if (!$site = get_site()) {
error("Site isn't defined!");
}
-
+
+ $context = get_context_instance(CONTEXT_COURSECAT, $id);
+
if ($CFG->forcelogin) {
require_login();
}
"<a href=\"index.php\">$strcategories</a> -> $category->name", "", "", true, $navbaritem);
}
+/// Print link to roles
+ print('<a href="'.$CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id.'">'.get_string('roles').'</a>');
+
/// Print the category selector
$displaylist = array();
exit;
function grade_get_grade_item_exceptions($id) {
- global $CFG;
- global $course;
- $sql = "SELECT ge.id, ge.userid FROM {$CFG->prefix}grade_exceptions ge, {$CFG->prefix}user_students us WHERE us.course=$course->id AND grade_itemid=$id AND ge.userid = us.userid AND us.course=ge.courseid";
- $grade_exceptions = get_records_sql($sql);
- return $grade_exceptions;
+ global $CFG, $course;
+
+ $contextlists = get_related_contexts_string(get_context_instance(CONTEXT_COURSE, $course->id));
+
+ $sql = "SELECT ge.id, ge.userid
+ FROM {$CFG->prefix}grade_exceptions ge,
+ {$CFG->prefix}role_assignments ra
+ WHERE grade_itemid = $id
+ AND ge.userid = ra.userid
+ AND ra.contextid $contextlists";
+
+ return get_records_sql($sql);
}
?>
* context.
* @param obj $context
* @param int $roleid
+ * @param bool self - if set to true, resolve till this level, else stop at immediate parent level
* @return array
*/
function role_context_capabilities($roleid, $context, $cap='') {
- global $CFG;
+ global $CFG;
$contexts = get_parent_contexts($context);
$contexts[] = $context->id;
$search = '';
}
- $SQL = "SELECT rc.* FROM {$CFG->prefix}role_capabilities rc, {$CFG->prefix}context c
- where rc.contextid in $contexts
- and rc.roleid = $roleid
- and rc.contextid = c.id $search
- ORDER BY c.aggregatelevel DESC, rc.capability DESC";
+ $SQL = "SELECT rc.*
+ FROM {$CFG->prefix}role_capabilities rc,
+ {$CFG->prefix}context c
+ WHERE rc.contextid in $contexts
+ AND rc.roleid = $roleid
+ AND rc.contextid = c.id $search
+ ORDER BY c.aggregatelevel DESC,
+ rc.capability DESC";
$capabilities = array();
'admin' => CAP_ALLOW
)
),
-
+
+ 'moodle/course:useremail' => array(
+ 'captype' => 'write',
+ 'contextlevel' => CONTEXT_COURSE,
+ 'legacy' => array(
+ 'guest' => CAP_PREVENT,
+ 'student' => CAP_PREVENT,
+ 'teacher' => CAP_PREVENT,
+ 'editingteacher' => CAP_ALLOW,
+ 'coursecreator' => CAP_PREVENT,
+ 'admin' => CAP_ALLOW
+ )
+ ),
+
'moodle/course:viewhiddensections' => array(
'captype' => 'write',
'contextlevel' => CONTEXT_COURSE,
}
}
- /// Next if the teacher is not registered as a student, but is
- /// a member of a group, remove them from the group.
- if (!isstudent($courseid, $userid)) {
- if ($groups = get_groups($courseid, $userid)) {
- foreach ($groups as $group) {
- delete_records('groups_members', 'groupid', $group->id, 'userid', $userid);
- }
- }
- }
+ /// No need to remove from groups now
foreach ($roles as $role) { // Unassign them from all the teacher roles
$newreturn = role_unassign($role->id, $userid, 0, $context->id);
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="55%" valign="top"><?php
- if(isteacher($id)) {
+ if(has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))) {
print_string("filebrowser","editor");
} else {
print "";
}?><br />
- <?php print(isteacher($id))?
+ <?php has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))?
"<iframe id=\"ibrowser\" name=\"ibrowser\" src=\"".$CFG->wwwroot."/lib/editor/htmlarea/coursefiles.php?usecheckboxes=1&id=".$course->id."\" style=\"width: 100%; height: 200px;\"></iframe>":
"";?>
</td>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="55%"><div class="space"></div>
- <?php if(isteacher($id)) { ?>
+ <?php if(has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))) { ?>
<table border="0" cellpadding="2" cellspacing="0">
<tr><td><?php print_string("selection","editor");?>: </td>
<td><form name="idelete" id="idelete">
</tr>
<tr>
<td height="22"><?php
- if(isteacher($id)) { ?>
+ if(has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))) { ?>
<form name="cfolder" id="cfolder" action="../coursefiles.php" method="post" target="ibrowser">
<input type="hidden" name="id" value="<?php print($course->id);?>" />
<input type="hidden" name="wdir" value="" />
<tr>
<td width="450" valign="top"><fieldset>
<legend><?php
- if(isteacher($id)) {
+ if(has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))) {
print_string("filebrowser","editor");
} else {
print "";
}?></legend>
<div class="space"></div>
- <?php print(isteacher($id))?
+ <?php print(has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id)))?
"<iframe id=\"fbrowser\" name=\"fbrowser\" src=\"../coursefiles.php?id=".$course->id."\" width=\"420\" height=\"180\"></iframe>":
""; ?>
<p>
<table border="0" cellpadding="1" cellspacing="1">
<tr>
<td height="22"><?php
- if(isteacher($id)) { ?>
+ if(has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))) { ?>
<form name="cfolder" id="cfolder" action="../coursefiles.php" method="post" target="fbrowser">
<input type="hidden" name="id" value="<?php print($course->id);?>" />
<input type="hidden" name="wdir" value="" />
$id = required_param('id', PARAM_INT);
- if ($course = get_record("course", "id", $id)) {
- $isteacher = isteacher($course->id);
- } else {
- $isteacher = false;
+ if (!$course = get_record("course", "id", $id)) {
$course->fullname = ""; // Just to keep display happy, though browsing may fail
}
?>
</table>
<div id="buttons">
- <?php if ($isteacher) {
+ <?php if (has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))) {
echo "<button type=\"button\" name=\"browse\" onclick=\"return onBrowse();\">".get_string("browse","editor")."...</button>";
}
?>
}
require_login($course->id);
-
- if (!isteacher($course->id)) {
- error("Only teachers can use this functionality");
- }
+ require_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $course->id));
$imagetag = clean_text('<img src="'.htmlSpecialChars(stripslashes_safe($imageurl)).'" alt="" />');
$this->cfg->tinymcepopupcss : '',
"editor_css" => !empty($this->cfg->tinymceeditorcss) ?
$this->cfg->tinymceeditorcss : '',
- "file_browser_callback" => $isteacher ? 'moodleFileBrowser' : '',
+ "file_browser_callback" => has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $courseid)) ? 'moodleFileBrowser' : '',
"convert_urls" => false,
"relative_urls" => false);
$this->defaults['theme_advanced_resize_horizontal'] = true;
}
- $this->printdialogs = $isteacher ? true : false;
+ $this->printdialogs = has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $courseid)) ? true : false;
}
/**
static $string;
static $datestring;
static $countries;
- static $isteacher;
static $isadmin;
+ static $isteacher;
$context = get_context_instance(CONTEXT_COURSE, $course->id);
if (empty($string)) { // Cache all the strings for the rest of the page
$datestring->secs = get_string('secs');
$countries = get_list_of_countries();
-
$isteacher = isteacher($course->id);
$isadmin = isadmin();
}
if (!empty($user->role) and ($user->role <> $course->teacher)) {
$output .= $string->role .': '. $user->role .'<br />';
}
- if ($user->maildisplay == 1 or ($user->maildisplay == 2 and $course->category and !isguest()) or $isteacher) {
+ if ($user->maildisplay == 1 or ($user->maildisplay == 2 and $course->category and !isguest()) or has_capability('moodle/course:viewhiddenuserfields', get_context_instance(CONTEXT_COURSE, $course->id))) {
$output .= $string->email .': <a href="mailto:'. $user->email .'">'. $user->email .'</a><br />';
}
if (($user->city or $user->country) and (!isset($hiddenfields['city']) or !isset($hiddenfields['country']))) {
$output .= '<a href="'.$CFG->wwwroot.'/blog/index.php?userid='.$user->id.'">'.get_string('blogs','blog').'</a><br />';
}
- if ($isteacher) {
+ if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $course->id))) {
$timemidnight = usergetmidnight(time());
$output .= '<a href="'. $CFG->wwwroot .'/course/user.php?id='. $course->id .'&user='. $user->id .'">'. $string->activity .'</a><br />';
if (!has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID, $user->id)) or ($isadmin and !isadmin($user->id))) { // Includes admins
}
}
- static $isteacheredit;
$context = get_context_instance(CONTEXT_COURSE, $courseid);
- if (!isset($isteacheredit)) {
- $isteacheredit = isteacheredit($courseid);
- }
if ($group->hidepicture and !has_capability('moodle/course:managegroups', $context)) {
return '';
}
echo "</td><td><input type='submit' value='$strchoose'></td></form>";
echo "<td>";
- if ($preset->user == $USER->id || isadmin()) {
+ if ($preset->user == $USER->id || has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
echo "<form action='' method='POST'>";
echo "<input type='hidden' name='d' value='$data->id' />";
echo "<input type='hidden' name='action' value='confirmdelete' />";
///////////////////////////////////
function hotpot_feedback_teachers(&$course, &$hotpot) {
global $CFG;
- $teachers = get_records_sql("
- SELECT
- u.*
- FROM
- {$CFG->prefix}user AS u,
- {$CFG->prefix}user_teachers AS t
- WHERE
- t.userid = u.id
- AND t.course = $course->id
- ");
+ $teachers = get_users_by_capability(get_context_instance(CONTEXT_COURSE, $course->id), 'mod/hotpot:grade');
$teacherdetails = '';
if (!empty($teachers)) {
$details = array();
}
echo $headers." \n";
}
+
+ $contextlists = get_related_contexts_string(get_context_instance(CONTEXT_COURSE, $course->id));
// Construct the SQL
$select = 'SELECT '.$db->Concat('u.id', '\'#\'', $db->IfNull('qa.attempt', '0')).' AS uniqueid, '.
if (!empty($currentgroup) && empty($noattempts)) {
// we want a particular group and we only want to see students WITH attempts.
// So join on groups_members and do an inner join on attempts.
- $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'user_students us ON us.userid = u.id JOIN '.$CFG->prefix.'groups_members gm ON u.id = gm.userid '.
+ $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id JOIN '.$CFG->prefix.'groups_members gm ON u.id = gm.userid '.
'JOIN '.$CFG->prefix.'quiz_attempts qa ON u.id = qa.userid AND qa.quiz = '.$quiz->id;
- $where = ' WHERE us.course = '.$course->id.' AND gm.groupid = '.$currentgroup.' AND qa.preview = 0';
+ $where = ' WHERE ra.contextid $contextlists AND gm.groupid = '.$currentgroup.' AND qa.preview = 0';
} else if (!empty($currentgroup) && !empty($noattempts)) {
// We want a particular group and we want to do something funky with attempts
// So join on groups_members and left join on attempts...
- $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'user_students us ON us.userid = u.id JOIN '.$CFG->prefix.'groups_members gm ON u.id = gm.userid '.
+ $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id JOIN '.$CFG->prefix.'groups_members gm ON u.id = gm.userid '.
'LEFT JOIN '.$CFG->prefix.'quiz_attempts qa ON u.id = qa.userid AND qa.quiz = '.$quiz->id;
- $where = ' WHERE us.course = '.$course->id.' AND gm.groupid = '.$currentgroup.' AND qa.preview = 0';
+ $where = ' WHERE ra.contextid $contextlists AND gm.groupid = '.$currentgroup.' AND qa.preview = 0';
if ($noattempts == 1) {
// noattempts = 1 means only no attempts, so make the left join ask for only records where the right is null (no attempts)
$where .= ' AND qa.userid IS NULL'; // show ONLY no attempts;
} else if (empty($currentgroup)) {
// We don't care about group, and we to do something funky with attempts
// So do a left join on attempts
- $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'user_students us ON us.userid = u.id LEFT JOIN '.$CFG->prefix.'quiz_attempts qa ON u.id = qa.userid AND qa.quiz = '.$quiz->id;
- $where = " WHERE us.course = '$course->id'";
+ $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id LEFT JOIN '.$CFG->prefix.'quiz_attempts qa ON u.id = qa.userid AND qa.quiz = '.$quiz->id;
+ $where = " WHERE ra.contextid $contextlists";
if (empty($noattempts)) {
$where .= ' AND qa.userid IS NOT NULL'; // show ONLY students with attempts;
} else if ($noattempts == 1) {
ims_print_crumbtrail($directory);
/// If admin, add extra buttons - redeploy & help.
- if (isadmin()) {
+ if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
echo " | (<a href=\"repository_deploy.php?file=$directory&all=force\">$strdeployall</a>) ";
helpbutton("deploy", get_string("deployall", "resource"), "resource", true);
}
}
else if ($item->type == 'not deployed') {
/// Only displays non-deployed IMS CP's if admin user.
- if (isadmin()) {
+ if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
echo "<li><img src=\"images/ims.gif\" alt=\"IMS CP Package\" /> <em>$item->path - $strnotdeployed</em> (<a href=\"repository_deploy.php?file=$item->path\">$strdeploy</a>)</li>\n";
}
}
require_once('repository_config.php');
/// Security - Admin Only
- if (!isadmin()) {
- error("Not admin!");
- }
+ require_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))
$file = required_param ('file', PARAM_PATH);
$all = optional_param ('all', '', PARAM_ALPHA);
$currentuser = ($user->id == $USER->id);
}
- if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/course:managegroups', $coursecontext)) { // Groups must be kept separate
+ if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) { // Groups must be kept separate
require_login();
///this is changed because of mygroupid
}
}
}
-
- if (!$currentuser && !isteacheredit($course->id, $user->id) && !$gtrue) {
+ // took the teacheredit check out because teacheredit will have moodle/site:accessallgroups capability
+ // which was already checked
+ if (!$currentuser && !$gtrue) {
print_header("$personalprofile: ", "$personalprofile: ",
"<a href=\"../course/view.php?id=$course->id\">$course->shortname</a> ->
<a href=\"index.php?id=$course->id\">$participants</a>",
$emailswitch = '';
- if (isteacheredit($course->id) or $currentuser) { /// Can use the enable/disable email stuff
+ if (has_capability('moodle/course:useremail', get_context_instance(CONTEXT_COURSE, $course->id)) or $currentuser) { /// Can use the enable/disable email stuff
if (!empty($enable)) { /// Recieved a parameter to enable the email address
set_field('user', 'emailstop', 0, 'id', $user->id);
$user->emailstop = 0;
}
}
- if (isteacheredit($course->id)) { /// Can use the enable/disable email stuff
+ if (has_capability('moodle/course:useremail', get_context_instance(CONTEXT_COURSE, $course->id))) { /// Can use the enable/disable email stuff
if ($user->emailstop) {
$switchparam = 'enable';
$switchtitle = get_string('emaildisable');
projects / moodle.git / commitdiff