From: tjhunt <tjhunt>
Date: Tue, 18 Nov 2008 08:08:18 +0000 (+0000)
Subject: manage roles: MDL-8313 fix bugs with safe overrides.
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=4659454ac6e281d7fffb4382cca235a298d3fda7;p=moodle.git

manage roles: MDL-8313 fix bugs with safe overrides.
---

diff --git a/admin/roles/lib.php b/admin/roles/lib.php
index 90cd39f534..03ba396729 100644
--- a/admin/roles/lib.php
+++ b/admin/roles/lib.php
@@ -818,7 +818,7 @@ class override_permissions_table_advanced extends capability_table_with_risks {
     /// Determine which capabilities should be locked.
         if ($safeoverridesonly) {
             foreach ($this->capabilities as $capid => $cap) {
-                if (!is_safe_capability($capability)) {
+                if (!is_safe_capability($cap)) {
                     $this->capabilities[$capid]->locked = true;
                     $this->haslockedcapabiltites = true;
                 }
diff --git a/admin/roles/override.php b/admin/roles/override.php
index 1a89cfac15..637721b441 100755
--- a/admin/roles/override.php
+++ b/admin/roles/override.php
@@ -98,8 +98,8 @@
 
 /// Make sure this user can override that role
     if ($roleid && !isset($overridableroles[$roleid])) {
-        $a = stdClass;
-        $a->role = $roleid;
+        $a = new stdClass;
+        $a->roleid = $roleid;
         $a->context = $contextname;
         print_error('cannotoverriderolehere', '', get_context_url($context), $a);
     }
diff --git a/lib/accesslib.php b/lib/accesslib.php
index ea9d07a634..f6a70d0618 100755
--- a/lib/accesslib.php
+++ b/lib/accesslib.php
@@ -1954,10 +1954,9 @@ function is_legacy($capabilityname) {
  *      safeoverrides capability should be allowed to change it.
  */
 function is_safe_capability($capability) {
-    return (RISK_DATALOSS | RISK_MANAGETRUST | RISK_CONFIG | RISK_XSS | RISK_PERSONAL) & $capability->riskbitmask;
+    return !((RISK_DATALOSS | RISK_MANAGETRUST | RISK_CONFIG | RISK_XSS | RISK_PERSONAL) & $capability->riskbitmask);
 }
 
-
 /**********************************
  * Context Manipulation functions *
  **********************************/