moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-08 02:16:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'MDL-72791' of https://github.com/paulholden/moodle

Browse source
This commit is contained in:
Eloy Lafuente (stronk7) 2021-12-01 17:13:22 +01:00
commit 74f126770d
2 changed files with 68 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

22
course/classes/search/customfield.php
View file

@ -126,18 +126,34 @@ class customfield extends \core_search\base {
/**
* Whether the user can access the document or not.
*
* @param int $id The course instance id.
* @param int $id The custom field data ID
* @return int
*/
public function check_access($id) {
global $DB;
$course = $DB->get_record('course', array('id' => $id));
$coursesql = '
SELECT c.*
FROM {course} c
JOIN {customfield_data} d ON d.instanceid = c.id
WHERE d.id = :dataid';
// Verify both the course and data record still exist.
$course = $DB->get_record_sql($coursesql, ['dataid' => $id]);
if (!$course) {
return \core_search\manager::ACCESS_DELETED;
}
if (\core_course_category::can_view_course_info($course)) {
// Check whether user is enrolled and the course is visible, or user can view it while hidden.
$context = \context_course::instance($course->id);
$userenrolled = is_enrolled($context) &&
($course->visible || has_capability('moodle/course:viewhiddencourses', $context));
// Grant access if user is considered enrolled, or they can otherwise see the course info.
if ($userenrolled || \core_course_category::can_view_course_info($course)) {
return \core_search\manager::ACCESS_GRANTED;
}
return \core_search\manager::ACCESS_DENIED;
}