mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-15 13:33:52 +02:00
Code Issues Projects Releases Wiki Activity

MDL-8867 Add setting to define role that is assigned to creators in new courses

Browse Source 
MDL-8868 Set only minimal permissions for creator role

+ improved accesslib to handle changes of context levels in capability definitions

merged from MOODLE_18_STABLE
This commit is contained in:
skodak 2007-03-14 21:42:38 +00:00
parent d2ab495693
commit 5e992f564b
5 changed files with 36 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
admin/settings/users.php
View File

@ -43,6 +43,14 @@ if ($userroles = get_roles_with_capability('moodle/legacy:user', CAP_ALLOW)) {
} else {
$userrole->id = 0;
}
if (empty($CFG->creatornewroleid)) {
if ($teacherroles = get_roles_with_capability('moodle/legacy:editingteacher', CAP_ALLOW, $context)) {
$teachereditrole = array_shift($teacherroles);
set_config('creatornewroleid', $teachereditrole->id);
} else {
set_config('creatornewroleid', 0);
}
}
// we must not use assignable roles here:
// 1/ unsetting roles as assignable for admin might bork the settings!
// 2/ default user role should not be assignable anyway
@ -61,6 +69,8 @@ $temp->add(new admin_setting_configselect('defaultuserroleid', get_string('defau
get_string('configdefaultuserroleid', 'admin'), $userrole->id, $allroles));
$temp->add(new admin_setting_configselect('defaultcourseroleid', get_string('defaultcourseroleid', 'admin'),
get_string('configdefaultcourseroleid', 'admin'), $studentrole->id, $allroles));
$temp->add(new admin_setting_configselect('creatornewroleid', get_string('creatornewroleid', 'admin'),
get_string('configcreatornewroleid', 'admin'), $CFG->creatornewroleid, $allroles));
$temp->add(new admin_setting_configcheckbox('autologinguests', get_string('autologinguests', 'admin'), get_string('configautologinguests', 'admin'), 0));

19
course/edit.php
View File

@ -165,20 +165,19 @@ function create_course($data) {
add_to_log(SITEID, "course", "new", "view.php?id=$course->id", "$data->fullname (ID $course->id)") ;
$context = get_context_instance(CONTEXT_COURSE, $course->id);
if ($data->metacourse and has_capability('moodle/course:managemetacourse', $context)) { // Redirect users with metacourse capability to student import
// assign default role to creator if not already having permission to manage course assignments
if (!has_capability('moodle/course:view', $context) or !has_capability('moodle/role:assign', $context)) {
role_assign($CFG->creatornewroleid, $USER->id, 0, $context->id);
}
if ($data->metacourse and has_capability('moodle/course:managemetacourse', $context)) {
// Redirect users with metacourse capability to student import
redirect($CFG->wwwroot."/course/importstudents.php?id=$course->id");
} else if (has_capability('moodle/role:assign', $context)) { // Redirect users with assign capability to assign users to different roles
} else {
// Redirect to roles assignment
redirect($CFG->wwwroot."/$CFG->admin/roles/assign.php?contextid=$context->id");
} else { // Add current teacher and send to course
// find a role with legacy:edittingteacher
if ($teacherroles = get_roles_with_capability('moodle/legacy:editingteacher', CAP_ALLOW, $context)) {
// assign the role to this user
$teachereditrole = array_shift($teacherroles);
role_assign($teachereditrole->id, $USER->id, 0, $context->id);
}
redirect($CFG->wwwroot."/course/view.php?id=$course->id");
}
} else {

2
lang/en_utf8/admin.php
View File

@ -66,6 +66,7 @@ $string['configclamfailureonupload'] = 'If you have configured clam to scan uplo
$string['configcountry'] = 'If you set a country here, then this country will be selected by default on new user accounts. To force users to choose a country, just leave this unset.';
$string['configcoursemanager'] = 'This setting allows you to control who appears on the course description. Users need to have at least one of these roles in a course to be shown on the course description for that course.';
$string['configcoursesperpage'] = 'Enter the number of courses to be display per page in a course listing.';
$string['configcreatornewroleid'] = 'This role is automatically assigned to creators in new courses they created. This role is not assigned if creator already has needed capabilitites in parent context.';
$string['configdbsessions'] = 'If enabled, this setting will use the database to store information about current sessions. This is especially useful for large/busy sites or sites built on cluster of servers. For most sites this should probably be left disabled so that the server disk is used instead. Note that changing this setting now will log out all current users (including you). If you are using MySQL please make sure that \'max_allowed_packet\' in my.cnf (or my.ini) is at least 4M.';
$string['configdebug'] = 'If you turn this on, then PHP\'s error_reporting will be increased so that more warnings are printed. This is only useful for developers.';
$string['configdebugdisplay'] = 'Set to on, the error reporting will go to the HTML page. This is practical, but breaks XHTML, JS, cookies and HTTP headers in general. Set to off, it will send the output to your server logs, allowing better debugging. The PHP setting error_log controls which log this goes to.';
@ -204,6 +205,7 @@ $string['courseoverview'] = 'Course overview';
$string['courserequests'] = 'Course Requests';
$string['courses'] = 'Courses';
$string['coursesperpage'] = 'Courses per page';
$string['creatornewroleid'] = 'Creators\' role in new courses';
$string['cronclionly'] = 'Cron execution via command line only';
$string['cronerrorclionly'] = 'Sorry, internet access to this page has been disabled by the administrator.';
$string['cronerrorpassword'] = 'Sorry, you have not provided a valid password to access this page';

16
lib/accesslib.php
View File

@ -2475,19 +2475,31 @@ function update_capabilities($component='moodle') {
if ($cachedcaps) {
foreach ($cachedcaps as $cachedcap) {
array_push($storedcaps, $cachedcap->name);
// update risk bitmasks in existing capabilities if needed
// update risk bitmasks and context levels in existing capabilities if needed
if (array_key_exists($cachedcap->name, $filecaps)) {
if (!array_key_exists('riskbitmask', $filecaps[$cachedcap->name])) {
$filecaps[$cachedcap->name]['riskbitmask'] = 0; // no risk if not specified
}
if ($cachedcap->riskbitmask != $filecaps[$cachedcap->name]['riskbitmask']) {
$updatecap = new object;
$updatecap = new object();
$updatecap->id = $cachedcap->id;
$updatecap->riskbitmask = $filecaps[$cachedcap->name]['riskbitmask'];
if (!update_record('capabilities', $updatecap)) {
return false;
}
}
if (!array_key_exists('contextlevel', $filecaps[$cachedcap->name])) {
$filecaps[$cachedcap->name]['contextlevel'] = 0; // no context level defined
}
if ($cachedcap->contextlevel != $filecaps[$cachedcap->name]['contextlevel']) {
$updatecap = new object();
$updatecap->id = $cachedcap->id;
$updatecap->contextlevel = $filecaps[$cachedcap->name]['contextlevel'];
if (!update_record('capabilities', $updatecap)) {
return false;
}
}
}
}
}

19
lib/db/access.php
View File

@ -140,7 +140,6 @@ $moodle_capabilities = array(
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -153,7 +152,6 @@ $moodle_capabilities = array(
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -166,7 +164,6 @@ $moodle_capabilities = array(
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -201,7 +198,6 @@ $moodle_capabilities = array(
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -227,7 +223,6 @@ $moodle_capabilities = array(
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -286,7 +281,6 @@ $moodle_capabilities = array(
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -300,7 +294,6 @@ $moodle_capabilities = array(
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -313,7 +306,6 @@ $moodle_capabilities = array(
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -381,7 +373,6 @@ $moodle_capabilities = array(
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -439,7 +430,7 @@ $moodle_capabilities = array(
'riskbitmask' => RISK_XSS,
'captype' => 'write',
'contextlevel' => CONTEXT_COURSE,
'contextlevel' => CONTEXT_COURSECAT,
'legacy' => array(
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
@ -643,7 +634,6 @@ $moodle_capabilities = array(
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -681,7 +671,6 @@ $moodle_capabilities = array(
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -734,7 +723,6 @@ $moodle_capabilities = array(
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -747,7 +735,6 @@ $moodle_capabilities = array(
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -782,7 +769,6 @@ $moodle_capabilities = array(
'contextlevel' => CONTEXT_COURSE,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -793,7 +779,6 @@ $moodle_capabilities = array(
'contextlevel' => CONTEXT_COURSE,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -816,7 +801,6 @@ $moodle_capabilities = array(
'contextlevel' => CONTEXT_COURSE,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
@ -828,7 +812,6 @@ $moodle_capabilities = array(
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),