Commit a6210651 authored by Petr Skoda's avatar Petr Skoda Committed by Andrew Nicols

MDL-57027 fix get_users_by_capability()

Change-Id: I98dc88784dfa0293f88a19c3d36e7a46a3f52672
parent 326cd6f6
......@@ -3647,11 +3647,11 @@ function get_users_by_capability(context $context, $capability, $fields = '', $s
AND roleid IN (".implode(',', array_keys($prohibited[$cap])) ."))";
} else {
$unions[] = "SELECT userid
FROM {role_assignments}
WHERE contextid IN ($ctxids)
AND roleid IN (".implode(',', array_keys($needed[$cap])) .")
AND roleid NOT IN (".implode(',', array_keys($prohibited[$cap])) .")";
$unions[] = "SELECT ra.userid
FROM {role_assignments} ra
LEFT JOIN {role_assignments} rap ON (rap.userid = ra.userid AND rap.contextid IN ($ctxids) AND rap.roleid IN (".implode(',', array_keys($prohibited[$cap])) ."))
WHERE ra.contextid IN ($ctxids) AND ra.roleid IN (".implode(',', array_keys($needed[$cap])) .")
AND rap.id IS NULL";
}
}
}
......
......@@ -2504,6 +2504,12 @@ class core_accesslib_testcase extends advanced_testcase {
assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $systemcontext, true);
// Prepare for prohibit test.
role_assign($allroles['editingteacher'], $testusers[19], context_system::instance());
role_assign($allroles['teacher'], $testusers[19], context_course::instance($testcourses[17]));
role_assign($allroles['editingteacher'], $testusers[19], context_course::instance($testcourses[17]));
assign_capability('moodle/course:update', CAP_PROHIBIT, $allroles['teacher'], context_course::instance($testcourses[17]), true);
accesslib_clear_all_caches_for_unit_testing(); /// Must be done after assign_capability().
// Extra tests for guests and not-logged-in users because they can not be verified by cross checking
......@@ -2527,6 +2533,14 @@ class core_accesslib_testcase extends advanced_testcase {
$this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[19]), $testusers[9]));
$this->assertFalse(has_capability('moodle/course:update', $systemcontext, $testusers[9]));
// Test prohibits.
$this->assertTrue(has_capability('moodle/course:update', context_system::instance(), $testusers[19]));
$ids = get_users_by_capability(context_system::instance(), 'moodle/course:update', 'u.id');
$this->assertArrayHasKey($testusers[19], $ids);
$this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[17]), $testusers[19]));
$ids = get_users_by_capability(context_course::instance($testcourses[17]), 'moodle/course:update', 'u.id');
$this->assertArrayNotHasKey($testusers[19], $ids);
// Test the list of enrolled users.
$coursecontext = context_course::instance($course1->id);
$enrolled = get_enrolled_users($coursecontext);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment