mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-17 21:49:15 +01:00
Code Issues Projects Releases Wiki Activity

adding capabilitiies

Browse Source
This commit is contained in:
toyomoyo 2006-09-13 09:08:14 +00:00
parent bd963c1c7e
commit 17d6a25e5c
24 changed files with 44 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backup/backup_execute.html
View File

@ -9,7 +9,7 @@
if (empty($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
} else {
if (!isteacheredit($to)) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $to))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}

4
backup/restore_check.html
View File

@ -175,7 +175,7 @@
print_heading(get_string("choosecourse"));
print_simple_box_start("center");
foreach ($courses as $course) {
if (!isteacheredit($course->id)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $course->id))) {
continue;
}
if (empty($course->visible)) {
@ -195,7 +195,7 @@
//Final access control check
if ($restore->course_id == 0 and !has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be a creator or admin to restore into new course!");
} else if ($restore->course_id != 0 and !isteacheredit($restore->course_id)) {
} else if ($restore->course_id != 0 and !has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $restore->course_id))) {
error("You need to be an edit teacher or admin to restore into selected course!");
}
$show_continue_button = true;

2
blocks/news_items/block_news_items.php
View File

@ -35,7 +35,7 @@ class block_news_items extends block_base {
/// First work out whether we can post to this group and if so, include a link
if (isteacheredit($COURSE->id)) { /// Teachers can always post
if (has_capability('moodle/site:accessallgroups', get_context_instance(CONTEXT_COURSE, $COURSE->id))) { /// Teachers can always post
$visiblegroups = -1;
$text .= '<div align="center" class="newlink"><a href="'.$CFG->wwwroot.'/mod/forum/post.php?forum='.$forum->id.'">'.

2
course/category.php
View File

@ -366,7 +366,7 @@
echo '<input type="checkbox" name="c'.$acourse->id.'" />';
$abletomovecourses = true;
} else if (isteacheredit($acourse->id)) {
} else if (has_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $acourse->id))) {
echo '<td>';
echo '<a title="'.$strsettings.'" href="'.$CFG->wwwroot.'/course/edit.php?id='.$acourse->id.'">'.
'<img src="'.$CFG->pixpath.'/t/edit.gif" height="11" width="11" border="0" alt="'.$strsettings.'" /></a> ';

4
course/reset.php
View File

@ -15,9 +15,7 @@ The feature will also reset the start date of the course if necessary.
error("Course is misconfigured");
}
if (!isteacheredit($course->id)) {
error('Only editing teachers can use this script');
}
require_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $course->id));
$strreset = get_string('reset');
$strresetcourse = get_string('resetcourse');

2
course/scales.php
View File

@ -319,7 +319,7 @@
if ($scales = get_records("scale", "courseid", "$course->id", "name ASC")) {
print_heading($strcustomscales);
if (isteacheredit($course->id)) {
if (has_capability('moodle/course:managescales', get_context_instance(CONTEXT_COURSE, $course->id))) {
echo "<p align=\"center\">(";
print_string("scalestip");
echo ")</p>";

2
course/student.php
View File

@ -1,6 +1,6 @@
<?php // $Id$
// Script to assign students to courses
//deprecated, should use admin/roles/assign.php now
require_once("../config.php");
define("MAX_USERS_PER_PAGE", 5000);

6
files/index.php
View File

@ -35,9 +35,7 @@
require_login($course->id);
if (! isteacheredit($course->id) ) {
error("You need to be a teacher with editing privileges");
}
require_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $course->id));
function html_footer() {
global $course, $choose;
@ -798,7 +796,7 @@ function displaydir ($wdir) {
} else if ($icon == "zip.gif") {
$edittext .= "<a href=\"index.php?id=$id&amp;wdir=$wdir&amp;file=$fileurl&amp;action=unzip&amp;sesskey=$USER->sesskey&amp;choose=$choose\">$strunzip</a>&nbsp;";
$edittext .= "<a href=\"index.php?id=$id&amp;wdir=$wdir&amp;file=$fileurl&amp;action=listzip&amp;sesskey=$USER->sesskey&amp;choose=$choose\">$strlist</a> ";
if (!empty($CFG->backup_version) and isteacheredit($id)) {
if (!empty($CFG->backup_version) and has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) {
$edittext .= "<a href=\"index.php?id=$id&amp;wdir=$wdir&amp;file=$filesafe&amp;action=restore&amp;sesskey=$USER->sesskey&amp;choose=$choose\">$strrestore</a> ";
}
}

16
lib/accesslib.php
View File

@ -850,6 +850,13 @@ function moodle_install_roles() {
if (in_array($CFG->prefix.'user_teachers', $dbtables)) {
if ($userteachers = get_records('user_teachers')) {
foreach ($userteachers as $teacher) {
// populate the user_lastaccess table
unset($access);
$access->timeaccess = $teacher->timeaccess;
$access->userid = $teacher->userid;
$access->courseid = $teacher->course;
insert_record('user_lastaccess', $access);
// assign the default student role
$coursecontext = get_context_instance(CONTEXT_COURSE, $teacher->course); // needs cache
if ($teacher->editall) { // editting teacher
role_assign($editteacherrole, $teacher->userid, 0, $coursecontext->id);
@ -866,7 +873,14 @@ function moodle_install_roles() {
*/
if (in_array($CFG->prefix.'user_students', $dbtables)) {
if ($userstudents = get_records('user_students')) {
foreach ($userstudents as $student) {
foreach ($userstudents as $student) {
// populate the user_lastaccess table
unset($access);
$access->timeaccess = $student->timeaccess;
$access->userid = $student->userid;
$access->courseid = $student->course;
insert_record('user_lastaccess', $access);
// assign the default student role
$coursecontext = get_context_instance(CONTEXT_COURSE, $student->course);
role_assign($studentrole, $student->userid, 0, $coursecontext->id);
}

4
lib/editor/htmlarea/coursefiles.php
View File

@ -32,9 +32,7 @@
require_login($course->id);
if (! isteacheredit($course->id) ) {
error("Only teachers can edit files");
}
require_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id));
function html_footer() {
echo "\n\n</body>\n</html>";

4
lib/pagelib.php
View File

@ -355,7 +355,7 @@ class page_course extends page_base {
if (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')) {
return true;
}
return isteacheredit($this->id);
return has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_COURSE, $this->id));
}
// Is the user actually editing this page right now? This would have something
@ -580,7 +580,7 @@ class page_generic_activity extends page_base {
function user_allowed_editing() {
$this->init_full();
return isteacheredit($this->modulerecord->course);
return has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_COURSE, $this->modulerecord->course));
}
function user_is_editing() {

2
mod/quiz/editlib.php
View File

@ -229,7 +229,7 @@ function quiz_print_question_list($quiz, $allowdelete=true, $showbreaks=true, $r
continue;
}
$question = $questions[$qnum];
$canedit = isteacheredit($question->course);
$canedit = has_capability('moodle/question:manage', get_context_instance(CONTEXT_COURSE, $question->course));
echo "<td>";
if ($count != 0) {

2
mod/quiz/index.php
View File

@ -25,7 +25,7 @@
// Print the header
$strquizzes = get_string("modulenameplural", "quiz");
$streditquestions = isteacheredit($course->id)
$streditquestions = has_capability('moodle/question:manage', get_context_instance(CONTEXT_COURSE, $course->id))
? "<form target=\"_parent\" method=\"get\" "
." action=\"$CFG->wwwroot/question/edit.php\">"
."<input type=\"hidden\" name=\"courseid\" "

2
mod/resource/type/directory/resource.class.php
View File

@ -65,7 +65,7 @@ function display() {
"", "", true, update_module_button($cm->id, $course->id, $this->strresource),
navmenu($course, $cm));
if (isteacheredit($course->id)) {
if (has_capabilities('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $course->id))) {
echo "<div align=\"right\"><img src=\"$CFG->pixpath/i/files.gif\" height=\"16\" width=\"16\" alt=\"\" />&nbsp".
"<a href=\"$CFG->wwwroot/files/index.php?id={$course->id}&amp;wdir=/{$resource->reference}$subdir\">".
get_string("editfiles")."...</a></div>";

2
mod/resource/type/ims/deploy.php
View File

@ -78,7 +78,7 @@
/// Security Constraints (sesskey and isteacheredit)
if (!confirm_sesskey()) {
error(get_string('confirmsesskeybad', 'error'));
} else if (!isteacheredit($courseid)) {
} else if (!has_capabilities('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $courseid))) {
error(get_string('onlyeditingteachers', 'error'));
}

2
mod/resource/type/ims/resource.class.php
View File

@ -334,7 +334,7 @@ class resource_ims extends resource_base {
/// If there are any error, show it instead of the resource page
if ($errorcode) {
if (!isteacheredit($course->id)) {
if (!has_capabilities('moodle/course:activityvisibility', get_context_instance(CONTEXT_COURSE, $course->id))) {
/// Resource not available page
$errortext = get_string('resourcenotavailable','resource');
} else {

2
question/category.php
View File

@ -48,7 +48,7 @@
// TODO: generalise this to any activity
if (isset($SESSION->modform->instance) and $quiz = get_record('quiz', 'id', $SESSION->modform->instance)) {
$strupdatemodule = isteacheredit($course->id)
$strupdatemodule = has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $course->id))
? update_module_button($SESSION->modform->cmid, $course->id, get_string('modulename', 'quiz'))
: "";
print_header_simple(get_string('editcategories', 'quiz'), '',

2
question/edit.php
View File

@ -40,7 +40,7 @@
$strquizzes = get_string('modulenameplural', 'quiz');
$streditingquestions = get_string('editquestions', "quiz");
if (isset($SESSION->modform->instance) and $quiz = get_record('quiz', 'id', $SESSION->modform->instance)) {
$strupdatemodule = isteacheredit($course->id)
$strupdatemodule = has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $course->id))
? update_module_button($SESSION->modform->cmid, $course->id, get_string('modulename', 'quiz'))
: "";
print_header_simple($streditingquestions, '',

4
question/editlib.php
View File

@ -263,7 +263,7 @@ function question_list($course, $categoryid, $quizid=0,
echo '<table><tr>';
// check if editing of this category is allowed
if (isteacheredit($category->course)) {
if (has_capability('moodle/question:managecateory', $context)) {
echo "<td valign=\"top\"><b>$strcreatenewquestion:</b></td>";
echo '<td valign="top" align="right">';
popup_form ("$CFG->wwwroot/question/question.php?category=$category->id&amp;qtype=", $qtypemenu, "addquestion",
@ -323,7 +323,7 @@ function question_list($course, $categoryid, $quizid=0,
print_paging_bar($totalnumber, $page, $perpage,
"edit.php?courseid={$course->id}&amp;perpage=$perpage&amp;");
$canedit = isteacheredit($category->course);
$canedit = has_capability('moodle/question:manage', $context);
echo '<form method="post" action="edit.php?courseid='.$course->id.'">';
echo '<input type="hidden" name="sesskey" value="'.$USER->sesskey.'" />';

6
question/import.php
View File

@ -79,9 +79,7 @@
require_login($course->id, false);
if (!isteacheredit($course->id)) {
error( $txt->onlyteachersimport );
}
require_capability('moodle/question:import', get_context_instance(CONTEXT_COURSE, $course->id));
// ensure the files area exists for this course
make_upload_directory( "$course->id" );
@ -92,7 +90,7 @@
//==========
if (isset($SESSION->modform->instance) and $quiz = get_record('quiz', 'id', $SESSION->modform->instance)) {
$strupdatemodule = isteacheredit($course->id)
$strupdatemodule = has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $course->id))
? update_module_button($SESSION->modform->cmid, $course->id, $txt->modulename)
: "";
print_header_simple($txt->importquestions, '',

2
question/showbank.php
View File

@ -55,7 +55,7 @@
if (!$tocategory = get_record('question_categories', 'id', $tocategoryid)) {
error('Invalid category');
}
if (!isteacheredit($tocategory->course)) {
if (!has_capability('moodle/question:managecateory', get_context_instance(CONTEXT_COURSE, $tocategory->course))){
error(get_string('categorynoedit', 'quiz', $tocategory->name), 'edit.php?courseid=$course->id');
}
foreach ($_POST as $key => $value) { // Parse input for question ids

5
question/type/datasetdependent/categorydatasetdefinitions.php
View File

@ -18,10 +18,7 @@
}
require_login($course->id, false);
if (!isteacheredit($course->id)) {
error("Only the teacher can import quiz questions!");
}
require_capability('moodle/question:import', get_context_instance(CONTEXT_COURSE, $course->id));
$DATASET_TYPES = array('1' => get_string('literal', 'quiz'),
'2' => get_string('file', 'quiz'),

2
question/type/description/questiontype.php
View File

@ -36,7 +36,7 @@ class description_qtype extends default_questiontype {
// For editing teachers print a link to an editing popup window
$editlink = '';
if (isteacheredit($cmoptions->course)) {
if (has_capability('moodle/question:manage', get_context_instance(CONTEXT_COURSE, $cmoptions->course))) {
$stredit = get_string('edit');
$linktext = '<img src="'.$CFG->pixpath.'/t/edit.gif" border="0" alt="'.$stredit.'" />';
$editlink = link_to_popup_window('/question/question.php?id='.$question->id, $stredit, $linktext, 450, 550, $stredit, '', true);

4
user/index.php
View File

@ -209,8 +209,8 @@
if (!empty($isteacher)) {
// get minimum lastaccess for this course and display a dropbox to filter by lastaccess going back this far.
$minlastaccess = get_field_sql('SELECT min(timeaccess) FROM '.$CFG->prefix.'user_lastaccess WHERE courseid = '.$course->id.' AND timeaccess != 0');
// this might not work anymore because you always going to get yourself as the most recent entry? added $USER!=$user ch
$minlastaccess = get_field_sql('SELECT min(timeaccess) FROM '.$CFG->prefix.'user_lastaccess WHERE courseid = '.$course->id.' AND timeaccess != 0 AND userid!='.$USER->id);
$lastaccess0exists = record_exists('user_lastaccess','courseid',$course->id,'timeaccess',0);
$now = usergetmidnight(time());
$timeaccess = array();