MDL-18985 improved group access control in gradebook exports

diff --git a/grade/export/ods/export.php b/grade/export/ods/export.php
index 1a170f1885e06e916365b39a334cfc444dde860f..372fc108c23c3a31f8f5356bd149e0dcaf865b97 100755 (executable)
--- a/grade/export/ods/export.php
+++ b/grade/export/ods/export.php
@@ -45,6 +45,11 @@ $context = get_context_instance(CONTEXT_COURSE, $id);
 require_capability('moodle/grade:export', $context);
 require_capability('gradeexport/ods:view', $context);
 
+if (groups_get_course_groupmode($COURSE) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
+    if (!groups_is_member($groupid, $USER->id)) {
+        print_error('cannotaccessgroup', 'grades');
+    }
+}
 
 // print all the exported data here
 $export = new grade_export_ods($course, $groupid, $itemids, $export_feedback, $updatedgradesonly, $displaytype, $decimalpoints);

diff --git a/grade/export/txt/export.php b/grade/export/txt/export.php
index dad8713d7db0fc16ac5cf532592e9a4440d41e52..1f630d8d4e5b55b391639c20a1007d8a8785651b 100755 (executable)
--- a/grade/export/txt/export.php
+++ b/grade/export/txt/export.php
@@ -46,6 +46,11 @@ $context = get_context_instance(CONTEXT_COURSE, $id);
 require_capability('moodle/grade:export', $context);
 require_capability('gradeexport/txt:view', $context);
 
+if (groups_get_course_groupmode($COURSE) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
+    if (!groups_is_member($groupid, $USER->id)) {
+        print_error('cannotaccessgroup', 'grades');
+    }
+}
 
 // print all the exported data here
 $export = new grade_export_txt($course, $groupid, $itemids, $export_feedback, $updatedgradesonly, $displaytype, $decimalpoints, $separator);

diff --git a/grade/export/xls/export.php b/grade/export/xls/export.php
index 86f03daa4d13ea0825f69d822dabc5faaadfac8a..c9b07b131b83449e7a592546416878153dbd2190 100755 (executable)
--- a/grade/export/xls/export.php
+++ b/grade/export/xls/export.php
@@ -45,6 +45,11 @@ $context = get_context_instance(CONTEXT_COURSE, $id);
 require_capability('moodle/grade:export', $context);
 require_capability('gradeexport/xls:view', $context);
 
+if (groups_get_course_groupmode($COURSE) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
+    if (!groups_is_member($groupid, $USER->id)) {
+        print_error('cannotaccessgroup', 'grades');
+    }
+}
 
 // print all the exported data here
 $export = new grade_export_xls($course, $groupid, $itemids, $export_feedback, $updatedgradesonly, $displaytype, $decimalpoints);

diff --git a/grade/export/xml/export.php b/grade/export/xml/export.php
index 4f54cce80732eb0139165ac246442cb4795b15e3..751c0941d2b474b3cfdb2e3e208e978aa6e5d813 100755 (executable)
--- a/grade/export/xml/export.php
+++ b/grade/export/xml/export.php
@@ -45,6 +45,11 @@ $context = get_context_instance(CONTEXT_COURSE, $id);
 require_capability('moodle/grade:export', $context);
 require_capability('gradeexport/xml:view', $context);
 
+if (groups_get_course_groupmode($COURSE) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
+    if (!groups_is_member($groupid, $USER->id)) {
+        print_error('cannotaccessgroup', 'grades');
+    }
+}
 
 // print all the exported data here
 $export = new grade_export_xml($course, $groupid, $itemids, $export_feedback, $updatedgradesonly, $displaytype, $decimalpoints);

diff --git a/lang/en_utf8/grades.php b/lang/en_utf8/grades.php
index 61ab1b85c4650ca5402ba79a030f7bdc1754e549..b3207d5e1c88dceaf152b1382ec86fe9fd06603a 100644 (file)
--- a/lang/en_utf8/grades.php
+++ b/lang/en_utf8/grades.php
@@ -62,6 +62,7 @@ $string['calculationadd'] = 'Add calculation';
 $string['calculationedit'] = 'Edit calculation';
 $string['calculationview'] = 'View calculation';
 $string['calculationsaved'] = 'Calculation saved';
+$string['cannotaccessgroup'] = 'Can not access grades of selected group, sorry.';
 $string['categories'] = 'Categories';
 $string['categoriesanditems'] = 'Categories and items';
 $string['categoriesedit'] = 'Edit categories and items';