From f1064cca78d32d3757d286a73a09e101ae9b1b80 Mon Sep 17 00:00:00 2001 From: skodak Date: Mon, 5 Oct 2009 17:08:16 +0000 Subject: [PATCH] MDL-19039 improved default frontpage role capability evealuation, needs to be manually enabled in config.php --- config-dist.php | 6 ++++++ lib/accesslib.php | 28 +++++++++++++++++++++++++--- 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/config-dist.php b/config-dist.php index 37e4b112031..ae51dd501fb 100644 --- a/config-dist.php +++ b/config-dist.php @@ -193,6 +193,12 @@ $CFG->admin = 'admin'; // logs in. The site front page will always show the same (logged-out) view. // $CFG->disablemycourses = true; // +// Enable this option if you need fully working default frontpage role, +// please note it might cause serious memory and performance issues, +// also there should not be any negative capabilities in default +// frontpage role (MDL-19039). +// $CFG->fullusersbycapabilityonfrontpage = true; +// // If this setting is set to true, then Moodle will track the IP of the // current user to make sure it hasn't changed during a session. This // will prevent the possibility of sessions being hijacked via XSS, but it diff --git a/lib/accesslib.php b/lib/accesslib.php index ae25b370769..a9bb5800423 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -4874,6 +4874,20 @@ function get_users_by_capability($context, $capability, $fields='', $sort='', $defaultroleinteresting = false; } + // is the default role interesting? does it have + // a relevant rolecap? (we use this a lot later) + if (($isfrontpage or is_inside_frontpage($context)) and !empty($CFG->defaultfrontpageroleid) and in_array((int)$CFG->defaultfrontpageroleid, $roleids, true)) { + if (!empty($CFG->fullusersbycapabilityonfrontpage)) { + // new in 1.9.6 - full support for defaultfrontpagerole MDL-19039 + $frontpageroleinteresting = true; + } else { + // old style 1.9.0-1.9.5 - much faster + fewer negative override problems on frontpage + $frontpageroleinteresting = ($context->contextlevel == CONTEXT_COURSE); + } + } else { + $frontpageroleinteresting = false; + } + // // Prepare query clauses // @@ -4963,9 +4977,7 @@ function get_users_by_capability($context, $capability, $fields='', $sort='', if (!$negperm) { // at the frontpage, and all site users have it - easy! - if ($isfrontpage && !empty($CFG->defaultfrontpageroleid) - && in_array((int)$CFG->defaultfrontpageroleid, $roleids, true)) { - + if ($frontpageroleinteresting) { return $DB->get_records_sql("SELECT $fields FROM {user} u WHERE u.deleted = 0 @@ -5146,6 +5158,11 @@ function get_users_by_capability($context, $capability, $fields='', $sort='', // Did the last user end up with a positive permission? if ($lastuserid !=0) { + if ($frontpageroleinteresting) { + // add frontpage role if interesting + $ras[] = array('roleid' => $CFG->defaultfrontpageroleid, + 'depth' => $context->depth); + } if ($defaultroleinteresting) { // add the role at the end of $ras $ras[] = array( 'roleid' => $CFG->defaultuserroleid, @@ -5191,6 +5208,11 @@ function get_users_by_capability($context, $capability, $fields='', $sort='', // Prune last entry if necessary if ($lastuserid !=0) { + if ($frontpageroleinteresting) { + // add frontpage role if interesting + $ras[] = array('roleid' => $CFG->defaultfrontpageroleid, + 'depth' => $context->depth); + } if ($defaultroleinteresting) { // add the role at the end of $ras $ras[] = array( 'roleid' => $CFG->defaultuserroleid,