From: toyomoyo Date: Fri, 8 Sep 2006 08:46:26 +0000 (+0000) Subject: adding capabilities X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=51792df05630a91ccc35db0748dde6a3dd07b9b7;p=moodle.git adding capabilities --- diff --git a/backup/restorelib.php b/backup/restorelib.php index 7d3d5d569d..f1f37afc58 100644 --- a/backup/restorelib.php +++ b/backup/restorelib.php @@ -5349,7 +5349,7 @@ $course = get_record("course","id",$restore->course_id); fix_course_sortorder(); //Make the user a teacher if the course hasn't teachers (bug 2381) - if (!isadmin()) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) { if (!$checktea = get_records('user_teachers','course', $restore->course_id)) { //Add the teacher to the course $status = add_teacher($USER->id, $restore->course_id); diff --git a/course/category.php b/course/category.php index 6298381e94..ca3d215bc9 100644 --- a/course/category.php +++ b/course/category.php @@ -37,7 +37,7 @@ $navbaritem = update_category_button($category->id); $creatorediting = !empty($USER->categoryediting); - $adminediting = (isadmin() and $creatorediting); + $adminediting = (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID)) and $creatorediting); } else { if (!$category->visible) { @@ -49,7 +49,7 @@ } - if (isadmin()) { + if (has_capability('moodle/category:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { /// Rename the category if requested if (!empty($rename) and confirm_sesskey()) { $category->name = $rename; @@ -412,7 +412,7 @@ echo '
'; - if (isadmin() and $numcourses > 1) { /// Print button to re-sort courses by name + if (has_capability('moodle/category:update', get_context_instance(CONTEXT_SYSTEM, SITEID)) and $numcourses > 1) { /// Print button to re-sort courses by name unset($options); $options['id'] = $category->id; $options['resort'] = 'name'; diff --git a/course/index.php b/course/index.php index 93ff5b72ec..7a79f85403 100644 --- a/course/index.php +++ b/course/index.php @@ -25,7 +25,7 @@ require_login(); } - if (isadmin()) { + if (has_capability('moodle/category:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { if ($categoryedit !== -1) { $USER->categoryediting = $categoryedit; } @@ -58,13 +58,15 @@ } echo "
"; - if (isloggedin() and !isguest() and !isadmin() and !iscreator()) { // Print link to request a new course + + /// I am not sure this context in the next has_capability call is correct. + if (isloggedin() and !isguest() and !has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) { // Print link to request a new course print_single_button("request.php", NULL, get_string("courserequest"), "get"); } if (iscreator()) { // Print link to create a new course print_single_button("edit.php", NULL, get_string("addnewcourse"), "get"); } - if (isadmin() and !empty($CFG->enablecourserequests)) { + if (has_capability('moodle/site:approvecourse' get_context_instance(CONTEXT_SYSTEM, SITEID)), and !empty($CFG->enablecourserequests)) { print_single_button('pending.php',NULL, get_string('coursespending'),"get"); } echo "
"; diff --git a/course/lib.php b/course/lib.php index d5b99996d4..927b6aaf3b 100644 --- a/course/lib.php +++ b/course/lib.php @@ -43,7 +43,7 @@ function print_recent_selector_form($course, $advancedfilter=0, $selecteduser=0, $users[$guest->id] = fullname($guest); } - if (isadmin()) { + if (has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { if ($ccc = get_records("course", "", "", "fullname")) { foreach ($ccc as $cc) { if ($cc->category) { @@ -144,7 +144,7 @@ function print_recent_selector_form($course, $advancedfilter=0, $selecteduser=0, echo "
"; echo ""; - if (isadmin()) { + if (has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { echo ""; @@ -2090,7 +2090,9 @@ function course_allowed_module($course,$mod) { if (empty($course->restrictmodules)) { return true; } - if (isadmin()) { + + // i am not sure this capability is correct + if (has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { return true; } if (is_numeric($mod)) { diff --git a/course/pending.php b/course/pending.php index a02022b662..a454792b3f 100644 --- a/course/pending.php +++ b/course/pending.php @@ -8,9 +8,7 @@ require_login(); - if (!isadmin()) { - error("Only the admin can use this page"); - } + require_capability('moodle/site:approvecourse', get_context_instance(CONTEXT_SYSTEM, SITEID)); $approve = optional_param('approve', 0, PARAM_INT); $reject = optional_param('reject', 0, PARAM_INT); diff --git a/course/report/log/lib.php b/course/report/log/lib.php index 3a984c0eb3..df7f124283 100644 --- a/course/report/log/lib.php +++ b/course/report/log/lib.php @@ -10,7 +10,8 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate='today' if ($numcourses < COURSE_MAX_COURSES_PER_DROPDOWN && !$showcourses) { $showcourses = 1; } - + + $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); $context = get_context_instance(CONTEXT_COURSE, $course->id); /// Setup for group handling. @@ -55,7 +56,7 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate='today' } } - if (isadmin() && $showcourses) { + if (has_capability('moodle/site:viewreports', $sitecontext) && $showcourses) { if ($ccc = get_records("course", "", "", "fullname","id,fullname,category")) { foreach ($ccc as $cc) { if ($cc->category) { @@ -102,7 +103,7 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate='today' } } - if (isadmin() && !$course->category) { + if (has_capability('moodle/site:viewreports', $sitecontext) && !$course->category) { $activities["site_errors"] = get_string("siteerrors"); if ($modid === "site_errors") { $selectedactivity = "site_errors"; @@ -156,14 +157,14 @@ function print_log_selector_form($course, $selecteduser=0, $selecteddate='today' echo "\n"; echo "\n"; echo "\n"; - if (isadmin() && $showcourses) { + if (has_capability('moodle/site:viewreports', $sitecontext) && $showcourses) { choose_from_menu ($courses, "id", $course->id, ""); } else { // echo ''; $courses = array(); $courses[$course->id] = $course->fullname . ((empty($course->category)) ? ' (Site) ' : ''); choose_from_menu($courses,"id",$course->id,false); - if (isadmin()) { + if (has_capability('moodle/site:viewreports', $sitecontext)) { $a->url = "$CFG->wwwroot/course/report/log/index.php?chooselog=0&group=$selectedgroup&user=$selecteduser" ."&id=$course->id&date=$selecteddate&modid=$selectedactivity&showcourses=1&showusers=$showusers"; print_string('logtoomanycourses','moodle',$a); diff --git a/course/report/stats/lib.php b/course/report/stats/lib.php index be2f16efb4..b8ec0a9742 100644 --- a/course/report/stats/lib.php +++ b/course/report/stats/lib.php @@ -21,7 +21,7 @@ $options = array(); $options[STATS_MODE_GENERAL] = get_string('statsmodegeneral'); $options[STATS_MODE_DETAILED] = get_string('statsmodedetailed'); - if (isadmin()) { + if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $options[STATS_MODE_RANKED] = get_string('reports'); } diff --git a/course/report/stats/report.php b/course/report/stats/report.php index f25bf74db0..cfbc812290 100644 --- a/course/report/stats/report.php +++ b/course/report/stats/report.php @@ -1,5 +1,7 @@ id,$mode); // we only care about the table and the time string. $sql = 'SELECT DISTINCT s.userid,s.roleid,u.firstname,u.lastname,u.idnumber FROM '.$CFG->prefix.'stats_user_'.$param->table.' s JOIN '.$CFG->prefix.'user u ON u.id = s.userid ' .'WHERE courseid = '.$course->id.' AND timeend >= '.$param->timeafter . ((!empty($param->stattype)) ? ' AND stattype = \''.$param->stattype.'\'' : ''); - if (!isadmin()) { + if (!has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $sql .= ' AND (s.roleid = 1 OR s.userid = '.$USER->id .")"; } $sql .= " ORDER BY s.roleid "; @@ -47,7 +49,7 @@ $users[$u->userid] = $role.' - '.fullname($u,true); } if (empty($time)) { - if (isadmin()) { + if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $sql = 'SELECT t.userid,u.firstname,u.lastname,u.idnumber,1 AS roleid FROM '.$CFG->prefix.'user_teachers t JOIN '.$CFG->prefix.'user u ON u.id = t.userid WHERE course = '.$course->id; $moreusers = get_records_sql($sql); foreach ($moreusers as $u) { diff --git a/filter/algebra/filter.php b/filter/algebra/filter.php index f4dd3bd797..faa3e3e320 100644 --- a/filter/algebra/filter.php +++ b/filter/algebra/filter.php @@ -67,7 +67,7 @@ function string_file_picture_algebra($imagefile, $tex= "", $height="", $width="" $width = "width=\"$width\""; } if ($imagefile) { - if (!file_exists("$CFG->dataroot/$CFG->algebrafilterdir/$imagefile") && isadmin()) { + if (!file_exists("$CFG->dataroot/$CFG->algebrafilterdir/$imagefile") && has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $output .= "wwwroot/$CFG->algebrafilterdir/algebradebug.php\">"; } else { $output .= "dataroot/$CFG->texfilterdir/$imagefile") && isadmin()) { + if (!file_exists("$CFG->dataroot/$CFG->texfilterdir/$imagefile") && has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $output .= "wwwroot/$CFG->texfilterdir/texdebug.php\">"; } else { $output .= "'; - if (isadmin()) { + if (has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { echo '
'.update_course_icon($SITE->id).'
'; echo '
'; } diff --git a/lib/datalib.php b/lib/datalib.php index 8bf1395cd4..3303a6e6e0 100644 --- a/lib/datalib.php +++ b/lib/datalib.php @@ -1734,7 +1734,7 @@ function count_login_failures($mode, $username, $lastlogin) { $select = 'module=\'login\' AND action=\'error\' AND time > '. $lastlogin; - if (isadmin()) { // Return information about all accounts + if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) { // Return information about all accounts if ($count->attempts = count_records_select('log', $select)) { $count->accounts = count_records_select('log', $select, 'COUNT(DISTINCT info)'); return $count; diff --git a/lib/db/access.php b/lib/db/access.php index 7ea3b1e206..56157dc855 100644 --- a/lib/db/access.php +++ b/lib/db/access.php @@ -88,6 +88,34 @@ $moodle_capabilities = array( ) ), + 'moodle/site:readallmessages' => array( + + 'captype' => 'read', + 'contextlevel' => CONTEXT_SYSTEM, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_PREVENT, + 'coursecreator' => CAP_PREVENT, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/site:approvecourse' => array( + + 'captype' => 'write', + 'contextlevel' => CONTEXT_SYSTEM, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_PREVENT, + 'coursecreator' => CAP_PREVENT, + 'admin' => CAP_ALLOW + ) + ), + 'moodle/site:import' => array( 'captype' => 'write', diff --git a/lib/pagelib.php b/lib/pagelib.php index 3a19602f95..3fa66ce5e2 100644 --- a/lib/pagelib.php +++ b/lib/pagelib.php @@ -301,7 +301,7 @@ class page_base { // is this page always editable, regardless of anything else? function edit_always() { - return (isadmin() && defined('ADMIN_STICKYBLOCKS')); + return (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')); } } @@ -352,7 +352,7 @@ class page_course extends page_base { // When is a user said to have "editing rights" in this page? This would have something // to do with roles, in the future. function user_allowed_editing() { - if (isadmin() && defined('ADMIN_STICKYBLOCKS')) { + if (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')) { return true; } return isteacheredit($this->id); @@ -361,7 +361,7 @@ class page_course extends page_base { // Is the user actually editing this page right now? This would have something // to do with roles, in the future. function user_is_editing() { - if (isadmin() && defined('ADMIN_STICKYBLOCKS')) { + if (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')) { return true; } return isediting($this->id); diff --git a/lib/statslib.php b/lib/statslib.php index 48e939d40f..47a8d974d6 100644 --- a/lib/statslib.php +++ b/lib/statslib.php @@ -820,13 +820,13 @@ function stats_get_report_options($courseid,$mode) { case STATS_MODE_DETAILED: $reportoptions[STATS_REPORT_USER_ACTIVITY] = get_string('statsreport'.STATS_REPORT_USER_ACTIVITY); $reportoptions[STATS_REPORT_USER_ALLACTIVITY] = get_string('statsreport'.STATS_REPORT_USER_ALLACTIVITY); - if (isadmin()) { + if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $site = get_site(); $reportoptions[STATS_REPORT_USER_LOGINS] = get_string('statsreport'.STATS_REPORT_USER_LOGINS); } break; case STATS_MODE_RANKED: - if (isadmin()) { + if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $reportoptions[STATS_REPORT_ACTIVE_COURSES] = get_string('statsreport'.STATS_REPORT_ACTIVE_COURSES); $reportoptions[STATS_REPORT_ACTIVE_COURSES_WEIGHTED] = get_string('statsreport'.STATS_REPORT_ACTIVE_COURSES_WEIGHTED); $reportoptions[STATS_REPORT_PARTICIPATORY_COURSES] = get_string('statsreport'.STATS_REPORT_PARTICIPATORY_COURSES); diff --git a/lib/weblib.php b/lib/weblib.php index 48cb54800f..01ce4f0649 100644 --- a/lib/weblib.php +++ b/lib/weblib.php @@ -2109,7 +2109,7 @@ function print_header ($title='', $heading='', $navigation='', $focus='', } else { $menu .= get_string('failedloginattemptsall', '', $count); } - if (isadmin()) { + if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $menu .= ' (
'.get_string('logs').')'; } @@ -2635,7 +2635,7 @@ function print_navigation ($navigation, $return=false) { } $navigation = '
  • ' .str_replace('->', '
  • ', $navigation)."
  • \n"; - $output .= '
  • '. $site->shortname ."
  • \n". $navigation; $output .= "\n"; } diff --git a/login/change_password.php b/login/change_password.php index 3ed48e204d..845783ce78 100644 --- a/login/change_password.php +++ b/login/change_password.php @@ -140,10 +140,10 @@ function validate_form($frm, &$err) { if (empty($frm->username)){ $err->username = get_string('missingusername'); } else { - if (!isadmin() and empty($frm->password)){ + if (!has_capability('moodle/user:update',get_context_instance(CONTEXT_SYSTEM, SITEID)) and empty($frm->password)){ $err->password = get_string('missingpassword'); } else { - if (!isadmin()) { + if (!has_capability('moodle/user:update',get_context_instance(CONTEXT_SYSTEM, SITEID))) { //require non adminusers to give valid password if(!$validpw) { $err->password = get_string('wrongpassword'); @@ -169,7 +169,7 @@ function validate_form($frm, &$err) { if ($frm->newpassword1 <> $frm->newpassword2) { $err->newpassword2 = get_string('passwordsdiffer'); } else { - if(!isadmin() and ($frm->password === $frm->newpassword1)){ + if(!has_capability('moodle/user:update',get_context_instance(CONTEXT_SYSTEM, SITEID)) and ($frm->password === $frm->newpassword1)){ $err->newpassword1 = get_string('mustchangepassword'); } } diff --git a/login/change_password_form.html b/login/change_password_form.html index 38af4fec19..c9a924c1cd 100644 --- a/login/change_password_form.html +++ b/login/change_password_form.html @@ -26,7 +26,7 @@ - + - + diff --git a/message/send.php b/message/send.php index 0ff850cd0f..eed40347f0 100644 --- a/message/send.php +++ b/message/send.php @@ -46,7 +46,7 @@ /// Check that the user is not blocking us!! if ($contact = get_record('message_contacts', 'userid', $user->id, 'contactid', $USER->id)) { - if ($contact->blocked and !isadmin()) { + if ($contact->blocked and !has_capability('moodle/site:readmessages', get_context_instance(CONTEXT_SYSTEM, SITEID))) { print_heading(get_string('userisblockingyou', 'message')); exit; } diff --git a/my/pagelib.php b/my/pagelib.php index 2195da844c..a126458a07 100644 --- a/my/pagelib.php +++ b/my/pagelib.php @@ -12,7 +12,7 @@ class page_my_moodle extends page_base { page_id_and_class($id,$class); if ($id == PAGE_MY_MOODLE) { return true; - } else if (isadmin() && defined('ADMIN_STICKYBLOCKS')) { + } else if (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')) { return true; } return false; @@ -20,7 +20,7 @@ class page_my_moodle extends page_base { function user_is_editing() { global $USER; - if (isadmin() && defined('ADMIN_STICKYBLOCKS')) { + if (has_capability('moodle/site:manageblocks', get_context_instance(CONTEXT_SYSTEM, SITEID)) && defined('ADMIN_STICKYBLOCKS')) { return true; } return (!empty($USER->editing));
    " . get_string("courses") . ""; choose_from_menu ($courses, "id", $course->id, ""); echo "
    : - username)) { ?> + username)) { ?> " /> username)?> @@ -35,7 +35,7 @@
    : " /> diff --git a/login/index.php b/login/index.php index 6c1c47b8cb..26d35670fe 100644 --- a/login/index.php +++ b/login/index.php @@ -180,7 +180,7 @@ } /// Go to my-moodle page instead of homepage if mymoodleredirect enabled - if (!isadmin() and !empty($CFG->mymoodleredirect) and !isguest()) { + if (!has_capability('moodle/site:config',get_context_instance(CONTEXT_SYSTEM, SITEID)) and !empty($CFG->mymoodleredirect) and !isguest()) { if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') { $urltogo = $CFG->wwwroot.'/my/'; } diff --git a/message/history.php b/message/history.php index 8954763fdc..322cf2358e 100644 --- a/message/history.php +++ b/message/history.php @@ -20,7 +20,7 @@ error("User ID 1 was incorrect"); } - if (isadmin()) { // Able to see any discussion + if (has_capability('moodle/site:readmessages', get_context_instance(CONTEXT_SYSTEM, SITEID))) { // Able to see any discussion $userid2 = optional_param('user2', $USER->id, PARAM_INT); if (! $user2 = get_record("user", "id", $userid2)) { // Check error("User ID 2 was incorrect"); diff --git a/message/search.html b/message/search.html index 84fd00c57e..0d14aac021 100644 --- a/message/search.html +++ b/message/search.html @@ -43,7 +43,7 @@