mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-14 04:52:36 +02:00
Code Issues Projects Releases Wiki Activity

MDL-71917 core_message: Use $USER in WS delete_message_for_all_users

Browse Source
This commit is contained in:
cescobedo 2021-07-02 07:10:01 +02:00 committed by Adrian Greeve
parent 526f5eccb9
commit 2f4647c684
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
message/externallib.php
View File

@ -3577,13 +3577,13 @@ class core_message_external extends external_api {
* Deletes a message for all users
*
* @param int $messageid the message id
* @param int $userid the user id of who we want to delete the message for all users
* @param int $userid the user id of who we want to delete the message for all users, is no longer used.
* @return external_description
* @throws moodle_exception
* @since 3.7
*/
public static function delete_message_for_all_users(int $messageid, int $userid) {
global $CFG;
global $CFG, $USER;
// Check if private messaging between users is allowed.
if (empty($CFG->messaging)) {
@ -3601,11 +3601,10 @@ class core_message_external extends external_api {
$context = context_system::instance();
self::validate_context($context);
$user = core_user::get_user($params['userid'], '*', MUST_EXIST);
core_user::require_active_user($user);
core_user::require_active_user($USER);
// Checks if a user can delete a message for all users.
if (core_message\api::can_delete_message_for_all_users($user->id, $params['messageid'])) {
if (core_message\api::can_delete_message_for_all_users($USER->id, $params['messageid'])) {
\core_message\api::delete_message_for_all_users($params['messageid']);
} else {
throw new moodle_exception('You do not have permission to delete this message for everyone.');