From 90109a881e0a3345dfacb19fc5f9c3b9cf61ad98 Mon Sep 17 00:00:00 2001
From: Mark Nelson <markn@moodle.com>
Date: Sat, 6 May 2017 19:14:15 +0800
Subject: [PATCH] #78 Add setting to allow anyone to verify certificates

---
 db/install.xml         |  3 ++-
 db/upgrade.php         | 15 +++++++++++++++
 lang/en/customcert.php |  2 ++
 mod_form.php           |  4 ++++
 verify_certificate.php | 14 +++++++++-----
 version.php            |  4 ++--
 6 files changed, 34 insertions(+), 8 deletions(-)

diff --git a/db/install.xml b/db/install.xml
index e777144..44902c6 100644
--- a/db/install.xml
+++ b/db/install.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" ?>
-<XMLDB PATH="mod/customcert/db" VERSION="20150311" COMMENT="XMLDB file for Moodle mod/customcert"
+<XMLDB PATH="mod/customcert/db" VERSION="20170530" COMMENT="XMLDB file for Moodle mod/customcert"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:noNamespaceSchemaLocation="../../../lib/xmldb/xmldb.xsd"
 >
@@ -13,6 +13,7 @@
         <FIELD NAME="intro" TYPE="text" LENGTH="small" NOTNULL="false" SEQUENCE="false"/>
         <FIELD NAME="introformat" TYPE="int" LENGTH="4" NOTNULL="true" DEFAULT="0" SEQUENCE="false"/>
         <FIELD NAME="requiredtime" TYPE="int" LENGTH="10" NOTNULL="true" DEFAULT="0" SEQUENCE="false"/>
+        <FIELD NAME="verifyany" TYPE="int" LENGTH="10" NOTNULL="true" DEFAULT="0" SEQUENCE="false"/>
         <FIELD NAME="emailstudents" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="0" SEQUENCE="false"/>
         <FIELD NAME="emailteachers" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="0" SEQUENCE="false"/>
         <FIELD NAME="emailothers" TYPE="text" NOTNULL="false" SEQUENCE="false"/>
diff --git a/db/upgrade.php b/db/upgrade.php
index cf4be75..7395a88 100644
--- a/db/upgrade.php
+++ b/db/upgrade.php
@@ -106,5 +106,20 @@ function xmldb_customcert_upgrade($oldversion) {
         upgrade_mod_savepoint(true, 2016052310, 'customcert');
     }
 
+    if ($oldversion < 2016052311) {
+        // Add column for new 'verifycertificateanyone' setting.
+        $table = new xmldb_table('customcert');
+        $field = new xmldb_field('verifyany', XMLDB_TYPE_INTEGER, '1', null, XMLDB_NOTNULL, null, '0',
+            'requiredtime');
+
+        // Conditionally launch add field.
+        if (!$dbman->field_exists($table, $field)) {
+            $dbman->add_field($table, $field);
+        }
+
+        // Savepoint reached.
+        upgrade_mod_savepoint(true, 2016052311, 'customcert');
+    }
+
     return true;
 }
diff --git a/lang/en/customcert.php b/lang/en/customcert.php
index 78ae56e..7ee5bfc 100644
--- a/lang/en/customcert.php
+++ b/lang/en/customcert.php
@@ -154,6 +154,8 @@ this method will be available throughout your site to all users who are able to
 $string['verified'] = 'Verified';
 $string['verify'] = 'Verify';
 $string['verifycertificate'] = 'Verify certificate';
+$string['verifycertificateanyone'] = 'Allow anyone to verify a certificate';
+$string['verifycertificateanyone_help'] = 'This setting enables anyone with the certificate verification link (including users not logged in) to verify a certificate.';
 $string['viewcustomcertissues'] = 'View {$a} issued custom certificates';
 $string['width'] = 'Width';
 $string['width_help'] = 'This is the width of the certificate PDF in mm. For reference an A4 piece of paper is 210mm wide and a letter is 216mm wide.';
diff --git a/mod_form.php b/mod_form.php
index bc445bd..89f28ad 100644
--- a/mod_form.php
+++ b/mod_form.php
@@ -69,6 +69,10 @@ class mod_customcert_mod_form extends moodleform_mod {
         $mform->setType('emailothers', PARAM_TEXT);
         $mform->addHelpButton('emailothers', 'emailothers', 'customcert');
 
+        $mform->addElement('selectyesno', 'verifyany', get_string('verifycertificateanyone', 'customcert'));
+        $mform->setType('verifyany', 0);
+        $mform->addHelpButton('verifyany', 'verifycertificateanyone', 'customcert');
+
         $mform->addElement('text', 'requiredtime', get_string('coursetimereq', 'customcert'), array('size' => '3'));
         $mform->setType('requiredtime', PARAM_INT);
         $mform->addHelpButton('requiredtime', 'coursetimereq', 'customcert');
diff --git a/verify_certificate.php b/verify_certificate.php
index a99c312..b96c880 100644
--- a/verify_certificate.php
+++ b/verify_certificate.php
@@ -33,11 +33,15 @@ $cm = get_coursemodule_from_id('customcert', $context->instanceid, 0, false, MUS
 $course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
 $customcert = $DB->get_record('customcert', array('id' => $cm->instance), '*', MUST_EXIST);
 
-// Need to be logged in.
-require_login($course, false, $cm);
-
-// Ok, now check the user has the ability to verify certificates.
-require_capability('mod/customcert:verifycertificate', $context);
+// Check if we are allowing anyone to verify, if so, no need to check login, or permissions.
+if (!$customcert->verifyany) {
+    // Need to be logged in.
+    require_login($course, false, $cm);
+    // Ok, now check the user has the ability to verify certificates.
+    require_capability('mod/customcert:verifycertificate', $context);
+} else {
+    $PAGE->set_cm($cm, $course);
+}
 
 // Set up the page.
 $pageurl = new moodle_url('/mod/customcert/verify_certificate.php', array('contextid' => $contextid));
diff --git a/version.php b/version.php
index 235b6e3..d7d9689 100644
--- a/version.php
+++ b/version.php
@@ -24,10 +24,10 @@
 
 defined('MOODLE_INTERNAL') || die('Direct access to this script is forbidden.');
 
-$plugin->version   = 2016052310; // The current module version (Date: YYYYMMDDXX).
+$plugin->version   = 2016052311; // The current module version (Date: YYYYMMDDXX).
 $plugin->requires  = 2016052300; // Requires this Moodle version (3.1).
 $plugin->cron      = 0; // Period for cron to check this module (secs).
 $plugin->component = 'mod_customcert';
 
 $plugin->maturity  = MATURITY_STABLE;
-$plugin->release   = "3.1 release (Build: 2016052310)"; // User-friendly version number.
+$plugin->release   = "3.1 release (Build: 2016052311)"; // User-friendly version number.