mirror of
https://github.com/moodle/moodle.git
synced 2025-01-19 06:18:28 +01:00
MDL-12122 Applied Petr's suggested capability fix
This commit is contained in:
parent
d08bba8354
commit
879c99bbd1
@ -132,18 +132,6 @@ class graded_users_iterator {
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns the number of graded users in the course. Needs to be called after init(), otherwise returns null.
|
|
||||||
* @return int Number of users in course
|
|
||||||
*/
|
|
||||||
function users_count() {
|
|
||||||
if (method_exists($this->users_rs, 'RecordCount')) {
|
|
||||||
return $this->users_rs->RecordCount();
|
|
||||||
} else {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns information about the next user
|
* Returns information about the next user
|
||||||
* @return mixed array of user info, all grades and feedback or null when no more users found
|
* @return mixed array of user info, all grades and feedback or null when no more users found
|
||||||
@ -256,8 +244,12 @@ class graded_users_iterator {
|
|||||||
* @param bool $return If true, will return the HTML, otherwise, will print directly
|
* @param bool $return If true, will return the HTML, otherwise, will print directly
|
||||||
* @return null
|
* @return null
|
||||||
*/
|
*/
|
||||||
function print_graded_users_selector($course, $actionpage, $userid='all', $return=false) {
|
function print_graded_users_selector($course, $actionpage, $userid=null, $return=false) {
|
||||||
global $CFG;
|
global $CFG, $USER;
|
||||||
|
|
||||||
|
if (is_null($userid)) {
|
||||||
|
$userid = $USER->id;
|
||||||
|
}
|
||||||
|
|
||||||
$context = get_context_instance(CONTEXT_COURSE, $course->id);
|
$context = get_context_instance(CONTEXT_COURSE, $course->id);
|
||||||
|
|
||||||
@ -266,8 +258,8 @@ function print_graded_users_selector($course, $actionpage, $userid='all', $retur
|
|||||||
$gui = new graded_users_iterator($course);
|
$gui = new graded_users_iterator($course);
|
||||||
$gui->init();
|
$gui->init();
|
||||||
|
|
||||||
if ($userid != 'all') {
|
if ($userid !== 0) {
|
||||||
$menu['all'] = get_string('allusers', 'grades') . ' (' . $gui->users_count() . ')';
|
$menu[0] = get_string('allusers', 'grades');
|
||||||
}
|
}
|
||||||
|
|
||||||
while ($userdata = $gui->next_user()) {
|
while ($userdata = $gui->next_user()) {
|
||||||
@ -277,6 +269,10 @@ function print_graded_users_selector($course, $actionpage, $userid='all', $retur
|
|||||||
|
|
||||||
$gui->close();
|
$gui->close();
|
||||||
|
|
||||||
|
if ($userid !== 0) {
|
||||||
|
$menu[0] .= " (" . (count($menu) - 1) . ")";
|
||||||
|
}
|
||||||
|
|
||||||
return popup_form($CFG->wwwroot.'/grade/' . $actionpage . '&userid=', $menu, 'choosegradeduser', $userid, 'choose', '', '',
|
return popup_form($CFG->wwwroot.'/grade/' . $actionpage . '&userid=', $menu, 'choosegradeduser', $userid, 'choose', '', '',
|
||||||
$return, 'self', get_string('selectalloroneuser', 'grades'));
|
$return, 'self', get_string('selectalloroneuser', 'grades'));
|
||||||
}
|
}
|
||||||
|
@ -28,7 +28,7 @@ require_once $CFG->dirroot.'/grade/lib.php';
|
|||||||
require_once $CFG->dirroot.'/grade/report/user/lib.php';
|
require_once $CFG->dirroot.'/grade/report/user/lib.php';
|
||||||
|
|
||||||
$courseid = required_param('id');
|
$courseid = required_param('id');
|
||||||
$userid = optional_param('userid', $USER->id, PARAM_ALPHANUM);
|
$userid = optional_param('userid', $USER->id, PARAM_INT);
|
||||||
|
|
||||||
/// basic access checks
|
/// basic access checks
|
||||||
if (!$course = get_record('course', 'id', $courseid)) {
|
if (!$course = get_record('course', 'id', $courseid)) {
|
||||||
@ -36,14 +36,18 @@ if (!$course = get_record('course', 'id', $courseid)) {
|
|||||||
}
|
}
|
||||||
require_login($course);
|
require_login($course);
|
||||||
|
|
||||||
|
$context = get_context_instance(CONTEXT_COURSE, $course->id);
|
||||||
|
require_capability('gradereport/user:view', $context);
|
||||||
|
|
||||||
if ($userid != 'all' && !$user = get_complete_user_data('id', $userid)) {
|
if (empty($userid)) {
|
||||||
|
require_capability('moodle/grade:viewall', $context);
|
||||||
|
|
||||||
|
} else {
|
||||||
|
if (!get_complete_user_data('id', $userid)) {
|
||||||
error("Incorrect userid");
|
error("Incorrect userid");
|
||||||
}
|
}
|
||||||
|
|
||||||
$context = get_context_instance(CONTEXT_COURSE, $course->id);
|
}
|
||||||
$usercontext = get_context_instance(CONTEXT_USER, $userid);
|
|
||||||
require_capability('gradereport/user:view', $context);
|
|
||||||
|
|
||||||
$access = true;
|
$access = true;
|
||||||
if (has_capability('moodle/grade:viewall', $context)) {
|
if (has_capability('moodle/grade:viewall', $context)) {
|
||||||
@ -52,7 +56,7 @@ if (has_capability('moodle/grade:viewall', $context)) {
|
|||||||
} else if ($userid == $USER->id and has_capability('moodle/grade:view', $context) and $course->showgrades) {
|
} else if ($userid == $USER->id and has_capability('moodle/grade:view', $context) and $course->showgrades) {
|
||||||
//ok - can view own grades
|
//ok - can view own grades
|
||||||
|
|
||||||
} else if (has_capability('moodle/grade:viewall', $usercontext) and $course->showgrades) {
|
} else if ($has_capability('moodle/grade:viewall', get_context_instance(CONTEXT_USER, $userid)) and $course->showgrades) {
|
||||||
// ok - can view grades of this user- parent most probably
|
// ok - can view grades of this user- parent most probably
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
@ -92,7 +96,7 @@ if ($access) {
|
|||||||
print_graded_users_selector($course, 'report/user/index.php?id=' . $course->id, $userid);
|
print_graded_users_selector($course, 'report/user/index.php?id=' . $course->id, $userid);
|
||||||
echo '</div>';
|
echo '</div>';
|
||||||
|
|
||||||
if ($userid == 'all') {
|
if ($userid === 0) {
|
||||||
$gui = new graded_users_iterator($course);
|
$gui = new graded_users_iterator($course);
|
||||||
$gui->init();
|
$gui->init();
|
||||||
while ($userdata = $gui->next_user()) {
|
while ($userdata = $gui->next_user()) {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user