From 0468976c9a13b98e2ef5c6353804acff173869a5 Mon Sep 17 00:00:00 2001 From: moodler Date: Mon, 14 Aug 2006 05:55:40 +0000 Subject: [PATCH] SWEEPING CLEANUP The API was changed slightly so that has_capability now takes the whole $context object (we almost always have it anyway) The $kill thing was removed. If you want to assert a capability then use: require_capability('capname', $context); with optional variables to modify the error message Misc bugs here and there also removed and code tidied --- admin/config.php | 2 +- admin/configure.php | 2 +- admin/index.php | 2 +- admin/roles/assign.php | 24 +- admin/roles/manage.php | 74 +++---- admin/user.php | 16 +- admin/users.php | 6 +- blocks/admin/block_admin.php | 24 +- blocks/moodleblock.class.php | 2 +- blocks/participants/block_participants.php | 2 +- blog/edit.php | 6 +- blog/index.php | 14 +- blog/lib.php | 10 +- blog/preferences.php | 2 +- blog/tags.html | 4 +- blog/tags.php | 10 +- course/category.php | 12 +- course/edit.php | 4 +- course/group.php | 2 +- course/groups.php | 2 +- course/index.php | 12 +- course/lib.php | 2 +- course/mod.php | 22 +- course/scales.php | 14 +- lib/accesslib.php | 205 +++++++++--------- lib/moodlelib.php | 37 ++-- mod/assignment/lib.php | 6 +- .../type/online/assignment.class.php | 4 +- .../type/uploadsingle/assignment.class.php | 4 +- mod/chat/gui_header_js/index.php | 8 +- mod/chat/lib.php | 2 +- mod/chat/report.php | 22 +- mod/chat/view.php | 8 +- mod/choice/lib.php | 12 +- mod/choice/report.php | 87 ++++---- mod/choice/view.php | 8 +- mod/data/comment.php | 2 +- mod/data/field.php | 2 +- mod/data/import.php | 4 +- mod/data/lib.php | 14 +- mod/data/tabs.php | 4 +- mod/data/templates.php | 18 +- mod/data/view.php | 16 +- mod/exercise/assessments.php | 30 +-- mod/exercise/view.php | 4 +- mod/forum/discuss.php | 18 +- mod/forum/index.php | 10 +- mod/forum/lib.php | 38 ++-- mod/forum/post.html | 4 +- mod/forum/post.php | 28 +-- mod/forum/rate.php | 4 +- mod/forum/report.php | 4 +- mod/forum/search.php | 4 +- mod/forum/subscribe.php | 8 +- mod/forum/subscribers.php | 4 +- mod/forum/user.php | 2 +- mod/forum/view.php | 16 +- mod/glossary/approve.php | 2 +- mod/glossary/comment.php | 8 +- mod/glossary/comments.php | 2 +- mod/glossary/deleteentry.php | 2 +- mod/glossary/edit.php | 14 +- mod/glossary/editcategories.php | 2 +- mod/glossary/export.php | 2 +- mod/glossary/exportentry.php | 2 +- mod/glossary/exportfile.php | 4 +- mod/glossary/import.php | 2 +- mod/glossary/lib.php | 16 +- mod/glossary/report.php | 4 +- mod/glossary/tabs.html | 8 +- mod/glossary/view.php | 4 +- mod/survey/report.php | 10 +- mod/survey/save.php | 2 +- mod/survey/view.php | 9 +- user/edit.php | 8 +- user/index.php | 2 +- 76 files changed, 483 insertions(+), 527 deletions(-) diff --git a/admin/config.php b/admin/config.php index 0f49a3c928..6a8676f1ca 100644 --- a/admin/config.php +++ b/admin/config.php @@ -8,7 +8,7 @@ if ($site = get_site()) { // If false then this is a new installation require_login(); $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if (!has_capability('moodle/site:config', $context->id)) { + if (!has_capability('moodle/site:config', $context)) { error('Only the admin can use this page'); } } diff --git a/admin/configure.php b/admin/configure.php index 1ba23bcbf7..db6efa46c7 100644 --- a/admin/configure.php +++ b/admin/configure.php @@ -5,7 +5,7 @@ require_login(); $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if (!has_capability('moodle/site:config', $context->id)) { + if (!has_capability('moodle/site:config', $context)) { error('Only the admin can use this page'); } diff --git a/admin/index.php b/admin/index.php index 9db36729f0..3c11774e9a 100644 --- a/admin/index.php +++ b/admin/index.php @@ -339,7 +339,7 @@ $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if (!has_capability('moodle/site:config', $context->id)) { + if (!has_capability('moodle/site:config', $context)) { print_error("permissionconfig", '', "$CFG->wwwroot/login/index.php"); } diff --git a/admin/roles/assign.php b/admin/roles/assign.php index 552a89a8a5..6181dbac11 100755 --- a/admin/roles/assign.php +++ b/admin/roles/assign.php @@ -21,15 +21,16 @@ redirect("$CFG->wwwroot/$CFG->admin/index.php"); } - if (! $context = get_record("context", "id", $contextid)) { + if (! $context = get_context_instance_by_id($contextid)) { error("Context ID was incorrect (can't find it)"); } - if (!has_capability('moodle/role:assign', $context->id)) { - error('You do not have the required permission to assign roles to users.'); - } + + require_login(); + + require_capability('moodle/role:assign', $context); /** - * TO DO: + * TODO XXX: * Permission check to see whether this user can assign people to this role * needs to be: * 1) has the capability to assign @@ -37,7 +38,6 @@ * end of permission checking */ - require_login(); $strassignusers = get_string('assignusers', 'role'); $strpotentialusers = get_string('potentialusers', 'role'); @@ -48,8 +48,6 @@ $strsearch = get_string('search'); $strshowall = get_string('showall'); - $context = get_record('context', 'id', $contextid); - $currenttab = ''; $tabsmode = 'assign'; include_once('tabs.php'); @@ -67,14 +65,14 @@ $timemodified = time(); foreach ($frm->addselect as $adduser) { $adduser = clean_param($adduser, PARAM_INT); - if (! role_assign($roleid, $adduser, 0, $contextid, $timestart, $timeend, $hidden)) { + if (! role_assign($roleid, $adduser, 0, $context->id, $timestart, $timeend, $hidden)) { error("Could not add user with id $adduser to this role!"); } } } else if ($remove and !empty($frm->removeselect) and confirm_sesskey()) { foreach ($frm->removeselect as $removeuser) { $removeuser = clean_param($removeuser, PARAM_INT); - if (! role_unassign($roleid, $removeuser, 0, $contextid)) { + if (! role_unassign($roleid, $removeuser, 0, $context->id)) { error("Could not remove user with id $removeuser from this role!"); } } @@ -88,7 +86,7 @@ /// Get all existing students and teachers for this course. $existinguserarray = array(); - $SQL = "select u.* from {$CFG->prefix}role_assignments r, {$CFG->prefix}user u where contextid = $contextid and roleid = $roleid and u.id = r.userid"; // join now so that we can just use fullname() later + $SQL = "select u.* from {$CFG->prefix}role_assignments r, {$CFG->prefix}user u where contextid = $context->id and roleid = $roleid and u.id = r.userid"; // join now so that we can just use fullname() later if (!$contextusers = get_records_sql($SQL)) { $contextusers = array(); @@ -130,8 +128,8 @@ // prints a form to swap roles print ('
'); - print ('
'.$strcurrentcontext.': '.print_context_name($contextid).'
'); - print (''.$strcurrentrole.': '); + print ('
'.$strcurrentcontext.': '.print_context_name($context).'
'); + print (''.$strcurrentrole.': '); choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform.submit()'); print ('
'); diff --git a/admin/roles/manage.php b/admin/roles/manage.php index 9f9c2eb156..552c9baa73 100755 --- a/admin/roles/manage.php +++ b/admin/roles/manage.php @@ -12,7 +12,6 @@ $confirm = optional_param('confirm', 0, PARAM_BOOL); $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); - $contextid = $sitecontext->id; if (!isadmin()) { error('Only admins can access this page'); @@ -46,18 +45,18 @@ case 'add': $newrole = create_role($name, $description); - + $ignore = array('roleid', 'sesskey', 'action', 'name', 'description', 'contextid'); - + $data = data_submitted(); - - foreach ($data as $capname => $value) { - if (in_array($capname, $ignore)) { - continue; + + foreach ($data as $capname => $value) { + if (in_array($capname, $ignore)) { + continue; } - assign_capability($capname, $value, $newrole, $contextid); - + assign_capability($capname, $value, $newrole, $sitecontext->id); + } break; @@ -68,38 +67,38 @@ $data = data_submitted(); - foreach ($data as $capname => $value) { - if (in_array($capname, $ignore)) { - continue; + foreach ($data as $capname => $value) { + if (in_array($capname, $ignore)) { + continue; } - + // edit default caps $SQL = "select * from {$CFG->prefix}role_capabilities where - roleid = $roleid and capability = '$capname' and contextid = $contextid"; - + roleid = $roleid and capability = '$capname' and contextid = $sitecontext->id"; + $localoverride = get_record_sql($SQL); - - if ($localoverride) { // update current overrides - - if ($value == 0) { // inherit = delete - - unassign_capability($capname, $roleid, $contextid); - - } else { - - $localoverride->permission = $value; - $localoverride->timemodified = time(); - $localoverride->modifierid = $USER->id; - update_record('role_capabilities', $localoverride); - - } - + + if ($localoverride) { // update current overrides + + if ($value == 0) { // inherit = delete + + unassign_capability($capname, $roleid, $sitecontext->id); + + } else { + + $localoverride->permission = $value; + $localoverride->timemodified = time(); + $localoverride->modifierid = $USER->id; + update_record('role_capabilities', $localoverride); + + } + } else { // insert a record - - assign_capability($capname, $value, $roleid, $contextid); + + assign_capability($capname, $value, $roleid, $sitecontext->id); } - + } // update normal role settings @@ -169,14 +168,11 @@ choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform1.submit()'); print ('
'); - $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); - $contextid = $sitecontext->id; - // this is the array holding capabilities of this role sorted till this context - $r_caps = role_context_capabilities($roleid, $sitecontext->id); + $r_caps = role_context_capabilities($roleid, $sitecontext); // this is the available capabilities assignable in this context - $capabilities = fetch_context_capabilities($sitecontext->id); + $capabilities = fetch_context_capabilities($sitecontext); print_simple_box_start(); include_once('manage.html'); diff --git a/admin/user.php b/admin/user.php index dd518ef36a..0714fdec8f 100644 --- a/admin/user.php +++ b/admin/user.php @@ -106,7 +106,7 @@ if ($newuser && confirm_sesskey()) { // Create a new user - if (!has_capability('moodle/user:create', $context->id)) { + if (!has_capability('moodle/user:create', $context)) { error('You do not have the required permission to create new users.'); } @@ -130,7 +130,7 @@ } else { // List all users for editing - if (!has_capability('moodle/user:update', $context->id)) { + if (!has_capability('moodle/user:update', $context)) { error('You do not have the required permission to edit users.'); } @@ -172,7 +172,7 @@ } else if ($delete and confirm_sesskey()) { // Delete a selected user, after confirmation - if (!has_capability('moodle/user:delete', $context->id)) { + if (!has_capability('moodle/user:delete', $context)) { error('You do not have the required permission to delete a user.'); } @@ -344,7 +344,7 @@ if ($user->id == $USER->id or $user->username == "changeme") { $deletebutton = ""; } else { - if (has_capability('moodle/user:delete', $context->id)) { + if (has_capability('moodle/user:delete', $context)) { $deletebutton = "id&sesskey=$USER->sesskey\">$strdelete"; } else { $deletebutton =""; } @@ -361,7 +361,7 @@ } $fullname = fullname($user, true); - if (has_capability('moodle/user:edit', $context->id)) { + if (has_capability('moodle/user:edit', $context)) { $table->data[] = array ("id&course=$site->id\">$fullname", "$user->email", @@ -394,7 +394,7 @@ echo ""; echo ""; - if (has_capability('moodle/user:create', $context->id)) { + if (has_capability('moodle/user:create', $context)) { print_heading("sesskey\">".get_string("addnewuser").""); } if (!empty($table)) { @@ -402,7 +402,7 @@ print_paging_bar($usercount, $page, $perpage, "user.php?sort=$sort&dir=$dir&perpage=$perpage". "&firstinitial=$firstinitial&lastinitial=$lastinitial&search=".urlencode(stripslashes($search))."&"); - if (has_capability('moodle/user:create', $context->id)) { + if (has_capability('moodle/user:create', $context)) { print_heading("sesskey\">".get_string("addnewuser").""); } } @@ -411,4 +411,4 @@ print_footer(); } -?> \ No newline at end of file +?> diff --git a/admin/users.php b/admin/users.php index 68d674ee54..60c85193a6 100644 --- a/admin/users.php +++ b/admin/users.php @@ -25,17 +25,17 @@ $table->data[] = array("sesskey\">".get_string("authentication")."", get_string("adminhelpauthentication")); - if (has_capability('moodle/user:update', $context->id)) { + if (has_capability('moodle/user:update', $context)) { $table->data[] = array("".get_string("edituser")."", get_string("adminhelpedituser")); } - if (has_capability('moodle/user:create', $context->id)) { + if (has_capability('moodle/user:create', $context)) { $table->data[] = array("wwwroot/$CFG->admin/user.php?newuser=true&sesskey=$USER->sesskey\">".get_string("addnewuser")."", get_string("adminhelpaddnewuser")); } - if (has_capability('moodle/user:create', $context->id)) { + if (has_capability('moodle/user:create', $context)) { $table->data[] = array("wwwroot/$CFG->admin/uploaduser.php?sesskey=$USER->sesskey\">".get_string("uploadusers")."", get_string("adminhelpuploadusers")); } diff --git a/blocks/admin/block_admin.php b/blocks/admin/block_admin.php index af67a8a512..66764fca9e 100644 --- a/blocks/admin/block_admin.php +++ b/blocks/admin/block_admin.php @@ -33,33 +33,33 @@ class block_admin extends block_list { global $CFG, $USER; $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if (has_capability('moodle/site:config', $context->id)) { + if (has_capability('moodle/site:config', $context)) { $this->content->items[] = ''.get_string('configuration').''; $this->content->icons[] = ''; } - if (has_capability('moodle/site:config', $context->id)) { + if (has_capability('moodle/site:config', $context)) { $this->content->items[] = ''.get_string('users').''; $this->content->icons[] = ''; } - if (has_capability('moodle/site:backup', $context->id)) { + if (has_capability('moodle/site:backup', $context)) { $this->content->items[]=''.get_string('backup').''; $this->content->icons[]=''; } - if (has_capability('moodle/site:restore', $context->id)) { + if (has_capability('moodle/site:restore', $context)) { $this->content->items[]=''.get_string('restore').''; $this->content->icons[]=''; } - if (has_capability('moodle/course:create', $context->id)) { + if (has_capability('moodle/course:create', $context)) { $this->content->items[] = ''.get_string('courses').''; $this->content->icons[] = ''; } - if (has_capability('moodle/site:config', $context->id)) { + if (has_capability('moodle/site:config', $context)) { $this->content->items[] = ''.get_string('logs').''; $this->content->icons[] = ''; @@ -111,7 +111,7 @@ class block_admin extends block_list { $isteacheredit = isteacheredit($this->instance->pageid); - if (has_capability('moodle/course:update', $context->id)) { + if (has_capability('moodle/course:update', $context)) { //if (isteacheredit($this->instance->pageid)) { $this->content->icons[]=''; if (isediting($this->instance->pageid)) { @@ -136,7 +136,7 @@ class block_admin extends block_list { $this->content->icons[]=''; /// always need a role assignment link - if (has_capability('moodle/role:assign', $context->id)) { + if (has_capability('moodle/role:assign', $context)) { $this->content->items[]=''.get_string('assignusers', 'roles').''; $this->content->icons[]=''; } @@ -152,12 +152,12 @@ class block_admin extends block_list { $this->content->icons[]=''; } - if (has_capability('moodle/site:backup', $context->id)) { + if (has_capability('moodle/site:backup', $context)) { $this->content->items[]=''.get_string('backup').''; $this->content->icons[]=''; } - if (has_capability('moodle/site:restore', $context->id)) { + if (has_capability('moodle/site:restore', $context)) { $this->content->items[]=''.get_string('restore').''; $this->content->icons[]=''; } @@ -165,7 +165,7 @@ class block_admin extends block_list { $this->content->items[]=''.get_string('import').''; $this->content->icons[]=''; - if (has_capability('moodle/site:import', $context->id)) { + if (has_capability('moodle/site:import', $context)) { $this->content->items[]=''.get_string('reset').''; $this->content->icons[]=''; } @@ -176,7 +176,7 @@ class block_admin extends block_list { $this->content->items[]=''.get_string('questions', 'quiz').''; $this->content->icons[]=''; - if (has_capability('moodle/course:managescales', $context->id)) { + if (has_capability('moodle/course:managescales', $context)) { $this->content->items[]=''.get_string('scales').''; $this->content->icons[]=''; } diff --git a/blocks/moodleblock.class.php b/blocks/moodleblock.class.php index e3c170b178..3503cf7aa6 100644 --- a/blocks/moodleblock.class.php +++ b/blocks/moodleblock.class.php @@ -299,7 +299,7 @@ class block_base { $context = get_context_instance(CONTEXT_COURSE, $this->instance->pageid); } - if (!has_capability('moodle/site:manageblocks', $context->id)) { + if (!has_capability('moodle/site:manageblocks', $context)) { return null; } break; diff --git a/blocks/participants/block_participants.php b/blocks/participants/block_participants.php index db666b641c..639227d0c6 100644 --- a/blocks/participants/block_participants.php +++ b/blocks/participants/block_participants.php @@ -22,7 +22,7 @@ class block_participants extends block_list { $context = get_context_instance(CONTEXT_COURSE, $this->instance->pageid); } - if (!has_capability('moodle/course:viewparticipants', $context->id)) { + if (!has_capability('moodle/course:viewparticipants', $context)) { $this->context = ''; return $this->content; } diff --git a/blog/edit.php b/blog/edit.php index 171304946f..93355f76b1 100755 --- a/blog/edit.php +++ b/blog/edit.php @@ -18,7 +18,7 @@ if (!$referrer = optional_param('referrer','', PARAM_URL)) { $context = get_context_instance(CONTEXT_SYSTEM, SITEID); -if (!has_capability('moodle/blog:readentries', $context->id)) { +if (!has_capability('moodle/blog:readentries', $context)) { error(get_string('nopost', 'blog'), $referrer); } @@ -28,7 +28,7 @@ if ($editid = optional_param('editid', 0, PARAM_INT)) { $blogEntry = get_record('post', 'id', $editid); - if (!blog_user_can_edit_post($blogEntry, $context->id)) { + if (!blog_user_can_edit_post($blogEntry, $context)) { error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php'); } } @@ -155,7 +155,7 @@ function do_delete($postid) { // check ownership $blogEntry = get_record('post','id',$postid); - if (blog_user_can_edit_post($blogEntry, $context->id)) { + if (blog_user_can_edit_post($blogEntry, $context->id)) { /// XXX TODO if (delete_records('post','id',$postid)) { //echo "bloginfo_arg:"; //debug diff --git a/blog/index.php b/blog/index.php index 845ea209f1..f1a4968ccf 100755 --- a/blog/index.php +++ b/blog/index.php @@ -90,7 +90,7 @@ switch ($filtertype) { case 'site': $context = get_context_instance(CONTEXT_SYSTEM, SITEID); if ($CFG->bloglevel < BLOG_SITE_LEVEL && - !has_capability('moodle/site:config', $context->id)) { + !has_capability('moodle/site:config', $context)) { error('Site blogs is not enabled'); } else if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) { require_login(); @@ -99,10 +99,10 @@ switch ($filtertype) { case 'course': $context = get_context_instance(CONTEXT_COURSE, $courseid); if ($CFG->bloglevel < BLOG_COURSE_LEVEL && - !has_capability('moodle/course:update', $context->id)) { + !has_capability('moodle/course:update', $context)) { error('Course blogs is not enabled'); } - if (!has_capability('moodle/blog:readentry', $context->id)) { + if (!has_capability('moodle/blog:readentry', $context)) { error('You do not have the required permissions to to view course blogs'); } break; @@ -110,10 +110,10 @@ switch ($filtertype) { $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); $coursecontext = get_context_instance(CONTEXT_COURSE, $courseid); if ($CFG->bloglevel < BLOG_GROUP_LEVEL && - !has_capability('moodle/site:config', $sitecontext->id)) { + !has_capability('moodle/site:config', $sitecontext)) { error ('Group blogs is not enabled'); } - if (!has_capability('moodle/course:update', $coursecontext->id) && + if (!has_capability('moodle/course:update', $coursecontext) && groupmode($course) == SEPARATEGROUPS) { if (!ismember($filterselect)) { error ('You are not a member of this group'); @@ -122,13 +122,13 @@ switch ($filtertype) { /// check if user is editting teacher, or if spg, is member break; case 'user': - $context = get_context_instance(CONTEXT_SYSTEM, $context->id); + $context = get_context_instance(CONTEXT_SYSTEM, $context->id); /// XXXXX TODO if ($CFG->bloglevel < BLOG_USER_LEVEL && !has_capability('moodle/site:config', SITEID)) { error ('Blogs is not enabled'); } if ($CFG->bloglevel == BLOG_USER_LEVEL && $USER->id != $filterselect && - !has_capability('moodle/site:config', $context->id)) { + !has_capability('moodle/site:config', $context)) { error ('Under this setting, you can only view your own blogs'); } diff --git a/blog/lib.php b/blog/lib.php index 216bee9060..e0f0b0965d 100755 --- a/blog/lib.php +++ b/blog/lib.php @@ -292,13 +292,13 @@ * the capability moodle/blog:writeentry, or if they have the capability * moodle/blog:manageentries. */ - function blog_user_can_edit_post($blogEntry, $contextid) { + function blog_user_can_edit_post($blogEntry, $context) { global $CFG, $USER; - return ((has_capability('moodle/blog:writeentries', $contextid) && + return ((has_capability('moodle/blog:writeentries', $context) && $blogEntry->userid == $USER->id) || - has_capability('moodle/blog:manageentries', $context->id)); + has_capability('moodle/blog:manageentries', $context)); } @@ -314,7 +314,7 @@ $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if (!has_capability('moodle/blog:readentry', $context->id)) { + if (!has_capability('moodle/blog:readentry', $context)) { return false; } @@ -608,4 +608,4 @@ $filtertype.'&filterselect='.$filterselect.'&'; } -?> \ No newline at end of file +?> diff --git a/blog/preferences.php b/blog/preferences.php index 03e2886f9d..599f3d1b82 100755 --- a/blog/preferences.php +++ b/blog/preferences.php @@ -20,7 +20,7 @@ $context = get_context_instance(CONTEXT_SYSTEM, SITEID); // Ensure that the logged in user has the capability to post blog entries. - if (!has_capability('moodle/blog:writepost', $context->id)) { + if (!has_capability('moodle/blog:writepost', $context)) { error(get_string('nopost', 'blog'), $referrer); } $userid = $USER->id; diff --git a/blog/tags.html b/blog/tags.html index c14dc57324..44e7a59ebb 100755 --- a/blog/tags.html +++ b/blog/tags.html @@ -14,7 +14,7 @@ print_heading(get_string('tagmanagement')); id)) { + if (has_capability('moodle/blog:manageofficialtags', $context)) { ?> :
diff --git a/blog/tags.php b/blog/tags.php index 534e0d5240..46a99359e4 100755 --- a/blog/tags.php +++ b/blog/tags.php @@ -12,7 +12,7 @@ $context = get_context_instance(CONTEXT_SYSTEM, SITEID); switch ($mode) { case 'addofficial': /// Adding official tags. - if (!has_capability('moodle/blog:manageofficialtags', $context->id) || !confirm_sesskey()) { + if (!has_capability('moodle/blog:manageofficialtags', $context) || !confirm_sesskey()) { die('you can not add official tags'); } @@ -39,7 +39,7 @@ switch ($mode) { case 'addpersonal': /// Everyone can add personal tags as long as they can write blog entries. if (!confirm_sesskey() || - !has_capability('moodle/blog:writeentries', $context->id) || + !has_capability('moodle/blog:writeentries', $context) || !isset($USER->id)) { error ('you can not add tags'); } @@ -78,7 +78,7 @@ switch ($mode) { // You can only delete your own tags, or you have to have the // moodle/blog:manageofficialtags capability. - if (!has_capability('moodle/blog:manageofficialtags', $context->id) + if (!has_capability('moodle/blog:manageofficialtags', $context) && $USER->id != $blogtag->userid) { notify(get_string('norighttodeletetag','blog', $blogtag->text)); continue; @@ -86,7 +86,7 @@ switch ($mode) { // You can only delete tags that are referenced if you have // the moodle/blog:manageofficialtags capability. - if (!has_capability('moodle/blog:manageofficialtags', $context->id) + if (!has_capability('moodle/blog:manageofficialtags', $context) && get_records('blog_tag_instance','tagid', $tag)) { notify('tag is used by other users, can not delete!'); continue; @@ -130,4 +130,4 @@ include_once('tags.html'); print_footer(); -?> \ No newline at end of file +?> diff --git a/course/category.php b/course/category.php index 30d22eb212..47400c4a8b 100644 --- a/course/category.php +++ b/course/category.php @@ -308,12 +308,12 @@ echo ''. ''.$strassignteachers.' '; - if (has_capability('moodle/course:delete', $context->id)) { + if (has_capability('moodle/course:delete', $context)) { echo ''. ''.$strdelete.' '; } - if (has_capability('moodle/course:visibility', $context->id)) { + if (has_capability('moodle/course:visibility', $context)) { if (!empty($acourse->visible)) { echo ''. @@ -325,12 +325,12 @@ } } - if (has_capability('moodle/site:backup', $context->id)) { + if (has_capability('moodle/site:backup', $context)) { echo ''. ' '; } - if (has_capability('moodle/site:restore', $context->id)) { + if (has_capability('moodle/site:restore', $context)) { echo ''. ' '; @@ -419,7 +419,7 @@ } $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if (has_capability('moodle/course:create', $context->id)) { /// Print button to create a new course + if (has_capability('moodle/course:create', $context)) { /// Print button to create a new course unset($options); $options['category'] = $category->id; print_single_button('edit.php', $options, get_string('addnewcourse'), 'get'); @@ -427,7 +427,7 @@ } $context = get_context_instance(CONTEXT_COURSECAT, $id); - if (has_capability('moodle/category:update', $context->id)) { /// Print form to rename the category + if (has_capability('moodle/category:update', $context)) { /// Print form to rename the category $strrename= get_string('rename'); echo '
'; echo ''; diff --git a/course/edit.php b/course/edit.php index 22fe0b3c7e..3b1321df4d 100644 --- a/course/edit.php +++ b/course/edit.php @@ -21,7 +21,7 @@ $context = get_context_instance(CONTEXT_COURSE, $id); - if (!has_capability('moodle/course:update', $context->id)) { + if (!has_capability('moodle/course:update', $context)) { error("You do not currently have editing privileges!"); } @@ -41,7 +41,7 @@ } else { // Admin is creating a new course $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if (!has_capability('moodle/course:create',$context->id)) { + if (!has_capability('moodle/course:create',$context)) { error("You do not currently have course creation privileges!"); } diff --git a/course/group.php b/course/group.php index 311bf7f0fd..9c60633e4c 100644 --- a/course/group.php +++ b/course/group.php @@ -27,7 +27,7 @@ $context = get_context_instance(CONTEXT_GROUP, $group->id); // this is really weird - if (!has_capability('moodle/course:managegroups', $context->id)) { + if (!has_capability('moodle/course:managegroups', $context)) { close_window(); } diff --git a/course/groups.php b/course/groups.php index 01021fee9b..b083dca59e 100644 --- a/course/groups.php +++ b/course/groups.php @@ -38,7 +38,7 @@ require_login($course->id); $context = get_context_instance(CONTEXT_COURSE, $course->id); - if (!has_capability('moodle/course:managegroups', $context->id)) { + if (!has_capability('moodle/course:managegroups', $context)) { redirect("group.php?id=$course->id"); // Not allowed to see all groups } diff --git a/course/index.php b/course/index.php index 8d8b0930ff..71583cdbcc 100644 --- a/course/index.php +++ b/course/index.php @@ -99,7 +99,7 @@ /// If data for a new category was submitted, then add it - if ($form = data_submitted() and confirm_sesskey() and has_capability('moodle/category:create', $context->id)) { + if ($form = data_submitted() and confirm_sesskey() and has_capability('moodle/category:create', $context)) { if (!empty($form->addcategory)) { unset($newcategory); $newcategory->name = $form->addcategory; @@ -119,7 +119,7 @@ // context is coursecat, if not present admins should have it set in site level $context = get_context_instance(CONTEXT_COURSECAT, $delete); - if ($deletecat = get_record("course_categories", "id", $delete) and has_capability('moodle/category:delete', $context->id)) { + if ($deletecat = get_record("course_categories", "id", $delete) and has_capability('moodle/category:delete', $context)) { if (!empty($sure) && $sure == md5($deletecat->timemodified)) { /// Send the children categories to live with their grandparent if ($childcats = get_records("course_categories", "parent", $deletecat->id)) { @@ -274,7 +274,7 @@ fix_course_sortorder(); /// Print form for creating new categories - if (has_capability('moodle/category:create', $context->id)) { + if (has_capability('moodle/category:create', $context)) { echo "
"; echo ""; echo ""; @@ -317,7 +317,7 @@ $options["category"] = $category->id; - if (has_capability('moodle/course:create', $context->id)) { + if (has_capability('moodle/course:create', $context)) { print_single_button("edit.php", $options, get_string("addnewcourse"), "get"); } print_single_button('pending.php',NULL, get_string('coursespending'),"get"); @@ -359,12 +359,12 @@ function print_category_edit($category, $displaylist, $parentslist, $depth=-1, $ echo ""; /// Print little icons - if (has_capability('moodle/category:delete', $context->id)) { + if (has_capability('moodle/category:delete', $context)) { echo "delete\" href=\"index.php?delete=$category->id&sesskey=$USER->sesskey\">pixpath/t/delete.gif\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" /> "; } - if (has_capability('moodle/category:visibility', $context->id)) { + if (has_capability('moodle/category:visibility', $context)) { if (!empty($category->visible)) { echo "hide\" href=\"index.php?hide=$category->id&sesskey=$USER->sesskey\">pixpath/t/hide.gif\" height=\"11\" width=\"11\" border=\"0\" alt=\"\" /> "; diff --git a/course/lib.php b/course/lib.php index 675e5f929f..24242926ad 100644 --- a/course/lib.php +++ b/course/lib.php @@ -1501,7 +1501,7 @@ function print_courses($category, $width="100%", $hidesitecourse = false) { } else { print_heading(get_string("nocoursesyet")); $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if (has_capability('moodle/course:create', $context->id)) { + if (has_capability('moodle/course:create', $context)) { $options = array(); $options['category'] = $category->id; echo '
'; diff --git a/course/mod.php b/course/mod.php index 29737de16e..4c7ddf8aa9 100644 --- a/course/mod.php +++ b/course/mod.php @@ -63,7 +63,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $course->id); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); $mod->course = $course->id; $mod->modulename = clean_param($mod->modulename, PARAM_SAFEDIR); // For safety @@ -242,7 +242,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $section->course); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); if (!ismoving($section->course)) { error("You need to copy something first!"); @@ -271,7 +271,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $cm->course); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); $cm->indent += $indent; @@ -297,7 +297,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $cm->course); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); set_coursemodule_visible($cm->id, 0); @@ -317,7 +317,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $cm->course); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); if (! $section = get_record("course_sections", "id", $cm->section)) { error("This module doesn't exist"); @@ -348,7 +348,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $cm->course); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); set_coursemodule_groupmode($cm->id, $groupmode); @@ -368,7 +368,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $cm->course); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); if (! $section = get_record("course_sections", "id", $cm->section)) { error("This module doesn't exist"); @@ -409,7 +409,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $cm->course); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); if (! $module = get_record("modules", "id", $cm->module)) { error("This module doesn't exist"); @@ -465,7 +465,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $course->id); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); if (! $module = get_record("modules", "id", $cm->module)) { error("This module doesn't exist"); @@ -522,7 +522,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $course->id); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); if (! $module = get_record("modules", "id", $cm->module)) { error("This module doesn't exist"); @@ -620,7 +620,7 @@ } $context = get_context_instance(CONTEXT_COURSE, $course->id); - has_capability('moodle/course:update', $context->id, true); + require_capability('moodle/course:update', $context); $streditinga = get_string("editinga", "moodle", $fullmodulename); $strmodulenameplural = get_string("modulenameplural", $module->name); diff --git a/course/scales.php b/course/scales.php index 0cd5b72ef0..d3f95513d0 100644 --- a/course/scales.php +++ b/course/scales.php @@ -94,7 +94,7 @@ //If action is details, show the popup info if ($action == "details") { //Check for teacher edit - has_capability('moodle/course:managescales', $context->id, true); + require_capability('moodle/course:managescales', $context); //Check for scale if (! $scale = get_record("scale", "id", $scaleid)) { @@ -130,7 +130,7 @@ $sesskey = !empty($USER->id) ? $USER->sesskey : ''; - has_capability('moodle/course:managescales', $context->id, true); + require_capability('moodle/course:managescales', $context); //Check for scale if action = edit if ($action == "edit") { @@ -235,7 +235,7 @@ //If action is delete, do it if ($action == "delete" and confirm_sesskey()) { //Check for teacher edit - has_capability('moodle/course:managescales', $context->id, true); + require_capability('moodle/course:managescales', $context); //Check for scale if action = edit if (! $scale = get_record("scale", "id", $scaleid)) { error("Scale ID was incorrect"); @@ -266,7 +266,7 @@ //If action is down or up, do it if (($action == "down" || $action == "up") and confirm_sesskey()) { //Check for teacher edit - has_capability('moodle/course:managescales', $context->id, true); + require_capability('moodle/course:managescales', $context); //Check for scale if action = edit if (! $scale = get_record("scale", "id", $scaleid)) { error("Scale ID was incorrect"); @@ -296,7 +296,7 @@ } if ($list) { /// Just list the scales (in a helpwindow) - has_capability('moodle/course:viewscales', $context->id, true); + require_capability('moodle/course:viewscales', $context); print_header($strscales); if (!empty($scaleid)) { @@ -339,7 +339,7 @@ } } else { - if (has_capability('moodle/course:managescales', $context->id)) { + if (has_capability('moodle/course:managescales', $context)) { echo "

("; print_string("scalestip"); echo ")

"; @@ -369,7 +369,7 @@ /// The rest is all about editing the scales - has_capability('moodle/course:managescales', $context->id, true); + require_capability('moodle/course:managescales', $context); /// Print out the main page diff --git a/lib/accesslib.php b/lib/accesslib.php index 29e176f92f..3d7cb6dbd5 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -35,14 +35,13 @@ $context_cache_id = array(); // Index to above cache by id /** * This functions get all the course categories in proper order - * @param int $contextid + * @param int $context * @param int $type * @return array of contextids */ -function get_parent_cats($contextid, $type) { +function get_parent_cats($context, $type) { $parents = array(); - $context = get_context_instance_by_id($contextid); switch($type) { @@ -85,36 +84,53 @@ function get_parent_cats($contextid, $type) { /* Functions for Roles & Capabilites */ +/** + * This function checks for a capability assertion being true. If it isn't + * then the page is terminated neatly with a standard error message + * @param string $capability - name of the capability + * @param object $context - a context object (record from context table) + * @param integer $userid - a userid number + * @param string $errorstring - an errorstring + */ +function require_capability($capability, $context=NULL, $userid=NULL, $errormessage="nopermissions", $stringfile='') { + if (!has_capability($capability, $context, $userid)) { + $capabilityname = get_capability_string($capability); + print_error($errormessage, $stringfile, '', $capabilityname); + } +} + + /** * This function returns whether the current user has the capability of performing a function * For example, we can do has_capability('mod/forum:replypost',$cm) in forum * only one of the 4 (moduleinstance, courseid, site, userid) would be set at 1 time * This is a recursive funciton. - * Might change to require_capability, and throw an error if not authorized. * @uses $USER * @param string $capability - name of the capability - * @param int $contextid - * @param kill bool - if set, kill when the user has no capability + * @param object $context - a context object (record from context table) + * @param integer $userid - a userid number * @return bool */ -function has_capability($capability, $contextid=NULL, $kill=false, $userid=NULL) { +function has_capability($capability, $context=NULL, $userid=NULL) { global $USER, $CONTEXT; if ($userid && $userid != $USER->id) { // loading other user's capability - $capabilities = load_user_capability($capability, $contextid, $userid); + $capabilities = load_user_capability($capability, $context, $userid); } else { $capabilities = $USER->capabilities; } - if (empty($contextid)) { + if (empty($context)) { // Use default CONTEXT if none specified if (empty($CONTEXT)) { return false; } else { $context = $CONTEXT; } - } else { - $context = get_context_instance_by_id($contextid); + } else { // A context was given to us + if (empty($CONTEXT)) { + $CONTEXT = $context; // Store FIRST used context in this global as future default + } } // Check site @@ -123,11 +139,11 @@ function has_capability($capability, $contextid=NULL, $kill=false, $userid=NULL) return ($capabilities[$sitecontext->id]['moodle/site:doanything']); } - switch (context_level($contextid)) { + switch ($context->level) { case CONTEXT_COURSECAT: // Check parent cats. - $parentcats = get_parent_cats($contextid, CONTEXT_COURSECAT); + $parentcats = get_parent_cats($context, CONTEXT_COURSECAT); foreach ($parentcats as $parentcat) { if (isset($capabilities[$parentcat]['moodle/site:doanything'])) { return ($capabilities[$parentcat]['moodle/site:doanything']); @@ -137,7 +153,7 @@ function has_capability($capability, $contextid=NULL, $kill=false, $userid=NULL) case CONTEXT_COURSE: // Check parent cat. - $parentcats = get_parent_cats($contextid, CONTEXT_COURSE); + $parentcats = get_parent_cats($context, CONTEXT_COURSE); foreach ($parentcats as $parentcat) { if (isset($capabilities[$parentcat]['do_anything'])) { @@ -209,12 +225,12 @@ function has_capability($capability, $contextid=NULL, $kill=false, $userid=NULL) } // Last: check self. - if (isset($capabilities[$contextid]['do_anything'])) { - return ($capabilities[$contextid]['do_anything']); + if (isset($capabilities[$context->id]['do_anything'])) { + return ($capabilities[$context->id]['do_anything']); } // do_anything has not been set, we now look for it the normal way. - return capability_search($capability, $contextid, $kill, $capabilities); + return capability_search($capability, $context, $capabilities); } @@ -223,76 +239,73 @@ function has_capability($capability, $contextid=NULL, $kill=false, $userid=NULL) * In a separate function so that we won't have to deal with do_anything. * again. Used by function has_capability. * @param $capability - capability string - * @param $contextid - the context id - * @param $kill - boolean. Error out and exit if the user doesn't have the - * capability? + * @param $context - the context object * @param $capabilities - either $USER->capability or loaded array * @return permission (int) */ -function capability_search($capability, $contextid, $kill=false, $capabilities) { +function capability_search($capability, $context, $capabilities) { global $USER, $CFG; - + if ($CFG->debug) { - notify("We are looking for $capability in context $contextid", 'notifytiny'); + notify("Looking for $capability in context $context->id", 'notifytiny'); } - if (isset($capabilities[$contextid][$capability])) { - return ($capabilities[$contextid][$capability]); + if (isset($capabilities[$context->id][$capability])) { + return ($capabilities[$context->id][$capability]); } /* Then, we check the cache recursively */ - $context = get_context_instance_by_id($contextid); $permission = 0; - switch (context_level($contextid)) { + switch ($context->level) { case CONTEXT_SYSTEM: // by now it's a definite an inherit $permission = 0; break; case CONTEXT_PERSONAL: - $parent = get_context_instance(CONTEXT_SYSTEM, SITEID); - $permission = (capability_search($capability, $parent->id, false, $capabilities)); + $parentcontext = get_context_instance(CONTEXT_SYSTEM, SITEID); + $permission = capability_search($capability, $parentcontext, $capabilities); break; case CONTEXT_USERID: - $parent = get_context_instance(CONTEXT_SYSTEM, SITEID); - $permission = (capability_search($capability, $parent->id, false, $capabilities)); + $parentcontext = get_context_instance(CONTEXT_SYSTEM, SITEID); + $permission = capability_search($capability, $parentcontext, $capabilities); break; case CONTEXT_COURSECAT: // Coursecat -> coursecat or site $coursecat = get_record('course_categories','id',$context->instanceid); - if ($coursecat->parent) { // return parent value if exist - $parent = get_context_instance(CONTEXT_COURSECAT, $coursecat->parent); + if (!empty($coursecat->parent)) { // return parent value if it exists + $parentcontext = get_context_instance(CONTEXT_COURSECAT, $coursecat->parent); } else { // else return site value - $parent = get_context_instance(CONTEXT_SYSTEM, SITEID); + $parentcontext = get_context_instance(CONTEXT_SYSTEM, SITEID); } - $permission = (capability_search($capability, $parent->id, false, $capabilities)); + $permission = capability_search($capability, $parentcontext, $capabilities); break; case CONTEXT_COURSE: // 1 to 1 to course cat // find the course cat, and return its value $course = get_record('course','id',$context->instanceid); - $parent = get_context_instance(CONTEXT_COURSECAT, $course->category); - $permission = (capability_search($capability, $parent->id, false, $capabilities)); + $parentcontext = get_context_instance(CONTEXT_COURSECAT, $course->category); + $permission = capability_search($capability, $parentcontext, $capabilities); break; case CONTEXT_GROUP: // 1 to 1 to course $group = get_record('groups','id',$context->instanceid); - $parent = get_context_instance(CONTEXT_COURSE, $group->courseid); - $permission = (capability_search($capability, $parent->id, false, $capabilities)); + $parentcontext = get_context_instance(CONTEXT_COURSE, $group->courseid); + $permission = capability_search($capability, $parentcontext, $capabilities); break; case CONTEXT_MODULE: // 1 to 1 to course $cm = get_record('course_modules','id',$context->instanceid); - $parent = get_context_instance(CONTEXT_COURSE, $cm->course); - $permission = (capability_search($capability, $parent->id, false, $capabilities)); + $parentcontext = get_context_instance(CONTEXT_COURSE, $cm->course); + $permission = capability_search($capability, $parentcontext, $capabilities); break; case CONTEXT_BLOCK: // 1 to 1 to course $block = get_record('block_instance','id',$context->instanceid); - $parent = get_context_instance(CONTEXT_COURSE, $block->pageid); // needs check - $permission = (capability_search($capability, $parent->id, false, $capabilities)); + $parentcontext = get_context_instance(CONTEXT_COURSE, $block->pageid); // needs check + $permission = capability_search($capability, $parentcontext, $capabilities); break; default: @@ -300,9 +313,6 @@ function capability_search($capability, $contextid, $kill=false, $capabilities) return false; } - if ($kill && ($permission <= 0)) { - error ('You do not have the required capability '.$capability); - } return $permission; } @@ -322,7 +332,7 @@ function capability_search($capability, $contextid, $kill=false, $capabilities) * [273][blah blah] = 1 * [273][blah blah blah] = 2 */ -function load_user_capability($capability='', $contextid ='', $userid='') { +function load_user_capability($capability='', $context ='', $userid='') { global $USER, $CFG; @@ -339,22 +349,18 @@ function load_user_capability($capability='', $contextid ='', $userid='') { } // First we generate a list of all relevant contexts of the user - if ($contextid) { // if context is specified - $context = get_context_instance_by_id($contextid); - - $usercontexts = get_parent_contexts($context->id); + if ($context) { // if context is specified + $usercontexts = get_parent_contexts($context); $listofcontexts = '('.implode(',', $usercontexts).')'; } else { // else, we load everything - $usercontexts = get_records('role_assignments','userid',$userid); - $listofcontexts = '('; - foreach ($usercontexts as $usercontext) { - $listofcontexts .= $usercontext->contextid; - $listofcontexts .= ','; + $userroles = get_records('role_assignments','userid',$userid); + $usercontexts = array(); + foreach ($userroles as $userrole) { + $usercontexts[] = $userrole->contextid; } - $listofcontexts = rtrim ($listofcontexts, ","); - $listofcontexts .= ')'; + $listofcontexts = '('.implode(',', $usercontexts).')'; } - + // Then we use 1 giant SQL to bring out all relevant capabilities. // The first part gets the capabilities of orginal role. // The second part gets the capabilities of overriden roles. @@ -470,9 +476,11 @@ function load_user_capability($capability='', $contextid ='', $userid='') { $usercap = array(); // for other user's capabilities foreach ($capabilities as $capability) { + $context = get_context_instance_by_id($capability->id); + if (!empty($otheruserid)) { // we are pulling out other user's capabilities, do not write to session - if (capability_prohibits($capability->capability, $capability->id, $capability->sum, $usercap)) { + if (capability_prohibits($capability->capability, $context, $capability->sum, $usercap)) { $usercap[$capability->id][$capability->capability] = -9000; continue; } @@ -481,7 +489,7 @@ function load_user_capability($capability='', $contextid ='', $userid='') { } else { - if (capability_prohibits($capability->capability, $capability->id, $capability->sum)) { // if any parent or parent's parent is set to prohibit + if (capability_prohibits($capability->capability, $context, $capability->sum)) { // if any parent or parent's parent is set to prohibit $USER->capabilities[$capability->id][$capability->capability] = -9000; continue; } @@ -518,30 +526,30 @@ function load_user_capability($capability='', $contextid ='', $userid='') { * * @param $capability - capability name * @param $sum - sum of all capabilities values - * @param $contextid - the context id + * @param $context - the context object * @param $array - when loading another user caps, their caps are not stored in session but an array */ -function capability_prohibits($capability, $contextid, $sum='', $array='') { +function capability_prohibits($capability, $context, $sum='', $array='') { global $USER; + if ($sum < -8000) { // If this capability is set to prohibit. return true; } if (isset($array)) { - if (isset($array[$contextid][$capability]) - && $array[$contextid][$capability] < -8000) { + if (isset($array[$context->id][$capability]) + && $array[$context->id][$capability] < -8000) { return true; } } else { // Else if set in session. - if (isset($USER->capabilities[$contextid][$capability]) - && $USER->capabilities[$contextid][$capability] < -8000) { + if (isset($USER->capabilities[$context->id][$capability]) + && $USER->capabilities[$context->id][$capability] < -8000) { return true; } } - $context = get_context_instance_by_id($contextid); - switch (context_level($contextid)) { + switch ($context->level) { case CONTEXT_SYSTEM: // By now it's a definite an inherit. @@ -550,12 +558,12 @@ function capability_prohibits($capability, $contextid, $sum='', $array='') { case CONTEXT_PERSONAL: $parent = get_context_instance(CONTEXT_SYSTEM, SITEID); - return (capability_prohibits($capability, $parent->id)); + return capability_prohibits($capability, $parent); break; case CONTEXT_USERID: $parent = get_context_instance(CONTEXT_SYSTEM, SITEID); - return (capability_prohibits($capability, $parent->id)); + return capability_prohibits($capability, $parent); break; case CONTEXT_COURSECAT: @@ -568,7 +576,7 @@ function capability_prohibits($capability, $contextid, $sum='', $array='') { // Return site value. $parent = get_context_instance(CONTEXT_SYSTEM, SITEID); } - return (capability_prohibits($capability, $parent->id)); + return capability_prohibits($capability, $parent); break; case CONTEXT_COURSE: @@ -576,28 +584,28 @@ function capability_prohibits($capability, $contextid, $sum='', $array='') { // Find the course cat, and return its value. $course = get_record('course','id',$context->instanceid); $parent = get_context_instance(CONTEXT_COURSECAT, $course->category); - return (capability_prohibits($capability, $parent->id)); + return capability_prohibits($capability, $parent); break; case CONTEXT_GROUP: // 1 to 1 to course. $group = get_record('groups','id',$context->instanceid); $parent = get_context_instance(CONTEXT_COURSE, $group->courseid); - return (capability_prohibits($capability, $parent->id)); + return capability_prohibits($capability, $parent); break; case CONTEXT_MODULE: // 1 to 1 to course. $cm = get_record('course_modules','id',$context->instanceid); $parent = get_context_instance(CONTEXT_COURSE, $cm->course); - return (capability_prohibits($capability, $parent->id)); + return capability_prohibits($capability, $parent); break; case CONTEXT_BLOCK: // 1 to 1 to course. $block = get_record('block_instance','id',$context->instanceid); $parent = get_context_instance(CONTEXT_COURSE, $block->pageid); // needs check - return (capability_prohibits($capability, $parent->id)); + return capability_prohibits($capability, $parent); break; default: @@ -816,7 +824,7 @@ function create_context($level, $instanceid) { */ function get_context_instance($level=NULL, $instance=SITEID) { - global $CONTEXT; + global $CONTEXT, $context_cache, $context_cache_id; /// If no level is supplied then return the current global context if there is one if (empty($level)) { @@ -844,6 +852,7 @@ function get_context_instance($level=NULL, $instance=SITEID) { $context_cache[$level][$instance] = $context; // Cache it for later $context_cache_id[$context->id] = $context; // Cache it for later + return $context; } @@ -867,23 +876,11 @@ function get_context_instance_by_id($id) { } -/** - * Looks up the context level. - * @param int $contextid - * @return int - */ -function context_level($contextid) { - if ($context = get_context_instance_by_id($contextid)) { - return $context->level; - } - return false; -} - - /** * Get the local override (if any) for a given capability in a role in a context * @param $roleid - * @param $instance + * @param $contextid + * @param $capability */ function get_local_override($roleid, $contextid, $capability) { return get_record('role_capabilities', 'roleid', $roleid, 'capability', $capability, 'contextid', $contextid); @@ -907,7 +904,6 @@ function create_role($name, $description, $legacy='') { // check for duplicate role name if ($role = get_record('role','name', $name)) { - print_object($role); error('there is already a role with this name!'); } @@ -1222,12 +1218,10 @@ function capabilities_cleanup($component, $newcapdef=NULL) { /** * prints human readable context identifier. */ -function print_context_name($contextid) { +function print_context_name($context) { $name = ''; - $context = get_context_instance_by_id($contextid); - switch ($context->level) { case CONTEXT_SYSTEM: // by now it's a definite an inherit @@ -1295,7 +1289,7 @@ function print_context_name($contextid) { * All case based, example an instance of forum context. * Will fetch all forum related capabilities, while course contexts * Will fetch all capabilities - * @param int contextid + * @param object context * @return array(); * * capabilities @@ -1304,13 +1298,13 @@ function print_context_name($contextid) { * `contextlevel` int(10) NOT NULL, * `component` varchar(100) NOT NULL, */ -function fetch_context_capabilities($contextid) { +function fetch_context_capabilities($context) { global $CFG; $sort = 'ORDER BY contextlevel,component,id'; // To group them sensibly for display - switch (context_level($contextid)) { + switch ($context->level) { case CONTEXT_SYSTEM: // all $SQL = "select * from {$CFG->prefix}capabilities"; @@ -1334,7 +1328,6 @@ function fetch_context_capabilities($contextid) { break; case CONTEXT_MODULE: // mod caps - $context = get_context_instance_by_id($contextid); $cm = get_record('course_modules', 'id', $context->instanceid); $module = get_record('modules', 'id', $cm->module); @@ -1343,7 +1336,6 @@ function fetch_context_capabilities($contextid) { break; case CONTEXT_BLOCK: // block caps - $context = get_context_instance_by_id($contextid); $cb = get_record('block_instance', 'id', $context->instanceid); $block = get_record('block', 'id', $cb->blockid); @@ -1365,20 +1357,19 @@ function fetch_context_capabilities($contextid) { * This function pulls out all the resolved capabilities (overrides and * defaults) of a role used in capability overrieds in contexts at a given * context. - * @param int $contextid + * @param int $context * @param int $roleid * @return array */ -function role_context_capabilities($roleid, $contextid) { +function role_context_capabilities($roleid, $context) { global $CFG; $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID); - if ($sitecontext->id == $contextid) { + if ($sitecontext->id == $context->id) { return array(); } // first of all, figure out all parental contexts - $context = get_context_instance_by_id($contextid); $contexts = array_reverse(get_parent_contexts($context)); $contexts = '('.implode(',', $contexts).')'; @@ -1404,7 +1395,7 @@ function role_context_capabilities($roleid, $contextid) { /** - * Recursive function which, given a contextid, find all parent context ids, + * Recursive function which, given a context, find all parent context ids, * and return the array in reverse order, i.e. parent first, then grand * parent, etc. * @param object $context @@ -1414,7 +1405,7 @@ function role_context_capabilities($roleid, $contextid) { function get_parent_contexts($context) { - switch (context_level($context->id)) { + switch ($context->level) { case CONTEXT_SYSTEM: // no parent return null; @@ -1478,7 +1469,6 @@ function get_parent_contexts($context) { * This function gets the capability of a role in a given context. * It is needed when printing override forms. * @param int $contextid - * @param int $roleid // no need? since role is used in extraction in $capability * @param string $capability * @param array $capabilities - array loaded using role_context_capabilities * @return int (allow, prevent, prohibit, inherit) @@ -1490,7 +1480,6 @@ function get_role_context_capability($contextid, $capability, $capabilities) { } -// a big switch statement function get_capability_string($capabilityname) { // Typical capabilityname is: mod/choice:readresponses diff --git a/lib/moodlelib.php b/lib/moodlelib.php index 80d6fb718b..b4a43a33db 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -1606,7 +1606,7 @@ function require_login($courseid=0, $autologinguest=true, $cm=null) { $context = get_context_instance(CONTEXT_COURSE, $courseid); - if (has_capability('moodle/course:view', $context->id)) { + if (has_capability('moodle/course:view', $context)) { if (isset($USER->realuser)) { // Make sure the REAL person can also access this course if (!isteacher($courseid, $USER->realuser)) { print_header(); @@ -1965,21 +1965,19 @@ function isloggedin() { * @return bool */ function isadmin($userid=0) { - global $USER; + global $USER, $CFG; + static $admins, $nonadmins; - if (isset($CFG->rolesactive) && $CFG->rolesactive ===1) { + if (isset($CFG->rolesactive) && $CFG->rolesactive == 1) { - if ($courseid == 0) { - $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - } else { - $context = get_context_instance(CONTEXT_COURSE, $courseid); - } + + $context = get_context_instance(CONTEXT_SYSTEM, SITEID); if (!$userid) { - return has_capability('moodle/legacy:admin', $context->id); + return has_capability('moodle/legacy:admin', $context); } else { - return has_capability('moodle/legacy:admin', $context->id, false, $userid); + return has_capability('moodle/legacy:admin', $context, false, $userid); } } @@ -2023,6 +2021,7 @@ function isadmin($userid=0) { * @param bool $includeadmin If true this function will return true when it encounters an admin user. * @return bool */ + function isteacher($courseid=0, $userid=0, $includeadmin=true) { /// Is the user able to access this course as a teacher? global $USER, $CFG; @@ -2036,13 +2035,13 @@ function isteacher($courseid=0, $userid=0, $includeadmin=true) { } if (!$userid) { - return has_capability('moodle/legacy:teacher', $context->id); + return has_capability('moodle/legacy:teacher', $context); } else { - return has_capability('moodle/legacy:teacher', $context->id, false, $userid); + return has_capability('moodle/legacy:teacher', $context, $userid); } } - // Old code follows, will be removed before 1.7 because it shouldn't run + // Old code follows, will be removed before 1.7 because it shouldn't run XXX TODO if (empty($userid)) { // we are relying on $USER if (empty($USER) or empty($USER->id)) { // not logged in so can't be a teacher @@ -2125,9 +2124,9 @@ function isteacheredit($courseid, $userid=0, $ignorestudentview=false) { } if (!$userid) { - return has_capability('moodle/legacy:edittingteacher', $context->id); + return has_capability('moodle/legacy:edittingteacher', $context); } else { - return has_capability('moodle/legacy:edittingteacher', $context->id, false, $userid); + return has_capability('moodle/legacy:edittingteacher', $context, false, $userid); } } @@ -2172,9 +2171,9 @@ function iscreator ($userid=0) { } if (!$userid) { - return has_capability('moodle/legacy:coursecreator', $context->id); + return has_capability('moodle/legacy:coursecreator', $context); } else { - return has_capability('moodle/legacy:coursecreator', $context->id, false, $userid); + return has_capability('moodle/legacy:coursecreator', $context, false, $userid); } } @@ -2216,9 +2215,9 @@ function isstudent($courseid, $userid=0) { } if (!$userid) { - return has_capability('moodle/legacy:student', $context->id); + return has_capability('moodle/legacy:student', $context); } else { - return has_capability('moodle/legacy:student', $context->id, false, $userid); + return has_capability('moodle/legacy:student', $context, false, $userid); } } diff --git a/mod/assignment/lib.php b/mod/assignment/lib.php index bb86767887..c17ce77dc9 100644 --- a/mod/assignment/lib.php +++ b/mod/assignment/lib.php @@ -108,7 +108,7 @@ class assignment_base { function view() { $context = get_context_instance(CONTEXT_MODULE,$this->cm->id); - has_capability('mod/assignment:view', $context->id, true); + require_capability('mod/assignment:view', $context); add_to_log($this->course->id, "assignment", "view", "view.php?id={$this->cm->id}", $this->assignment->id, $this->cm->id); @@ -277,7 +277,7 @@ class assignment_base { $submitted = ''; $context = get_context_instance(CONTEXT_MODULE,$this->cm->id); - if (has_capability('mod/assignment:grade', $context->id) && (groupmode($this->course, $this->cm) == SEPARATEGROUPS)) { + if (has_capability('mod/assignment:grade', $context) && (groupmode($this->course, $this->cm) == SEPARATEGROUPS)) { // if this user can mark and is put in a group // then he can only see/mark submission in his own groups @@ -2358,7 +2358,7 @@ function assignment_print_overview($courses, &$htmlarray) { // if (isteacher($assignment->course)) { $context = get_context_instance(CONTEXT_MODULE,$this->cm->id); - if (has_capability('mod/assignment:grade', $context->id)) { + if (has_capability('mod/assignment:grade', $context)) { $submissions = count_records_sql("SELECT COUNT(*) FROM {$CFG->prefix}assignment_submissions a, {$CFG->prefix}user_students s, diff --git a/mod/assignment/type/online/assignment.class.php b/mod/assignment/type/online/assignment.class.php index a84eaf4132..d2a9a25d6a 100644 --- a/mod/assignment/type/online/assignment.class.php +++ b/mod/assignment/type/online/assignment.class.php @@ -15,7 +15,7 @@ class assignment_online extends assignment_base { global $USER; $context = get_context_instance(CONTEXT_MODULE,$this->cm->id); - has_capability('mod/assignment:view', $context->id, true); + require_capability('mod/assignment:view', $context); $submission = $this->get_submission(); @@ -59,7 +59,7 @@ class assignment_online extends assignment_base { notify(get_string('submissionsaved', 'assignment')); } - if (has_capability('mod/assignment:submit', $context->id)) { + if (has_capability('mod/assignment:submit', $context)) { print_simple_box_start('center', '70%', '', '', 'generalbox', 'online'); if ($editmode) { $this->view_edit_form($submission); diff --git a/mod/assignment/type/uploadsingle/assignment.class.php b/mod/assignment/type/uploadsingle/assignment.class.php index 7d076cd383..dfbbb261a5 100644 --- a/mod/assignment/type/uploadsingle/assignment.class.php +++ b/mod/assignment/type/uploadsingle/assignment.class.php @@ -49,7 +49,7 @@ class assignment_uploadsingle extends assignment_base { global $USER; $context = get_context_instance(CONTEXT_MODULE,$this->cm->id); - has_capability('mod/assignment:view', $context->id, true); + require_capability('mod/assignment:view', $context); add_to_log($this->course->id, "assignment", "view", "view.php?id={$this->cm->id}", $this->assignment->id, $this->cm->id); @@ -69,7 +69,7 @@ class assignment_uploadsingle extends assignment_base { } } - if (has_capability('mod/assignment:submit', $context->id) && $this->isopen() && (!$filecount || $this->assignment->resubmit || !$submission->timemarked)) { + if (has_capability('mod/assignment:submit', $context) && $this->isopen() && (!$filecount || $this->assignment->resubmit || !$submission->timemarked)) { $this->view_upload_form(); } diff --git a/mod/chat/gui_header_js/index.php b/mod/chat/gui_header_js/index.php index 6c35be3ee2..632940a7e7 100644 --- a/mod/chat/gui_header_js/index.php +++ b/mod/chat/gui_header_js/index.php @@ -22,12 +22,8 @@ require_login($course->id, false, $cm); - has_capability('mod/chat:chat',$context->id, true); - /* - if (isguest()) { - error('Guest does not have access to chat rooms'); - } - */ + require_capability('mod/chat:chat',$context); + if (!$cm->visible and !isteacher($course->id)) { print_header(); notice(get_string("activityiscurrentlyhidden")); diff --git a/mod/chat/lib.php b/mod/chat/lib.php index 0052d558e5..c98b83e305 100644 --- a/mod/chat/lib.php +++ b/mod/chat/lib.php @@ -210,7 +210,7 @@ function chat_print_recent_activity($course, $isteacher, $timestart) { $context = get_context_instance(CONTEXT_MODULE, $cm->id); // needs to be fixed - if (!(has_capability('mod/chat:readlog', $context->id) or instance_is_visible('chat', $chat))) { // Chat hidden to students + if (!(has_capability('mod/chat:readlog', $context) or instance_is_visible('chat', $chat))) { // Chat hidden to students //if (!($isteacher or instance_is_visible('chat', $chat))) { // Chat hidden to students continue; } diff --git a/mod/chat/report.php b/mod/chat/report.php index 8f9ec6a370..02faa08c1c 100644 --- a/mod/chat/report.php +++ b/mod/chat/report.php @@ -24,13 +24,7 @@ $context = get_context_instance(CONTEXT_MODULE, $cm->id); require_login($course->id, false, $cm); - $isteacher = isteacher($course->id); - $isteacheredit = isteacheredit($course->id); - - //if (isguest() or (!$isteacher and !$chat->studentlogs)) { - //error('You can not view these chat reports'); - //} - has_capability('mod/chat:readlog', $context->id, true); // if can't even read, kill + require_capability('mod/chat:readlog', $context); add_to_log($course->id, 'chat', 'report', "report.php?id=$cm->id", $chat->id, $cm->id); @@ -64,8 +58,7 @@ $groupselect = ""; } - //if ($deletesession and $isteacheredit) { - if ($deletesession and has_capability('mod/chat:deletelog', $context->id)) { + if ($deletesession and has_capability('mod/chat:deletelog', $context)) { notice_yesno(get_string('deletesessionsure', 'chat'), "report.php?id=$cm->id&deletesession=1&confirmdelete=1&start=$start&end=$end&sesskey=$USER->sesskey", "report.php?id=$cm->id"); @@ -89,8 +82,7 @@ print_simple_box_end('center'); } - if (!$deletesession or !has_capability('mod/chat:deletelog', $context->id)) { - //if (!$deletesession or !$isteacheredit) { + if (!$deletesession or !has_capability('mod/chat:deletelog', $context)) { print_continue("report.php?id=$cm->id"); } @@ -124,8 +116,7 @@ /// Delete a session if one has been specified - if ($deletesession and has_capability('mod/chat:deletelog', $context->id) and $confirmdelete and $start and $end and confirm_sesskey()) { - //if ($deletesession and $isteacheredit and $confirmdelete and $start and $end and confirm_sesskey()) { + if ($deletesession and has_capability('mod/chat:deletelog', $context) and $confirmdelete and $start and $end and confirm_sesskey()) { delete_records_select('chat_messages', "chatid = $chat->id AND timestamp >= '$start' AND timestamp <= '$end' $groupselect"); @@ -186,15 +177,14 @@ foreach ($sessionusers as $sessionuser => $usermessagecount) { if ($user = get_record('user', 'id', $sessionuser)) { print_user_picture($user->id, $course->id, $user->picture); - echo ' '.fullname($user, $isteacher); // need to fix this + echo ' '.fullname($user, true); // XXX TODO use capability instead of true echo " ($usermessagecount)
"; } } echo '

'; echo "id&start=$sessionstart&end=$sessionend\">$strseesession"; - //if ($isteacheredit) - if (has_capability('mod/chat:deletelog', $context->id)) { + if (has_capability('mod/chat:deletelog', $context)) { echo "
id&start=$sessionstart&end=$sessionend&deletesession=1\">$strdeletesession"; } echo '

'; diff --git a/mod/chat/view.php b/mod/chat/view.php index 5d96bd9543..d50ad4ced5 100644 --- a/mod/chat/view.php +++ b/mod/chat/view.php @@ -76,8 +76,7 @@ echo ''; - if ($chat->studentlogs or has_capability('mod/chat:readlog',$context->id)) { - //if (($chat->studentlogs or isteacher($course->id)) and !isguest()) { + if ($chat->studentlogs or has_capability('mod/chat:readlog',$context)) { echo '
'; echo "id\">". get_string('viewreport', 'chat').''; @@ -103,14 +102,13 @@ /// Print the main part of the page - //if (!isguest()) { - if (has_capability('mod/chat:chat',$context->id, true)) { + if (has_capability('mod/chat:chat',$context)) { print_simple_box_start('center'); link_to_popup_window ("/mod/chat/gui_$CFG->chat_method/index.php?id=$chat->id$groupparam", "chat$course->id$chat->id$groupparam", "$strenterchat", 500, 700, get_string('modulename', 'chat')); print_simple_box_end(); } else { -/* +/* XXX TODO $wwwroot = $CFG->wwwroot.'/login/index.php'; if (!empty($CFG->loginhttps)) { $wwwroot = str_replace('http:','https:', $wwwroot); diff --git a/mod/choice/lib.php b/mod/choice/lib.php index 4ed0247baa..2164e63038 100644 --- a/mod/choice/lib.php +++ b/mod/choice/lib.php @@ -158,7 +158,7 @@ $cdisplay = array(); $context = get_context_instance(CONTEXT_MODULE, $cm->id); if (!empty($countanswers)) { foreach ($countanswers as $ca) { //only return enrolled users. - if (has_capability('mod/choice:choose', $context->id)) { + if (has_capability('mod/choice:choose', $context)) { //if (isstudent($cm->course, $ca->userid) or isteacher($cm->course, $ca->userid)) { $countans = $countans+1; } @@ -261,7 +261,7 @@ $current = get_record('choice_answers', 'choiceid', $choice->id, 'userid', $user if ($countanswers) { $countans = 0; foreach ($countanswers as $ca) { //only return enrolled users. - if (has_capability('mod/choice:choose', $context->id)) { + if (has_capability('mod/choice:choose', $context)) { //if (isstudent($courseid, $ca->userid) or isteacher($courseid, $ca->userid)) { $countans = $countans+1; } @@ -307,7 +307,7 @@ function choice_show_reportlink($choice, $courseid, $cmid) { if ( $allanswers = get_records("choice_answers", "choiceid", $choice->id)) { $responsecount = 0; foreach ($allanswers as $aa) { - if (has_capability('mod/choice:readresponses', $context->id)) { + if (has_capability('mod/choice:readresponses', $context)) { //if (isstudent($courseid, $aa->userid) or isteacher($courseid, $aa->userid)) { //check to make sure user is enrolled in course. $responsecount++; } @@ -383,7 +383,7 @@ function choice_show_results($choice, $course, $cm, $forcepublish='') { //$isteacher = isteacher($course->id); $tablewidth = (int) (100.0 / count($useranswer)); - if (has_capability('mod/choice:readresponses', $context->id)) { + if (has_capability('mod/choice:readresponses', $context)) { //if (isteacher($course->id, $USER->id)) { echo '
'; echo ''; @@ -470,7 +470,7 @@ function choice_show_results($choice, $course, $cm, $forcepublish='') { } /// Print "Select all" etc. - if (has_capability('mod/choice:readresponses', $context->id)) { + if (has_capability('mod/choice:readresponses', $context)) { //if (isteacher($course->id, $USER->id)) { echo '

'; echo ''; @@ -489,7 +489,7 @@ function choice_show_results($choice, $course, $cm, $forcepublish='') { echo ""; //if (isteacher($course->id, $USER->id)) { - if (has_capability('mod/choice:readresponses', $context->id)) { + if (has_capability('mod/choice:readresponses', $context)) { echo "

"; } break; diff --git a/mod/choice/report.php b/mod/choice/report.php index bb56faa63f..547825e5f9 100644 --- a/mod/choice/report.php +++ b/mod/choice/report.php @@ -20,7 +20,7 @@ $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/choice:readresponses', $context->id, true); + require_capability('mod/choice:readresponses', $context); //if (!isteacher($course->id)) { // error("Only teachers can look at this page"); @@ -36,8 +36,7 @@ add_to_log($course->id, "choice", "report", "report.php?id=$cm->id", "$choice->id",$cm->id); - if ($action == 'delete' && has_capability('mod/choice:deleteresponses',$context->id, true)) { - //if ($action == 'delete') { //some responses need to be deleted + if ($action == 'delete' && has_capability('mod/choice:deleteresponses',$context)) { $attemptids = isset($_POST['attemptid']) ? $_POST['attemptid'] : array(); //get array of repsonses to delete. choice_delete_responses($attemptids); //delete responses. redirect("report.php?id=$cm->id"); @@ -86,8 +85,7 @@ ksort($useranswer); //print spreadsheet if one is asked for: - //if ($download == "xls") { - if ($download == "xls" && has_capability('mod/choice:downloadresponses', $context->id, true)) { + if ($download == "xls" && has_capability('mod/choice:downloadresponses', $context)) { require_once("$CFG->libdir/excellib.class.php"); /// Calculate file name @@ -144,50 +142,51 @@ exit; } // print text file - //if ($download == "txt") { - if ($download == "txt" && has_capability('mod/choice:downloadresponses', $context->id, true)) { + if ($download == "txt" && has_capability('mod/choice:downloadresponses', $context)) { $filename = clean_filename("$course->shortname ".strip_tags(format_string($choice->name,true))).'.txt'; - - header("Content-Type: application/download\n"); - header("Content-Disposition: attachment; filename=\"$filename\""); - header("Expires: 0"); - header("Cache-Control: must-revalidate,post-check=0,pre-check=0"); - header("Pragma: public"); - - /// Print names of all the fields + + header("Content-Type: application/download\n"); + header("Content-Disposition: attachment; filename=\"$filename\""); + header("Expires: 0"); + header("Cache-Control: must-revalidate,post-check=0,pre-check=0"); + header("Pragma: public"); + + /// Print names of all the fields echo get_string("firstname")."\t".get_string("lastname") . "\t". get_string("idnumber") . "\t"; echo get_string("group"). "\t"; echo get_string("choice","choice"). "\n"; - - /// generate the data for the body of the spreadsheet - $i=0; - $row=1; - if ($users) foreach ($users as $user) { - if (!empty($answers[$user->id]) && !($answers[$user->id]->optionid==0 && isadmin($user->id)) && - (!($answers[$user->id]->optionid==0 && isteacher($course->id, $user->id) && !(isteacheredit($course->id, $user->id)) ) ) && - !($choice->showunanswered==0 && $answers[$user->id]->optionid==0) ) { //make sure admins and hidden teachers are not shown in not answered yet column, and not answered only shown if set in config page. - - echo $user->lastname; - echo "\t".$user->firstname; - $studentid = " "; - if (!empty($user->idnumber)) { - $studentid = $user->idnumber; - } - echo "\t". $studentid."\t"; - $ug2 = ''; - if ($usergrps = user_group($course->id, $user->id)) { - foreach ($usergrps as $ug) { - $ug2 = $ug2. $ug->name; - } - } - echo $ug2. "\t"; - echo format_string(choice_get_option_text($choice, $answers[$user->id]->optionid),true). "\n"; - } - $row++; - } - exit; -} + + /// generate the data for the body of the spreadsheet + $i=0; + $row=1; + if ($users) foreach ($users as $user) { + if (!empty($answers[$user->id]) && !($answers[$user->id]->optionid==0 && isadmin($user->id)) && + (!($answers[$user->id]->optionid==0 && isteacher($course->id, $user->id) && !(isteacheredit($course->id, $user->id)) ) ) && + !($choice->showunanswered==0 && $answers[$user->id]->optionid==0) ) { //make sure admins and hidden teachers are not shown in not answered yet column, and not answered only shown if set in config page. + + echo $user->lastname; + echo "\t".$user->firstname; + $studentid = " "; + if (!empty($user->idnumber)) { + $studentid = $user->idnumber; + } + echo "\t". $studentid."\t"; + $ug2 = ''; + if ($usergrps = user_group($course->id, $user->id)) { + foreach ($usergrps as $ug) { + $ug2 = $ug2. $ug->name; + } + } + echo $ug2. "\t"; + echo format_string(choice_get_option_text($choice, $answers[$user->id]->optionid),true). "\n"; + } + $row++; + } + exit; + } + + choice_show_results($choice, $course, $cm, $format); //show table with students responses. //now give links for downloading spreadsheets. diff --git a/mod/choice/view.php b/mod/choice/view.php index fa6849ab40..87a1977bcb 100644 --- a/mod/choice/view.php +++ b/mod/choice/view.php @@ -18,7 +18,7 @@ require_course_login($course, false, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/choice:choose', $context->id, true); + require_capability('mod/choice:choose', $context); if (!$choice = choice_get_choice($cm->instance)) { error("Course module is incorrect"); @@ -33,8 +33,7 @@ if ($form = data_submitted()) { $timenow = time(); - if (has_capability('mod/choice:deleteresponses', $context->id)) { - //if (isteacher($course->id, $USER->id)) { + if (has_capability('mod/choice:deleteresponses', $context)) { if ($action == 'delete') { //some responses need to be deleted choice_delete_responses($attemptids); //delete responses. redirect("view.php?id=$cm->id"); @@ -59,8 +58,7 @@ "id\">$strchoices -> ".format_string($choice->name), "", "", true, update_module_button($cm->id, $course->id, $strchoice), navmenu($course, $cm)); - if (has_capability('mod/choice:readresponses', $context->id)) { - //if (isteacher($course->id)) { + if (has_capability('mod/choice:readresponses', $context)) { choice_show_reportlink($choice, $course->id, $cm->id); } else if (!$cm->visible) { notice(get_string("activityiscurrentlyhidden")); diff --git a/mod/data/comment.php b/mod/data/comment.php index 34a883759d..eafcf2e2e5 100755 --- a/mod/data/comment.php +++ b/mod/data/comment.php @@ -37,7 +37,7 @@ if ($comment->recordid != $record->id) { error('Comment ID is misconfigured'); } - if (!has_capability('mod/data:managecomments', $context->id) && $comment->userid != $USER->id) { + if (!has_capability('mod/data:managecomments', $context) && $comment->userid != $USER->id) { error('Comment is not yours to edit!'); } } diff --git a/mod/data/field.php b/mod/data/field.php index b129a749a2..7490b25f8f 100755 --- a/mod/data/field.php +++ b/mod/data/field.php @@ -66,7 +66,7 @@ require_course_login($course, true, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/data:managetemplates', $context->id, true); + require_capability('mod/data:managetemplates', $context); if (!isteacheredit($course->id)){ diff --git a/mod/data/import.php b/mod/data/import.php index 2c7e922fa7..a82ca3c356 100755 --- a/mod/data/import.php +++ b/mod/data/import.php @@ -58,9 +58,9 @@ } $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/data:uploadentries', $context->id, true); + require_capability('mod/data:uploadentries', $context); - if (has_capability('mod/data:managetemplates', $context->id)) { + if (has_capability('mod/data:managetemplates', $context)) { if (!count_records('data_fields','dataid',$data->id)) { // Brand new database! redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry } diff --git a/mod/data/lib.php b/mod/data/lib.php index b0b827a94e..49d8836936 100755 --- a/mod/data/lib.php +++ b/mod/data/lib.php @@ -556,7 +556,7 @@ function data_add_record($data, $groupid=0){ $record->dataid = $data->id; $record->groupid = $groupid; $record->timecreated = $record->timemodified = time(); - if (has_capability('mod/data:approve', $context->id)) { + if (has_capability('mod/data:approve', $context)) { //if (isteacher($data->course)) { $record->approved = 1; } else { @@ -879,7 +879,7 @@ function data_print_template($template, $records, $data, $search='',$page=0, $re /// Replacing special tags (##Edit##, ##Delete##, ##More##) $patterns[]='/\#\#Edit\#\#/i'; $patterns[]='/\#\#Delete\#\#/i'; - if (has_capability('mod/data:manageentries', $context->id) or data_isowner($record->id)) { + if (has_capability('mod/data:manageentries', $context) or data_isowner($record->id)) { $replacement[] = ''.get_string('edit').''; $replacement[] = ''.fullname($record).''; $patterns[]='/\#\#Approve\#\#/i'; - if (has_capability('mod/data:approve', $context->id) && ($data->approval) && (!$record->approved)){ + if (has_capability('mod/data:approve', $context) && ($data->approval) && (!$record->approved)){ $replacement[] = ''.get_string('approve').''; } else { $replacement[] = ''; @@ -998,15 +998,15 @@ function data_print_ratings($data, $record) { if ($data->ratings and !empty($USER->id)) { if ($ratings->scale = make_grades_menu($data->scale)) { $ratings->assesspublic = $data->assesspublic; - $ratings->allow = ($data->assessed != 2 or has_capability('mod/data:rate', $context->id)); + $ratings->allow = ($data->assessed != 2 or has_capability('mod/data:rate', $context)); if ($ratings->allow) { echo '
'; echo '
'; $useratings = true; if ($useratings) { - if ((has_capability('mod/data:rate', $context->id) or $ratings->assesspublic) and !data_isowner($record->id)) { - data_print_ratings_mean($record->id, $ratings->scale, has_capability('mod/data:rate', $context->id)); + if ((has_capability('mod/data:rate', $context) or $ratings->assesspublic) and !data_isowner($record->id)) { + data_print_ratings_mean($record->id, $ratings->scale, has_capability('mod/data:rate', $context)); if (!empty($ratings->allow)) { echo ' '; data_print_rating_menu($record->id, $USER->id, $ratings->scale); @@ -1205,7 +1205,7 @@ function data_print_comment($data, $comment, $page=0) { /// Commands echo '
'; - if (data_isowner($comment->recordid) or has_capability('mod/data:managecomments', $context->id)) { + if (data_isowner($comment->recordid) or has_capability('mod/data:managecomments', $context)) { echo ''.$stredit.''; echo '| '.$strdelete.''; } diff --git a/mod/data/tabs.php b/mod/data/tabs.php index 82e5e8c02c..ba57d4cb1c 100755 --- a/mod/data/tabs.php +++ b/mod/data/tabs.php @@ -45,11 +45,11 @@ //if (isloggedin() and !isguest()) { if (isloggedin()) { - if (has_capability('mod/data:writeentry', $context->id)) { // took out participation list here! + if (has_capability('mod/data:writeentry', $context)) { // took out participation list here! $addstring = empty($editentry) ? get_string('add', 'data') : get_string('editentry', 'data'); $row[] = new tabobject('add', $CFG->wwwroot.'/mod/data/edit.php?d='.$data->id, $addstring, '', true); } - if (has_capability('mod/data:managetemplates', $context->id)) { + if (has_capability('mod/data:managetemplates', $context)) { if ($currenttab == 'list') { $defaultemplate = 'listtemplate'; } else if ($currenttab == 'add') { diff --git a/mod/data/templates.php b/mod/data/templates.php index 4931b7e1a3..dd32238e0c 100755 --- a/mod/data/templates.php +++ b/mod/data/templates.php @@ -57,19 +57,13 @@ require_course_login($course, true, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/data:managetemplates', $context->id, true); -/* - if (!isteacheredit($course->id)){ - error(get_string('noaccess','data')); - } - - if (isteacher($course->id)) { - if (!count_records('data_fields','dataid',$data->id)) { // Brand new database! - redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry - } + require_capability('mod/data:managetemplates', $context); + + if (!count_records('data_fields','dataid',$data->id)) { // Brand new database! + redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry } -*/ - //add_to_log($course->id, 'data', 'templates view', "templates.php?id=$cm->id&d=$data->id", $data->id, $cm->id); + + add_to_log($course->id, 'data', 'templates view', "templates.php?id=$cm->id&d=$data->id", $data->id, $cm->id); /// Print the page header diff --git a/mod/data/view.php b/mod/data/view.php index 10dd24cf26..f20975df02 100755 --- a/mod/data/view.php +++ b/mod/data/view.php @@ -84,10 +84,10 @@ require_course_login($course, true, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/data:readentry', $context->id, true); + require_capability('mod/data:readentry', $context); /// If it's hidden then it's don't show anything. :) - if (empty($cm->visible) and !has_capability('mod/data:managetemplates', $context->id)) { + if (empty($cm->visible) and !has_capability('mod/data:managetemplates', $context)) { $strdatabases = get_string("modulenameplural", "data"); $navigation = "id\">$strdatabases ->"; print_header_simple(format_string($data->name), "", @@ -96,7 +96,7 @@ } /// If we have an empty Database then redirect because this page is useless without data - if (has_capability('mod/data:managetemplates', $context->id)) { + if (has_capability('mod/data:managetemplates', $context)) { if (!record_exists('data_fields','dataid',$data->id)) { // Brand new database! redirect($CFG->wwwroot.'/mod/data/field.php?d='.$data->id); // Redirect to field entry } @@ -198,7 +198,7 @@ /// Delete any requested records - if ($delete && confirm_sesskey() && (has_capability('mod/data:manageentries', $context->id) or data_isowner($delete))) { + if ($delete && confirm_sesskey() && (has_capability('mod/data:manageentries', $context) or data_isowner($delete))) { if ($confirm = optional_param('confirm',0,PARAM_INT)) { if ($deleterecord = get_record('data_records', 'id', $delete)) { // Need to check this is valid if ($deleterecord->dataid == $data->id) { // Must be from this database @@ -249,7 +249,7 @@ /// Approve any requested records - if ($approve && confirm_sesskey() && has_capability('mod/data:approve', $context->id)) { + if ($approve && confirm_sesskey() && has_capability('mod/data:approve', $context)) { if ($approverecord = get_record('data_records', 'id', $approve)) { // Need to check this is valid if ($approverecord->dataid == $data->id) { // Must be from this database $newrecord->id = $approverecord->id; @@ -262,7 +262,7 @@ } // If not teacher, check whether user has sufficient records to view - if (!has_capability('mod/data:managetemplates', $context->id) and data_numentries($data) < $data->requiredentriestoview){ + if (!has_capability('mod/data:managetemplates', $context) and data_numentries($data) < $data->requiredentriestoview){ notify (($data->requiredentriestoview - data_numentries($data)).' '.get_string('insufficiententries','data')); echo ''; print_footer($course); @@ -272,7 +272,7 @@ /// We need to examine the whole dataset to produce the correct paging - if ((!has_capability('mod/data:managetemplates', $context->id)) && ($data->approval)) { + if ((!has_capability('mod/data:managetemplates', $context)) && ($data->approval)) { if (isloggedin()) { $approveselect = ' AND (r.approved=1 OR r.userid='.$USER->id.') '; } else { @@ -390,7 +390,7 @@ if (empty($records)) { // Nothing to show! if ($record) { // Something was requested so try to show that at least (bug 5132) - if (has_capability('mod/data:manageentries', $context->id) || empty($data->approval) || + if (has_capability('mod/data:manageentries', $context) || empty($data->approval) || $record->approved || (isloggedin() && $record->userid == $USER->id)) { if (!$currentgroup || $record->groupid == $currentgroup || $record->groupid == 0) { $records[] = $record; diff --git a/mod/exercise/assessments.php b/mod/exercise/assessments.php index 27fae00618..c6fcc604c6 100644 --- a/mod/exercise/assessments.php +++ b/mod/exercise/assessments.php @@ -73,7 +73,7 @@ /******************* admin amend Grading Grade ************************************/ if ($action == 'adminamendgradinggrade' ) { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } if (empty($aid)) { @@ -111,7 +111,7 @@ /******************* admin confirm delete ************************************/ elseif ($action == 'adminconfirmdelete' ) { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } if (empty($aid)) { @@ -127,7 +127,7 @@ /******************* admin delete ************************************/ elseif ($action == 'admindelete' ) { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } if (empty($aid)) { @@ -147,7 +147,7 @@ /*********************** admin list of asssessments (of a submission) (by teachers)**************/ elseif ($action == 'adminlist') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } @@ -163,7 +163,7 @@ /****************** admin list of asssessments by a student (used by teachers only )******************/ elseif ($action == 'adminlistbystudent') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } @@ -260,7 +260,7 @@ /****************** edit assessment elements (for teachers) ***********************/ elseif ($action == 'editelements') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } @@ -457,7 +457,7 @@ /****************** insert/update assignment elements (for teachers)***********************/ elseif ($action == 'insertelements') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } @@ -574,7 +574,7 @@ /****************** list assessments for grading (Student submissions)(by teachers)*********************/ elseif ($action == 'listungradedstudentsubmissions') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } exercise_list_ungraded_assessments($exercise, "student"); @@ -586,7 +586,7 @@ ******************Teacher's submissions) (by teachers)****/ elseif ($action == 'listungradedstudentassessments') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } exercise_list_ungraded_assessments($exercise, "teacher"); @@ -605,7 +605,7 @@ /******************* regrade student assessments ************************************/ elseif ($action == 'regradestudentassessments' ) { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } // get all the student assessments @@ -638,7 +638,7 @@ /****************** teacher assessment : grading of assessment and submission (from student) ************/ elseif ($action == 'teacherassessment') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } @@ -661,7 +661,7 @@ /****************** teacher table : show assessments by exercise and teacher ************/ elseif ($action == 'teachertable') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } @@ -852,7 +852,7 @@ } // is user allowed to resubmit? - if (has_capability('mod/exercise:assess', $context->id)) { + if (has_capability('mod/exercise:assess', $context)) { if (!$submission = get_record("exercise_submissions", "id", $assessment->submissionid)) { error ("Updateassessment: submission record not found"); } @@ -887,7 +887,7 @@ /****************** update teacher assessment (by teacher only) ***************************/ elseif ($action == 'updateteacherassessment') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } @@ -1100,7 +1100,7 @@ /****************** update grading grade(by teacher) ***************************/ elseif ($action == 'updategradinggrade') { - if (!has_capability('mod/exercise:assess', $context->id)) { + if (!has_capability('mod/exercise:assess', $context)) { error("Only teachers can look at this page"); } diff --git a/mod/exercise/view.php b/mod/exercise/view.php index e10dbbab92..e24c954b7a 100644 --- a/mod/exercise/view.php +++ b/mod/exercise/view.php @@ -310,8 +310,8 @@ /****************** submission of assignment by teacher only***********************/ elseif ($action == 'submitassignment') { - if (!has_capability('mod/exercise:assess', $context->id)) { - //error("Only teachers with editing permissions can do this."); + if (!has_capability('mod/exercise:assess', $context)) { + error("Only teachers with editing permissions can do this."); } exercise_print_assignment_info($exercise); diff --git a/mod/forum/discuss.php b/mod/forum/discuss.php index 0846ca1468..a08e5fa18f 100644 --- a/mod/forum/discuss.php +++ b/mod/forum/discuss.php @@ -29,7 +29,7 @@ error('Course Module ID was incorrect'); } $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); - $canviewdiscussion = has_capability('mod/forum:viewdiscussion', $modcontext->id); + $canviewdiscussion = has_capability('mod/forum:viewdiscussion', $modcontext); if ($forum->type == "news") { @@ -48,7 +48,7 @@ if (!empty($move)) { - if (has_capability('mod/forum:movediscussions', $modcontext->id)) { + if (has_capability('mod/forum:movediscussions', $modcontext)) { error("You do not have the permission to move this discussion!"); } if ($forum = get_record("forum", "id", $move)) { @@ -150,7 +150,7 @@ - if ($groupmode and !has_capability('moodle/site:accessallgroups', $modcontext->id)) { // Groups must be kept separate + if ($groupmode and !has_capability('moodle/site:accessallgroups', $modcontext)) { // Groups must be kept separate //change this to ismember $mygroupid = mygroupid($course->id); //only useful if 0, otherwise it's an array now if ($groupmode == SEPARATEGROUPS) { @@ -169,7 +169,7 @@ } else if ($groupmode == VISIBLEGROUPS) { $canreply = ( (empty($mygroupid) && $discussion->groupid == -1) || (ismember($discussion->groupid) || $mygroupid == $discussion->groupid) && - has_capability('mod/forum:replypost', $modcontext->id) ); + has_capability('mod/forum:replypost', $modcontext) ); } } @@ -179,7 +179,7 @@ echo '"; echo ""; foreach ($ratings as $rating) { - if (has_capability('mod/glossary:manageentries', $context->id)) { + if (has_capability('mod/glossary:manageentries', $context)) { echo ''; } else { echo ''; diff --git a/mod/glossary/tabs.html b/mod/glossary/tabs.html index 6ada25b189..e2383166de 100644 --- a/mod/glossary/tabs.html +++ b/mod/glossary/tabs.html @@ -17,16 +17,16 @@ $data[GLOSSARY_DATE_VIEW]->caption = get_string("dateview", "glossary"); $data[GLOSSARY_AUTHOR_VIEW]->caption = get_string("authorview","glossary"); - if (has_capability('mod/glossary:write', $context->id)) { + if (has_capability('mod/glossary:write', $context)) { $data[GLOSSARY_ADDENTRY_VIEW]->caption = get_string("addentry", "glossary"); $data[GLOSSARY_ADDENTRY_VIEW]->link = "edit.php?id=$cm->id"; } - if (has_capability('mod/glossary:import', $context->id)) { + if (has_capability('mod/glossary:import', $context)) { $data[GLOSSARY_IMPORT_VIEW]->caption = get_string("importentries", "glossary"); $data[GLOSSARY_IMPORT_VIEW]->link = "import.php?id=$cm->id"; } - if (has_capability('mod/glossary:export', $context->id)) { + if (has_capability('mod/glossary:export', $context)) { $data[GLOSSARY_EXPORT_VIEW]->caption = get_string("exportentries", "glossary"); $data[GLOSSARY_EXPORT_VIEW]->link = "export.php?id=$cm->id&mode=$mode&hook=$hook"; } @@ -39,7 +39,7 @@ $data[GLOSSARY_CATEGORY_VIEW]->link = "view.php?id=$id&mode=cat"; $data[GLOSSARY_AUTHOR_VIEW]->link = "view.php?id=$id&mode=author"; - if (has_capability('mod/glossary:approve', $context->id)) { + if (has_capability('mod/glossary:approve', $context)) { $data[GLOSSARY_APPROVAL_VIEW]->caption = get_string("waitingapproval", "glossary"); $data[GLOSSARY_APPROVAL_VIEW]->link = ""; diff --git a/mod/glossary/view.php b/mod/glossary/view.php index 71f27968e0..0034958f7a 100644 --- a/mod/glossary/view.php +++ b/mod/glossary/view.php @@ -45,7 +45,7 @@ } $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/glossary:view', $context->id, true); // kill the page if user can't even read + require_capability('mod/glossary:view', $context); // kill the page if user can't even read if ($CFG->forcelogin) { require_login(); @@ -323,7 +323,7 @@ $ratings->assesstimestart = $glossary->assesstimestart; $ratings->assesstimefinish = $glossary->assesstimefinish; } - if ($glossary->assessed == 2 and !has_capability('mod/glossary:rate', $context->id)) { + if ($glossary->assessed == 2 and !has_capability('mod/glossary:rate', $context)) { $ratings->allow = false; } else { $ratings->allow = true; diff --git a/mod/survey/report.php b/mod/survey/report.php index ace7e24678..69f717d914 100644 --- a/mod/survey/report.php +++ b/mod/survey/report.php @@ -22,7 +22,8 @@ require_login($course->id, false); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - //has_capability('mod/survey:readresponses', $context->id, true); + + require_capability('mod/survey:readresponses', $context); if (! $survey = get_record("survey", "id", $cm->instance)) { error("Survey ID was incorrect"); @@ -85,7 +86,7 @@ echo "    $strscales"; echo "    $strquestions"; echo "    $course->students"; - if (has_capability('mod/survey:download', $context->id)) { + if (has_capability('mod/survey:download', $context)) { echo "    $strdownload"; } if (empty($action)) { @@ -94,7 +95,7 @@ } else { echo "$strquestions"; echo "    $course->students"; - if (has_capability('mod/survey:download', $context->id)) { + if (has_capability('mod/survey:download', $context)) { echo "    $strdownload"; } if (empty($action)) { @@ -408,9 +409,10 @@ break; case "download": - has_capability('mod/survey:download', $context->id, true); print_heading($strdownload); + require_capability('mod/survey:download', $context); + echo '

'.get_string("downloadinfo", "survey").'

'; echo '
'; diff --git a/mod/survey/save.php b/mod/survey/save.php index 9f817c2ce6..c5a3885a92 100644 --- a/mod/survey/save.php +++ b/mod/survey/save.php @@ -23,7 +23,7 @@ require_login($course->id, false, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/survey:participate', $context->id, true); + require_capability('mod/survey:participate', $context); if (! $survey = get_record("survey", "id", $cm->instance)) { error("Survey ID was incorrect"); diff --git a/mod/survey/view.php b/mod/survey/view.php index 43d2633f35..cd0c93b58d 100644 --- a/mod/survey/view.php +++ b/mod/survey/view.php @@ -16,7 +16,8 @@ require_login($course->id, false, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - //has_capability('mod/survey:participate', $context->id, true); + + require_capability('mod/survey:participate', $context); if (! $survey = get_record("survey", "id", $cm->instance)) { error("Survey ID was incorrect"); @@ -42,13 +43,11 @@ $currentgroup = 0; } - //if (isteacheredit($course->id) or ($groupmode == VISIBLEGROUPS)) { - if (has_capability('mod/survey:readresponses', $context->id) or ($groupmode == VISIBLEGROUPS)) { + if (has_capability('mod/survey:readresponses', $context) or ($groupmode == VISIBLEGROUPS)) { $currentgroup = 0; } - if (isteacher($course->id)) { - //if (has_capability('mod/survey:readresponses', $context->id)) { + if (has_capability('mod/survey:readresponses', $context)) { $numusers = survey_count_responses($survey->id, $currentgroup); echo "
id\">". get_string("viewsurveyresponses", "survey", $numusers)."
"; diff --git a/user/edit.php b/user/edit.php index 613725607d..0b614639bf 100644 --- a/user/edit.php +++ b/user/edit.php @@ -76,12 +76,10 @@ // else we are editting one $dummyuser = get_record('user','id', $id); - if ($dummyuser->username == 'changeme') { - // check for add user - has_capability('moodle/user:create', $context->id, true); + if ($dummyuser->username == 'changeme') { // check for add user + require_capability('moodle/user:create', $context); } else { - if ($USER->id <> $usernew->id and !has_capability('moodle/user:update', $context->id)) { - // check for edit + if ($USER->id <> $usernew->id and !has_capability('moodle/user:update', $context)) { // check for edit print_error('onlyeditown'); } } diff --git a/user/index.php b/user/index.php index b40dc62e47..465f2d9ee8 100644 --- a/user/index.php +++ b/user/index.php @@ -29,7 +29,7 @@ require_login($course->id); $context = get_context_instance(CONTEXT_COURSE, $id); - //has_capability('moodle/course:viewparticipants', $context->id, true); + require_capability('moodle/course:viewparticipants', $context); if (!$course->category) { if (!$CFG->showsiteparticipantslist and !isteacher(SITEID)) { -- 2.39.5
'; - if ($groupmode == VISIBLEGROUPS or ($groupmode and has_capability('moodle/site:accessallgroups', $modcontext->id))) { + if ($groupmode == VISIBLEGROUPS or ($groupmode and has_capability('moodle/site:accessallgroups', $modcontext))) { if ($groups = get_records_menu('groups', 'courseid', $course->id, 'name ASC', 'id,name')) { print_group_menu($groups, $groupmode, $discussion->groupid, "view.php?id=$cm->id&group="); } @@ -189,7 +189,7 @@ forum_print_mode_form($discussion->id, $displaymode); echo ""; - if (has_capability('mod/forum:movediscussions', $modcontext->id)) { // Popup menu to move discussions to other forums + if (has_capability('mod/forum:movediscussions', $modcontext)) { // Popup menu to move discussions to other forums if ($forums = get_all_instances_in_course("forum", $course)) { if ($course->format == 'weeks') { $strsection = get_string("week"); @@ -223,7 +223,7 @@ notify(get_string('thisforumisthrottled','forum',$a)); } - if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext->id) && + if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext) && !forum_user_has_posted($forum->id,$discussion->id,$USER->id)) { notify(get_string('qandanotify','forum')); } @@ -233,9 +233,9 @@ } /// Print the actual discussion - $canrate = has_capability('mod/forum:rate', $modcontext->id); + $canrate = has_capability('mod/forum:rate', $modcontext); forum_print_discussion($course, $forum, $discussion, $post, $displaymode, $canreply, $canrate); print_footer($course); -?> \ No newline at end of file +?> diff --git a/mod/forum/index.php b/mod/forum/index.php index aa6a0834e7..c62d400577 100644 --- a/mod/forum/index.php +++ b/mod/forum/index.php @@ -93,7 +93,7 @@ $forum->visible = instance_is_visible("forum", $forum); $cm = get_coursemodule_from_instance("forum", $forum->id, $course->id); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!$forum->visible and !has_capability('moodle/course:viewhiddenactivities', $context->id)) { + if (!$forum->visible and !has_capability('moodle/course:viewhiddenactivities', $context)) { if (isset($forum->keyreference)) { unset($learningforums[$forum->keyreference]); } @@ -169,7 +169,7 @@ // this is potentially wrong logic. could possibly check for if user has the right to hmmm - if ($groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context->id)) { + if ($groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) { $count = count_records_select("forum_discussions", "forum = '$forum->id' AND (groupid = '$currentgroup' OR groupid = '-1')"); } else { $count = count_records("forum_discussions", "forum", "$forum->id"); @@ -177,7 +177,7 @@ if ($usetracking) { if (($forum->trackingtype == FORUM_TRACKING_ON) || !isset($untracked[$forum->id])) { - $groupid = ($groupmode==SEPARATEGROUPS && !has_capability('moodle/site:accessallgroups', $context->id)) ? $currentgroup : false; + $groupid = ($groupmode==SEPARATEGROUPS && !has_capability('moodle/site:accessallgroups', $context)) ? $currentgroup : false; $unread = forum_tp_count_forum_unread_posts($USER->id, $forum->id, $groupid); if ($unread > 0) { $unreadlink = ''.$unread.''; @@ -237,7 +237,7 @@ if (forum_is_forcesubscribed($forum->id)) { $sublink = $stryes; } else { - if ($groupmode and !has_capability('moodle/site:accessallgroups', $context->id) and !mygroupid($course->id)) { + if ($groupmode and !has_capability('moodle/site:accessallgroups', $context) and !mygroupid($course->id)) { $sublink = $strno; // Can't subscribe to a group forum (not in a group) $forumlink = format_string($forum->name,true); } else { @@ -319,7 +319,7 @@ $forum->visible = instance_is_visible("forum", $forum); $cm = get_coursemodule_from_instance("forum", $forum->id, $course->id); - if ($groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context->id)) { + if ($groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) { $count = count_records("forum_discussions", "forum", "$forum->id", "groupid", $currentgroup); } else { $count = count_records("forum_discussions", "forum", "$forum->id"); diff --git a/mod/forum/lib.php b/mod/forum/lib.php index 71880026e9..265d9d9db4 100644 --- a/mod/forum/lib.php +++ b/mod/forum/lib.php @@ -331,7 +331,7 @@ function forum_cron() { if ($groupmode) { // Look for a reason not to send this email if (!has_capability('moodle/site:accessallgroups', - $modcontext->id, false, $userto->id)) { + $modcontext, false, $userto->id)) { if (!empty($group->id)) { if (!ismember($group->id, $userto->id)) { continue; @@ -636,7 +636,7 @@ function forum_make_mail_text($course, $forum, $discussion, $post, $userfrom, $u error('Course Module ID was incorrect'); } $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); - $viewfullnames = has_capability('mod/site:viewfullnames', $modcontext->id); + $viewfullnames = has_capability('mod/site:viewfullnames', $modcontext); $by = New stdClass; $by->name = fullname($userfrom, $viewfullnames); @@ -1134,7 +1134,7 @@ function forum_search_posts($searchterms, $courseid, $page=0, $recordsperpage=50 $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); // Will need to fix this. // Take into account forum visibility. - if (has_capability('moodle/course:viewhiddenactivities', $coursecontext->id)) { + if (has_capability('moodle/course:viewhiddenactivities', $coursecontext)) { $onlyvisible = ''; $onlyvisibletable = ''; } else { @@ -1147,7 +1147,7 @@ function forum_search_posts($searchterms, $courseid, $page=0, $recordsperpage=50 } // Take into account user groups. - if (has_capability('moodle/site:accessallgroups', $modcontext->id)) { + if (has_capability('moodle/site:accessallgroups', $modcontext)) { $selectgroup = ''; $coursetable = ''; @@ -1459,7 +1459,7 @@ function forum_get_discussions($forum="0", $forumsort="d.timemodified DESC", } $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!has_capability('mod/forum:viewhiddentimedposts', $modcontext->id)) { + if (!has_capability('mod/forum:viewhiddentimedposts', $modcontext)) { $now = time(); $timelimit = " AND ((d.timestart = 0 OR d.timestart <= '$now') AND (d.timeend = 0 OR d.timeend > '$now')"; if (!empty($USER->id)) { @@ -1712,7 +1712,7 @@ function forum_make_mail_post(&$post, $user, $touser, $course, } $output .= '
'.format_string($post->subject).'
'; - $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $modcontext->id)); + $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $modcontext)); $by->name = ''.$fullname.''; $by->date = userdate($post->modified, '', $touser->timezone); $output .= '
'.get_string('bynameondate', 'forum', $by).'
'; @@ -2798,14 +2798,14 @@ function forum_user_can_post_discussion($forum, $currentgroup=false, $groupmode= } $context = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!has_capability('mod/forum:startdiscussion', $context->id)) { + if (!has_capability('mod/forum:startdiscussion', $context)) { return false; } if ($forum->type == "eachuser") { return (!forum_user_has_posted_discussion($forum->id, $USER->id)); } else if ($currentgroup) { - return (has_capability('moodle/site:accessallgroups', $context->id) + return (has_capability('moodle/site:accessallgroups', $context) or (ismember($currentgroup) and $forum->open == 2)); } else { //else it might be group 0 in visible mode @@ -2838,9 +2838,9 @@ function forum_user_can_post($forum, $user=NULL) { $context = get_context_instance(CONTEXT_MODULE, $cm->id); if (isset($user)) { - $canreply = has_capability('mod/forum:replypost', $context->id, false, $user->id); + $canreply = has_capability('mod/forum:replypost', $context, false, $user->id); } else { - $canreply = has_capability('mod/forum:replypost', $context->id, false); + $canreply = has_capability('mod/forum:replypost', $context, false); } return $canreply; @@ -2857,12 +2857,12 @@ function forum_user_can_view_post($post, $course, $cm, $forum, $discussion, $use } $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!has_capability('mod/forum:viewdiscussion', $modcontext->id)) { + if (!has_capability('mod/forum:viewdiscussion', $modcontext)) { return false; } $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); - if (!has_capability('moodle/course:view', $coursecontext->id)) { + if (!has_capability('moodle/course:view', $coursecontext)) { return false; } @@ -2870,7 +2870,7 @@ function forum_user_can_view_post($post, $course, $cm, $forum, $discussion, $use if ($discussion->groupid > 0) { if ($cm->groupmode == SEPARATEGROUPS) { return ismember($discussion->groupid) || - has_capability('moodle/site:accessallgroups', $modcontext->id); + has_capability('moodle/site:accessallgroups', $modcontext); } } return true; @@ -2942,7 +2942,7 @@ function forum_user_can_see_post($forum, $discussion, $post, $user=NULL) { $user = $USER; } - if (!has_capability('mod/forum:viewdiscussion', $context->id, false, $user->id)) { + if (!has_capability('mod/forum:viewdiscussion', $context, false, $user->id)) { return false; } @@ -2951,7 +2951,7 @@ function forum_user_can_see_post($forum, $discussion, $post, $user=NULL) { return (forum_user_has_posted($forum->id,$discussion->id,$user->id) || $firstpost->id == $post->id || - has_capability('mod/forum:viewqandawithoutposting', $context->id, false, $user->id)); + has_capability('mod/forum:viewqandawithoutposting', $context, false, $user->id)); } return true; } @@ -3009,7 +3009,7 @@ function forum_print_latest_discussions($course, $forum, $maxdiscussions=5, $dis } if (!$currentgroup and ($groupmode != SEPARATEGROUPS or - has_capability('moodle/site:accessallgroups', $context->id)) ) { + has_capability('moodle/site:accessallgroups', $context)) ) { $visiblegroups = -1; } else { $visiblegroups = $currentgroup; @@ -3334,7 +3334,7 @@ function forum_print_posts_threaded($parent, $courseid, $depth, $ratings, $reply error('Course Module ID was incorrect'); } $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); - $canviewfullnames = has_capability('mod/site:viewfullnames', $modcontext->id); + $canviewfullnames = has_capability('mod/site:viewfullnames', $modcontext); foreach ($posts as $post) { @@ -3454,7 +3454,7 @@ function forum_get_recent_mod_activity(&$activities, &$index, $sincetime, $cours foreach ($posts as $post) { $modcontext = get_context_instance(CONTEXT_MODULE, $post->cmid); - $canviewallgroups = has_capability('moodle/site:accessallgroups', $modcontext->id); + $canviewallgroups = has_capability('moodle/site:accessallgroups', $modcontext); if ($groupid and ($post->groupid != -1 and $groupid != $post->groupid and !$canviewallgroups)) { continue; @@ -4063,7 +4063,7 @@ function forum_check_throttling($forum) { error('Course Module ID was incorrect'); } $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id); - if(!has_capability('mod/forum:throttlingapplies', $modcontext->id)) { + if(!has_capability('mod/forum:throttlingapplies', $modcontext)) { return true; } diff --git a/mod/forum/post.html b/mod/forum/post.html index 6fbee8d79e..06d3d1e6ab 100644 --- a/mod/forum/post.html +++ b/mod/forum/post.html @@ -65,7 +65,7 @@ if (!isset($discussion->timeend)) { if (forum_is_forcesubscribed($forum->id)) { print_string("everyoneissubscribed", "forum"); } else if ($forum->forcesubscribe != FORUM_DISALLOWSUBSCRIBE || - has_capability('moodle/course:manageactivities', $coursecontext->id)){ + has_capability('moodle/course:manageactivities', $coursecontext)){ unset($options); if (forum_is_subscribed($USER->id, $post->forum)) { $options[0] = get_string("subscribestart", "forum"); @@ -109,7 +109,7 @@ if (!isset($discussion->timeend)) { id) + if (has_capability('moodle/course:manageactivities', $coursecontext) && empty($post->id)) { ?> diff --git a/mod/forum/post.php b/mod/forum/post.php index 283f10d602..487272b5f1 100644 --- a/mod/forum/post.php +++ b/mod/forum/post.php @@ -109,8 +109,8 @@ $realpost->userid = -1; } - if ( !(($realpost->userid == $USER->id && has_capability('mod/forum:replypost', $modcontext->id)) || - has_capability('mod/forum:editanypost', $modcontext->id)) ) { + if ( !(($realpost->userid == $USER->id && has_capability('mod/forum:replypost', $modcontext)) || + has_capability('mod/forum:editanypost', $modcontext)) ) { error("You can not update this post"); } @@ -302,7 +302,7 @@ } if ($cm = get_coursemodule_from_instance("forum", $forum->id, $course->id)) { - if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext->id)) { + if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext)) { error(get_string("activityiscurrentlyhidden")); } } @@ -351,7 +351,7 @@ error("Sorry, but you can not post in this discussion."); } } - if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext->id)) { + if (!$cm->visible and !has_capability('moodle/course:manageactivities', $coursecontext)) { error(get_string("activityiscurrentlyhidden")); } } @@ -380,7 +380,7 @@ error("Post ID was incorrect"); } if (($post->userid <> $USER->id) and - !has_capability('mod/forum:editanypost', $modcontext->id)) { + !has_capability('mod/forum:editanypost', $modcontext)) { error("You can't edit other people's posts!"); } if ($post->parent) { @@ -396,7 +396,7 @@ } if (!($forum->type == 'news' && !$post->parent && $discussion->timestart > time())) { if (((time() - $post->created) > $CFG->maxeditingtime) and - !has_capability('mod/forum:editanypost', $modcontext->id)) { + !has_capability('mod/forum:editanypost', $modcontext)) { error( get_string("maxtimehaspassed", "forum", format_time($CFG->maxeditingtime)) ); } } @@ -425,8 +425,8 @@ if (! $forum = get_record("forum", "id", $discussion->forum)) { error("The forum number was incorrect ($discussion->forum)"); } - if ( !(($post->userid == $USER->id && has_capability('mod/forum:deleteownpost', $modcontext->id)) - || has_capability('mod/forum:deleteanypost', $modcontext->id)) ) { + if ( !(($post->userid == $USER->id && has_capability('mod/forum:deleteownpost', $modcontext)) + || has_capability('mod/forum:deleteanypost', $modcontext)) ) { error("You can't delete this post!"); } if (!empty($forum->course)) { @@ -445,7 +445,7 @@ notice(get_string("couldnotdeleteratings", "forum"), forum_go_back_to("discuss.php?d=$post->discussion")); - } else if ($replycount && !has_capability('mod/forum:deleteanypost', $modcontext->id)) { + } else if ($replycount && !has_capability('mod/forum:deleteanypost', $modcontext)) { error(get_string("couldnotdeletereplies", "forum"), forum_go_back_to("discuss.php?d=$post->discussion")); @@ -466,7 +466,7 @@ redirect("view.php?f=$discussion->forum", get_string("deleteddiscussion", "forum"), 1); - } else if (forum_delete_post($post, has_capability('mod/forum:deleteanypost', $modcontext->id))) { + } else if (forum_delete_post($post, has_capability('mod/forum:deleteanypost', $modcontext))) { add_to_log($discussion->course, "forum", "delete post", "discuss.php?d=$post->discussion", "$post->id", $cm->id); @@ -484,7 +484,7 @@ forum_set_return(); if ($replycount) { - if (!has_capability('mof/forum:deleteanypost', $modcontext->id)) { + if (!has_capability('mof/forum:deleteanypost', $modcontext)) { error(get_string("couldnotdeletereplies", "forum"), forum_go_back_to("discuss.php?d=$post->discussion")); } @@ -526,7 +526,7 @@ if (!$forum = get_record("forum", "id", $discussion->forum)) { error("The forum number was incorrect ($discussion->forum)"); } - if (!has_capability('mod/forum:splitdiscussions', $modcontext->id)) { + if (!has_capability('mod/forum:splitdiscussions', $modcontext)) { error("You can't split discussions!"); } if (!$post->parent) { @@ -667,7 +667,7 @@ error("You cannot start a new discussion in this forum"); } - if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext->id) && + if ($forum->type == 'qanda' && !has_capability('mod/forum:viewqandawithoutposting', $modcontext) && !forum_user_has_posted($forum->id,$discussion->id,$USER->id)) { notify(get_string('qandanotify','forum')); } @@ -682,7 +682,7 @@ } else { $user_read_array = array(); } - if ($forum->type != 'qanda' || forum_user_can_see_discussion($forum, $discussion, $modcontext->id)) { + if ($forum->type != 'qanda' || forum_user_can_see_discussion($forum, $discussion, $modcontext)) { forum_print_posts_threaded($parent->id, $course->id, 0, false, false, $user_read_array, $discussion->forum); } } diff --git a/mod/forum/rate.php b/mod/forum/rate.php index 0bdf2c76d1..1fcf1058c1 100644 --- a/mod/forum/rate.php +++ b/mod/forum/rate.php @@ -16,7 +16,7 @@ $context = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!has_capability('mod/forum:ratepost', $context->id)) { + if (!has_capability('mod/forum:ratepost', $context)) { error('You do not have the permission to rate this post'); } @@ -82,4 +82,4 @@ error("This page was not accessed correctly"); } -?> \ No newline at end of file +?> diff --git a/mod/forum/report.php b/mod/forum/report.php index 64b03e177c..f889b55307 100644 --- a/mod/forum/report.php +++ b/mod/forum/report.php @@ -29,10 +29,10 @@ $context = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!has_capability('mod/forum:viewrating', $context->id)) { + if (!has_capability('mod/forum:viewrating', $context)) { error('You do not have the capability to view post ratings'); } - if (!has_capability('mod/forum:viewanyrating', $context->id) and $USER->id != $post->userid) { + if (!has_capability('mod/forum:viewanyrating', $context) and $USER->id != $post->userid) { error("You can only look at results for posts that you made"); } diff --git a/mod/forum/search.php b/mod/forum/search.php index 2ef75c58e0..fdf4ca2d59 100644 --- a/mod/forum/search.php +++ b/mod/forum/search.php @@ -375,7 +375,7 @@ function forum_menu_list($course) { if (!isset($forum->visible)) { $context = get_context_instance(CONTEXT_MODULE, $cm->id); if (!instance_is_visible("forum", $forum) && - !has_capability('moodle/course:viewhiddenactivities', $context->id)) { + !has_capability('moodle/course:viewhiddenactivities', $context)) { continue; } } @@ -391,4 +391,4 @@ function forum_menu_list($course) { return $menu; } -?> \ No newline at end of file +?> diff --git a/mod/forum/subscribe.php b/mod/forum/subscribe.php index d31219f87c..21439127a1 100644 --- a/mod/forum/subscribe.php +++ b/mod/forum/subscribe.php @@ -21,7 +21,7 @@ $context = get_context_instance(CONTEXT_MODULE, $cm->id); if (groupmode($course, $cm) and - !has_capability('moodle/site:accessallgroups', $context->id)) { + !has_capability('moodle/site:accessallgroups', $context)) { if (!mygroupid($course->id)) { error('Sorry, but you must be a group member to subscribe.'); } @@ -32,7 +32,7 @@ } if ($user) { - if (!has_capability('mod/forum:managesubscriptions', $context->id)) { + if (!has_capability('mod/forum:managesubscriptions', $context)) { error('You do not have the permission to subscribe/unsubscribe other people!'); } if (!$user = get_record("user", "id", $user)) { @@ -69,7 +69,7 @@ $returnto = forum_go_back_to("index.php?id=$course->id"); - if ($force and has_capability('mod/forum:managesubscriptions', $context->id)) { + if ($force and has_capability('mod/forum:managesubscriptions', $context)) { if (forum_is_forcesubscribed($forum->id)) { forum_forcesubscribe($forum->id, 0); redirect($returnto, get_string("everyonecanchoose", "forum"), 1); @@ -96,7 +96,7 @@ } else { // subscribe if ($forum->forcesubscribe == FORUM_DISALLOWSUBSCRIBE && - !has_capability('mod/forum:managesubscriptions', $context->id)) { + !has_capability('mod/forum:managesubscriptions', $context)) { error(get_string('disallowsubscribe'),$_SERVER["HTTP_REFERER"]); } if (forum_subscribe($user->id, $forum->id) ) { diff --git a/mod/forum/subscribers.php b/mod/forum/subscribers.php index cf09ec641c..d5de7fb8b3 100644 --- a/mod/forum/subscribers.php +++ b/mod/forum/subscribers.php @@ -23,7 +23,7 @@ $context = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!has_capability('mod/forum:viewsubscribers', $context->id)) { + if (!has_capability('mod/forum:viewsubscribers', $context)) { error('You do not have the permission to view forum subscribers'); } @@ -39,7 +39,7 @@ $navigation = "id\">$strforums -> id\">".format_string($forum->name,true)." -> $strsubscribers"; - if (has_capability('mod/forum:managesubscriptions', $context->id)) { + if (has_capability('mod/forum:managesubscriptions', $context)) { print_header_simple("$strsubscribers", "", "$navigation", "", "", true, forum_update_subscriptions_button($course->id, $id)); if ($edit != -1) { diff --git a/mod/forum/user.php b/mod/forum/user.php index b5a5ce6d4e..43c856fb37 100644 --- a/mod/forum/user.php +++ b/mod/forum/user.php @@ -99,7 +99,7 @@ } $context = get_context_instance(CONTEXT_SYSTEM, SITEID); - if ($course->id == SITEID && has_capability('moodle/site:config', $context->id)) { + if ($course->id == SITEID && has_capability('moodle/site:config', $context)) { $postcoursename = get_field('course', 'shortname', 'id', $forum->course); $fullsubject = ''.$postcoursename.' -> '. $fullsubject; } diff --git a/mod/forum/view.php b/mod/forum/view.php index 123b8b0a60..0519a30898 100644 --- a/mod/forum/view.php +++ b/mod/forum/view.php @@ -64,7 +64,7 @@ /// Check whether the should be able to view this forum. $context = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!has_capability('mod/forum:viewforum', $context->id)) { + if (!has_capability('mod/forum:viewforum', $context)) { error('You do not have the permission to view this forum'); } @@ -78,7 +78,7 @@ print_header_simple(format_string($forum->name), "", "$navigation ".format_string($forum->name), "", "", true, $buttontext, navmenu($course, $cm)); - if (empty($cm->visible) and !has_capability('moodle/course:manageactivities', $context->id)) { + if (empty($cm->visible) and !has_capability('moodle/course:manageactivities', $context)) { notice(get_string("activityiscurrentlyhidden")); } @@ -95,7 +95,7 @@ $currentgroup = get_and_set_current_group($course, $groupmode, $changegroup); if ($groupmode and ($currentgroup === false) and - !has_capability('moodle/site:accessallgroups', $context->id)) { + !has_capability('moodle/site:accessallgroups', $context)) { print_heading(get_string("notingroup", "forum")); print_footer($course); @@ -114,7 +114,7 @@ //now we need a menu for separategroups as well! if ($groupmode == VISIBLEGROUPS or ($groupmode and - has_capability('moodle/site:accessallgroups', $context->id))) { + has_capability('moodle/site:accessallgroups', $context))) { //the following query really needs to change if ($groups = get_records_menu("groups", "courseid", $course->id, "name ASC", "id,name")) { @@ -150,7 +150,7 @@ $strallowchoice = get_string('allowchoice', 'forum'); helpbutton("subscription", $streveryoneissubscribed, "forum"); echo ' '; - if (has_capability('moodle/course:manageactivities', $context->id)) { + if (has_capability('moodle/course:manageactivities', $context)) { echo "id&force=no\">$streveryoneissubscribed"; } else { echo $streveryoneissubscribed; @@ -168,7 +168,7 @@ helpbutton("subscription", $streveryonecanchoose, "forum"); echo ' '; - if (has_capability('moodle/course:manageactivities', $context->id)) { + if (has_capability('moodle/course:manageactivities', $context)) { echo "id&force=yes\">$streveryonecanchoose"; echo "
"; echo "id\">$strshowsubscribers"; @@ -230,7 +230,7 @@ notify(get_string('thisforumisthrottled','forum',$a)); } - if ($forum->type == 'qanda' && !has_capability('moodle/course:manageactivities', $context->id)) { + if ($forum->type == 'qanda' && !has_capability('moodle/course:manageactivities', $context)) { notify(get_string('qandanotify','forum')); } @@ -253,7 +253,7 @@ set_user_preference("forum_displaymode", $mode); } $displaymode = get_user_preferences("forum_displaymode", $CFG->forum_displaymode); - $canrate = has_capability('mod/forum:rate', $context->id); + $canrate = has_capability('mod/forum:rate', $context); forum_print_discussion($course, $forum, $discussion, $post, $displaymode, NULL, $canrate); break; diff --git a/mod/glossary/approve.php b/mod/glossary/approve.php index 364886f796..d95e0868d7 100644 --- a/mod/glossary/approve.php +++ b/mod/glossary/approve.php @@ -24,7 +24,7 @@ require_login($course->id, false, $cm); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/glossary:approve', $context->id, true); + require_capability('mod/glossary:approve', $context); $newentry->id = $eid; $newentry->approved = 1; diff --git a/mod/glossary/comment.php b/mod/glossary/comment.php index 365f65820d..bc9f098318 100644 --- a/mod/glossary/comment.php +++ b/mod/glossary/comment.php @@ -74,10 +74,10 @@ /// Input section if ( $action == 'delete' ) { - if (($comment->userid <> $USER->id) and !has_capability('mod/glossary:managecomments', $context->id)) { + if (($comment->userid <> $USER->id) and !has_capability('mod/glossary:managecomments', $context)) { error('You can\'t delete other people\'s comments!'); } - if (!$glossary->allowcomments && !has_capability('mod/glossary:managecomments', $context->id)) { + if (!$glossary->allowcomments && !has_capability('mod/glossary:managecomments', $context)) { error('You can\'t delete comments in this glossary!'); } if ( $confirm ) { @@ -113,7 +113,7 @@ print_simple_box_end(); } } else { - if (!$glossary->allowcomments && !has_capability('mod/glossary:comment', $context->id)) { + if (!$glossary->allowcomments && !has_capability('mod/glossary:comment', $context)) { error('You can\'t add/edit comments to this glossary!'); } if ( $action == 'edit' ) { @@ -123,7 +123,7 @@ $timetocheck = $comment->timemodified; } $ineditperiod = ((time() - $timetocheck < $CFG->maxeditingtime) || $glossary->editalways); - if ( (!$ineditperiod || $USER->id != $comment->userid) and !has_capability('mod/glossary:comment', $context->id) and $cid) { + if ( (!$ineditperiod || $USER->id != $comment->userid) and !has_capability('mod/glossary:comment', $context) and $cid) { if ( $USER->id != $comment->userid ) { error('You can\'t edit other people\'s comments!'); } elseif (!$ineditperiod) { diff --git a/mod/glossary/comments.php b/mod/glossary/comments.php index 176fced3bf..cdb31450fb 100644 --- a/mod/glossary/comments.php +++ b/mod/glossary/comments.php @@ -57,7 +57,7 @@ print_heading(format_string(get_string('commentson','glossary')." \"$entry->concept\"")); - if ($glossary->allowcomments || has_capability('mod/glossary:managecomments', $context->id)) { + if ($glossary->allowcomments || has_capability('mod/glossary:managecomments', $context)) { print_heading("id&eid=$entry->id\">$straddcomment \"\""); } diff --git a/mod/glossary/deleteentry.php b/mod/glossary/deleteentry.php index b66d84168b..d624f936ff 100644 --- a/mod/glossary/deleteentry.php +++ b/mod/glossary/deleteentry.php @@ -39,7 +39,7 @@ error("Glossary is incorrect"); } - if (!has_capability('mod/glossary:manageentries', $context->id) ) { + if (!has_capability('mod/glossary:manageentries', $context) ) { error("You are not allowed to edit or delete entries"); } diff --git a/mod/glossary/edit.php b/mod/glossary/edit.php index 5e07395456..69a82219df 100644 --- a/mod/glossary/edit.php +++ b/mod/glossary/edit.php @@ -38,7 +38,7 @@ if ($CFG->dbtype == 'postgres7' ) { $lcase = 'lcase'; } -if (!$glossary->studentcanpost && !has_capability('mod/glossary:manageentries', $context->id)) { +if (!$glossary->studentcanpost && !has_capability('mod/glossary:manageentries', $context)) { error("You can't add/edit entries to this glossary!"); } if ( $confirm ) { @@ -67,7 +67,7 @@ if ( $confirm ) { $newentry->timemodified = $timenow; $newentry->approved = 0; $newentry->aliases = ""; - if ( $glossary->defaultapproval or has_capability('mod/glossary:approve', $context->id) ) { + if ( $glossary->defaultapproval or has_capability('mod/glossary:approve', $context) ) { $newentry->approved = 1; } @@ -121,7 +121,7 @@ if ( $confirm ) { //Perhaps too much security? Anyway thanks to skodak (Bug 1823) $old = get_record('glossary_entries', 'id', $e); $ineditperiod = ((time() - $old->timecreated < $CFG->maxeditingtime) || $glossary->editalways); - if ( (!$ineditperiod || $USER->id != $old->userid) and !has_capability('mod/glossary:manageentries', $context->id) and $e) { + if ( (!$ineditperiod || $USER->id != $old->userid) and !has_capability('mod/glossary:manageentries', $context) and $e) { if ( $USER->id != $old->userid ) { error("You can't edit other people's entries!"); } elseif (!$ineditperiod) { @@ -170,7 +170,7 @@ if ( $confirm ) { $newentry->userid = $USER->id; $newentry->timecreated = $timenow; $newentry->sourceglossaryid = 0; - $newentry->teacherentry = has_capability('mod/glossary:manageentries', $context->id); + $newentry->teacherentry = has_capability('mod/glossary:manageentries', $context); $permissiongranted = 1; if ( !$glossary->allowduplicatedentries ) { @@ -237,7 +237,7 @@ if ( $confirm ) { $newentry->definition = $form->definition; $newentry->format = $form->format; $newentry->timemodified = time(); - $newentry->approved = $glossary->defaultapproval or has_capability('mod/glossary:approve', context->id); + $newentry->approved = $glossary->defaultapproval or has_capability('mod/glossary:approve', $context); $newentry->usedynalink = $form->usedynalink; $newentry->casesensitive = $form->casesensitive; $newentry->fullmatch = $form->fullmatch; @@ -308,7 +308,7 @@ print_header_simple(format_string($glossary->name), "", "", true, "", navmenu($course, $cm)); $ineditperiod = ((time() - $newentry->timecreated < $CFG->maxeditingtime) || $glossary->editalways); -if ( (!$ineditperiod || $USER->id != $newentry->userid) and !has_capability('mod/glossary:manageentries', $context->id) and $e) { +if ( (!$ineditperiod || $USER->id != $newentry->userid) and !has_capability('mod/glossary:manageentries', $context) and $e) { if ( $USER->id != $newentry->userid ) { error("You can't edit other people's entries!"); } elseif (!$ineditperiod) { @@ -332,7 +332,7 @@ $tab = GLOSSARY_ADDENTRY_VIEW; include("tabs.html"); if (!$e) { - has_capability('glossary_write', $context->id, true); + require_capability('glossary_write', $context); } include("edit.html"); diff --git a/mod/glossary/editcategories.php b/mod/glossary/editcategories.php index 94d3f478f3..e318dce28b 100644 --- a/mod/glossary/editcategories.php +++ b/mod/glossary/editcategories.php @@ -44,7 +44,7 @@ require_login($course->id, false); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/glossary:managecategories', $context->id, true); + require_capability('mod/glossary:managecategories', $context); $strglossaries = get_string("modulenameplural", "glossary"); $strglossary = get_string("modulename", "glossary"); diff --git a/mod/glossary/export.php b/mod/glossary/export.php index cbe03fe5c7..ce3528f0d1 100644 --- a/mod/glossary/export.php +++ b/mod/glossary/export.php @@ -25,7 +25,7 @@ require_login($course->id, false); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/glossary:export', $context->id, true); + require_capability('mod/glossary:export', $context); $strglossaries = get_string("modulenameplural", "glossary"); $strglossary = get_string("modulename", "glossary"); diff --git a/mod/glossary/exportentry.php b/mod/glossary/exportentry.php index 735eec4cae..d7f60bd22e 100644 --- a/mod/glossary/exportentry.php +++ b/mod/glossary/exportentry.php @@ -30,7 +30,7 @@ } $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/glossary:export', $context->id, true); + require_capability('mod/glossary:export', $context); if (! $course = get_record('course', 'id', $cm->course)) { error('Course is misconfigured'); diff --git a/mod/glossary/exportfile.php b/mod/glossary/exportfile.php index ca3338cf6b..4be4cdca46 100644 --- a/mod/glossary/exportfile.php +++ b/mod/glossary/exportfile.php @@ -23,10 +23,10 @@ require_login($course->id, false); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/glossary:export', $context->id, true); + require_capability('mod/glossary:export', $context); $filename = clean_filename(strip_tags(format_string($glossary->name,true)).'.xml'); $content = glossary_generate_export_file($glossary,$l,$cat); send_file($content, $filename, 0, 0, true, true); -?> \ No newline at end of file +?> diff --git a/mod/glossary/import.php b/mod/glossary/import.php index ad2f018ca6..9ce562356e 100644 --- a/mod/glossary/import.php +++ b/mod/glossary/import.php @@ -30,7 +30,7 @@ require_login($course->id, false); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - has_capability('mod/glossary:import', $context->id, true); + require_capability('mod/glossary:import', $context); if ($dest != 'new' and $dest != 'current') { $dest = 'current'; diff --git a/mod/glossary/lib.php b/mod/glossary/lib.php index 0185ab0ee1..a70c91de91 100644 --- a/mod/glossary/lib.php +++ b/mod/glossary/lib.php @@ -753,15 +753,15 @@ function glossary_print_entry_icons($course, $cm, $glossary, $entry, $mode='',$h } $return .= glossary_print_entry_commentslink($course, $cm, $glossary, $entry,$mode,$hook,'html'); - if (has_capability('mod/glossary:comment', $context->id)) { + if (has_capability('mod/glossary:comment', $context)) { $output = true; $return .= ' '.get_string('addcomment','glossary').''; } - if (has_capability('mod/glossary:write', $context->id) or (!empty($USER->id) and $glossary->studentcanpost and $entry->userid == $USER->id)) { + if (has_capability('mod/glossary:write', $context) or (!empty($USER->id) and $glossary->studentcanpost and $entry->userid == $USER->id)) { // only teachers can export entries so check it out - if (has_capability('mod/glossary:export', $context->id) and !$ismainglossary and !$importedentry) { + if (has_capability('mod/glossary:export', $context) and !$ismainglossary and !$importedentry) { $mainglossary = get_record('glossary','mainglossary',1,'course',$course->id); if ( $mainglossary ) { // if there is a main glossary defined, allow to export the current entry $output = true; @@ -779,7 +779,7 @@ function glossary_print_entry_icons($course, $cm, $glossary, $entry, $mode='',$h // -It isn't a imported entry (so nobody can edit a imported (from secondary to main) entry)) and // -The user is teacher or he is a student with time permissions (edit period or editalways defined). $ineditperiod = ((time() - $entry->timecreated < $CFG->maxeditingtime) || $glossary->editalways); - if ( !$importedentry and (has_capability('mod/glossary:manageentries', $context->id) or ($entry->userid == $USER->id and $ineditperiod))) { + if ( !$importedentry and (has_capability('mod/glossary:manageentries', $context) or ($entry->userid == $USER->id and $ineditperiod))) { $output = true; $return .= " id&mode=delete&entry=$entry->id&prevmode=$mode&hook=$hook\">'; echo '		'; - if (has_capability('mod/glossary:managecategories', $context->id)) { + if (has_capability('mod/glossary:managecategories', $context)) { $options['id'] = $cm->id; $options['mode'] = 'cat'; $options['hook'] = $hook; @@ -1542,11 +1542,11 @@ function glossary_print_comment($course, $cm, $glossary, $entry, $comment) { echo '
'; $ineditperiod = ((time() - $comment->timemodified < $CFG->maxeditingtime) || $glossary->editalways); - if ( ($glossary->allowcomments && $ineditperiod && $USER->id == $comment->userid) || has_capability('mod/glossary:managecomments', $context->id)) { + if ( ($glossary->allowcomments && $ineditperiod && $USER->id == $comment->userid) || has_capability('mod/glossary:managecomments', $context)) { echo "id&eid=$entry->id&cid=$comment->id&action=edit\">\""pixpath/t/edit.gif\" height=\"11\" width=\"11\" border=\"0\" /> "; } - if ( ($glossary->allowcomments && $USER->id == $comment->userid) || has_capability('mod/glossary:managecomments', $context->id) ) { + if ( ($glossary->allowcomments && $USER->id == $comment->userid) || has_capability('mod/glossary:managecomments', $context) ) { echo "id&eid=$entry->id&cid=$comment->id&action=delete\">\""pixpath/t/delete.gif\" height=\"11\" width=\"11\" border=\"0\" />"; } @@ -1576,7 +1576,7 @@ function glossary_print_entry_ratings($course, $entry, $ratings = NULL) { } } if ($useratings) { - if (has_capability('mod/glossary:viewrating', $context->id)) { + if (has_capability('mod/glossary:viewrating', $context)) { glossary_print_ratings_mean($entry->id, $ratings->scale); if ($USER->id != $entry->userid) { glossary_print_rating_menu($entry->id, $USER->id, $ratings->scale); diff --git a/mod/glossary/report.php b/mod/glossary/report.php index 8ac786f6e2..0db6a29aad 100644 --- a/mod/glossary/report.php +++ b/mod/glossary/report.php @@ -23,7 +23,7 @@ $cm = get_record("course_modules","module",$module->id,"instance",$entry->glossaryid); $context = get_context_instance(CONTEXT_MODULE, $cm->id); - if (!has_capability('mod/glossary:manageentries', $context->id) and $USER->id != $entry->userid) { + if (!has_capability('mod/glossary:manageentries', $context) and $USER->id != $entry->userid) { error("You can only look at results for your own entries"); } @@ -54,7 +54,7 @@ echo "
id&sort=rating\">$strratingid&sort=time\">$strtime