mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-20 07:56:06 +02:00
Code Issues Projects Releases Wiki Activity

MDL-59671 core_calendar: replace current delete permission checks

Browse Source
This commit is contained in:
Simey Lameze 2017-08-09 14:48:06 +08:00
parent dadd6f9fcc
commit 436d39ba85
4 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
calendar/classes/external/event_exporter.php vendored
View File

@ -236,7 +236,7 @@ class event_exporter extends exporter {
}
$values['canedit'] = calendar_edit_event_allowed($legacyevent);
$values['candelete'] = (!$values['isactionevent'] && $values['canedit']);
$values['candelete'] = calendar_delete_event_allowed($legacyevent);
// Handle event subscription.
$values['subscription'] = null;

9
calendar/delete.php
View File

@ -57,10 +57,10 @@ require_login($course);
if (!$course) {
$PAGE->set_context(context_system::instance()); //TODO: wrong
}
// Check the user has the required capabilities to edit an event
if (!calendar_edit_event_allowed($event)) {
print_error('nopermissions');
$title = get_string('deleteevent', 'calendar');
// Check the user has the required capabilities to delete an event
if (!calendar_delete_event_allowed($event)) {
print_error('nopermissions', 'error', $PAGE->url, $title);
}
// Count the repeats, do we need to consider the possibility of deleting repeats
@ -88,7 +88,6 @@ if ($confirm) {
}
// Prepare the page to show the confirmation form
$title = get_string('deleteevent', 'calendar');
$strcalendar = get_string('calendar', 'calendar');
$PAGE->navbar->add($strcalendar, $viewcalendarurl);

4
calendar/externallib.php
View File

@ -91,8 +91,8 @@ class core_calendar_external extends external_api {
$eventobj = calendar_event::load($event['eventid']);
// Let's check if the user is allowed to delete an event.
if (!calendar_edit_event_allowed($eventobj)) {
throw new moodle_exception("nopermissions");
if (!calendar_delete_event_allowed($eventobj)) {
throw new moodle_exception('nopermissions', 'error', '', get_string('deleteevent', 'calendar'));
}
// Time to do the magic.
$eventobj->delete($event['repeat']);

2
calendar/renderer.php
View File

@ -228,7 +228,7 @@ class core_calendar_renderer extends plugin_renderer_base {
$output .= $this->output->box_start('card-header clearfix');
if (calendar_edit_event_allowed($event) && $showactions) {
if (empty($event->cmid)) {
if (calendar_delete_event_allowed($event)) {
$editlink = new moodle_url(CALENDAR_URL.'event.php', array('action' => 'edit', 'id' => $event->id));
$deletelink = new moodle_url(CALENDAR_URL.'delete.php', array('id' => $event->id));
if (!empty($event->calendarcourseid)) {