From: tjhunt Date: Tue, 18 Dec 2007 16:12:11 +0000 (+0000) Subject: MDL-12635 - Manual grading report does not check capabilites - also, only show the... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=f4850b7e52c35d4892a9553c0aaf1f89de365c61;p=moodle.git MDL-12635 - Manual grading report does not check capabilites - also, only show the tabs for the reports people can access. Merged from MOODLE_19_STABLE. --- diff --git a/lang/en_utf8/quiz_grading.php b/lang/en_utf8/quiz_grading.php index f006a28ee1..672487e23a 100644 --- a/lang/en_utf8/quiz_grading.php +++ b/lang/en_utf8/quiz_grading.php @@ -4,5 +4,6 @@ $string['essayonly'] = 'The following questions need to be graded manually'; $string['grading'] = 'Manual grading'; +$string['gradingnotallowed'] = 'You do not have permission to manually grade responses in this quiz'; ?> diff --git a/mod/quiz/report/grading/report.php b/mod/quiz/report/grading/report.php index e38d10fe49..3298bcd7ee 100644 --- a/mod/quiz/report/grading/report.php +++ b/mod/quiz/report/grading/report.php @@ -34,6 +34,13 @@ class quiz_report extends quiz_default_report { $this->print_header_and_tabs($cm, $course, $quiz, $reportmode="grading"); + // Check permissions + $context = get_context_instance(CONTEXT_MODULE, $cm->id); + if (!has_capability('mod/quiz:grade', $context)) { + notify(get_string('gradingnotallowed', 'quiz_grading')); + return true; + } + if (!empty($questionid)) { if (! $question = get_record('question', 'id', $questionid)) { error("Question with id $questionid not found"); diff --git a/mod/quiz/tabs.php b/mod/quiz/tabs.php index 835107ea81..55d3b96f09 100644 --- a/mod/quiz/tabs.php +++ b/mod/quiz/tabs.php @@ -51,9 +51,15 @@ if ($currenttab == 'reports' and isset($mode)) { $inactive[] = 'reports'; $activated[] = 'reports'; - $allreports = get_list_of_plugins("mod/quiz/report"); - $reportlist = array ('overview', 'regrade', 'grading', 'analysis'); // Standard reports we want to show first + // Standard reports we want to show first. + $reportlist = array ('overview', 'regrade', 'grading', 'analysis'); + // Reports that are restricted by capability. + $reportrestrictions = array( + 'regrade' => 'mod/quiz:grade', + 'grading' => 'mod/quiz:grade' + ); + $allreports = get_list_of_plugins("mod/quiz/report"); foreach ($allreports as $report) { if (!in_array($report, $reportlist)) { $reportlist[] = $report; @@ -63,10 +69,12 @@ if ($currenttab == 'reports' and isset($mode)) { $row = array(); $currenttab = ''; foreach ($reportlist as $report) { - $row[] = new tabobject($report, "$CFG->wwwroot/mod/quiz/report.php?q=$quiz->id&mode=$report", - get_string($report, 'quiz_'.$report)); - if ($report == $mode) { - $currenttab = $report; + if (!isset($reportrestrictions[$report]) || has_capability($reportrestrictions[$report], $context)) { + $row[] = new tabobject($report, "$CFG->wwwroot/mod/quiz/report.php?q=$quiz->id&mode=$report", + get_string($report, 'quiz_'.$report)); + if ($report == $mode) { + $currenttab = $report; + } } } $tabs[] = $row;