#142 Add setting to allow site-wide verification of certificates

This commit is contained in:
Mark Nelson 2017-11-12 12:55:10 +08:00
parent c6d6394b0d
commit 62a7491c99
7 changed files with 165 additions and 22 deletions

View file

@ -88,4 +88,12 @@ $capabilities = array(
'manager' => CAP_ALLOW 'manager' => CAP_ALLOW
) )
), ),
'mod/customcert:verifyallcertificates' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_SYSTEM,
'archetypes' => array(
'manager' => CAP_ALLOW
)
),
); );

View file

@ -25,6 +25,7 @@
$string['addcertpage'] = 'Add page'; $string['addcertpage'] = 'Add page';
$string['addelement'] = 'Add element'; $string['addelement'] = 'Add element';
$string['awardedto'] = 'Awarded to'; $string['awardedto'] = 'Awarded to';
$string['cannotverifyallcertificates'] = 'You do not have the permission to verify all certificates on the site.';
$string['certificate'] = 'Certificate'; $string['certificate'] = 'Certificate';
$string['code'] = 'Code'; $string['code'] = 'Code';
$string['copy'] = 'Copy'; $string['copy'] = 'Copy';
@ -38,6 +39,7 @@ $string['customcert:manage'] = 'Manage a custom certificate';
$string['customcert:view'] = 'View a custom certificate'; $string['customcert:view'] = 'View a custom certificate';
$string['customcert:viewreport'] = 'View course report'; $string['customcert:viewreport'] = 'View course report';
$string['customcert:viewallcertificates'] = 'View all certificates'; $string['customcert:viewallcertificates'] = 'View all certificates';
$string['customcert:verifyallcertificates'] = 'Verify all certificates on the site';
$string['customcert:verifycertificate'] = 'Verify a certificate'; $string['customcert:verifycertificate'] = 'Verify a certificate';
$string['deletecertpage'] = 'Delete page'; $string['deletecertpage'] = 'Delete page';
$string['deleteconfirm'] = 'Delete confirmation'; $string['deleteconfirm'] = 'Delete confirmation';
@ -159,6 +161,10 @@ $string['uploadimagedesc'] = 'This link will take you to a new screen where you
this method will be available throughout your site to all users who are able to create a certificate.'; this method will be available throughout your site to all users who are able to create a certificate.';
$string['verified'] = 'Verified'; $string['verified'] = 'Verified';
$string['verify'] = 'Verify'; $string['verify'] = 'Verify';
$string['verifyallcertificates'] = 'Allow verification of all certificates';
$string['verifyallcertificates_desc'] = 'When this setting is enabled any person (including users not logged in) can visit the link \'{$a}\' in order to verify any certificate on the site, rather than having to go to the verification link for each certificate.
Note - this only applies to certificates where \'Allow anyone to verify a certificate\' has been set to \'Yes\' in the certificate settings.';
$string['verifycertificate'] = 'Verify certificate'; $string['verifycertificate'] = 'Verify certificate';
$string['verifycertificateanyone'] = 'Allow anyone to verify a certificate'; $string['verifycertificateanyone'] = 'Allow anyone to verify a certificate';
$string['verifycertificateanyone_help'] = 'This setting enables anyone with the certificate verification link (including users not logged in) to verify a certificate.'; $string['verifycertificateanyone_help'] = 'This setting enables anyone with the certificate verification link (including users not logged in) to verify a certificate.';

View file

@ -24,6 +24,12 @@
defined('MOODLE_INTERNAL') || die; defined('MOODLE_INTERNAL') || die;
$url = $CFG->wwwroot . '/mod/customcert/verify_certificate.php';
$settings->add(new admin_setting_configcheckbox('customcert/verifyallcertificates',
get_string('verifyallcertificates', 'customcert'),
get_string('verifyallcertificates_desc', 'customcert', $url),
0));
$settings->add(new admin_setting_configcheckbox('customcert/showposxy', $settings->add(new admin_setting_configcheckbox('customcert/showposxy',
get_string('showposxy', 'customcert'), get_string('showposxy', 'customcert'),
get_string('showposxy_desc', 'customcert'), get_string('showposxy_desc', 'customcert'),

View file

@ -95,6 +95,28 @@ class behat_mod_customcert extends behat_base {
$this->execute('behat_forms::i_set_the_field_to', array(get_string('code', 'customcert'), $issue->code)); $this->execute('behat_forms::i_set_the_field_to', array(get_string('code', 'customcert'), $issue->code));
$this->execute('behat_forms::press_button', get_string('verify', 'customcert')); $this->execute('behat_forms::press_button', get_string('verify', 'customcert'));
$this->execute('behat_general::assert_page_contains_text', get_string('verified', 'customcert')); $this->execute('behat_general::assert_page_contains_text', get_string('verified', 'customcert'));
$this->execute('behat_general::assert_page_not_contains_text', get_string('notverified', 'customcert'));
}
/**
* Verifies the certificate code for a user.
*
* @Given /^I can not verify the "(?P<certificate_name>(?:[^"]|\\")*)" certificate for the user "(?P<user_name>(?:[^"]|\\")*)"$/
* @param string $certificatename
* @param string $username
*/
public function i_can_not_verify_the_custom_certificate_for_user($certificatename, $username) {
global $DB;
$certificate = $DB->get_record('customcert', array('name' => $certificatename), '*', MUST_EXIST);
$user = $DB->get_record('user', array('username' => $username), '*', MUST_EXIST);
$issue = $DB->get_record('customcert_issues', array('userid' => $user->id, 'customcertid' => $certificate->id),
'*', MUST_EXIST);
$this->execute('behat_forms::i_set_the_field_to', array(get_string('code', 'customcert'), $issue->code));
$this->execute('behat_forms::press_button', get_string('verify', 'customcert'));
$this->execute('behat_general::assert_page_contains_text', get_string('notverified', 'customcert'));
$this->execute('behat_general::assert_page_not_contains_text', get_string('verified', 'customcert'));
} }
/** /**
@ -115,4 +137,14 @@ class behat_mod_customcert extends behat_base {
$url = new moodle_url('/mod/customcert/verify_certificate.php', array('contextid' => $template->contextid)); $url = new moodle_url('/mod/customcert/verify_certificate.php', array('contextid' => $template->contextid));
$this->getSession()->visit($this->locate_path($url->out_as_local_url())); $this->getSession()->visit($this->locate_path($url->out_as_local_url()));
} }
/**
* Directs the user to the URL for verifying all certificates on the site.
*
* @Given /^I visit the verification url for the site$/
*/
public function i_visit_the_verification_url_for_the_site() {
$url = new moodle_url('/mod/customcert/verify_certificate.php');
$this->getSession()->visit($this->locate_path($url->out_as_local_url()));
}
} }

View file

@ -52,3 +52,57 @@ Feature: Being able to verify that a certificate is valid or not
And I press "Verify" And I press "Verify"
And I should see "Not verified" And I should see "Not verified"
And I verify the "Custom certificate 2" certificate for the user "student1" And I verify the "Custom certificate 2" certificate for the user "student1"
Scenario: Attempt to verify a certificate as a non-user using the site-wide URL
And the following config values are set as admin:
| verifyallcertificates | 0 | customcert |
And I visit the verification url for the site
# User should see an error message as we do not allow non-users to verify all certificates on the site.
And I should see "You do not have the permission to verify all certificates on the site"
Scenario: Attempt to verify a certificate as a teacher using the site-wide URL
And the following config values are set as admin:
| verifyallcertificates | 0 | customcert |
And I log in as "teacher1"
And I visit the verification url for the site
# User should see an error message as we do not allow teachers to verify all certificates on the site.
And I should see "You do not have the permission to verify all certificates on the site"
Scenario: Verify a certificate as an admin using the site-wide URL
And the following config values are set as admin:
| verifyallcertificates | 0 | customcert |
And I log in as "student1"
And I am on "Course 1" course homepage
And I follow "Custom certificate 1"
And I press "Download certificate"
And I am on "Course 1" course homepage
And I follow "Custom certificate 2"
And I press "Download certificate"
And I log out
And I log in as "admin"
# The admin (or anyone with the capability 'mod/customcert:verifyallcertificates') can visit the URL regardless of the setting.
And I visit the verification url for the site
And I set the field "Code" to "NOTAVALIDCODE"
And I press "Verify"
And I should see "Not verified"
# The admin (or anyone with the capability 'mod/customcert:verifyallcertificates') can verify any certificate regardless of the 'verifyany' setting.
And I verify the "Custom certificate 1" certificate for the user "student1"
And I verify the "Custom certificate 2" certificate for the user "student1"
Scenario: Verify a certificate as a non-user using the site-wide URL
And the following config values are set as admin:
| verifyallcertificates | 1 | customcert |
And I log in as "student1"
And I am on "Course 1" course homepage
And I follow "Custom certificate 1"
And I press "Download certificate"
And I am on "Course 1" course homepage
And I follow "Custom certificate 2"
And I press "Download certificate"
And I log out
And I visit the verification url for the site
And I set the field "Code" to "NOTAVALIDCODE"
And I press "Verify"
And I should see "Not verified"
And I can not verify the "Custom certificate 1" certificate for the user "student1"
And I verify the "Custom certificate 2" certificate for the user "student1"

View file

@ -24,27 +24,52 @@
require_once('../../config.php'); require_once('../../config.php');
$contextid = required_param('contextid', PARAM_INT); $contextid = optional_param('contextid', context_system::instance()->id, PARAM_INT);
$code = optional_param('code', '', PARAM_ALPHANUM); // The code for the certificate we are verifying. $code = optional_param('code', '', PARAM_ALPHANUM); // The code for the certificate we are verifying.
$context = context::instance_by_id($contextid); $context = context::instance_by_id($contextid);
$cm = get_coursemodule_from_id('customcert', $context->instanceid, 0, false, MUST_EXIST);
$course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
$customcert = $DB->get_record('customcert', array('id' => $cm->instance), '*', MUST_EXIST);
// Check if we are allowing anyone to verify, if so, no need to check login, or permissions.
if (!$customcert->verifyany) {
// Need to be logged in.
require_login($course, false, $cm);
// Ok, now check the user has the ability to verify certificates.
require_capability('mod/customcert:verifycertificate', $context);
} else {
$PAGE->set_cm($cm, $course);
}
// Set up the page. // Set up the page.
$pageurl = new moodle_url('/mod/customcert/verify_certificate.php', array('contextid' => $contextid)); $pageurl = new moodle_url('/mod/customcert/verify_certificate.php', array('contextid' => $contextid));
// Ok, a certificate was specified.
if ($context->contextlevel != CONTEXT_SYSTEM) {
$cm = get_coursemodule_from_id('customcert', $context->instanceid, 0, false, MUST_EXIST);
$course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
$customcert = $DB->get_record('customcert', array('id' => $cm->instance), '*', MUST_EXIST);
// Check if we are allowing anyone to verify, if so, no need to check login, or permissions.
if (!$customcert->verifyany) {
// Need to be logged in.
require_login($course, false, $cm);
// Ok, now check the user has the ability to verify certificates.
require_capability('mod/customcert:verifycertificate', $context);
} else {
$PAGE->set_cm($cm, $course);
}
$checkallofsite = false;
} else {
// If the 'verifyallcertificates' is not set and the user does not have the capability 'mod/customcert:verifyallcertificates'
// then show them a message letting them know they can not proceed.
$verifyallcertificates = get_config('customcert', 'verifyallcertificates');
$canverifyallcertificates = has_capability('mod/customcert:verifyallcertificates', $context);
if (!$verifyallcertificates && !$canverifyallcertificates) {
$strheading = get_string('verifycertificate', 'customcert');
$PAGE->navbar->add($strheading);
$PAGE->set_context(context_system::instance());
$PAGE->set_title($strheading);
$PAGE->set_url($pageurl);
echo $OUTPUT->header();
echo $OUTPUT->heading($strheading);
echo $OUTPUT->notification(get_string('cannotverifyallcertificates', 'customcert'));
echo $OUTPUT->footer();
exit();
}
$checkallofsite = true;
}
if ($code) { if ($code) {
$pageurl->param('code', $code); $pageurl->param('code', $code);
} }
@ -63,7 +88,7 @@ if ($form->get_data()) {
// Ok, now check if the code is valid. // Ok, now check if the code is valid.
$userfields = get_all_user_name_fields(true, 'u'); $userfields = get_all_user_name_fields(true, 'u');
$sql = "SELECT ci.id, u.id as userid, $userfields, co.id as courseid, $sql = "SELECT ci.id, u.id as userid, $userfields, co.id as courseid,
co.fullname as coursefullname, c.name as certificatename co.fullname as coursefullname, c.name as certificatename, c.verifyany
FROM {customcert} c FROM {customcert} c
JOIN {customcert_issues} ci JOIN {customcert_issues} ci
ON c.id = ci.customcertid ON c.id = ci.customcertid
@ -71,11 +96,23 @@ if ($form->get_data()) {
ON c.course = co.id ON c.course = co.id
JOIN {user} u JOIN {user} u
ON ci.userid = u.id ON ci.userid = u.id
WHERE ci.code = :code WHERE ci.code = :code";
AND c.id = :customcertid
AND u.deleted = 0"; if ($checkallofsite) {
// Only people with the capability to verify all the certificates can verify any.
if (!$canverifyallcertificates) {
$sql .= " AND c.verifyany = 1";
}
$params = ['code' => $code];
} else {
$sql .= " AND c.id = :customcertid";
$params = ['code' => $code, 'customcertid' => $customcert->id];
}
$sql .= " AND u.deleted = 0";
// It is possible (though unlikely) that there is the same code for issued certificates. // It is possible (though unlikely) that there is the same code for issued certificates.
if ($issues = $DB->get_records_sql($sql, array('code' => $code, 'customcertid' => $customcert->id))) { if ($issues = $DB->get_records_sql($sql, $params)) {
$result->success = true; $result->success = true;
$result->issues = $issues; $result->issues = $issues;
} else { } else {

View file

@ -24,10 +24,10 @@
defined('MOODLE_INTERNAL') || die('Direct access to this script is forbidden.'); defined('MOODLE_INTERNAL') || die('Direct access to this script is forbidden.');
$plugin->version = 2016120514; // The current module version (Date: YYYYMMDDXX). $plugin->version = 2016120515; // The current module version (Date: YYYYMMDDXX).
$plugin->requires = 2016120500; // Requires this Moodle version (3.2). $plugin->requires = 2016120500; // Requires this Moodle version (3.2).
$plugin->cron = 0; // Period for cron to check this module (secs). $plugin->cron = 0; // Period for cron to check this module (secs).
$plugin->component = 'mod_customcert'; $plugin->component = 'mod_customcert';
$plugin->maturity = MATURITY_STABLE; $plugin->maturity = MATURITY_STABLE;
$plugin->release = "3.2 release (Build: 2016120514)"; // User-friendly version number. $plugin->release = "3.2 release (Build: 2016120515)"; // User-friendly version number.