diff --git a/lib/db/access.php b/lib/db/access.php index 868aca51012..0a33d47a938 100644 --- a/lib/db/access.php +++ b/lib/db/access.php @@ -175,7 +175,7 @@ $moodle_capabilities = array( 'moodle/site:viewreports' => array( 'captype' => 'read', - 'contextlevel' => CONTEXT_SITE, + 'contextlevel' => CONTEXT_SYSTEM, 'legacy' => array( 'guest' => CAP_PREVENT, 'student' => CAP_PREVENT, @@ -632,8 +632,49 @@ $moodle_capabilities = array( 'coursecreator' => CAP_ALLOW, 'admin' => CAP_ALLOW ) - ) + ), + // The next 3 might make no sense for some roles, e.g teacher, etc. + // since the next level up is site. These are more for the parent role + 'moodle/user:readuserposts' => array( + 'captype' => 'read', + 'contextlevel' => CONTEXT_USERID, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_ALLOW, + 'teacher' => CAP_ALLOW, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/user:readuserblogs' => array( + 'captype' => 'read', + 'contextlevel' => CONTEXT_USERID, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_ALLOW, + 'teacher' => CAP_ALLOW, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/user:viewuseractivitiesreport' => array( + 'captype' => 'read', + 'contextlevel' => CONTEXT_USERID, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_ALLOW, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ) + ); ?> diff --git a/lib/db/mysql.php b/lib/db/mysql.php index f00004054c7..2fd11faf52d 100644 --- a/lib/db/mysql.php +++ b/lib/db/mysql.php @@ -2100,6 +2100,10 @@ function main_upgrade($oldversion=0) { execute_sql("ALTER TABLE `{$CFG->prefix}role_names` ADD INDEX `contextid` (`contextid`)",true); execute_sql("ALTER TABLE `{$CFG->prefix}role_names` ADD UNIQUE INDEX `roleid-contextid` (`roleid`, `contextid`)",true); } + + if ($version < 2006081600) { + execute_sql("ALTER TABLE `{$CFG->prefix}role_capabilities` CHANGE permission permission int(10) NOT NULL default '0'",true); + } return $result; } diff --git a/lib/db/mysql.sql b/lib/db/mysql.sql index bbb1cc415d3..fb9b900f9b5 100644 --- a/lib/db/mysql.sql +++ b/lib/db/mysql.sql @@ -946,7 +946,7 @@ CREATE TABLE prefix_role_capabilities ( `contextid` int(10)unsigned NOT NULL default '0', `roleid` int(10) unsigned NOT NULL default '0', `capability` varchar(255) NOT NULL default '', - `permission` int(10) unsigned NOT NULL default '0', + `permission` int(10) NOT NULL default '0', `timemodified` int(10) unsigned NOT NULL default '0', `modifierid` int(10) unsigned NOT NULL default '0', KEY `roleid` (`roleid`), @@ -954,7 +954,7 @@ CREATE TABLE prefix_role_capabilities ( KEY `modifierid` (`modifierid`), UNIQUE KEY `roleid-contextid-capability` (`roleid`, `contextid`, `capability`), PRIMARY KEY (`id`) -) TYPE=MYISAM COMMENT ='overriding a capability for a particular role in a particular context'; +) TYPE=MYISAM COMMENT ='permission has to be signed, overriding a capability for a particular role in a particular context'; CREATE TABLE prefix_role_deny_grant ( `id` int(10) unsigned NOT NULL auto_increment, diff --git a/version.php b/version.php index 992a857cf54..60df30e3a72 100644 --- a/version.php +++ b/version.php @@ -6,7 +6,7 @@ // This is compared against the values stored in the database to determine // whether upgrades should be performed (see lib/db/*.php) - $version = 2006081000; // YYYYMMDD = date + $version = 2006081600; // YYYYMMDD = date // XY = increments within a single day $release = '1.7 dev'; // Human-friendly version name