From 20374d723b87509b9e0f8a2aa63adab45a1ac6c4 Mon Sep 17 00:00:00 2001 From: toyomoyo Date: Fri, 20 Oct 2006 08:09:53 +0000 Subject: [PATCH] merged fix for MDL-7119, users with no capability should not see roles tab --- user/tabs.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user/tabs.php b/user/tabs.php index ca57b309d2..b2c531bee8 100644 --- a/user/tabs.php +++ b/user/tabs.php @@ -182,7 +182,7 @@ /// this needs permission checkings - if (!empty($showroles)) { // this variable controls whether this roles is showed, or not, so only user/view page should set this flag + if (!empty($showroles) && has_capability('moodle/role:assign',$usercontext)) { // this variable controls whether this roles is showed, or not, so only user/view page should set this flag $usercontext = get_context_instance(CONTEXT_USER, $user->id); $toprow[] = new tabobject('roles', $CFG->wwwroot.'/'.$CFG->admin.'/roles/assign.php?contextid='.$usercontext->id.'&userid='.$user->id.'&courseid='.$course->id ,get_string('roles')); -- 2.39.5