MDL-17485 roles: fixed use and definition of review use of moodle/user:viewuseractivi...

diff --git a/course/user.php b/course/user.php
index 61f749194753c3c5b7dea2eda0260898b69df401..d090d99ba8d28f49f1bd466af512fd785a0747b7 100644 (file)
--- a/course/user.php
+++ b/course/user.php
@@ -75,6 +75,10 @@
     } else if ($course->showgrades and has_capability('moodle/grade:viewall', $personalcontext)) {
         // ok - can view grades of this user - parent most probably
         $modes[] = 'grade';
+
+    } else if ($course->showgrades and $anyreport) {
+        // ok - can view grades of this user - parent most probably
+        $modes[] = 'grade';
     }
 
     if (empty($modes)) {

diff --git a/lib/db/access.php b/lib/db/access.php
index b4a7d2a8a3a378c9cb79a92714c34b49cc0e5d9f..8fc3555dca9187305d531898b580ae4d6fcd021a 100644 (file)
--- a/lib/db/access.php
+++ b/lib/db/access.php
@@ -887,14 +887,13 @@ $moodle_capabilities = array(
         )
     ),
 
+    // designed for parent role - not used in legacy roles
     'moodle/user:viewuseractivitiesreport' => array(
+        'riskbitmask' => RISK_PERSONAL,
 
         'captype' => 'read',
         'contextlevel' => CONTEXT_USER,
         'legacy' => array(
-            'teacher' => CAP_ALLOW,
-            'editingteacher' => CAP_ALLOW,
-            'admin' => CAP_ALLOW
         )
     ),
 

diff --git a/lib/weblib.php b/lib/weblib.php
index 7ac9dc9c3dbd35e4aa402a24e1c3ce82275ade1f..ca2b28f7b446a6d40b281e7849eaad8c1494d308 100644 (file)
--- a/lib/weblib.php
+++ b/lib/weblib.php
@@ -4640,7 +4640,9 @@ function print_user($user, $course, $messageselect=false, $return=false) {
 
     $context = get_context_instance(CONTEXT_COURSE, $course->id);
     if (isset($user->context->id)) {
-        $usercontext = get_context_instance_by_id($user->context->id);
+        $usercontext = $user->context;
+    } else {
+        $usercontext = get_context_instance(CONTEXT_USER, $user->id);
     }
 
     if (empty($string)) {     // Cache all the strings for the rest of the page
@@ -4724,8 +4726,7 @@ has_capability('moodle/course:viewhiddenuserfields', $context)) {
         $output .= '<a href="'.$CFG->wwwroot.'/notes/index.php?course=' . $course->id. '&amp;user='.$user->id.'">'.get_string('notes','notes').'</a><br />';
     }
 
-    if (has_capability('moodle/user:viewuseractivitiesreport', $context) || (isset($usercontext) && has_capability('moodle/user:viewuseractivitiesreport', $usercontext))) {
-        $timemidnight = usergetmidnight(time());
+    if (has_capability('moodle/site:viewreports', $context) or has_capability('moodle/user:viewuseractivitiesreport', $usercontext)) {
         $output .= '<a href="'. $CFG->wwwroot .'/course/user.php?id='. $course->id .'&amp;user='. $user->id .'">'. $string->activity .'</a><br />';
     }
     if (has_capability('moodle/role:assign', $context) and get_user_roles($context, $user->id, false)) {  // I can unassing and user has some role

diff --git a/user/tabs.php b/user/tabs.php
index 842348bb489dac54e9e59cd72e57046be2bdc933..eed80872f3a518308439f78e5369d3066c131e69 100644 (file)
--- a/user/tabs.php
+++ b/user/tabs.php
@@ -223,6 +223,10 @@
             // ok - can view grades of this user - parent most probably
             $gradeaccess = true;
 
+        } else if ($course->showgrades and $anyreport) {
+            // ok - can view grades of this user - parent most probably
+            $gradeaccess = true;
+
         } else {
             $gradeaccess = false;
         }

diff --git a/version.php b/version.php
index d1b115d9012a316d7586d44069142a95e57274a9..e6ccc20f098d8e6bb6e78c440330a20d9f9a3cef 100644 (file)
--- a/version.php
+++ b/version.php
@@ -6,7 +6,7 @@
 // This is compared against the values stored in the database to determine
 // whether upgrades should be performed (see lib/db/*.php)
 
-    $version = 2008113001;  // YYYYMMDD   = date of the last version bump
+    $version = 2008120100;  // YYYYMMDD   = date of the last version bump
                             //         XX = daily increments
 
     $release = '2.0 dev (Build: 20081128)';  // Human-friendly version name