From: tjhunt Date: Thu, 6 Nov 2008 08:35:23 +0000 (+0000) Subject: accesslib: MDL-16549 Now that moodle/site:doanything is not editiable, reset the... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=06de498b70949468a18714aa5c632e2653ddc741;p=moodle.git accesslib: MDL-16549 Now that moodle/site:doanything is not editiable, reset the permissions to default on all roles. --- diff --git a/lib/db/upgrade.php b/lib/db/upgrade.php index d529515505..5fc3a19ce0 100644 --- a/lib/db/upgrade.php +++ b/lib/db/upgrade.php @@ -865,7 +865,7 @@ function xmldb_main_upgrade($oldversion) { if ($result && $oldversion < 2008101300) { - if (!get_config(NULL, 'statsruntimedays')) { + if (!get_2config(NULL, 'statsruntimedays')) { set_config('statsruntimedays', '31'); } @@ -948,6 +948,50 @@ function xmldb_main_upgrade($oldversion) { upgrade_main_savepoint($result, 2008110602); } + /// Remove any role overrides for moodle/site:doanything, or any permissions + /// for it in a role without legacy:admin. + if ($result && $oldversion < 2008110603) { + $systemcontext = get_context_instance(CONTEXT_SYSTEM); + + // Remove all overrides. + $DB->delete_records_select('role_capabilities', 'capability = ? AND contextid <> ?', array('moodle/site:doanything', $systemcontext->id)); + + // Get the ids of all the roles that are moodle/legacy:admin. + $adminroleids = $DB->get_records_menu('role_capabilities', + array('capability' => 'moodle/legacy:admin', 'permission' => 1, 'contextid' => $systemcontext->id), + '', 'id, roleid'); + + // Remove moodle/site:doanything from all other roles. + list($notroletest, $params) = $DB->get_in_or_equal($adminroleids, SQL_PARAMS_QM, '', false); + $DB->delete_records_select('role_capabilities', "roleid $notroletest AND capability = ? AND contextid = ?", + array_merge($params, array('moodle/site:doanything', $systemcontext->id))); + + // Ensure that for all admin-y roles, the permission for moodle/site:doanything is 1 + list($isroletest, $params) = $DB->get_in_or_equal($adminroleids); + $DB->set_field_select('role_capabilities', 'permission', 1, + "roleid $isroletest AND capability = ? AND contextid = ?", + array_merge($params, array('moodle/site:doanything', $systemcontext->id))); + + // And for any admin-y roles where moodle/site:doanything is not set, set it. + $doanythingroleids = $DB->get_records_menu('role_capabilities', + array('capability' => 'moodle/site:doanything', 'permission' => 1, 'contextid' => $systemcontext->id), + '', 'id, roleid'); + foreach ($adminroleids as $roleid) { + if (!in_array($roleid, $doanythingroleids)) { + $rc = new stdClass; + $rc->contextid = $systemcontext->id; + $rc->roleid = $roleid; + $rc->capability = 'moodle/site:doanything'; + $rc->permission = 1; + $rc->timemodified = time(); + $DB->insert_record('role_capabilities', $rc); + } + } + + /// Main savepoint reached + upgrade_main_savepoint($result, 2008110603); + } + return $result; } diff --git a/version.php b/version.php index 1610a47408..f38ae27867 100644 --- a/version.php +++ b/version.php @@ -6,7 +6,7 @@ // This is compared against the values stored in the database to determine // whether upgrades should be performed (see lib/db/*.php) - $version = 2008110602; // YYYYMMDD = date of the last version bump + $version = 2008110603; // YYYYMMDD = date of the last version bump // XX = daily increments $release = '2.0 dev (Build: 20081106)'; // Human-friendly version name