From 920edec857127f72443f4086f7f1944d5991e007 Mon Sep 17 00:00:00 2001 From: Adrian Greeve Date: Thu, 8 Dec 2016 14:25:32 +0800 Subject: [PATCH] MDL-57251 navigation: Correct permission shows site admin If the user does not have the moodle/site:configview capability then do not show them the site administration link. --- lib/navigationlib.php | 52 +++++++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 24 deletions(-) diff --git a/lib/navigationlib.php b/lib/navigationlib.php index 1af75d29eb9..7764fb339ae 100644 --- a/lib/navigationlib.php +++ b/lib/navigationlib.php @@ -3913,35 +3913,39 @@ class settings_navigation extends navigation_node { if (isloggedin() && !isguestuser() && (!isset($SESSION->load_navigation_admin) || $SESSION->load_navigation_admin)) { $isadminpage = $this->is_admin_tree_needed(); - if (has_capability('moodle/site:config', context_system::instance())) { - // Make sure this works even if config capability changes on the fly - // and also make it fast for admin right after login. - $SESSION->load_navigation_admin = 1; - if ($isadminpage) { + if (has_capability('moodle/site:configview', context_system::instance())) { + if (has_capability('moodle/site:config', context_system::instance())) { + // Make sure this works even if config capability changes on the fly + // and also make it fast for admin right after login. + $SESSION->load_navigation_admin = 1; + if ($isadminpage) { + $adminsettings = $this->load_administration_settings(); + } + + } else if (!isset($SESSION->load_navigation_admin)) { $adminsettings = $this->load_administration_settings(); + $SESSION->load_navigation_admin = (int)($adminsettings->children->count() > 0); + + } else if ($SESSION->load_navigation_admin) { + if ($isadminpage) { + $adminsettings = $this->load_administration_settings(); + } } - } else if (!isset($SESSION->load_navigation_admin)) { - $adminsettings = $this->load_administration_settings(); - $SESSION->load_navigation_admin = (int)($adminsettings->children->count() > 0); - - } else if ($SESSION->load_navigation_admin) { - if ($isadminpage) { - $adminsettings = $this->load_administration_settings(); + // Print empty navigation node, if needed. + if ($SESSION->load_navigation_admin && !$isadminpage) { + if ($adminsettings) { + // Do not print settings tree on pages that do not need it, this helps with performance. + $adminsettings->remove(); + $adminsettings = false; + } + $siteadminnode = $this->add(get_string('administrationsite'), new moodle_url('/admin/search.php'), + self::TYPE_SITE_ADMIN, null, 'siteadministration'); + $siteadminnode->id = 'expandable_branch_' . $siteadminnode->type . '_' . + clean_param($siteadminnode->key, PARAM_ALPHANUMEXT); + $siteadminnode->requiresajaxloading = 'true'; } } - - // Print empty navigation node, if needed. - if ($SESSION->load_navigation_admin && !$isadminpage) { - if ($adminsettings) { - // Do not print settings tree on pages that do not need it, this helps with performance. - $adminsettings->remove(); - $adminsettings = false; - } - $siteadminnode = $this->add(get_string('administrationsite'), new moodle_url('/admin/search.php'), self::TYPE_SITE_ADMIN, null, 'siteadministration'); - $siteadminnode->id = 'expandable_branch_'.$siteadminnode->type.'_'.clean_param($siteadminnode->key, PARAM_ALPHANUMEXT); - $siteadminnode->requiresajaxloading = 'true'; - } } if ($context->contextlevel == CONTEXT_SYSTEM && $adminsettings) {