Merge pull request #5727 from christianbeeznest/ofaj-21805-2

Course: Fix non-authenticated course 'about' page error and add subscription validation - refs BT#21805

Author: christianbeeznest

public/main/auth/inscription.php

@@ -174,6 +174,16 @@
 $exercise_redirect = isset($_REQUEST['e']) && !empty($_REQUEST['e']) ? $_REQUEST['e'] : null;
 
 if (!empty($course_code_redirect)) {
+    if (!api_is_anonymous()) {
+        $course_info = api_get_course_info($course_code_redirect);
+        $subscribed = CourseManager::autoSubscribeToCourse($course_code_redirect);
+        if ($subscribed) {
+            header('Location: ' . api_get_path(WEB_PATH) . 'course/'.$course_info['real_id'].'/home?sid=0');
+        } else {
+            header('Location: ' . api_get_path(WEB_PATH) . 'course/'.$course_info['real_id'].'/about');
+        }
+        exit;
+    }
     Session::write('course_redirect', $course_code_redirect);
     Session::write('exercise_redirect', $exercise_redirect);
 }

public/main/inc/lib/course.lib.php

@@ -684,6 +684,82 @@ public static function autoSubscribeToCourse($courseCode, $status = STUDENT)
         return self::subscribeUser($userId, $course->getId(), $status, 0);
     }
 
+    /**
+     * Checks if the current user can subscribe to a given course.
+     */
+    public static function canUserSubscribeToCourse(string $courseCode): bool
+    {
+        if (api_is_anonymous()) {
+            return false;
+        }
+
+        $course = Container::getCourseRepository()->findOneBy(['code' => $courseCode]);
+
+        if (null === $course) {
+            return false;
+        }
+
+        $visibility = (int) $course->getVisibility();
+
+        if (in_array($visibility, [
+            Course::CLOSED,
+            Course::HIDDEN,
+        ])) {
+            return false;
+        }
+
+        if (Course::REGISTERED === $visibility && false === $course->getSubscribe()) {
+            return false;
+        }
+
+        $userId = api_get_user_id();
+
+        $sql = "SELECT * FROM ".Database::get_main_table(TABLE_MAIN_COURSE_USER)."
+            WHERE
+                user_id = $userId AND
+                relation_type <> ".COURSE_RELATION_TYPE_RRHH." AND
+                c_id = ".$course->getId();
+        if (Database::num_rows(Database::query($sql)) > 0) {
+            return false;
+        }
+
+        if (SUBSCRIBE_NOT_ALLOWED === (int) $course->getSubscribe()) {
+            return false;
+        }
+
+        $extraFieldValue = new ExtraFieldValue('course');
+        $value = $extraFieldValue->get_values_by_handler_and_field_variable(
+            $course->getId(),
+            'max_subscribed_students'
+        );
+        if (!empty($value) && isset($value['value']) && '' !== $value['value']) {
+            $maxStudents = (int) $value['value'];
+            $count = CourseManager::get_user_list_from_course_code(
+                $courseCode,
+                0,
+                null,
+                null,
+                STUDENT,
+                true,
+                false
+            );
+
+            if ($count >= $maxStudents) {
+                return false;
+            }
+        }
+
+        if ('true' === api_get_setting('session.catalog_course_subscription_in_user_s_session')) {
+            $user = api_get_user_entity($userId);
+            $sessions = $user->getCurrentlyAccessibleSessions();
+            if (empty($sessions) && $user->getSessionsAsStudent()) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
     /**
      * Subscribe a user to a course. No checks are performed here to see if
      * course subscription is allowed.

src/CoreBundle/Controller/CourseController.php

@@ -466,19 +466,7 @@ public function about(
             $subscriptionUser = CourseManager::is_user_subscribed_in_course($user->getId(), $course->getCode());
         }
 
-        /*$allowSubscribe = false;
-        if ($course->getSubscribe() || api_is_platform_admin()) {
-            $allowSubscribe = true;
-        }
-        $plugin = \BuyCoursesPlugin::create();
-        $checker = $plugin->isEnabled();
-        $courseIsPremium = null;
-        if ($checker) {
-            $courseIsPremium = $plugin->getItemByProduct(
-                $courseId,
-                \BuyCoursesPlugin::PRODUCT_TYPE_COURSE
-            );
-        }*/
+        $allowSubscribe = CourseManager::canUserSubscribeToCourse($course->getCode());
 
         $image = Container::getIllustrationRepository()->getIllustrationUrl($course, 'course_picture_medium');
 
@@ -499,6 +487,7 @@ public function about(
             'is_premium' => '',
             'token' => '',
             'base_url' => $request->getSchemeAndHttpHost(),
+            'allow_subscribe' => $allowSubscribe,
         ];
 
         $metaInfo = '<meta property="og:url" content="'.$urlCourse.'" />';

src/CoreBundle/Resources/views/Course/about.html.twig

@@ -79,7 +79,7 @@
                         <div class="bg-white shadow rounded p-4">
                             <h3 class="sub-title text-xl font-bold mb-3">{{ "Course Information"|trans }}</h3>
                             <div class="course-information">
-                                <!-- Añade aquí la información del curso -->
+                                {{ description | raw }}
                             </div>
                         </div>
                     </div>
@@ -91,14 +91,18 @@
                                 <div class="session-subscribe mt-2">
                                     {% if not is_granted('IS_AUTHENTICATED') %}
                                         {% if 'allow_registration'|api_get_setting != 'false' %}
-                                            <a href="{{ base_url ~ '/main/auth/inscription.php' ~ redirect_to_session }}" class="btn btn--success w-full py-2 mt-2 text-white bg-green-600 rounded hover:bg-green-700">
+                                            <a href="{{ base_url ~ '/main/auth/inscription.php?c=' ~ course.code }}" class="btn btn--success w-full py-2 mt-2 text-white bg-green-600 rounded hover:bg-green-700">
                                                 <i class="fa fa-pencil" aria-hidden="true"></i> {{ 'Sign Up'|trans }}
                                             </a>
                                         {% endif %}
                                     {% elseif subscription %}
-                                        <a href="{{ url('home') }}courses/{{ course.code }}/index.php?sid=0" class="btn btn--success w-full py-2 mt-2 text-white bg-green-600 rounded hover:bg-green-700">{{ 'Course Homepage'|trans }}</a>
+                                        <a href="{{ base_url }}/course/{{ course.id }}/home?sid=0" class="btn btn--success w-full py-2 mt-2 text-white bg-green-600 rounded hover:bg-green-700">{{ 'Course Homepage'|trans }}</a>
+                                    {% elseif allow_subscribe %}
+                                        <a href="{{ base_url }}/main/auth/inscription.php?c={{ course.code }}" class="btn btn--success w-full py-2 mt-2 text-white bg-green-600 rounded hover:bg-green-700">{{ 'Subscribe'|trans }}</a>
                                     {% else %}
-                                        <a href="{{ url('home') }}courses/{{ course.code }}/index.php?action=subscribe&sec_token={{ token }}" class="btn btn--success w-full py-2 mt-2 text-white bg-green-600 rounded hover:bg-green-700">{{ 'Subscribe'|trans }}</a>
+                                        <button class="btn btn--success w-full py-2 mt-2 text-white bg-gray-400 rounded" title="{{ 'Subscription is not allowed for this course'|trans }}" disabled>
+                                            {{ 'Subscription Not Available'|trans }}
+                                        </button>
                                     {% endif %}
                                 </div>
                             {% else %}