From: robertall Date: Thu, 12 Jun 2008 13:55:46 +0000 (+0000) Subject: [MDL-8407] Make the default role required to export database records weaker (use... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=86be772077e578a69b7363ebdb8716d266463947;p=moodle.git [MDL-8407] Make the default role required to export database records weaker (use the 1.9 mod/data capability "viewalluserpresets"). Merged from MOODLE_19_STABLE. --- diff --git a/mod/data/export.php b/mod/data/export.php index a3e8fdba1b..3f1ec03bb1 100644 --- a/mod/data/export.php +++ b/mod/data/export.php @@ -30,7 +30,7 @@ if (! $context = get_context_instance(CONTEXT_MODULE, $cm->id)) { } require_login($course->id, false, $cm); -require_capability('mod/data:managetemplates', $context); +require_capability(DATA_CAP_EXPORT, $context); // get fields for this database $fieldrecords = $DB->get_records('data_fields', array('dataid'=>$data->id), 'id'); @@ -67,7 +67,6 @@ if($mform->is_cancelled()) { $groupmode = groups_get_activity_groupmode($cm); $currenttab = 'export'; include('tabs.php'); - $mform->display(); print_footer(); die; @@ -80,7 +79,7 @@ foreach($fields as $key => $field) { if(empty($formdata['field_'.$field->field->id])) { // ignore values we aren't exporting unset($fields[$key]); - } else{ + } else { $exportdata[0][] = $field->field->name; } } diff --git a/mod/data/lib.php b/mod/data/lib.php index dfd631ce5a..1a3a44372b 100755 --- a/mod/data/lib.php +++ b/mod/data/lib.php @@ -25,13 +25,17 @@ // Some constants define ('DATA_MAX_ENTRIES', 50); define ('DATA_PERPAGE_SINGLE', 1); - define ('DATA_FIRSTNAME', -1); define ('DATA_LASTNAME', -2); define ('DATA_APPROVED', -3); define ('DATA_TIMEADDED', 0); define ('DATA_TIMEMODIFIED', -4); +define ('DATA_CAP_EXPORT', 'mod/data:viewalluserpresets'); +// Users having assigned the default role "Non-editing teacher" can export database records +// Using the mod/data capability "viewalluserpresets" for Moodle 1.9.x, so no change in the role system is required. +// In Moodle >= 2, new roles may be introduced and used instead. + class data_field_base { // Base class for Database Field Types (see field/*/field.class.php) var $type = 'unknown'; // Subclasses must override the type with their name @@ -44,12 +48,14 @@ class data_field_base { // Base class for Database Field Types (see field/*/ // Constructor function function data_field_base($field=0, $data=0) { // Field or data or both, each can be id or object +<<<<<<< lib.php global $DB; +======= +>>>>>>> 1.137.2.35 if (empty($field) && empty($data)) { error('Programmer error: You must specify field and/or data when defining field class. '); } - if (!empty($field)) { if (is_object($field)) { $this->field = $field; // Programmer knows what they are doing, we hope @@ -62,7 +68,6 @@ class data_field_base { // Base class for Database Field Types (see field/*/ } } } - if (empty($this->data)) { // We need to define this properly if (!empty($data)) { if (is_object($data)) { @@ -74,7 +79,6 @@ class data_field_base { // Base class for Database Field Types (see field/*/ error('Data id or object must be provided to field class'); } } - if (empty($this->field)) { // We need to define some default values $this->define_default_field(); } @@ -95,11 +99,10 @@ class data_field_base { // Base class for Database Field Types (see field/*/ $this->field->param3 = ''; $this->field->name = ''; $this->field->description = ''; - return true; } -// Set up the field object according to data in an object. Now is the time to clean it! +// Set up the field object according to data in an object. Now is the time to clean it! function define_field($data) { $this->field->type = $this->type; $this->field->dataid = $this->data->id; @@ -243,9 +246,13 @@ class data_field_base { // Base class for Database Field Types (see field/*/ } // Update the content of one data field in the data_content table +<<<<<<< lib.php function update_content($recordid, $value, $name=''){ global $DB; +======= + function update_content($recordid, $value, $name='') { +>>>>>>> 1.137.2.35 $content = new object(); $content->fieldid = $this->field->id; $content->recordid = $recordid; @@ -342,12 +349,12 @@ class data_field_base { // Base class for Database Field Types (see field/*/ } -/***************************************************************************** -/* Given a template and a dataid, generate a default case template * - * input @param template - addtemplate, singletemplate, listtempalte, rsstemplate* - * @param dataid * - * output null * - *****************************************************************************/ +/* +/* Given a template and a dataid, generate a default case template + * input @param template - addtemplate, singletemplate, listtempalte, rsstemplate + * @param dataid + * output null + */ function data_generate_default_template(&$data, $template, $recordid=0, $form=false, $update=true) { global $DB; @@ -492,14 +499,18 @@ function data_append_new_field_to_templates($data, $newfieldname) { /************************************************************************ - * given a field name * + * given a field name * * this function creates an instance of the particular subfield class * ************************************************************************/ function data_get_field_from_name($name, $data){ +<<<<<<< lib.php global $DB; $field = $DB->get_record('data_fields', array('name'=>$name)); +======= + $field = get_record('data_fields','name',$name); +>>>>>>> 1.137.2.35 if ($field) { return data_get_field($field, $data); } else { @@ -508,14 +519,19 @@ function data_get_field_from_name($name, $data){ } /************************************************************************ - * given a field id * + * given a field id * * this function creates an instance of the particular subfield class * ************************************************************************/ +<<<<<<< lib.php function data_get_field_from_id($fieldid, $data){ global $DB; $field = $DB->get_record('data_fields', array('id'=>$fieldid)); +======= +function data_get_field_from_id($fieldid, $data) { + $field = get_record('data_fields','id',$fieldid); +>>>>>>> 1.137.2.35 if ($field) { return data_get_field($field, $data); } else { @@ -524,12 +540,11 @@ function data_get_field_from_id($fieldid, $data){ } /************************************************************************ - * given a field id * + * given a field id * * this function creates an instance of the particular subfield class * ************************************************************************/ function data_get_field_new($type, $data) { global $CFG; - require_once($CFG->dirroot.'/mod/data/field/'.$type.'/field.class.php'); $newfield = 'data_field_'.$type; $newfield = new $newfield(0, $data); @@ -543,7 +558,6 @@ function data_get_field_new($type, $data) { ************************************************************************/ function data_get_field($field, $data) { global $CFG; - if ($field) { require_once('field/'.$field->type.'/field.class.php'); $newfield = 'data_field_'.$field->type; @@ -559,8 +573,12 @@ function data_get_field($field, $data) { * output bool * ***************************************************************************/ function data_isowner($rid){ +<<<<<<< lib.php global $USER, $DB; +======= + global $USER; +>>>>>>> 1.137.2.35 if (empty($USER->id)) { return false; } @@ -577,10 +595,9 @@ function data_isowner($rid){ * input object $data * * output bool * ***********************************************************************/ -function data_atmaxentries($data){ - if (!$data->maxentries){ +function data_atmaxentries($data) { + if (!$data->maxentries) { return false; - } else { return (data_numentries($data) >= $data->maxentries); } @@ -592,10 +609,18 @@ function data_atmaxentries($data){ * uses global $CFG, $USER * * output int * **********************************************************************/ +<<<<<<< lib.php function data_numentries($data){ global $USER, $CFG, $DB; $sql = 'SELECT COUNT(*) FROM {data_records} WHERE dataid=? AND userid=?'; return $DB->count_records_sql($sql, array($data->id, $USER->id)); +======= +function data_numentries($data) { + global $USER; + global $CFG; + $sql = 'SELECT COUNT(*) FROM '.$CFG->prefix.'data_records WHERE dataid='.$data->id.' AND userid='.$USER->id; + return count_records_sql($sql); +>>>>>>> 1.137.2.35 } /**************************************************************** @@ -604,12 +629,16 @@ function data_numentries($data){ * input @param int $dataid, $groupid * * output bool * ****************************************************************/ +<<<<<<< lib.php function data_add_record($data, $groupid=0){ global $USER, $DB; +======= +function data_add_record($data, $groupid=0) { + global $USER; +>>>>>>> 1.137.2.35 $cm = get_coursemodule_from_instance('data', $data->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - $record = new object(); $record->userid = $USER->id; $record->dataid = $data->id; @@ -632,16 +661,20 @@ function data_add_record($data, $groupid=0){ * @param string $template * * output bool * *******************************************************************/ +<<<<<<< lib.php function data_tags_check($dataid, $template) { global $DB; +======= +function data_tags_check($dataid, $template) { +>>>>>>> 1.137.2.35 // first get all the possible tags $fields = $DB->get_records('data_fields', array('dataid'=>$dataid)); // then we generate strings to replace $tagsok = true; // let's be optimistic - foreach ($fields as $field){ + foreach ($fields as $field) { $pattern="/\[\[".$field->name."\]\]/i"; - if (preg_match_all($pattern, $template, $dummy)>1){ + if (preg_match_all($pattern, $template, $dummy)>1) { $tagsok = false; notify ('[['.$field->name.']] - '.get_string('multipletags','data')); } @@ -654,20 +687,27 @@ function data_tags_check($dataid, $template) { * Adds an instance of a data * ************************************************************************/ function data_add_instance($data) { +<<<<<<< lib.php global $CFG, $DB; +======= + global $CFG; +>>>>>>> 1.137.2.35 if (empty($data->assessed)) { $data->assessed = 0; } $data->timemodified = time(); +<<<<<<< lib.php if (! $data->id = $DB->insert_record('data', $data)) { +======= + if (! $data->id = insert_record('data', $data)) { +>>>>>>> 1.137.2.35 return false; } data_grade_item_update($data); - return $data->id; } @@ -675,27 +715,32 @@ function data_add_instance($data) { * updates an instance of a data * ************************************************************************/ function data_update_instance($data) { +<<<<<<< lib.php global $CFG, $DB; +======= + global $CFG; +>>>>>>> 1.137.2.35 $data->timemodified = time(); - $data->id = $data->instance; + $data->id = $data->instance; if (empty($data->assessed)) { $data->assessed = 0; } - if (empty($data->notification)) { $data->notification = 0; } +<<<<<<< lib.php if (! $DB->update_record('data', $data)) { +======= + if (! update_record('data', $data)) { +>>>>>>> 1.137.2.35 return false; } data_grade_item_update($data); - return true; - } /************************************************************************ @@ -704,21 +749,32 @@ function data_update_instance($data) { function data_delete_instance($id) { // takes the dataid global $CFG, $DB; +<<<<<<< lib.php if (! $data = $DB->get_record('data', array('id'=>$id))) { +======= + global $CFG; + if (! $data = get_record('data', 'id', $id)) { +>>>>>>> 1.137.2.35 return false; } // Delete all the associated information - // get all the records in this data $sql = 'SELECT c.* FROM {data_records} r LEFT JOIN {data_content} c ON c.recordid = r.id WHERE r.dataid =?'; +<<<<<<< lib.php if ($contents = $DB->get_records_sql($sql, array($id))){ foreach($contents as $content){ $field = $DB->get_record('data_fields', array('id'=>$content->fieldid)); if ($g = data_get_field($field, $data)){ +======= + if ($contents = get_records_sql($sql)) { + foreach($contents as $content) { + $field = get_record('data_fields','id',$content->fieldid); + if ($g = data_get_field($field, $data)) { +>>>>>>> 1.137.2.35 $g->delete_content_files($id, $content->recordid, $content->content); } //delete the content itself @@ -731,11 +787,14 @@ function data_delete_instance($id) { // takes the dataid $DB->delete_records('data_fields', array('dataid'=>$id)); // Delete the instance itself +<<<<<<< lib.php $result = $DB->delete_records('data', array('id'=>$id)); +======= + $result = delete_records('data', 'id', $id); +>>>>>>> 1.137.2.35 data_grade_item_delete($data); - return $result; } @@ -776,11 +835,16 @@ function data_user_complete($course, $user, $mod, $data) { * @return array array of grades, false if none */ function data_get_user_grades($data, $userid=0) { +<<<<<<< lib.php global $CFG, $DB; $user = $userid ? "AND u.id = :userid" : ""; $params = array('userid'=>$userid, 'dataid'=>$data->id); +======= + global $CFG; + $user = $userid ? "AND u.id = $userid" : ""; +>>>>>>> 1.137.2.35 $sql = "SELECT u.id, u.id AS userid, avg(drt.rating) AS rawgrade FROM {user} u, {data_records} dr, {data_ratings} drt @@ -788,8 +852,12 @@ function data_get_user_grades($data, $userid=0) { AND drt.userid != u.id AND dr.dataid = :dataid $user GROUP BY u.id"; +<<<<<<< lib.php return $DB->get_records_sql($sql, $params); +======= + return get_records_sql($sql); +>>>>>>> 1.137.2.35 } /** @@ -805,17 +873,14 @@ function data_update_grades($data=null, $userid=0, $nullifnone=true) { if ($data != null) { if ($grades = data_get_user_grades($data, $userid)) { data_grade_item_update($data, $grades); - } else if ($userid and $nullifnone) { $grade = new object(); $grade->userid = $userid; $grade->rawgrade = NULL; data_grade_item_update($data, $grade); - } else { data_grade_item_update($data); } - } else { $sql = "SELECT d.*, cm.idnumber as cmidnumber FROM {data} d, {course_modules} cm, {modules} m @@ -842,23 +907,25 @@ function data_update_grades($data=null, $userid=0, $nullifnone=true) { */ function data_grade_item_update($data, $grades=NULL) { global $CFG; +<<<<<<< lib.php require_once($CFG->libdir.'/gradelib.php'); +======= + if (!function_exists('grade_update')) { //workaround for buggy PHP versions + require_once($CFG->libdir.'/gradelib.php'); + } +>>>>>>> 1.137.2.35 $params = array('itemname'=>$data->name, 'idnumber'=>$data->cmidnumber); - if (!$data->assessed or $data->scale == 0) { $params['gradetype'] = GRADE_TYPE_NONE; - } else if ($data->scale > 0) { $params['gradetype'] = GRADE_TYPE_VALUE; $params['grademax'] = $data->scale; $params['grademin'] = 0; - } else if ($data->scale < 0) { $params['gradetype'] = GRADE_TYPE_SCALE; $params['scaleid'] = -$data->scale; } - if ($grades === 'reset') { $params['reset'] = true; $grades = NULL; @@ -876,7 +943,6 @@ function data_grade_item_update($data, $grades=NULL) { function data_grade_item_delete($data) { global $CFG; require_once($CFG->libdir.'/gradelib.php'); - return grade_update('mod/data', $data->course, 'mod', 'data', $data->id, 0, NULL, array('deleted'=>1)); } @@ -886,6 +952,7 @@ function data_grade_item_delete($data) { function data_get_participants($dataid) { // Returns the users with data in one data // (users with records in data_records, data_comments and data_ratings) +<<<<<<< lib.php global $CFG, $DB; $records = $DB->get_records_sql("SELECT DISTINCT u.id, u.id @@ -900,24 +967,44 @@ function data_get_participants($dataid) { FROM {user} u, {data_records} r, {data_ratings} a WHERE r.dataid = ? AND u.id = r.userid AND r.id = a.recordid", array($dataid)); +======= + global $CFG; + $records = get_records_sql("SELECT DISTINCT u.id, u.id + FROM {$CFG->prefix}user u, + {$CFG->prefix}data_records r + WHERE r.dataid = '$dataid' + AND u.id = r.userid"); + $comments = get_records_sql("SELECT DISTINCT u.id, u.id + FROM {$CFG->prefix}user u, + {$CFG->prefix}data_records r, + {$CFG->prefix}data_comments c + WHERE r.dataid = '$dataid' + AND u.id = r.userid + AND r.id = c.recordid"); + $ratings = get_records_sql("SELECT DISTINCT u.id, u.id + FROM {$CFG->prefix}user u, + {$CFG->prefix}data_records r, + {$CFG->prefix}data_ratings a + WHERE r.dataid = '$dataid' + AND u.id = r.userid + AND r.id = a.recordid"); +>>>>>>> 1.137.2.35 $participants = array(); - - if ($records){ + if ($records) { foreach ($records as $record) { $participants[$record->id] = $record; } } - if ($comments){ + if ($comments) { foreach ($comments as $comment) { $participants[$comment->id] = $comment; } } - if ($ratings){ + if ($ratings) { foreach ($ratings as $rating) { $participants[$rating->id] = $rating; } } - return $participants; } @@ -932,21 +1019,22 @@ function data_get_participants($dataid) { * output null * ************************************************************************/ function data_print_template($template, $records, $data, $search='',$page=0, $return=false) { +<<<<<<< lib.php global $CFG, $DB; +======= + global $CFG; +>>>>>>> 1.137.2.35 $cm = get_coursemodule_from_instance('data', $data->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - static $fields = NULL; static $isteacher; static $dataid = NULL; - if (empty($dataid)) { $dataid = $data->id; } else if ($dataid != $data->id) { $fields = NULL; } - if (empty($fields)) { $fieldrecords = $DB->get_records('data_fields', array('dataid'=>$data->id)); foreach ($fieldrecords as $fieldrecord) { @@ -954,23 +1042,18 @@ function data_print_template($template, $records, $data, $search='',$page=0, $re } $isteacher = has_capability('mod/data:managetemplates', $context); } - if (empty($records)) { return; } - foreach ($records as $record) { // Might be just one for the single template - // Replacing tags $patterns = array(); $replacement = array(); - // Then we generate strings to replace for normal tags foreach ($fields as $field) { $patterns[]='[['.$field->field->name.']]'; $replacement[] = highlight($search, $field->display_browse_field($record->id, $template)); } - // Replacing special tags (##Edit##, ##Delete##, ##More##) $patterns[]='##edit##'; $patterns[]='##delete##'; @@ -1000,7 +1083,7 @@ function data_print_template($template, $records, $data, $search='',$page=0, $re $replacement [] = userdate($record->timemodified); $patterns[]='##approve##'; - if (has_capability('mod/data:approve', $context) && ($data->approval) && (!$record->approved)){ + if (has_capability('mod/data:approve', $context) && ($data->approval) && (!$record->approved)) { $replacement[] = ''.get_string('approve').''; } else { $replacement[] = ''; @@ -1022,7 +1105,6 @@ function data_print_template($template, $records, $data, $search='',$page=0, $re return $newtext; } else { echo $newtext; - // hack alert - return is always false in singletemplate anyway ;-) /********************************** * Printing Ratings Form * @@ -1030,12 +1112,10 @@ function data_print_template($template, $records, $data, $search='',$page=0, $re if ($template == 'singletemplate') { //prints ratings options data_print_ratings($data, $record); } - /********************************** * Printing Ratings Form * *********************************/ if (($template == 'singletemplate') && ($data->comments)) { //prints ratings options - data_print_comments($data, $record, $page); } } @@ -1056,9 +1136,14 @@ function data_print_template($template, $records, $data, $search='',$page=0, $re * @param string $search * * output null * ************************************************************************/ +<<<<<<< lib.php function data_print_preference_form($data, $perpage, $search, $sort='', $order='ASC', $search_array = '', $advanced = 0, $mode= ''){ global $CFG, $DB; +======= +function data_print_preference_form($data, $perpage, $search, $sort='', $order='ASC', $search_array = '', $advanced = 0, $mode= '') { + global $CFG; +>>>>>>> 1.137.2.35 $cm = get_coursemodule_from_instance('data', $data->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); echo '
'; @@ -1134,7 +1219,6 @@ function data_print_preference_form($data, $perpage, $search, $sort='', $order=' $checked = ''; } print ' -