From: toyomoyo Date: Thu, 7 Sep 2006 08:57:56 +0000 (+0000) Subject: adding capabilities X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=ec7a8b79992cf7edd290670289fccd46124758cc;p=moodle.git adding capabilities --- diff --git a/backup/backup.php b/backup/backup.php index f0e1d36a60..80ab088c91 100644 --- a/backup/backup.php +++ b/backup/backup.php @@ -17,17 +17,17 @@ require_login(); if (!empty($id)) { - if (!isteacheredit($id)) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $id))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } if (!empty($to)) { - if (!isteacheredit($to)) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $to))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } @@ -95,7 +95,7 @@ } //Print header - if (isadmin()) { + if (has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) { print_header("$site->shortname: $strcoursebackup", $site->fullname, "wwwroot/$CFG->admin/index.php\">$stradministration -> $strcoursebackup -> $course->fullname ($course->shortname)"); diff --git a/backup/backup_check.html b/backup/backup_check.html index 1c5fab37ff..af5e194c38 100644 --- a/backup/backup_check.html +++ b/backup/backup_check.html @@ -5,17 +5,17 @@ require_login(); if (!empty($course->id)) { - if (!isteacheredit($course->id)) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) { if (empty($to)) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } else { - if (!isteacheredit($to)) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $to))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } diff --git a/backup/backup_execute.html b/backup/backup_execute.html index 826658605f..4276c885be 100644 --- a/backup/backup_execute.html +++ b/backup/backup_execute.html @@ -5,7 +5,7 @@ require_login(); if (!empty($course->id)) { - if (!isteacheredit($course->id)) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) { if (empty($to)) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } else { @@ -15,7 +15,7 @@ } } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } diff --git a/backup/backup_form.html b/backup/backup_form.html index be46e84668..e098dd69c6 100644 --- a/backup/backup_form.html +++ b/backup/backup_form.html @@ -5,17 +5,17 @@ require_login(); if (!empty($course->id)) { - if (!isteacheredit($course->id)) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) { if (empty($to)) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } else { - if (!isteacheredit($to)) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $to))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } diff --git a/backup/log.php b/backup/log.php index 8fa89ec10c..456f1f2ddb 100644 --- a/backup/log.php +++ b/backup/log.php @@ -8,9 +8,7 @@ require_login(); - if (!isadmin()) { - error("Only an admin can use this page"); - } + require_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID)); if (!$site = get_site()) { error("Site isn't defined!"); diff --git a/backup/restore.php b/backup/restore.php index 9028c5d9d4..2bb1be7aed 100644 --- a/backup/restore.php +++ b/backup/restore.php @@ -50,17 +50,17 @@ } if (!empty($id)) { - if (!isteacheredit($id)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) { if (empty($to)) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } else { - if (!isteacheredit($to)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $to))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } @@ -117,7 +117,7 @@ } //Print header - if (isadmin()) { + if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) { print_header("$site->shortname: $strcourserestore", $site->fullname, "wwwroot/$CFG->admin/index.php\">$stradministration -> $strcourserestore -> ".basename($file)); diff --git a/backup/restore_check.html b/backup/restore_check.html index 992c8ba745..e97182335f 100644 --- a/backup/restore_check.html +++ b/backup/restore_check.html @@ -124,11 +124,11 @@ //Check admin if (!empty($id)) { - if (!isteacheredit($id)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } @@ -150,7 +150,7 @@ // 2-New course: Create the restore object and launch the execute. //If the user is a teacher and not a creator - if (isteacheredit($id) and !iscreator()) { + if (!has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $restore->course_id = $id; if ($restore->restoreto == 0) { $restore->deleting = true; @@ -160,7 +160,7 @@ } //If the user is a creator (or admin) - if (iscreator()) { + if (has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) { //Set restore->deleting as needed if ($restore->restoreto == 0) { $restore->deleting = true; @@ -170,7 +170,7 @@ } //Now, select the course if needed - if (($restore->restoreto == 0 or $restore->restoreto == 1) and ($restore->course_id == 0) and (iscreator())) { + if (($restore->restoreto == 0 or $restore->restoreto == 1) and ($restore->course_id == 0) and has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) { if ($courses = get_courses("all","c.fullname","c.id,c.fullname,c.shortname,c.visible")) { print_heading(get_string("choosecourse")); print_simple_box_start("center"); @@ -193,7 +193,7 @@ //Checks everything and execute restore } else if ((($restore->restoreto == 0 or $restore->restoreto == 1) and ($restore->course_id != 0)) or ($restore->restoreto == 2)) { //Final access control check - if ($restore->course_id == 0 and !iscreator()) { + if ($restore->course_id == 0 and !has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be a creator or admin to restore into new course!"); } else if ($restore->course_id != 0 and !isteacheredit($restore->course_id)) { error("You need to be an edit teacher or admin to restore into selected course!"); diff --git a/backup/restore_execute.html b/backup/restore_execute.html index ab14271c2f..5cfe1574fd 100644 --- a/backup/restore_execute.html +++ b/backup/restore_execute.html @@ -22,17 +22,17 @@ //Check admin if (!empty($id)) { - if (!isteacheredit($id)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COUESE, $id))) { if (empty($to)) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } else { - if (!isteacheredit($to)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COUESE, $to))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } diff --git a/backup/restore_form.html b/backup/restore_form.html index 8eca8a675c..9197809aee 100644 --- a/backup/restore_form.html +++ b/backup/restore_form.html @@ -23,11 +23,11 @@ //Check admin if (!empty($id)) { - if (!isteacheredit($id)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COUESE, $id))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } @@ -92,10 +92,10 @@ } if (!isset($restore_restoreto)) { - if (isteacheredit($id) and !isadmin()) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $restore_restoreto = 1; } - if (isadmin()) { + if (has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) { $restore_restoreto = 2; } } @@ -157,7 +157,7 @@ function selectItemInCheckboxByName(formId, checkName, checked ) { echo ""; echo get_string("restoreto").":"; echo ""; - if (isteacheredit($id) and !iscreator()) { + if (!has_capability('moodle/course:create', get_context_instance(CONTEXT_COUESE, $id))) { $restore_restoreto_options[0] = get_string("currentcoursedeleting"); $restore_restoreto_options[1] = get_string("currentcourseadding"); } diff --git a/backup/restore_precheck.html b/backup/restore_precheck.html index ecf6def04a..777e24c210 100644 --- a/backup/restore_precheck.html +++ b/backup/restore_precheck.html @@ -14,17 +14,17 @@ //Check admin if (!empty($id)) { - if (!isteacheredit($id)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) { if (empty($to)) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } else { - if (!isteacheredit($to)) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $to))) { error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } } } else { - if (!isadmin()) { + if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) { error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); } } diff --git a/backup/restorelib.php b/backup/restorelib.php index f9696c485f..7d3d5d569d 100644 --- a/backup/restorelib.php +++ b/backup/restorelib.php @@ -634,7 +634,7 @@ //Second shot. Try to obtain any concordant category and check its publish status and editing rights } else if ($fcats = get_records('question_categories', $searchfield, $searchvalue, 'id', 'id, publish, course')) { foreach ($fcats as $fcat) { - if ($fcat->publish == 1 && isteacheredit($fcat->course)) { + if ($fcat->publish == 1 && has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $fcat->course))) { $found = $fcat->id; break; } diff --git a/backup/try.php b/backup/try.php index 34ad2ff407..967feffe3a 100644 --- a/backup/try.php +++ b/backup/try.php @@ -7,9 +7,7 @@ require_login(); - if (!isadmin()) { - error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php"); - } + require_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID)); //Check site if (!$site = get_site()) { diff --git a/blocks/course_list/block_course_list.php b/blocks/course_list/block_course_list.php index 01ded849fd..aa7221e077 100644 --- a/blocks/course_list/block_course_list.php +++ b/blocks/course_list/block_course_list.php @@ -80,7 +80,7 @@ class block_course_list extends block_list { $this->content->items = array(); $this->content->icons = array(); $this->content->footer = get_string('nocoursesyet').'

'; - if (iscreator()) { + if (has_capability('moodle/course:create', get_context_instance(CONTEXT_COURSECAT, $category->id))) { $this->content->footer .= ''.get_string("addnewcourse").'...'; } } diff --git a/course/delete.php b/course/delete.php index 5ba165baca..c0f6fc332f 100644 --- a/course/delete.php +++ b/course/delete.php @@ -8,9 +8,7 @@ require_login(); - if (!isadmin()) { - error("You must be an administrator to use this page."); - } + require_capability('moodle/course:delete', get_context_instance(CONTEXT_SYSTEM, SITEID)); if (!$site = get_site()) { error("Site not found!"); diff --git a/course/edit.html b/course/edit.html index 06a163abfe..71bfcf3506 100644 --- a/course/edit.html +++ b/course/edit.html @@ -54,7 +54,7 @@ ?>
- +category))) { ?>
: " />
- +category))) { ?> diff --git a/course/lib.php b/course/lib.php index e6b8e9c999..d5b99996d4 100644 --- a/course/lib.php +++ b/course/lib.php @@ -1332,7 +1332,7 @@ function print_whole_category_list($category=NULL, $displaylist=NULL, $parentsli } if ($category) { - if ($category->visible or iscreator()) { + if ($category->visible or has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { print_category_info($category, $depth, $files); } else { return; // Don't bother printing children of invisible categories diff --git a/course/teacher.php b/course/teacher.php index 464dcac854..142ca2e759 100644 --- a/course/teacher.php +++ b/course/teacher.php @@ -1,6 +1,8 @@ name = $name; $role->description = $description; - + + $context = get_context_instance(CONTEXT_SYSTEM, SITEID); + if ($id = insert_record('role', $role)) { - if ($legacy) { - $context = get_context_instance(CONTEXT_SYSTEM, SITEID); + if ($legacy) { assign_capability($legacy, CAP_ALLOW, $id, $context->id); } + + /// By default, users with role:manage at site level + /// should be able to assign users to this new role, and override this new role's capabilities + + // find all admin roles + $adminroles = get_roles_with_capability('moodle/role:manage', CAP_ALLOW, $context); + // foreach admin role + foreach ($adminroles as $arole) { + // write allow_assign and allow_overrid + allow_assign($arole->id, $id); + allow_override($arole->id, $id); + } + return $id; } else { return false; @@ -1054,7 +1068,6 @@ function create_role($name, $description, $legacy='') { } - /** * Function to write context specific overrides, or default capabilities. * @param module - string name @@ -1109,15 +1122,27 @@ function unassign_capability($capability, $roleid, $contextid=NULL) { * either CAP_ALLOW, CAP_PREVENT or CAP_PROHIBIT * @return array or role objects */ -function get_roles_with_capability($capability, $permission=NULL) { - +function get_roles_with_capability($capability, $permission=NULL, $context='') { + global $CFG; + if ($context) { + if ($contexts = get_parent_contexts($context)) { + $listofcontexts = '('.implode(',', $contexts).')'; + } else { + $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); + $listofcontexts = '('.$sitecontext->id.')'; // must be site + } + $contextstr = "AND (rc.contextid = '.$context->id.' OR rc.contextid IN $listofcontexts)"; + } else { + $contextstr = ''; + } + $selectroles = "SELECT r.* FROM {$CFG->prefix}role AS r, {$CFG->prefix}role_capabilities AS rc WHERE rc.capability = '$capability' - AND rc.roleid = r.id"; + AND rc.roleid = r.id $contextstr"; if (isset($permission)) { $selectroles .= " AND rc.permission = '$permission'"; @@ -2008,7 +2033,7 @@ function get_users_by_capability($context, $capability, $fields='u.*', $sort='', global $CFG; // first get all roles with this capability in this context, or above - $possibleroles = get_roles_with_capability($capability, CAP_ALLOW); + $possibleroles = get_roles_with_capability($capability, CAP_ALLOW, $context); $validroleids = array(); foreach ($possibleroles as $prole) { $caps = role_context_capabilities($prole->id, $context, $capability); // resolved list @@ -2017,6 +2042,7 @@ function get_users_by_capability($context, $capability, $fields='u.*', $sort='', } } + /// the following few lines may not be needed if ($usercontexts = get_parent_contexts($context)) { $listofcontexts = '('.implode(',', $usercontexts).')'; } else { @@ -2028,7 +2054,7 @@ function get_users_by_capability($context, $capability, $fields='u.*', $sort='', $select = ' SELECT '.$fields; $from = ' FROM '.$CFG->prefix.'user u LEFT JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id '; - $where = ' WHERE (ra.contextid = '.$context->id.' OR ra.contextid in '.$listofcontexts.') AND u.deleted = 0 AND ra.roleid in '.$roleids.' '; + $where = ' WHERE (ra.contextid = '.$context->id.' OR ra.contextid in '.$listofcontexts.') AND u.deleted = 0 AND ra.roleid in '.$roleids.' '; return get_records_sql($select.$from.$where.$sort, $limitfrom, $limitnum); diff --git a/lib/db/access.php b/lib/db/access.php index 8471940c6c..7ea3b1e206 100644 --- a/lib/db/access.php +++ b/lib/db/access.php @@ -716,6 +716,19 @@ $moodle_capabilities = array( ) ), + 'moodle/user:editprofile' => array( + 'captype' => 'read', + 'contextlevel' => CONTEXT_USERID, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_PREVENT, + 'coursecreator' => CAP_PREVENT, + 'admin' => CAP_ALLOW + ) + ), + 'moodle/question:import' => array( 'captype' => 'write', 'contextlevel' => CONTEXT_COURSE, diff --git a/lib/weblib.php b/lib/weblib.php index 083a1388e9..24e4867cdc 100644 --- a/lib/weblib.php +++ b/lib/weblib.php @@ -3003,6 +3003,7 @@ function print_user($user, $course, $messageselect=false, $return=false) { static $isteacher; static $isadmin; + $context = get_context_instance(CONTEXT_COURSE, $course->id); if (empty($string)) { // Cache all the strings for the rest of the page $string->email = get_string('email'); @@ -3044,7 +3045,7 @@ function print_user($user, $course, $messageselect=false, $return=false) { $output .= print_user_picture($user->id, $course->id, $user->picture, true, true); $output .= ''; $output .= ''; - $output .= '
'.fullname($user, $isteacher).'
'; + $output .= '
'.fullname($user, has_capability('moodle/site:viewfullnames', $context)).'
'; $output .= '
'; if (!empty($user->role) and ($user->role <> $course->teacher)) { $output .= $string->role .': '. $user->role .'
'; @@ -3141,16 +3142,16 @@ function print_group_picture($group, $courseid, $large=false, $return=false, $li } static $isteacheredit; - + $context = get_context_instance(CONTEXT_COURSE, $courseid); if (!isset($isteacheredit)) { $isteacheredit = isteacheredit($courseid); } - if ($group->hidepicture and !$isteacheredit) { + if ($group->hidepicture and !has_capability('moodle/course:managegroups', $context)) { return ''; } - if ($link or $isteacheredit) { + if ($link or has_capability('moodle/site:accessallgroups', $context)) { $output = ''; } else { $output = ''; @@ -3171,7 +3172,7 @@ function print_group_picture($group, $courseid, $large=false, $return=false, $li ' border="0" width="'.$size.'" height="'.$size.'" alt="" title="'.s($group->name).'"/>'; } } - if ($link or $isteacheredit) { + if ($link or has_capability('moodle/site:accessallgroups', $context)) { $output .= ''; } @@ -3664,7 +3665,7 @@ function update_course_icon($courseid) { global $CFG, $USER; - if (isteacheredit($courseid)) { + if (has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_COURSE, $courseid))) { if (!empty($USER->editing)) { $string = get_string('turneditingoff'); $edit = '0'; @@ -3717,7 +3718,7 @@ function update_module_button($moduleid, $courseid, $string) { global $CFG, $USER; - if (isteacheredit($courseid)) { + if (has_capability('moodle/course:manageactivities', get_context_instance(CONTEXT_MODULE, $moduleid))) { $string = get_string('updatethis', '', $string); return "framename\" method=\"get\" action=\"$CFG->wwwroot/course/mod.php\">". "". @@ -3741,7 +3742,7 @@ function update_module_button($moduleid, $courseid, $string) { function update_category_button($categoryid) { global $CFG, $USER; - if (iscreator()) { + if (has_capability('moodle/category:update', get_context_instance(CONTEXT_COURSECAT, $categoryid))) { if (!empty($USER->categoryediting)) { $string = get_string('turneditingoff'); $edit = 'off'; @@ -3767,7 +3768,7 @@ function update_category_button($categoryid) { function update_categories_button() { global $CFG, $USER; - if (isadmin()) { + if (has_capability('moodle/category:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { if (!empty($USER->categoryediting)) { $string = get_string('turneditingoff'); $categoryedit = 'off'; @@ -3790,7 +3791,8 @@ function update_categories_button() { function update_categories_search_button($search,$page,$perpage) { global $CFG, $USER; - if (isadmin()) { + // not sure if this capability is the best here + if (has_capability('moodle/category:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) { if (!empty($USER->categoryediting)) { $string = get_string("turneditingoff"); $edit = "off"; @@ -3821,7 +3823,7 @@ function update_categories_search_button($search,$page,$perpage) { function update_group_button($courseid, $groupid) { global $CFG, $USER; - if (isteacheredit($courseid)) { + if (has_capability('moodle/course:managegroups', get_context_instance(CONTEXT_GROUP, $groupid))) { $string = get_string('editgroupprofile'); return "framename\" method=\"get\" action=\"$CFG->wwwroot/course/group.php\">". ''. @@ -3843,7 +3845,7 @@ function update_group_button($courseid, $groupid) { function update_groups_button($courseid) { global $CFG, $USER; - if (isteacheredit($courseid)) { + if (has_capability('moodle/course:managegroups', get_context_instance(CONTEXT_COURSE, $courseid))) { if (!empty($USER->groupsediting)) { $string = get_string('turneditingoff'); $edit = 'off'; @@ -3969,7 +3971,7 @@ function navmenu($course, $cm=NULL, $targetwindow='self') { if ($mod->section > 0 and $section <> $mod->section) { $thissection = $sections[$mod->section]; - if ($thissection->visible or !$course->hiddensections or $isteacher) { + if ($thissection->visible or !$course->hiddensections or has_capability('moodle/course:viewhiddensections', get_context_instance(CONTEXT_COURSE, $course->id))) { $thissection->summary = strip_tags(format_string($thissection->summary,true)); if ($course->format == 'weeks' or empty($thissection->summary)) { $menu[] = '-------------- '. $strsection ." ". $mod->section .' --------------'; @@ -3986,7 +3988,7 @@ function navmenu($course, $cm=NULL, $targetwindow='self') { $section = $mod->section; //Only add visible or teacher mods to jumpmenu - if ($mod->visible or $isteacher) { + if ($mod->visible or has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_MODULE, $mod->id))) { $url = $mod->mod .'/view.php?id='. $mod->cm; if ($flag) { // the current mod is the "next" mod $nextmod = $mod; @@ -4012,7 +4014,7 @@ function navmenu($course, $cm=NULL, $targetwindow='self') { $previousmod = $mod; } } - if ($selectmod and $isteacher) { + if ($selectmod and has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $course->id))) { $logslink = "framename\" href=". "\"$CFG->wwwroot/course/report/log/index.php?chooselog=1&user=0&date=0&id=$course->id&modid=$selectmod->cm\">". "pixpath/i/log.gif\" alt=\"\" />"; @@ -4098,7 +4100,7 @@ function navmenulist($course, $sections, $modinfo, $isteacher, $strsection, $str $section = $mod->section; //Only add visible or teacher mods to jumpmenu - if ($mod->visible or $isteacher) { + if ($mod->visible or has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_MODULE, $mod->id))) { $url = $mod->mod .'/view.php?id='. $mod->cm; if ($flag) { // the current mod is the "next" mod $nextmod = $mod; diff --git a/theme/preview.php b/theme/preview.php index 819151ba64..dbd44096ef 100644 --- a/theme/preview.php +++ b/theme/preview.php @@ -14,9 +14,7 @@ require_login(); - if (!isadmin()) { - error("You must be an administrator to change themes."); - } + require_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID)); $CFG->theme = $preview; diff --git a/user/tabs.php b/user/tabs.php index 0299c007e8..f50bd124c6 100644 --- a/user/tabs.php +++ b/user/tabs.php @@ -96,7 +96,7 @@ $mainadmin->id = 0; /// Weird - no primary admin! } if ((!empty($USER->id) and ($USER->id == $user->id) and !isguest()) or - (isadmin() and ($user->id != $mainadmin->id)) ) { + (has_capability('moodle/user:editprofile', get_context_instance(CONTEXT_USERID, $user->id)) and ($user->id != $mainadmin->id)) ) { if(empty($CFG->loginhttps)) { $wwwroot = $CFG->wwwroot; diff --git a/userpix/index.php b/userpix/index.php index a744cfb567..3340d97fe0 100644 --- a/userpix/index.php +++ b/userpix/index.php @@ -11,11 +11,8 @@ require_login(); /// Remove the following three lines if you want everyone to access it - if (!isadmin()) { - error("Currently only the administrator can access this page!"); - } + require_capability('moodle/site:config', get_context_instance(CONTEXT_SITE, SITEID)); - if (!$users = get_records("user", "picture", "1", "lastaccess DESC", "id,firstname,lastname")) { error("no users!"); } diff --git a/userpix/upgrade.php b/userpix/upgrade.php index 95e6b124b0..da197e5748 100644 --- a/userpix/upgrade.php +++ b/userpix/upgrade.php @@ -7,10 +7,7 @@ require_login(); - if (!isadmin()) { - error("Currently only the administrator can access this page!"); - } - + require_capability('moodle/site:config', get_context_instance(CONTEXT_SITE, SITEID)); if (!$users = get_records("user", "picture", "1", "lastaccess DESC", "id,firstname,lastname")) { error("no users!");