Commit 052da730 authored by dani's avatar dani

MDL-51929 external: Apply new validate_courses to data/lti/survey

parent 2f45a11a
......@@ -70,44 +70,19 @@ class mod_data_external extends external_api {
$params = self::validate_parameters(self::get_databases_by_courses_parameters(), array('courseids' => $courseids));
$warnings = array();
if (!empty($params['courseids'])) {
$courses = array();
$courseids = $params['courseids'];
} else {
$courses = enrol_get_my_courses();
$courseids = array_keys($courses);
$mycourses = array();
if (empty($params['courseids'])) {
$mycourses = enrol_get_my_courses();
$params['courseids'] = array_keys($mycourses);
}
// Array to store the databases to return.
$arrdatabases = array();
// Ensure there are courseids to loop through.
if (!empty($courseids)) {
// Array of the courses we are going to retrieve the databases from.
$dbcourses = array();
// Go through the courseids.
foreach ($courseids as $cid) {
// Check the user can function in this context.
try {
$context = context_course::instance($cid);
self::validate_context($context);
// Check if this course was already loaded (by enrol_get_my_courses).
if (!isset($courses[$cid])) {
$courses[$cid] = get_course($cid);
}
$dbcourses[$cid] = $courses[$cid];
} catch (Exception $e) {
$warnings[] = array(
'item' => 'course',
'itemid' => $cid,
'warningcode' => '1',
'message' => 'No access rights in course context '.$e->getMessage()
);
}
}
if (!empty($params['courseids'])) {
list($dbcourses, $warnings) = external_util::validate_courses($params['courseids'], $mycourses);
// Get the databases in this course, this function checks users visibility permissions.
// We can avoid then additional validate_context calls.
......@@ -148,7 +123,7 @@ class mod_data_external extends external_api {
// Check additional permissions for returning optional private settings.
// I avoid intentionally to use can_[add|update]_moduleinfo.
if (has_capability('moodle/course:manageactivities', $context)) {
if (has_capability('moodle/course:manageactivities', $datacontext)) {
$additionalfields = array('maxentries', 'rssarticles', 'singletemplate', 'listtemplate',
'listtemplateheader', 'listtemplatefooter', 'addtemplate', 'rsstemplate', 'rsstitletemplate',
......
......@@ -155,14 +155,16 @@ class mod_lti_external extends external_api {
$params = self::validate_parameters(self::get_ltis_by_courses_parameters(), array('courseids' => $courseids));
$mycourses = array();
if (empty($params['courseids'])) {
$params['courseids'] = array_keys(enrol_get_my_courses());
$mycourses = enrol_get_my_courses();
$params['courseids'] = array_keys($mycourses);
}
// Ensure there are courseids to loop through.
if (!empty($params['courseids'])) {
list($courses, $warnings) = external_util::validate_courses($params['courseids']);
list($courses, $warnings) = external_util::validate_courses($params['courseids'], $mycourses);
// Get the ltis in this course, this function checks users visibility permissions.
// We can avoid then additional validate_context calls.
......
......@@ -72,14 +72,16 @@ class mod_survey_external extends external_api {
$params = self::validate_parameters(self::get_surveys_by_courses_parameters(), array('courseids' => $courseids));
$mycourses = array();
if (empty($params['courseids'])) {
$params['courseids'] = array_keys(enrol_get_my_courses());
$mycourses = enrol_get_my_courses();
$params['courseids'] = array_keys($mycourses);
}
// Ensure there are courseids to loop through.
if (!empty($params['courseids'])) {
list($courses, $warnings) = external_util::validate_courses($params['courseids']);
list($courses, $warnings) = external_util::validate_courses($params['courseids'], $mycourses);
// Get the surveys in this course, this function checks users visibility permissions.
// We can avoid then additional validate_context calls.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment