From 3394024466f31012345d04cc39856cd462e2402a Mon Sep 17 00:00:00 2001
From: Markus Heck <markus.heck@hs-kempten.de>
Date: Wed, 3 Apr 2024 18:49:02 +0200
Subject: [PATCH] revert the changes to create a default category if a user
 does not have the permission to upload a course in any category.

---
 classes/external/upload_course.php | 66 +-----------------------------
 1 file changed, 1 insertion(+), 65 deletions(-)

diff --git a/classes/external/upload_course.php b/classes/external/upload_course.php
index 8480d4c..35e1c79 100644
--- a/classes/external/upload_course.php
+++ b/classes/external/upload_course.php
@@ -66,7 +66,6 @@ public static function execute(int $category_id=null, $only_check_permissions=fa
         // get category id (if parameter is set, use this id, otherwise the first the user is allowed to restore courses in)
         if (empty($category_id)) {
             // this will definitely return a course category where the user has the permission to create courses
-            // TODO: this is dangerous, every user can get a course category where he can create courses in this way
             $category_id = self::get_category_id_where_user_can_create_courses();
         } else {
             // permission validation
@@ -74,8 +73,6 @@ public static function execute(int $category_id=null, $only_check_permissions=fa
             require_capability('moodle/restore:restorecourse', $context);
         }
 
-
-
         if ($only_check_permissions) {
             return array('data' => array(
                 'course_id' => -1,
@@ -163,77 +160,16 @@ public static function execute(int $category_id=null, $only_check_permissions=fa
 
     /**
      * Get the course category id of the first course category where the user has the capability create adler courses.
-     * If there is no such course category, create a new one and return its id.
      *
      * @throws moodle_exception
      */
     private static function get_category_id_where_user_can_create_courses(): string {
         $categories = core_course_category::make_categories_list('moodle/restore:restorecourse');
         if (count($categories) == 0) {
-            $category_id = self::create_category_user_can_create_courses_in();
+            throw new moodle_exception('not_allowed', 'local_adler', '', NULL, 'User does not have permission to upload course in any category');
         } else {
             $category_id = array_key_first($categories);
         }
         return $category_id;
     }
-
-    /**
-     * Get the course category id by its full path. E.g. "cat_name" or "cat_name / sub_cat_name" (note the spaces around the slash).
-     *
-     * @throws moodle_exception
-     */
-    private static function get_category_id_by_full_path(string $category_name) {
-        $categories = core_course_category::make_categories_list();
-        $key = array_search($category_name, $categories);
-        if ($key === false) {
-            throw new moodle_exception('category_not_found', 'local_adler');
-        }
-        return $key;
-    }
-
-    /**
-     * Create a new course category and grant the user permission to create adler courses in it.
-     *
-     * @return string category_id
-     * @throws moodle_exception
-     */
-    private static function create_category_user_can_create_courses_in(): string {
-        global $USER;
-
-        // create top level course category "adler" if it does not yet exist
-        try {
-            $category_id_adler = self::get_category_id_by_full_path('adler');  // TODO: make this category name configurable
-        } catch (moodle_exception $e) {
-            $category = core_course_category::create([
-                'name' => 'adler',  // TODO: make this category name configurable
-                'parent' => 0,
-                'visible' => 1,
-            ]);
-            $category_id_adler = $category->id;
-        }
-
-
-        // create course category for current user inside "adler" category
-        $course_category_name = "adler_" . $USER->username; // todo generate name, problem: duplicate names
-
-        try {
-            self::get_category_id_by_full_path('adler / '.$course_category_name);
-            throw new moodle_exception('category_already_exists', 'local_adler');
-        } catch (moodle_exception $e) {
-            // it is expected that the category does not exist and the exception is thrown
-        }
-
-        $category = core_course_category::create([
-            'name' => $course_category_name,
-            'parent' => $category_id_adler,
-        ]);
-
-        // grant user permission to create adler courses in the new
-        $context = context_coursecat::instance($category->id);
-//        $manager_role_id = get_all_roles()
-        role_assign(5, $USER->id, 0, $context->id);
-
-
-        return $category->id;
-    }
 }