* @param int $roleid
* @return array
*/
-function role_context_capabilities($roleid, $context) {
+function role_context_capabilities($roleid, $context, $cap='') {
global $CFG;
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
$contexts = array_reverse(get_parent_contexts($context));
$contexts = '('.implode(',', $contexts).')';
+ if ($cap) {
+ $search = ' AND rc.capability = "'.$cap.'" ';
+ } else {
+ $search = '';
+ }
+
$SQL = "SELECT rc.* FROM {$CFG->prefix}role_capabilities rc, {$CFG->prefix}context c
where rc.contextid in $contexts
and rc.roleid = $roleid
- and rc.contextid = c.id
+ and rc.contextid = c.id $search
ORDER BY c.aggregatelevel DESC, rc.capability DESC";
-
+
$records = get_records_sql($SQL);
-
$capabilities = array();
// We are traversing via reverse order.
return $options;
}
+
+
+/**
+ * who has this capability in this context
+ * does not handling user level resolving!!!
+ * i.e 1 person has 2 roles 1 allow, 1 prevent, this will not work properly
+ * @param $context - object
+ * @param $capability - string capability
+ * @param $fields - fields to be pulled
+ * @param $sort - the sort order
+ */
+function get_users_by_capability($context, $capability, $fields='distinct u.*', $sort='') {
+
+ global $CFG;
+
+ // first get all roles with this capability in this context, or above
+ $possibleroles = get_roles_with_capability($capability, CAP_ALLOW);
+ $validroleids = array();
+ foreach ($possibleroles as $prole) {
+ $caps = role_context_capabilities($prole->id, $context, $capability); // resolved list
+ if ($caps[$capability] > 0) { // resolved capability > 0
+ $validroleids[] = $prole->id;
+ }
+ }
+
+ if ($usercontexts = get_parent_contexts($context)) {
+ $listofcontexts = '('.implode(',', $usercontexts).')';
+ } else {
+ $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
+ $listofcontexts = '('.$sitecontext->id.')'; // must be site
+ }
+
+ $roleids = '('.implode(',', $validroleids).')';
+
+ $select = ' SELECT '.$fields;
+ $from = ' FROM '.$CFG->prefix.'user u LEFT JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id ';
+ $where = ' WHERE (ra.contextid = '.$context->id.' OR ra.contextid in '.$listofcontexts.') AND u.deleted = 0 AND ra.roleid in '.$roleids.' ';
+
+ return get_records_sql($select.$from.$where);
+
+}
?>
require_login($course->id);
- if (!isteacheredit($course->id)) {
+ if (!has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $form->course))) {
redirect($CFG->wwwroot.'/course/view.php?id='.$course->id);
}
}
$currentgroup = get_current_group($course->id);
- if ($currentgroup and isteacheredit($course->id)) {
+ if ($currentgroup and has_capability('moodle/site:accessallgroups', get_context_instance(CONTEXT_COURSE, $id))) {
$group = get_record("groups", "id", $currentgroup);
$groupname = " ($group->name)";
} else {
$submitted = '';
$context = get_context_instance(CONTEXT_MODULE,$this->cm->id);
- if (has_capability('mod/assignment:grade', $context) && (groupmode($this->course, $this->cm) == SEPARATEGROUPS)) {
+ if (has_capability('mod/assignment:grade', $context)) {
// if this user can mark and is put in a group
// then he can only see/mark submission in his own groups
- if (user_group($this->course->id, $USER->id)) {
+ if (!has_capability('moodle/course:managegroups', $context) and (groupmode($this->course, $this->cm) == SEPARATEGROUPS)) {
$count = $this->count_real_submissions($this->currentgroup); // Only their groups
} else {
$count = $this->count_real_submissions(); // Everyone
$this->display_submission();
break;
- case 'all': // Main window, display everything
+ case 'all': // Main window, display everything
$this->display_submissions();
break;
if ($currentgroup) {
$users = get_group_users($currentgroup);
} else {
- $users = get_course_users($course->id);
+ $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+ $users = get_users_by_capability($context, 'mod/assignment:submit'); // everyone with this capability set to non-prohibit
}
$tablecolumns = array('picture', 'fullname', 'grade', 'comment', 'timemodified', 'timemarked', 'status');
AND g.groupid = '$groupid'
AND a.userid = g.userid ");
} else {
- $select = "s.course = '$assignment->course' AND";
- if ($assignment->course == SITEID) {
- $select = '';
+ $cm = get_coursemodule_from_instance('assignment', $assignment->id);
+ $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+
+ // this is all the users with this capability set, in this context or higher
+ $users = get_users_by_capability($context, 'mod/assignment:submit');
+ foreach ($users as $user) {
+ $array[] = $user->id;
}
+
+ $userlists = '('.implode(',',$array).')';
+
return count_records_sql("SELECT COUNT(*)
- FROM {$CFG->prefix}assignment_submissions a,
- {$CFG->prefix}user_students s
- WHERE a.assignment = '$assignment->id'
- AND a.timemodified > 0
- AND $select a.userid = s.userid ");
+ FROM {$CFG->prefix}assignment_submissions
+ WHERE assignment = '$assignment->id'
+ AND timemodified > 0
+ AND userid IN $userlists ");
}
}
require_login($course->id, false, $cm);
- if (!isteacher($course->id)) {
- error("Only teachers can look at this page");
- }
+ require_capability('mod/assignment:grade', get_context_instance(CONTEXT_MODULE, $cm->id));
/// Load up the required assignment code
require($CFG->dirroot.'/mod/assignment/type/'.$assignment->assignmenttype.'/assignment.class.php');
require_capability('mod/assignment:view', $context);
$submission = $this->get_submission();
-
+
//Guest can not submit nor edit an assignment (bug: 4604)
if (isguest($USER->id)) {
$editable = null;
projects / moodle.git / commitdiff