From: toyomoyo Date: Wed, 30 Aug 2006 08:43:17 +0000 (+0000) Subject: added some capabilities X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=81e956b964e2d0eac4b89d4bfa90438273d706ae;p=moodle.git added some capabilities --- diff --git a/mod/data/edit.php b/mod/data/edit.php index ef95f67d77..d000acb797 100755 --- a/mod/data/edit.php +++ b/mod/data/edit.php @@ -60,9 +60,11 @@ if (!isloggedin() or isguest()) { redirect('view.php?d='.$data->id); } + + $context = get_context_instance(CONTEXT_MODULE, $cm->id); /// If it's hidden then it's don't show anything. :) - if (empty($cm->visible) and !isteacher($course->id)) { + if (empty($cm->visible) and !has_capability('moodle/course:viewhiddenactivities', $context)) { $strdatabases = get_string("modulenameplural", "data"); $navigation = "id\">$strdatabases ->"; print_header_simple(format_string($data->name), "", @@ -71,19 +73,14 @@ } /// Can't use this if there are no fields - if (isteacher($course->id)) { + if (has_capability('mod/data:managetemplates', $context)) { if (!record_exists('data_fields','dataid',$data->id)) { // Brand new database! redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry } } -/// Check access for participants - if ((!isteacher($course->id)) && $data->participants == DATA_TEACHERS_ONLY) { - error (get_string('noaccess','data')); - } - if ($rid) { // So do you have access? - if (!(isteacher($course->id) or data_isowner($rid)) or !confirm_sesskey() ) { + if (!(has_capability('mod/data:manageentries', $context) or data_isowner($rid)) or !confirm_sesskey() ) { error(get_string('noaccess','data')); } } @@ -138,7 +135,7 @@ /// All student edits are marked unapproved by default $record = get_record('data_records','id',$rid); - if ($data->approval == 1 || isteacher($course->id)) { + if ($data->approval == 1 || has_capability('mod/data:approve', $context)) { $record->approved = 1; } else { $record->approved = 0; @@ -171,7 +168,7 @@ /// Check if maximum number of entry as specified by this database is reached /// Of course, you can't be stopped if you are an editting teacher! =) - if (data_atmaxentries($data) and !isteacheredit($course->id)){ + if (data_atmaxentries($data) and !has_capability('mod/data:manageentries',$context)){ notify (get_string('atmaxentry','data')); print_footer($course); exit; @@ -281,7 +278,7 @@ /// Upload records section. Only for teachers and the admin. - if (isteacher($course->id)) { + if (has_capability('mod/data:manageentries',$context)) { if ($import) { print_simple_box_start('center','80%'); print_heading(get_string('uploadrecords', 'data'), '', 3); diff --git a/mod/data/field.php b/mod/data/field.php index a8b492da46..8c0e55e0af 100755 --- a/mod/data/field.php +++ b/mod/data/field.php @@ -67,13 +67,6 @@ $context = get_context_instance(CONTEXT_MODULE, $cm->id); require_capability('mod/data:managetemplates', $context); - - - if (!isteacheredit($course->id)){ - error(get_string('noaccess','data')); - } - - /************************************ * Data Processing * diff --git a/mod/data/field/latlong/field.class.php b/mod/data/field/latlong/field.class.php index 2748bb7484..54f667b20c 100755 --- a/mod/data/field/latlong/field.class.php +++ b/mod/data/field/latlong/field.class.php @@ -1,4 +1,4 @@ -visible) and !isteacher($course->id)) { +if (empty($cm->visible) and !has_capability('moodle/course:viewhiddenactivities',get_context_instance(CONTEXT_MODULE, $cm->id))) { $strdatabases = get_string("modulenameplural", "data"); $navigation = "id\">$strdatabases ->"; print_header_simple(format_string($data->name), "", @@ -65,7 +65,7 @@ if (empty($cm->visible) and !isteacher($course->id)) { } /// If we have an empty Database then redirect because this page is useless without data -if (isteacher($course->id)) { +if (has_capability('mod/data:managetemplates', $context)) { if (!record_exists('data_fields','dataid',$data->id)) { // Brand new database! redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry } diff --git a/mod/data/import.php b/mod/data/import.php index d7cb6281b4..d0216df3dd 100755 --- a/mod/data/import.php +++ b/mod/data/import.php @@ -66,18 +66,11 @@ } } - ///checking for participants - // needs fixing? - /* - if ((!isteacher($course->id)) && $data->participants == DATA_TEACHERS_ONLY) { - error ('students are not allowed to participate in this activity'); - } - if ($rid){ //editting a record, do you have access to edit this? - if (!isteacher($course->id) or !data_isowner($rid) or !confirm_sesskey()){ + if (!has_capability('mod/data:manageentries', $context) or !data_isowner($rid) or !confirm_sesskey()){ error (get_string('noaccess','data')); } - }*/ + } /// Print the page header diff --git a/mod/data/index.php b/mod/data/index.php index 48eb316850..1880e0e5ea 100755 --- a/mod/data/index.php +++ b/mod/data/index.php @@ -74,7 +74,7 @@ } $currentgroup = get_current_group($course->id); - if ($currentgroup and isteacheredit($course->id)) { + if ($currentgroup and has_capability('mod/data:manageentries', $context)) { $group = get_record("groups", "id", $currentgroup); $groupname = " ($group->name)"; } else { diff --git a/mod/data/lib.php b/mod/data/lib.php index 3df1f8d3cc..3805b11fd2 100755 --- a/mod/data/lib.php +++ b/mod/data/lib.php @@ -557,7 +557,6 @@ function data_add_record($data, $groupid=0){ $record->groupid = $groupid; $record->timecreated = $record->timemodified = time(); if (has_capability('mod/data:approve', $context)) { - //if (isteacher($data->course)) { $record->approved = 1; } else { $record->approved = 0; @@ -857,7 +856,7 @@ function data_print_template($template, $records, $data, $search='',$page=0, $re foreach ($fieldrecords as $fieldrecord) { $fields[]= data_get_field($fieldrecord, $data); } - $isteacher = isteacher($data->course); + $isteacher = has_capability('mod/data:managetemplates', $context); } if (empty($records)) { diff --git a/mod/data/preset.php b/mod/data/preset.php index 91f4963318..aef44602f0 100644 --- a/mod/data/preset.php +++ b/mod/data/preset.php @@ -42,10 +42,7 @@ if ($id) { require_login($course->id); -if (!isteacher($course->id)) { - error('Must be a teacher to Import Database'); -} - +require_capability('mod/data:managetemplates', get_context_instance(CONTEXT_MODULE, $cm->id)) /* get the list of standard presets found in /mod/data/preset */ $presets = array(); diff --git a/mod/data/report.php b/mod/data/report.php index 12d01de1e6..2e0098d1e3 100755 --- a/mod/data/report.php +++ b/mod/data/report.php @@ -40,7 +40,7 @@ echo "$strname"; echo "$strrating"; foreach ($ratings as $rating) { - if (isteacher($data->course)) { + if (has_capability('mod/data:manageentries', $context)) { echo ''; } else { echo ''; diff --git a/mod/glossary/lib.php b/mod/glossary/lib.php index 4578d12f28..075f7e80df 100644 --- a/mod/glossary/lib.php +++ b/mod/glossary/lib.php @@ -504,7 +504,7 @@ function glossary_get_entries_search($concept, $courseid) { //Check if the user is a teacher $bypassteacher = 1; //This means NO (by default) - if (isteacher($courseid)) { + if (has_capability('mod/glossary:manageentries', get_context_instance(CONTEXT_COURSE, $courseid))) { $bypassteacher = 0; //This means YES } @@ -947,7 +947,7 @@ function glossary_search($course, $searchterms, $extended = 0, $glossary = NULL) $glos = $glossary->id; } - if (!isteacher($glossary->course)) { + if (!has_capability('mod/glossary:manageentries', get_context_instance(CONTEXT_COURSE, $glossary->course))) { $glossarymodule = get_record("modules", "name", "glossary"); $onlyvisible = " AND g.id = cm.instance AND cm.visible = 1 AND cm.module = $glossarymodule->id"; $onlyvisibletable = ", {$CFG->prefix}course_modules cm"; diff --git a/mod/glossary/showentry.php b/mod/glossary/showentry.php index 7c790f14f4..ced02327f3 100644 --- a/mod/glossary/showentry.php +++ b/mod/glossary/showentry.php @@ -18,7 +18,7 @@ if (!$cm = get_coursemodule_from_instance("glossary", $glossary->id)) { error("Could not determine which course module this belonged to!"); } - if (!$cm->visible and !isteacher($cm->course)) { + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_MODULE, $cm->id))) { redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden')); } $entry->cmid = $cm->id; diff --git a/mod/glossary/view.php b/mod/glossary/view.php index 0034958f7a..165a3ec526 100644 --- a/mod/glossary/view.php +++ b/mod/glossary/view.php @@ -119,7 +119,7 @@ $navigation = "id\">$course->shortname ->"; require_login($course->id); } - if (!$cm->visible and !isteacher($course->id)) { + if (!$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $context)) { print_header(); notice(get_string("activityiscurrentlyhidden")); } @@ -252,7 +252,7 @@ /// the "Print" icon $printicon = ''; if ( $isuserframe and $mode != 'search') { - if (isteacher($course->id) or $glossary->allowprintview) { + if (has_capability('mod/glossary:manageentries', $context) or $glossary->allowprintview) { $printicon = " id&mode=$mode&hook=$hook&sortkey=$sortkey&sortorder=$sortorder&offset=$offset\">\"\""; } } diff --git a/mod/hotpot/index.php b/mod/hotpot/index.php index e7226ac5a5..e771d5355e 100644 --- a/mod/hotpot/index.php +++ b/mod/hotpot/index.php @@ -7,7 +7,8 @@ require_once("lib.php"); $id = required_param("id"); // course - + $coursecontext = get_context_instance(CONTEXT_COURSE, $id); + if (! $course = get_record("course", "id", $id)) { error("Course ID is incorrect"); } @@ -240,7 +241,7 @@ MAX(a.score) AS maxscore "; $select = "a.hotpot IN ($hotpotids)"; - if (isteacher($course->id)) { + if (has_capability('mod/hotpot:viewreport', $coursecontext)) { // do nothing (=get all users) } else { // restrict results to this user only @@ -298,7 +299,7 @@ array_push($table->head, $title); array_push($table->align, "center"); } - if (isteacheredit($course->id)) { + if (has_capability('moodle/course:manageactivities', $coursecontext)) { array_push($table->head, $strupdate); array_push($table->align, "center"); } @@ -311,7 +312,7 @@ array_push($table->align, "left", "left", "center", "left" ); - if (isadmin()) { + if (has_capability('mod/hotpot:grade', $coursecontext)) { array_push($table->head, $strregrade); array_push($table->align, "center"); } @@ -350,9 +351,11 @@ $bestscore = " "; } else { + + $cm = get_coursemodule_from_instance('hotpot', $hotpot->id); // report number of attempts and users $report = get_string("viewallreports","quiz", $totals[$hotpot->id]->attemptcount); - if (isteacher($course->id)) { + if (has_capability('mod/hotpot:viewreport', get_context_instance(CONTEXT_MODULE, $cm->id))) { $report .= " (".$totals[$hotpot->id]->usercount." $strusers)"; } $report = ''.$report.''; @@ -377,7 +380,7 @@ array_push($data, $printsection); } - if (isteacheredit($course->id)) { + if (has_capability('moodle/course:manageactivities', $coursecontext)) { $updatebutton = '' . '
' . '' diff --git a/mod/hotpot/lib.php b/mod/hotpot/lib.php index a7d2b4582b..133bd88c36 100644 --- a/mod/hotpot/lib.php +++ b/mod/hotpot/lib.php @@ -707,7 +707,8 @@ function hotpot_get_all_instances_in_course($modulename, $course) { if ($rawmods = get_records_sql($query)) { // cache $isteacher setting - $isteacher = isteacher($course->id); + + $isteacher = has_capability('mod/hotpot:viewreport', get_context_instance(CONTEXT_MODULE, $course->id)); $explodesection = array(); $order = array(); @@ -1018,7 +1019,7 @@ function hotpot_print_recent_mod_activity($activity, $course, $detail=false) { $href = "$CFG->wwwroot/mod/hotpot/view.php?hp=$activity->instance"; print ''.$activity->name.' - '; } - if (isteacher($course)) { + if (has_capability('mod/hotpot:viewreport',get_context_instance(CONTEXT_COURSE, $course))) { // score (with link to attempt details) $href = "$CFG->wwwroot/mod/hotpot/review.php?hp=$activity->instance&attempt=".$activity->content->attemptid; print '('.hotpot_format_score($activity->content).') '; diff --git a/mod/hotpot/report.php b/mod/hotpot/report.php index 7ad0b12d92..ee97ff1fdc 100644 --- a/mod/hotpot/report.php +++ b/mod/hotpot/report.php @@ -31,13 +31,14 @@ } } + $context = get_context_instance(CONTEXT_MODULE, $cm->id); // set homeurl of couse (for error messages) $course_homeurl = "$CFG->wwwroot/course/view.php?id=$course->id"; require_login($course->id); // get report mode - if (isteacher($course->id)) { + if (has_capability('mod/hotpot:viewreport',$context)) { $mode = optional_param("mode", "overview"); } else { // students have no choice @@ -48,7 +49,7 @@ $formdata = array( 'mode' => $mode, 'reportcourse' => isadmin() ? optional_param('reportcourse', get_user_preferences('hotpot_reportcourse', 'this')) : 'this', - 'reportusers' => isteacher($course->id) ? optional_param('reportusers', get_user_preferences('hotpot_reportusers', 'all')) : 'this', + 'reportusers' => has_capability('mod/hotpot:viewreport',$context) ? optional_param('reportusers', get_user_preferences('hotpot_reportusers', 'all')) : 'this', 'reportattempts' => optional_param('reportattempts', get_user_preferences('hotpot_reportattempts', 'all')), 'reportformat' => optional_param('reportformat', 'htm'), 'reportshowlegend' => optional_param('reportshowlegend', get_user_preferences('hotpot_reportshowlegend', '0')), @@ -67,13 +68,13 @@ // print page header. if required if ($formdata['reportformat']=='htm') { hotpot_print_report_heading($course, $cm, $hotpot, $mode); - if (isteacher($course->id)) { + if (has_capability('mod/hotpot:viewreport',$context)) { hotpot_print_report_selector($course, $hotpot, $formdata); } } // delete selected attempts, if any - if (isteacher($course->id)) { + if (has_capability('mod/hotpot:deleteattempt',$context)) { $del = optional_param("del", ""); hotpot_delete_selected_attempts($hotpot, $del); } @@ -384,7 +385,7 @@ function hotpot_print_report_heading(&$course, &$cm, &$hotpot, &$mode) { $navigation = "id>$strmodulenameplural -> "; $navigation .= "id\">$hotpot->name -> "; - if (isteacher($course->id)) { + if (has_capability('mod/hotpot:viewreport',$context)) { if ($mode=='overview' || $mode=='simplestat' || $mode=='fullstat') { $module = "quiz"; } else { diff --git a/mod/hotpot/report/click/report.php b/mod/hotpot/report/click/report.php index 2bbc4163d7..9ca0dc58a3 100644 --- a/mod/hotpot/report/click/report.php +++ b/mod/hotpot/report/click/report.php @@ -53,7 +53,7 @@ class hotpot_report extends hotpot_default_report { // set align and wrap $this->set_align_and_wrap($table); // is link to review allowed? - $allow_review = ($is_html && (isteacher($course->id) || $hotpot->review)); + $allow_review = ($is_html && (has_capability('mod/hotpot:viewreport',get_context_instance(CONTEXT_COURSE, $course->id)) || $hotpot->review)); // initialize array of data values $this->data = array(); // set exercise data values diff --git a/mod/hotpot/report/fullstat/report.php b/mod/hotpot/report/fullstat/report.php index 7eafbae7c2..f038e9f4d8 100644 --- a/mod/hotpot/report/fullstat/report.php +++ b/mod/hotpot/report/fullstat/report.php @@ -26,7 +26,7 @@ class hotpot_report extends hotpot_default_report { $nobr_start = $is_html ? '' : ''; $nobr_end = $is_html ? '' : ''; // is review allowed? (do this once here, to save time later) - $allow_review = ($is_html && (isteacher($course->id) || $hotpot->review)); + $allow_review = ($is_html && (has_capability('mod/hotpot:viewreport',get_context_instance(CONTEXT_COURSE, $course->id)) || $hotpot->review)); // assume penalties column is NOT required $show_penalties = false; // initialize $table diff --git a/mod/hotpot/report/overview/report.php b/mod/hotpot/report/overview/report.php index f34c147598..fd691c2a47 100644 --- a/mod/hotpot/report/overview/report.php +++ b/mod/hotpot/report/overview/report.php @@ -82,11 +82,11 @@ class hotpot_report extends hotpot_default_report { } $attemptnumber = $attempt->attempt; $starttime = trim(userdate($attempt->timestart, $strtimeformat)); - if ($is_html && isset($attempt->score) && (isteacher($course->id) || $hotpot->review)) { + if ($is_html && isset($attempt->score) && (has_capability('mod/hotpot:viewreport',get_context_instance(CONTEXT_COURSE, $course->id)) || $hotpot->review)) { $attemptnumber = ''.$attemptnumber.''; $starttime = ''.$starttime.''; } - if ($is_html && isteacher($course->id)) { + if ($is_html && has_capability('mod/hotpot:viewreport',get_context_instance(CONTEXT_COURSE, $course))) { $checkbox = ''.$spacer; } else { $checkbox = ''; @@ -111,7 +111,7 @@ class hotpot_report extends hotpot_default_report { // remove final 'hr' from data rows array_pop($table->data); // add the "delete" form to the table - if ($options['reportformat']=='htm' && isteacher($course->id)) { + if ($options['reportformat']=='htm' && has_capability('mod/hotpot:viewreport',get_context_instance(CONTEXT_COURSE, $course->id))) { $strdeletecheck = get_string('deleteattemptcheck','quiz'); $table->start = $this->deleteform_javascript(); $table->start .= ''."\n"; diff --git a/mod/hotpot/report/simplestat/report.php b/mod/hotpot/report/simplestat/report.php index b5f1b80e36..6df2e561e0 100644 --- a/mod/hotpot/report/simplestat/report.php +++ b/mod/hotpot/report/simplestat/report.php @@ -15,7 +15,7 @@ class hotpot_report extends hotpot_default_report { $is_html = ($options['reportformat']=='htm'); $blank = ($download ? '' : ' '); $no_value = ($download ? '' : '-'); - $allow_review = true; // ($options['reportformat']=='htm' && (isteacher($course->id) || $hotpot->review)); + $allow_review = true; // start the table unset($table); $table->border = 1; diff --git a/mod/hotpot/review.php b/mod/hotpot/review.php index 06f1169654..30e03fed31 100644 --- a/mod/hotpot/review.php +++ b/mod/hotpot/review.php @@ -29,8 +29,10 @@ if (! $attempt = get_record("hotpot_attempts", "id", $attempt)) { error("Attempt ID was incorrect"); } + + $context = get_context_instance(CONTEXT_MODULE, $cm->id); require_login($course->id); - if (!isteacher($course->id)) { + if (!has_capability('mod/hotpot:viewreport',$context)) { if (!$hotpot->review) { error(get_string("noreview", "quiz")); } @@ -58,7 +60,7 @@ print_heading($hotpot->name); hotpot_print_attempt_summary($hotpot, $attempt); hotpot_print_review_buttons($course, $hotpot, $attempt); - $action = isteacher($course->id) ? optional_param('action') : ''; + $action = has_capability('mod/hotpot:viewreport',$context) ? optional_param('action') : ''; if ($action) { $xml = get_field('hotpot_details', 'details', 'attempt', $attempt->id); print '
'; @@ -130,7 +132,7 @@ function hotpot_print_review_buttons(&$course, &$hotpot, &$attempt) { print "\n".''; print "\n\n".'\n".'\n".'
'; print_single_button("report.php?hp=$hotpot->id", NULL, get_string('continue'), 'post'); - if (isteacher($course->id) && record_exists('hotpot_details', 'attempt', $attempt->id)) { + if (has_capability('mod/hotpot:viewreport',$context) && record_exists('hotpot_details', 'attempt', $attempt->id)) { print "'; print_single_button("review.php?hp=$hotpot->id&attempt=$attempt->id&action=showxmlsource", NULL, get_string('showxmlsource', 'hotpot'), 'post'); print "'; diff --git a/mod/hotpot/show.php b/mod/hotpot/show.php index 2905ec256f..c7e2c4d1a4 100644 --- a/mod/hotpot/show.php +++ b/mod/hotpot/show.php @@ -9,7 +9,7 @@ $params->course = required_param('course'); $params->reference = required_param('reference'); require_login($params->course); - if (!isteacher($params->course)) { + if (!has_capability('mod/hotpot:viewreport',get_context_instance(CONTEXT_COURSE, $params->course))) { error("You are not allowed to view this page!"); } if (isadmin()) { diff --git a/mod/hotpot/view.php b/mod/hotpot/view.php index 86b5d7332c..8e2d76f789 100644 --- a/mod/hotpot/view.php +++ b/mod/hotpot/view.php @@ -32,8 +32,10 @@ if (! $cm = get_coursemodule_from_instance("hotpot", $hotpot->id, $course->id)) { error("Course Module ID was incorrect"); } + } require_login($course->id); + $context = get_context_instance(CONTEXT_MODULE, $cm->id); } // set nextpage (for error messages) $nextpage = "$CFG->wwwroot/course/view.php?id=$course->id"; @@ -49,7 +51,7 @@ $loggedinas = ''.user_login_string($course, $USER).''; $time = time(); $hppassword = optional_param('hppassword'); - if (HOTPOT_FIRST_ATTEMPT && !isteacher($course->id)) { + if (HOTPOT_FIRST_ATTEMPT && !has_capability('mod/hotpot:grade', $context)) { // check this quiz is available to this student // error message, if quiz is unavailable $error = ''; diff --git a/mod/survey/details.php b/mod/survey/details.php index a785a64af1..60d0d0e222 100644 --- a/mod/survey/details.php +++ b/mod/survey/details.php @@ -10,9 +10,7 @@ require_login($course->id, false); - if (!isteacher($course->id)) { - error("You can't modify this course!"); - } + require_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $course->id)); $streditingasurvey = get_string("editingasurvey", "survey"); $strsurveys = get_string("modulenameplural", "survey"); diff --git a/mod/survey/download.php b/mod/survey/download.php index 51d8001a4f..1f48351dc0 100644 --- a/mod/survey/download.php +++ b/mod/survey/download.php @@ -17,10 +17,7 @@ } require_login($course->id, false); - - if (!isteacher($course->id)) { - error("Sorry, only teachers can see this."); - } + require_capability('mod/survey:download', get_context_instance(CONTEXT_MODULE, $cm->id)) ; if (! $survey = get_record("survey", "id", $cm->instance)) { error("Survey ID was incorrect"); diff --git a/mod/survey/graph.php b/mod/survey/graph.php index 019261873c..5edc80ad23 100644 --- a/mod/survey/graph.php +++ b/mod/survey/graph.php @@ -21,8 +21,9 @@ require_login($course->id, false, $cm); $groupmode = groupmode($course, $cm); // Groups are being used + $context = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!isteacher($course->id)) { + if (!has_capability('mod/survey:readresponses', $context)) { if ($type != "student.png" or $sid != $USER->id ) { error("Sorry, you aren't allowed to see this."); } else if ($groupmode and !ismember($group)) {