mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-21 08:22:07 +02:00
Code Issues Projects Releases Wiki Activity

Merge branch 'MDL-69672-master' of git://github.com/aanabit/moodle into master

Browse Source
This commit is contained in:
Eloy Lafuente (stronk7) 2020-10-01 17:49:08 +02:00
commit a8e6ddb20a
6 changed files with 103 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
contentbank/classes/contentbank.php
View File

@ -36,6 +36,10 @@ use context;
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class contentbank {
/** @var array All the context levels allowed in the content bank */
private const ALLOWED_CONTEXT_LEVELS = [CONTEXT_SYSTEM, CONTEXT_COURSECAT, CONTEXT_COURSE];
/** @var array Enabled content types. */
private $enabledcontenttypes = null;
@ -348,4 +352,14 @@ class contentbank {
$contentclass = "\\$record->contenttype\\content";
return new $contentclass($record);
}
/**
* Whether the context is allowed.
*
* @param context $context Context to check.
* @return bool
*/
public function is_context_allowed(context $context): bool {
return in_array($context->contextlevel, self::ALLOWED_CONTEXT_LEVELS);
}
}

6
contentbank/edit.php
View File

@ -30,6 +30,12 @@ $contextid = required_param('contextid', PARAM_INT);
$pluginname = required_param('plugin', PARAM_PLUGIN);
$id = optional_param('id', null, PARAM_INT);
$context = context::instance_by_id($contextid, MUST_EXIST);
$cb = new \core_contentbank\contentbank();
if (!$cb->is_context_allowed($context)) {
print_error('contextnotallowed', 'core_contentbank');
}
require_capability('moodle/contentbank:access', $context);
$returnurl = new \moodle_url('/contentbank/view.php', ['id' => $id]);

6
contentbank/index.php
View File

@ -30,6 +30,11 @@ $contextid = optional_param('contextid', \context_system::instance()->id, PAR
$search = optional_param('search', '', PARAM_CLEAN);
$context = context::instance_by_id($contextid, MUST_EXIST);
$cb = new \core_contentbank\contentbank();
if (!$cb->is_context_allowed($context)) {
print_error('contextnotallowed', 'core_contentbank');
}
require_capability('moodle/contentbank:access', $context);
$statusmsg = optional_param('statusmsg', '', PARAM_ALPHANUMEXT);
@ -47,7 +52,6 @@ $PAGE->set_heading($title);
$PAGE->set_pagetype('contentbank');
// Get all contents managed by active plugins where the user has permission to render them.
$cb = new \core_contentbank\contentbank();
$contenttypes = [];
$enabledcontenttypes = $cb->get_enabled_content_types();
foreach ($enabledcontenttypes as $contenttypename) {

72
contentbank/tests/contentbank_test.php
View File

@ -631,4 +631,76 @@ class core_contentbank_testcase extends advanced_testcase {
$this->expectException(Exception::class);
$cb->get_content_from_id(0);
}
/**
* Test the behaviour of is_context_allowed().
*
* @dataProvider context_provider
* @param \Closure $getcontext Get the context to check.
* @param bool $expectedresult Expected result.
*
* @covers ::is_context_allowed
*/
public function test_is_context_allowed(\Closure $getcontext, bool $expectedresult): void {
$this->resetAfterTest();
$cb = new contentbank();
$context = $getcontext();
$this->assertEquals($expectedresult, $cb->is_context_allowed($context));
}
/**
* Data provider for test_is_context_allowed().
*
* @return array
*/
public function context_provider(): array {
return [
'System context' => [
function (): \context {
return \context_system::instance();
},
true,
],
'User context' => [
function (): \context {
$user = $this->getDataGenerator()->create_user();
return \context_user::instance($user->id);
},
false,
],
'Course category context' => [
function (): \context {
$coursecat = $this->getDataGenerator()->create_category();
return \context_coursecat::instance($coursecat->id);
},
true,
],
'Course context' => [
function (): \context {
$course = $this->getDataGenerator()->create_course();
return \context_course::instance($course->id);
},
true,
],
'Module context' => [
function (): \context {
$course = $this->getDataGenerator()->create_course();
$module = $this->getDataGenerator()->create_module('page', ['course' => $course->id]);
return \context_module::instance($module->cmid);
},
false,
],
'Block context' => [
function (): \context {
$course = $this->getDataGenerator()->create_course();
$coursecontext = context_course::instance($course->id);
$block = $this->getDataGenerator()->create_block('online_users', ['parentcontextid' => $coursecontext->id]);
return \context_block::instance($block->id);
},
false,
],
];
}
}

7
contentbank/upload.php
View File

@ -32,9 +32,12 @@ require_login();
$contextid = optional_param('contextid', \context_system::instance()->id, PARAM_INT);
$context = context::instance_by_id($contextid, MUST_EXIST);
require_capability('moodle/contentbank:upload', $context);
$cb = new \core_contentbank\contentbank();
if (!$cb->is_context_allowed($context)) {
print_error('contextnotallowed', 'core_contentbank');
}
require_capability('moodle/contentbank:upload', $context);
$id = optional_param('id', null, PARAM_INT);
if ($id) {

1
lang/en/contentbank.php
View File

@ -33,6 +33,7 @@ $string['contentrenamed'] = 'The content has been renamed.';
$string['contentsmoved'] = 'Content bank contents moved to {$a}.';
$string['contenttypenoaccess'] = 'You cannot view this {$a} instance.';
$string['contenttypenoedit'] = 'You can not edit this content';
$string['contextnotallowed'] = 'Context is not allowed';
$string['emptynamenotallowed'] = 'Empty name is not allowed';
$string['eventcontentcreated'] = 'Content created';
$string['eventcontentdeleted'] = 'Content deleted';