accesslib: MDL-16549 Now that moodle/site:doanything is not editiable, reset the...

diff --git a/lib/db/upgrade.php b/lib/db/upgrade.php
index d529515505972b048d688932c32a4163889f012e..5fc3a19ce0e50ad5d676f79af8f1c92700bf6eac 100644 (file)
--- a/lib/db/upgrade.php
+++ b/lib/db/upgrade.php
@@ -865,7 +865,7 @@ function xmldb_main_upgrade($oldversion) {
 
     if ($result && $oldversion < 2008101300) {
 
-        if (!get_config(NULL, 'statsruntimedays')) {
+        if (!get_2config(NULL, 'statsruntimedays')) {
             set_config('statsruntimedays', '31');
         }
 
@@ -948,6 +948,50 @@ function xmldb_main_upgrade($oldversion) {
         upgrade_main_savepoint($result, 2008110602);
     }
 
+    /// Remove any role overrides for moodle/site:doanything, or any permissions
+    /// for it in a role without legacy:admin.
+    if ($result && $oldversion < 2008110603) {
+        $systemcontext = get_context_instance(CONTEXT_SYSTEM);
+
+        // Remove all overrides.
+        $DB->delete_records_select('role_capabilities', 'capability = ? AND contextid <> ?', array('moodle/site:doanything', $systemcontext->id));
+
+        // Get the ids of all the roles that are moodle/legacy:admin.
+        $adminroleids = $DB->get_records_menu('role_capabilities',
+                array('capability' => 'moodle/legacy:admin', 'permission' => 1, 'contextid' => $systemcontext->id),
+                '', 'id, roleid');
+
+        // Remove moodle/site:doanything from all other roles.
+        list($notroletest, $params) = $DB->get_in_or_equal($adminroleids, SQL_PARAMS_QM, '', false);
+        $DB->delete_records_select('role_capabilities', "roleid $notroletest AND capability = ? AND contextid = ?",
+                array_merge($params, array('moodle/site:doanything', $systemcontext->id)));
+
+        // Ensure that for all admin-y roles, the permission for moodle/site:doanything is 1
+        list($isroletest, $params) = $DB->get_in_or_equal($adminroleids);
+        $DB->set_field_select('role_capabilities', 'permission', 1,
+                "roleid $isroletest AND capability = ? AND contextid = ?",
+                array_merge($params, array('moodle/site:doanything', $systemcontext->id)));
+
+        // And for any admin-y roles where moodle/site:doanything is not set, set it.
+        $doanythingroleids = $DB->get_records_menu('role_capabilities',
+                array('capability' => 'moodle/site:doanything', 'permission' => 1, 'contextid' => $systemcontext->id),
+                '', 'id, roleid');
+        foreach ($adminroleids as $roleid) {
+            if (!in_array($roleid, $doanythingroleids)) {
+                $rc = new stdClass;
+                $rc->contextid = $systemcontext->id;
+                $rc->roleid = $roleid;
+                $rc->capability = 'moodle/site:doanything';
+                $rc->permission = 1;
+                $rc->timemodified = time();
+                $DB->insert_record('role_capabilities', $rc);
+            }
+        }
+
+    /// Main savepoint reached
+        upgrade_main_savepoint($result, 2008110603);
+    }
+
     return $result;
 }
 

diff --git a/version.php b/version.php
index 1610a47408329d995f185e966e800f6b2f4f3607..f38ae278677fdae8c2f7ebcfd007565c8642b5fe 100644 (file)
--- a/version.php
+++ b/version.php
@@ -6,7 +6,7 @@
 // This is compared against the values stored in the database to determine
 // whether upgrades should be performed (see lib/db/*.php)
 
-    $version = 2008110602;  // YYYYMMDD   = date of the last version bump
+    $version = 2008110603;  // YYYYMMDD   = date of the last version bump
                             //         XX = daily increments
 
     $release = '2.0 dev (Build: 20081106)';  // Human-friendly version name