moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-04 16:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-65093 core_message: deprecate can_post_message()

Browse source
This commit is contained in:
Mark Nelson 2019-07-25 14:22:20 +08:00
parent f622ee97e3
commit 06d046c1ff
7 changed files with 237 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/deprecatedlib.php
View file

@ -2412,7 +2412,7 @@ function message_page_type_list() {
*/
function message_can_post_message() {
throw new coding_exception('message_can_post_message() can not be used anymore. Please use ' .
'\core_message\api::can_post_message() instead.');
'\core_message\api::can_send_message() instead.');
}
/**

23
message/classes/api.php
View file

@ -1844,6 +1844,8 @@ class api {
* Determines if a user is permitted to send another user a private message.
* If no sender is provided then it defaults to the logged in user.
*
* @deprecated since 3.8
* @todo Final deprecation in MDL-66266
* @param \stdClass $recipient The user object.
* @param \stdClass|null $sender The user object.
* @return bool true if user is permitted, false otherwise.
@ -1851,22 +1853,37 @@ class api {
public static function can_post_message($recipient, $sender = null) {
global $USER;
debugging('\core_message\api::can_post_message is deprecated, please use ' .
'\core_message\api::can_send_message instead.', DEBUG_DEVELOPER);
if (is_null($sender)) {
// The message is from the logged in user, unless otherwise specified.
$sender = $USER;
}
return self::can_send_message($recipient->id, $sender->id);
}
/**
* Determines if a user is permitted to send another user a private message.
*
* @param int $recipientid The recipient user id.
* @param int $senderid The sender user id.
* @return bool true if user is permitted, false otherwise.
*/
public static function can_send_message(int $recipientid, int $senderid) : bool {
$systemcontext = \context_system::instance();
if (!has_capability('moodle/site:sendmessage', $systemcontext, $sender)) {
if (!has_capability('moodle/site:sendmessage', $systemcontext, $senderid)) {
return false;
}
if (has_capability('moodle/site:readallmessages', $systemcontext, $sender->id)) {
if (has_capability('moodle/site:readallmessages', $systemcontext, $senderid)) {
return true;
}
// Check if the recipient can be messaged by the sender.
return (self::can_contact_user($recipient->id, $sender->id));
return self::can_contact_user($recipientid, $senderid);
}
/**

9
message/classes/helper.php
View file

@ -592,14 +592,7 @@ class helper {
if ($includeprivacyinfo) {
$privacysetting = api::get_user_privacy_messaging_preference($member->id);
$data->requirescontact = $privacysetting == api::MESSAGE_PRIVACY_ONLYCONTACTS;
$recipient = new \stdClass();
$recipient->id = $member->id;
$sender = new \stdClass();
$sender->id = $referenceuserid;
$data->canmessage = !$data->isdeleted && api::can_post_message($recipient, $sender);
$data->canmessage = !$data->isdeleted && api::can_send_message($member->id, $referenceuserid);
}
// Populate the contact requests, even if we don't need them.

2
message/externallib.php
View file

@ -189,7 +189,7 @@ class core_message_external extends external_api {
// TODO MDL-31118 performance improvement - edit the function so we can pass an array instead userid
// Check if the recipient can be messaged by the sender.
if ($success && !\core_message\api::can_post_message($tousers[$message['touserid']], $USER)) {
if ($success && !\core_message\api::can_send_message($tousers[$message['touserid']]->id, $USER->id)) {
$success = false;
$errormessage = get_string('usercantbemessaged', 'message', fullname(\core_user::get_user($message['touserid'])));
}

4
message/index.php
View file

@ -56,9 +56,7 @@ if ($userid) {
}
if ($userid) {
$recipient = new stdClass();
$recipient->id = $userid;
if (!\core_message\api::can_post_message($recipient)) {
if (!\core_message\api::can_send_message($userid, $USER->id)) {
throw new moodle_exception('Can not contact user');
}
}

212
message/tests/api_test.php
View file

@ -3418,6 +3418,201 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
$this->assertEquals(1, $prefs->mod_assign_assign_notification_loggedoff['email']);
}
/**
* Tests the user can send a message.
*/
public function test_can_send_message() {
// Create some users.
$user1 = self::getDataGenerator()->create_user();
$user2 = self::getDataGenerator()->create_user();
// Set as the first user.
$this->setUser($user1);
// With the default privacy setting, users can't message them.
$this->assertFalse(\core_message\api::can_send_message($user2->id, $user1->id));
// Enrol users to the same course.
$course = $this->getDataGenerator()->create_course();
$this->getDataGenerator()->enrol_user($user1->id, $course->id);
$this->getDataGenerator()->enrol_user($user2->id, $course->id);
// After enrolling users to the course, they should be able to message them with the default privacy setting.
$this->assertTrue(\core_message\api::can_send_message($user2->id, $user1->id));
}
/**
* Tests the user can't send a message without proper capability.
*/
public function test_can_send_message_without_sendmessage_cap() {
global $DB;
// Create some users.
$user1 = self::getDataGenerator()->create_user();
$user2 = self::getDataGenerator()->create_user();
// Set as the user 1.
$this->setUser($user1);
// Remove the capability to send a message.
$roleids = $DB->get_records_menu('role', null, '', 'shortname, id');
unassign_capability('moodle/site:sendmessage', $roleids['user'],
context_system::instance());
// Check that we can not post a message without the capability.
$this->assertFalse(\core_message\api::can_send_message($user2->id, $user1->id));
}
/**
* Tests the user can send a message when they are contact.
*/
public function test_can_send_message_when_contact() {
// Create some users.
$user1 = self::getDataGenerator()->create_user();
$user2 = self::getDataGenerator()->create_user();
// Set as the first user.
$this->setUser($user1);
// Check that we can not send user2 a message.
$this->assertFalse(\core_message\api::can_send_message($user2->id, $user1->id));
// Add users as contacts.
\core_message\api::add_contact($user1->id, $user2->id);
// Check that the return result is now true.
$this->assertTrue(\core_message\api::can_send_message($user2->id, $user1->id));
}
/**
* Tests the user can't send a message if they are not a contact and the user
* has requested messages only from contacts.
*/
public function test_can_send_message_when_not_contact() {
// Create some users.
$user1 = self::getDataGenerator()->create_user();
$user2 = self::getDataGenerator()->create_user();
// Set as the first user.
$this->setUser($user1);
// Set the second user's preference to not receive messages from non-contacts.
set_user_preference('message_blocknoncontacts', \core_message\api::MESSAGE_PRIVACY_ONLYCONTACTS, $user2->id);
// Check that we can not send user 2 a message.
$this->assertFalse(\core_message\api::can_send_message($user2->id, $user1->id));
}
/**
* Tests the user can't send a message if they are blocked.
*/
public function test_can_send_message_when_blocked() {
// Create some users.
$user1 = self::getDataGenerator()->create_user();
$user2 = self::getDataGenerator()->create_user();
// Set the user.
$this->setUser($user1);
// Block the second user.
\core_message\api::block_user($user1->id, $user2->id);
// Check that the second user can no longer send the first user a message.
$this->assertFalse(\core_message\api::can_send_message($user1->id, $user2->id));
}
/**
* Tests the user can send a message when site-wide messaging setting is enabled,
* even if they are not a contact and are not members of the same course.
*/
public function test_can_send_message_site_messaging_setting() {
// Create some users.
$user1 = self::getDataGenerator()->create_user();
$user2 = self::getDataGenerator()->create_user();
// Set as the first user.
$this->setUser($user1);
// By default, user only can be messaged by contacts and members of any of his/her courses.
$this->assertFalse(\core_message\api::can_send_message($user2->id, $user1->id));
// Enable site-wide messagging privacy setting. The user will be able to receive messages from everybody.
set_config('messagingallusers', true);
// Set the second user's preference to receive messages from everybody.
set_user_preference('message_blocknoncontacts', \core_message\api::MESSAGE_PRIVACY_SITE, $user2->id);
// Check that we can send user2 a message.
$this->assertTrue(\core_message\api::can_send_message($user2->id, $user1->id));
// Disable site-wide messagging privacy setting. The user will be able to receive messages from contacts
// and members sharing a course with her.
set_config('messagingallusers', false);
// As site-wide messaging setting is disabled, the value for user2 will be changed to MESSAGE_PRIVACY_COURSEMEMBER.
$this->assertFalse(\core_message\api::can_send_message($user2->id, $user1->id));
// Enrol users to the same course.
$course = $this->getDataGenerator()->create_course();
$this->getDataGenerator()->enrol_user($user1->id, $course->id);
$this->getDataGenerator()->enrol_user($user2->id, $course->id);
// Check that we can send user2 a message because they are sharing a course.
$this->assertTrue(\core_message\api::can_send_message($user2->id, $user1->id));
// Set the second user's preference to receive messages only from contacts.
set_user_preference('message_blocknoncontacts', \core_message\api::MESSAGE_PRIVACY_ONLYCONTACTS, $user2->id);
// Check that now the user2 can't be contacted because user1 is not their contact.
$this->assertFalse(\core_message\api::can_send_message($user2->id, $user1->id));
// Make contacts user1 and user2.
\core_message\api::add_contact($user2->id, $user1->id);
// Check that we can send user2 a message because they are contacts.
$this->assertTrue(\core_message\api::can_send_message($user2->id, $user1->id));
}
/**
* Tests the user with the messageanyuser capability can send a message.
*/
public function test_can_send_message_with_messageanyuser_cap() {
global $DB;
// Create some users.
$teacher1 = self::getDataGenerator()->create_user();
$student1 = self::getDataGenerator()->create_user();
$student2 = self::getDataGenerator()->create_user();
// Create users not enrolled in any course.
$user1 = self::getDataGenerator()->create_user();
// Create a course.
$course1 = $this->getDataGenerator()->create_course();
// Enrol the users in the course.
$this->getDataGenerator()->enrol_user($teacher1->id, $course1->id, 'editingteacher');
$this->getDataGenerator()->enrol_user($student1->id, $course1->id, 'student');
$this->getDataGenerator()->enrol_user($student2->id, $course1->id, 'student');
// Set some student preferences to not receive messages from non-contacts.
set_user_preference('message_blocknoncontacts', \core_message\api::MESSAGE_PRIVACY_ONLYCONTACTS, $student1->id);
// Check that we can send student1 a message because teacher has the messageanyuser cap by default.
$this->assertTrue(\core_message\api::can_send_message($student1->id, $teacher1->id));
// Check that the teacher can't contact user1 because it's not his teacher.
$this->assertFalse(\core_message\api::can_send_message($user1->id, $teacher1->id));
// Remove the messageanyuser capability from the course1 for teachers.
$coursecontext = context_course::instance($course1->id);
$teacherrole = $DB->get_record('role', ['shortname' => 'editingteacher']);
assign_capability('moodle/site:messageanyuser', CAP_PROHIBIT, $teacherrole->id, $coursecontext->id);
$coursecontext->mark_dirty();
// Check that we can't send user1 a message because they are not contacts.
$this->assertFalse(\core_message\api::can_send_message($student1->id, $teacher1->id));
// However, teacher can message student2 because they are sharing a course.
$this->assertTrue(\core_message\api::can_send_message($student2->id, $teacher1->id));
}
/**
* Tests the user can post a message.
*/
@ -3431,6 +3626,7 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// With the default privacy setting, users can't message them.
$this->assertFalse(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
// Enrol users to the same course.
$course = $this->getDataGenerator()->create_course();
@ -3438,6 +3634,7 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
$this->getDataGenerator()->enrol_user($user2->id, $course->id);
// After enrolling users to the course, they should be able to message them with the default privacy setting.
$this->assertTrue(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
}
/**
@ -3460,6 +3657,7 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// Check that we can not post a message without the capability.
$this->assertFalse(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
}
/**
@ -3475,12 +3673,14 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// Check that we can not send user2 a message.
$this->assertFalse(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
// Add users as contacts.
\core_message\api::add_contact($user1->id, $user2->id);
// Check that the return result is now true.
$this->assertTrue(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
}
/**
@ -3500,6 +3700,7 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// Check that we can not send user 2 a message.
$this->assertFalse(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
}
/**
@ -3518,6 +3719,7 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// Check that the second user can no longer send the first user a message.
$this->assertFalse(\core_message\api::can_post_message($user1, $user2));
$this->assertDebuggingCalled();
}
/**
@ -3534,6 +3736,7 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// By default, user only can be messaged by contacts and members of any of his/her courses.
$this->assertFalse(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
// Enable site-wide messagging privacy setting. The user will be able to receive messages from everybody.
set_config('messagingallusers', true);
@ -3543,6 +3746,7 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// Check that we can send user2 a message.
$this->assertTrue(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
// Disable site-wide messagging privacy setting. The user will be able to receive messages from contacts
// and members sharing a course with her.
@ -3550,6 +3754,7 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// As site-wide messaging setting is disabled, the value for user2 will be changed to MESSAGE_PRIVACY_COURSEMEMBER.
$this->assertFalse(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
// Enrol users to the same course.
$course = $this->getDataGenerator()->create_course();
@ -3557,16 +3762,19 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
$this->getDataGenerator()->enrol_user($user2->id, $course->id);
// Check that we can send user2 a message because they are sharing a course.
$this->assertTrue(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
// Set the second user's preference to receive messages only from contacts.
set_user_preference('message_blocknoncontacts', \core_message\api::MESSAGE_PRIVACY_ONLYCONTACTS, $user2->id);
// Check that now the user2 can't be contacted because user1 is not their contact.
$this->assertFalse(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
// Make contacts user1 and user2.
\core_message\api::add_contact($user2->id, $user1->id);
// Check that we can send user2 a message because they are contacts.
$this->assertTrue(\core_message\api::can_post_message($user2));
$this->assertDebuggingCalled();
}
/**
@ -3596,8 +3804,10 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// Check that we can send student1 a message because teacher has the messageanyuser cap by default.
$this->assertTrue(\core_message\api::can_post_message($student1, $teacher1));
$this->assertDebuggingCalled();
// Check that the teacher can't contact user1 because it's not his teacher.
$this->assertFalse(\core_message\api::can_post_message($user1, $teacher1));
$this->assertDebuggingCalled();
// Remove the messageanyuser capability from the course1 for teachers.
$coursecontext = context_course::instance($course1->id);
@ -3607,8 +3817,10 @@ class core_message_api_testcase extends core_message_messagelib_testcase {
// Check that we can't send user1 a message because they are not contacts.
$this->assertFalse(\core_message\api::can_post_message($student1, $teacher1));
$this->assertDebuggingCalled();
// However, teacher can message student2 because they are sharing a course.
$this->assertTrue(\core_message\api::can_post_message($student2, $teacher1));
$this->assertDebuggingCalled();
}
/**

1
message/upgrade.txt
View file

@ -5,6 +5,7 @@ information provided here is intended especially for developers.
* The following methods have been deprecated and should not be used any more:
- \core_message\api::get_individual_conversations_between_users()
- \core_message\api::can_post_message()
=== 3.7 ===