"MDL-23307, server file plugin display current course files by default"

2025-01-17 13:38:32 +01:00 · 2010-07-19 17:44:23 +00:00 · 2010-07-19 17:44:23 +00:00 · be85f7ab94
commit be85f7ab94
parent 54a0159805
8 changed files with 35 additions and 39 deletions
--- a/lib/form/editor.php
+++ b/lib/form/editor.php
@ -173,6 +173,8 @@ class MoodleQuickForm_editor extends HTML_QuickForm_element {
            $args->accepted_types = array('video', 'audio');
            $media_options = initialise_filepicker($args);

+            $image_options->context = $ctx;
+            $media_options->context = $ctx;
            $image_options->client_id = uniqid();
            $media_options->client_id = uniqid();
            $image_options->maxbytes = $this->_options['maxbytes'];
--- a/lib/form/filemanager.js
+++ b/lib/form/filemanager.js
@ -64,6 +64,7 @@ M.form_filemanager.init = function(Y, options) {

            this.filepicker_options = options.filepicker?options.filepicker:{};
            this.filepicker_options.client_id = this.client_id;
+            this.filepicker_options.context = options.context;
            this.filepicker_options.maxfiles = this.maxfiles;
            this.filepicker_options.maxbytes = this.maxbytes;
            this.filepicker_options.env = 'filemanager';
--- a/lib/form/filepicker.php
+++ b/lib/form/filepicker.php
@ -80,6 +80,7 @@ class MoodleQuickForm_filepicker extends HTML_QuickForm_input {
        $html = $this->_getTabs();
        $fp = new file_picker($args);
        $options = $fp->options;
+        $options->context = $PAGE->context;
        $html .= $OUTPUT->render($fp);
        $html .= '<input type="hidden" name="'.$elname.'" id="'.$id.'" value="'.$draftitemid.'" />';

--- a/lib/outputcomponents.php
+++ b/lib/outputcomponents.php
@ -49,7 +49,6 @@ class file_picker implements renderable {
        require_once($CFG->dirroot. '/repository/lib.php');
        $defaults = array(
            'accepted_types'=>'*',
-            'context'=>$PAGE->context, //TODO: no PAGE in components allowed!! (skodak)
            'return_types'=>FILE_INTERNAL,
            'env' => 'filepicker',
            'client_id' => uniqid(),
--- a/repository/filepicker.js
+++ b/repository/filepicker.js
@ -101,6 +101,9 @@ M.core_filepicker.init = function(Y, options) {
            params['client_id'] = args.client_id;
            params['itemid'] = this.options.itemid?this.options.itemid:0;
            params['maxbytes'] = this.options.maxbytes?this.options.maxbytes:-1;
+            if (this.options.context && this.options.context.id) {
+                params['ctx_id'] = this.options.context.id;
+            }
            if (args['params']) {
                for (i in args['params']) {
                    params[i] = args['params'][i];
--- a/repository/lib.php
+++ b/repository/lib.php
@ -449,6 +449,7 @@ abstract class repository {
    // example: self::$disabled = true
    public $disabled = false;
    public $id;
+    /** @var object current context */
    public $context;
    public $options;
    public $readonly;
@ -463,7 +464,7 @@ abstract class repository {
     */
    public function __construct($repositoryid, $context = SYSCONTEXTID, $options = array(), $readonly = 0) {
        $this->id = $repositoryid;
-        if (!empty($context->id)) {
+        if (is_object($context)) {
            $this->context = $context;
        } else {
            $this->context = get_context_instance_by_id($context);
@ -549,30 +550,12 @@ abstract class repository {
     * @param int $contextid
     * @return boolean
     */
-    public static function check_context($contextid) {
-        global $USER;
-
+    public static function check_capability($contextid, $instance) {
        $context = get_context_instance_by_id($contextid);
-        $level = $context->contextlevel;
-
-        if ($level == CONTEXT_COURSE) {
-            if (!is_enrolled($context)) { //TODO: this looks a bit too simple, verify!
-                return false;
-            } else {
-                return true;
+        $capability = has_capability('repository/'.$instance->type.':view', $context);
+        if (!$capability) {
+            throw new repository_exception('nopermissiontoaccess', 'repository');
        }
-        } else if ($level == CONTEXT_USER) {
-            $c = get_context_instance(CONTEXT_USER, $USER->id);
-            if ($c->id == $contextid) {
-                return true;
-            } else {
-                return false;
-            }
-        } else if ($level == CONTEXT_SYSTEM) {
-            // it is always ok in system level
-            return true;
-        }
-        return false;
    }

    /**
--- a/repository/local/lib.php
+++ b/repository/local/lib.php
@ -65,8 +65,14 @@ class repository_local extends repository {
            $filearea = null;
            $filepath = null;
            $component = null;
+            if (!empty($this->context)) {
+                list($context, $course, $cm) = get_context_info_array($this->context->id);
+                $courseid = is_object($course) ? $course->id : SITEID;
+                $context = get_context_instance(CONTEXT_COURSE, $courseid);
+            } else {
                $context = get_system_context();
            }
+        }

        $browser = get_file_browser();

--- a/repository/repository_ajax.php
+++ b/repository/repository_ajax.php
@ -68,12 +68,24 @@ if (!confirm_sesskey()) {
    die(json_encode($err));
 }

-/// Check permissions
-if (! (isloggedin() && repository::check_context($contextid)) ) {
-    $err->error = get_string('nopermissiontoaccess', 'repository');
+if (!isloggedin()) {
+    $err->error = get_string('loggedinnot', 'moodle');
    die(json_encode($err));
 }

+/// Get repository instance information
+$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i WHERE i.id=? AND i.typeid=r.id';
+
+if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
+    $err->error = get_string('invalidrepositoryid', 'repository');
+    die(json_encode($err));
+} else {
+    $type = $repository->type;
+}
+
+/// Check permissions
+repository::check_capability($contextid, $repository);
+
 $moodle_maxbytes = get_max_upload_file_size();
 // to prevent maxbytes greater than moodle maxbytes setting
 if ($maxbytes == 0 || $maxbytes>=$moodle_maxbytes) {
@ -113,17 +125,6 @@ switch ($action) {
        break;
 }

-/// Get repository instance information
-$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
-       'WHERE i.id=? AND i.typeid=r.id';
-
-if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
-    $err->error = get_string('invalidrepositoryid', 'repository');
-    die(json_encode($err));
-} else {
-    $type = $repository->type;
-}
-
 if (file_exists($CFG->dirroot.'/repository/'.$type.'/lib.php')) {
    require_once($CFG->dirroot.'/repository/'.$type.'/lib.php');
    $classname = 'repository_' . $type;