blocks/admin_tree: Show the block if some admin privs present...

Dan Poltawski said: > Previously users with different permissions could have granular > access to the admin menu for the items they have access to, so > limiting to only users with moodle/site:config would break that. > Although I agree that that menu is slowww to render and needs > fixing. Perhaps permissions for the various elements could be > gathered and checked first This commit addresses the problem checking for all the caps that are mentioned by code in /admin (according to grep, at least). Some light testing with the "moodle/user:create" seems to work properly. This burdens us with maintaining the list in has_admin_caps() -- less than ideal, but easier than rewriting /admin.
2025-01-31 12:45:04 +01:00 · 2007-09-19 07:46:24 +00:00 · 2007-09-19 07:46:24 +00:00 · 0146bd4190
commit 0146bd4190
parent 18b1d84820
1 changed files with 25 additions and 7 deletions
--- a/blocks/admin_tree/block_admin_tree.php
+++ b/blocks/admin_tree/block_admin_tree.php
@ -22,7 +22,7 @@ class block_admin_tree extends block_base {
    }

    function applicable_formats() {
-        if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM))) {
+        if ($this->has_admin_caps()) {
            return array('site' => true, 'admin' => true);
        } else {
            return array('site' => true);
@ -98,17 +98,17 @@ class block_admin_tree extends block_base {

    function get_content() {

-        global $CFG, $ADMIN;
-
-        if (!has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM))) {
-            $this->content = '';
-            return '';
-        }
+        global $CFG;

        if ($this->content !== NULL) {
            return $this->content;
        }

+        if (!($this->has_admin_caps())) {
+            $this->content = '';
+            return '';
+        }
+
        require_once($CFG->libdir.'/adminlib.php');
        $adminroot = admin_get_root();

@ -213,6 +213,24 @@ class block_admin_tree extends block_base {
        return $this->content;

    }
+
+    /* Return true
+     * if $USER has any caps that mean we should
+     * display this block...
+     */
+    function has_admin_caps() {
+
+        $sysctx = get_context_instance(CONTEXT_SYSTEM);
+
+        return (has_capability('moodle/site:config',          $sysctx)
+                || has_capability('moodle/site:langeditmaster',  $sysctx)
+                || has_capability('moodle/site:langeditlocal',   $sysctx)
+                || has_capability('moodle/site:manageblocks',    $sysctx)
+                || has_capability('moodle/user:delete',          $sysctx)
+                || has_capability('moodle/user:update',          $sysctx)
+                || has_capability('moodle/user:create',          $sysctx)
+                || has_capability('moodle/site:readallmessages', $sysctx));
+    }
 }

 ?>