Admin: Add config hide_breadcrumb_if_not_allowed BT#18892

- If the user is blocked with not allowed (red message),
then the breadcrumb is hidden.

Adds more checks if course doesn't exists inside a session.

Author: jmontoyaa

main/inc/lib/api.lib.php

@@ -1186,6 +1186,7 @@ function api_protect_course_script($print_headers = false, $allow_session_admins
     }
 
     $isAllowedInCourse = api_is_allowed_in_course();
+
     $is_visible = false;
     if (isset($course_info) && isset($course_info['visibility'])) {
         switch ($course_info['visibility']) {
@@ -1247,6 +1248,11 @@ function api_protect_course_script($print_headers = false, $allow_session_admins
         if (!$isAllowedInCourse) {
             $is_visible = false;
         }
+
+        // Check if course is inside session.
+        if (!SessionManager::relation_session_course_exist($session_id, $course_info['real_id'])) {
+            $is_visible = false;
+        }
     }
 
     if (!$is_visible) {
@@ -3935,7 +3941,12 @@ function api_not_allowed(
         $show_headers = 1;
     }
 
-    $tpl = new Template(null, $show_headers, $show_headers, false, true, false, true, $responseCode);
+    $hideBreadCrumb = false;
+    if (api_get_configuration_value('hide_breadcrumb_if_not_allowed')) {
+        $hideBreadCrumb = true;
+    }
+
+    $tpl = new Template(null, $show_headers, $show_headers, $hideBreadCrumb, true, false, true, $responseCode);
     $tpl->assign('hide_login_link', 1);
     $tpl->assign('content', $msg);
 

main/inc/local.inc.php

@@ -1300,8 +1300,22 @@
 
         // We are in a session course? Check session permissions
         if (!empty($session_id)) {
-            if (!empty($session_id) && !empty($_course)) {
+            if (!empty($_course)) {
                 if (!SessionManager::relation_session_course_exist($session_id, $_course['real_id'])) {
+                    // Deleting all access.
+                    Session::erase('session_name');
+                    Session::erase('id_session');
+                    Session::erase('_real_cid');
+                    Session::erase('_cid');
+                    Session::erase('_course');
+                    Session::erase('_gid');
+                    Session::erase('is_courseAdmin');
+                    Session::erase('is_courseMember');
+                    Session::erase('is_courseTutor');
+                    Session::erase('is_session_general_coach');
+                    Session::erase('is_allowed_in_course');
+                    Session::erase('is_sessionAdmin');
+
                     api_not_allowed(true);
                 }
             }

main/install/configuration.dist.php

@@ -1955,6 +1955,9 @@
 // Requires a user checkbox extra field called "ask_new_password".
 //$_configuration['force_renew_password_at_first_login'] = true;
 
+// If the user is blocked with not allowed (red message), then the breadcrumb is hidden.
+//$_configuration['hide_breadcrumb_if_not_allowed'] = true;
+
 // KEEP THIS AT THE END
 // -------- Custom DB changes
 // Add user activation by confirmation email