MDL-56641 admin: Managers can access search page

admin/search.php

@@ -7,7 +7,8 @@ require_once($CFG->libdir.'/adminlib.php');
 
 $query = trim(optional_param('query', '', PARAM_NOTAGS));  // Search string
 
-$PAGE->set_context(context_system::instance());
+$context = context_system::instance();
+$PAGE->set_context($context);
 
 admin_externalpage_setup('search', '', array('query' => $query)); // now hidden page
 
@@ -19,6 +20,7 @@ $focus = '';
 
 // now we'll deal with the case that the admin has submitted the form with changed settings
 if ($data = data_submitted() and confirm_sesskey()) {
+    require_capability('moodle/site:config', $context);
     if (admin_write_settings($data)) {
         redirect($PAGE->url, get_string('changessaved'), null, \core\output\notification::NOTIFY_SUCCESS);
     }
@@ -45,14 +47,20 @@ if ($errormsg !== '') {
     echo $OUTPUT->notification($statusmsg, 'notifysuccess');
 }
 
-require_once("admin_settings_search_form.php");
-$form = new admin_settings_search_form();
-$form->display();
-echo '<hr>';
+$showsettingslinks = true;
 
-if ($query) {
-    echo admin_search_settings_html($query);
-} else {
+if (has_capability('moodle/site:config', $context)) {
+    require_once("admin_settings_search_form.php");
+    $form = new admin_settings_search_form();
+    $form->display();
+    echo '<hr>';
+    if ($query) {
+        echo admin_search_settings_html($query);
+        $showsettingslinks = false;
+    }
+}
+
+if ($showsettingslinks) {
     $node = $PAGE->settingsnav->find('root', navigation_node::TYPE_SITE_ADMIN);
     if ($node) {
         echo $OUTPUT->render_from_template('core/settings_link_page', ['node' => $node]);

admin/settings/top.php

@@ -47,4 +47,4 @@ $ADMIN->add('root', new admin_category('development', new lang_string('developme
 $ADMIN->add('root', new admin_category('unsupported', new lang_string('unsupported', 'admin'), true));
 
 // hidden search script
-$ADMIN->add('root', new admin_externalpage('search', new lang_string('search', 'admin'), "$CFG->wwwroot/$CFG->admin/search.php", 'moodle/site:config', true));
+$ADMIN->add('root', new admin_externalpage('search', new lang_string('search', 'admin'), "$CFG->wwwroot/$CFG->admin/search.php", 'moodle/site:configview', true));

lang/en/role.php

@@ -387,6 +387,7 @@ $string['siteadministrators'] = 'Site administrators';
 $string['site:approvecourse'] = 'Approve course creation';
 $string['site:backup'] = 'Backup courses';
 $string['site:config'] = 'Change site configuration';
+$string['site:configview'] = 'View the site administration tree (but not all the pages in it)';
 $string['site:deleteanymessage'] = 'Delete any messages on the site';
 $string['site:deleteownmessage'] = 'Delete messages sent by and to the user';
 $string['site:doanything'] = 'Allowed to do everything';

lib/db/access.php

@@ -64,6 +64,13 @@ $capabilities = array(
         'archetypes' => array(
         )
     ),
+    'moodle/site:configview' => array(
+        'captype' => 'read',
+        'contextlevel' => CONTEXT_SYSTEM,
+        'archetypes' => array(
+            'manager' => CAP_ALLOW,
+        )
+    ),
 
     'moodle/site:readallmessages' => array(
 

lib/upgrade.txt

@@ -3,6 +3,8 @@ information provided here is intended especially for developers.
 
 === 3.2 ===
 
+* Custom roles with access to any part of site administration that do not use the manager archetype will need
+  moodle/site:configview capability added.
 * Admin setting "Show My courses expanded on Dashboard" has been removed.
 * Some backwards and forwards compatibility has been added for different bootstrap versions.
   This is to allow the same markup to work in "clean" and "boost" themes alot of the time. It is also to allow user text

version.php

@@ -29,7 +29,7 @@
 
 defined('MOODLE_INTERNAL') || die();
 
-$version  = 2016110200.00;              // YYYYMMDD      = weekly release date of this DEV branch.
+$version  = 2016110300.00;              // YYYYMMDD      = weekly release date of this DEV branch.
                                         //         RR    = release increments - 00 in DEV branches.
                                         //           .XX = incremental changes.