Merge branch 'w17_MDL-32477_m23_cloneperm' of git://github.com/skodak/moodle

2025-01-18 05:58:34 +01:00 · 2012-04-23 16:35:26 +08:00 · 2012-04-23 16:35:26 +08:00 · a0a87e85f0
commit a0a87e85f0
parent 3bbfe7d636 9a251f1884
2 changed files with 84 additions and 1 deletions
--- a/lib/accesslib.php
+++ b/lib/accesslib.php
@ -2522,6 +2522,7 @@ function update_capabilities($component = 'moodle') {
        }
    }
    // Add new capabilities to the stored definition.
+    $existingcaps = $DB->get_records_menu('capabilities', array(), 'id', 'id, name');
    foreach ($newcaps as $capname => $capdef) {
        $capability = new stdClass();
        $capability->name         = $capname;
@ -2532,7 +2533,7 @@ function update_capabilities($component = 'moodle') {

        $DB->insert_record('capabilities', $capability, false);

-        if (isset($capdef['clonepermissionsfrom']) && in_array($capdef['clonepermissionsfrom'], $storedcaps)){
+        if (isset($capdef['clonepermissionsfrom']) && in_array($capdef['clonepermissionsfrom'], $existingcaps)){
            if ($rolecapabilities = $DB->get_records('role_capabilities', array('capability'=>$capdef['clonepermissionsfrom']))){
                foreach ($rolecapabilities as $rolecapability){
                    //assign_capability will update rather than insert if capability exists
--- a/lib/tests/accesslib_test.php
+++ b/lib/tests/accesslib_test.php
@ -981,5 +981,87 @@ class accesslib_testcase extends advanced_testcase {
        $this->assertTrue(is_array($caps));
        unset($caps);
    }
+
+    public function test_update_capabilities() {
+        global $DB, $SITE;
+
+        $this->resetAfterTest(true);
+
+        $froncontext = context_course::instance($SITE->id);
+        $student = $DB->get_record('role', array('archetype'=>'student'));
+        $teacher = $DB->get_record('role', array('archetype'=>'teacher'));
+
+        $existingcaps = $DB->get_records('capabilities', array(), 'id', 'name, captype, contextlevel, component, riskbitmask');
+
+        $this->assertFalse(isset($existingcaps['moodle/site:restore']));         // moved to new 'moodle/restore:restorecourse'
+        $this->assertTrue(isset($existingcaps['moodle/restore:restorecourse'])); // new cap from 'moodle/site:restore'
+        $this->assertTrue(isset($existingcaps['moodle/site:sendmessage']));      // new capability
+        $this->assertTrue(isset($existingcaps['moodle/backup:backupcourse']));
+        $this->assertTrue(isset($existingcaps['moodle/backup:backupsection']));  // cloned from 'moodle/backup:backupcourse'
+        $this->assertTrue(isset($existingcaps['moodle/site:approvecourse']));    // updated bitmask
+        $this->assertTrue(isset($existingcaps['moodle/course:manageactivities']));
+        $this->assertTrue(isset($existingcaps['mod/page:addinstance']));         // cloned from core 'moodle/course:manageactivities'
+
+        // fake state before upgrade
+        $DB->set_field('capabilities', 'name', 'moodle/site:restore', array('name'=>'moodle/restore:restorecourse'));
+        $DB->set_field('role_capabilities', 'capability', 'moodle/site:restore', array('capability'=>'moodle/restore:restorecourse'));
+        assign_capability('moodle/site:restore', CAP_PROHIBIT, $teacher->id, $froncontext->id, true);
+        $perms1 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/site:restore', 'roleid'=>$teacher->id), 'contextid, permission', 'contextid, permission'));
+
+        $DB->delete_records('role_capabilities', array('capability'=>'moodle/site:sendmessage'));
+        $DB->delete_records('capabilities', array('name'=>'moodle/site:sendmessage'));
+
+        $DB->delete_records('role_capabilities', array('capability'=>'moodle/backup:backupsection'));
+        $DB->delete_records('capabilities', array('name'=>'moodle/backup:backupsection'));
+        assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $student->id, $froncontext->id, true);
+        assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $teacher->id, $froncontext->id, true);
+
+        $DB->set_field('capabilities', 'riskbitmask', 0, array('name'=>'moodle/site:approvecourse'));
+
+        $DB->delete_records('role_capabilities', array('capability'=>'mod/page:addinstance'));
+        $DB->delete_records('capabilities', array('name'=>'mod/page:addinstance'));
+        assign_capability('moodle/course:manageactivities', CAP_PROHIBIT, $student->id, $froncontext->id, true);
+        assign_capability('moodle/course:manageactivities', CAP_ALLOW, $teacher->id, $froncontext->id, true);
+
+        // execute core
+        update_capabilities('moodle');
+
+        // only core should be upgraded
+        $caps = $DB->get_records('capabilities', array(), 'id', 'name, captype, contextlevel, component, riskbitmask');
+
+        $this->assertFalse(isset($existingcaps['moodle/site:restore']));
+        $this->assertTrue(isset($caps['moodle/restore:restorecourse']));
+        $this->assertEquals($existingcaps['moodle/restore:restorecourse'], $caps['moodle/restore:restorecourse']);
+        $perms2 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/restore:restorecourse', 'roleid'=>$teacher->id), 'contextid, permission', 'contextid, permission'));
+        $this->assertEquals($perms1, $perms2);
+
+        $this->assertTrue(isset($caps['moodle/site:sendmessage']));
+        $this->assertEquals($existingcaps['moodle/site:sendmessage'], $caps['moodle/site:sendmessage']);
+
+        $this->assertTrue(isset($caps['moodle/backup:backupsection']));
+        $this->assertEquals($existingcaps['moodle/backup:backupsection'], $caps['moodle/backup:backupsection']);
+        $roles = $DB->get_records_sql('SELECT DISTINCT roleid AS id FROM {role_capabilities} WHERE capability=? OR capability=?', array('moodle/backup:backupcourse', 'moodle/backup:backupsection'));
+        foreach ($roles as $role) {
+            $perms1 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/backup:backupcourse', 'roleid'=>$role->id), 'contextid, permission', 'contextid, permission'));
+            $perms2 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/backup:backupsection', 'roleid'=>$role->id), 'contextid, permission', 'contextid, permission'));
+            $this->assertEquals($perms1, $perms2);
+        }
+
+        $this->assertTrue(isset($caps['moodle/site:approvecourse']));
+        $this->assertEquals($existingcaps['moodle/site:approvecourse'], $caps['moodle/site:approvecourse']);
+
+        $this->assertFalse(isset($caps['mod/page:addinstance']));
+
+        // execute plugin
+        update_capabilities('mod_page');
+        $caps = $DB->get_records('capabilities', array(), 'id', 'name, captype, contextlevel, component, riskbitmask');
+        $this->assertTrue(isset($caps['mod/page:addinstance']));
+        $roles = $DB->get_records_sql('SELECT DISTINCT roleid AS id FROM {role_capabilities} WHERE capability=? OR capability=?', array('moodle/course:manageactivities', 'mod/page:addinstance'));
+        foreach ($roles as $role) {
+            $perms1 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/course:manageactivities', 'roleid'=>$role->id), 'contextid, permission', 'contextid, permission'));
+            $perms2 = array_values($DB->get_records('role_capabilities', array('capability'=>'mod/page:addinstance', 'roleid'=>$role->id), 'contextid, permission', 'contextid, permission'));
+        }
+        $this->assertEquals($perms1, $perms2);
+    }
 }