MDL-25974 fix access to activities when role switched in hidden course and some coding style strict comparison fixes

The problem with strict comparison of numerical values fails badly if one is int and the other is string, moodle core apis do not guarantee return types much.
2025-01-19 06:18:28 +01:00 · 2011-02-13 16:17:47 +01:00 · 2011-02-13 16:17:47 +01:00 · 44303ca67a
commit 44303ca67a
parent d911c72bf9
1 changed files with 14 additions and 8 deletions
--- a/lib/navigationlib.php
+++ b/lib/navigationlib.php
@ -1023,7 +1023,7 @@ class global_navigation extends navigation_node {
                $this->add_course_essentials($coursenode, $course);
                // Load the course sections into the page
                $sections = $this->load_course_sections($course, $coursenode);
-                if ($course->id !== SITEID) {
+                if ($course->id != SITEID) {
                    // Find the section for the $CM associated with the page and collect
                    // its section number.
                    if (isset($cm->sectionnum)) {
@ -1105,7 +1105,7 @@ class global_navigation extends navigation_node {
        }
        // Load each extending user into the navigation.
        foreach ($this->extendforuser as $user) {
-            if ($user->id !== $USER->id) {
+            if ($user->id != $USER->id) {
                $this->load_for_user($user);
            }
        }
@ -1517,7 +1517,7 @@ class global_navigation extends navigation_node {
     */
    protected function load_activity($cm, stdClass $course, navigation_node $activity) {
        global $CFG, $DB;
-        
+
        // make sure we have a $cm from get_fast_modinfo as this contains activity access details
        if (!($cm instanceof cm_info)) {
            $modinfo = get_fast_modinfo($course);
@ -1569,7 +1569,7 @@ class global_navigation extends navigation_node {
        // Get the course set against the page, by default this will be the site
        $course = $this->page->course;
        $baseargs = array('id'=>$user->id);
-        if ($course->id !== SITEID && (!$iscurrentuser || $forceforcontext)) {
+        if ($course->id != SITEID && (!$iscurrentuser || $forceforcontext)) {
            if (array_key_exists($course->id, $this->mycourses)) {
                $coursenode = $this->mycourses[$course->id]->coursenode;
            } else {
@ -1857,9 +1857,15 @@ class global_navigation extends navigation_node {
     */
    public function add_course(stdClass $course, $forcegeneric = false) {
        global $CFG;
-        $canviewhidden = has_capability('moodle/course:viewhiddencourses', $this->page->context);
-        if ($course->id !== SITEID && !$canviewhidden && !$course->visible) {
-            return false;
+
+        if ($course->id != SITEID) {
+            if (!$course->visible) {
+                if (is_role_switched($course->id)) {
+                    // user has to be able to access course in order to switch, let's skip the visibility test here
+                } else if (!has_capability('moodle/course:viewhiddencourses', get_context_instance(CONTEXT_COURSE, $course->id))) {
+                    return false;
+                }
+            }
        }

        $issite = ($course->id == SITEID);
@ -2984,7 +2990,7 @@ class settings_navigation extends navigation_node {
            $availableroles = get_switchable_roles($coursecontext);
            if (is_array($availableroles)) {
                foreach ($availableroles as $key=>$role) {
-                    if ($assumedrole===(int)$key) {
+                    if ($assumedrole == (int)$key) {
                        continue;
                    }
                    $roles[$key] = $role;