]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bcdb0f1)
fixed risks associated with capabilitites in modules MDL-7174; merged from MOODLE_17_...
authorskodak <skodak>
Tue, 24 Oct 2006 08:06:56 +0000 (08:06 +0000)
committerskodak <skodak>
Tue, 24 Oct 2006 08:06:56 +0000 (08:06 +0000)
mod/data/db/access.php patch | blob | history
mod/data/version.php patch | blob | history
mod/glossary/db/access.php patch | blob | history
mod/glossary/version.php patch | blob | history

diff --git a/mod/data/db/access.php b/mod/data/db/access.php
index 0f1e57c60014f6cd16a0b5210be30ea44eb57283..29ba9fc2fc2a9073fc8daa7a21f1992db271d7c1 100644 (file)
--- a/mod/data/db/access.php
+++ b/mod/data/db/access.php
@@ -115,6 +115,8 @@ $mod_data_capabilities = array(
 
     'mod/data:manageentries' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -127,6 +129,8 @@ $mod_data_capabilities = array(
 
     'mod/data:managecomments' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -139,7 +143,7 @@ $mod_data_capabilities = array(
 
     'mod/data:managetemplates' => array(
 
-        'riskbitmask' => RISK_SPAM,
+        'riskbitmask' => RISK_SPAM | RISK_XSS,
 
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
diff --git a/mod/data/version.php b/mod/data/version.php
index 0fecce89b59e96b3b96338add3ba2870fb0862b4..d4eb8b2d41f80c5be9b2d3bda4b03b44793a5a90 100644 (file)
--- a/mod/data/version.php
+++ b/mod/data/version.php
@@ -5,7 +5,7 @@
 //  This fragment is called by /admin/index.php
 ////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006100200;
+$module->version  = 2006100201;
 $module->requires = 2006080900;  // Requires this Moodle version
 $module->cron     = 60;
 
diff --git a/mod/glossary/db/access.php b/mod/glossary/db/access.php
index be881aae08bc3e80e05fe18cebdf4dd6a7b339db..0f9ce1df51413b39137260495435eb5032ea72b9 100644 (file)
--- a/mod/glossary/db/access.php
+++ b/mod/glossary/db/access.php
@@ -50,6 +50,8 @@ $mod_glossary_capabilities = array(
 
     'mod/glossary:manageentries' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -62,6 +64,8 @@ $mod_glossary_capabilities = array(
 
     'mod/glossary:managecategories' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -89,6 +93,8 @@ $mod_glossary_capabilities = array(
 
     'mod/glossary:managecomments' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
@@ -127,6 +133,8 @@ $mod_glossary_capabilities = array(
 
     'mod/glossary:approve' => array(
 
+        'riskbitmask' => RISK_SPAM,
+
         'captype' => 'write',
         'contextlevel' => CONTEXT_MODULE,
         'legacy' => array(
diff --git a/mod/glossary/version.php b/mod/glossary/version.php
index 2a5427ad79c593963bb3094784ee6036edee59b5..46d936902002b6c2c79c65a93678471028699638 100644 (file)
--- a/mod/glossary/version.php
+++ b/mod/glossary/version.php
@@ -5,7 +5,7 @@
 ///  This fragment is called by moodle_needs_upgrading() and /admin/index.php
 /////////////////////////////////////////////////////////////////////////////////
 
-$module->version  = 2006091800;
+$module->version  = 2006091801;
 $module->requires = 2006082600;  // Requires this Moodle version
 $module->cron     = 0;           // Period for cron to check this module (secs)
 
Unnamed repository; edit this file to name it for gitweb.