The only case when sesskey is not available is when we came to
subscribe.php from a link in email. In that case, we display a
confirmation page that redirects back providing the sesskey.
All other links to subscribe.php are fixed now so they provide sesskey
as a parameter.
I also polished $mode parameter handling a bit because the check
against empty string was not correct as the value is cast to PARAM_INT.
The string [cannotsubscribe,mod_forum] is supposed to be used for group
membership check only. I have fixed the two other usages of the string.
Note that the condition if (forum_subscribe()) was useless as the
function return true values only now after $DB conversion.
Previous string was used together with the legacy:guest capability.
However, the current code checks is_enrolled() instead. This led to a
weird situation when non-enrolled admin or manager could not subscribe
to a forum and the error message was completely confusing for them.
This check-in removes about 400 lines of code. I hope I have not screwed anything up. I would be grateful if people could review this change, and keep an eye on the navigation bar in modules.
Any navigation bar bugs you find in the near future, feel free to file them in the tracker and assign them to me. Thanks.
If not to many problems are found, I think I would like to backport this to 1.9 stable, but I am not sure that is a good idea. Opinions to the General Developer Forum please. I am about to start a thread there.
- Removed $course parameter from build_navigation()
- Updated all calls to build_navigation()
Author: Matt Clarkson <mattc@catalyst.net.nz>
Committer: Matt Clarkson <mattc@catalyst.net.nz>
The API was changed slightly so that has_capability now takes the
whole $context object (we almost always have it anyway)
The $kill thing was removed. If you want to assert a capability
then use:
require_capability('capname', $context);
with optional variables to modify the error message
Misc bugs here and there also removed and code tidied
=======================================
WARNING: DEV IS CURRENTLY VERY UNSTABLE.
This is a mega-checkin of the new Roles system. A lot of changes have
been made in core and modules.
Currently there are a lot of rough edges and known problems. We are
working hard on these .. .the reason for getting this into HEAD at this
stage is enable us to move faster (our branch was diverging from HEAD
too much).
Please keep an eye on http://docs.moodle.org/en/Roles for current status
and information for developers on how to use the new Roles system.
(While I was at it I also turned the autologinguests off for most module pages, except on the index.php pages and the view.php pages for those modules that allow guests)
