glossary_external_testcase extends externallib_advanced_testcase { $this->assertEquals('Cats', $return['entry']['tags'][0]['rawname']); $this->assertEquals('Dogs', $return['entry']['tags'][1]['rawname']); $this->assertEquals($filename, $return['entry']['definitioninlinefiles'][0]['filename']); + $this->assertTrue($return['permissions']['candelete']); $return = mod_glossary_external::get_entry_by_id($e2->id); $return = external_api::clean_returnvalue(mod_glossary_external::get_entry_by_id_returns(), $return); $this->assertEquals($e2->id, $return['entry']['id']); + $this->assertTrue($return['permissions']['candelete']); try { $return = mod_glossary_external::get_entry_by_id($e3->id); @@ -1127,11 +1132,19 @@ class mod_glossary_external_testcase extends externallib_advanced_testcase { // All good. } - // An admin can be other's entries to be approved. + // An admin can see other's entries to be approved. $this->setAdminUser(); $return = mod_glossary_external::get_entry_by_id($e3->id); $return = external_api::clean_returnvalue(mod_glossary_external::get_entry_by_id_returns(), $return); $this->assertEquals($e3->id, $return['entry']['id']); + $this->assertTrue($return['permissions']['candelete']); + + // Students can see other students approved entries but they will not be able to delete them. + $this->setUser($u3); + $return = mod_glossary_external::get_entry_by_id($e1->id); + $return = external_api::clean_returnvalue(mod_glossary_external::get_entry_by_id_returns(), $return); + $this->assertEquals($e1->id, $return['entry']['id']); + $this->assertFalse($return['permissions']['candelete']); } public function test_add_entry_without_optional_settings() { diff --git a/mod/glossary/upgrade.txt b/mod/glossary/upgrade.txt index 7738fe567a3..07650ac3ef3 100644 --- a/mod/glossary/upgrade.txt +++ b/mod/glossary/upgrade.txt @@ -1,6 +1,10 @@ This files describes API changes in /mod/glossary/*, information provided here is intended especially for developers. +=== 3.10 === +* External function get_entries_by_id now returns and additional "permissions" field indicating the user permissions for managing + the entry. + === 3.8 === * The following functions have been finally deprecated and can not be used anymore: * glossary_scale_used() -- 2.43.0