$string['csvimport'] = 'CSV file import';
$string['data:approve'] = 'Approve unapproved entries';
$string['data:comment'] = 'Write comments';
+$string['data:deleteownentries'] = 'Delete own entries';
+$string['data:editownentries'] = 'Edit own entries';
$string['data:managecomments'] = 'Manage comments';
$string['data:manageentries'] = 'Manage entries';
$string['data:managetemplates'] = 'Manage templates';
'legacy' => array(
'admin' => CAP_ALLOW
)
- )
+ ),
+
+ 'mod/data:editownentries' => array(
+ 'riskbitmask' => RISK_SPAM,
+
+ 'captype' => 'write',
+ 'contextlevel' => CONTEXT_MODULE,
+ 'legacy' => array(
+ 'student' => CAP_ALLOW,
+ 'teacher' => CAP_ALLOW,
+ 'editingteacher' => CAP_ALLOW,
+ 'admin' => CAP_ALLOW
+ )
+ ),
+ 'mod/data:deleteownentries' => array(
+ 'captype' => 'read',
+ 'contextlevel' => CONTEXT_MODULE,
+ 'legacy' => array(
+ 'student' => CAP_ALLOW,
+ 'teacher' => CAP_ALLOW,
+ 'editingteacher' => CAP_ALLOW,
+ 'admin' => CAP_ALLOW
+ )
+ ),
);
?>
}
if ($rid) { // So do you have access?
- if (!(has_capability('mod/data:manageentries', $context) or data_isowner($rid)) or !confirm_sesskey() ) {
- print_error('noaccess','data');
+ if (!confirm_sesskey()) {
+ print_error('confirmsesskeybad', 'error');
+ }
+
+ if (data_isowner($rid)){
+ require_capability('mod/data:editownentries', $context);
+ }else{
+ require_capability('mod/data:manageentries', $context);
}
}
/// Replacing special tags (##Edit##, ##Delete##, ##More##)
$patterns[]='##edit##';
$patterns[]='##delete##';
- if (has_capability('mod/data:manageentries', $context) or data_isowner($record->id)) {
+ $isteacher = has_capability('mod/data:manageentries', $context);
+ $isowner = data_isowner($record->id);
+
+ if ($isteacher or ($isowner && has_capability('mod/data:editownentries', $context)) ) {
$replacement[] = '<a href="'.$CFG->wwwroot.'/mod/data/edit.php?d='
.$data->id.'&rid='.$record->id.'&sesskey='.sesskey().'"><img src="'.$CFG->pixpath.'/t/edit.gif" class="iconsmall" alt="'.get_string('edit').'" title="'.get_string('edit').'" /></a>';
+ }else{
+ $replacement[] = '';
+ }
+
+ if($isteacher or ($isowner && has_capability('mod/data:deleteownentries', $context)) ) {
$replacement[] = '<a href="'.$CFG->wwwroot.'/mod/data/view.php?d='
.$data->id.'&delete='.$record->id.'&sesskey='.sesskey().'"><img src="'.$CFG->pixpath.'/t/delete.gif" class="iconsmall" alt="'.get_string('delete').'" title="'.get_string('delete').'" /></a>';
- } else {
- $replacement[] = '';
+ }else{
$replacement[] = '';
}
+
$patterns[]='##more##';
$replacement[] = '<a href="'.$CFG->wwwroot.'/mod/data/view.php?d='.$data->id.'&rid='.$record->id.'"><img src="'.$CFG->pixpath.'/i/search.gif" class="iconsmall" alt="'.get_string('more', 'data').'" title="'.get_string('more', 'data').'" /></a>';
// This fragment is called by /admin/index.php
////////////////////////////////////////////////////////////////////////////////
-$module->version = 2007101509;
+$module->version = 2007101510;
$module->requires = 2007101509; // Requires this Moodle version
$module->cron = 60;
/// Delete any requested records
- if ($delete && confirm_sesskey() && (has_capability('mod/data:manageentries', $context) or data_isowner($delete))) {
+ if ($delete){
+
+ if (!confirm_sesskey()) {
+ print_error('confirmsesskeybad', 'error');
+ }
+
+ if(data_isowner($delete)){
+ require_capability('mod/data:deleteownentries', $context);
+ }else{
+ require_capability('mod/data:manageentries', $context);
+ }
+
if ($confirm = optional_param('confirm',0,PARAM_INT)) {
if ($deleterecord = get_record('data_records', 'id', $delete)) { // Need to check this is valid
if ($deleterecord->dataid == $data->id) { // Must be from this database
projects / moodle.git / commitdiff