From f63d29223eece2ce3c400fb4218e7ed688e40aff Mon Sep 17 00:00:00 2001
From: sam_marshall <sam_marshall>
Date: Tue, 30 Oct 2007 16:19:47 +0000
Subject: [PATCH] MDL-11916 Added managegroupevents capability

---
 calendar/event.php    | 19 +++++++++----------
 calendar/lib.php      | 35 ++++++++++++++++++++---------------
 lang/en_utf8/role.php |  1 +
 lib/db/access.php     | 13 +++++++++++++
 version.php           |  2 +-
 5 files changed, 44 insertions(+), 26 deletions(-)

diff --git a/calendar/event.php b/calendar/event.php
index 7c3450b0551..bc37b72d44a 100644
--- a/calendar/event.php
+++ b/calendar/event.php
@@ -619,16 +619,15 @@ function calendar_add_event_allowed($event) {
             return has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $event->courseid));
 
         case 'group':
-            if (! groups_group_exists($event->groupid)) { //TODO:check.
-                return false;
-            }
-            // this is ok because if you have this capability at course level, you should be able
-            // to edit group calendar too
-            // there is no need to check membership, because if you have this capability
-            // you will have a role in this group context
-            $group = get_record('groups', 'id', $event->groupid); 
-            //return has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_GROUP, $event->groupid));
-            return has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $group->courseid));
+            // Allow users to add/edit group events if:
+            // 1) They have manageentries (= entries for whole course)
+            // 2) They have managegroupentries AND are in the group
+            $group = get_record('groups', 'id', $event->groupid);         
+            return $group && (
+                has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $group->courseid)) ||
+                (has_capability('moodle/calendar:managegroupentries', get_context_instance(CONTEXT_COURSE, $group->courseid))
+                    && groups_is_member($event->groupid)));
+
         case 'user':
             if ($event->userid == $USER->id) {
                 return (has_capability('moodle/calendar:manageownentries', $sitecontext));
diff --git a/calendar/lib.php b/calendar/lib.php
index 7bb5d7d6fea..4f6439e387f 100644
--- a/calendar/lib.php
+++ b/calendar/lib.php
@@ -1328,16 +1328,14 @@ function calendar_edit_event_allowed($event) {
 
     // if groupid is set, it's definitely a group event
     if ($event->groupid) {
-        //TODO:check.
-        if (! groups_group_exists($event->groupid)) {
-            return false;
-        }
-
-        // this is ok because if you have this capability at course level, you should be able
-        // to edit group calendar too
-        // there is no need to check membership, because if you have this capability
-        // you will have a role in this group context
-        return has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_GROUP, $event->groupid));
+        // Allow users to add/edit group events if:
+        // 1) They have manageentries (= entries for whole course)
+        // 2) They have managegroupentries AND are in the group
+        $group = get_record('groups', 'id', $event->groupid);
+        return $group && (
+            has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $group->courseid)) ||
+            (has_capability('moodle/calendar:managegroupentries', get_context_instance(CONTEXT_COURSE, $group->courseid))
+                && groups_is_member($event->groupid)));
     } else if ($event->courseid) {
     // if groupid is not set, but course is set,
     // it's definiely a course event
@@ -1524,13 +1522,20 @@ function calendar_get_allowed_types(&$allowed) {
     $allowed->courses = false; // This may change just below
     $allowed->site = has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, SITEID));
 
-    if(!empty($SESSION->cal_course_referer) && $SESSION->cal_course_referer != SITEID && has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $SESSION->cal_course_referer))) {
+    if(!empty($SESSION->cal_course_referer) && $SESSION->cal_course_referer != SITEID) {
         $course = get_record('course', 'id', $SESSION->cal_course_referer);
+        $coursecontext = get_context_instance(CONTEXT_COURSE, $SESSION->cal_course_referer);
 
-        $allowed->courses = array($course->id => 1);
-
-        if($course->groupmode != NOGROUPS || !$course->groupmodeforce) {
-            $allowed->groups = groups_get_all_groups($SESSION->cal_course_referer);
+        if(has_capability('moodle/calendar:manageentries', $coursecontext)) {
+            $allowed->courses = array($course->id => 1);
+    
+            if($course->groupmode != NOGROUPS || !$course->groupmodeforce) {
+                $allowed->groups = groups_get_all_groups($SESSION->cal_course_referer);
+            }
+        } else if(has_capability('moodle/calendar:managegroupentries', $coursecontext)) {
+            if($course->groupmode != NOGROUPS || !$course->groupmodeforce) {
+                $allowed->groups = groups_get_all_groups($SESSION->cal_course_referer, $USER->id);
+            }
         }
     }
 }
diff --git a/lang/en_utf8/role.php b/lang/en_utf8/role.php
index 58003bd581f..2c3ae634aeb 100644
--- a/lang/en_utf8/role.php
+++ b/lang/en_utf8/role.php
@@ -16,6 +16,7 @@ $string['blog:managepersonaltags'] = 'Manage personal tags';
 $string['blog:view'] = 'View blog entries';
 $string['block:view'] = 'View block';
 $string['calendar:manageentries'] = 'Manage any calendar entries';
+$string['calendar:managegroupentries'] = 'Manage group calendar entries';
 $string['calendar:manageownentries'] = 'Manage own calendar entries';
 $string['capabilities'] = 'Capabilities';
 $string['capability'] = 'Capability';
diff --git a/lib/db/access.php b/lib/db/access.php
index 66ab79b5361..953d7627147 100644
--- a/lib/db/access.php
+++ b/lib/db/access.php
@@ -727,6 +727,19 @@ $moodle_capabilities = array(
         )
     ),
 
+    'moodle/calendar:managegroupentries' => array(
+
+        'riskbitmask' => RISK_SPAM,
+
+        'captype' => 'write',
+        'contextlevel' => CONTEXT_SYSTEM,
+        'legacy' => array(
+            'teacher' => CAP_ALLOW,
+            'editingteacher' => CAP_ALLOW,
+            'admin' => CAP_ALLOW
+        )
+    ),
+
     'moodle/calendar:manageentries' => array(
 
         'riskbitmask' => RISK_SPAM,
diff --git a/version.php b/version.php
index 3256efd4134..049b4d01856 100644
--- a/version.php
+++ b/version.php
@@ -6,7 +6,7 @@
 // This is compared against the values stored in the database to determine
 // whether upgrades should be performed (see lib/db/*.php)
 
-    $version = 2007101500;  // YYYYMMDD = date
+    $version = 2007101501;  // YYYYMMDD = date
                             //       XY = increments within a single day
 
     $release = '2.0 dev';   // Human-friendly version name