mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-19 07:25:30 +02:00
Code Issues Projects Releases Wiki Activity

MDL-46783 permissions: let some moodle/ caps be overriden in all mods

Browse Source 
The capabilities changed ('contextlevel' => CONTEXT_COURSE changed to
'contextlevel' => CONTEXT_MODULE) are:

* moodle/site:accessallgroups
* moodle/site:viewfullnames
* moodle/site:trustcontent
* moodle/site:viewuseridentity

This list came from reviewing the _get_extra_capabilities functions in
all core activities. They were all somewhat inconsistent, but I think it
makes sense that these capabilities are consistently overridable in all
activities. E.g. moodle/site:accessallgroups affects conditional
availability even if there is no other user of groups, and
moodle/site:viewuseridentity and moodle/site:viewfullnames affect the
logs report, if nothing else.

As a result of this, several _get_extra_capabilities functions are no
longer needed, and all the rest have been simplified.
This commit is contained in:
Tim Hunt 2018-10-30 12:00:12 +00:00
parent cb7f6a6f99
commit 939218c2b6
23 changed files with 92 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/db/access.php
View File

@ -412,7 +412,7 @@ $capabilities = array(
'moodle/site:accessallgroups' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_COURSE,
'contextlevel' => CONTEXT_MODULE,
'archetypes' => array(
'editingteacher' => CAP_ALLOW,
'manager' => CAP_ALLOW
@ -422,7 +422,7 @@ $capabilities = array(
'moodle/site:viewfullnames' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_COURSE,
'contextlevel' => CONTEXT_MODULE,
'archetypes' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
@ -436,7 +436,7 @@ $capabilities = array(
'moodle/site:viewuseridentity' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_COURSE,
'contextlevel' => CONTEXT_MODULE,
'archetypes' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
@ -462,7 +462,7 @@ $capabilities = array(
'riskbitmask' => RISK_XSS,
'captype' => 'write',
'contextlevel' => CONTEXT_COURSE,
'contextlevel' => CONTEXT_MODULE,
'archetypes' => array(
'editingteacher' => CAP_ALLOW,
'manager' => CAP_ALLOW

78
lib/tests/accesslib_test.php
View File

@ -3389,6 +3389,84 @@ class core_accesslib_testcase extends advanced_testcase {
$this->assertDebuggingCalled('get_system_context() is deprecated, please use context_system::instance() instead.', DEBUG_DEVELOPER);
}
/**
* Helper that verifies a list of capabilities, as returned by
* $context->get_capabilities() contains certain capabilities.
*
* @param array $expected a list of capability names
* @param array $actual a list of capability info from $context->get_capabilities().
*/
protected function assert_capability_list_contains($expected, $actual) {
$actualnames = [];
foreach ($actual as $cap) {
$actualnames[$cap->name] = $cap->name;
}
$this->assertArraySubset(array_combine($expected, $expected), $actualnames);
}
/**
* Test that context_system::get_capabilities returns capabilities relevant to all modules.
*/
public function test_context_module_caps_returned_by_get_capabilities_in_sys_context() {
$actual = context_system::instance()->get_capabilities();
// Just test a few representative capabilities.
$expectedcapabilities = ['moodle/site:accessallgroups', 'moodle/site:viewfullnames'];
$this->assert_capability_list_contains($expectedcapabilities, $actual);
}
/**
* Test that context_coursecat::get_capabilities returns capabilities relevant to all modules.
*/
public function test_context_module_caps_returned_by_get_capabilities_in_course_cat_context() {
$this->resetAfterTest(true);
$generator = $this->getDataGenerator();
$cat = $generator->create_category();
$actual = context_coursecat::instance($cat->id)->get_capabilities();
// Just test a few representative capabilities.
$expectedcapabilities = ['moodle/site:accessallgroups', 'moodle/site:viewfullnames'];
$this->assert_capability_list_contains($expectedcapabilities, $actual);
}
/**
* Test that context_course::get_capabilities returns capabilities relevant to all modules.
*/
public function test_context_module_caps_returned_by_get_capabilities_in_course_context() {
$this->resetAfterTest(true);
$generator = $this->getDataGenerator();
$cat = $generator->create_category();
$course = $generator->create_course(['category' => $cat->id]);
$actual = context_course::instance($course->id)->get_capabilities();
// Just test a few representative capabilities.
$expectedcapabilities = ['moodle/site:accessallgroups', 'moodle/site:viewfullnames'];
$this->assert_capability_list_contains($expectedcapabilities, $actual);
}
/**
* Test that context_module::get_capabilities returns capabilities relevant to all modules.
*/
public function test_context_module_caps_returned_by_get_capabilities_mod_context() {
$this->resetAfterTest(true);
$generator = $this->getDataGenerator();
$cat = $generator->create_category();
$course = $generator->create_course(['category' => $cat->id]);
$page = $generator->create_module('page', ['course' => $course->id]);
$actual = context_module::instance($page->cmid)->get_capabilities();
// Just test a few representative capabilities.
$expectedcapabilities = ['moodle/site:accessallgroups', 'moodle/site:viewfullnames'];
$this->assert_capability_list_contains($expectedcapabilities, $actual);
}
/**
* Test updating of role capabilities during upgrade
*/

5
mod/assign/lib.php
View File

@ -1295,10 +1295,7 @@ function assign_cron() {
* @return array Array of capability strings
*/
function assign_get_extra_capabilities() {
return array('gradereport/grader:view',
'moodle/grade:viewall',
'moodle/site:viewfullnames',
'moodle/site:config');
return ['gradereport/grader:view', 'moodle/grade:viewall'];
}
/**

11
mod/book/lib.php
View File

@ -63,15 +63,6 @@ function book_get_nav_classes() {
return array ('navtoc', 'navimages', 'navtext');
}
/**
* Returns all other caps used in module
* @return array
*/
function book_get_extra_capabilities() {
// used for group-members-only
return array('moodle/site:accessallgroups');
}
/**
* Add book instance.
*
@ -794,4 +785,4 @@ function mod_book_core_calendar_provide_event_action(calendar_event $event,
1,
true
);
}
}

10
mod/chat/lib.php
View File

@ -1271,16 +1271,6 @@ function chat_reset_userdata($data) {
return $status;
}
/**
* Returns all other caps used in module
*
* @return array
*/
function chat_get_extra_capabilities() {
return array('moodle/site:accessallgroups', 'moodle/site:viewfullnames');
}
/**
* @param string $feature FEATURE_xx constant for requested feature
* @return mixed True if module supports feature, null if doesn't know

9
mod/choice/lib.php
View File

@ -822,15 +822,6 @@ function choice_get_response_data($choice, $cm, $groupmode, $onlyactive) {
return $allresponses;
}
/**
* Returns all other caps used in module
*
* @return array
*/
function choice_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* @uses FEATURE_GROUPS
* @uses FEATURE_GROUPINGS

3
mod/data/lib.php
View File

@ -3003,7 +3003,8 @@ function data_reset_userdata($data) {
* @return array
*/
function data_get_extra_capabilities() {
return array('moodle/site:accessallgroups', 'moodle/site:viewfullnames', 'moodle/rating:view', 'moodle/rating:viewany', 'moodle/rating:viewall', 'moodle/rating:rate', 'moodle/comment:view', 'moodle/comment:post', 'moodle/comment:delete');
return ['moodle/rating:view', 'moodle/rating:viewany', 'moodle/rating:viewall', 'moodle/rating:rate',
'moodle/comment:view', 'moodle/comment:post', 'moodle/comment:delete'];
}
/**

9
mod/feedback/lib.php
View File

@ -42,15 +42,6 @@ define('FEEDBACK_DEFAULT_PAGE_COUNT', 20);
define('FEEDBACK_EVENT_TYPE_OPEN', 'open');
define('FEEDBACK_EVENT_TYPE_CLOSE', 'close');
/**
* Returns all other caps used in module.
*
* @return array
*/
function feedback_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* @uses FEATURE_GROUPS
* @uses FEATURE_GROUPINGS

8
mod/folder/lib.php
View File

@ -51,14 +51,6 @@ function folder_supports($feature) {
}
}
/**
* Returns all other caps used in module
* @return array
*/
function folder_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* This function is used by the reset_course_userdata function in moodlelib.
* @param $data the data submitted from the reset course.

2
mod/forum/lib.php
View File

@ -7426,7 +7426,7 @@ function forum_get_forum_types_all() {
* @return array
*/
function forum_get_extra_capabilities() {
return array('moodle/site:accessallgroups', 'moodle/site:viewfullnames', 'moodle/site:trustcontent', 'moodle/rating:view', 'moodle/rating:viewany', 'moodle/rating:viewall', 'moodle/rating:rate');
return ['moodle/rating:view', 'moodle/rating:viewany', 'moodle/rating:viewall', 'moodle/rating:rate'];
}
/**

3
mod/glossary/lib.php
View File

@ -3073,7 +3073,8 @@ function glossary_reset_userdata($data) {
* @return array
*/
function glossary_get_extra_capabilities() {
return array('moodle/site:accessallgroups', 'moodle/site:viewfullnames', 'moodle/site:trustcontent', 'moodle/rating:view', 'moodle/rating:viewany', 'moodle/rating:viewall', 'moodle/rating:rate', 'moodle/comment:view', 'moodle/comment:post', 'moodle/comment:delete');
return ['moodle/rating:view', 'moodle/rating:viewany', 'moodle/rating:viewall', 'moodle/rating:rate',
'moodle/comment:view', 'moodle/comment:post', 'moodle/comment:delete'];
}
/**

8
mod/imscp/lib.php
View File

@ -45,14 +45,6 @@ function imscp_supports($feature) {
}
}
/**
* Returns all other caps used in module
* @return array
*/
function imscp_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* This function is used by the reset_course_userdata function in moodlelib.
*

9
mod/label/lib.php
View File

@ -163,15 +163,6 @@ function label_reset_userdata($data) {
return array();
}
/**
* Returns all other caps used in module
*
* @return array
*/
function label_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* @uses FEATURE_IDNUMBER
* @uses FEATURE_GROUPS

8
mod/lesson/lib.php
View File

@ -1133,14 +1133,6 @@ function lesson_reset_userdata($data) {
return $status;
}
/**
* Returns all other caps used in module
* @return array
*/
function lesson_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* @uses FEATURE_GROUPS
* @uses FEATURE_GROUPINGS

11
mod/lti/lib.php
View File

@ -48,15 +48,6 @@
defined('MOODLE_INTERNAL') || die;
/**
* Returns all other caps used in module.
*
* @return array
*/
function lti_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* List of features supported in URL module
* @param string $feature FEATURE_xx constant for requested feature
@ -659,4 +650,4 @@ function mod_lti_core_calendar_provide_event_action(calendar_event $event,
1,
true
);
}
}

8
mod/page/lib.php
View File

@ -44,14 +44,6 @@ function page_supports($feature) {
}
}
/**
* Returns all other caps used in module
* @return array
*/
function page_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* This function is used by the reset_course_userdata function in moodlelib.
* @param $data the data submitted from the reset course.

4
mod/quiz/lib.php
View File

@ -1799,9 +1799,7 @@ function quiz_supports($feature) {
function quiz_get_extra_capabilities() {
global $CFG;
require_once($CFG->libdir . '/questionlib.php');
$caps = question_get_all_capabilities();
$caps[] = 'moodle/site:accessallgroups';
return $caps;
return question_get_all_capabilities();
}
/**

8
mod/resource/lib.php
View File

@ -44,14 +44,6 @@ function resource_supports($feature) {
}
}
/**
* Returns all other caps used in module
* @return array
*/
function resource_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* This function is used by the reset_course_userdata function in moodlelib.
* @param $data the data submitted from the reset course.

9
mod/scorm/lib.php
View File

@ -842,15 +842,6 @@ function scorm_reset_userdata($data) {
return $status;
}
/**
* Returns all other caps used in module
*
* @return array
*/
function scorm_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* Lists all file areas current user may browse
*

9
mod/survey/lib.php
View File

@ -770,15 +770,6 @@ function survey_reset_userdata($data) {
return $status;
}
/**
* Returns all other caps used in module
*
* @return array
*/
function survey_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* @uses FEATURE_GROUPS
* @uses FEATURE_GROUPINGS

8
mod/url/lib.php
View File

@ -46,14 +46,6 @@ function url_supports($feature) {
}
}
/**
* Returns all other caps used in module
* @return array
*/
function url_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
/**
* This function is used by the reset_course_userdata function in moodlelib.
* @param $data the data submitted from the reset course.

9
mod/workshop/lib.php
View File

@ -1154,15 +1154,6 @@ function workshop_scale_used_anywhere($scaleid) {
return false;
}
/**
* Returns all other caps used in the module
*
* @return array
*/
function workshop_get_extra_capabilities() {
return array('moodle/site:accessallgroups');
}
////////////////////////////////////////////////////////////////////////////////
// Gradebook API //
////////////////////////////////////////////////////////////////////////////////

2
version.php
View File

@ -29,7 +29,7 @@
defined('MOODLE_INTERNAL') || die();
$version = 2018120301.00; // YYYYMMDD = weekly release date of this DEV branch.
$version = 2018120301.01; // YYYYMMDD = weekly release date of this DEV branch.
// RR = release increments - 00 in DEV branches.
// .XX = incremental changes.