mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-21 16:32:18 +02:00
Code Issues Projects Releases Wiki Activity

MDL-32853 Forum: fixed serving files from posts in a visible group

Browse Source 
The previous code was copied from the part where emails are being sent.
In that case, we do not want to send copies of posts from other groups.
But in terms of access control, the user has full read access to posts
in any visible group.
This commit is contained in:
David Mudrak 2012-05-08 17:04:27 +02:00
parent e16e2300c5
commit b75ec1040e
1 changed files with 12 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
mod/forum/lib.php
View File

@ -4077,14 +4077,12 @@ function forum_get_file_info($browser, $areas, $course, $cm, $context, $filearea
}
// Make sure groups allow this user to see this file
if ($discussion->groupid > 0 and $groupmode = groups_get_activity_groupmode($cm, $course)) { // Groups are being used
if (!groups_group_exists($discussion->groupid)) { // Can't find group
return null; // Be safe and don't send it to anyone
}
if (!groups_is_member($discussion->groupid) and !has_capability('moodle/site:accessallgroups', $context)) {
// do not send posts from other groups when in SEPARATEGROUPS or VISIBLEGROUPS
return null;
if ($discussion->groupid > 0) {
$groupmode = groups_get_activity_groupmode($cm, $course);
if ($groupmode == SEPARATEGROUPS) {
if (!groups_is_member($discussion->groupid) and !has_capability('moodle/site:accessallgroups', $context)) {
return null;
}
}
}
@ -4147,14 +4145,12 @@ function forum_pluginfile($course, $cm, $context, $filearea, $args, $forcedownlo
}
// Make sure groups allow this user to see this file
if ($discussion->groupid > 0 and $groupmode = groups_get_activity_groupmode($cm, $course)) { // Groups are being used
if (!groups_group_exists($discussion->groupid)) { // Can't find group
return false; // Be safe and don't send it to anyone
}
if (!groups_is_member($discussion->groupid) and !has_capability('moodle/site:accessallgroups', $context)) {
// do not send posts from other groups when in SEPARATEGROUPS or VISIBLEGROUPS
return false;
if ($discussion->groupid > 0) {
$groupmode = groups_get_activity_groupmode($cm, $course);
if ($groupmode == SEPARATEGROUPS) {
if (!groups_is_member($discussion->groupid) and !has_capability('moodle/site:accessallgroups', $context)) {
return false;
}
}
}