diff --git a/CHANGES.md b/CHANGES.md index 16f557a..60bb827 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -15,6 +15,7 @@ Note - All hash comments refer to the issue number. Eg. #169 refers to https://g - Added QR code element (#146). - Added Date range element (#185). - Added the number of certificates issued above the report (#266). +- Added new capability to control who can be issued a certificate (#270). ### Fixed diff --git a/classes/task/email_certificate_task.php b/classes/task/email_certificate_task.php index 1cf277d..3752d09 100644 --- a/classes/task/email_certificate_task.php +++ b/classes/task/email_certificate_task.php @@ -112,8 +112,8 @@ class email_certificate_task extends \core\task\scheduled_task { continue; } - // Don't want to email those with the capability to manage the certificate. - if (has_capability('mod/customcert:manage', $context, $enroluser->id)) { + // Only email those with the capability to receive the certificate. + if (!has_capability('mod/customcert:receiveissue', $context, $enroluser->id)) { continue; } diff --git a/db/access.php b/db/access.php index 2fbea48..eaea4f8 100644 --- a/db/access.php +++ b/db/access.php @@ -60,6 +60,14 @@ $capabilities = array( ) ), + 'mod/customcert:receiveissue' => array( + 'captype' => 'read', + 'contextlevel' => CONTEXT_MODULE, + 'archetypes' => array( + 'student' => CAP_ALLOW + ) + ), + 'mod/customcert:viewreport' => array( 'captype' => 'read', diff --git a/lang/en/customcert.php b/lang/en/customcert.php index c565358..a7bfd10 100644 --- a/lang/en/customcert.php +++ b/lang/en/customcert.php @@ -41,6 +41,7 @@ $string['customcert:manageemailothers'] = 'Manage email others setting'; $string['customcert:manageverifyany'] = 'Manage verification setting'; $string['customcert:managerequiredtime'] = 'Manage time required setting'; $string['customcert:manageprotection'] = 'Manage protection setting'; +$string['customcert:receiveissue'] = 'Receive a certificate'; $string['customcert:view'] = 'View a custom certificate'; $string['customcert:viewreport'] = 'View course report'; $string['customcert:viewallcertificates'] = 'View all certificates'; diff --git a/tests/email_certificate_task_test.php b/tests/email_certificate_task_test.php index f4f1e1b..1fc6d52 100644 --- a/tests/email_certificate_task_test.php +++ b/tests/email_certificate_task_test.php @@ -44,6 +44,39 @@ class mod_customcert_task_email_certificate_task_testcase extends advanced_testc $this->resetAfterTest(); } + /** + * Tests the email certificate task for users without a capability to receive a certificate. + */ + public function test_email_certificates_no_cap() { + global $DB; + + // Create a course. + $course = $this->getDataGenerator()->create_course(); + + // Create some users. + $user1 = $this->getDataGenerator()->create_user(); + $user2 = $this->getDataGenerator()->create_user(); + + // Enrol two of them in the course as students but revoke their right to receive a certificate issue. + $roleids = $DB->get_records_menu('role', null, '', 'shortname, id'); + $this->getDataGenerator()->enrol_user($user1->id, $course->id); + $this->getDataGenerator()->enrol_user($user2->id, $course->id); + + unassign_capability('mod/customcert:receiveissue', $roleids['student']); + + // Create a custom certificate. + $this->getDataGenerator()->create_module('customcert', ['course' => $course->id, 'emailstudents' => 1]); + + // Run the task. + $sink = $this->redirectEmails(); + $task = new \mod_customcert\task\email_certificate_task(); + $task->execute(); + $emails = $sink->get_messages(); + + // Confirm that we did not send any emails. + $this->assertCount(0, $emails); + } + /** * Tests the email certificate task for students. */ diff --git a/version.php b/version.php index 239b6a1..2808668 100644 --- a/version.php +++ b/version.php @@ -24,10 +24,10 @@ defined('MOODLE_INTERNAL') || die('Direct access to this script is forbidden.'); -$plugin->version = 2018120301; // The current module version (Date: YYYYMMDDXX). +$plugin->version = 2018120302; // The current module version (Date: YYYYMMDDXX). $plugin->requires = 2018120300; // Requires this Moodle version (3.6). $plugin->cron = 0; // Period for cron to check this module (secs). $plugin->component = 'mod_customcert'; $plugin->maturity = MATURITY_STABLE; -$plugin->release = "3.6.1"; // User-friendly version number. +$plugin->release = "3.6.2"; // User-friendly version number. diff --git a/view.php b/view.php index 05de96e..93b5b45 100644 --- a/view.php +++ b/view.php @@ -43,6 +43,7 @@ require_login($course, false, $cm); $context = context_module::instance($cm->id); require_capability('mod/customcert:view', $context); +$canreceive = has_capability('mod/customcert:receiveissue', $context); $canmanage = has_capability('mod/customcert:manage', $context); $canviewreport = has_capability('mod/customcert:viewreport', $context); @@ -134,11 +135,14 @@ if (!$downloadown && !$downloadissue) { } // Create the button to download the customcert. - $linkname = get_string('getcustomcert', 'customcert'); - $link = new moodle_url('/mod/customcert/view.php', array('id' => $cm->id, 'downloadown' => true)); - $downloadbutton = new single_button($link, $linkname, 'post', true); - $downloadbutton->class .= ' m-b-1'; // Seems a bit hackish, ahem. - $downloadbutton = $OUTPUT->render($downloadbutton); + $downloadbutton = ''; + if ($canreceive) { + $linkname = get_string('getcustomcert', 'customcert'); + $link = new moodle_url('/mod/customcert/view.php', array('id' => $cm->id, 'downloadown' => true)); + $downloadbutton = new single_button($link, $linkname, 'post', true); + $downloadbutton->class .= ' m-b-1'; // Seems a bit hackish, ahem. + $downloadbutton = $OUTPUT->render($downloadbutton); + } // Output all the page data. echo $OUTPUT->header(); @@ -154,7 +158,7 @@ if (!$downloadown && !$downloadissue) { } echo $OUTPUT->footer($course); exit(); -} else { // Output to pdf. +} else if ($canreceive) { // Output to pdf. // Set the userid value of who we are downloading the certificate for. $userid = $USER->id; if ($downloadown) {