diff --git a/backup/backup_execute.html b/backup/backup_execute.html index 4276c885be3..dabed9e04df 100644 --- a/backup/backup_execute.html +++ b/backup/backup_execute.html @@ -9,7 +9,7 @@ if (empty($to)) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } else { - if (!isteacheredit($to)) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $to))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } diff --git a/backup/restore_check.html b/backup/restore_check.html index e97182335fa..fb1dba3637b 100644 --- a/backup/restore_check.html +++ b/backup/restore_check.html @@ -175,7 +175,7 @@ print_heading(get_string("choosecourse")); print_simple_box_start("center"); foreach ($courses as $course) { - if (!isteacheredit($course->id)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $course->id))) { continue; } if (empty($course->visible)) { @@ -195,7 +195,7 @@ //Final access control check if ($restore->course_id == 0 and !has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be a creator or admin to restore into new course!"); - } else if ($restore->course_id != 0 and !isteacheredit($restore->course_id)) { + } else if ($restore->course_id != 0 and !has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $restore->course_id))) { error("You need to be an edit teacher or admin to restore into selected course!"); } $show_continue_button = true; diff --git a/blocks/news_items/block_news_items.php b/blocks/news_items/block_news_items.php index ac8cdb0e5e6..f23d30d0bc8 100644 --- a/blocks/news_items/block_news_items.php +++ b/blocks/news_items/block_news_items.php @@ -35,7 +35,7 @@ class block_news_items extends block_base { /// First work out whether we can post to this group and if so, include a link - if (isteacheredit($COURSE->id)) { /// Teachers can always post + if (has_capability('moodle/site:accessallgroups', get_context_instance(CONTEXT_COURSE, $COURSE->id))) { /// Teachers can always post $visiblegroups = -1; $text .= '
'. diff --git a/course/category.php b/course/category.php index dee217456dd..f25e5e05623 100644 --- a/course/category.php +++ b/course/category.php @@ -366,7 +366,7 @@ echo ''; $abletomovecourses = true; - } else if (isteacheredit($acourse->id)) { + } else if (has_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $acourse->id))) { echo ''; echo ''. ''.$strsettings.' '; diff --git a/course/reset.php b/course/reset.php index 7b010eeff63..a9f06753489 100755 --- a/course/reset.php +++ b/course/reset.php @@ -15,9 +15,7 @@ The feature will also reset the start date of the course if necessary. error("Course is misconfigured"); } - if (!isteacheredit($course->id)) { - error('Only editing teachers can use this script'); - } + require_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $course->id)); $strreset = get_string('reset'); $strresetcourse = get_string('resetcourse'); diff --git a/course/scales.php b/course/scales.php index b23729e7878..985db4385e9 100644 --- a/course/scales.php +++ b/course/scales.php @@ -319,7 +319,7 @@ if ($scales = get_records("scale", "courseid", "$course->id", "name ASC")) { print_heading($strcustomscales); - if (isteacheredit($course->id)) { + if (has_capability('moodle/course:managescales', get_context_instance(CONTEXT_COURSE, $course->id))) { echo "

("; print_string("scalestip"); echo ")

"; diff --git a/course/student.php b/course/student.php index 773b0e1bdbb..094a6b68d15 100644 --- a/course/student.php +++ b/course/student.php @@ -1,6 +1,6 @@ id); - if (! isteacheredit($course->id) ) { - error("You need to be a teacher with editing privileges"); - } + require_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $course->id)); function html_footer() { global $course, $choose; @@ -798,7 +796,7 @@ function displaydir ($wdir) { } else if ($icon == "zip.gif") { $edittext .= "sesskey&choose=$choose\">$strunzip "; $edittext .= "sesskey&choose=$choose\">$strlist "; - if (!empty($CFG->backup_version) and isteacheredit($id)) { + if (!empty($CFG->backup_version) and has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) { $edittext .= "sesskey&choose=$choose\">$strrestore "; } } diff --git a/lib/accesslib.php b/lib/accesslib.php index fe015e25504..c1c7abb1c53 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -850,6 +850,13 @@ function moodle_install_roles() { if (in_array($CFG->prefix.'user_teachers', $dbtables)) { if ($userteachers = get_records('user_teachers')) { foreach ($userteachers as $teacher) { + // populate the user_lastaccess table + unset($access); + $access->timeaccess = $teacher->timeaccess; + $access->userid = $teacher->userid; + $access->courseid = $teacher->course; + insert_record('user_lastaccess', $access); + // assign the default student role $coursecontext = get_context_instance(CONTEXT_COURSE, $teacher->course); // needs cache if ($teacher->editall) { // editting teacher role_assign($editteacherrole, $teacher->userid, 0, $coursecontext->id); @@ -866,7 +873,14 @@ function moodle_install_roles() { */ if (in_array($CFG->prefix.'user_students', $dbtables)) { if ($userstudents = get_records('user_students')) { - foreach ($userstudents as $student) { + foreach ($userstudents as $student) { + // populate the user_lastaccess table + unset($access); + $access->timeaccess = $student->timeaccess; + $access->userid = $student->userid; + $access->courseid = $student->course; + insert_record('user_lastaccess', $access); + // assign the default student role $coursecontext = get_context_instance(CONTEXT_COURSE, $student->course); role_assign($studentrole, $student->userid, 0, $coursecontext->id); } diff --git a/lib/editor/htmlarea/coursefiles.php b/lib/editor/htmlarea/coursefiles.php index 9d3d73f88a7..0755aa8d882 100644 --- a/lib/editor/htmlarea/coursefiles.php +++ b/lib/editor/htmlarea/coursefiles.php @@ -32,9 +32,7 @@ require_login($course->id); - if (! isteacheredit($course->id) ) { - error("Only teachers can edit files"); - } + require_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id)); function html_footer() { echo "\n\n\n"; diff --git a/lib/pagelib.php b/lib/pagelib.php index e96ce866a15..3d55e96cf96 100644 --- a/lib/pagelib.php +++ b/lib/pagelib.php @@ -355,7 +355,7 @@ class page_course extends page_base { if (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')) { return true; } - return isteacheredit($this->id); + return has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_COURSE, $this->id)); } // Is the user actually editing this page right now? This would have something @@ -580,7 +580,7 @@ class page_generic_activity extends page_base { function user_allowed_editing() { $this->init_full(); - return isteacheredit($this->modulerecord->course); + return has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_COURSE, $this->modulerecord->course)); } function user_is_editing() { diff --git a/mod/quiz/editlib.php b/mod/quiz/editlib.php index 8c5c428e51d..092f65c1803 100644 --- a/mod/quiz/editlib.php +++ b/mod/quiz/editlib.php @@ -229,7 +229,7 @@ function quiz_print_question_list($quiz, $allowdelete=true, $showbreaks=true, $r continue; } $question = $questions[$qnum]; - $canedit = isteacheredit($question->course); + $canedit = has_capability('moodle/question:manage', get_context_instance(CONTEXT_COURSE, $question->course)); echo ""; if ($count != 0) { diff --git a/mod/quiz/index.php b/mod/quiz/index.php index 3494c9b2607..176a0ee0708 100644 --- a/mod/quiz/index.php +++ b/mod/quiz/index.php @@ -25,7 +25,7 @@ // Print the header $strquizzes = get_string("modulenameplural", "quiz"); - $streditquestions = isteacheredit($course->id) + $streditquestions = has_capability('moodle/question:manage', get_context_instance(CONTEXT_COURSE, $course->id)) ? "
wwwroot/question/edit.php\">" ."id, $course->id, $this->strresource), navmenu($course, $cm)); - if (isteacheredit($course->id)) { + if (has_capabilities('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $course->id))) { echo "
pixpath/i/files.gif\" height=\"16\" width=\"16\" alt=\"\" /> ". "wwwroot/files/index.php?id={$course->id}&wdir=/{$resource->reference}$subdir\">". get_string("editfiles")."...
"; diff --git a/mod/resource/type/ims/deploy.php b/mod/resource/type/ims/deploy.php index 1beb7172cf9..5c85f0559f9 100644 --- a/mod/resource/type/ims/deploy.php +++ b/mod/resource/type/ims/deploy.php @@ -78,7 +78,7 @@ /// Security Constraints (sesskey and isteacheredit) if (!confirm_sesskey()) { error(get_string('confirmsesskeybad', 'error')); - } else if (!isteacheredit($courseid)) { + } else if (!has_capabilities('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $courseid))) { error(get_string('onlyeditingteachers', 'error')); } diff --git a/mod/resource/type/ims/resource.class.php b/mod/resource/type/ims/resource.class.php index f6a8fe1926a..1f0caa9ce8e 100644 --- a/mod/resource/type/ims/resource.class.php +++ b/mod/resource/type/ims/resource.class.php @@ -334,7 +334,7 @@ class resource_ims extends resource_base { /// If there are any error, show it instead of the resource page if ($errorcode) { - if (!isteacheredit($course->id)) { + if (!has_capabilities('moodle/course:activityvisibility', get_context_instance(CONTEXT_COURSE, $course->id))) { /// Resource not available page $errortext = get_string('resourcenotavailable','resource'); } else { diff --git a/question/category.php b/question/category.php index a3f3dc57fc3..150aea09d32 100644 --- a/question/category.php +++ b/question/category.php @@ -48,7 +48,7 @@ // TODO: generalise this to any activity if (isset($SESSION->modform->instance) and $quiz = get_record('quiz', 'id', $SESSION->modform->instance)) { - $strupdatemodule = isteacheredit($course->id) + $strupdatemodule = has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $course->id)) ? update_module_button($SESSION->modform->cmid, $course->id, get_string('modulename', 'quiz')) : ""; print_header_simple(get_string('editcategories', 'quiz'), '', diff --git a/question/edit.php b/question/edit.php index 6d1fb00c731..e70ec943651 100644 --- a/question/edit.php +++ b/question/edit.php @@ -40,7 +40,7 @@ $strquizzes = get_string('modulenameplural', 'quiz'); $streditingquestions = get_string('editquestions', "quiz"); if (isset($SESSION->modform->instance) and $quiz = get_record('quiz', 'id', $SESSION->modform->instance)) { - $strupdatemodule = isteacheredit($course->id) + $strupdatemodule = has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $course->id)) ? update_module_button($SESSION->modform->cmid, $course->id, get_string('modulename', 'quiz')) : ""; print_header_simple($streditingquestions, '', diff --git a/question/editlib.php b/question/editlib.php index 1b2b26162ea..f8d90632106 100644 --- a/question/editlib.php +++ b/question/editlib.php @@ -263,7 +263,7 @@ function question_list($course, $categoryid, $quizid=0, echo ''; // check if editing of this category is allowed - if (isteacheredit($category->course)) { + if (has_capability('moodle/question:managecateory', $context)) { echo ""; echo '
$strcreatenewquestion:'; popup_form ("$CFG->wwwroot/question/question.php?category=$category->id&qtype=", $qtypemenu, "addquestion", @@ -323,7 +323,7 @@ function question_list($course, $categoryid, $quizid=0, print_paging_bar($totalnumber, $page, $perpage, "edit.php?courseid={$course->id}&perpage=$perpage&"); - $canedit = isteacheredit($category->course); + $canedit = has_capability('moodle/question:manage', $context); echo ''; echo ''; diff --git a/question/import.php b/question/import.php index 32b18bcc1f7..d8f21e85f90 100644 --- a/question/import.php +++ b/question/import.php @@ -79,9 +79,7 @@ require_login($course->id, false); - if (!isteacheredit($course->id)) { - error( $txt->onlyteachersimport ); - } + require_capability('moodle/question:import', get_context_instance(CONTEXT_COURSE, $course->id)); // ensure the files area exists for this course make_upload_directory( "$course->id" ); @@ -92,7 +90,7 @@ //========== if (isset($SESSION->modform->instance) and $quiz = get_record('quiz', 'id', $SESSION->modform->instance)) { - $strupdatemodule = isteacheredit($course->id) + $strupdatemodule = has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $course->id)) ? update_module_button($SESSION->modform->cmid, $course->id, $txt->modulename) : ""; print_header_simple($txt->importquestions, '', diff --git a/question/showbank.php b/question/showbank.php index 7f23eb8a6b2..af11deb7148 100644 --- a/question/showbank.php +++ b/question/showbank.php @@ -55,7 +55,7 @@ if (!$tocategory = get_record('question_categories', 'id', $tocategoryid)) { error('Invalid category'); } - if (!isteacheredit($tocategory->course)) { + if (!has_capability('moodle/question:managecateory', get_context_instance(CONTEXT_COURSE, $tocategory->course))){ error(get_string('categorynoedit', 'quiz', $tocategory->name), 'edit.php?courseid=$course->id'); } foreach ($_POST as $key => $value) { // Parse input for question ids diff --git a/question/type/datasetdependent/categorydatasetdefinitions.php b/question/type/datasetdependent/categorydatasetdefinitions.php index bf9dda3d8e9..65f51cf772d 100644 --- a/question/type/datasetdependent/categorydatasetdefinitions.php +++ b/question/type/datasetdependent/categorydatasetdefinitions.php @@ -18,10 +18,7 @@ } require_login($course->id, false); - - if (!isteacheredit($course->id)) { - error("Only the teacher can import quiz questions!"); - } + require_capability('moodle/question:import', get_context_instance(CONTEXT_COURSE, $course->id)); $DATASET_TYPES = array('1' => get_string('literal', 'quiz'), '2' => get_string('file', 'quiz'), diff --git a/question/type/description/questiontype.php b/question/type/description/questiontype.php index b084e1335ca..d215f4e18c7 100644 --- a/question/type/description/questiontype.php +++ b/question/type/description/questiontype.php @@ -36,7 +36,7 @@ class description_qtype extends default_questiontype { // For editing teachers print a link to an editing popup window $editlink = ''; - if (isteacheredit($cmoptions->course)) { + if (has_capability('moodle/question:manage', get_context_instance(CONTEXT_COURSE, $cmoptions->course))) { $stredit = get_string('edit'); $linktext = ''.$stredit.''; $editlink = link_to_popup_window('/question/question.php?id='.$question->id, $stredit, $linktext, 450, 550, $stredit, '', true); diff --git a/user/index.php b/user/index.php index 54e6ae7d972..2c26ace1c8c 100644 --- a/user/index.php +++ b/user/index.php @@ -209,8 +209,8 @@ if (!empty($isteacher)) { // get minimum lastaccess for this course and display a dropbox to filter by lastaccess going back this far. - $minlastaccess = get_field_sql('SELECT min(timeaccess) FROM '.$CFG->prefix.'user_lastaccess WHERE courseid = '.$course->id.' AND timeaccess != 0'); - + // this might not work anymore because you always going to get yourself as the most recent entry? added $USER!=$user ch + $minlastaccess = get_field_sql('SELECT min(timeaccess) FROM '.$CFG->prefix.'user_lastaccess WHERE courseid = '.$course->id.' AND timeaccess != 0 AND userid!='.$USER->id); $lastaccess0exists = record_exists('user_lastaccess','courseid',$course->id,'timeaccess',0); $now = usergetmidnight(time()); $timeaccess = array();