added capabilty risks into access.php and GUI for define role and override; minor...

diff --git a/admin/roles/manage.html b/admin/roles/manage.html
index 41efee245e692c6117ab95878eb0dd76906264f6..f8260fdb7cdb0c555226d94cb634ffc88ec515e4 100755 (executable)
--- a/admin/roles/manage.html
+++ b/admin/roles/manage.html
@@ -18,6 +18,7 @@ Role short name (ASCII): <input type="text" name="shortname" value="<?php echo $
 <td><?php print_string('allow','role') ?></td>
 <td><?php print_string('prevent','role') ?></td>
 <td><?php print_string('prohibit','role') ?></td>
+<td><?php print_string('risks','role') ?></td>
 </tr>
 
 <?php 
@@ -50,6 +51,23 @@ foreach ($capabilities as $capability) {
         <td><INPUT TYPE=radio NAME="<?php echo $capability->name; ?>" VALUE="1" <?php if (isset($localoverride->permission) && $localoverride->permission==1){ echo 'checked="checked"'; }?>></td>
         <td ><INPUT TYPE=radio NAME="<?php echo $capability->name; ?>" VALUE="-1" <?php if (isset($localoverride->permission) && $localoverride->permission==-1){ echo 'checked="checked"'; }?>></td>
         <td ><INPUT TYPE=radio NAME="<?php echo $capability->name; ?>" VALUE="-1000" <?php if (isset($localoverride->permission) && $localoverride->permission==-1000){ echo 'checked="checked"'; }?>></td>
+        <td><?php
+            if (RISK_MANAGETRUST & (int)$capability->riskbitmask) {
+                echo "T";
+            }
+            if (RISK_ADMIN & (int)$capability->riskbitmask) {
+                echo "A";
+            }
+            if (RISK_XSS & (int)$capability->riskbitmask) {
+                echo "X";
+            }
+            if (RISK_PERSONAL & (int)$capability->riskbitmask) {
+                echo "P";
+            }
+            if (RISK_SPAM & (int)$capability->riskbitmask) {
+                echo "S";
+            }
+        ?></td>
         </tr>
 
         <?php } ?>    

diff --git a/admin/roles/override.html b/admin/roles/override.html
index 03c1144fa08e1e4d001d1239f19b9a2cd89f5264..9db29bb2c037aae9762132edfc3038746eeeaea6 100755 (executable)
--- a/admin/roles/override.html
+++ b/admin/roles/override.html
@@ -15,6 +15,7 @@ if ($courseid) {
                 <td><?php print_string('allow','role') ?></td>
                 <td><?php print_string('prevent','role') ?></td>
                 <td><?php print_string('prohibit','role') ?></td>
+                <td><?php print_string('risks','role') ?></td>
             </tr>
             <?php 
             
@@ -83,6 +84,23 @@ if ($courseid) {
                        if ($localpermission == CAP_PROHIBIT) {echo ' checked="checked"';} 
                        if ($isdisabled)                      {echo ' disabled="disabled"';}?>>
                  </td>
+                 <td><?php
+                    if (RISK_MANAGETRUST & (int)$capability->riskbitmask) {
+                        echo "T";
+                    }
+                    if (RISK_ADMIN & (int)$capability->riskbitmask) {
+                        echo "A";
+                    }
+                    if (RISK_XSS & (int)$capability->riskbitmask) {
+                        echo "X";
+                    }
+                    if (RISK_PERSONAL & (int)$capability->riskbitmask) {
+                        echo "P";
+                    }
+                    if (RISK_SPAM & (int)$capability->riskbitmask) {
+                        echo "S";
+                    }
+                 ?></td>
             </tr>
             
             <?php } ?>    

diff --git a/lib/accesslib.php b/lib/accesslib.php
index 2860e872663a9adeac4a4b75502f141a32b7ee2c..a08efde48b972948a24ac5ea455f3a4715e66b6c 100755 (executable)
--- a/lib/accesslib.php
+++ b/lib/accesslib.php
@@ -30,6 +30,14 @@ define('CONTEXT_GROUP', 60);
 define('CONTEXT_MODULE', 70);
 define('CONTEXT_BLOCK', 80);
 
+// capability risks - see http://docs.moodle.org/en/Hardening_new_Roles_system
+define('RISK_MANAGETRUST', 0x0001);
+define('RISK_ADMIN',       0x0002);
+define('RISK_XSS',         0x0004);
+define('RISK_PERSONAL',    0x0008);
+define('RISK_SPAM',        0x0010);
+
+
 $context_cache    = array();    // Cache of all used context objects for performance (by level and instance)
 $context_cache_id = array();    // Index to above cache by id
 

diff --git a/lib/db/access.php b/lib/db/access.php
index 1dd45d9081c8c8a60a29583fc90431c3d3ffd44c..f641d260fd79d2883b6219de1f39f09ba5147a1f 100644 (file)
--- a/lib/db/access.php
+++ b/lib/db/access.php
@@ -34,6 +34,7 @@
 $moodle_capabilities = array(
     
     'moodle/site:doanything' => array(
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_ADMIN,
         'captype' => 'admin',
         'contextlevel' => CONTEXT_SYSTEM
     ),
@@ -45,30 +46,35 @@ $moodle_capabilities = array(
     
     
     'moodle/legacy:student' => array(
+        'riskbitmask' => RISK_SPAM,
         'captype' => 'legacy',
         'contextlevel' => CONTEXT_SYSTEM
     ),
     
     
     'moodle/legacy:teacher' => array(
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
         'captype' => 'legacy',
         'contextlevel' => CONTEXT_SYSTEM
     ),
     
     
     'moodle/legacy:editingteacher' => array(
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
         'captype' => 'legacy',
         'contextlevel' => CONTEXT_SYSTEM
     ),
     
     
     'moodle/legacy:coursecreator' => array(
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
         'captype' => 'legacy',
         'contextlevel' => CONTEXT_SYSTEM
     ),
     
     
     'moodle/legacy:admin' => array(
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_ADMIN,
         'captype' => 'legacy',
         'contextlevel' => CONTEXT_SYSTEM
     ),
@@ -76,6 +82,8 @@ $moodle_capabilities = array(
     
     'moodle/site:config' => array(
     
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_ADMIN,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -118,6 +126,8 @@ $moodle_capabilities = array(
     
     'moodle/site:import' => array(
     
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -132,6 +142,8 @@ $moodle_capabilities = array(
     
     'moodle/site:backup' => array(
     
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -146,6 +158,8 @@ $moodle_capabilities = array(
     
     'moodle/site:restore' => array(
     
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -160,6 +174,8 @@ $moodle_capabilities = array(
     
     'moodle/site:manageblocks' => array(
     
+        'riskbitmask' => RISK_SPAM | RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -216,6 +232,8 @@ $moodle_capabilities = array(
     
     'moodle/site:viewreports' => array(
     
+        'riskbitmask' => RISK_PERSONAL,
+
         'captype' => 'read',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -230,6 +248,8 @@ $moodle_capabilities = array(
     
     'moodle/site:trustcontent' => array(
     
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -244,6 +264,8 @@ $moodle_capabilities = array(
     
     'moodle/user:create' => array(
     
+        'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -272,6 +294,8 @@ $moodle_capabilities = array(
     
     'moodle/user:update' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -300,6 +324,8 @@ $moodle_capabilities = array(
 
     'moodle/user:viewhiddendetails' => array(
     
+        'riskbitmask' => RISK_PERSONAL,
+
         'captype' => 'read',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -438,6 +464,8 @@ $moodle_capabilities = array(
     
     'moodle/course:create' => array(
     
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_COURSE,
         'legacy' => array(
@@ -466,6 +494,8 @@ $moodle_capabilities = array(
     
     'moodle/course:update' => array(
     
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_COURSE,
         'legacy' => array(
@@ -494,6 +524,8 @@ $moodle_capabilities = array(
     
     'moodle/course:viewhiddenuserfields' => array(
     
+        'riskbitmask' => RISK_PERSONAL,
+
         'captype' => 'read',
         'contextlevel' => CONTEXT_COURSE,
         'legacy' => array(
@@ -536,6 +568,8 @@ $moodle_capabilities = array(
     
     'moodle/course:managefiles' => array(
     
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_COURSE,
         'legacy' => array(
@@ -550,6 +584,8 @@ $moodle_capabilities = array(
     
     'moodle/course:managequestions' => array(
     
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_COURSE,
         'legacy' => array(
@@ -564,6 +600,8 @@ $moodle_capabilities = array(
     
     'moodle/course:manageactivities' => array(
     
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_COURSE,
         'legacy' => array(
@@ -704,6 +742,8 @@ $moodle_capabilities = array(
     
     'moodle/blog:create' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -718,6 +758,8 @@ $moodle_capabilities = array(
     
     'moodle/blog:manageofficialtags' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -732,6 +774,8 @@ $moodle_capabilities = array(
     
     'moodle/blog:managepersonaltags' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -746,6 +790,8 @@ $moodle_capabilities = array(
     
     'moodle/blog:manageentries' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -760,6 +806,8 @@ $moodle_capabilities = array(
     
     'moodle/calendar:manageownentries' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -774,6 +822,8 @@ $moodle_capabilities = array(
     
     'moodle/calendar:manageentries' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_SYSTEM,
         'legacy' => array(
@@ -828,6 +878,9 @@ $moodle_capabilities = array(
     ),
     
     'moodle/user:editprofile' => array(
+
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'read',
         'contextlevel' => CONTEXT_USER,
         'legacy' => array(
@@ -841,6 +894,9 @@ $moodle_capabilities = array(
     ),
     
     'moodle/question:import' => array(
+
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_COURSE,
         'legacy' => array(
@@ -880,6 +936,9 @@ $moodle_capabilities = array(
     ),
     
     'moodle/question:manage' => array(
+
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_COURSE,
         'legacy' => array(

diff --git a/mod/chat/db/access.php b/mod/chat/db/access.php
index f3b7238ddc3a60ab825d2bbcf8d3240f8e8b26c4..b8d8a33a310d18e5d778e9ebdbca9d8bfa3f24d4 100644 (file)
--- a/mod/chat/db/access.php
+++ b/mod/chat/db/access.php
@@ -35,6 +35,8 @@ $mod_chat_capabilities = array(
     
     'mod/chat:chat' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(

diff --git a/mod/chat/version.php b/mod/chat/version.php
index 98b7acb691c8c110dcaa0ab87a74bd065ab5ada9..01bbd01f6b926a6aed3c25bc45052f8f4300182a 100644 (file)
--- a/mod/chat/version.php
+++ b/mod/chat/version.php
@@ -5,7 +5,7 @@
 ///  This fragment is called by moodle_needs_upgrading() and /admin/index.php
 /////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006091201;   // The (date) version of this module
+$module->version  = 2006091800;   // The (date) version of this module
 $module->requires = 2006080900;  // Requires this Moodle version
 $module->cron     = 300;          // How often should cron check this module (seconds)?
 

diff --git a/mod/data/db/access.php b/mod/data/db/access.php
index fde55f1da4ee95788a7ffb5d34a9c08232a0fa50..90625ba5d24c385f6026f5bb2c4eb8d9977bebf1 100644 (file)
--- a/mod/data/db/access.php
+++ b/mod/data/db/access.php
@@ -63,6 +63,8 @@ $mod_data_capabilities = array(
     
     'mod/data:writeentry' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -77,6 +79,8 @@ $mod_data_capabilities = array(
     
     'mod/data:comment' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -161,6 +165,8 @@ $mod_data_capabilities = array(
     
     'mod/data:managetemplates' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(

diff --git a/mod/data/version.php b/mod/data/version.php
index a0ad66ace075f0715070c400e2b2076fb0cbab8a..5fe726bab38eccaa623d4f299f2a0527f9d94fdd 100644 (file)
--- a/mod/data/version.php
+++ b/mod/data/version.php
@@ -5,7 +5,7 @@
 //  This fragment is called by /admin/index.php
 ////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006091201;
+$module->version  = 2006091800;
 $module->requires = 2006080900;  // Requires this Moodle version
 $module->cron     = 60;
 

diff --git a/mod/forum/db/access.php b/mod/forum/db/access.php
index a0525701d8a0098e6b10091dc5ed62b33556ca65..819e5089b9b8e7d6b871e5e4c144615e0f395a67 100644 (file)
--- a/mod/forum/db/access.php
+++ b/mod/forum/db/access.php
@@ -77,7 +77,9 @@ $mod_forum_capabilities = array(
     
     'mod/forum:startdiscussion' => array(
     
-        'captype' => 'read',
+        'riskbitmask' => RISK_SPAM,
+
+        'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
             'guest' => CAP_PREVENT,
@@ -91,7 +93,9 @@ $mod_forum_capabilities = array(
     
     'mod/forum:replypost' => array(
     
-        'captype' => 'read',
+        'riskbitmask' => RISK_SPAM,
+
+        'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
             'guest' => CAP_PREVENT,
@@ -133,7 +137,7 @@ $mod_forum_capabilities = array(
     
     'mod/forum:rate' => array(
     
-        'captype' => 'read',
+        'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
             'guest' => CAP_PREVENT,
@@ -147,7 +151,9 @@ $mod_forum_capabilities = array(
     
     'mod/forum:createattachment' => array(
     
-        'captype' => 'read',
+        'riskbitmask' => RISK_SPAM,
+
+        'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
             'guest' => CAP_PREVENT,
@@ -217,7 +223,9 @@ $mod_forum_capabilities = array(
     
     'mod/forum:editanypost' => array(
     
-        'captype' => 'read',
+        'riskbitmask' => RISK_SPAM,
+
+        'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
             'guest' => CAP_PREVENT,

diff --git a/mod/forum/version.php b/mod/forum/version.php
index 61defdbcc4aa6c23a6124a7e3652bd8c3f54f75a..a797f5d48ac24ccbedd288bc44c4b4b361cf35d1 100644 (file)
--- a/mod/forum/version.php
+++ b/mod/forum/version.php
@@ -5,7 +5,7 @@
 //  This fragment is called by /admin/index.php
 ////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006091201;
+$module->version  = 2006091800;
 $module->requires = 2006082600;  // Requires this Moodle version
 $module->cron     = 60;
 

diff --git a/mod/glossary/db/access.php b/mod/glossary/db/access.php
index 6f7423ced7cf0527897474f39a1b98ba74a01ce0..a39cd21d8ba579ff65d8b04814a2827d9a1861c7 100644 (file)
--- a/mod/glossary/db/access.php
+++ b/mod/glossary/db/access.php
@@ -49,6 +49,8 @@ $mod_glossary_capabilities = array(
     
     'mod/glossary:write' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -91,6 +93,8 @@ $mod_glossary_capabilities = array(
     
     'mod/glossary:comment' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -119,6 +123,8 @@ $mod_glossary_capabilities = array(
     
     'mod/glossary:import' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(

diff --git a/mod/glossary/version.php b/mod/glossary/version.php
index 6dff8bef4313583982afa88cdd6c0666b4edbc01..2a5427ad79c593963bb3094784ee6036edee59b5 100644 (file)
--- a/mod/glossary/version.php
+++ b/mod/glossary/version.php
@@ -5,7 +5,7 @@
 ///  This fragment is called by moodle_needs_upgrading() and /admin/index.php
 /////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006091201;
+$module->version  = 2006091800;
 $module->requires = 2006082600;  // Requires this Moodle version
 $module->cron     = 0;           // Period for cron to check this module (secs)
 

diff --git a/mod/lesson/db/access.php b/mod/lesson/db/access.php
index 747eac2380da2f2990962e7bb922ddd7e5510143..e7e71b258e2f21bed57487c3f515f900a80effaf 100644 (file)
--- a/mod/lesson/db/access.php
+++ b/mod/lesson/db/access.php
@@ -22,6 +22,8 @@ $mod_lesson_capabilities = array(
 
     'mod/lesson:edit' => array(
     
+        'riskbitmask' => RISK_XSS,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(

diff --git a/mod/lesson/version.php b/mod/lesson/version.php
index 1d6a3ab3d08aeaf06a520fa3e3fa7947c49e1e61..b722ead2df98173fffb26b958792dd6e144edb57 100644 (file)
--- a/mod/lesson/version.php
+++ b/mod/lesson/version.php
@@ -5,7 +5,7 @@
 ///  This fragment is called by moodle_needs_upgrading() and /admin/index.php
 /////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006091202;  // The current module version (Date: YYYYMMDDXX)
+$module->version  = 2006091801;  // The current module version (Date: YYYYMMDDXX)
 $module->requires = 2006080900;  // Requires this Moodle version
 $module->cron     = 0;           // Period for cron to check this module (secs)
 

diff --git a/mod/wiki/db/access.php b/mod/wiki/db/access.php
index f480bef5f1b8969b6b78b0dac09916593702d07b..bb48107eb4cd5f2af1a49ebb7bc76b3428f14604 100644 (file)
--- a/mod/wiki/db/access.php
+++ b/mod/wiki/db/access.php
@@ -22,6 +22,8 @@ $mod_wiki_capabilities = array(
 
     'mod/wiki:participate' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -36,6 +38,8 @@ $mod_wiki_capabilities = array(
 
     'mod/wiki:manage' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(

diff --git a/mod/wiki/version.php b/mod/wiki/version.php
index cb7b70f397b79006c6688e2aebb10e7311ce874d..87b1847a9d0bf0b93c904ca60abb64eeb31e1a16 100644 (file)
--- a/mod/wiki/version.php
+++ b/mod/wiki/version.php
@@ -5,7 +5,7 @@
 ///  This fragment is called by moodle_needs_upgrading() and /admin/index.php
 /////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006091202;  // The current module version (Date: YYYYMMDDXX)
+$module->version  = 2006091800;  // The current module version (Date: YYYYMMDDXX)
 $module->requires = 2006080900;  // The current module version (Date: YYYYMMDDXX)
 $module->cron     = 0;           // Period for cron to check this module (secs)
 

diff --git a/mod/workshop/db/access.php b/mod/workshop/db/access.php
index b50387ab97a6ca0adce334c83c3ddc8ab7a8f231..c16de6759ff2c674e42afa154a013cd7ae663eb9 100644 (file)
--- a/mod/workshop/db/access.php
+++ b/mod/workshop/db/access.php
@@ -22,6 +22,8 @@ $mod_workshop_capabilities = array(
 
     'mod/workshop:participate' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -36,6 +38,8 @@ $mod_workshop_capabilities = array(
 
     'mod/workshop:manage' => array(
     
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(

diff --git a/mod/workshop/version.php b/mod/workshop/version.php
index a0ad66ace075f0715070c400e2b2076fb0cbab8a..5fe726bab38eccaa623d4f299f2a0527f9d94fdd 100644 (file)
--- a/mod/workshop/version.php
+++ b/mod/workshop/version.php
@@ -5,7 +5,7 @@
 //  This fragment is called by /admin/index.php
 ////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006091201;
+$module->version  = 2006091800;
 $module->requires = 2006080900;  // Requires this Moodle version
 $module->cron     = 60;
 

diff --git a/version.php b/version.php
index 4a70d7c39a6365c89ec69a71789bcfe5d8a40cad..459f2478f185a7c075bf762df15bd38914e6eca2 100644 (file)
--- a/version.php
+++ b/version.php
@@ -6,7 +6,7 @@
 // This is compared against the values stored in the database to determine
 // whether upgrades should be performed (see lib/db/*.php)
 
-   $version = 2006091804;  // YYYYMMDD = date
+   $version = 2006091807;  // YYYYMMDD = date
                            //       XY = increments within a single day
 
    $release = '1.7 dev';    // Human-friendly version name