Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Search area for received messages.
  19   *
  20   * @package    core_message
  21   * @copyright  2016 Devang Gaur
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  namespace core_message\search;
  25  
  26  
  27  defined('MOODLE_INTERNAL') || die();
  28  
  29  /**
  30   * Search area for received messages.
  31   *
  32   * @package    core_message
  33   * @copyright  2016 Devang Gaur
  34   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  35   */
  36  class message_received extends base_message {
  37  
  38      /**
  39       * Returns a recordset with the messages for indexing.
  40       *
  41       * @param int $modifiedfrom
  42       * @param \context|null $context Optional context to restrict scope of returned results
  43       * @return moodle_recordset|null Recordset (or null if no results)
  44       */
  45      public function get_document_recordset($modifiedfrom = 0, \context $context = null) {
  46          return $this->get_document_recordset_helper($modifiedfrom, $context, 'useridto');
  47      }
  48  
  49      /**
  50       * Returns the document associated with this message record.
  51       *
  52       * @param stdClass $record
  53       * @param array    $options
  54       * @return \core_search\document
  55       */
  56      public function get_document($record, $options = array()) {
  57          return parent::get_document($record, array('user1id' => $record->useridto, 'user2id' => $record->useridfrom));
  58      }
  59  
  60      /**
  61       * Whether the user can access the document or not.
  62       *
  63       * @param int $id The message instance id.
  64       * @return int
  65       */
  66      public function check_access($id) {
  67          global $CFG, $DB, $USER;
  68  
  69          if (!$CFG->messaging) {
  70              return \core_search\manager::ACCESS_DENIED;
  71          }
  72  
  73          $sql = "SELECT m.*, mcm.userid as useridto
  74                    FROM {messages} m
  75              INNER JOIN {message_conversations} mc
  76                      ON m.conversationid = mc.id
  77              INNER JOIN {message_conversation_members} mcm
  78                      ON mcm.conversationid = mc.id
  79                   WHERE mcm.userid != m.useridfrom
  80                     AND m.id = :id";
  81          $message = $DB->get_record_sql($sql, array('id' => $id));
  82          if (!$message) {
  83              return \core_search\manager::ACCESS_DELETED;
  84          }
  85  
  86          $userfrom = \core_user::get_user($message->useridfrom, 'id, deleted');
  87          $userto = \core_user::get_user($message->useridto, 'id, deleted');
  88  
  89          if (!$userfrom || !$userto || $userfrom->deleted || $userto->deleted) {
  90              return \core_search\manager::ACCESS_DELETED;
  91          }
  92  
  93          if ($USER->id != $userto->id) {
  94              return \core_search\manager::ACCESS_DENIED;
  95          }
  96  
  97          $usertodeleted = $DB->record_exists('message_user_actions', ['messageid' => $id, 'userid' => $message->useridto,
  98              'action' => \core_message\api::MESSAGE_ACTION_DELETED]);
  99          if ($usertodeleted) {
 100              return \core_search\manager::ACCESS_DELETED;
 101          }
 102  
 103          return \core_search\manager::ACCESS_GRANTED;
 104      }
 105  
 106  }