From: sam_marshall Date: Thu, 2 Apr 2009 16:32:12 +0000 (+0000) Subject: MDL-18094: course/viewhiddenactivities didn't work (in some parts of the code) at... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=48f9c073ca2bafd75db10c61463a1f30c49c1563;p=moodle.git MDL-18094: course/viewhiddenactivities didn't work (in some parts of the code) at module level --- diff --git a/lib/accesslib.php b/lib/accesslib.php index 7577968ee1..53019e47ee 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -3581,18 +3581,25 @@ function fetch_context_capabilities($context) { $cm = $DB->get_record('course_modules', array('id'=>$context->instanceid)); $module = $DB->get_record('modules', array('id'=>$cm->module)); - $extra = ""; $modfile = "$CFG->dirroot/mod/$module->name/lib.php"; if (file_exists($modfile)) { include_once($modfile); $modfunction = $module->name.'_get_extra_capabilities'; if (function_exists($modfunction)) { - if ($extracaps = $modfunction()) { - list($extra, $params) = $DB->get_in_or_equal($extracaps, SQL_PARAMS_NAMED, 'cap0'); - $extra = "OR name $extra"; - } + $extracaps = $modfunction(); } } + if(empty($extracaps)) { + $extracaps = array(); + } + + // All modules allow viewhiddenactivities. This is so you can hide + // the module then override to allow specific roles to see it. + // The actual check is in course page so not module-specific + $extracaps[]="moodle/course:viewhiddenactivities"; + list($extra, $params) = $DB->get_in_or_equal( + $extracaps, SQL_PARAMS_NAMED, 'cap0'); + $extra = "OR name $extra"; $SQL = "SELECT * FROM {capabilities} diff --git a/lib/moodlelib.php b/lib/moodlelib.php index 7ece4cffad..d3f633fb23 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -2025,6 +2025,11 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu print_error('nocontext'); } } + if (!empty($cm) && !isset($cm->context)) { + if ( ! $cm->context = get_context_instance(CONTEXT_MODULE, $cm->id) ) { + print_error('nocontext'); + } + } // Conditional activity access control if(!empty($CFG->enableavailability) and $cm) { @@ -2041,7 +2046,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu // Check condition for user (this will do a query if the availability // information depends on grade or completion information) if ($ci->is_available($junk) || - has_capability('moodle/course:viewhiddenactivities', $COURSE->context)) { + has_capability('moodle/course:viewhiddenactivities', $cm->context)) { $SESSION->conditionaccessok[$cm->id] = true; } else { print_error('activityiscurrentlyhidden'); @@ -2052,7 +2057,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu if ($COURSE->id == SITEID) { /// Eliminate hidden site activities straight away if (!empty($cm) && !$cm->visible - && !has_capability('moodle/course:viewhiddenactivities', $COURSE->context)) { + && !has_capability('moodle/course:viewhiddenactivities', $cm->context)) { redirect($CFG->wwwroot, get_string('activityiscurrentlyhidden')); } user_accesstime_log($COURSE->id); /// Access granted, update lastaccess times @@ -2144,7 +2149,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu /// Make sure they can read this activity too, if specified - if (!empty($cm) and !$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $COURSE->context)) { + if (!empty($cm) and !$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $cm->context)) { redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden')); } user_accesstime_log($COURSE->id); /// Access granted, update lastaccess times