MDL-58439 admin: Ignore guest logins for all admin pages

admin/antiviruses.php

@@ -33,8 +33,7 @@ $confirm = optional_param('confirm', 0, PARAM_BOOL);
 $PAGE->set_url('/admin/antiviruses.php', array('action' => $action, 'antivirus' => $antivirus));
 $PAGE->set_context(context_system::instance());
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $returnurl = "$CFG->wwwroot/$CFG->admin/settings.php?section=manageantiviruses";
 

admin/auth.php

@@ -11,8 +11,7 @@ require_once('../config.php');
 require_once($CFG->libdir.'/adminlib.php');
 require_once($CFG->libdir.'/tablelib.php');
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $returnurl = new moodle_url('/admin/settings.php', array('section'=>'manageauths'));
 

admin/category.php

@@ -30,9 +30,7 @@ $category = required_param('category', PARAM_SAFEDIR);
 $return = optional_param('return','', PARAM_ALPHA);
 $adminediting = optional_param('adminedit', -1, PARAM_BOOL);
 
-/// no guest autologin
-require_login(0, false);
-$PAGE->set_context(context_system::instance());
+require_admin();
 $PAGE->set_url('/admin/category.php', array('category' => $category));
 $PAGE->set_pagetype('admin-setting-' . $category);
 $PAGE->set_pagelayout('admin');

admin/courseformats.php

@@ -32,8 +32,7 @@ $syscontext = context_system::instance();
 $PAGE->set_url('/admin/courseformats.php');
 $PAGE->set_context($syscontext);
 
-require_login();
-require_capability('moodle/site:config', $syscontext);
+require_admin();
 require_sesskey();
 
 $return = new moodle_url('/admin/settings.php', array('section' => 'manageformats'));

admin/customfields.php

@@ -32,8 +32,7 @@ $syscontext = context_system::instance();
 $PAGE->set_url('/admin/customfields.php');
 $PAGE->set_context($syscontext);
 
-require_login();
-require_capability('moodle/site:config', $syscontext);
+require_admin();
 require_sesskey();
 
 $return = new moodle_url('/admin/settings.php', array('section' => 'managecustomfields'));

admin/dataformats.php

@@ -33,8 +33,7 @@ $syscontext = context_system::instance();
 $PAGE->set_url('/admin/dataformats.php');
 $PAGE->set_context($syscontext);
 
-require_login();
-require_capability('moodle/site:config', $syscontext);
+require_admin();
 require_sesskey();
 
 $return = new moodle_url('/admin/settings.php', array('section' => 'managedataformats'));

admin/editors.php

@@ -15,8 +15,7 @@ $confirm = optional_param('confirm', 0, PARAM_BOOL);
 $PAGE->set_url('/admin/editors.php', array('action'=>$action, 'editor'=>$editor));
 $PAGE->set_context(context_system::instance());
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $returnurl = "$CFG->wwwroot/$CFG->admin/settings.php?section=manageeditors";
 

admin/enrol.php

@@ -35,8 +35,7 @@ $confirm = optional_param('confirm', 0, PARAM_BOOL);
 $PAGE->set_url('/admin/enrol.php');
 $PAGE->set_context(context_system::instance());
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 require_sesskey();
 
 $enabled = enrol_get_plugins(true);

admin/licenses.php

@@ -23,8 +23,7 @@ require_once('../config.php');
 require_once($CFG->libdir.'/adminlib.php');
 require_once($CFG->libdir.'/licenselib.php');
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $returnurl = "$CFG->wwwroot/$CFG->admin/settings.php?section=managelicenses";
 

admin/media.php

@@ -35,8 +35,7 @@ $confirm = optional_param('confirm', 0, PARAM_BOOL);
 $PAGE->set_url('/admin/media.php');
 $PAGE->set_context(context_system::instance());
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 require_sesskey();
 
 $plugins = core_plugin_manager::instance()->get_plugins_of_type('media');

admin/mnet/delete.php

@@ -34,9 +34,6 @@ $step   = optional_param('step', 'verify', PARAM_ALPHA);
 $hostid = required_param('hostid', PARAM_INT);
 
 
-
-$context = context_system::instance();
-
 $mnet = get_mnet_environment();
 
 $PAGE->set_url('/admin/mnet/delete.php');

admin/plugins.php

@@ -43,9 +43,8 @@ $confirminstallupdate = optional_param('confirminstallupdate', false, PARAM_BOOL
 // NOTE: do not use admin_externalpage_setup() here because it loads
 //       full admin tree which is not possible during uninstallation.
 
-require_login();
+require_admin();
 $syscontext = context_system::instance();
-require_capability('moodle/site:config', $syscontext);
 
 // URL params we want to maintain on redirects.
 $pageparams = array('updatesonly' => $updatesonly, 'contribonly' => $contribonly);

admin/qbehaviours.php

@@ -31,7 +31,7 @@ require_once($CFG->libdir . '/adminlib.php');
 require_once($CFG->libdir . '/tablelib.php');
 
 // Check permissions.
-require_login();
+require_login(null, false);
 $systemcontext = context_system::instance();
 require_capability('moodle/question:config', $systemcontext);
 

admin/qtypes.php

@@ -30,12 +30,12 @@ require_once($CFG->libdir . '/questionlib.php');
 require_once($CFG->libdir . '/adminlib.php');
 require_once($CFG->libdir . '/tablelib.php');
 
-// Check permissions.
+admin_externalpage_setup('manageqtypes');
+
 $systemcontext = context_system::instance();
 require_capability('moodle/question:config', $systemcontext);
 $canviewreports = has_capability('report/questioninstances:view', $systemcontext);
 
-admin_externalpage_setup('manageqtypes');
 $thispageurl = new moodle_url('/admin/qtypes.php');
 
 $qtypes = question_bank::get_all_qtypes();

admin/roles/define.php

@@ -52,10 +52,12 @@ if ($return === 'manage') {
     $returnurl = new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$roleid));;
 }
 
+admin_externalpage_setup('defineroles', '', array('action' => $action, 'roleid' => $roleid),
+    new moodle_url('/admin/roles/define.php'));
+
 // Check access permissions.
 $systemcontext = context_system::instance();
 require_capability('moodle/role:manage', $systemcontext);
-admin_externalpage_setup('defineroles', '', array('action' => $action, 'roleid' => $roleid), new moodle_url('/admin/roles/define.php'));
 
 // Export role.
 if ($action === 'export') {

admin/roles/manage.php

@@ -46,10 +46,11 @@ if ($action) {
 $baseurl = $CFG->wwwroot . '/' . $CFG->admin . '/roles/manage.php';
 $defineurl = $CFG->wwwroot . '/' . $CFG->admin . '/roles/define.php';
 
+admin_externalpage_setup('defineroles');
+
 // Check access permissions.
 $systemcontext = context_system::instance();
 require_capability('moodle/role:manage', $systemcontext);
-admin_externalpage_setup('defineroles');
 
 // Get some basic data we are going to need.
 $roles = role_fix_names(get_all_roles(), $systemcontext, ROLENAME_ORIGINAL);

admin/roles/usersroles.php

@@ -45,7 +45,7 @@ $PAGE->set_pagelayout('admin');
 
 // Check login and permissions.
 if ($course->id == SITEID) {
-    require_login();
+    require_login(null, false);
     $PAGE->set_context($usercontext);
 } else {
     require_login($course);

admin/tasklogs.php

@@ -40,9 +40,6 @@ $strheading = get_string('tasklogs', 'tool_task');
 $PAGE->set_title($strheading);
 $PAGE->set_heading($strheading);
 
-require_login();
-
-require_capability('moodle/site:config', context_system::instance());
 admin_externalpage_setup('tasklogs');
 
 $logid = optional_param('logid', null, PARAM_INT);

admin/timezone.php

@@ -12,9 +12,7 @@
     $PAGE->set_url('/admin/timezone.php');
     $PAGE->set_context(context_system::instance());
 
-    require_login();
-
-    require_capability('moodle/site:config', context_system::instance());
+    require_admin();
 
     $strtimezone = get_string("timezone");
     $strsavechanges = get_string("savechanges");

admin/tool/installaddon/permcheck.php

@@ -29,7 +29,7 @@ define('AJAX_SCRIPT', true);
 require(__DIR__ . '/../../../config.php');
 require_once($CFG->libdir.'/adminlib.php');
 
-require_login();
+require_login(null, false);
 
 if (!has_capability('moodle/site:config', context_system::instance())) {
     header('HTTP/1.1 403 Forbidden');

admin/tool/log/stores.php

@@ -31,8 +31,7 @@ $enrol = required_param('store', PARAM_PLUGIN);
 $PAGE->set_url('/admin/tool/log/stores.php');
 $PAGE->set_context(context_system::instance());
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 require_sesskey();
 
 $all = \tool_log\log\manager::get_store_plugins();

admin/tool/lp/competencies.php

@@ -39,7 +39,7 @@ if ($competencyid) {
     $pagecontext = context::instance_by_id($pagecontextid);
 }
 
-require_login();
+require_login(null, false);
 \core_competency\api::require_enabled();
 
 $framework = \core_competency\api::read_framework($id);

admin/tool/lp/competencyframeworks.php

@@ -31,7 +31,7 @@ $context = context::instance_by_id($pagecontextid);
 $url = new moodle_url("/admin/tool/lp/competencyframeworks.php");
 $url->param('pagecontextid', $pagecontextid);
 
-require_login();
+require_login(null, false);
 \core_competency\api::require_enabled();
 
 if (!\core_competency\competency_framework::can_read_context($context)) {

admin/tool/lp/editcompetency.php

@@ -30,7 +30,7 @@ $competencyframeworkid = optional_param('competencyframeworkid', 0, PARAM_INT);
 $pagecontextid = required_param('pagecontextid', PARAM_INT);  // Reference to the context we came from.
 $parentid = optional_param('parentid', 0, PARAM_INT);
 
-require_login();
+require_login(null, false);
 \core_competency\api::require_enabled();
 
 if (empty($competencyframeworkid) && empty($id)) {

admin/tool/lp/editcompetencyframework.php

@@ -39,7 +39,7 @@ if (!empty($id)) {
 }
 
 // We check that we have the permission to edit this framework, in its own context.
-require_login();
+require_login(null, false);
 \core_competency\api::require_enabled();
 require_capability('moodle/competency:competencymanage', $context);
 

admin/tool/monitor/edit.php

@@ -29,7 +29,7 @@ $courseid = optional_param('courseid', 0, PARAM_INT);
 
 // Validate course id.
 if (empty($courseid)) {
-    require_login();
+    require_login(null, false);
     $context = context_system::instance();
     $coursename = format_string($SITE->fullname, true, array('context' => $context));
     $PAGE->set_context($context);

admin/tool/monitor/index.php

@@ -36,7 +36,7 @@ $confirm = optional_param('confirm', false, PARAM_BOOL);
 $choose = false;
 // Validate course id.
 if (empty($courseid)) {
-    require_login();
+    require_login(null, false);
     $context = context_system::instance();
     // check system level capability.
     if (!has_capability('tool/monitor:subscribe', $context)) {

admin/tool/monitor/managerules.php

@@ -33,6 +33,7 @@ $status = optional_param('status', 0, PARAM_BOOL);
 
 // Validate course id.
 if (empty($courseid)) {
+    admin_externalpage_setup('toolmonitorrules', '', null, '', array('pagelayout' => 'report'));
     $context = context_system::instance();
     $coursename = format_string($SITE->fullname, true, array('context' => $context));
     $PAGE->set_context($context);
@@ -53,10 +54,6 @@ $PAGE->set_pagelayout('report');
 $PAGE->set_title($coursename);
 $PAGE->set_heading($coursename);
 
-// Site level report.
-if (empty($courseid)) {
-    admin_externalpage_setup('toolmonitorrules', '', null, '', array('pagelayout' => 'report'));
-}
 
 if (!empty($action) && $action == 'changestatus') {
     require_sesskey();

admin/tool/oauth2/endpoints.php

@@ -33,9 +33,7 @@ $strheading = get_string('pluginname', 'tool_oauth2');
 $PAGE->set_title($strheading);
 $PAGE->set_heading($strheading);
 
-require_login();
-
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $renderer = $PAGE->get_renderer('tool_oauth2');
 

admin/tool/oauth2/issuers.php

@@ -33,9 +33,7 @@ $strheading = get_string('pluginname', 'tool_oauth2');
 $PAGE->set_title($strheading);
 $PAGE->set_heading($strheading);
 
-require_login();
-
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $renderer = $PAGE->get_renderer('tool_oauth2');
 

admin/tool/oauth2/userfieldmappings.php

@@ -33,9 +33,7 @@ $strheading = get_string('pluginname', 'tool_oauth2');
 $PAGE->set_title($strheading);
 $PAGE->set_heading($strheading);
 
-require_login();
-
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $renderer = $PAGE->get_renderer('tool_oauth2');
 

admin/tool/recyclebin/index.php

@@ -52,7 +52,7 @@ switch ($context->contextlevel) {
     break;
 
     case CONTEXT_COURSECAT:
-        require_login();
+        require_login(null, false);
 
         $recyclebin = new \tool_recyclebin\category_bin($context->instanceid);
         if (!$recyclebin->can_view()) {

admin/tool/task/clear_fail_delay.php

@@ -29,9 +29,8 @@ require('../../../config.php');
 require_once($CFG->libdir.'/cronlib.php');
 
 // Basic security checks.
-require_login();
+require_admin();
 $context = context_system::instance();
-require_capability('moodle/site:config', $context);
 
 // Get task and check the parameter is valid.
 $taskname = required_param('task', PARAM_RAW_TRIMMED);

admin/tool/task/schedule_task.php

@@ -44,9 +44,8 @@ function tool_task_mtrace_wrapper($message, $eol) {
 $taskname = required_param('task', PARAM_RAW_TRIMMED);
 
 // Basic security checks.
-require_login();
+require_admin();
 $context = context_system::instance();
-require_capability('moodle/site:config', $context);
 
 if (!get_config('tool_task', 'enablerunnow')) {
     print_error('nopermissions', 'error', '', get_string('runnow', 'tool_task'));

admin/tool/task/scheduledtasks.php

@@ -33,9 +33,7 @@ $strheading = get_string('scheduledtasks', 'tool_task');
 $PAGE->set_title($strheading);
 $PAGE->set_heading($strheading);
 
-require_login();
-
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $renderer = $PAGE->get_renderer('tool_task');
 

admin/updatesetting.php

@@ -34,8 +34,7 @@ $type    = required_param('type', PARAM_PLUGIN);
 $PAGE->set_url('/admin/updatesetting.php');
 $PAGE->set_context(context_system::instance());
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 require_sesskey();
 
 $plugintypeclass = "\\core\\plugininfo\\{$type}";

admin/webservice/protocols.php

@@ -30,8 +30,7 @@ require_once($CFG->libdir.'/tablelib.php');
 $PAGE->set_url('/' . $CFG->admin . '/webservice/protocols.php');
 //TODO: disable the blocks here or better make the page layout default to no blocks!
 
-require_login();
-require_capability('moodle/site:config', context_system::instance());
+require_admin();
 
 $returnurl = $CFG->wwwroot . "/" . $CFG->admin . "/settings.php?section=webserviceprotocols";
 

lib/adminlib.php

@@ -8236,7 +8236,7 @@ function admin_externalpage_setup($section, $extrabutton = '', array $extraurlpa
     $PAGE->set_context(null); // hack - set context to something, by default to system context
 
     $site = get_site();
-    require_login();
+    require_login(null, false);
 
     if (!empty($options['pagelayout'])) {
         // A specific page layout has been requested.

lib/moodlelib.php

@@ -3028,6 +3028,14 @@ function require_login($courseorid = null, $autologinguest = true, $cm = null, $
     }
 }
 
+/**
+ * A convenience function for where we must be logged in as admin
+ * @return void
+ */
+function require_admin() {
+    require_login(null, false);
+    require_capability('moodle/site:config', context_system::instance());
+}
 
 /**
  * This function just makes sure a user is logged out.