mirror of
https://github.com/moodle/moodle.git
synced 2025-03-14 04:30:15 +01:00
various changes - loading capabilities for questions, quiz, hide tab if no assignalbe or no overridable role is found, added some functions and comments in accesslib
This commit is contained in:
parent
b56d75dd00
commit
945f88ca15
@ -39,9 +39,7 @@
|
||||
foreach ($roles as $trole) {
|
||||
if (isset($temp[$srole->id][$trole->id])) { // if set, need to write to db
|
||||
if (!$record = get_record('role_allow_assign', 'roleid', $srole->id, 'allowassign', $trole->id)) {
|
||||
$record->roleid = $srole->id;
|
||||
$record->allowassign = $trole->id;
|
||||
insert_record('role_allow_assign', $record);
|
||||
allow_assign($srole->id, $trole->id);
|
||||
}
|
||||
} else { //if set, means can access, attempt to remove it from db
|
||||
delete_records('role_allow_assign', 'roleid', $srole->id, 'allowassign', $trole->id);
|
||||
|
@ -37,9 +37,7 @@
|
||||
foreach ($roles as $trole) {
|
||||
if (isset($temp[$srole->id][$trole->id])) { // if set, need to write to db
|
||||
if (!$record = get_record('role_allow_override', 'roleid', $srole->id, 'allowoverride', $trole->id)) {
|
||||
$record->roleid = $srole->id;
|
||||
$record->allowoverride = $trole->id;
|
||||
insert_record('role_allow_override', $record);
|
||||
allow_override($srole->id, $trole->id);
|
||||
}
|
||||
} else { //if set, means can access, attempt to remove it from db
|
||||
delete_records('role_allow_override', 'roleid', $srole->id, 'allowoverride', $trole->id);
|
||||
|
@ -54,6 +54,7 @@
|
||||
$strshowall = get_string('showall');
|
||||
|
||||
$context = get_record('context', 'id', $contextid);
|
||||
$assignableroles = get_assignable_roles($context);
|
||||
|
||||
// role assigning permission checking
|
||||
if ($roleid) {
|
||||
@ -158,15 +159,6 @@
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// this needs to check capability too
|
||||
$role = get_records('role');
|
||||
$options = array();
|
||||
foreach ($role as $rolex) {
|
||||
if (user_can_assign($context, $rolex->id)) {
|
||||
$options[$rolex->id] = $rolex->name;
|
||||
}
|
||||
}
|
||||
|
||||
// prints a form to swap roles
|
||||
print ('<form name="rolesform" action="assign.php" method="post">');
|
||||
@ -178,7 +170,7 @@
|
||||
print ('<input type="hidden" name="courseid" value="'.$courseid.'" />');
|
||||
}
|
||||
print ('<input type="hidden" name="contextid" value="'.$context->id.'" />'.$strcurrentrole.': ');
|
||||
choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
|
||||
choose_from_menu ($assignableroles, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
|
||||
print ('</div></form>');
|
||||
|
||||
if ($roleid) {
|
||||
|
@ -30,6 +30,7 @@
|
||||
$strshowall = get_string('showall');
|
||||
|
||||
$context = get_record('context', 'id', $contextid);
|
||||
$overridableroles = get_overridable_roles($context);
|
||||
|
||||
// role overriding permission checking
|
||||
if ($roleid) {
|
||||
@ -43,6 +44,8 @@
|
||||
$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $context));
|
||||
$straction = get_string('overrideroles', 'role');
|
||||
|
||||
|
||||
|
||||
// we got a few tabs there
|
||||
if ($context->aggregatelevel == CONTEXT_USERID) {
|
||||
|
||||
@ -118,15 +121,6 @@
|
||||
/*****************************************
|
||||
* drop down for swapping between roles *
|
||||
*****************************************/
|
||||
|
||||
// this needs to check capability too
|
||||
$role = get_records('role');
|
||||
$options = array();
|
||||
foreach ($role as $rolex) {
|
||||
if (user_can_override($context, $rolex->id)) {
|
||||
$options[$rolex->id] = $rolex->name;
|
||||
}
|
||||
}
|
||||
|
||||
print ('<form name="rolesform" action="override.php" method="post">');
|
||||
print ('<div align="center">'.$strcurrentcontext.': '.print_context_name($context).'<br/>');
|
||||
@ -137,7 +131,7 @@
|
||||
if ($course->id) {
|
||||
print ('<input type="hidden" name="courseid" value="'.$courseid.'" />');
|
||||
}
|
||||
choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
|
||||
choose_from_menu ($overridableroles, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
|
||||
print ('</div></form>');
|
||||
|
||||
/**************************************
|
||||
|
@ -86,15 +86,27 @@ if ($currenttab != 'update') {
|
||||
$toprow[] = new tabobject('roles', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('roles'));
|
||||
|
||||
if (isset($tabsmode)) {
|
||||
|
||||
if (!isset($assignableroles)) {
|
||||
$assignableroles = get_assignable_roles($context);
|
||||
}
|
||||
if (!isset($overridableroles)) {
|
||||
$overridableroles = get_overridable_roles($context);
|
||||
}
|
||||
|
||||
|
||||
$inactive[] = 'roles';
|
||||
|
||||
$secondrow[] = new tabobject('assign', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('assignroles', 'role'));
|
||||
|
||||
if ($context->aggregatelevel == CONTEXT_SYSTEM) {
|
||||
$secondrow[] = new tabobject('override', '', get_string('overrideroles', 'role'));
|
||||
} else {
|
||||
$secondrow[] = new tabobject('override', $CFG->wwwroot.'/admin/roles/override.php?contextid='.$context->id,
|
||||
if (!empty($assignableroles)) {
|
||||
$secondrow[] = new tabobject('assign', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('assignroles', 'role'));
|
||||
}
|
||||
|
||||
if (!empty($overridableroles)) {
|
||||
if ($context->aggregatelevel == CONTEXT_SYSTEM) {
|
||||
$secondrow[] = new tabobject('override', '', get_string('overrideroles', 'role'));
|
||||
} else {
|
||||
$secondrow[] = new tabobject('override', $CFG->wwwroot.'/admin/roles/override.php?contextid='.$context->id,
|
||||
get_string('overrideroles', 'role'));
|
||||
}
|
||||
}
|
||||
|
||||
if ($tabsmode == 'override') {
|
||||
|
@ -13,14 +13,12 @@
|
||||
* [273][moodle:blahblah] = 1
|
||||
* [273][moodle:blahblahblah] = 2
|
||||
*/
|
||||
|
||||
|
||||
// permission definitions
|
||||
define('CAP_ALLOW', 1);
|
||||
define('CAP_PREVENT', -1);
|
||||
define('CAP_PROHIBIT', -1000);
|
||||
|
||||
|
||||
// context definitions
|
||||
define('CONTEXT_SYSTEM', 10);
|
||||
define('CONTEXT_PERSONAL', 20);
|
||||
@ -752,6 +750,41 @@ function moodle_install_roles() {
|
||||
role_assign($guestrole, $guestuser->id, 0, $systemcontext->id);
|
||||
}
|
||||
|
||||
/**
|
||||
* Insert the correct records for legacy roles
|
||||
*/
|
||||
allow_assign($adminrole, $adminrole);
|
||||
allow_assign($adminrole, $coursecreatorrole);
|
||||
allow_assign($adminrole, $noneditteacherrole);
|
||||
allow_assign($adminrole, $editteacherrole);
|
||||
allow_assign($adminrole, $studentrole);
|
||||
allow_assign($adminrole, $guestrole);
|
||||
|
||||
allow_assign($coursecreatorrole, $noneditteacherrole);
|
||||
allow_assign($coursecreatorrole, $editteacherrole);
|
||||
allow_assign($coursecreatorrole, $studentrole);
|
||||
allow_assign($coursecreatorrole, $guestrole);
|
||||
|
||||
allow_assign($editteacherrole, $noneditteacherrole);
|
||||
allow_assign($editteacherrole, $studentrole);
|
||||
allow_assign($editteacherrole, $guestrole);
|
||||
|
||||
/// overrides
|
||||
allow_override($adminrole, $adminrole);
|
||||
allow_override($adminrole, $coursecreatorrole);
|
||||
allow_override($adminrole, $noneditteacherrole);
|
||||
allow_override($adminrole, $editteacherrole);
|
||||
allow_override($adminrole, $studentrole);
|
||||
allow_override($adminrole, $guestrole);
|
||||
|
||||
allow_override($coursecreatorrole, $noneditteacherrole);
|
||||
allow_override($coursecreatorrole, $editteacherrole);
|
||||
allow_override($coursecreatorrole, $studentrole);
|
||||
allow_override($coursecreatorrole, $guestrole);
|
||||
|
||||
allow_override($editteacherrole, $noneditteacherrole);
|
||||
allow_override($editteacherrole, $studentrole);
|
||||
allow_override($editteacherrole, $guestrole);
|
||||
|
||||
// Should we delete the tables after we are done? Not yet.
|
||||
}
|
||||
@ -1581,7 +1614,10 @@ function get_component_string($component, $contextlevel) {
|
||||
return $string;
|
||||
}
|
||||
|
||||
|
||||
/** gets the list of roles assigned to this context
|
||||
* @param object $context
|
||||
* @return array
|
||||
*/
|
||||
function get_roles_used_in_context($context) {
|
||||
|
||||
global $CFG;
|
||||
@ -1594,7 +1630,11 @@ function get_roles_used_in_context($context) {
|
||||
ORDER BY r.sortorder ASC');
|
||||
}
|
||||
|
||||
// this function is used to print roles column in user profile page.
|
||||
/** this function is used to print roles column in user profile page.
|
||||
* @param int userid
|
||||
* @param int contextid
|
||||
* @return string
|
||||
*/
|
||||
function get_user_roles_in_context($userid, $contextid){
|
||||
global $CFG;
|
||||
|
||||
@ -1610,7 +1650,12 @@ function get_user_roles_in_context($userid, $contextid){
|
||||
}
|
||||
|
||||
|
||||
// returns bool
|
||||
/**
|
||||
* Checks if a user can override capabilities of a particular role in this context
|
||||
* @param object $context
|
||||
* @param int targetroleid - the id of the role you want to override
|
||||
* @return boolean
|
||||
*/
|
||||
function user_can_override($context, $targetroleid) {
|
||||
// first check if user has override capability
|
||||
// if not return false;
|
||||
@ -1631,6 +1676,12 @@ function user_can_override($context, $targetroleid) {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if a user can assign users to a particular role in this context
|
||||
* @param object $context
|
||||
* @param int targetroleid - the id of the role you want to assign users to
|
||||
* @return boolean
|
||||
*/
|
||||
function user_can_assign($context, $targetroleid) {
|
||||
|
||||
// first check if user has override capability
|
||||
@ -1651,7 +1702,15 @@ function user_can_assign($context, $targetroleid) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// gets all the user roles assigned in this context, or higher
|
||||
/**
|
||||
* gets all the user roles assigned in this context, or higher contexts
|
||||
* this is mainly used when checking if a user can assign a role, or overriding a role
|
||||
* i.e. we need to know what this user holds, in order to verify against allow_assign and
|
||||
* allow_override tables
|
||||
* @param object $context
|
||||
* @param int $userid
|
||||
* @return array
|
||||
*/
|
||||
function get_user_roles($context, $userid=0) {
|
||||
|
||||
global $USER, $CFG, $db;
|
||||
@ -1675,4 +1734,63 @@ function get_user_roles($context, $userid=0) {
|
||||
$contexts);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a record in the allow_override table
|
||||
* @param int sroleid - source roleid
|
||||
* @param int troleid - target roleid
|
||||
* @return int - id or false
|
||||
*/
|
||||
function allow_override($sroleid, $troleid) {
|
||||
$record->roleid = $sroleid;
|
||||
$record->allowoverride = $troleid;
|
||||
return insert_record('role_allow_override', $record);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a record in the allow_assign table
|
||||
* @param int sroleid - source roleid
|
||||
* @param int troleid - target roleid
|
||||
* @return int - id or false
|
||||
*/
|
||||
function allow_assign($sroleid, $troleid) {
|
||||
$record->roleid = $sroleid;
|
||||
$record->allowassign = $troleid;
|
||||
return insert_record('role_allow_assign', $record);
|
||||
}
|
||||
|
||||
/**
|
||||
* gets a list of roles assignalbe in this context for this user
|
||||
* @param object $context
|
||||
* @return array
|
||||
*/
|
||||
function get_assignable_roles ($context) {
|
||||
|
||||
$role = get_records('role');
|
||||
$options = array();
|
||||
foreach ($role as $rolex) {
|
||||
if (user_can_assign($context, $rolex->id)) {
|
||||
$options[$rolex->id] = $rolex->name;
|
||||
}
|
||||
}
|
||||
return $options;
|
||||
}
|
||||
|
||||
/**
|
||||
* gets a list of roles that can be overriden in this context by this user
|
||||
* @param object $context
|
||||
* @return array
|
||||
*/
|
||||
function get_overridable_roles ($context) {
|
||||
|
||||
$role = get_records('role');
|
||||
$options = array();
|
||||
foreach ($role as $rolex) {
|
||||
if (user_can_override($context, $rolex->id)) {
|
||||
$options[$rolex->id] = $rolex->name;
|
||||
}
|
||||
}
|
||||
|
||||
return $options;
|
||||
|
||||
}
|
||||
?>
|
||||
|
@ -687,8 +687,59 @@ $moodle_capabilities = array(
|
||||
'coursecreator' => CAP_ALLOW,
|
||||
'admin' => CAP_ALLOW
|
||||
)
|
||||
),
|
||||
|
||||
'moodle/question:import' => array(
|
||||
'captype' => 'write',
|
||||
'contextlevel' => CONTEXT_COURSE,
|
||||
'legacy' => array(
|
||||
'guest' => CAP_PREVENT,
|
||||
'student' => CAP_PREVENT,
|
||||
'teacher' => CAP_PREVENT,
|
||||
'editingteacher' => CAP_ALLOW,
|
||||
'coursecreator' => CAP_ALLOW,
|
||||
'admin' => CAP_ALLOW
|
||||
)
|
||||
),
|
||||
|
||||
'moodle/question:export' => array(
|
||||
'captype' => 'read',
|
||||
'contextlevel' => CONTEXT_COURSE,
|
||||
'legacy' => array(
|
||||
'guest' => CAP_PREVENT,
|
||||
'student' => CAP_PREVENT,
|
||||
'teacher' => CAP_PREVENT,
|
||||
'editingteacher' => CAP_ALLOW,
|
||||
'coursecreator' => CAP_ALLOW,
|
||||
'admin' => CAP_ALLOW
|
||||
)
|
||||
),
|
||||
|
||||
'moodle/question:managecateory' => array(
|
||||
'captype' => 'write',
|
||||
'contextlevel' => CONTEXT_COURSE,
|
||||
'legacy' => array(
|
||||
'guest' => CAP_PREVENT,
|
||||
'student' => CAP_PREVENT,
|
||||
'teacher' => CAP_PREVENT,
|
||||
'editingteacher' => CAP_ALLOW,
|
||||
'coursecreator' => CAP_ALLOW,
|
||||
'admin' => CAP_ALLOW
|
||||
)
|
||||
),
|
||||
|
||||
'moodle/question:manage' => array(
|
||||
'captype' => 'write',
|
||||
'contextlevel' => CONTEXT_COURSE,
|
||||
'legacy' => array(
|
||||
'guest' => CAP_PREVENT,
|
||||
'student' => CAP_PREVENT,
|
||||
'teacher' => CAP_PREVENT,
|
||||
'editingteacher' => CAP_ALLOW,
|
||||
'coursecreator' => CAP_ALLOW,
|
||||
'admin' => CAP_ALLOW
|
||||
)
|
||||
)
|
||||
|
||||
);
|
||||
|
||||
?>
|
||||
|
@ -5,7 +5,7 @@
|
||||
// This fragment is called by moodle_needs_upgrading() and /admin/index.php
|
||||
////////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
$module->version = 2006081400; // The (date) version of this module
|
||||
$module->version = 2006082300; // The (date) version of this module
|
||||
$module->requires = 2006080900; // Requires this Moodle version
|
||||
$module->cron = 0; // How often should cron check this module (seconds)?
|
||||
|
||||
|
@ -6,7 +6,7 @@
|
||||
// This is compared against the values stored in the database to determine
|
||||
// whether upgrades should be performed (see lib/db/*.php)
|
||||
|
||||
$version = 2006082200; // YYYYMMDD = date
|
||||
$version = 2006082300; // YYYYMMDD = date
|
||||
// XY = increments within a single day
|
||||
|
||||
$release = '1.7 dev'; // Human-friendly version name
|
||||
|
Loading…
x
Reference in New Issue
Block a user