if ($site = get_site()) { // If false then this is a new installation
require_login();
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (!has_capability('moodle/site:config', $context->id)) {
+ if (!has_capability('moodle/site:config', $context)) {
error('Only the admin can use this page');
}
}
require_login();
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (!has_capability('moodle/site:config', $context->id)) {
+ if (!has_capability('moodle/site:config', $context)) {
error('Only the admin can use this page');
}
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (!has_capability('moodle/site:config', $context->id)) {
+ if (!has_capability('moodle/site:config', $context)) {
print_error("permissionconfig", '', "$CFG->wwwroot/login/index.php");
}
redirect("$CFG->wwwroot/$CFG->admin/index.php");
}
- if (! $context = get_record("context", "id", $contextid)) {
+ if (! $context = get_context_instance_by_id($contextid)) {
error("Context ID was incorrect (can't find it)");
}
- if (!has_capability('moodle/role:assign', $context->id)) {
- error('You do not have the required permission to assign roles to users.');
- }
+
+ require_login();
+
+ require_capability('moodle/role:assign', $context);
/**
- * TO DO:
+ * TODO XXX:
* Permission check to see whether this user can assign people to this role
* needs to be:
* 1) has the capability to assign
* end of permission checking
*/
- require_login();
$strassignusers = get_string('assignusers', 'role');
$strpotentialusers = get_string('potentialusers', 'role');
$strsearch = get_string('search');
$strshowall = get_string('showall');
- $context = get_record('context', 'id', $contextid);
-
$currenttab = '';
$tabsmode = 'assign';
include_once('tabs.php');
$timemodified = time();
foreach ($frm->addselect as $adduser) {
$adduser = clean_param($adduser, PARAM_INT);
- if (! role_assign($roleid, $adduser, 0, $contextid, $timestart, $timeend, $hidden)) {
+ if (! role_assign($roleid, $adduser, 0, $context->id, $timestart, $timeend, $hidden)) {
error("Could not add user with id $adduser to this role!");
}
}
} else if ($remove and !empty($frm->removeselect) and confirm_sesskey()) {
foreach ($frm->removeselect as $removeuser) {
$removeuser = clean_param($removeuser, PARAM_INT);
- if (! role_unassign($roleid, $removeuser, 0, $contextid)) {
+ if (! role_unassign($roleid, $removeuser, 0, $context->id)) {
error("Could not remove user with id $removeuser from this role!");
}
}
/// Get all existing students and teachers for this course.
$existinguserarray = array();
- $SQL = "select u.* from {$CFG->prefix}role_assignments r, {$CFG->prefix}user u where contextid = $contextid and roleid = $roleid and u.id = r.userid"; // join now so that we can just use fullname() later
+ $SQL = "select u.* from {$CFG->prefix}role_assignments r, {$CFG->prefix}user u where contextid = $context->id and roleid = $roleid and u.id = r.userid"; // join now so that we can just use fullname() later
if (!$contextusers = get_records_sql($SQL)) {
$contextusers = array();
// prints a form to swap roles
print ('<form name="rolesform" action="assign.php" method="post">');
- print ('<div align="center">'.$strcurrentcontext.': '.print_context_name($contextid).'<br/>');
- print ('<input type="hidden" name="contextid" value="'.$contextid.'">'.$strcurrentrole.': ');
+ print ('<div align="center">'.$strcurrentcontext.': '.print_context_name($context).'<br/>');
+ print ('<input type="hidden" name="contextid" value="'.$context->id.'">'.$strcurrentrole.': ');
choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
print ('</div></form>');
$confirm = optional_param('confirm', 0, PARAM_BOOL);
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
- $contextid = $sitecontext->id;
if (!isadmin()) {
error('Only admins can access this page');
case 'add':
$newrole = create_role($name, $description);
-
+
$ignore = array('roleid', 'sesskey', 'action', 'name', 'description', 'contextid');
-
+
$data = data_submitted();
-
- foreach ($data as $capname => $value) {
- if (in_array($capname, $ignore)) {
- continue;
+
+ foreach ($data as $capname => $value) {
+ if (in_array($capname, $ignore)) {
+ continue;
}
- assign_capability($capname, $value, $newrole, $contextid);
-
+ assign_capability($capname, $value, $newrole, $sitecontext->id);
+
}
break;
$data = data_submitted();
- foreach ($data as $capname => $value) {
- if (in_array($capname, $ignore)) {
- continue;
+ foreach ($data as $capname => $value) {
+ if (in_array($capname, $ignore)) {
+ continue;
}
-
+
// edit default caps
$SQL = "select * from {$CFG->prefix}role_capabilities where
- roleid = $roleid and capability = '$capname' and contextid = $contextid";
-
+ roleid = $roleid and capability = '$capname' and contextid = $sitecontext->id";
+
$localoverride = get_record_sql($SQL);
-
- if ($localoverride) { // update current overrides
-
- if ($value == 0) { // inherit = delete
-
- unassign_capability($capname, $roleid, $contextid);
-
- } else {
-
- $localoverride->permission = $value;
- $localoverride->timemodified = time();
- $localoverride->modifierid = $USER->id;
- update_record('role_capabilities', $localoverride);
-
- }
-
+
+ if ($localoverride) { // update current overrides
+
+ if ($value == 0) { // inherit = delete
+
+ unassign_capability($capname, $roleid, $sitecontext->id);
+
+ } else {
+
+ $localoverride->permission = $value;
+ $localoverride->timemodified = time();
+ $localoverride->modifierid = $USER->id;
+ update_record('role_capabilities', $localoverride);
+
+ }
+
} else { // insert a record
-
- assign_capability($capname, $value, $roleid, $contextid);
+
+ assign_capability($capname, $value, $roleid, $sitecontext->id);
}
-
+
}
// update normal role settings
choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform1.submit()');
print ('</div></form>');
- $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
- $contextid = $sitecontext->id;
-
// this is the array holding capabilities of this role sorted till this context
- $r_caps = role_context_capabilities($roleid, $sitecontext->id);
+ $r_caps = role_context_capabilities($roleid, $sitecontext);
// this is the available capabilities assignable in this context
- $capabilities = fetch_context_capabilities($sitecontext->id);
+ $capabilities = fetch_context_capabilities($sitecontext);
print_simple_box_start();
include_once('manage.html');
if ($newuser && confirm_sesskey()) { // Create a new user
- if (!has_capability('moodle/user:create', $context->id)) {
+ if (!has_capability('moodle/user:create', $context)) {
error('You do not have the required permission to create new users.');
}
} else { // List all users for editing
- if (!has_capability('moodle/user:update', $context->id)) {
+ if (!has_capability('moodle/user:update', $context)) {
error('You do not have the required permission to edit users.');
}
} else if ($delete and confirm_sesskey()) { // Delete a selected user, after confirmation
- if (!has_capability('moodle/user:delete', $context->id)) {
+ if (!has_capability('moodle/user:delete', $context)) {
error('You do not have the required permission to delete a user.');
}
if ($user->id == $USER->id or $user->username == "changeme") {
$deletebutton = "";
} else {
- if (has_capability('moodle/user:delete', $context->id)) {
+ if (has_capability('moodle/user:delete', $context)) {
$deletebutton = "<a href=\"user.php?delete=$user->id&sesskey=$USER->sesskey\">$strdelete</a>"; } else {
$deletebutton ="";
}
}
$fullname = fullname($user, true);
- if (has_capability('moodle/user:edit', $context->id)) {
+ if (has_capability('moodle/user:edit', $context)) {
$table->data[] = array ("<a href=\"../user/view.php?id=$user->id&course=$site->id\">$fullname</a>",
"$user->email",
echo "</form>";
echo "</td></tr></table>";
- if (has_capability('moodle/user:create', $context->id)) {
+ if (has_capability('moodle/user:create', $context)) {
print_heading("<a href=\"user.php?newuser=true&sesskey=$USER->sesskey\">".get_string("addnewuser")."</a>");
}
if (!empty($table)) {
print_paging_bar($usercount, $page, $perpage,
"user.php?sort=$sort&dir=$dir&perpage=$perpage".
"&firstinitial=$firstinitial&lastinitial=$lastinitial&search=".urlencode(stripslashes($search))."&");
- if (has_capability('moodle/user:create', $context->id)) {
+ if (has_capability('moodle/user:create', $context)) {
print_heading("<a href=\"user.php?newuser=true&sesskey=$USER->sesskey\">".get_string("addnewuser")."</a>");
}
}
print_footer();
}
-?>
\ No newline at end of file
+?>
$table->data[] = array("<b><a href=\"auth.php?sesskey=$USER->sesskey\">".get_string("authentication")."</a></b>",
get_string("adminhelpauthentication"));
- if (has_capability('moodle/user:update', $context->id)) {
+ if (has_capability('moodle/user:update', $context)) {
$table->data[] = array("<b><a href=\"user.php\">".get_string("edituser")."</a></b>",
get_string("adminhelpedituser"));
}
- if (has_capability('moodle/user:create', $context->id)) {
+ if (has_capability('moodle/user:create', $context)) {
$table->data[] = array("<b><a href=\"$CFG->wwwroot/$CFG->admin/user.php?newuser=true&sesskey=$USER->sesskey\">".get_string("addnewuser")."</a></b>",
get_string("adminhelpaddnewuser"));
}
- if (has_capability('moodle/user:create', $context->id)) {
+ if (has_capability('moodle/user:create', $context)) {
$table->data[] = array("<b><a href=\"$CFG->wwwroot/$CFG->admin/uploaduser.php?sesskey=$USER->sesskey\">".get_string("uploadusers")."</a></b>",
get_string("adminhelpuploadusers"));
}
global $CFG, $USER;
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (has_capability('moodle/site:config', $context->id)) {
+ if (has_capability('moodle/site:config', $context)) {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/'.$CFG->admin.'/configure.php">'.get_string('configuration').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/admin.gif" alt="" />';
}
- if (has_capability('moodle/site:config', $context->id)) {
+ if (has_capability('moodle/site:config', $context)) {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/'.$CFG->admin.'/users.php">'.get_string('users').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/users.gif" alt="" />';
}
- if (has_capability('moodle/site:backup', $context->id)) {
+ if (has_capability('moodle/site:backup', $context)) {
$this->content->items[]='<a href="'.$CFG->wwwroot.'/backup/backup.php?id='.SITEID.'">'.get_string('backup').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/backup.gif" alt="" />';
}
- if (has_capability('moodle/site:restore', $context->id)) {
+ if (has_capability('moodle/site:restore', $context)) {
$this->content->items[]='<a href="'.$CFG->wwwroot.'/files/index.php?id='.SITEID.'&wdir=/backupdata">'.get_string('restore').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/restore.gif" alt="" />';
}
- if (has_capability('moodle/course:create', $context->id)) {
+ if (has_capability('moodle/course:create', $context)) {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/course/index.php?edit=on&sesskey='.sesskey().'">'.get_string('courses').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/course.gif" alt="" />';
}
- if (has_capability('moodle/site:config', $context->id)) {
+ if (has_capability('moodle/site:config', $context)) {
$this->content->items[] = '<a href="'.$CFG->wwwroot.'/course/report/log/index.php?id='.SITEID.'">'.get_string('logs').'</a>';
$this->content->icons[] = '<img src="'.$CFG->pixpath.'/i/log.gif" alt="" />';
$isteacheredit = isteacheredit($this->instance->pageid);
- if (has_capability('moodle/course:update', $context->id)) {
+ if (has_capability('moodle/course:update', $context)) {
//if (isteacheredit($this->instance->pageid)) {
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/edit.gif" alt="" />';
if (isediting($this->instance->pageid)) {
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/user.gif" alt="" />';
/// always need a role assignment link
- if (has_capability('moodle/role:assign', $context->id)) {
+ if (has_capability('moodle/role:assign', $context)) {
$this->content->items[]='<a href="'.$CFG->wwwroot.'/admin/roles/roleassignment.php?contextid='.$context->id.'">'.get_string('assignusers', 'roles').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/users.gif" alt="" />';
}
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/group.gif" alt="" />';
}
- if (has_capability('moodle/site:backup', $context->id)) {
+ if (has_capability('moodle/site:backup', $context)) {
$this->content->items[]='<a href="'.$CFG->wwwroot.'/backup/backup.php?id='.$this->instance->pageid.'">'.get_string('backup').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/backup.gif" alt="" />';
}
- if (has_capability('moodle/site:restore', $context->id)) {
+ if (has_capability('moodle/site:restore', $context)) {
$this->content->items[]='<a href="'.$CFG->wwwroot.'/files/index.php?id='.$this->instance->pageid.'&wdir=/backupdata">'.get_string('restore').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/restore.gif" alt="" />';
}
$this->content->items[]='<a href="'.$CFG->wwwroot.'/course/import.php?id='.$this->instance->pageid.'">'.get_string('import').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/restore.gif" alt="" />';
- if (has_capability('moodle/site:import', $context->id)) {
+ if (has_capability('moodle/site:import', $context)) {
$this->content->items[]='<a href="'.$CFG->wwwroot.'/course/reset.php?id='.$this->instance->pageid.'">'.get_string('reset').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/return.gif" alt="" />';
}
$this->content->items[]='<a href="'.$CFG->wwwroot.'/question/edit.php?courseid='.$this->instance->pageid.'&clean=true">'.get_string('questions', 'quiz').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/questions.gif" alt="" />';
- if (has_capability('moodle/course:managescales', $context->id)) {
+ if (has_capability('moodle/course:managescales', $context)) {
$this->content->items[]='<a href="scales.php?id='.$this->instance->pageid.'">'.get_string('scales').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/scales.gif" alt="" />';
}
$context = get_context_instance(CONTEXT_COURSE, $this->instance->pageid);
}
- if (!has_capability('moodle/site:manageblocks', $context->id)) {
+ if (!has_capability('moodle/site:manageblocks', $context)) {
return null;
}
break;
$context = get_context_instance(CONTEXT_COURSE, $this->instance->pageid);
}
- if (!has_capability('moodle/course:viewparticipants', $context->id)) {
+ if (!has_capability('moodle/course:viewparticipants', $context)) {
$this->context = '';
return $this->content;
}
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
-if (!has_capability('moodle/blog:readentries', $context->id)) {
+if (!has_capability('moodle/blog:readentries', $context)) {
error(get_string('nopost', 'blog'), $referrer);
}
$blogEntry = get_record('post', 'id', $editid);
- if (!blog_user_can_edit_post($blogEntry, $context->id)) {
+ if (!blog_user_can_edit_post($blogEntry, $context)) {
error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
}
}
// check ownership
$blogEntry = get_record('post','id',$postid);
- if (blog_user_can_edit_post($blogEntry, $context->id)) {
+ if (blog_user_can_edit_post($blogEntry, $context->id)) { /// XXX TODO
if (delete_records('post','id',$postid)) {
//echo "bloginfo_arg:"; //debug
case 'site':
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
if ($CFG->bloglevel < BLOG_SITE_LEVEL &&
- !has_capability('moodle/site:config', $context->id)) {
+ !has_capability('moodle/site:config', $context)) {
error('Site blogs is not enabled');
} else if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) {
require_login();
case 'course':
$context = get_context_instance(CONTEXT_COURSE, $courseid);
if ($CFG->bloglevel < BLOG_COURSE_LEVEL &&
- !has_capability('moodle/course:update', $context->id)) {
+ !has_capability('moodle/course:update', $context)) {
error('Course blogs is not enabled');
}
- if (!has_capability('moodle/blog:readentry', $context->id)) {
+ if (!has_capability('moodle/blog:readentry', $context)) {
error('You do not have the required permissions to to view course blogs');
}
break;
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
$coursecontext = get_context_instance(CONTEXT_COURSE, $courseid);
if ($CFG->bloglevel < BLOG_GROUP_LEVEL &&
- !has_capability('moodle/site:config', $sitecontext->id)) {
+ !has_capability('moodle/site:config', $sitecontext)) {
error ('Group blogs is not enabled');
}
- if (!has_capability('moodle/course:update', $coursecontext->id) &&
+ if (!has_capability('moodle/course:update', $coursecontext) &&
groupmode($course) == SEPARATEGROUPS) {
if (!ismember($filterselect)) {
error ('You are not a member of this group');
/// check if user is editting teacher, or if spg, is member
break;
case 'user':
- $context = get_context_instance(CONTEXT_SYSTEM, $context->id);
+ $context = get_context_instance(CONTEXT_SYSTEM, $context->id); /// XXXXX TODO
if ($CFG->bloglevel < BLOG_USER_LEVEL &&
!has_capability('moodle/site:config', SITEID)) {
error ('Blogs is not enabled');
}
if ($CFG->bloglevel == BLOG_USER_LEVEL && $USER->id != $filterselect &&
- !has_capability('moodle/site:config', $context->id)) {
+ !has_capability('moodle/site:config', $context)) {
error ('Under this setting, you can only view your own blogs');
}
* the capability moodle/blog:writeentry, or if they have the capability
* moodle/blog:manageentries.
*/
- function blog_user_can_edit_post($blogEntry, $contextid) {
+ function blog_user_can_edit_post($blogEntry, $context) {
global $CFG, $USER;
- return ((has_capability('moodle/blog:writeentries', $contextid) &&
+ return ((has_capability('moodle/blog:writeentries', $context) &&
$blogEntry->userid == $USER->id) ||
- has_capability('moodle/blog:manageentries', $context->id));
+ has_capability('moodle/blog:manageentries', $context));
}
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (!has_capability('moodle/blog:readentry', $context->id)) {
+ if (!has_capability('moodle/blog:readentry', $context)) {
return false;
}
$filtertype.'&filterselect='.$filterselect.'&';
}
-?>
\ No newline at end of file
+?>
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
// Ensure that the logged in user has the capability to post blog entries.
- if (!has_capability('moodle/blog:writepost', $context->id)) {
+ if (!has_capability('moodle/blog:writepost', $context)) {
error(get_string('nopost', 'blog'), $referrer);
}
$userid = $USER->id;
<input type="hidden" name="sesskey" value="<?php echo sesskey(); ?>" />
<?php
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (has_capability('moodle/blog:manageofficialtags', $context->id)) {
+ if (has_capability('moodle/blog:manageofficialtags', $context)) {
?>
<select name="tags[]" multiple="multiple" size="8">
<?php
<tr>
<td>
- <?php if (has_capability('moodle/blog:manageofficialtags', $context->id)) { ?>
+ <?php if (has_capability('moodle/blog:manageofficialtags', $context)) { ?>
<form action="tags.php" method="POST">
<input type="hidden" name="sesskey" value="<?php echo sesskey(); ?>" />
<?php print_string('addotags','blog');?>:<br/>
switch ($mode) {
case 'addofficial':
/// Adding official tags.
- if (!has_capability('moodle/blog:manageofficialtags', $context->id) || !confirm_sesskey()) {
+ if (!has_capability('moodle/blog:manageofficialtags', $context) || !confirm_sesskey()) {
die('you can not add official tags');
}
case 'addpersonal':
/// Everyone can add personal tags as long as they can write blog entries.
if (!confirm_sesskey() ||
- !has_capability('moodle/blog:writeentries', $context->id) ||
+ !has_capability('moodle/blog:writeentries', $context) ||
!isset($USER->id)) {
error ('you can not add tags');
}
// You can only delete your own tags, or you have to have the
// moodle/blog:manageofficialtags capability.
- if (!has_capability('moodle/blog:manageofficialtags', $context->id)
+ if (!has_capability('moodle/blog:manageofficialtags', $context)
&& $USER->id != $blogtag->userid) {
notify(get_string('norighttodeletetag','blog', $blogtag->text));
continue;
// You can only delete tags that are referenced if you have
// the moodle/blog:manageofficialtags capability.
- if (!has_capability('moodle/blog:manageofficialtags', $context->id)
+ if (!has_capability('moodle/blog:manageofficialtags', $context)
&& get_records('blog_tag_instance','tagid', $tag)) {
notify('tag is used by other users, can not delete!');
continue;
print_footer();
-?>
\ No newline at end of file
+?>
echo '<a title="'.$strassignteachers.'" href="'.$CFG->wwwroot.'/course/teacher.php?id='.
$acourse->id.'">'.
'<img src="'.$CFG->pixpath.'/t/user.gif" height="11" width="11" border="0" alt="'.$strassignteachers.'" /></a> ';
- if (has_capability('moodle/course:delete', $context->id)) {
+ if (has_capability('moodle/course:delete', $context)) {
echo '<a title="'.$strdelete.'" href="delete.php?id='.$acourse->id.'">'.
'<img src="'.$CFG->pixpath.'/t/delete.gif" height="11" width="11" border="0" alt="'.$strdelete.'" /></a> ';
}
- if (has_capability('moodle/course:visibility', $context->id)) {
+ if (has_capability('moodle/course:visibility', $context)) {
if (!empty($acourse->visible)) {
echo '<a title="'.$strhide.'" href="category.php?id='.$category->id.'&page='.$page.
'&perpage='.$perpage.'&hide='.$acourse->id.'&sesskey='.$USER->sesskey.'">'.
}
}
- if (has_capability('moodle/site:backup', $context->id)) {
+ if (has_capability('moodle/site:backup', $context)) {
echo '<a title="'.$strbackup.'" href="../backup/backup.php?id='.$acourse->id.'">'.
'<img src="'.$CFG->pixpath.'/t/backup.gif" height="11" width="11" border="0" alt="" /></a> ';
}
- if (has_capability('moodle/site:restore', $context->id)) {
+ if (has_capability('moodle/site:restore', $context)) {
echo '<a title="'.$strrestore.'" href="../files/index.php?id='.$acourse->id.
'&wdir=/backupdata">'.
'<img src="'.$CFG->pixpath.'/t/restore.gif" height="11" width="11" border="0" alt="" /></a> ';
}
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (has_capability('moodle/course:create', $context->id)) { /// Print button to create a new course
+ if (has_capability('moodle/course:create', $context)) { /// Print button to create a new course
unset($options);
$options['category'] = $category->id;
print_single_button('edit.php', $options, get_string('addnewcourse'), 'get');
}
$context = get_context_instance(CONTEXT_COURSECAT, $id);
- if (has_capability('moodle/category:update', $context->id)) { /// Print form to rename the category
+ if (has_capability('moodle/category:update', $context)) { /// Print form to rename the category
$strrename= get_string('rename');
echo '<form name="renameform" action="category.php" method="post">';
echo '<input type="hidden" name="id" value="'.$category->id.'" />';
$context = get_context_instance(CONTEXT_COURSE, $id);
- if (!has_capability('moodle/course:update', $context->id)) {
+ if (!has_capability('moodle/course:update', $context)) {
error("You do not currently have editing privileges!");
}
} else { // Admin is creating a new course
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (!has_capability('moodle/course:create',$context->id)) {
+ if (!has_capability('moodle/course:create',$context)) {
error("You do not currently have course creation privileges!");
}
$context = get_context_instance(CONTEXT_GROUP, $group->id);
// this is really weird
- if (!has_capability('moodle/course:managegroups', $context->id)) {
+ if (!has_capability('moodle/course:managegroups', $context)) {
close_window();
}
require_login($course->id);
$context = get_context_instance(CONTEXT_COURSE, $course->id);
- if (!has_capability('moodle/course:managegroups', $context->id)) {
+ if (!has_capability('moodle/course:managegroups', $context)) {
redirect("group.php?id=$course->id"); // Not allowed to see all groups
}
/// If data for a new category was submitted, then add it
- if ($form = data_submitted() and confirm_sesskey() and has_capability('moodle/category:create', $context->id)) {
+ if ($form = data_submitted() and confirm_sesskey() and has_capability('moodle/category:create', $context)) {
if (!empty($form->addcategory)) {
unset($newcategory);
$newcategory->name = $form->addcategory;
// context is coursecat, if not present admins should have it set in site level
$context = get_context_instance(CONTEXT_COURSECAT, $delete);
- if ($deletecat = get_record("course_categories", "id", $delete) and has_capability('moodle/category:delete', $context->id)) {
+ if ($deletecat = get_record("course_categories", "id", $delete) and has_capability('moodle/category:delete', $context)) {
if (!empty($sure) && $sure == md5($deletecat->timemodified)) {
/// Send the children categories to live with their grandparent
if ($childcats = get_records("course_categories", "parent", $deletecat->id)) {
fix_course_sortorder();
/// Print form for creating new categories
- if (has_capability('moodle/category:create', $context->id)) {
+ if (has_capability('moodle/category:create', $context)) {
echo "<center>";
echo "<form name=\"addform\" action=\"index.php\" method=\"post\">";
echo "<input type=\"text\" size=\"30\" alt=\"$straddnewcategory\" name=\"addcategory\" />";
$options["category"] = $category->id;
- if (has_capability('moodle/course:create', $context->id)) {
+ if (has_capability('moodle/course:create', $context)) {
print_single_button("edit.php", $options, get_string("addnewcourse"), "get");
}
print_single_button('pending.php',NULL, get_string('coursespending'),"get");
echo "<td nowrap=\"nowrap\">"; /// Print little icons
- if (has_capability('moodle/category:delete', $context->id)) {
+ if (has_capability('moodle/category:delete', $context)) {
echo "<a title=\"$str->delete\" href=\"index.php?delete=$category->id&sesskey=$USER->sesskey\"><img".
" src=\"$CFG->pixpath/t/delete.gif\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" /></a> ";
}
- if (has_capability('moodle/category:visibility', $context->id)) {
+ if (has_capability('moodle/category:visibility', $context)) {
if (!empty($category->visible)) {
echo "<a title=\"$str->hide\" href=\"index.php?hide=$category->id&sesskey=$USER->sesskey\"><img".
" src=\"$CFG->pixpath/t/hide.gif\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" /></a> ";
} else {
print_heading(get_string("nocoursesyet"));
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (has_capability('moodle/course:create', $context->id)) {
+ if (has_capability('moodle/course:create', $context)) {
$options = array();
$options['category'] = $category->id;
echo '<div class="addcoursebutton" align="center">';
}
$context = get_context_instance(CONTEXT_COURSE, $course->id);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
$mod->course = $course->id;
$mod->modulename = clean_param($mod->modulename, PARAM_SAFEDIR); // For safety
}
$context = get_context_instance(CONTEXT_COURSE, $section->course);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
if (!ismoving($section->course)) {
error("You need to copy something first!");
}
$context = get_context_instance(CONTEXT_COURSE, $cm->course);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
$cm->indent += $indent;
}
$context = get_context_instance(CONTEXT_COURSE, $cm->course);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
set_coursemodule_visible($cm->id, 0);
}
$context = get_context_instance(CONTEXT_COURSE, $cm->course);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
if (! $section = get_record("course_sections", "id", $cm->section)) {
error("This module doesn't exist");
}
$context = get_context_instance(CONTEXT_COURSE, $cm->course);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
set_coursemodule_groupmode($cm->id, $groupmode);
}
$context = get_context_instance(CONTEXT_COURSE, $cm->course);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
if (! $section = get_record("course_sections", "id", $cm->section)) {
error("This module doesn't exist");
}
$context = get_context_instance(CONTEXT_COURSE, $cm->course);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
if (! $module = get_record("modules", "id", $cm->module)) {
error("This module doesn't exist");
}
$context = get_context_instance(CONTEXT_COURSE, $course->id);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
if (! $module = get_record("modules", "id", $cm->module)) {
error("This module doesn't exist");
}
$context = get_context_instance(CONTEXT_COURSE, $course->id);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
if (! $module = get_record("modules", "id", $cm->module)) {
error("This module doesn't exist");
}
$context = get_context_instance(CONTEXT_COURSE, $course->id);
- has_capability('moodle/course:update', $context->id, true);
+ require_capability('moodle/course:update', $context);
$streditinga = get_string("editinga", "moodle", $fullmodulename);
$strmodulenameplural = get_string("modulenameplural", $module->name);
//If action is details, show the popup info
if ($action == "details") {
//Check for teacher edit
- has_capability('moodle/course:managescales', $context->id, true);
+ require_capability('moodle/course:managescales', $context);
//Check for scale
if (! $scale = get_record("scale", "id", $scaleid)) {
$sesskey = !empty($USER->id) ? $USER->sesskey : '';
- has_capability('moodle/course:managescales', $context->id, true);
+ require_capability('moodle/course:managescales', $context);
//Check for scale if action = edit
if ($action == "edit") {
//If action is delete, do it
if ($action == "delete" and confirm_sesskey()) {
//Check for teacher edit
- has_capability('moodle/course:managescales', $context->id, true);
+ require_capability('moodle/course:managescales', $context);
//Check for scale if action = edit
if (! $scale = get_record("scale", "id", $scaleid)) {
error("Scale ID was incorrect");
//If action is down or up, do it
if (($action == "down" || $action == "up") and confirm_sesskey()) {
//Check for teacher edit
- has_capability('moodle/course:managescales', $context->id, true);
+ require_capability('moodle/course:managescales', $context);
//Check for scale if action = edit
if (! $scale = get_record("scale", "id", $scaleid)) {
error("Scale ID was incorrect");
}
if ($list) { /// Just list the scales (in a helpwindow)
- has_capability('moodle/course:viewscales', $context->id, true);
+ require_capability('moodle/course:viewscales', $context);
print_header($strscales);
if (!empty($scaleid)) {
}
} else {
- if (has_capability('moodle/course:managescales', $context->id)) {
+ if (has_capability('moodle/course:managescales', $context)) {
echo "<p align=\"center\">(";
print_string("scalestip");
echo ")</p>";
/// The rest is all about editing the scales
- has_capability('moodle/course:managescales', $context->id, true);
+ require_capability('moodle/course:managescales', $context);
/// Print out the main page
/**
* This functions get all the course categories in proper order
- * @param int $contextid
+ * @param int $context
* @param int $type
* @return array of contextids
*/
-function get_parent_cats($contextid, $type) {
+function get_parent_cats($context, $type) {
$parents = array();
- $context = get_context_instance_by_id($contextid);
switch($type) {
/* Functions for Roles & Capabilites */
+/**
+ * This function checks for a capability assertion being true. If it isn't
+ * then the page is terminated neatly with a standard error message
+ * @param string $capability - name of the capability
+ * @param object $context - a context object (record from context table)
+ * @param integer $userid - a userid number
+ * @param string $errorstring - an errorstring
+ */
+function require_capability($capability, $context=NULL, $userid=NULL, $errormessage="nopermissions", $stringfile='') {
+ if (!has_capability($capability, $context, $userid)) {
+ $capabilityname = get_capability_string($capability);
+ print_error($errormessage, $stringfile, '', $capabilityname);
+ }
+}
+
+
/**
* This function returns whether the current user has the capability of performing a function
* For example, we can do has_capability('mod/forum:replypost',$cm) in forum
* only one of the 4 (moduleinstance, courseid, site, userid) would be set at 1 time
* This is a recursive funciton.
- * Might change to require_capability, and throw an error if not authorized.
* @uses $USER
* @param string $capability - name of the capability
- * @param int $contextid
- * @param kill bool - if set, kill when the user has no capability
+ * @param object $context - a context object (record from context table)
+ * @param integer $userid - a userid number
* @return bool
*/
-function has_capability($capability, $contextid=NULL, $kill=false, $userid=NULL) {
+function has_capability($capability, $context=NULL, $userid=NULL) {
global $USER, $CONTEXT;
if ($userid && $userid != $USER->id) { // loading other user's capability
- $capabilities = load_user_capability($capability, $contextid, $userid);
+ $capabilities = load_user_capability($capability, $context, $userid);
} else {
$capabilities = $USER->capabilities;
}
- if (empty($contextid)) {
+ if (empty($context)) { // Use default CONTEXT if none specified
if (empty($CONTEXT)) {
return false;
} else {
$context = $CONTEXT;
}
- } else {
- $context = get_context_instance_by_id($contextid);
+ } else { // A context was given to us
+ if (empty($CONTEXT)) {
+ $CONTEXT = $context; // Store FIRST used context in this global as future default
+ }
}
// Check site
return ($capabilities[$sitecontext->id]['moodle/site:doanything']);
}
- switch (context_level($contextid)) {
+ switch ($context->level) {
case CONTEXT_COURSECAT:
// Check parent cats.
- $parentcats = get_parent_cats($contextid, CONTEXT_COURSECAT);
+ $parentcats = get_parent_cats($context, CONTEXT_COURSECAT);
foreach ($parentcats as $parentcat) {
if (isset($capabilities[$parentcat]['moodle/site:doanything'])) {
return ($capabilities[$parentcat]['moodle/site:doanything']);
case CONTEXT_COURSE:
// Check parent cat.
- $parentcats = get_parent_cats($contextid, CONTEXT_COURSE);
+ $parentcats = get_parent_cats($context, CONTEXT_COURSE);
foreach ($parentcats as $parentcat) {
if (isset($capabilities[$parentcat]['do_anything'])) {
}
// Last: check self.
- if (isset($capabilities[$contextid]['do_anything'])) {
- return ($capabilities[$contextid]['do_anything']);
+ if (isset($capabilities[$context->id]['do_anything'])) {
+ return ($capabilities[$context->id]['do_anything']);
}
// do_anything has not been set, we now look for it the normal way.
- return capability_search($capability, $contextid, $kill, $capabilities);
+ return capability_search($capability, $context, $capabilities);
}
* In a separate function so that we won't have to deal with do_anything.
* again. Used by function has_capability.
* @param $capability - capability string
- * @param $contextid - the context id
- * @param $kill - boolean. Error out and exit if the user doesn't have the
- * capability?
+ * @param $context - the context object
* @param $capabilities - either $USER->capability or loaded array
* @return permission (int)
*/
-function capability_search($capability, $contextid, $kill=false, $capabilities) {
+function capability_search($capability, $context, $capabilities) {
global $USER, $CFG;
-
+
if ($CFG->debug) {
- notify("We are looking for $capability in context $contextid", 'notifytiny');
+ notify("Looking for $capability in context $context->id", 'notifytiny');
}
- if (isset($capabilities[$contextid][$capability])) {
- return ($capabilities[$contextid][$capability]);
+ if (isset($capabilities[$context->id][$capability])) {
+ return ($capabilities[$context->id][$capability]);
}
/* Then, we check the cache recursively */
- $context = get_context_instance_by_id($contextid);
$permission = 0;
- switch (context_level($contextid)) {
+ switch ($context->level) {
case CONTEXT_SYSTEM: // by now it's a definite an inherit
$permission = 0;
break;
case CONTEXT_PERSONAL:
- $parent = get_context_instance(CONTEXT_SYSTEM, SITEID);
- $permission = (capability_search($capability, $parent->id, false, $capabilities));
+ $parentcontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
+ $permission = capability_search($capability, $parentcontext, $capabilities);
break;
case CONTEXT_USERID:
- $parent = get_context_instance(CONTEXT_SYSTEM, SITEID);
- $permission = (capability_search($capability, $parent->id, false, $capabilities));
+ $parentcontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
+ $permission = capability_search($capability, $parentcontext, $capabilities);
break;
case CONTEXT_COURSECAT: // Coursecat -> coursecat or site
$coursecat = get_record('course_categories','id',$context->instanceid);
- if ($coursecat->parent) { // return parent value if exist
- $parent = get_context_instance(CONTEXT_COURSECAT, $coursecat->parent);
+ if (!empty($coursecat->parent)) { // return parent value if it exists
+ $parentcontext = get_context_instance(CONTEXT_COURSECAT, $coursecat->parent);
} else { // else return site value
- $parent = get_context_instance(CONTEXT_SYSTEM, SITEID);
+ $parentcontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
}
- $permission = (capability_search($capability, $parent->id, false, $capabilities));
+ $permission = capability_search($capability, $parentcontext, $capabilities);
break;
case CONTEXT_COURSE: // 1 to 1 to course cat
// find the course cat, and return its value
$course = get_record('course','id',$context->instanceid);
- $parent = get_context_instance(CONTEXT_COURSECAT, $course->category);
- $permission = (capability_search($capability, $parent->id, false, $capabilities));
+ $parentcontext = get_context_instance(CONTEXT_COURSECAT, $course->category);
+ $permission = capability_search($capability, $parentcontext, $capabilities);
break;
case CONTEXT_GROUP: // 1 to 1 to course
$group = get_record('groups','id',$context->instanceid);
- $parent = get_context_instance(CONTEXT_COURSE, $group->courseid);
- $permission = (capability_search($capability, $parent->id, false, $capabilities));
+ $parentcontext = get_context_instance(CONTEXT_COURSE, $group->courseid);
+ $permission = capability_search($capability, $parentcontext, $capabilities);
break;
case CONTEXT_MODULE: // 1 to 1 to course
$cm = get_record('course_modules','id',$context->instanceid);
- $parent = get_context_instance(CONTEXT_COURSE, $cm->course);
- $permission = (capability_search($capability, $parent->id, false, $capabilities));
+ $parentcontext = get_context_instance(CONTEXT_COURSE, $cm->course);
+ $permission = capability_search($capability, $parentcontext, $capabilities);
break;
case CONTEXT_BLOCK: // 1 to 1 to course
$block = get_record('block_instance','id',$context->instanceid);
- $parent = get_context_instance(CONTEXT_COURSE, $block->pageid); // needs check
- $permission = (capability_search($capability, $parent->id, false, $capabilities));
+ $parentcontext = get_context_instance(CONTEXT_COURSE, $block->pageid); // needs check
+ $permission = capability_search($capability, $parentcontext, $capabilities);
break;
default:
return false;
}
- if ($kill && ($permission <= 0)) {
- error ('You do not have the required capability '.$capability);
- }
return $permission;
}
* [273][blah blah] = 1
* [273][blah blah blah] = 2
*/
-function load_user_capability($capability='', $contextid ='', $userid='') {
+function load_user_capability($capability='', $context ='', $userid='') {
global $USER, $CFG;
}
// First we generate a list of all relevant contexts of the user
- if ($contextid) { // if context is specified
- $context = get_context_instance_by_id($contextid);
-
- $usercontexts = get_parent_contexts($context->id);
+ if ($context) { // if context is specified
+ $usercontexts = get_parent_contexts($context);
$listofcontexts = '('.implode(',', $usercontexts).')';
} else { // else, we load everything
- $usercontexts = get_records('role_assignments','userid',$userid);
- $listofcontexts = '(';
- foreach ($usercontexts as $usercontext) {
- $listofcontexts .= $usercontext->contextid;
- $listofcontexts .= ',';
+ $userroles = get_records('role_assignments','userid',$userid);
+ $usercontexts = array();
+ foreach ($userroles as $userrole) {
+ $usercontexts[] = $userrole->contextid;
}
- $listofcontexts = rtrim ($listofcontexts, ",");
- $listofcontexts .= ')';
+ $listofcontexts = '('.implode(',', $usercontexts).')';
}
-
+
// Then we use 1 giant SQL to bring out all relevant capabilities.
// The first part gets the capabilities of orginal role.
// The second part gets the capabilities of overriden roles.
$usercap = array(); // for other user's capabilities
foreach ($capabilities as $capability) {
+ $context = get_context_instance_by_id($capability->id);
+
if (!empty($otheruserid)) { // we are pulling out other user's capabilities, do not write to session
- if (capability_prohibits($capability->capability, $capability->id, $capability->sum, $usercap)) {
+ if (capability_prohibits($capability->capability, $context, $capability->sum, $usercap)) {
$usercap[$capability->id][$capability->capability] = -9000;
continue;
}
} else {
- if (capability_prohibits($capability->capability, $capability->id, $capability->sum)) { // if any parent or parent's parent is set to prohibit
+ if (capability_prohibits($capability->capability, $context, $capability->sum)) { // if any parent or parent's parent is set to prohibit
$USER->capabilities[$capability->id][$capability->capability] = -9000;
continue;
}
*
* @param $capability - capability name
* @param $sum - sum of all capabilities values
- * @param $contextid - the context id
+ * @param $context - the context object
* @param $array - when loading another user caps, their caps are not stored in session but an array
*/
-function capability_prohibits($capability, $contextid, $sum='', $array='') {
+function capability_prohibits($capability, $context, $sum='', $array='') {
global $USER;
+
if ($sum < -8000) {
// If this capability is set to prohibit.
return true;
}
if (isset($array)) {
- if (isset($array[$contextid][$capability])
- && $array[$contextid][$capability] < -8000) {
+ if (isset($array[$context->id][$capability])
+ && $array[$context->id][$capability] < -8000) {
return true;
}
} else {
// Else if set in session.
- if (isset($USER->capabilities[$contextid][$capability])
- && $USER->capabilities[$contextid][$capability] < -8000) {
+ if (isset($USER->capabilities[$context->id][$capability])
+ && $USER->capabilities[$context->id][$capability] < -8000) {
return true;
}
}
- $context = get_context_instance_by_id($contextid);
- switch (context_level($contextid)) {
+ switch ($context->level) {
case CONTEXT_SYSTEM:
// By now it's a definite an inherit.
case CONTEXT_PERSONAL:
$parent = get_context_instance(CONTEXT_SYSTEM, SITEID);
- return (capability_prohibits($capability, $parent->id));
+ return capability_prohibits($capability, $parent);
break;
case CONTEXT_USERID:
$parent = get_context_instance(CONTEXT_SYSTEM, SITEID);
- return (capability_prohibits($capability, $parent->id));
+ return capability_prohibits($capability, $parent);
break;
case CONTEXT_COURSECAT:
// Return site value.
$parent = get_context_instance(CONTEXT_SYSTEM, SITEID);
}
- return (capability_prohibits($capability, $parent->id));
+ return capability_prohibits($capability, $parent);
break;
case CONTEXT_COURSE:
// Find the course cat, and return its value.
$course = get_record('course','id',$context->instanceid);
$parent = get_context_instance(CONTEXT_COURSECAT, $course->category);
- return (capability_prohibits($capability, $parent->id));
+ return capability_prohibits($capability, $parent);
break;
case CONTEXT_GROUP:
// 1 to 1 to course.
$group = get_record('groups','id',$context->instanceid);
$parent = get_context_instance(CONTEXT_COURSE, $group->courseid);
- return (capability_prohibits($capability, $parent->id));
+ return capability_prohibits($capability, $parent);
break;
case CONTEXT_MODULE:
// 1 to 1 to course.
$cm = get_record('course_modules','id',$context->instanceid);
$parent = get_context_instance(CONTEXT_COURSE, $cm->course);
- return (capability_prohibits($capability, $parent->id));
+ return capability_prohibits($capability, $parent);
break;
case CONTEXT_BLOCK:
// 1 to 1 to course.
$block = get_record('block_instance','id',$context->instanceid);
$parent = get_context_instance(CONTEXT_COURSE, $block->pageid); // needs check
- return (capability_prohibits($capability, $parent->id));
+ return capability_prohibits($capability, $parent);
break;
default:
*/
function get_context_instance($level=NULL, $instance=SITEID) {
- global $CONTEXT;
+ global $CONTEXT, $context_cache, $context_cache_id;
/// If no level is supplied then return the current global context if there is one
if (empty($level)) {
$context_cache[$level][$instance] = $context; // Cache it for later
$context_cache_id[$context->id] = $context; // Cache it for later
+
return $context;
}
}
-/**
- * Looks up the context level.
- * @param int $contextid
- * @return int
- */
-function context_level($contextid) {
- if ($context = get_context_instance_by_id($contextid)) {
- return $context->level;
- }
- return false;
-}
-
-
/**
* Get the local override (if any) for a given capability in a role in a context
* @param $roleid
- * @param $instance
+ * @param $contextid
+ * @param $capability
*/
function get_local_override($roleid, $contextid, $capability) {
return get_record('role_capabilities', 'roleid', $roleid, 'capability', $capability, 'contextid', $contextid);
// check for duplicate role name
if ($role = get_record('role','name', $name)) {
- print_object($role);
error('there is already a role with this name!');
}
/**
* prints human readable context identifier.
*/
-function print_context_name($contextid) {
+function print_context_name($context) {
$name = '';
- $context = get_context_instance_by_id($contextid);
-
switch ($context->level) {
case CONTEXT_SYSTEM: // by now it's a definite an inherit
* All case based, example an instance of forum context.
* Will fetch all forum related capabilities, while course contexts
* Will fetch all capabilities
- * @param int contextid
+ * @param object context
* @return array();
*
* capabilities
* `contextlevel` int(10) NOT NULL,
* `component` varchar(100) NOT NULL,
*/
-function fetch_context_capabilities($contextid) {
+function fetch_context_capabilities($context) {
global $CFG;
$sort = 'ORDER BY contextlevel,component,id'; // To group them sensibly for display
- switch (context_level($contextid)) {
+ switch ($context->level) {
case CONTEXT_SYSTEM: // all
$SQL = "select * from {$CFG->prefix}capabilities";
break;
case CONTEXT_MODULE: // mod caps
- $context = get_context_instance_by_id($contextid);
$cm = get_record('course_modules', 'id', $context->instanceid);
$module = get_record('modules', 'id', $cm->module);
break;
case CONTEXT_BLOCK: // block caps
- $context = get_context_instance_by_id($contextid);
$cb = get_record('block_instance', 'id', $context->instanceid);
$block = get_record('block', 'id', $cb->blockid);
* This function pulls out all the resolved capabilities (overrides and
* defaults) of a role used in capability overrieds in contexts at a given
* context.
- * @param int $contextid
+ * @param int $context
* @param int $roleid
* @return array
*/
-function role_context_capabilities($roleid, $contextid) {
+function role_context_capabilities($roleid, $context) {
global $CFG;
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if ($sitecontext->id == $contextid) {
+ if ($sitecontext->id == $context->id) {
return array();
}
// first of all, figure out all parental contexts
- $context = get_context_instance_by_id($contextid);
$contexts = array_reverse(get_parent_contexts($context));
$contexts = '('.implode(',', $contexts).')';
/**
- * Recursive function which, given a contextid, find all parent context ids,
+ * Recursive function which, given a context, find all parent context ids,
* and return the array in reverse order, i.e. parent first, then grand
* parent, etc.
* @param object $context
function get_parent_contexts($context) {
- switch (context_level($context->id)) {
+ switch ($context->level) {
case CONTEXT_SYSTEM: // no parent
return null;
* This function gets the capability of a role in a given context.
* It is needed when printing override forms.
* @param int $contextid
- * @param int $roleid // no need? since role is used in extraction in $capability
* @param string $capability
* @param array $capabilities - array loaded using role_context_capabilities
* @return int (allow, prevent, prohibit, inherit)
}
-// a big switch statement
function get_capability_string($capabilityname) {
// Typical capabilityname is: mod/choice:readresponses
$context = get_context_instance(CONTEXT_COURSE, $courseid);
- if (has_capability('moodle/course:view', $context->id)) {
+ if (has_capability('moodle/course:view', $context)) {
if (isset($USER->realuser)) { // Make sure the REAL person can also access this course
if (!isteacher($courseid, $USER->realuser)) {
print_header();
* @return bool
*/
function isadmin($userid=0) {
- global $USER;
+ global $USER, $CFG;
+
static $admins, $nonadmins;
- if (isset($CFG->rolesactive) && $CFG->rolesactive ===1) {
+ if (isset($CFG->rolesactive) && $CFG->rolesactive == 1) {
- if ($courseid == 0) {
- $context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- } else {
- $context = get_context_instance(CONTEXT_COURSE, $courseid);
- }
+
+ $context = get_context_instance(CONTEXT_SYSTEM, SITEID);
if (!$userid) {
- return has_capability('moodle/legacy:admin', $context->id);
+ return has_capability('moodle/legacy:admin', $context);
} else {
- return has_capability('moodle/legacy:admin', $context->id, false, $userid);
+ return has_capability('moodle/legacy:admin', $context, false, $userid);
}
}
* @param bool $includeadmin If true this function will return true when it encounters an admin user.
* @return bool
*/
+
function isteacher($courseid=0, $userid=0, $includeadmin=true) {
/// Is the user able to access this course as a teacher?
global $USER, $CFG;
}
if (!$userid) {
- return has_capability('moodle/legacy:teacher', $context->id);
+ return has_capability('moodle/legacy:teacher', $context);
} else {
- return has_capability('moodle/legacy:teacher', $context->id, false, $userid);
+ return has_capability('moodle/legacy:teacher', $context, $userid);
}
}
- // Old code follows, will be removed before 1.7 because it shouldn't run
+ // Old code follows, will be removed before 1.7 because it shouldn't run XXX TODO
if (empty($userid)) { // we are relying on $USER
if (empty($USER) or empty($USER->id)) { // not logged in so can't be a teacher
}
if (!$userid) {
- return has_capability('moodle/legacy:edittingteacher', $context->id);
+ return has_capability('moodle/legacy:edittingteacher', $context);
} else {
- return has_capability('moodle/legacy:edittingteacher', $context->id, false, $userid);
+ return has_capability('moodle/legacy:edittingteacher', $context, false, $userid);
}
}
}
if (!$userid) {
- return has_capability('moodle/legacy:coursecreator', $context->id);
+ return has_capability('moodle/legacy:coursecreator', $context);
} else {
- return has_capability('moodle/legacy:coursecreator', $context->id, false, $userid);
+ return has_capability('moodle/legacy:coursecreator', $context, false, $userid);
}
}
}
if (!$userid) {
- return has_capability('moodle/legacy:student', $context->id);
+ return has_capability('moodle/legacy:student', $context);
} else {
- return has_capability('moodle/legacy:student', $context->id, false, $userid);
+ return has_capability('moodle/legacy:student', $context, false, $userid);
}
}
function view() {
$context = get_context_instance(CONTEXT_MODULE,$this->cm->id);
- has_capability('mod/assignment:view', $context->id, true);
+ require_capability('mod/assignment:view', $context);
add_to_log($this->course->id, "assignment", "view", "view.php?id={$this->cm->id}",
$this->assignment->id, $this->cm->id);
$submitted = '';
$context = get_context_instance(CONTEXT_MODULE,$this->cm->id);
- if (has_capability('mod/assignment:grade', $context->id) && (groupmode($this->course, $this->cm) == SEPARATEGROUPS)) {
+ if (has_capability('mod/assignment:grade', $context) && (groupmode($this->course, $this->cm) == SEPARATEGROUPS)) {
// if this user can mark and is put in a group
// then he can only see/mark submission in his own groups
// if (isteacher($assignment->course)) {
$context = get_context_instance(CONTEXT_MODULE,$this->cm->id);
- if (has_capability('mod/assignment:grade', $context->id)) {
+ if (has_capability('mod/assignment:grade', $context)) {
$submissions = count_records_sql("SELECT COUNT(*)
FROM {$CFG->prefix}assignment_submissions a,
{$CFG->prefix}user_students s,
global $USER;
$context = get_context_instance(CONTEXT_MODULE,$this->cm->id);
- has_capability('mod/assignment:view', $context->id, true);
+ require_capability('mod/assignment:view', $context);
$submission = $this->get_submission();
notify(get_string('submissionsaved', 'assignment'));
}
- if (has_capability('mod/assignment:submit', $context->id)) {
+ if (has_capability('mod/assignment:submit', $context)) {
print_simple_box_start('center', '70%', '', '', 'generalbox', 'online');
if ($editmode) {
$this->view_edit_form($submission);
global $USER;
$context = get_context_instance(CONTEXT_MODULE,$this->cm->id);
- has_capability('mod/assignment:view', $context->id, true);
+ require_capability('mod/assignment:view', $context);
add_to_log($this->course->id, "assignment", "view", "view.php?id={$this->cm->id}", $this->assignment->id, $this->cm->id);
}
}
- if (has_capability('mod/assignment:submit', $context->id) && $this->isopen() && (!$filecount || $this->assignment->resubmit || !$submission->timemarked)) {
+ if (has_capability('mod/assignment:submit', $context) && $this->isopen() && (!$filecount || $this->assignment->resubmit || !$submission->timemarked)) {
$this->view_upload_form();
}
require_login($course->id, false, $cm);
- has_capability('mod/chat:chat',$context->id, true);
- /*
- if (isguest()) {
- error('Guest does not have access to chat rooms');
- }
- */
+ require_capability('mod/chat:chat',$context);
+
if (!$cm->visible and !isteacher($course->id)) {
print_header();
notice(get_string("activityiscurrentlyhidden"));
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
// needs to be fixed
- if (!(has_capability('mod/chat:readlog', $context->id) or instance_is_visible('chat', $chat))) { // Chat hidden to students
+ if (!(has_capability('mod/chat:readlog', $context) or instance_is_visible('chat', $chat))) { // Chat hidden to students
//if (!($isteacher or instance_is_visible('chat', $chat))) { // Chat hidden to students
continue;
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
require_login($course->id, false, $cm);
- $isteacher = isteacher($course->id);
- $isteacheredit = isteacheredit($course->id);
-
- //if (isguest() or (!$isteacher and !$chat->studentlogs)) {
- //error('You can not view these chat reports');
- //}
- has_capability('mod/chat:readlog', $context->id, true); // if can't even read, kill
+ require_capability('mod/chat:readlog', $context);
add_to_log($course->id, 'chat', 'report', "report.php?id=$cm->id", $chat->id, $cm->id);
$groupselect = "";
}
- //if ($deletesession and $isteacheredit) {
- if ($deletesession and has_capability('mod/chat:deletelog', $context->id)) {
+ if ($deletesession and has_capability('mod/chat:deletelog', $context)) {
notice_yesno(get_string('deletesessionsure', 'chat'),
"report.php?id=$cm->id&deletesession=1&confirmdelete=1&start=$start&end=$end&sesskey=$USER->sesskey",
"report.php?id=$cm->id");
print_simple_box_end('center');
}
- if (!$deletesession or !has_capability('mod/chat:deletelog', $context->id)) {
- //if (!$deletesession or !$isteacheredit) {
+ if (!$deletesession or !has_capability('mod/chat:deletelog', $context)) {
print_continue("report.php?id=$cm->id");
}
/// Delete a session if one has been specified
- if ($deletesession and has_capability('mod/chat:deletelog', $context->id) and $confirmdelete and $start and $end and confirm_sesskey()) {
- //if ($deletesession and $isteacheredit and $confirmdelete and $start and $end and confirm_sesskey()) {
+ if ($deletesession and has_capability('mod/chat:deletelog', $context) and $confirmdelete and $start and $end and confirm_sesskey()) {
delete_records_select('chat_messages', "chatid = $chat->id AND
timestamp >= '$start' AND
timestamp <= '$end' $groupselect");
foreach ($sessionusers as $sessionuser => $usermessagecount) {
if ($user = get_record('user', 'id', $sessionuser)) {
print_user_picture($user->id, $course->id, $user->picture);
- echo ' '.fullname($user, $isteacher); // need to fix this
+ echo ' '.fullname($user, true); // XXX TODO use capability instead of true
echo " ($usermessagecount)<br />";
}
}
echo '<p align="right">';
echo "<a href=\"report.php?id=$cm->id&start=$sessionstart&end=$sessionend\">$strseesession</a>";
- //if ($isteacheredit)
- if (has_capability('mod/chat:deletelog', $context->id)) {
+ if (has_capability('mod/chat:deletelog', $context)) {
echo "<br /><a href=\"report.php?id=$cm->id&start=$sessionstart&end=$sessionend&deletesession=1\">$strdeletesession</a>";
}
echo '</p>';
echo '<td id="middle-column">';
- if ($chat->studentlogs or has_capability('mod/chat:readlog',$context->id)) {
- //if (($chat->studentlogs or isteacher($course->id)) and !isguest()) {
+ if ($chat->studentlogs or has_capability('mod/chat:readlog',$context)) {
echo '<div class="reportlink">';
echo "<a href=\"report.php?id=$cm->id\">".
get_string('viewreport', 'chat').'</a>';
/// Print the main part of the page
- //if (!isguest()) {
- if (has_capability('mod/chat:chat',$context->id, true)) {
+ if (has_capability('mod/chat:chat',$context)) {
print_simple_box_start('center');
link_to_popup_window ("/mod/chat/gui_$CFG->chat_method/index.php?id=$chat->id$groupparam",
"chat$course->id$chat->id$groupparam", "$strenterchat", 500, 700, get_string('modulename', 'chat'));
print_simple_box_end();
} else {
-/*
+/* XXX TODO
$wwwroot = $CFG->wwwroot.'/login/index.php';
if (!empty($CFG->loginhttps)) {
$wwwroot = str_replace('http:','https:', $wwwroot);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!empty($countanswers)) {
foreach ($countanswers as $ca) { //only return enrolled users.
- if (has_capability('mod/choice:choose', $context->id)) {
+ if (has_capability('mod/choice:choose', $context)) {
//if (isstudent($cm->course, $ca->userid) or isteacher($cm->course, $ca->userid)) {
$countans = $countans+1;
}
if ($countanswers) {
$countans = 0;
foreach ($countanswers as $ca) { //only return enrolled users.
- if (has_capability('mod/choice:choose', $context->id)) {
+ if (has_capability('mod/choice:choose', $context)) {
//if (isstudent($courseid, $ca->userid) or isteacher($courseid, $ca->userid)) {
$countans = $countans+1;
}
if ( $allanswers = get_records("choice_answers", "choiceid", $choice->id)) {
$responsecount = 0;
foreach ($allanswers as $aa) {
- if (has_capability('mod/choice:readresponses', $context->id)) {
+ if (has_capability('mod/choice:readresponses', $context)) {
//if (isstudent($courseid, $aa->userid) or isteacher($courseid, $aa->userid)) { //check to make sure user is enrolled in course.
$responsecount++;
}
//$isteacher = isteacher($course->id);
$tablewidth = (int) (100.0 / count($useranswer));
- if (has_capability('mod/choice:readresponses', $context->id)) {
+ if (has_capability('mod/choice:readresponses', $context)) {
//if (isteacher($course->id, $USER->id)) {
echo '<div id="tablecontainer">';
echo '<form id="attemptsform" method="post" action="'.$_SERVER['PHP_SELF'].'" onsubmit="var menu = document.getElementById(\'menuaction\'); return (menu.options[menu.selectedIndex].value == \'delete\' ? \''.addslashes(get_string('deleteattemptcheck','quiz')).'\' : true);">';
}
/// Print "Select all" etc.
- if (has_capability('mod/choice:readresponses', $context->id)) {
+ if (has_capability('mod/choice:readresponses', $context)) {
//if (isteacher($course->id, $USER->id)) {
echo '<tr><td><p>';
echo '<tr><td>';
echo "</tr></table>";
//if (isteacher($course->id, $USER->id)) {
- if (has_capability('mod/choice:readresponses', $context->id)) {
+ if (has_capability('mod/choice:readresponses', $context)) {
echo "</form></div>";
}
break;
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/choice:readresponses', $context->id, true);
+ require_capability('mod/choice:readresponses', $context);
//if (!isteacher($course->id)) {
// error("Only teachers can look at this page");
add_to_log($course->id, "choice", "report", "report.php?id=$cm->id", "$choice->id",$cm->id);
- if ($action == 'delete' && has_capability('mod/choice:deleteresponses',$context->id, true)) {
- //if ($action == 'delete') { //some responses need to be deleted
+ if ($action == 'delete' && has_capability('mod/choice:deleteresponses',$context)) {
$attemptids = isset($_POST['attemptid']) ? $_POST['attemptid'] : array(); //get array of repsonses to delete.
choice_delete_responses($attemptids); //delete responses.
redirect("report.php?id=$cm->id");
ksort($useranswer);
//print spreadsheet if one is asked for:
- //if ($download == "xls") {
- if ($download == "xls" && has_capability('mod/choice:downloadresponses', $context->id, true)) {
+ if ($download == "xls" && has_capability('mod/choice:downloadresponses', $context)) {
require_once("$CFG->libdir/excellib.class.php");
/// Calculate file name
exit;
}
// print text file
- //if ($download == "txt") {
- if ($download == "txt" && has_capability('mod/choice:downloadresponses', $context->id, true)) {
+ if ($download == "txt" && has_capability('mod/choice:downloadresponses', $context)) {
$filename = clean_filename("$course->shortname ".strip_tags(format_string($choice->name,true))).'.txt';
-
- header("Content-Type: application/download\n");
- header("Content-Disposition: attachment; filename=\"$filename\"");
- header("Expires: 0");
- header("Cache-Control: must-revalidate,post-check=0,pre-check=0");
- header("Pragma: public");
-
- /// Print names of all the fields
+
+ header("Content-Type: application/download\n");
+ header("Content-Disposition: attachment; filename=\"$filename\"");
+ header("Expires: 0");
+ header("Cache-Control: must-revalidate,post-check=0,pre-check=0");
+ header("Pragma: public");
+
+ /// Print names of all the fields
echo get_string("firstname")."\t".get_string("lastname") . "\t". get_string("idnumber") . "\t";
echo get_string("group"). "\t";
echo get_string("choice","choice"). "\n";
-
- /// generate the data for the body of the spreadsheet
- $i=0;
- $row=1;
- if ($users) foreach ($users as $user) {
- if (!empty($answers[$user->id]) && !($answers[$user->id]->optionid==0 && isadmin($user->id)) &&
- (!($answers[$user->id]->optionid==0 && isteacher($course->id, $user->id) && !(isteacheredit($course->id, $user->id)) ) ) &&
- !($choice->showunanswered==0 && $answers[$user->id]->optionid==0) ) { //make sure admins and hidden teachers are not shown in not answered yet column, and not answered only shown if set in config page.
-
- echo $user->lastname;
- echo "\t".$user->firstname;
- $studentid = " ";
- if (!empty($user->idnumber)) {
- $studentid = $user->idnumber;
- }
- echo "\t". $studentid."\t";
- $ug2 = '';
- if ($usergrps = user_group($course->id, $user->id)) {
- foreach ($usergrps as $ug) {
- $ug2 = $ug2. $ug->name;
- }
- }
- echo $ug2. "\t";
- echo format_string(choice_get_option_text($choice, $answers[$user->id]->optionid),true). "\n";
- }
- $row++;
- }
- exit;
-}
+
+ /// generate the data for the body of the spreadsheet
+ $i=0;
+ $row=1;
+ if ($users) foreach ($users as $user) {
+ if (!empty($answers[$user->id]) && !($answers[$user->id]->optionid==0 && isadmin($user->id)) &&
+ (!($answers[$user->id]->optionid==0 && isteacher($course->id, $user->id) && !(isteacheredit($course->id, $user->id)) ) ) &&
+ !($choice->showunanswered==0 && $answers[$user->id]->optionid==0) ) { //make sure admins and hidden teachers are not shown in not answered yet column, and not answered only shown if set in config page.
+
+ echo $user->lastname;
+ echo "\t".$user->firstname;
+ $studentid = " ";
+ if (!empty($user->idnumber)) {
+ $studentid = $user->idnumber;
+ }
+ echo "\t". $studentid."\t";
+ $ug2 = '';
+ if ($usergrps = user_group($course->id, $user->id)) {
+ foreach ($usergrps as $ug) {
+ $ug2 = $ug2. $ug->name;
+ }
+ }
+ echo $ug2. "\t";
+ echo format_string(choice_get_option_text($choice, $answers[$user->id]->optionid),true). "\n";
+ }
+ $row++;
+ }
+ exit;
+ }
+
+
choice_show_results($choice, $course, $cm, $format); //show table with students responses.
//now give links for downloading spreadsheets.
require_course_login($course, false, $cm);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/choice:choose', $context->id, true);
+ require_capability('mod/choice:choose', $context);
if (!$choice = choice_get_choice($cm->instance)) {
error("Course module is incorrect");
if ($form = data_submitted()) {
$timenow = time();
- if (has_capability('mod/choice:deleteresponses', $context->id)) {
- //if (isteacher($course->id, $USER->id)) {
+ if (has_capability('mod/choice:deleteresponses', $context)) {
if ($action == 'delete') { //some responses need to be deleted
choice_delete_responses($attemptids); //delete responses.
redirect("view.php?id=$cm->id");
"<a href=\"index.php?id=$course->id\">$strchoices</a> -> ".format_string($choice->name), "", "", true,
update_module_button($cm->id, $course->id, $strchoice), navmenu($course, $cm));
- if (has_capability('mod/choice:readresponses', $context->id)) {
- //if (isteacher($course->id)) {
+ if (has_capability('mod/choice:readresponses', $context)) {
choice_show_reportlink($choice, $course->id, $cm->id);
} else if (!$cm->visible) {
notice(get_string("activityiscurrentlyhidden"));
if ($comment->recordid != $record->id) {
error('Comment ID is misconfigured');
}
- if (!has_capability('mod/data:managecomments', $context->id) && $comment->userid != $USER->id) {
+ if (!has_capability('mod/data:managecomments', $context) && $comment->userid != $USER->id) {
error('Comment is not yours to edit!');
}
}
require_course_login($course, true, $cm);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/data:managetemplates', $context->id, true);
+ require_capability('mod/data:managetemplates', $context);
if (!isteacheredit($course->id)){
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/data:uploadentries', $context->id, true);
+ require_capability('mod/data:uploadentries', $context);
- if (has_capability('mod/data:managetemplates', $context->id)) {
+ if (has_capability('mod/data:managetemplates', $context)) {
if (!count_records('data_fields','dataid',$data->id)) { // Brand new database!
redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry
}
$record->dataid = $data->id;
$record->groupid = $groupid;
$record->timecreated = $record->timemodified = time();
- if (has_capability('mod/data:approve', $context->id)) {
+ if (has_capability('mod/data:approve', $context)) {
//if (isteacher($data->course)) {
$record->approved = 1;
} else {
/// Replacing special tags (##Edit##, ##Delete##, ##More##)
$patterns[]='/\#\#Edit\#\#/i';
$patterns[]='/\#\#Delete\#\#/i';
- if (has_capability('mod/data:manageentries', $context->id) or data_isowner($record->id)) {
+ if (has_capability('mod/data:manageentries', $context) or data_isowner($record->id)) {
$replacement[] = '<a href="'.$CFG->wwwroot.'/mod/data/edit.php?d='
.$data->id.'&rid='.$record->id.'&sesskey='.sesskey().'"><img src="'.$CFG->pixpath.'/t/edit.gif" height="11" width="11" border="0" alt="'.get_string('edit').'" /></a>';
$replacement[] = '<a href="'.$CFG->wwwroot.'/mod/data/view.php?d='
'&course='.$data->course.'">'.fullname($record).'</a>';
$patterns[]='/\#\#Approve\#\#/i';
- if (has_capability('mod/data:approve', $context->id) && ($data->approval) && (!$record->approved)){
+ if (has_capability('mod/data:approve', $context) && ($data->approval) && (!$record->approved)){
$replacement[] = '<a href="'.$CFG->wwwroot.'/mod/data/view.php?d='.$data->id.'&approve='.$record->id.'&sesskey='.sesskey().'"><img src="'.$CFG->pixpath.'/i/approve.gif" height="11" width="11" border="0" alt="'.get_string('approve').'" /></a>';
} else {
$replacement[] = '';
if ($data->ratings and !empty($USER->id)) {
if ($ratings->scale = make_grades_menu($data->scale)) {
$ratings->assesspublic = $data->assesspublic;
- $ratings->allow = ($data->assessed != 2 or has_capability('mod/data:rate', $context->id));
+ $ratings->allow = ($data->assessed != 2 or has_capability('mod/data:rate', $context));
if ($ratings->allow) {
echo '<div class="ratings" align="center">';
echo '<form name="form" method="post" action="rate.php">';
$useratings = true;
if ($useratings) {
- if ((has_capability('mod/data:rate', $context->id) or $ratings->assesspublic) and !data_isowner($record->id)) {
- data_print_ratings_mean($record->id, $ratings->scale, has_capability('mod/data:rate', $context->id));
+ if ((has_capability('mod/data:rate', $context) or $ratings->assesspublic) and !data_isowner($record->id)) {
+ data_print_ratings_mean($record->id, $ratings->scale, has_capability('mod/data:rate', $context));
if (!empty($ratings->allow)) {
echo ' ';
data_print_rating_menu($record->id, $USER->id, $ratings->scale);
/// Commands
echo '<div class="commands">';
- if (data_isowner($comment->recordid) or has_capability('mod/data:managecomments', $context->id)) {
+ if (data_isowner($comment->recordid) or has_capability('mod/data:managecomments', $context)) {
echo '<a href="'.$CFG->wwwroot.'/mod/data/comment.php?rid='.$comment->recordid.'&mode=edit&commentid='.$comment->id.'&page='.$page.'">'.$stredit.'</a>';
echo '| <a href="'.$CFG->wwwroot.'/mod/data/comment.php?rid='.$comment->recordid.'&mode=delete&commentid='.$comment->id.'&page='.$page.'">'.$strdelete.'</a>';
}
//if (isloggedin() and !isguest()) {
if (isloggedin()) {
- if (has_capability('mod/data:writeentry', $context->id)) { // took out participation list here!
+ if (has_capability('mod/data:writeentry', $context)) { // took out participation list here!
$addstring = empty($editentry) ? get_string('add', 'data') : get_string('editentry', 'data');
$row[] = new tabobject('add', $CFG->wwwroot.'/mod/data/edit.php?d='.$data->id, $addstring, '', true);
}
- if (has_capability('mod/data:managetemplates', $context->id)) {
+ if (has_capability('mod/data:managetemplates', $context)) {
if ($currenttab == 'list') {
$defaultemplate = 'listtemplate';
} else if ($currenttab == 'add') {
require_course_login($course, true, $cm);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/data:managetemplates', $context->id, true);
-/*
- if (!isteacheredit($course->id)){
- error(get_string('noaccess','data'));
- }
-
- if (isteacher($course->id)) {
- if (!count_records('data_fields','dataid',$data->id)) { // Brand new database!
- redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry
- }
+ require_capability('mod/data:managetemplates', $context);
+
+ if (!count_records('data_fields','dataid',$data->id)) { // Brand new database!
+ redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry
}
-*/
- //add_to_log($course->id, 'data', 'templates view', "templates.php?id=$cm->id&d=$data->id", $data->id, $cm->id);
+
+ add_to_log($course->id, 'data', 'templates view', "templates.php?id=$cm->id&d=$data->id", $data->id, $cm->id);
/// Print the page header
require_course_login($course, true, $cm);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/data:readentry', $context->id, true);
+ require_capability('mod/data:readentry', $context);
/// If it's hidden then it's don't show anything. :)
- if (empty($cm->visible) and !has_capability('mod/data:managetemplates', $context->id)) {
+ if (empty($cm->visible) and !has_capability('mod/data:managetemplates', $context)) {
$strdatabases = get_string("modulenameplural", "data");
$navigation = "<a href=\"index.php?id=$course->id\">$strdatabases</a> ->";
print_header_simple(format_string($data->name), "",
}
/// If we have an empty Database then redirect because this page is useless without data
- if (has_capability('mod/data:managetemplates', $context->id)) {
+ if (has_capability('mod/data:managetemplates', $context)) {
if (!record_exists('data_fields','dataid',$data->id)) { // Brand new database!
redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry
}
/// Delete any requested records
- if ($delete && confirm_sesskey() && (has_capability('mod/data:manageentries', $context->id) or data_isowner($delete))) {
+ if ($delete && confirm_sesskey() && (has_capability('mod/data:manageentries', $context) or data_isowner($delete))) {
if ($confirm = optional_param('confirm',0,PARAM_INT)) {
if ($deleterecord = get_record('data_records', 'id', $delete)) { // Need to check this is valid
if ($deleterecord->dataid == $data->id) { // Must be from this database
/// Approve any requested records
- if ($approve && confirm_sesskey() && has_capability('mod/data:approve', $context->id)) {
+ if ($approve && confirm_sesskey() && has_capability('mod/data:approve', $context)) {
if ($approverecord = get_record('data_records', 'id', $approve)) { // Need to check this is valid
if ($approverecord->dataid == $data->id) { // Must be from this database
$newrecord->id = $approverecord->id;
}
// If not teacher, check whether user has sufficient records to view
- if (!has_capability('mod/data:managetemplates', $context->id) and data_numentries($data) < $data->requiredentriestoview){
+ if (!has_capability('mod/data:managetemplates', $context) and data_numentries($data) < $data->requiredentriestoview){
notify (($data->requiredentriestoview - data_numentries($data)).' '.get_string('insufficiententries','data'));
echo '</td></tr></table>';
print_footer($course);
/// We need to examine the whole dataset to produce the correct paging
- if ((!has_capability('mod/data:managetemplates', $context->id)) && ($data->approval)) {
+ if ((!has_capability('mod/data:managetemplates', $context)) && ($data->approval)) {
if (isloggedin()) {
$approveselect = ' AND (r.approved=1 OR r.userid='.$USER->id.') ';
} else {
if (empty($records)) { // Nothing to show!
if ($record) { // Something was requested so try to show that at least (bug 5132)
- if (has_capability('mod/data:manageentries', $context->id) || empty($data->approval) ||
+ if (has_capability('mod/data:manageentries', $context) || empty($data->approval) ||
$record->approved || (isloggedin() && $record->userid == $USER->id)) {
if (!$currentgroup || $record->groupid == $currentgroup || $record->groupid == 0) {
$records[] = $record;
/******************* admin amend Grading Grade ************************************/
if ($action == 'adminamendgradinggrade' ) {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
if (empty($aid)) {
/******************* admin confirm delete ************************************/
elseif ($action == 'adminconfirmdelete' ) {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
if (empty($aid)) {
/******************* admin delete ************************************/
elseif ($action == 'admindelete' ) {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
if (empty($aid)) {
/*********************** admin list of asssessments (of a submission) (by teachers)**************/
elseif ($action == 'adminlist') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
/****************** admin list of asssessments by a student (used by teachers only )******************/
elseif ($action == 'adminlistbystudent') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
/****************** edit assessment elements (for teachers) ***********************/
elseif ($action == 'editelements') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
/****************** insert/update assignment elements (for teachers)***********************/
elseif ($action == 'insertelements') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
/****************** list assessments for grading (Student submissions)(by teachers)*********************/
elseif ($action == 'listungradedstudentsubmissions') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
exercise_list_ungraded_assessments($exercise, "student");
******************Teacher's submissions) (by teachers)****/
elseif ($action == 'listungradedstudentassessments') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
exercise_list_ungraded_assessments($exercise, "teacher");
/******************* regrade student assessments ************************************/
elseif ($action == 'regradestudentassessments' ) {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
// get all the student assessments
/****************** teacher assessment : grading of assessment and submission (from student) ************/
elseif ($action == 'teacherassessment') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
/****************** teacher table : show assessments by exercise and teacher ************/
elseif ($action == 'teachertable') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
}
// is user allowed to resubmit?
- if (has_capability('mod/exercise:assess', $context->id)) {
+ if (has_capability('mod/exercise:assess', $context)) {
if (!$submission = get_record("exercise_submissions", "id", $assessment->submissionid)) {
error ("Updateassessment: submission record not found");
}
/****************** update teacher assessment (by teacher only) ***************************/
elseif ($action == 'updateteacherassessment') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
/****************** update grading grade(by teacher) ***************************/
elseif ($action == 'updategradinggrade') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
+ if (!has_capability('mod/exercise:assess', $context)) {
error("Only teachers can look at this page");
}
/****************** submission of assignment by teacher only***********************/
elseif ($action == 'submitassignment') {
- if (!has_capability('mod/exercise:assess', $context->id)) {
- //error("Only teachers with editing permissions can do this.");
+ if (!has_capability('mod/exercise:assess', $context)) {
+ error("Only teachers with editing permissions can do this.");
}
exercise_print_assignment_info($exercise);
error('Course Module ID was incorrect');
}
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
- $canviewdiscussion = has_capability('mod/forum:viewdiscussion', $modcontext->id);
+ $canviewdiscussion = has_capability('mod/forum:viewdiscussion', $modcontext);
if ($forum->type == "news") {
if (!empty($move)) {
- if (has_capability('mod/forum:movediscussions', $modcontext->id)) {
+ if (has_capability('mod/forum:movediscussions', $modcontext)) {
error("You do not have the permission to move this discussion!");
}
if ($forum = get_record("forum", "id", $move)) {
- if ($groupmode and !has_capability('moodle/site:accessallgroups', $modcontext->id)) { // Groups must be kept separate
+ if ($groupmode and !has_capability('moodle/site:accessallgroups', $modcontext)) { // Groups must be kept separate
//change this to ismember
$mygroupid = mygroupid($course->id); //only useful if 0, otherwise it's an array now
if ($groupmode == SEPARATEGROUPS) {
} else if ($groupmode == VISIBLEGROUPS) {
$canreply = ( (empty($mygroupid) && $discussion->groupid == -1) ||
(ismember($discussion->groupid) || $mygroupid == $discussion->groupid) &&
- has_capability('mod/forum:replypost', $modcontext->id) );
+ has_capability('mod/forum:replypost', $modcontext) );
}
}
echo '<table width="100%"><tr><td width="33%">';
- if ($groupmode == VISIBLEGROUPS or ($groupmode and has_capability('moodle/site:accessallgroups', $modcontext->id))) {
+ if ($groupmode == VISIBLEGROUPS or ($groupmode and has_capability('moodle/site:accessallgroups', $modcontext))) {
if ($groups = get_records_menu('groups', 'courseid', $course->id, 'name ASC', 'id,name')) {
print_group_menu($groups, $groupmode, $discussion->groupid, "view.php?id=$cm->id&group=");
}
forum_print_mode_form($discussion->id, $displaymode);
echo "</td><td width=\"33%\">";
- if (has_capability('mod/forum:movediscussions', $modcontext->id)) { // Popup menu to move discussions to other forums
+ if (has_capability('mod/forum:movediscussions', $modcontext)) { // Popup menu to move discussions to other forums
if ($forums = get_all_instances_in_course("forum", $course)) {
if ($course->format == 'weeks') {
$strsection = get_string("week");
notify(get_string('thisforumisthrottled','forum',$a));
}
- if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext->id) &&
+ if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext) &&
!forum_user_has_posted($forum->id,$discussion->id,$USER->id)) {
notify(get_string('qandanotify','forum'));
}
}
/// Print the actual discussion
- $canrate = has_capability('mod/forum:rate', $modcontext->id);
+ $canrate = has_capability('mod/forum:rate', $modcontext);
forum_print_discussion($course, $forum, $discussion, $post, $displaymode, $canreply, $canrate);
print_footer($course);
-?>
\ No newline at end of file
+?>
$forum->visible = instance_is_visible("forum", $forum);
$cm = get_coursemodule_from_instance("forum", $forum->id, $course->id);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!$forum->visible and !has_capability('moodle/course:viewhiddenactivities', $context->id)) {
+ if (!$forum->visible and !has_capability('moodle/course:viewhiddenactivities', $context)) {
if (isset($forum->keyreference)) {
unset($learningforums[$forum->keyreference]);
}
// this is potentially wrong logic. could possibly check for if user has the right to hmmm
- if ($groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context->id)) {
+ if ($groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
$count = count_records_select("forum_discussions", "forum = '$forum->id' AND (groupid = '$currentgroup' OR groupid = '-1')");
} else {
$count = count_records("forum_discussions", "forum", "$forum->id");
if ($usetracking) {
if (($forum->trackingtype == FORUM_TRACKING_ON) || !isset($untracked[$forum->id])) {
- $groupid = ($groupmode==SEPARATEGROUPS && !has_capability('moodle/site:accessallgroups', $context->id)) ? $currentgroup : false;
+ $groupid = ($groupmode==SEPARATEGROUPS && !has_capability('moodle/site:accessallgroups', $context)) ? $currentgroup : false;
$unread = forum_tp_count_forum_unread_posts($USER->id, $forum->id, $groupid);
if ($unread > 0) {
$unreadlink = '<span class="unread"><a href="view.php?f='.$forum->id.'">'.$unread.'</a>';
if (forum_is_forcesubscribed($forum->id)) {
$sublink = $stryes;
} else {
- if ($groupmode and !has_capability('moodle/site:accessallgroups', $context->id) and !mygroupid($course->id)) {
+ if ($groupmode and !has_capability('moodle/site:accessallgroups', $context) and !mygroupid($course->id)) {
$sublink = $strno; // Can't subscribe to a group forum (not in a group)
$forumlink = format_string($forum->name,true);
} else {
$forum->visible = instance_is_visible("forum", $forum);
$cm = get_coursemodule_from_instance("forum", $forum->id, $course->id);
- if ($groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context->id)) {
+ if ($groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
$count = count_records("forum_discussions", "forum", "$forum->id", "groupid", $currentgroup);
} else {
$count = count_records("forum_discussions", "forum", "$forum->id");
if ($groupmode) { // Look for a reason not to send this email
if (!has_capability('moodle/site:accessallgroups',
- $modcontext->id, false, $userto->id)) {
+ $modcontext, false, $userto->id)) {
if (!empty($group->id)) {
if (!ismember($group->id, $userto->id)) {
continue;
error('Course Module ID was incorrect');
}
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
- $viewfullnames = has_capability('mod/site:viewfullnames', $modcontext->id);
+ $viewfullnames = has_capability('mod/site:viewfullnames', $modcontext);
$by = New stdClass;
$by->name = fullname($userfrom, $viewfullnames);
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); // Will need to fix this.
// Take into account forum visibility.
- if (has_capability('moodle/course:viewhiddenactivities', $coursecontext->id)) {
+ if (has_capability('moodle/course:viewhiddenactivities', $coursecontext)) {
$onlyvisible = '';
$onlyvisibletable = '';
} else {
}
// Take into account user groups.
- if (has_capability('moodle/site:accessallgroups', $modcontext->id)) {
+ if (has_capability('moodle/site:accessallgroups', $modcontext)) {
$selectgroup = '';
$coursetable = '';
}
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!has_capability('mod/forum:viewhiddentimedposts', $modcontext->id)) {
+ if (!has_capability('mod/forum:viewhiddentimedposts', $modcontext)) {
$now = time();
$timelimit = " AND ((d.timestart = 0 OR d.timestart <= '$now') AND (d.timeend = 0 OR d.timeend > '$now')";
if (!empty($USER->id)) {
}
$output .= '<div class="subject">'.format_string($post->subject).'</div>';
- $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $modcontext->id));
+ $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $modcontext));
$by->name = '<a href="'.$CFG->wwwroot.'/user/view.php?id='.$user->id.'&course='.$course->id.'">'.$fullname.'</a>';
$by->date = userdate($post->modified, '', $touser->timezone);
$output .= '<div class="author">'.get_string('bynameondate', 'forum', $by).'</div>';
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!has_capability('mod/forum:startdiscussion', $context->id)) {
+ if (!has_capability('mod/forum:startdiscussion', $context)) {
return false;
}
if ($forum->type == "eachuser") {
return (!forum_user_has_posted_discussion($forum->id, $USER->id));
} else if ($currentgroup) {
- return (has_capability('moodle/site:accessallgroups', $context->id)
+ return (has_capability('moodle/site:accessallgroups', $context)
or (ismember($currentgroup) and $forum->open == 2));
} else {
//else it might be group 0 in visible mode
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (isset($user)) {
- $canreply = has_capability('mod/forum:replypost', $context->id, false, $user->id);
+ $canreply = has_capability('mod/forum:replypost', $context, false, $user->id);
} else {
- $canreply = has_capability('mod/forum:replypost', $context->id, false);
+ $canreply = has_capability('mod/forum:replypost', $context, false);
}
return $canreply;
}
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!has_capability('mod/forum:viewdiscussion', $modcontext->id)) {
+ if (!has_capability('mod/forum:viewdiscussion', $modcontext)) {
return false;
}
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
- if (!has_capability('moodle/course:view', $coursecontext->id)) {
+ if (!has_capability('moodle/course:view', $coursecontext)) {
return false;
}
if ($discussion->groupid > 0) {
if ($cm->groupmode == SEPARATEGROUPS) {
return ismember($discussion->groupid) ||
- has_capability('moodle/site:accessallgroups', $modcontext->id);
+ has_capability('moodle/site:accessallgroups', $modcontext);
}
}
return true;
$user = $USER;
}
- if (!has_capability('mod/forum:viewdiscussion', $context->id, false, $user->id)) {
+ if (!has_capability('mod/forum:viewdiscussion', $context, false, $user->id)) {
return false;
}
return (forum_user_has_posted($forum->id,$discussion->id,$user->id) ||
$firstpost->id == $post->id ||
- has_capability('mod/forum:viewqandawithoutposting', $context->id, false, $user->id));
+ has_capability('mod/forum:viewqandawithoutposting', $context, false, $user->id));
}
return true;
}
}
if (!$currentgroup and ($groupmode != SEPARATEGROUPS or
- has_capability('moodle/site:accessallgroups', $context->id)) ) {
+ has_capability('moodle/site:accessallgroups', $context)) ) {
$visiblegroups = -1;
} else {
$visiblegroups = $currentgroup;
error('Course Module ID was incorrect');
}
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
- $canviewfullnames = has_capability('mod/site:viewfullnames', $modcontext->id);
+ $canviewfullnames = has_capability('mod/site:viewfullnames', $modcontext);
foreach ($posts as $post) {
foreach ($posts as $post) {
$modcontext = get_context_instance(CONTEXT_MODULE, $post->cmid);
- $canviewallgroups = has_capability('moodle/site:accessallgroups', $modcontext->id);
+ $canviewallgroups = has_capability('moodle/site:accessallgroups', $modcontext);
if ($groupid and ($post->groupid != -1 and $groupid != $post->groupid and !$canviewallgroups)) {
continue;
error('Course Module ID was incorrect');
}
$modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
- if(!has_capability('mod/forum:throttlingapplies', $modcontext->id)) {
+ if(!has_capability('mod/forum:throttlingapplies', $modcontext)) {
return true;
}
if (forum_is_forcesubscribed($forum->id)) {
print_string("everyoneissubscribed", "forum");
} else if ($forum->forcesubscribe != FORUM_DISALLOWSUBSCRIBE ||
- has_capability('moodle/course:manageactivities', $coursecontext->id)){
+ has_capability('moodle/course:manageactivities', $coursecontext)){
unset($options);
if (forum_is_subscribed($USER->id, $post->forum)) {
$options[0] = get_string("subscribestart", "forum");
<?php
- if (has_capability('moodle/course:manageactivities', $coursecontext->id)
+ if (has_capability('moodle/course:manageactivities', $coursecontext)
&& empty($post->id)) {
?>
$realpost->userid = -1;
}
- if ( !(($realpost->userid == $USER->id && has_capability('mod/forum:replypost', $modcontext->id)) ||
- has_capability('mod/forum:editanypost', $modcontext->id)) ) {
+ if ( !(($realpost->userid == $USER->id && has_capability('mod/forum:replypost', $modcontext)) ||
+ has_capability('mod/forum:editanypost', $modcontext)) ) {
error("You can not update this post");
}
}
if ($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) {
- if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext->id)) {
+ if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext)) {
error(get_string("activityiscurrentlyhidden"));
}
}
error("Sorry, but you can not post in this discussion.");
}
}
- if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext->id)) {
+ if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext)) {
error(get_string("activityiscurrentlyhidden"));
}
}
error("Post ID was incorrect");
}
if (($post->userid <> $USER->id) and
- !has_capability('mod/forum:editanypost', $modcontext->id)) {
+ !has_capability('mod/forum:editanypost', $modcontext)) {
error("You can't edit other people's posts!");
}
if ($post->parent) {
}
if (!($forum->type == 'news' && !$post->parent && $discussion->timestart > time())) {
if (((time() - $post->created) > $CFG->maxeditingtime) and
- !has_capability('mod/forum:editanypost', $modcontext->id)) {
+ !has_capability('mod/forum:editanypost', $modcontext)) {
error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) );
}
}
if (! $forum = get_record("forum", "id", $discussion->forum)) {
error("The forum number was incorrect ($discussion->forum)");
}
- if ( !(($post->userid == $USER->id && has_capability('mod/forum:deleteownpost', $modcontext->id))
- || has_capability('mod/forum:deleteanypost', $modcontext->id)) ) {
+ if ( !(($post->userid == $USER->id && has_capability('mod/forum:deleteownpost', $modcontext))
+ || has_capability('mod/forum:deleteanypost', $modcontext)) ) {
error("You can't delete this post!");
}
if (!empty($forum->course)) {
notice(get_string("couldnotdeleteratings", "forum"),
forum_go_back_to("discuss.php?d=$post->discussion"));
- } else if ($replycount && !has_capability('mod/forum:deleteanypost', $modcontext->id)) {
+ } else if ($replycount && !has_capability('mod/forum:deleteanypost', $modcontext)) {
error(get_string("couldnotdeletereplies", "forum"),
forum_go_back_to("discuss.php?d=$post->discussion"));
redirect("view.php?f=$discussion->forum",
get_string("deleteddiscussion", "forum"), 1);
- } else if (forum_delete_post($post, has_capability('mod/forum:deleteanypost', $modcontext->id))) {
+ } else if (forum_delete_post($post, has_capability('mod/forum:deleteanypost', $modcontext))) {
add_to_log($discussion->course, "forum", "delete post",
"discuss.php?d=$post->discussion", "$post->id", $cm->id);
forum_set_return();
if ($replycount) {
- if (!has_capability('mof/forum:deleteanypost', $modcontext->id)) {
+ if (!has_capability('mof/forum:deleteanypost', $modcontext)) {
error(get_string("couldnotdeletereplies", "forum"),
forum_go_back_to("discuss.php?d=$post->discussion"));
}
if (!$forum = get_record("forum", "id", $discussion->forum)) {
error("The forum number was incorrect ($discussion->forum)");
}
- if (!has_capability('mod/forum:splitdiscussions', $modcontext->id)) {
+ if (!has_capability('mod/forum:splitdiscussions', $modcontext)) {
error("You can't split discussions!");
}
if (!$post->parent) {
error("You cannot start a new discussion in this forum");
}
- if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext->id) &&
+ if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext) &&
!forum_user_has_posted($forum->id,$discussion->id,$USER->id)) {
notify(get_string('qandanotify','forum'));
}
} else {
$user_read_array = array();
}
- if ($forum->type != 'qanda' || forum_user_can_see_discussion($forum, $discussion, $modcontext->id)) {
+ if ($forum->type != 'qanda' || forum_user_can_see_discussion($forum, $discussion, $modcontext)) {
forum_print_posts_threaded($parent->id, $course->id, 0, false, false, $user_read_array, $discussion->forum);
}
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!has_capability('mod/forum:ratepost', $context->id)) {
+ if (!has_capability('mod/forum:ratepost', $context)) {
error('You do not have the permission to rate this post');
}
error("This page was not accessed correctly");
}
-?>
\ No newline at end of file
+?>
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!has_capability('mod/forum:viewrating', $context->id)) {
+ if (!has_capability('mod/forum:viewrating', $context)) {
error('You do not have the capability to view post ratings');
}
- if (!has_capability('mod/forum:viewanyrating', $context->id) and $USER->id != $post->userid) {
+ if (!has_capability('mod/forum:viewanyrating', $context) and $USER->id != $post->userid) {
error("You can only look at results for posts that you made");
}
if (!isset($forum->visible)) {
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (!instance_is_visible("forum", $forum) &&
- !has_capability('moodle/course:viewhiddenactivities', $context->id)) {
+ !has_capability('moodle/course:viewhiddenactivities', $context)) {
continue;
}
}
return $menu;
}
-?>
\ No newline at end of file
+?>
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
if (groupmode($course, $cm) and
- !has_capability('moodle/site:accessallgroups', $context->id)) {
+ !has_capability('moodle/site:accessallgroups', $context)) {
if (!mygroupid($course->id)) {
error('Sorry, but you must be a group member to subscribe.');
}
}
if ($user) {
- if (!has_capability('mod/forum:managesubscriptions', $context->id)) {
+ if (!has_capability('mod/forum:managesubscriptions', $context)) {
error('You do not have the permission to subscribe/unsubscribe other people!');
}
if (!$user = get_record("user", "id", $user)) {
$returnto = forum_go_back_to("index.php?id=$course->id");
- if ($force and has_capability('mod/forum:managesubscriptions', $context->id)) {
+ if ($force and has_capability('mod/forum:managesubscriptions', $context)) {
if (forum_is_forcesubscribed($forum->id)) {
forum_forcesubscribe($forum->id, 0);
redirect($returnto, get_string("everyonecanchoose", "forum"), 1);
} else { // subscribe
if ($forum->forcesubscribe == FORUM_DISALLOWSUBSCRIBE &&
- !has_capability('mod/forum:managesubscriptions', $context->id)) {
+ !has_capability('mod/forum:managesubscriptions', $context)) {
error(get_string('disallowsubscribe'),$_SERVER["HTTP_REFERER"]);
}
if (forum_subscribe($user->id, $forum->id) ) {
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!has_capability('mod/forum:viewsubscribers', $context->id)) {
+ if (!has_capability('mod/forum:viewsubscribers', $context)) {
error('You do not have the permission to view forum subscribers');
}
$navigation = "<a href=\"index.php?id=$course->id\">$strforums</a> ->
<a href=\"view.php?f=$forum->id\">".format_string($forum->name,true)."</a> -> $strsubscribers";
- if (has_capability('mod/forum:managesubscriptions', $context->id)) {
+ if (has_capability('mod/forum:managesubscriptions', $context)) {
print_header_simple("$strsubscribers", "", "$navigation",
"", "", true, forum_update_subscriptions_button($course->id, $id));
if ($edit != -1) {
}
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if ($course->id == SITEID && has_capability('moodle/site:config', $context->id)) {
+ if ($course->id == SITEID && has_capability('moodle/site:config', $context)) {
$postcoursename = get_field('course', 'shortname', 'id', $forum->course);
$fullsubject = '<a href="'.$CFG->wwwroot.'/course/view.php?id='.$forum->course.'">'.$postcoursename.'</a> -> '. $fullsubject;
}
/// Check whether the should be able to view this forum.
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!has_capability('mod/forum:viewforum', $context->id)) {
+ if (!has_capability('mod/forum:viewforum', $context)) {
error('You do not have the permission to view this forum');
}
print_header_simple(format_string($forum->name), "",
"$navigation ".format_string($forum->name), "", "", true, $buttontext, navmenu($course, $cm));
- if (empty($cm->visible) and !has_capability('moodle/course:manageactivities', $context->id)) {
+ if (empty($cm->visible) and !has_capability('moodle/course:manageactivities', $context)) {
notice(get_string("activityiscurrentlyhidden"));
}
$currentgroup = get_and_set_current_group($course, $groupmode, $changegroup);
if ($groupmode and ($currentgroup === false) and
- !has_capability('moodle/site:accessallgroups', $context->id)) {
+ !has_capability('moodle/site:accessallgroups', $context)) {
print_heading(get_string("notingroup", "forum"));
print_footer($course);
//now we need a menu for separategroups as well!
if ($groupmode == VISIBLEGROUPS or ($groupmode and
- has_capability('moodle/site:accessallgroups', $context->id))) {
+ has_capability('moodle/site:accessallgroups', $context))) {
//the following query really needs to change
if ($groups = get_records_menu("groups", "courseid", $course->id, "name ASC", "id,name")) {
$strallowchoice = get_string('allowchoice', 'forum');
helpbutton("subscription", $streveryoneissubscribed, "forum");
echo ' <span class="helplink">';
- if (has_capability('moodle/course:manageactivities', $context->id)) {
+ if (has_capability('moodle/course:manageactivities', $context)) {
echo "<a title=\"$strallowchoice\" href=\"subscribe.php?id=$forum->id&force=no\">$streveryoneissubscribed</a>";
} else {
echo $streveryoneissubscribed;
helpbutton("subscription", $streveryonecanchoose, "forum");
echo ' ';
- if (has_capability('moodle/course:manageactivities', $context->id)) {
+ if (has_capability('moodle/course:manageactivities', $context)) {
echo "<span class=\"helplink\"><a title=\"$strforcesubscribe\" href=\"subscribe.php?id=$forum->id&force=yes\">$streveryonecanchoose</a></span>";
echo "<br />";
echo "<span class=\"helplink\"><a href=\"subscribers.php?id=$forum->id\">$strshowsubscribers</a></span>";
notify(get_string('thisforumisthrottled','forum',$a));
}
- if ($forum->type == 'qanda' && !has_capability('moodle/course:manageactivities', $context->id)) {
+ if ($forum->type == 'qanda' && !has_capability('moodle/course:manageactivities', $context)) {
notify(get_string('qandanotify','forum'));
}
set_user_preference("forum_displaymode", $mode);
}
$displaymode = get_user_preferences("forum_displaymode", $CFG->forum_displaymode);
- $canrate = has_capability('mod/forum:rate', $context->id);
+ $canrate = has_capability('mod/forum:rate', $context);
forum_print_discussion($course, $forum, $discussion, $post, $displaymode, NULL, $canrate);
break;
require_login($course->id, false, $cm);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/glossary:approve', $context->id, true);
+ require_capability('mod/glossary:approve', $context);
$newentry->id = $eid;
$newentry->approved = 1;
/// Input section
if ( $action == 'delete' ) {
- if (($comment->userid <> $USER->id) and !has_capability('mod/glossary:managecomments', $context->id)) {
+ if (($comment->userid <> $USER->id) and !has_capability('mod/glossary:managecomments', $context)) {
error('You can\'t delete other people\'s comments!');
}
- if (!$glossary->allowcomments && !has_capability('mod/glossary:managecomments', $context->id)) {
+ if (!$glossary->allowcomments && !has_capability('mod/glossary:managecomments', $context)) {
error('You can\'t delete comments in this glossary!');
}
if ( $confirm ) {
print_simple_box_end();
}
} else {
- if (!$glossary->allowcomments && !has_capability('mod/glossary:comment', $context->id)) {
+ if (!$glossary->allowcomments && !has_capability('mod/glossary:comment', $context)) {
error('You can\'t add/edit comments to this glossary!');
}
if ( $action == 'edit' ) {
$timetocheck = $comment->timemodified;
}
$ineditperiod = ((time() - $timetocheck < $CFG->maxeditingtime) || $glossary->editalways);
- if ( (!$ineditperiod || $USER->id != $comment->userid) and !has_capability('mod/glossary:comment', $context->id) and $cid) {
+ if ( (!$ineditperiod || $USER->id != $comment->userid) and !has_capability('mod/glossary:comment', $context) and $cid) {
if ( $USER->id != $comment->userid ) {
error('You can\'t edit other people\'s comments!');
} elseif (!$ineditperiod) {
print_heading(format_string(get_string('commentson','glossary')." <b>\"$entry->concept\"</b>"));
- if ($glossary->allowcomments || has_capability('mod/glossary:managecomments', $context->id)) {
+ if ($glossary->allowcomments || has_capability('mod/glossary:managecomments', $context)) {
print_heading("<a href=\"comment.php?id=$cm->id&eid=$entry->id\">$straddcomment</a> <img title=\"$straddcomment\" src=\"comment.gif\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" />");
}
error("Glossary is incorrect");
}
- if (!has_capability('mod/glossary:manageentries', $context->id) ) {
+ if (!has_capability('mod/glossary:manageentries', $context) ) {
error("You are not allowed to edit or delete entries");
}
$lcase = 'lcase';
}
-if (!$glossary->studentcanpost && !has_capability('mod/glossary:manageentries', $context->id)) {
+if (!$glossary->studentcanpost && !has_capability('mod/glossary:manageentries', $context)) {
error("You can't add/edit entries to this glossary!");
}
if ( $confirm ) {
$newentry->timemodified = $timenow;
$newentry->approved = 0;
$newentry->aliases = "";
- if ( $glossary->defaultapproval or has_capability('mod/glossary:approve', $context->id) ) {
+ if ( $glossary->defaultapproval or has_capability('mod/glossary:approve', $context) ) {
$newentry->approved = 1;
}
//Perhaps too much security? Anyway thanks to skodak (Bug 1823)
$old = get_record('glossary_entries', 'id', $e);
$ineditperiod = ((time() - $old->timecreated < $CFG->maxeditingtime) || $glossary->editalways);
- if ( (!$ineditperiod || $USER->id != $old->userid) and !has_capability('mod/glossary:manageentries', $context->id) and $e) {
+ if ( (!$ineditperiod || $USER->id != $old->userid) and !has_capability('mod/glossary:manageentries', $context) and $e) {
if ( $USER->id != $old->userid ) {
error("You can't edit other people's entries!");
} elseif (!$ineditperiod) {
$newentry->userid = $USER->id;
$newentry->timecreated = $timenow;
$newentry->sourceglossaryid = 0;
- $newentry->teacherentry = has_capability('mod/glossary:manageentries', $context->id);
+ $newentry->teacherentry = has_capability('mod/glossary:manageentries', $context);
$permissiongranted = 1;
if ( !$glossary->allowduplicatedentries ) {
$newentry->definition = $form->definition;
$newentry->format = $form->format;
$newentry->timemodified = time();
- $newentry->approved = $glossary->defaultapproval or has_capability('mod/glossary:approve', context->id);
+ $newentry->approved = $glossary->defaultapproval or has_capability('mod/glossary:approve', $context);
$newentry->usedynalink = $form->usedynalink;
$newentry->casesensitive = $form->casesensitive;
$newentry->fullmatch = $form->fullmatch;
"", true, "", navmenu($course, $cm));
$ineditperiod = ((time() - $newentry->timecreated < $CFG->maxeditingtime) || $glossary->editalways);
-if ( (!$ineditperiod || $USER->id != $newentry->userid) and !has_capability('mod/glossary:manageentries', $context->id) and $e) {
+if ( (!$ineditperiod || $USER->id != $newentry->userid) and !has_capability('mod/glossary:manageentries', $context) and $e) {
if ( $USER->id != $newentry->userid ) {
error("You can't edit other people's entries!");
} elseif (!$ineditperiod) {
include("tabs.html");
if (!$e) {
- has_capability('glossary_write', $context->id, true);
+ require_capability('glossary_write', $context);
}
include("edit.html");
require_login($course->id, false);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/glossary:managecategories', $context->id, true);
+ require_capability('mod/glossary:managecategories', $context);
$strglossaries = get_string("modulenameplural", "glossary");
$strglossary = get_string("modulename", "glossary");
require_login($course->id, false);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/glossary:export', $context->id, true);
+ require_capability('mod/glossary:export', $context);
$strglossaries = get_string("modulenameplural", "glossary");
$strglossary = get_string("modulename", "glossary");
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/glossary:export', $context->id, true);
+ require_capability('mod/glossary:export', $context);
if (! $course = get_record('course', 'id', $cm->course)) {
error('Course is misconfigured');
require_login($course->id, false);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/glossary:export', $context->id, true);
+ require_capability('mod/glossary:export', $context);
$filename = clean_filename(strip_tags(format_string($glossary->name,true)).'.xml');
$content = glossary_generate_export_file($glossary,$l,$cat);
send_file($content, $filename, 0, 0, true, true);
-?>
\ No newline at end of file
+?>
require_login($course->id, false);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/glossary:import', $context->id, true);
+ require_capability('mod/glossary:import', $context);
if ($dest != 'new' and $dest != 'current') {
$dest = 'current';
}
$return .= glossary_print_entry_commentslink($course, $cm, $glossary, $entry,$mode,$hook,'html');
- if (has_capability('mod/glossary:comment', $context->id)) {
+ if (has_capability('mod/glossary:comment', $context)) {
$output = true;
$return .= ' <a title="' . get_string('addcomment','glossary') . '" href="comment.php?id='.$cm->id.'&eid='.$entry->id.'"><img src="comment.gif" height="11" width="11" border="0" alt="'.get_string('addcomment','glossary').'" /></a>';
}
- if (has_capability('mod/glossary:write', $context->id) or (!empty($USER->id) and $glossary->studentcanpost and $entry->userid == $USER->id)) {
+ if (has_capability('mod/glossary:write', $context) or (!empty($USER->id) and $glossary->studentcanpost and $entry->userid == $USER->id)) {
// only teachers can export entries so check it out
- if (has_capability('mod/glossary:export', $context->id) and !$ismainglossary and !$importedentry) {
+ if (has_capability('mod/glossary:export', $context) and !$ismainglossary and !$importedentry) {
$mainglossary = get_record('glossary','mainglossary',1,'course',$course->id);
if ( $mainglossary ) { // if there is a main glossary defined, allow to export the current entry
$output = true;
// -It isn't a imported entry (so nobody can edit a imported (from secondary to main) entry)) and
// -The user is teacher or he is a student with time permissions (edit period or editalways defined).
$ineditperiod = ((time() - $entry->timecreated < $CFG->maxeditingtime) || $glossary->editalways);
- if ( !$importedentry and (has_capability('mod/glossary:manageentries', $context->id) or ($entry->userid == $USER->id and $ineditperiod))) {
+ if ( !$importedentry and (has_capability('mod/glossary:manageentries', $context) or ($entry->userid == $USER->id and $ineditperiod))) {
$output = true;
$return .= " <a title=\"" . get_string("delete") . "\" href=\"deleteentry.php?id=$cm->id&mode=delete&entry=$entry->id&prevmode=$mode&hook=$hook\"><img src=\"";
$return .= $icon;
echo '<tr>';
echo '<td align="center" width="20%">';
- if (has_capability('mod/glossary:managecategories', $context->id)) {
+ if (has_capability('mod/glossary:managecategories', $context)) {
$options['id'] = $cm->id;
$options['mode'] = 'cat';
$options['hook'] = $hook;
echo '<div class="icons commands">';
$ineditperiod = ((time() - $comment->timemodified < $CFG->maxeditingtime) || $glossary->editalways);
- if ( ($glossary->allowcomments && $ineditperiod && $USER->id == $comment->userid) || has_capability('mod/glossary:managecomments', $context->id)) {
+ if ( ($glossary->allowcomments && $ineditperiod && $USER->id == $comment->userid) || has_capability('mod/glossary:managecomments', $context)) {
echo "<a href=\"comment.php?id=$cm->id&eid=$entry->id&cid=$comment->id&action=edit\"><img
alt=\"" . get_string("edit") . "\" src=\"$CFG->pixpath/t/edit.gif\" height=\"11\" width=\"11\" border=\"0\" /></a> ";
}
- if ( ($glossary->allowcomments && $USER->id == $comment->userid) || has_capability('mod/glossary:managecomments', $context->id) ) {
+ if ( ($glossary->allowcomments && $USER->id == $comment->userid) || has_capability('mod/glossary:managecomments', $context) ) {
echo "<a href=\"comment.php?id=$cm->id&eid=$entry->id&cid=$comment->id&action=delete\"><img
alt=\"" . get_string("delete") . "\" src=\"$CFG->pixpath/t/delete.gif\" height=\"11\" width=\"11\" border=\"0\" /></a>";
}
}
}
if ($useratings) {
- if (has_capability('mod/glossary:viewrating', $context->id)) {
+ if (has_capability('mod/glossary:viewrating', $context)) {
glossary_print_ratings_mean($entry->id, $ratings->scale);
if ($USER->id != $entry->userid) {
glossary_print_rating_menu($entry->id, $USER->id, $ratings->scale);
$cm = get_record("course_modules","module",$module->id,"instance",$entry->glossaryid);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- if (!has_capability('mod/glossary:manageentries', $context->id) and $USER->id != $entry->userid) {
+ if (!has_capability('mod/glossary:manageentries', $context) and $USER->id != $entry->userid) {
error("You can only look at results for your own entries");
}
echo "<th width=\"100%\" class=\"header\"><a href=\"report.php?id=$entry->id&sort=rating\">$strrating</a></th>";
echo "<th class=\"header\"><a href=\"report.php?id=$entry->id&sort=time\">$strtime</a></th>";
foreach ($ratings as $rating) {
- if (has_capability('mod/glossary:manageentries', $context->id)) {
+ if (has_capability('mod/glossary:manageentries', $context)) {
echo '<tr class="teacher">';
} else {
echo '<tr>';
$data[GLOSSARY_DATE_VIEW]->caption = get_string("dateview", "glossary");
$data[GLOSSARY_AUTHOR_VIEW]->caption = get_string("authorview","glossary");
- if (has_capability('mod/glossary:write', $context->id)) {
+ if (has_capability('mod/glossary:write', $context)) {
$data[GLOSSARY_ADDENTRY_VIEW]->caption = get_string("addentry", "glossary");
$data[GLOSSARY_ADDENTRY_VIEW]->link = "edit.php?id=$cm->id";
}
- if (has_capability('mod/glossary:import', $context->id)) {
+ if (has_capability('mod/glossary:import', $context)) {
$data[GLOSSARY_IMPORT_VIEW]->caption = get_string("importentries", "glossary");
$data[GLOSSARY_IMPORT_VIEW]->link = "import.php?id=$cm->id";
}
- if (has_capability('mod/glossary:export', $context->id)) {
+ if (has_capability('mod/glossary:export', $context)) {
$data[GLOSSARY_EXPORT_VIEW]->caption = get_string("exportentries", "glossary");
$data[GLOSSARY_EXPORT_VIEW]->link = "export.php?id=$cm->id&mode=$mode&hook=$hook";
}
$data[GLOSSARY_CATEGORY_VIEW]->link = "view.php?id=$id&mode=cat";
$data[GLOSSARY_AUTHOR_VIEW]->link = "view.php?id=$id&mode=author";
- if (has_capability('mod/glossary:approve', $context->id)) {
+ if (has_capability('mod/glossary:approve', $context)) {
$data[GLOSSARY_APPROVAL_VIEW]->caption = get_string("waitingapproval", "glossary");
$data[GLOSSARY_APPROVAL_VIEW]->link = "";
}
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/glossary:view', $context->id, true); // kill the page if user can't even read
+ require_capability('mod/glossary:view', $context); // kill the page if user can't even read
if ($CFG->forcelogin) {
require_login();
$ratings->assesstimestart = $glossary->assesstimestart;
$ratings->assesstimefinish = $glossary->assesstimefinish;
}
- if ($glossary->assessed == 2 and !has_capability('mod/glossary:rate', $context->id)) {
+ if ($glossary->assessed == 2 and !has_capability('mod/glossary:rate', $context)) {
$ratings->allow = false;
} else {
$ratings->allow = true;
require_login($course->id, false);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- //has_capability('mod/survey:readresponses', $context->id, true);
+
+ require_capability('mod/survey:readresponses', $context);
if (! $survey = get_record("survey", "id", $cm->instance)) {
error("Survey ID was incorrect");
echo " <a href=\"report.php?action=scales&id=$id\">$strscales</a>";
echo " <a href=\"report.php?action=questions&id=$id\">$strquestions</a>";
echo " <a href=\"report.php?action=students&id=$id\">$course->students</a>";
- if (has_capability('mod/survey:download', $context->id)) {
+ if (has_capability('mod/survey:download', $context)) {
echo " <a href=\"report.php?action=download&id=$id\">$strdownload</a>";
}
if (empty($action)) {
} else {
echo "<a href=\"report.php?action=questions&id=$id\">$strquestions</a>";
echo " <a href=\"report.php?action=students&id=$id\">$course->students</a>";
- if (has_capability('mod/survey:download', $context->id)) {
+ if (has_capability('mod/survey:download', $context)) {
echo " <a href=\"report.php?action=download&id=$id\">$strdownload</a>";
}
if (empty($action)) {
break;
case "download":
- has_capability('mod/survey:download', $context->id, true);
print_heading($strdownload);
+ require_capability('mod/survey:download', $context);
+
echo '<p align="center">'.get_string("downloadinfo", "survey").'</p>';
echo '<center>';
require_login($course->id, false, $cm);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- has_capability('mod/survey:participate', $context->id, true);
+ require_capability('mod/survey:participate', $context);
if (! $survey = get_record("survey", "id", $cm->instance)) {
error("Survey ID was incorrect");
require_login($course->id, false, $cm);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
- //has_capability('mod/survey:participate', $context->id, true);
+
+ require_capability('mod/survey:participate', $context);
if (! $survey = get_record("survey", "id", $cm->instance)) {
error("Survey ID was incorrect");
$currentgroup = 0;
}
- //if (isteacheredit($course->id) or ($groupmode == VISIBLEGROUPS)) {
- if (has_capability('mod/survey:readresponses', $context->id) or ($groupmode == VISIBLEGROUPS)) {
+ if (has_capability('mod/survey:readresponses', $context) or ($groupmode == VISIBLEGROUPS)) {
$currentgroup = 0;
}
- if (isteacher($course->id)) {
- //if (has_capability('mod/survey:readresponses', $context->id)) {
+ if (has_capability('mod/survey:readresponses', $context)) {
$numusers = survey_count_responses($survey->id, $currentgroup);
echo "<div class=\"reportlink\"><a href=\"report.php?id=$cm->id\">".
get_string("viewsurveyresponses", "survey", $numusers)."</a></div>";
// else we are editting one
$dummyuser = get_record('user','id', $id);
- if ($dummyuser->username == 'changeme') {
- // check for add user
- has_capability('moodle/user:create', $context->id, true);
+ if ($dummyuser->username == 'changeme') { // check for add user
+ require_capability('moodle/user:create', $context);
} else {
- if ($USER->id <> $usernew->id and !has_capability('moodle/user:update', $context->id)) {
- // check for edit
+ if ($USER->id <> $usernew->id and !has_capability('moodle/user:update', $context)) { // check for edit
print_error('onlyeditown');
}
}
require_login($course->id);
$context = get_context_instance(CONTEXT_COURSE, $id);
- //has_capability('moodle/course:viewparticipants', $context->id, true);
+ require_capability('moodle/course:viewparticipants', $context);
if (!$course->category) {
if (!$CFG->showsiteparticipantslist and !isteacher(SITEID)) {
projects / moodle.git / commitdiff