From: toyomoyo Date: Wed, 18 Jul 2007 08:13:09 +0000 (+0000) Subject: adding capabilities check X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=5c2aa198942e3396b0c66021ff33df256f445c69;p=moodle.git adding capabilities check --- diff --git a/grade/export/lib.php b/grade/export/lib.php index d241a79f13..94e2e869c3 100755 --- a/grade/export/lib.php +++ b/grade/export/lib.php @@ -76,8 +76,8 @@ class grade_export { if (! $course = get_record("course", "id", $id)) { error("Course ID was incorrect"); } - - require_capability('moodle/course:viewcoursegrades', get_context_instance(CONTEXT_COURSE, $id)); + $context = get_context_instance(CONTEXT_COURSE, $id); + require_capability('moodle/course:viewcoursegrades', $context); $this->id = $id; $this->course = $course; @@ -104,7 +104,7 @@ class grade_export { if ($currentgroup) { $this->students = get_group_students($currentgroup, "u.lastname ASC"); } else { - $this->students = grade_get_course_students($course->id); + $this->students = get_role_users(@implode(',', $CFG->gradebookroles), $context); } if (!empty($this->students)) { diff --git a/grade/export/ods/index.php b/grade/export/ods/index.php index 070bbc52eb..c6aa5ec537 100755 --- a/grade/export/ods/index.php +++ b/grade/export/ods/index.php @@ -26,6 +26,10 @@ require_once($CFG->dirroot.'/grade/export/lib.php'); require_once('grade_export_ods.php'); $id = required_param('id', PARAM_INT); // course id + +require_login($id); +require_capability('moodle/course:downloadallgrades', get_context_instance(CONTEXT_COURSE, $id)); + $course = get_record('course', 'id', $id); $feedback = optional_param('feedback', '', PARAM_ALPHA); $strgrades = get_string('grades', 'grades'); diff --git a/grade/export/txt/index.php b/grade/export/txt/index.php index 6617f91f23..47d461d03e 100755 --- a/grade/export/txt/index.php +++ b/grade/export/txt/index.php @@ -26,6 +26,10 @@ require_once($CFG->dirroot.'/grade/export/lib.php'); require_once('grade_export_txt.php'); $id = required_param('id', PARAM_INT); // course id + +require_login($id); +require_capability('moodle/course:downloadallgrades', get_context_instance(CONTEXT_COURSE, $id)); + $feedback = optional_param('feedback', '', PARAM_ALPHA); $course = get_record('course', 'id', $id); $strgrades = get_string('grades', 'grades'); diff --git a/grade/export/xls/index.php b/grade/export/xls/index.php index f23f6becf8..006d29c945 100755 --- a/grade/export/xls/index.php +++ b/grade/export/xls/index.php @@ -26,6 +26,10 @@ require_once($CFG->dirroot.'/grade/export/lib.php'); require_once('grade_export_xls.php'); $id = required_param('id', PARAM_INT); // course id + +require_login($id); +require_capability('moodle/course:downloadallgrades', get_context_instance(CONTEXT_COURSE, $id)); + $course = get_record('course', 'id', $id); $feedback = optional_param('feedback', '', PARAM_ALPHA); diff --git a/grade/export/xml/index.php b/grade/export/xml/index.php index b65f52e4f8..774045cb8f 100755 --- a/grade/export/xml/index.php +++ b/grade/export/xml/index.php @@ -25,7 +25,11 @@ require_once("../../../config.php"); require_once($CFG->dirroot.'/grade/export/lib.php'); require_once('grade_export_xml.php'); -$id = required_param('id', PARAM_INT); // course id +$id = required_param('id', PARAM_INT); // course id + +require_login($id); +require_capability('moodle/course:downloadallgrades', get_context_instance(CONTEXT_COURSE, $id)); + $course = get_record('course', 'id', $id); $feedback = optional_param('feedback', '', PARAM_ALPHA); diff --git a/grade/import/grade_import_form.php b/grade/import/grade_import_form.php index bfbe68d0bd..7f530473bc 100755 --- a/grade/import/grade_import_form.php +++ b/grade/import/grade_import_form.php @@ -50,7 +50,7 @@ class grade_import_mapping_form extends moodleform { if ($header) { foreach ($header as $i=>$h) { - $mapfromoptions[$i] = $h; + $mapfromoptions[$i] = s($h); } } $mform->addElement('select', 'mapfrom', get_string('mapfrom', 'grades'), $mapfromoptions);