return has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $event->courseid));
case 'group':
- if (! groups_group_exists($event->groupid)) { //TODO:check.
- return false;
- }
- // this is ok because if you have this capability at course level, you should be able
- // to edit group calendar too
- // there is no need to check membership, because if you have this capability
- // you will have a role in this group context
- $group = get_record('groups', 'id', $event->groupid);
- //return has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_GROUP, $event->groupid));
- return has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $group->courseid));
+ // Allow users to add/edit group events if:
+ // 1) They have manageentries (= entries for whole course)
+ // 2) They have managegroupentries AND are in the group
+ $group = get_record('groups', 'id', $event->groupid);
+ return $group && (
+ has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $group->courseid)) ||
+ (has_capability('moodle/calendar:managegroupentries', get_context_instance(CONTEXT_COURSE, $group->courseid))
+ && groups_is_member($event->groupid)));
+
case 'user':
if ($event->userid == $USER->id) {
return (has_capability('moodle/calendar:manageownentries', $sitecontext));
// if groupid is set, it's definitely a group event
if ($event->groupid) {
- //TODO:check.
- if (! groups_group_exists($event->groupid)) {
- return false;
- }
-
- // this is ok because if you have this capability at course level, you should be able
- // to edit group calendar too
- // there is no need to check membership, because if you have this capability
- // you will have a role in this group context
- return has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_GROUP, $event->groupid));
+ // Allow users to add/edit group events if:
+ // 1) They have manageentries (= entries for whole course)
+ // 2) They have managegroupentries AND are in the group
+ $group = get_record('groups', 'id', $event->groupid);
+ return $group && (
+ has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $group->courseid)) ||
+ (has_capability('moodle/calendar:managegroupentries', get_context_instance(CONTEXT_COURSE, $group->courseid))
+ && groups_is_member($event->groupid)));
} else if ($event->courseid) {
// if groupid is not set, but course is set,
// it's definiely a course event
$allowed->courses = false; // This may change just below
$allowed->site = has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, SITEID));
- if(!empty($SESSION->cal_course_referer) && $SESSION->cal_course_referer != SITEID && has_capability('moodle/calendar:manageentries', get_context_instance(CONTEXT_COURSE, $SESSION->cal_course_referer))) {
+ if(!empty($SESSION->cal_course_referer) && $SESSION->cal_course_referer != SITEID) {
$course = get_record('course', 'id', $SESSION->cal_course_referer);
+ $coursecontext = get_context_instance(CONTEXT_COURSE, $SESSION->cal_course_referer);
- $allowed->courses = array($course->id => 1);
-
- if($course->groupmode != NOGROUPS || !$course->groupmodeforce) {
- $allowed->groups = groups_get_all_groups($SESSION->cal_course_referer);
+ if(has_capability('moodle/calendar:manageentries', $coursecontext)) {
+ $allowed->courses = array($course->id => 1);
+
+ if($course->groupmode != NOGROUPS || !$course->groupmodeforce) {
+ $allowed->groups = groups_get_all_groups($SESSION->cal_course_referer);
+ }
+ } else if(has_capability('moodle/calendar:managegroupentries', $coursecontext)) {
+ if($course->groupmode != NOGROUPS || !$course->groupmodeforce) {
+ $allowed->groups = groups_get_all_groups($SESSION->cal_course_referer, $USER->id);
+ }
}
}
}
$string['blog:view'] = 'View blog entries';
$string['block:view'] = 'View block';
$string['calendar:manageentries'] = 'Manage any calendar entries';
+$string['calendar:managegroupentries'] = 'Manage group calendar entries';
$string['calendar:manageownentries'] = 'Manage own calendar entries';
$string['capabilities'] = 'Capabilities';
$string['capability'] = 'Capability';
)
),
+ 'moodle/calendar:managegroupentries' => array(
+
+ 'riskbitmask' => RISK_SPAM,
+
+ 'captype' => 'write',
+ 'contextlevel' => CONTEXT_SYSTEM,
+ 'legacy' => array(
+ 'teacher' => CAP_ALLOW,
+ 'editingteacher' => CAP_ALLOW,
+ 'admin' => CAP_ALLOW
+ )
+ ),
+
'moodle/calendar:manageentries' => array(
'riskbitmask' => RISK_SPAM,
// This is compared against the values stored in the database to determine
// whether upgrades should be performed (see lib/db/*.php)
- $version = 2007101500; // YYYYMMDD = date
+ $version = 2007101501; // YYYYMMDD = date
// XY = increments within a single day
$release = '2.0 dev'; // Human-friendly version name
projects / moodle.git / commitdiff