]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 25b0fd8)
adding capabilities
authortoyomoyo <toyomoyo>
Mon, 11 Sep 2006 08:56:23 +0000 (08:56 +0000)
committertoyomoyo <toyomoyo>
Mon, 11 Sep 2006 08:56:23 +0000 (08:56 +0000)
calendar/event.php patch | blob | history
course/lib.php patch | blob | history
grade/index.php patch | blob | history
grade/lib.php patch | blob | history
lib/accesslib.php patch | blob | history
lib/datalib.php patch | blob | history
lib/db/access.php patch | blob | history
lib/moodlelib.php patch | blob | history
lib/weblib.php patch | blob | history
mod/chat/lib.php patch | blob | history
user/index.php patch | blob | history

diff --git a/calendar/event.php b/calendar/event.php
index 9d81e95c1af100578fba3faf0e7e71e8c1e6c559..d735576c92914e6ac8ab5c752c6dc586800f339c 100644 (file)
--- a/calendar/event.php
+++ b/calendar/event.php
@@ -612,9 +612,9 @@ function calendar_get_allowed_types(&$allowed) {
     $allowed->user = true; // User events always allowed
     $allowed->groups = false; // This may change just below
     $allowed->courses = false; // This may change just below
-    $allowed->site = isteacher(SITEID);
+    $allowed->site = has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_SYSTEM, SITEID));
 
-    if(!empty($SESSION->cal_course_referer) && $SESSION->cal_course_referer != SITEID && isteacher($SESSION->cal_course_referer, $USER->id)) {
+    if(!empty($SESSION->cal_course_referer) && $SESSION->cal_course_referer != SITEID && has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $SESSION->cal_course_referer))) {
         $course = get_record('course', 'id', $SESSION->cal_course_referer);
 
         $allowed->courses = array($course->id => 1);
diff --git a/course/lib.php b/course/lib.php
index 927b6aaf3b305855cfe55d2d26539c3527a35eb7..aafcfe715f442fe5ba1bda5bf3ccf54626e10a8f 100644 (file)
--- a/course/lib.php
+++ b/course/lib.php
@@ -28,7 +28,6 @@ function print_recent_selector_form($course, $advancedfilter=0, $selecteduser=0,
 
     global $USER, $CFG;
 
-    $isteacher = isteacher($course->id);
     if ($advancedfilter) {
 
         // Get all the possible users
@@ -36,7 +35,7 @@ function print_recent_selector_form($course, $advancedfilter=0, $selecteduser=0,
 
         if ($courseusers = get_course_users($course->id, '', '', 'u.id, u.firstname, u.lastname')) {
             foreach ($courseusers as $courseuser) {
-                $users[$courseuser->id] = fullname($courseuser, $isteacher);
+                $users[$courseuser->id] = fullname($courseuser, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id)));
             }
         }
         if ($guest = get_guest()) {
@@ -267,9 +266,7 @@ function build_logs_array($course, $user=0, $date=0, $order="l.time ASC", $limit
     global $db;
 
     /// Setup for group handling.
-    $isteacher = isteacher($course->id);
-    $isteacheredit = isteacheredit($course->id);
-
+    
     /// If the group mode is separate, and this user does not have editing privileges,
     /// then only the user's group can be viewed.
     if ($course->groupmode == SEPARATEGROUPS and !has_capability('moodle/course:managegroups', get_context_instance(CONTEXT_COURSE, $course->id))) {
@@ -373,7 +370,6 @@ function print_log($course, $user=0, $date=0, $order="l.time ASC", $page=0, $per
     $today = mktime (0, 0, 0, $tt["mon"], $tt["mday"], $tt["year"]);
 
     $strftimedatetime = get_string("strftimedatetime");
-    $isteacher = isteacher($course->id);
 
     echo "<p align=\"center\">\n";
     print_string("displayingrecords", "", $totalcount);
@@ -431,7 +427,7 @@ function print_log($course, $user=0, $date=0, $order="l.time ASC", $page=0, $per
         echo "<td class=\"r$row c2\" nowrap=\"nowrap\">\n";
         link_to_popup_window("/iplookup/index.php?ip=$log->ip&amp;user=$log->userid", 'iplookup',$log->ip, 400, 700);
         echo "</td>\n";
-        $fullname = fullname($log, $isteacher);
+        $fullname = fullname($log, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id)));
         echo "<td class=\"r$row c3\" nowrap=\"nowrap\">\n";
         echo "    <a href=\"$CFG->wwwroot/user/view.php?id={$log->userid}&amp;course={$log->course}\">$fullname</a>\n";
         echo "</td>\n";
@@ -473,7 +469,6 @@ function print_log_csv($course, $user, $date, $order='l.time DESC', $modname,
     $today = mktime (0, 0, 0, $tt["mon"], $tt["mday"], $tt["year"]);
 
     $strftimedatetime = get_string("strftimedatetime");
-    $isteacher = isteacher($course->id);
 
     $filename = 'logs_'.userdate(time(),get_string('backupnameformat'),99,false);
     $filename .= '.txt';
@@ -510,7 +505,7 @@ function print_log_csv($course, $user, $date, $order='l.time DESC', $modname,
         $log->url  = str_replace('&', '&amp;', $log->url); // XHTML compatibility
 
         $firstField = $courses[$log->course];
-        $fullname = fullname($log, $isteacher);
+        $fullname = fullname($log, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id)));
         $row = array($firstField, userdate($log->time, $strftimedatetime), $log->ip, $fullname, $log->module.' '.$log->action, $log->info);
         $text = implode("\t", $row);
         echo $text." \n";
@@ -546,7 +541,6 @@ function print_log_xls($course, $user, $date, $order='l.time DESC', $modname,
     $today = mktime (0, 0, 0, $tt["mon"], $tt["mday"], $tt["year"]);
 
     $strftimedatetime = get_string("strftimedatetime");
-    $isteacher = isteacher($course->id);
 
     $nroPages = ceil(count($logs)/(EXCELROWS-FIRSTUSEDEXCELROW+1));
     $filename = 'logs_'.userdate(time(),get_string('backupnameformat'),99,false);
@@ -612,7 +606,7 @@ function print_log_xls($course, $user, $date, $order='l.time DESC', $modname,
         $excelTime=25569+$log->time/(3600*24);
         $myxls->write($row, 1, $excelTime, $formatDate);
         $myxls->write($row, 2, $log->ip, '');
-        $fullname = fullname($log, $isteacher);
+        $fullname = fullname($log, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id)));
         $myxls->write($row, 3, $fullname, '');
         $myxls->write($row, 4, $log->module.' '.$log->action, '');
         $myxls->write($row, 5, $log->info, '');
@@ -654,7 +648,6 @@ function print_log_ooo($course, $user, $date, $order='l.time DESC', $modname,
     $today = mktime (0, 0, 0, $tt["mon"], $tt["mday"], $tt["year"]);
 
     $strftimedatetime = get_string("strftimedatetime");
-    $isteacher = isteacher($course->id);
 
     $filename = 'logs_'.userdate(time(),get_string('backupnameformat'),99,false);
     $filename .= '.sxw';
@@ -708,7 +701,7 @@ function print_log_ooo($course, $user, $date, $order='l.time DESC', $modname,
         $log->url  = str_replace('&', '&amp;', $log->url); // XHTML compatibility
 
         $firstField = $courses[$log->course];
-        $fullname = fullname($log, $isteacher);
+        $fullname = fullname($log, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id)));
         $row = array($firstField, userdate($log->time, $strftimedatetime), $log->ip, $fullname, $log->module.' '.$log->action, $log->info);
 
         $data[] = $row;
@@ -771,7 +764,7 @@ function print_recent_activity($course) {
 
     global $CFG, $USER, $SESSION;
 
-    $isteacher = isteacher($course->id);
+    $isteacher = has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id));
 
     $timestart = time() - COURSE_MAX_RECENT_PERIOD;
 
@@ -809,7 +802,7 @@ function print_recent_activity($course) {
         echo "<ol class=\"list\">\n";
         foreach ($users as $user) {
             
-            $fullname = fullname($user, $isteacher);
+            $fullname = fullname($user, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id)));
             echo '<li class="name"><a href="'.$CFG->wwwroot."/user/view.php?id=$user->id&amp;course=$course->id\">$fullname</a></li>\n";
         }
         echo "</ol>\n</div>\n";
@@ -1068,7 +1061,6 @@ function print_section($course, $section, $mods, $modnamesused, $absolute=false,
     if (!isset($isteacher)) {
         $groupbuttons     = ($course->groupmode or (!$course->groupmodeforce));
         $groupbuttonslink = (!$course->groupmodeforce);
-        $isteacher = isteacher($course->id);
         $isediting = isediting($course->id);
         $ismoving = $isediting && ismoving($course->id);
         if ($ismoving) {
@@ -1540,7 +1532,7 @@ function print_course($course, $width="100%") {
                 if (!$teacher->role) {
                     $teacher->role = $course->teacher;
                 }
-                $fullname = fullname($teacher, isteacher($course->id)); // is the USER a teacher of that course
+                $fullname = fullname($teacher, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_COURSE, $course->id))); // is the USER a teacher of that course
                 echo $teacher->role.': <a href="'.$CFG->wwwroot.'/user/view.php?id='.$teacher->id.
                      '&amp;course='.SITEID.'">'.$fullname.'</a><br />';
             }
diff --git a/grade/index.php b/grade/index.php
index 5130bcd4ae6109515acfbdcd41c8a0201768aaf2..75d87d33b598dabf21e6c5086eb0a01ade40d9d1 100644 (file)
--- a/grade/index.php
+++ b/grade/index.php
@@ -14,7 +14,7 @@
 
     require_login($course->id);
     
-    if (isteacher($course->id)) {
+    if (has_capability('moodle/site:accessallgroups', get_context_instance(CONTEXT_COURSE, $course->id))) {
         $group = get_and_set_current_group($course, $course->groupmode, $group);
     } else {
         $group = get_current_group($course->id);
@@ -50,7 +50,7 @@
 
     grade_set_uncategorized();
 
-    if (isteacher($course->id)) {
+    if (has_capability('moodle/course:viewcoursegrades', get_context_instance(CONTEXT_COURSE, $course->id))) {
         switch ($action) {
             case "cats":
                 grade_set_categories();
diff --git a/grade/lib.php b/grade/lib.php
index 0bd9dc546d3b2e8134b6d263b45be60aa53397ab..2e1d1c263f068a8caec0a08dafff1139730ba3ef 100644 (file)
--- a/grade/lib.php
+++ b/grade/lib.php
@@ -675,7 +675,7 @@ function grade_get_grades() {
     if ($mods) {
         foreach ($mods as $mod)    {
             // hidden is a gradebook setting for an assignment and visible is a course_module setting 
-            if (($mod->hidden != 1 && $mod->visible==1) or (isteacher($course->id) && $preferences->show_hidden==1)) {
+            if (($mod->hidden != 1 && $mod->visible==1) or (has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_MODULE, $mod->id)) && $preferences->show_hidden==1)) {
                 $libfile = "$CFG->dirroot/mod/$mod->modname/lib.php";
                 if (file_exists($libfile)) {
                     require_once($libfile);
@@ -1195,9 +1195,7 @@ function grade_download($download, $id) {
         error("Course ID was incorrect");
     }
 
-    if (!isteacher($course->id)) {
-        error("Only teachers can use this page!");
-    }
+    require_capability('moodle/course:viewcoursegrades', get_context_instance(CONTEXT_COURSE, $id));
 
     $strgrades = get_string("grades");
     $strgrade = get_string("grade");
@@ -1681,7 +1679,10 @@ function grade_view_category_grades($view_by_student) {
     global $USER;
     global $preferences;
     global $group;
-    if (!isteacher($course->id)) {
+    
+    $context = get_context_instance(CONTEXT_COURSE, $course->id);
+    
+    if (!has_capability('moodle/course:viewcoursegrades', $context)) {
         $view_by_student = $USER->id;
     }
 
@@ -1714,7 +1715,7 @@ function grade_view_category_grades($view_by_student) {
             //$maxpoints = 0;
             $maxpercent = 0;
             $reprint = 0;
-            if (isteacher($course->id)) {
+            if (has_capability('moodle/course:viewcoursegrades', $context)) {
                 $student_heading_link = get_string('student','grades');
                 //only set sorting links if more than one student displayed.
                 if ($view_by_student == -1) {
@@ -1726,7 +1727,7 @@ function grade_view_category_grades($view_by_student) {
                 }
             }
             echo '<table align="center" class="grades">';
-            if (isteacher($course->id)) {
+            if (has_capability('moodle/course:viewcoursegrades', $context)) {
                 $header = '<tr class="header"><th rowspan="2">'.$student_heading_link.'</th>';
             }
             else {
@@ -1778,7 +1779,7 @@ function grade_view_category_grades($view_by_student) {
 
                     
                 // set the links to student information based on multiview or individual... if individual go to student info... if many go to individual grades view.
-                if (isteacher($course->id)) {
+                if (has_capability('moodle/course:viewcoursegrades', $context)) {
                     if ($view_by_student != -1) {
                         $student_link = '<a href="'.$CFG->wwwroot.'/user/view.php?id='.$student.'&amp;course='.$course->id.'">';
                     }
@@ -1867,7 +1868,7 @@ function grade_view_category_grades($view_by_student) {
                 }
                 
                 if ($first == 0) {
-                    if (isteacher($course->id) && $view_by_student == -1) {
+                    if (has_capability('moodle/course:viewcoursegrades', $context) && $view_by_student == -1) {
                         $total_sort_link = '<a href="?id='.$course->id.'&amp;group='.$group.'&amp;action=vcats&amp;cview='.$cview.'&amp;sort=highgrade_category"><img src="'.$CFG->wwwroot.'/pix/t/down.gif" alt="'.get_string('highgradedescending','grades').'" /></a>';
                         $total_sort_link .= '<a href="?id='.$course->id.'&amp;group='.$group.'&amp;action=vcats&amp;cview='.$cview.'&amp;sort=highgrade_category_asc"><img src="'.$CFG->wwwroot.'/pix/t/up.gif" alt="'.get_string('highgradeascending','grades').'" /></a>';
                     }
@@ -1899,7 +1900,7 @@ function grade_view_category_grades($view_by_student) {
                         $header1 .= '<th class="'.$class.'">'.$all_categories[$cview]['stats']['weight'].get_string('pctoftotalgrade','grades').'</th>';
                     }
                     
-                    if (isteacher($course->id) ) {
+                    if (has_capability('moodle/course:viewcoursegrades', $context)) {
                         $header .= '<th rowspan="2">'.$student_heading_link.'</th></tr>';
                     }
                     else {
@@ -1917,7 +1918,7 @@ function grade_view_category_grades($view_by_student) {
                         echo  get_string('grades','grades');
                     }
 
-                    if (isteacher($course->id)) {
+                    if (has_capability('moodle/course:viewcoursegrades', $context)) {
                         helpbutton('teacher', get_string('gradehelp','grades'), 'grade');
                     }
                     else {
@@ -1951,7 +1952,7 @@ function grade_view_category_grades($view_by_student) {
                     $row .= '<td class="'.$class.'">'.$grades_by_student[$student][$cview]['stats']['weighted'].'%</td>';
                 }
 
-                if (isteacher($course->id) ) {
+                if (has_capability('moodle/course:viewcoursegrades', $context)) {
                     $row .= '<td class="fullname">'.$student_link.'</td>';
                 }
                 $row .= '</tr>';
@@ -1977,7 +1978,9 @@ function grade_view_all_grades($view_by_student) { // if mode=='grade' then we a
     global $group; // yu: fix for 5814
     global $preferences;
     
-    if (!isteacher($course->id)) {
+    $context = get_context_instance(CONTEXT_COURSE, $course->id);
+    
+    if (!has_capability('moodle/course:viewcoursegrades', $context)) {
         $view_by_student = $USER->id;    
     }
     
@@ -2005,7 +2008,7 @@ function grade_view_all_grades($view_by_student) { // if mode=='grade' then we a
         $reprint=0;
         
         echo  '<table align="center" class="grades">';
-        if (isteacher($course->id) ) {
+        if (has_capability('moodle/course:viewcoursegrades', $context)) {
             $student_heading_link = get_string('student','grades');
             if ($view_by_student == -1) {
                 $student_heading_link .='<a href="?id='.$course->id.'&amp;action=grades&amp;sort=lastname&amp;group='.$group.'"><br /><font size="-2">'.get_string('sortbylastname','grades').'</font></a>';
@@ -2040,7 +2043,7 @@ function grade_view_all_grades($view_by_student) { // if mode=='grade' then we a
             $oddrow = !$oddrow;
             
             // set the links to student information based on multiview or individual... if individual go to student info... if many go to individual grades view.
-            if (isteacher($course->id)) {
+            if (has_capability('moodle/course:viewcoursegrades', $context)) {
                 if ($view_by_student != -1) {
                     $studentviewlink = '<a href="'.$CFG->wwwroot.'/user/view.php?id='.$student.'&amp;course='.$course->id.'">'.$grades_by_student[$student]['student_data']['lastname'].', '.$grades_by_student[$student]['student_data']['firstname'].'</a>';
                 }
@@ -2113,7 +2116,7 @@ function grade_view_all_grades($view_by_student) { // if mode=='grade' then we a
                     $total_columns = $grade_columns;
                 }
                 
-                if (isteacher($course->id) && $view_by_student == -1) {
+                if (has_capability('moodle/course:viewcoursegrades', $context) && $view_by_student == -1) {
                     $grade_sort_link = '<a href="?id='.$course->id.'&amp;action=grades&amp;sort=highgrade&amp;group='.$group.'"><img src="'.$CFG->wwwroot.'/pix/t/down.gif" alt="'.get_string('highgradedescending','grades').'" /></a>';
                     $grade_sort_link .= '<a href="?id='.$course->id.'&amp;action=grades&amp;sort=highgrade_asc&amp;group='.$group.'"><img src="'.$CFG->wwwroot.'/pix/t/up.gif" alt="'.get_string('highgradeascending','grades').'" /></a>';
                     $points_sort_link = '<a href="?id='.$course->id.'&amp;action=grades&amp;sort=points&amp;group='.$group.'"><img src="'.$CFG->wwwroot.'/pix/t/down.gif" alt="'.get_string('pointsdescending','grades').'" /></a>';
@@ -2125,7 +2128,7 @@ function grade_view_all_grades($view_by_student) { // if mode=='grade' then we a
                 }
                 $stats_link = '<a href="javascript:void(0)"onclick="window.open(\'?id='.$course->id.'&amp;action=stats&amp;category=all\',\''.get_string('statslink','grades').'\',\'height=200,width=300,scrollbars=no\')"><font size=-2>'.get_string('statslink','grades').'</font></a>';
                 $header .= '<th colspan="'.$total_columns.'">'.get_string('total','grades').'&nbsp;'.$stats_link.'</th>';
-                if (isteacher($course->id) && $view_by_student == -1) {
+                if (has_capability('moodle/course:viewcoursegrades', $context) && $view_by_student == -1) {
                     if ($preferences->show_points) {
                         $header1 .= '<th>'.get_string('points','grades').'('.$all_categories['stats']['totalpoints'].')';
                         if ($category != 'student_data' && $all_categories[$category]['stats']['bonus_points'] != 0) {
@@ -2164,14 +2167,14 @@ function grade_view_all_grades($view_by_student) { // if mode=='grade' then we a
                     }
                     $header1 .= '</tr>';
                 }
-                if (isteacher($course->id)) {
+                if (has_capability('moodle/course:viewcoursegrades', $context)) {
                     $header .= '<th rowspan="2">'.$student_heading_link.'</th></tr>';
                 }
                 // adjust colcount to reflect actual number of columns output
                 $colcount = $colcount * $grade_columns + $total_columns + 2;
   
                 echo  '<tr><th colspan="'.$colcount.'"><font size="+1">'.get_string('allgrades','grades').'</font>';
-                if (isteacher($course->id)) {
+                if (has_capability('moodle/course:viewcoursegrades', $context)) {
                     helpbutton('teacher', get_string('gradehelp','grades'), 'grade');
                 }
                 else {
@@ -2214,7 +2217,7 @@ function grade_view_all_grades($view_by_student) { // if mode=='grade' then we a
                     }
                 }
             }
-            if (isteacher($course->id)) {
+            if (has_capability('moodle/course:viewcoursegrades', $context)) {
                 $row .= '<td>'. $studentviewlink .'</td></tr>';
             }
             else {
@@ -2887,7 +2890,7 @@ function grade_download_form($type='both') {
         $type = 'both';
     }
     
-    if (isteacher($course->id)) {
+    if (has_capability('moodle/course:viewcoursegrades', get_context_instance(CONTEXT_COURSE, $course->id))) {
         echo '<table align="center"><tr>';
         $options['id'] = $course->id;
         $options['sesskey'] = $USER->sesskey;
diff --git a/lib/accesslib.php b/lib/accesslib.php
index 25a365f7e531a5483a162892f376f006e53b6219..377707bc928a06ee4083e729d5b55e497d13fcaf 100755 (executable)
--- a/lib/accesslib.php
+++ b/lib/accesslib.php
@@ -2029,11 +2029,26 @@ function get_overridable_roles ($context) {
  * @param $sort - the sort order
  * @param $limitfrom - number of records to skip (offset)
  * @param $limitnum - number of records to fetch 
+ * @param $groups - single group or array of groups - group(s) user is in
  */
-function get_users_by_capability($context, $capability, $fields='u.*', $sort='', $limitfrom='', $limitnum='') {
+function get_users_by_capability($context, $capability, $fields='u.*', $sort='', $limitfrom='', $limitnum='', $groups='') {
     
     global $CFG;
     
+    if ($groups) {
+      
+        $groupjoin = 'LEFT JOIN '.$CFG->prefix.'groups_members gm ON gm.userid = ra.userid';
+        
+        if (is_array($groups)) {
+            $groupsql = 'AND gm.id IN ('.implode(',', $groups).')';
+        } else {
+            $groupsql = 'AND gm.id = '.$groups; 
+        }
+    } else {
+        $groupjoin = '';
+        $groupsql = '';  
+    }
+    
     // first get all roles with this capability in this context, or above
     $possibleroles = get_roles_with_capability($capability, CAP_ALLOW, $context);
     $validroleids = array();
@@ -2055,8 +2070,8 @@ function get_users_by_capability($context, $capability, $fields='u.*', $sort='',
     $roleids =  '('.implode(',', $validroleids).')';
     
     $select = ' SELECT '.$fields;
-    $from   = ' FROM '.$CFG->prefix.'user u LEFT JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id ';
-    $where  = ' WHERE (ra.contextid = '.$context->id.' OR ra.contextid in '.$listofcontexts.') AND u.deleted = 0 AND ra.roleid in '.$roleids.' ';
+    $from   = ' FROM '.$CFG->prefix.'user u LEFT JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id '.$groupjoin;
+    $where  = ' WHERE (ra.contextid = '.$context->id.' OR ra.contextid in '.$listofcontexts.') AND u.deleted = 0 AND ra.roleid in '.$roleids.' '.$groupsql;
 
     return get_records_sql($select.$from.$where.$sort, $limitfrom, $limitnum);  
 
diff --git a/lib/datalib.php b/lib/datalib.php
index 7ad858af99198a8881176d17a4b49cc0597484f8..dcb263228ef2c7294480101fa3427cf4459830b5 100644 (file)
--- a/lib/datalib.php
+++ b/lib/datalib.php
@@ -699,7 +699,7 @@ function get_courses_search($searchterms, $sort='fullname ASC', $page=0, $record
     if ($courses) {  /// Remove unavailable courses from the list
         foreach ($courses as $key => $course) {
             if (!$course->visible) {
-                if (!isteacher($course->id)) {
+                if (!has_capability('moodle/course:viewhiddencourses', get_context_instance(CONTEXT_COURSE, $course->id))) {
                     unset($courses[$key]);
                     $totalcount--;
                 }
@@ -1066,7 +1066,7 @@ function get_all_instances_in_courses($modulename,$courses) {
 
     foreach ($courses as $course) {
         // Hide non-visible instances from students
-        if (isteacher($course->id)) {
+        if (has_capability('moodle/course:viewhiddencourses', get_context_instance(CONTEXT_COURSE, $course->id))) {
             $invisible = -1;
         } else {
             $invisible = 0;
@@ -1125,7 +1125,7 @@ function get_all_instances_in_course($modulename, $course) {
     }
 
     // Hide non-visible instances from students
-    if (isteacher($course->id)) {
+    if (has_capability('moodle/course:viewhiddencourses', get_context_instance(CONTEXT_COURSE, $course->id))) {
         $invisible = -1;
     } else {
         $invisible = 0;
@@ -1246,6 +1246,8 @@ function add_to_log($courseid, $module, $action, $url='', $info='', $cm=0, $user
                      WHERE id = \''. $userid .'\' ');
         if ($courseid != SITEID && !empty($courseid)) { // logins etc dont't have a courseid and isteacher will break without it.
             if (defined('MDL_PERFDB')) { global $PERF ; $PERF->dbqueries++;};
+            
+            /// since we are quering the log table for lastaccess time now, can stop doing this? tables are gone
             if (isstudent($courseid)) {
                 $db->Execute('UPDATE '. $CFG->prefix .'user_students SET timeaccess = \''. $timenow .'\' '.
                              'WHERE course = \''. $courseid .'\' AND userid = \''. $userid .'\'');
diff --git a/lib/db/access.php b/lib/db/access.php
index 56157dc8552f0fbeee79ab79bf958029d2289abb..fd39f5c926bfbcb3ad14f2bc4415dbec84ce3abf 100644 (file)
--- a/lib/db/access.php
+++ b/lib/db/access.php
@@ -451,6 +451,34 @@ $moodle_capabilities = array(
         )
     ),
     
+    'moodle/course:viewhiddenuserfields' => array(
+    
+        'captype' => 'read',
+        'contextlevel' => CONTEXT_COURSE,
+        'legacy' => array(
+            'guest' => CAP_PREVENT,
+            'student' => CAP_PREVENT,
+            'teacher' => CAP_ALLOW,
+            'editingteacher' => CAP_ALLOW,
+            'coursecreator' => CAP_ALLOW,
+            'admin' => CAP_ALLOW
+        )
+    ),
+    
+    'moodle/course:viewhiddencourses' => array(
+    
+        'captype' => 'read',
+        'contextlevel' => CONTEXT_COURSE,
+        'legacy' => array(
+            'guest' => CAP_PREVENT,
+            'student' => CAP_PREVENT,
+            'teacher' => CAP_PREVENT,
+            'editingteacher' => CAP_PREVENT,
+            'coursecreator' => CAP_ALLOW,
+            'admin' => CAP_ALLOW
+        )
+    ),
+    
     'moodle/course:visibility' => array(
     
         'captype' => 'write',
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 761addaad9ad0ee08f930bee7a0fd93c9ce41e6d..bec73144468f73e4ebc3f5b2ed2f77c66e798066 100644 (file)
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -1543,7 +1543,7 @@ function require_login($courseid=0, $autologinguest=true, $cm=null) {
         if (! $course = get_record('course', 'id', $courseid)) {
             error('That course doesn\'t exist');
         }
-        if (!isteacher($courseid) && !($course->visible && course_parent_visible($course))) {
+        if (!has_capability('moodle/course:viewhiddencourses', get_context_instance(CONTEXT_COURSE, $courseid)) && !($course->visible && course_parent_visible($course))) {
             print_header();
             notice(get_string('coursehidden'), $CFG->wwwroot .'/');
         }    
diff --git a/lib/weblib.php b/lib/weblib.php
index aeebd5f897c4f4ee0486db9cf1ab3ff2db1b0012..0e66df55cfe5ccbf4bf25dadbbc2ab07a3047758 100644 (file)
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -3034,7 +3034,7 @@ function print_user($user, $course, $messageselect=false, $return=false) {
     }
 
 /// Get the hidden field list
-    if ($isteacher || $isadmin) {
+    if (has_capability('moodle/course:viewhiddenuserfields', get_context_instance(CONTEXT_COURSE, $course->id))) {
         $hiddenfields = array();
     } else {
         $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
@@ -3522,8 +3522,8 @@ function print_textarea($usehtmleditor, $rows, $cols, $width, $height, $name, $v
         }
 
         if ($usehtmleditor) {
-
-            if (!empty($courseid) and isteacher($courseid)) {
+            // not sure if this capability is appropriate
+            if (!empty($courseid) and has_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $courseid))) {
                 $str .= ($scriptcount < 1) ? '<script type="text/javascript" src="'.
                 $CFG->wwwroot .'/lib/editor/htmlarea/htmlarea.php?id='. $courseid .'"></script>'."\n" : '';
             } else {
@@ -4078,7 +4078,7 @@ function navmenulist($course, $sections, $modinfo, $isteacher, $strsection, $str
         if ($mod->section >= 0 and $section <> $mod->section) {
             $thissection = $sections[$mod->section];
 
-            if ($thissection->visible or !$course->hiddensections or $isteacher) {
+            if ($thissection->visible or !$course->hiddensections or has_capability('moodle/course:viewhiddensections', get_context_instance(CONTEXT_COURSE, $course->id))) {
                 $thissection->summary = strip_tags(format_string($thissection->summary,true));
                 if (!empty($doneheading)) {
                     $menu[] = '</ul></li>';
diff --git a/mod/chat/lib.php b/mod/chat/lib.php
index c98b83e305c29bc273e08a0c21dac1490a131654..48b7605ce8e7c76c6748d87603e3739fe3be4855 100644 (file)
--- a/mod/chat/lib.php
+++ b/mod/chat/lib.php
@@ -188,8 +188,6 @@ function chat_print_recent_activity($course, $isteacher, $timestart) {
         return false;
     }
 
-    $isteacher = isteacher($course->id);
-
     $outputstarted = false;
     $current = 0;
     foreach ($chatusers as $chatuser) {
@@ -211,7 +209,6 @@ function chat_print_recent_activity($course, $isteacher, $timestart) {
               
                 // needs to be fixed
                 if (!(has_capability('mod/chat:readlog', $context) or instance_is_visible('chat', $chat))) {  // Chat hidden to students
-                //if (!($isteacher or instance_is_visible('chat', $chat))) {  // Chat hidden to students
                     continue;
                 }
                 if (!$outputstarted) {
@@ -222,7 +219,7 @@ function chat_print_recent_activity($course, $isteacher, $timestart) {
             }
             $current = $chatuser->chatid;
         }
-        $fullname = fullname($chatuser, $isteacher);
+        $fullname = fullname($chatuser, has_capability('moodle/site:viewfullnames', get_context_instance(CONTEXT_MODULE, $cm->id)));
         echo '<li class="info name">'.$fullname.'</li>';
     }
 
diff --git a/user/index.php b/user/index.php
index 16f15484fa5becb0b791b7b6c16070415439e18c..866796022cead4586a49b1e256b7e9b3a3ab9b8c 100644 (file)
--- a/user/index.php
+++ b/user/index.php
@@ -150,7 +150,7 @@
 
 
 /// Get the hidden field list
-    if ($isteacher || isadmin()) {
+    if (has_capability('moodle/course:viewhiddenuserfields', get_context_instance(CONTEXT_COURSE, $course->id))) {
         $hiddenfields = array();  // teachers and admins are allowed to see everything
     } else {
         $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
Unnamed repository; edit this file to name it for gitweb.