From: toyomoyo Date: Tue, 22 Aug 2006 09:04:23 +0000 (+0000) Subject: some quiz capabilities X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=5cf38a57cd9c1fbbf95423b44101caa2b2fdb4cd;p=moodle.git some quiz capabilities --- diff --git a/lib/accesslib.php b/lib/accesslib.php index fcdaab999d..20a5c25488 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -358,7 +358,9 @@ function load_user_capability($capability='', $context ='', $userid='') { $usercontexts = get_parent_contexts($context); $listofcontexts = '('.implode(',', $usercontexts).')'; } else { // else, we load everything + echo $userid; $userroles = get_records('role_assignments','userid',$userid); + $usercontexts = array(); foreach ($userroles as $userrole) { $usercontexts[] = $userrole->contextid; @@ -415,10 +417,9 @@ function load_user_capability($capability='', $context ='', $userid='') { aggregatelevel ASC "; - $capabilities = array(); // Reinitialize. $rs = get_recordset_sql($SQL); - + if ($rs && $rs->RecordCount() > 0) { while (!$rs->EOF) { $array = $rs->fields; diff --git a/mod/quiz/attempt.php b/mod/quiz/attempt.php index f9387937b6..34409901b6 100644 --- a/mod/quiz/attempt.php +++ b/mod/quiz/attempt.php @@ -58,9 +58,11 @@ require_login($course->id, false, $cm); $isteacher = isteacher($course->id); - + + $coursecontext = get_context_instance(CONTEXT_COURSE, $id); // course context + $context = get_context_instance(CONTEXT_MODULE, $cm->id); // if no questions have been set up yet redirect to edit.php - if (!$quiz->questions and isteacheredit($course->id)) { + if (!$quiz->questions and has_capability('mod/quiz:manage', $context) { redirect('edit.php?quizid='.$quiz->id); } @@ -81,7 +83,7 @@ print_header($course->shortname.': '.format_string($quiz->name), '', '', '', '', false, '', '', false, ''); include('protect_js.php'); } else { - $strupdatemodule = isteacheredit($course->id) + $strupdatemodule = has_capability('moodle/course:manageactivities', $coursecontext) ? update_module_button($cm->id, $course->id, get_string('modulename', 'quiz')) : ""; print_header_simple(format_string($quiz->name), "", @@ -93,7 +95,7 @@ echo ''; // for overlib /// Print the quiz name heading and tabs for teacher - if ($isteacher) { + if (has_capability('mod/quiz:preview', $context)) { $currenttab = 'preview'; include('tabs.php'); } else { @@ -187,7 +189,7 @@ /// Load attempt or create a new attempt if there is no unfinished one - if ($isteacher and $forcenew) { // teacher wants a new preview + if (has_capability('mod/quiz:preview', $context) and $forcenew) { // teacher wants a new preview // so we set a finish time on the current attempt (if any). // It will then automatically be deleted below set_field('quiz_attempts', 'timefinish', $timestamp, 'quiz', $quiz->id, 'userid', $USER->id); @@ -200,7 +202,7 @@ if (!$attempt) { // Check if this is a preview request from a teacher // in which case the previous previews should be deleted - if ($isteacher) { + if (has_capability('mod/quiz:preview', $context) { if ($oldattempts = get_records_select('quiz_attempts', "quiz = '$quiz->id' AND userid = '$USER->id'")) { delete_records('quiz_attempts', 'quiz', $quiz->id, 'userid', $USER->id); @@ -215,7 +217,7 @@ // Start a new attempt and initialize the question sessions $attempt = quiz_create_attempt($quiz, $attemptnumber); // If this is an attempt by a teacher mark it as a preview - if ($isteacher) { + if (has_capability('mod/quiz:preview', $context)) { $attempt->preview = 1; } // Save the attempt @@ -451,7 +453,7 @@ /// Print the quiz page //////////////////////////////////////////////////////// /// Print the preview heading - if ($isteacher) { + if (has_capability('mod/quiz:preview', $context)) { print_heading(get_string('previewquiz', 'quiz', format_string($quiz->name))); unset($buttonoptions); $buttonoptions['q'] = $quiz->id; diff --git a/mod/quiz/comment.php b/mod/quiz/comment.php index 34f0d1806f..e1a960ac25 100644 --- a/mod/quiz/comment.php +++ b/mod/quiz/comment.php @@ -30,9 +30,10 @@ require_login($course->id); - if (!isteacher($course->id)) { - error('This page is for teachers only'); - } + $cm = get_coursemodule_from_instance('quiz', $quiz->id); + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + + require_capability('mod/quiz:grade', $context); // Load question if (! $question = get_record('question', 'id', $questionid)) { diff --git a/mod/quiz/edit.php b/mod/quiz/edit.php index a930a19565..5109cafe89 100644 --- a/mod/quiz/edit.php +++ b/mod/quiz/edit.php @@ -99,12 +99,13 @@ if (self.name == 'editquestion') { if (! $course = get_record("course", "id", $modform->course)) { error("This course doesn't exist"); } + + $coursecontext = get_context_instance(CONTEXT_COURSE, $id); require_login($course->id, false); - if (!isteacheredit($course->id)) { - error("You can't modify this course!"); - } + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + require_capability('mod/quiz:manage', $context); if (isset($modform->instance) && empty($modform->grades)) // Construct an array to hold all the grades. @@ -309,7 +310,7 @@ if (self.name == 'editquestion') { if (isset($modform->instance) and record_exists_sql("SELECT * FROM {$CFG->prefix}quiz_attempts WHERE quiz = '$modform->instance' AND preview = '0' LIMIT 1")){ // one column layout with table of questions used in this quiz - $strupdatemodule = isteacheredit($course->id) + $strupdatemodule = has_capability('moodle/course:manageactivities', $coursecontext) ? update_module_button($modform->cmid, $course->id, get_string('modulename', 'quiz')) : ""; print_header_simple($streditingquiz, '', @@ -346,7 +347,7 @@ if (self.name == 'editquestion') { } // two column layout with quiz info in left column - $strupdatemodule = isteacheredit($course->id) + $strupdatemodule = has_capability('moodle/course:manageactivities', $coursecontext) ? update_module_button($modform->cmid, $course->id, get_string('modulename', 'quiz')) : ""; print_header_simple($streditingquiz, '', diff --git a/mod/quiz/index.php b/mod/quiz/index.php index e8f2986f8e..33dce3e16e 100644 --- a/mod/quiz/index.php +++ b/mod/quiz/index.php @@ -57,7 +57,8 @@ $strattempts = get_string("attempts", "quiz"); $strusers = $course->students; - if (isteacher($course->id)) { + $context = get_context_instance(CONTEXT_COURSE, $id); + if (has_capability('mod/quiz:viewreports', $context)) { $gradecol = $strattempts; } else { $gradecol = $strbestgrade; @@ -80,6 +81,10 @@ $currentsection = ""; foreach ($quizzes as $quiz) { + + $cm = get_coursemodule_from_instance('quiz', $quiz->id); + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + if (!$quiz->visible) { //Show dimmed if the mod is hidden $link = "coursemodule\">".format_string($quiz->name,true).""; @@ -103,7 +108,7 @@ $closequiz = $quiz->timeclose ? userdate($quiz->timeclose) : ''; - if (isteacher($course->id)) { + if (has_capability('mod/quiz:viewreports', $context)) { if ($a->attemptnum = count_records('quiz_attempts', 'quiz', $quiz->id, 'preview', 0)) { $a->studentnum = count_records_select('quiz_attempts', "quiz = '$quiz->id' AND preview = '0'", 'COUNT(DISTINCT userid)'); $a->studentstring = $course->students; diff --git a/mod/quiz/report.php b/mod/quiz/report.php index 80e7d8ac05..fedeb30684 100644 --- a/mod/quiz/report.php +++ b/mod/quiz/report.php @@ -36,13 +36,11 @@ } require_login($course->id, false); - - if (!isteacher($course->id)) { - error("You are not allowed to use this script"); - } + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + require_capability('mod/quiz:viewre ports', $context); // if no questions have been set up yet redirect to edit.php - if (!$quiz->questions and isteacheredit($course->id)) { + if (!$quiz->questions and has_capability('mod/quiz:manage', $context)) { redirect('edit.php?quizid='.$quiz->id); } diff --git a/mod/quiz/review.php b/mod/quiz/review.php index e6a4bf6928..7905d24407 100644 --- a/mod/quiz/review.php +++ b/mod/quiz/review.php @@ -37,11 +37,14 @@ } require_login($course->id, false, $cm); + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + $coursecontext = get_context_instance(CONTEXT_COURSE, $id); $isteacher = isteacher($course->id); $options = quiz_get_reviewoptions($quiz, $attempt, $isteacher); $popup = $isteacher ? 0 : $quiz->popup; // Controls whether this is shown in a javascript-protected window. - if (!$isteacher) { + // this capability is not correct, need to find the right one + if (!has_capability('mod/quiz:manage', $context)) { if (!$attempt->timefinish) { redirect('attempt.php?q='.$quiz->id); } @@ -90,7 +93,7 @@ /// Include Javascript protection for this page include('protect_js.php'); } else { - $strupdatemodule = isteacheredit($course->id) + $strupdatemodule = has_capability('moodle/course:manageactivities', $coursecontext) ? update_module_button($cm->id, $course->id, get_string('modulename', 'quiz')) : ""; print_header_simple(format_string($quiz->name), "", @@ -101,7 +104,7 @@ echo ''; // for overlib /// Print heading and tabs if this is part of a preview - if ($isteacher) { + if (has_capability('mod/quiz:preview', $context)) { if ($attempt->userid == $USER->id) { // this is the report on a preview $currenttab = 'preview'; } else { @@ -162,7 +165,7 @@ $picture = print_user_picture($student->id, $course->id, $student->picture, false, true); $table->data[] = array($picture, ''.fullname($student, true).''); } - if ($isteacher and count($attempts = get_records_select('quiz_attempts', "quiz = '$quiz->id' AND userid = '$attempt->userid'", 'attempt ASC')) > 1) { + if (has_capability('mod/quiz:grade', $context) and count($attempts = get_records_select('quiz_attempts', "quiz = '$quiz->id' AND userid = '$attempt->userid'", 'attempt ASC')) > 1) { // print list of attempts $attemptlist = ''; foreach ($attempts as $at) { diff --git a/mod/quiz/tabs.php b/mod/quiz/tabs.php index 1b60098de3..f4c5367418 100644 --- a/mod/quiz/tabs.php +++ b/mod/quiz/tabs.php @@ -28,13 +28,15 @@ $tabs = array(); $row = array(); $inactive = array(); - - $row[] = new tabobject('info', "$CFG->wwwroot/mod/quiz/view.php?q=$quiz->id", get_string('info', 'quiz')); + if (has_capability('mod/quiz:viewreports', $context)) { + $row[] = new tabobject('info', "$CFG->wwwroot/mod/quiz/view.php?q=$quiz->id", get_string('info', 'quiz')); $row[] = new tabobject('reports', "$CFG->wwwroot/mod/quiz/report.php?q=$quiz->id", get_string('results', 'quiz')); } - $row[] = new tabobject('preview', "$CFG->wwwroot/mod/quiz/attempt.php?q=$quiz->id", get_string('preview', 'quiz')); - if (has_capability('mod/quiz:manage', $context)) { + if (has_capability('mod/quiz:viewreports', $context)) { + $row[] = new tabobject('preview', "$CFG->wwwroot/mod/quiz/attempt.php?q=$quiz->id", get_string('preview', 'quiz')); + } + if (has_capability('mod/quiz:preview', $context)) { $row[] = new tabobject('edit', "$CFG->wwwroot/mod/quiz/edit.php?quizid=$quiz->id", get_string('edit')); } diff --git a/mod/quiz/view.php b/mod/quiz/view.php index 2219f4c4af..36f6b37d1c 100644 --- a/mod/quiz/view.php +++ b/mod/quiz/view.php @@ -35,12 +35,13 @@ error("The course module for the quiz with id $q is missing"); } } - + require_login($course->id, false, $cm); + $context = get_context_instance(CONTEXT_MODULE, $cm->id); $isteacher = isteacher($course->id); // if no questions have been set up yet redirect to edit.php - if (!$quiz->questions and isteacheredit($course->id)) { + if (!$quiz->questions and has_capability('mod/quiz:manage', $context)) { redirect('edit.php?quizid='.$quiz->id); } @@ -80,10 +81,10 @@ // Print the main part of the page // Print heading and tabs for teacher - if ($isteacher) { - $currenttab = 'info'; - include('tabs.php'); - } + + $currenttab = 'info'; + include('tabs.php'); + print_heading(format_string($quiz->name)); if (trim(strip_tags($quiz->intro))) { @@ -110,7 +111,7 @@ // This is all the teacher will get - if ($isteacher) { + if (has_capability('mod/quiz:manage', $context)) { if ($a->attemptnum = count_records('quiz_attempts', 'quiz', $quiz->id, 'preview', 0)) { $a->studentnum = count_records_select('quiz_attempts', "quiz = '$quiz->id' AND preview = '0'", 'COUNT(DISTINCT userid)'); $a->studentstring = $course->students; @@ -123,20 +124,6 @@ exit; } - if (isguest()) { - - $wwwroot = $CFG->wwwroot.'/login/index.php'; - if (!empty($CFG->loginhttps)) { - $wwwroot = str_replace('http:','https:', $wwwroot); - } - - notice_yesno(get_string('guestsno', 'quiz').'

'.get_string('liketologin'), - $wwwroot, $_SERVER['HTTP_REFERER']); - print_footer($course); - echo ''; - exit; - } - if ($attempts = quiz_get_user_attempts($quiz->id, $USER->id)) { $numattempts = count($attempts); } else { @@ -203,7 +190,7 @@ if ($attempt->timefinish > 0) { // attempt has finished $timetaken = format_time($attempt->timefinish - $attempt->timestart); $datecompleted = userdate($attempt->timefinish); - } else if ($available) { // The student can continue this attempt, so put appropriate link + } else if ($available && has_capability('mod/quiz:attempt', $context)) { // The student can continue this attempt, so put appropriate link $timetaken = format_time(time() - $attempt->timestart); $datecompleted = "\n".'