mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-16 14:02:32 +02:00
Code Issues Projects Releases Wiki Activity

MDL-19039 improved default frontpage role capability evealuation, needs to be manually enabled in config.php

Browse Source
This commit is contained in:
skodak 2009-10-05 17:08:16 +00:00
parent 0a6baa4e47
commit f1064cca78
2 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config-dist.php
View File

@ -193,6 +193,12 @@ $CFG->admin = 'admin';
// logs in. The site front page will always show the same (logged-out) view.
// $CFG->disablemycourses = true;
//
// Enable this option if you need fully working default frontpage role,
// please note it might cause serious memory and performance issues,
// also there should not be any negative capabilities in default
// frontpage role (MDL-19039).
// $CFG->fullusersbycapabilityonfrontpage = true;
//
// If this setting is set to true, then Moodle will track the IP of the
// current user to make sure it hasn't changed during a session. This
// will prevent the possibility of sessions being hijacked via XSS, but it

28
lib/accesslib.php
View File

@ -4874,6 +4874,20 @@ function get_users_by_capability($context, $capability, $fields='', $sort='',
$defaultroleinteresting = false;
}
// is the default role interesting? does it have
// a relevant rolecap? (we use this a lot later)
if (($isfrontpage or is_inside_frontpage($context)) and !empty($CFG->defaultfrontpageroleid) and in_array((int)$CFG->defaultfrontpageroleid, $roleids, true)) {
if (!empty($CFG->fullusersbycapabilityonfrontpage)) {
// new in 1.9.6 - full support for defaultfrontpagerole MDL-19039
$frontpageroleinteresting = true;
} else {
// old style 1.9.0-1.9.5 - much faster + fewer negative override problems on frontpage
$frontpageroleinteresting = ($context->contextlevel == CONTEXT_COURSE);
}
} else {
$frontpageroleinteresting = false;
}
//
// Prepare query clauses
//
@ -4963,9 +4977,7 @@ function get_users_by_capability($context, $capability, $fields='', $sort='',
if (!$negperm) {
// at the frontpage, and all site users have it - easy!
if ($isfrontpage && !empty($CFG->defaultfrontpageroleid)
&& in_array((int)$CFG->defaultfrontpageroleid, $roleids, true)) {
if ($frontpageroleinteresting) {
return $DB->get_records_sql("SELECT $fields
FROM {user} u
WHERE u.deleted = 0
@ -5146,6 +5158,11 @@ function get_users_by_capability($context, $capability, $fields='', $sort='',
// Did the last user end up with a positive permission?
if ($lastuserid !=0) {
if ($frontpageroleinteresting) {
// add frontpage role if interesting
$ras[] = array('roleid' => $CFG->defaultfrontpageroleid,
'depth' => $context->depth);
}
if ($defaultroleinteresting) {
// add the role at the end of $ras
$ras[] = array( 'roleid' => $CFG->defaultuserroleid,
@ -5191,6 +5208,11 @@ function get_users_by_capability($context, $capability, $fields='', $sort='',
// Prune last entry if necessary
if ($lastuserid !=0) {
if ($frontpageroleinteresting) {
// add frontpage role if interesting
$ras[] = array('roleid' => $CFG->defaultfrontpageroleid,
'depth' => $context->depth);
}
if ($defaultroleinteresting) {
// add the role at the end of $ras
$ras[] = array( 'roleid' => $CFG->defaultuserroleid,