]> git.mjollnir.org Git - moodle.git/commitdiff
projects / moodle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: beb67c0)
merged fix for MDL-10818, do not display graph if user has no permission
authortoyomoyo <toyomoyo>
Tue, 28 Aug 2007 07:04:41 +0000 (07:04 +0000)
committertoyomoyo <toyomoyo>
Tue, 28 Aug 2007 07:04:41 +0000 (07:04 +0000)
course/lib.php patch | blob | history
course/user.php patch | blob | history

diff --git a/course/lib.php b/course/lib.php
index 22dae509d247e05bf9d0831f133a81411d0a57e4..16e16965a1edc51934b776a7de60ec3e78c82fff 100644 (file)
--- a/course/lib.php
+++ b/course/lib.php
@@ -959,12 +959,16 @@ function print_log_ods($course, $user, $date, $order='l.time DESC', $modname,
 
 
 function print_log_graph($course, $userid=0, $type="course.png", $date=0) {
-    global $CFG;
+    global $CFG, $USER;
     if (empty($CFG->gdversion)) {
         echo "(".get_string("gdneed").")";
     } else {
-        echo '<img src="'.$CFG->wwwroot.'/course/report/log/graph.php?id='.$course->id.
-             '&amp;user='.$userid.'&amp;type='.$type.'&amp;date='.$date.'" alt="" />';
+        // MDL-10818, do not display broken graph when user has no permission to view graph
+        if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $course->id)) ||
+            ($course->showreports and $USER->id == $userid)) {
+            echo '<img src="'.$CFG->wwwroot.'/course/report/log/graph.php?id='.$course->id.
+                 '&amp;user='.$userid.'&amp;type='.$type.'&amp;date='.$date.'" alt="" />';
+        }
     }
 }
 
diff --git a/course/user.php b/course/user.php
index fe4bf7237ee3437e4fdbae075ebe4a76516a9816..4c270b1dc82d3527b28069d8a714daa48b07e2f6 100644 (file)
--- a/course/user.php
+++ b/course/user.php
@@ -157,7 +157,8 @@
             }
 
             // MDL-10818, do not display broken graph when user has no permission to view graph
-            if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $id))) {
+            if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $id)) ||
+                ($course->showreports and $USER->id == $user->id)) {
                 echo '<center><img src="'.$CFG->wwwroot.'/course/report/stats/graph.php?mode='.STATS_MODE_DETAILED.'&course='.$course->id.'&time='.$time.'&report='.STATS_REPORT_USER_VIEW.'&userid='.$user->id.'" alt="'.get_string('statisticsgraph').'" /></center>';
             }
 
Unnamed repository; edit this file to name it for gitweb.