From: vyshane Date: Fri, 25 Aug 2006 08:27:28 +0000 (+0000) Subject: Added has_capability checks X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=6ac96fcb3c80d94fc1b2a2c28c415f9ec8700846;p=moodle.git Added has_capability checks --- diff --git a/course/report/stats/graph.php b/course/report/stats/graph.php index 610710bad2..09c69d5d1e 100644 --- a/course/report/stats/graph.php +++ b/course/report/stats/graph.php @@ -21,8 +21,10 @@ } require_login(); - if (!isteacher($course->id)) { - error("You need to be a teacher to use this page"); + $context = get_context_instance(CONTEXT_COURSE, $course->id); + + if (!has_capability('moodle/site:viewreports', $context)) { + error('You need do not have the required permission to view reports for this course'); } stats_check_uptodate($course->id); diff --git a/course/report/stats/index.php b/course/report/stats/index.php index e45c200acd..6554fb7f17 100644 --- a/course/report/stats/index.php +++ b/course/report/stats/index.php @@ -33,8 +33,10 @@ } require_login(); - if (!isteacher($course->id)) { - error("You need to be a teacher to use this page"); + $context = get_context_instance(CONTEXT_COURSE, $course->id); + + if (!has_capability('moodle/site:viewreports', $context)) { + error('You need do not have the required permission to view reports for this course'); } add_to_log($course->id, "course", "report stats", "report/stats/index.php?course=$course->id", $course->id); diff --git a/course/report/stats/report.php b/course/report/stats/report.php index b413fb2903..f25bf74db0 100644 --- a/course/report/stats/report.php +++ b/course/report/stats/report.php @@ -4,7 +4,9 @@ $courseoptions = array(); foreach ($courses as $c) { - if (isteacher($c->id)) { + $context = get_context_instance(CONTEXT_COURSE, $c->id); + + if (has_capability('moodle/site:viewreports', $context)) { $courseoptions[$c->id] = $c->shortname; } }