Commit 51792df0 authored by toyomoyo's avatar toyomoyo
Browse files

adding capabilities

parent 46943f7b
......@@ -5349,7 +5349,7 @@
$course = get_record("course","id",$restore->course_id);
fix_course_sortorder();
//Make the user a teacher if the course hasn't teachers (bug 2381)
if (!isadmin()) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
if (!$checktea = get_records('user_teachers','course', $restore->course_id)) {
//Add the teacher to the course
$status = add_teacher($USER->id, $restore->course_id);
......
......@@ -37,7 +37,7 @@
$navbaritem = update_category_button($category->id);
$creatorediting = !empty($USER->categoryediting);
$adminediting = (isadmin() and $creatorediting);
$adminediting = (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID)) and $creatorediting);
} else {
if (!$category->visible) {
......@@ -49,7 +49,7 @@
}
if (isadmin()) {
if (has_capability('moodle/category:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
/// Rename the category if requested
if (!empty($rename) and confirm_sesskey()) {
$category->name = $rename;
......@@ -412,7 +412,7 @@
echo '<center>';
if (isadmin() and $numcourses > 1) { /// Print button to re-sort courses by name
if (has_capability('moodle/category:update', get_context_instance(CONTEXT_SYSTEM, SITEID)) and $numcourses > 1) { /// Print button to re-sort courses by name
unset($options);
$options['id'] = $category->id;
$options['resort'] = 'name';
......
......@@ -25,7 +25,7 @@
require_login();
}
if (isadmin()) {
if (has_capability('moodle/category:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
if ($categoryedit !== -1) {
$USER->categoryediting = $categoryedit;
}
......@@ -58,13 +58,15 @@
}
echo "<center>";
if (isloggedin() and !isguest() and !isadmin() and !iscreator()) { // Print link to request a new course
/// I am not sure this context in the next has_capability call is correct.
if (isloggedin() and !isguest() and !has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) { // Print link to request a new course
print_single_button("request.php", NULL, get_string("courserequest"), "get");
}
if (iscreator()) { // Print link to create a new course
print_single_button("edit.php", NULL, get_string("addnewcourse"), "get");
}
if (isadmin() and !empty($CFG->enablecourserequests)) {
if (has_capability('moodle/site:approvecourse' get_context_instance(CONTEXT_SYSTEM, SITEID)), and !empty($CFG->enablecourserequests)) {
print_single_button('pending.php',NULL, get_string('coursespending'),"get");
}
echo "</center>";
......
......@@ -43,7 +43,7 @@ function print_recent_selector_form($course, $advancedfilter=0, $selecteduser=0,
$users[$guest->id] = fullname($guest);
}
if (isadmin()) {
if (has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
if ($ccc = get_records("course", "", "", "fullname")) {
foreach ($ccc as $cc) {
if ($cc->category) {
......@@ -144,7 +144,7 @@ function print_recent_selector_form($course, $advancedfilter=0, $selecteduser=0,
echo "<center>";
echo "<table>";
if (isadmin()) {
if (has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
echo "<tr><td><b>" . get_string("courses") . "</b></td><td>";
choose_from_menu ($courses, "id", $course->id, "");
echo "</td></tr>";
......@@ -2090,7 +2090,9 @@ function course_allowed_module($course,$mod) {
if (empty($course->restrictmodules)) {
return true;
}
if (isadmin()) {
// i am not sure this capability is correct
if (has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
return true;
}
if (is_numeric($mod)) {
......
......@@ -8,9 +8,7 @@
require_login();
if (!isadmin()) {
error("Only the admin can use this page");
}
require_capability('moodle/site:approvecourse', get_context_instance(CONTEXT_SYSTEM, SITEID));
$approve = optional_param('approve', 0, PARAM_INT);
$reject = optional_param('reject', 0, PARAM_INT);
......
......@@ -10,7 +10,8 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate='today'
if ($numcourses < COURSE_MAX_COURSES_PER_DROPDOWN && !$showcourses) {
$showcourses = 1;
}
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
$context = get_context_instance(CONTEXT_COURSE, $course->id);
/// Setup for group handling.
......@@ -55,7 +56,7 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate='today'
}
}
if (isadmin() && $showcourses) {
if (has_capability('moodle/site:viewreports', $sitecontext) && $showcourses) {
if ($ccc = get_records("course", "", "", "fullname","id,fullname,category")) {
foreach ($ccc as $cc) {
if ($cc->category) {
......@@ -102,7 +103,7 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate='today'
}
}
if (isadmin() && !$course->category) {
if (has_capability('moodle/site:viewreports', $sitecontext) && !$course->category) {
$activities["site_errors"] = get_string("siteerrors");
if ($modid === "site_errors") {
$selectedactivity = "site_errors";
......@@ -156,14 +157,14 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate='today'
echo "<input type=\"hidden\" name=\"chooselog\" value=\"1\" />\n";
echo "<input type=\"hidden\" name=\"showusers\" value=\"$showusers\" />\n";
echo "<input type=\"hidden\" name=\"showcourses\" value=\"$showcourses\" />\n";
if (isadmin() && $showcourses) {
if (has_capability('moodle/site:viewreports', $sitecontext) && $showcourses) {
choose_from_menu ($courses, "id", $course->id, "");
} else {
// echo '<input type="hidden" name="id" value="'.$course->id.'" />';
$courses = array();
$courses[$course->id] = $course->fullname . ((empty($course->category)) ? ' (Site) ' : '');
choose_from_menu($courses,"id",$course->id,false);
if (isadmin()) {
if (has_capability('moodle/site:viewreports', $sitecontext)) {
$a->url = "$CFG->wwwroot/course/report/log/index.php?chooselog=0&group=$selectedgroup&user=$selecteduser"
."&id=$course->id&date=$selecteddate&modid=$selectedactivity&showcourses=1&showusers=$showusers";
print_string('logtoomanycourses','moodle',$a);
......
......@@ -21,7 +21,7 @@
$options = array();
$options[STATS_MODE_GENERAL] = get_string('statsmodegeneral');
$options[STATS_MODE_DETAILED] = get_string('statsmodedetailed');
if (isadmin()) {
if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$options[STATS_MODE_RANKED] = get_string('reports');
}
......
<?php
// all queries on teacher table will break (i mean already broken)
$courses = get_courses('all','c.shortname','c.id,c.shortname,c.fullname');
$courseoptions = array();
......@@ -24,7 +26,7 @@
$param = stats_get_parameters($time,null,$course->id,$mode); // we only care about the table and the time string.
$sql = 'SELECT DISTINCT s.userid,s.roleid,u.firstname,u.lastname,u.idnumber FROM '.$CFG->prefix.'stats_user_'.$param->table.' s JOIN '.$CFG->prefix.'user u ON u.id = s.userid '
.'WHERE courseid = '.$course->id.' AND timeend >= '.$param->timeafter . ((!empty($param->stattype)) ? ' AND stattype = \''.$param->stattype.'\'' : '');
if (!isadmin()) {
if (!has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$sql .= ' AND (s.roleid = 1 OR s.userid = '.$USER->id .")";
}
$sql .= " ORDER BY s.roleid ";
......@@ -47,7 +49,7 @@
$users[$u->userid] = $role.' - '.fullname($u,true);
}
if (empty($time)) {
if (isadmin()) {
if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$sql = 'SELECT t.userid,u.firstname,u.lastname,u.idnumber,1 AS roleid FROM '.$CFG->prefix.'user_teachers t JOIN '.$CFG->prefix.'user u ON u.id = t.userid WHERE course = '.$course->id;
$moreusers = get_records_sql($sql);
foreach ($moreusers as $u) {
......
......@@ -67,7 +67,7 @@ function string_file_picture_algebra($imagefile, $tex= "", $height="", $width=""
$width = "width=\"$width\"";
}
if ($imagefile) {
if (!file_exists("$CFG->dataroot/$CFG->algebrafilterdir/$imagefile") && isadmin()) {
if (!file_exists("$CFG->dataroot/$CFG->algebrafilterdir/$imagefile") && has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$output .= "<a href=\"$CFG->wwwroot/$CFG->algebrafilterdir/algebradebug.php\">";
} else {
$output .= "<a target=\"popup\" title=\"TeX\" href=";
......
......@@ -60,7 +60,7 @@ function string_file_picture_tex($imagefile, $tex= "", $height="", $width="", $a
$width = "width=\"$width\"";
}
if ($imagefile) {
if (!file_exists("$CFG->dataroot/$CFG->texfilterdir/$imagefile") && isadmin()) {
if (!file_exists("$CFG->dataroot/$CFG->texfilterdir/$imagefile") && has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$output .= "<a href=\"$CFG->wwwroot/$CFG->texfilterdir/texdebug.php\">";
} else {
$output .= "<a target=\"popup\" title=\"TeX\" href=";
......
......@@ -48,7 +48,7 @@
require_login();
}
if (isadmin()) {
if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
if (moodle_needs_upgrading()) {
redirect($CFG->wwwroot .'/'. $CFG->admin .'/index.php');
}
......@@ -181,10 +181,10 @@
case FRONTPAGECOURSELIST:
if (isloggedin() and !isadmin() and !isguest() and empty($CFG->disablemycourses)) {
if (isloggedin() and !has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID)) and !isguest() and empty($CFG->disablemycourses)) {
print_heading_block(get_string('mycourses'));
print_my_moodle();
} else if ((!isadmin() and !isguest()) or (count_records('course') <= FRONTPAGECOURSELIMIT)) {
} else if ((!has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID)) and !isguest()) or (count_records('course') <= FRONTPAGECOURSELIMIT)) {
// admin should not see list of courses when there are too many of them
print_heading_block(get_string('availablecourses'));
print_courses(0, '100%', true);
......@@ -219,9 +219,9 @@
echo '</td>';
// The right column
if (blocks_have_content($pageblocks, BLOCK_POS_RIGHT) || $editing || isadmin()) {
if (blocks_have_content($pageblocks, BLOCK_POS_RIGHT) || $editing || has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
echo '<td style="width: '.$preferred_width_right.'px;" id="right-column">';
if (isadmin()) {
if (has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
echo '<div align="center">'.update_course_icon($SITE->id).'</div>';
echo '<br />';
}
......
......@@ -1734,7 +1734,7 @@ function count_login_failures($mode, $username, $lastlogin) {
$select = 'module=\'login\' AND action=\'error\' AND time > '. $lastlogin;
if (isadmin()) { // Return information about all accounts
if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) { // Return information about all accounts
if ($count->attempts = count_records_select('log', $select)) {
$count->accounts = count_records_select('log', $select, 'COUNT(DISTINCT info)');
return $count;
......
......@@ -88,6 +88,34 @@ $moodle_capabilities = array(
)
),
'moodle/site:readallmessages' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_PREVENT,
'editingteacher' => CAP_PREVENT,
'coursecreator' => CAP_PREVENT,
'admin' => CAP_ALLOW
)
),
'moodle/site:approvecourse' => array(
'captype' => 'write',
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'guest' => CAP_PREVENT,
'student' => CAP_PREVENT,
'teacher' => CAP_PREVENT,
'editingteacher' => CAP_PREVENT,
'coursecreator' => CAP_PREVENT,
'admin' => CAP_ALLOW
)
),
'moodle/site:import' => array(
'captype' => 'write',
......
......@@ -301,7 +301,7 @@ class page_base {
// is this page always editable, regardless of anything else?
function edit_always() {
return (isadmin() && defined('ADMIN_STICKYBLOCKS'));
return (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS'));
}
}
......@@ -352,7 +352,7 @@ class page_course extends page_base {
// When is a user said to have "editing rights" in this page? This would have something
// to do with roles, in the future.
function user_allowed_editing() {
if (isadmin() && defined('ADMIN_STICKYBLOCKS')) {
if (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')) {
return true;
}
return isteacheredit($this->id);
......@@ -361,7 +361,7 @@ class page_course extends page_base {
// Is the user actually editing this page right now? This would have something
// to do with roles, in the future.
function user_is_editing() {
if (isadmin() && defined('ADMIN_STICKYBLOCKS')) {
if (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')) {
return true;
}
return isediting($this->id);
......
......@@ -820,13 +820,13 @@ function stats_get_report_options($courseid,$mode) {
case STATS_MODE_DETAILED:
$reportoptions[STATS_REPORT_USER_ACTIVITY] = get_string('statsreport'.STATS_REPORT_USER_ACTIVITY);
$reportoptions[STATS_REPORT_USER_ALLACTIVITY] = get_string('statsreport'.STATS_REPORT_USER_ALLACTIVITY);
if (isadmin()) {
if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$site = get_site();
$reportoptions[STATS_REPORT_USER_LOGINS] = get_string('statsreport'.STATS_REPORT_USER_LOGINS);
}
break;
case STATS_MODE_RANKED:
if (isadmin()) {
if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$reportoptions[STATS_REPORT_ACTIVE_COURSES] = get_string('statsreport'.STATS_REPORT_ACTIVE_COURSES);
$reportoptions[STATS_REPORT_ACTIVE_COURSES_WEIGHTED] = get_string('statsreport'.STATS_REPORT_ACTIVE_COURSES_WEIGHTED);
$reportoptions[STATS_REPORT_PARTICIPATORY_COURSES] = get_string('statsreport'.STATS_REPORT_PARTICIPATORY_COURSES);
......
......@@ -2109,7 +2109,7 @@ function print_header ($title='', $heading='', $navigation='', $focus='',
} else {
$menu .= get_string('failedloginattemptsall', '', $count);
}
if (isadmin()) {
if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$menu .= ' (<a href="'.$CFG->wwwroot.'/course/report/log/index.php'.
'?chooselog=1&amp;id=1&amp;modid=site_errors">'.get_string('logs').'</a>)';
}
......@@ -2635,7 +2635,7 @@ function print_navigation ($navigation, $return=false) {
}
$navigation = '<li title="'.$nav_text.'"><img src="'.$CFG->pixpath.'/a/r_breadcrumb.gif" class="resize" alt="" /> '
.str_replace('->', '</li><li title="'.$nav_text.'"><img src="'.$CFG->pixpath.'/a/r_breadcrumb.gif" class="resize" alt="" /> ', $navigation)."</li>\n";
$output .= '<li class="first"><a target="'. $CFG->framename .'" href="'. $CFG->wwwroot.((!isadmin() && !empty($USER->id) && !empty($CFG->mymoodleredirect) && !isguest())
$output .= '<li class="first"><a target="'. $CFG->framename .'" href="'. $CFG->wwwroot.((!has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID)) && !empty($USER->id) && !empty($CFG->mymoodleredirect) && !isguest())
? '/my' : '') .'/">'. $site->shortname ."</a></li>\n". $navigation;
$output .= "</ul>\n";
}
......
......@@ -140,10 +140,10 @@ function validate_form($frm, &$err) {
if (empty($frm->username)){
$err->username = get_string('missingusername');
} else {
if (!isadmin() and empty($frm->password)){
if (!has_capability('moodle/user:update',get_context_instance(CONTEXT_SYSTEM, SITEID)) and empty($frm->password)){
$err->password = get_string('missingpassword');
} else {
if (!isadmin()) {
if (!has_capability('moodle/user:update',get_context_instance(CONTEXT_SYSTEM, SITEID))) {
//require non adminusers to give valid password
if(!$validpw) {
$err->password = get_string('wrongpassword');
......@@ -169,7 +169,7 @@ function validate_form($frm, &$err) {
if ($frm->newpassword1 <> $frm->newpassword2) {
$err->newpassword2 = get_string('passwordsdiffer');
} else {
if(!isadmin() and ($frm->password === $frm->newpassword1)){
if(!has_capability('moodle/user:update',get_context_instance(CONTEXT_SYSTEM, SITEID)) and ($frm->password === $frm->newpassword1)){
$err->newpassword1 = get_string('mustchangepassword');
}
}
......
......@@ -26,7 +26,7 @@
<tr valign="top">
<td><?php print_string("username") ?>:</td>
<td>
<?php if (isadmin() || empty($frm->username)) { ?>
<?php if (has_capability('moodle/user:update',get_context_instance(CONTEXT_SYSTEM, SITEID)) || empty($frm->username)) { ?>
<input type="text" name="username" size="25" value="<?php p($frm->username) ?>" alt="<?php print_string("username") ?>" />
<?php } else { ?>
<input type="hidden" name="username" value="<?php p($frm->username)?>" /> <?php p($frm->username)?>
......@@ -35,7 +35,7 @@
</td>
</tr>
<?php if (!isadmin()) { ?>
<?php if (!ihas_capability('moodle/user:update',get_context_instance(CONTEXT_SYSTEM, SITEID))) { ?>
<tr valign="top">
<td><?php print_string("oldpassword") ?>:</td>
<td><input type="password" name="password" size="25" value="<?php p($frm->password) ?>" alt="<?php print_string("password") ?>" />
......
......@@ -180,7 +180,7 @@
}
/// Go to my-moodle page instead of homepage if mymoodleredirect enabled
if (!isadmin() and !empty($CFG->mymoodleredirect) and !isguest()) {
if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM, SITEID)) and !empty($CFG->mymoodleredirect) and !isguest()) {
if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
$urltogo = $CFG->wwwroot.'/my/';
}
......
......@@ -20,7 +20,7 @@
error("User ID 1 was incorrect");
}
if (isadmin()) { // Able to see any discussion
if (has_capability('moodle/site:readmessages', get_context_instance(CONTEXT_SYSTEM, SITEID))) { // Able to see any discussion
$userid2 = optional_param('user2', $USER->id, PARAM_INT);
if (! $user2 = get_record("user", "id", $userid2)) { // Check
error("User ID 2 was incorrect");
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment