From 358e2a0bd2c76e221b02f8634cf319892b69adac Mon Sep 17 00:00:00 2001 From: skodak Date: Sun, 30 Nov 2008 12:04:27 +0000 Subject: [PATCH] MDL-17464 profile reports are now respecting course report caps --- course/report/log/db/access.php | 14 +++++- course/report/log/graph.php | 4 +- course/report/log/version.php | 2 +- course/report/stats/graph.php | 4 +- course/user.php | 74 ++++++++++++++++++++++------ lang/en_utf8/coursereport_log.php | 1 + user/tabs.php | 81 ++++++++++++++++++++----------- version.php | 2 +- 8 files changed, 134 insertions(+), 48 deletions(-) diff --git a/course/report/log/db/access.php b/course/report/log/db/access.php index 85377d3774..cac7b0ed7a 100644 --- a/course/report/log/db/access.php +++ b/course/report/log/db/access.php @@ -49,8 +49,20 @@ $coursereport_log_capabilities = array( ), 'clonepermissionsfrom' => 'moodle/site:viewreports', - ) + ), + 'coursereport/log:viewtoday' => array( + 'riskbitmask' => RISK_PERSONAL, + 'captype' => 'read', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'teacher' => CAP_ALLOW, + 'editingteacher' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ), + + 'clonepermissionsfrom' => 'moodle/site:viewreports', + ) ); ?> diff --git a/course/report/log/graph.php b/course/report/log/graph.php index f06b5e38ac..c317bd3649 100644 --- a/course/report/log/graph.php +++ b/course/report/log/graph.php @@ -17,9 +17,7 @@ require_login($course); $context = get_context_instance(CONTEXT_COURSE, $course->id); - if ($course->showreports and $USER->id == $user and !isguestuser()) { - // no cap required to view own graph - } else { + if (!$course->showreports or $USER->id != $user) { require_capability('coursereport/log:view', $context); } diff --git a/course/report/log/version.php b/course/report/log/version.php index 702efd5e03..4473706b83 100644 --- a/course/report/log/version.php +++ b/course/report/log/version.php @@ -23,7 +23,7 @@ // // /////////////////////////////////////////////////////////////////////////// -$plugin->version = 2007101502; +$plugin->version = 2007101503; $plugin->requires = 2007101532; ?> diff --git a/course/report/stats/graph.php b/course/report/stats/graph.php index dc8f89859e..1488eda379 100644 --- a/course/report/stats/graph.php +++ b/course/report/stats/graph.php @@ -24,7 +24,9 @@ require_login($course); $context = get_context_instance(CONTEXT_COURSE, $course->id); - require_capability('coursereport/stats:view', $context); + if (!$course->showreports or $USER->id != $userid) { + require_capability('coursereport/stats:view', $context); + } stats_check_uptodate($course->id); diff --git a/course/user.php b/course/user.php index e8b21c2994..61f7491947 100644 --- a/course/user.php +++ b/course/user.php @@ -5,8 +5,6 @@ require_once("../config.php"); require_once("lib.php"); - $modes = array("outline", "complete", "todaylogs", "alllogs"); - $id = required_param('id',PARAM_INT); // course id $user = required_param('user',PARAM_INT); // user id $mode = optional_param('mode', "todaylogs", PARAM_ALPHA); @@ -22,7 +20,16 @@ } require_login(); - $COURSE = clone($course); + $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id); + $personalcontext = get_context_instance(CONTEXT_USER, $user->id); + + require_login(); + if (has_capability('moodle/user:viewuseractivitiesreport', $personalcontext) and !has_capability('moodle/course:view', $coursecontext)) { + // do not require parents to be enrolled in courses ;-) + course_setup($course); + } else { + require_login($course); + } if ($user->deleted) { print_header(); @@ -31,12 +38,52 @@ die; } - $coursecontext = get_context_instance(CONTEXT_COURSE, $id); - $personalcontext = get_context_instance(CONTEXT_USER, $user->id); + // prepare list of allowed modes + $myreports = ($course->showreports and $USER->id == $user->id); + $anyreport = has_capability('moodle/user:viewuseractivitiesreport', $personalcontext); + + $modes = array(); + + if ($myreports or $anyreport or has_capability('coursereport/outline:view', $coursecontext)) { + $modes[] = 'outline'; + } + + if ($myreports or $anyreport or has_capability('coursereport/outline:view', $coursecontext)) { + $modes[] = 'complete'; + } + + if ($myreports or $anyreport or has_capability('coursereport/log:viewtoday', $coursecontext)) { + $modes[] = 'todaylogs'; + } - // if in either context, we can read report, then we can proceed - if (!(has_capability('moodle/site:viewreports', $coursecontext) or ($course->showreports and $USER->id == $user->id) or has_capability('moodle/user:viewuseractivitiesreport', $personalcontext))) { - print_error('nopermissiontoviewpage', 'error'); + if ($myreports or $anyreport or has_capability('coursereport/log:view', $coursecontext)) { + $modes[] = 'alllogs'; + } + + if ($myreports or $anyreport or has_capability('coursereport/stats:view', $coursecontext)) { + $modes[] = 'stats'; + } + + if (has_capability('moodle/grade:viewall', $coursecontext)) { + //ok - can view all course grades + $modes[] = 'grade'; + + } else if ($course->showgrades and $user->id == $USER->id and has_capability('moodle/grade:view', $coursecontext)) { + //ok - can view own grades + $modes[] = 'grade'; + + } else if ($course->showgrades and has_capability('moodle/grade:viewall', $personalcontext)) { + // ok - can view grades of this user - parent most probably + $modes[] = 'grade'; + } + + if (empty($modes)) { + require_capability('moodle/user:viewuseractivitiesreport', $personalcontext); + } + + if (!in_array($mode, $modes)) { + // forbidden or non-exitent mode + $mode = reset($modes); } add_to_log($course->id, "course", "user report", "user.php?id=$course->id&user=$user->id&mode=$mode", "$user->id"); @@ -73,8 +120,6 @@ $showroles = 1; include($CFG->dirroot.'/user/tabs.php'); - get_all_mods($course->id, $mods, $modnames, $modnamesplural, $modnamesused); - switch ($mode) { case "grade": if (empty($CFG->grade_profilereport) or !file_exists($CFG->dirroot.'/grade/report/'.$CFG->grade_profilereport.'/lib.php')) { @@ -84,7 +129,6 @@ require_once $CFG->dirroot.'/grade/lib.php'; require_once $CFG->dirroot.'/grade/report/'.$CFG->grade_profilereport.'/lib.php'; - $course = $DB->get_record('course', array('id'=>required_param('id', PARAM_INT))); $functionname = 'grade_report_'.$CFG->grade_profilereport.'_profilereport'; if (function_exists($functionname)) { $functionname($course, $user); @@ -156,8 +200,7 @@ } // MDL-10818, do not display broken graph when user has no permission to view graph - if (has_capability('coursereport/stats:view', get_context_instance(CONTEXT_COURSE, $id)) || - ($course->showreports and $USER->id == $user->id)) { + if ($myreports or has_capability('coursereport/stats:view', $coursecontext)) { echo '
'.get_string('statisticsgraph').'
'; } @@ -185,9 +228,10 @@ } print_table($table); break; + case "outline" : case "complete" : - default: + get_all_mods($course->id, $mods, $modnames, $modnamesplural, $modnamesused); $sections = get_all_sections($course->id); for ($i=0; $i<=$course->numsections; $i++) { @@ -277,6 +321,8 @@ } } break; + default: + // can not be reached ;-) } diff --git a/lang/en_utf8/coursereport_log.php b/lang/en_utf8/coursereport_log.php index 721454522e..9c86fed150 100644 --- a/lang/en_utf8/coursereport_log.php +++ b/lang/en_utf8/coursereport_log.php @@ -2,6 +2,7 @@ $string['log:view'] = 'View course logs'; $string['log:viewlive'] = 'View live logs'; +$string['log:viewtoday'] = 'View today\'s logs'; $string['loglive'] = 'Live logs'; diff --git a/user/tabs.php b/user/tabs.php index 4d28daa794..842348bb48 100644 --- a/user/tabs.php +++ b/user/tabs.php @@ -177,44 +177,71 @@ $toprow[] = new tabobject('notes', $CFG->wwwroot.'/notes/index.php?course='.$course->id . '&user=' . $user->id, get_string('notes', 'notes')); } - /// Current user must be teacher of the course or the course allows user to view their reports + /// Find out if user allowed to see all reports of this user (usually parent) or individual course reports - //print_object($course); - //print_object($user); + $myreports = ($course->showreports and $USER->id == $user->id); + $anyreport = has_capability('moodle/user:viewuseractivitiesreport', $personalcontext); - // add in logic to check course read report - if (has_capability('moodle/user:viewuseractivitiesreport', $personalcontext) || ($course->showreports and $USER->id == $user->id) || has_capability('moodle/user:viewuseractivitiesreport', $coursecontext)) { + $secondrow = array(); - $toprow[] = new tabobject('reports', $CFG->wwwroot.'/course/user.php?id='.$course->id. - '&user='.$user->id.'&mode=outline', get_string('activityreports')); + if ($myreports or $anyreport or has_capability('coursereport/outline:view', $coursecontext)) { + $secondrow[] = new tabobject('outline', $CFG->wwwroot.'/course/user.php?id='.$course->id. + '&user='.$user->id.'&mode=outline', get_string('outlinereport')); + } - if (in_array($currenttab, array('outline', 'complete', 'todaylogs', 'alllogs', 'stats', 'grade'))) { - $inactive = array('reports'); - $activetwo = array('reports'); + if ($myreports or $anyreport or has_capability('coursereport/outline:view', $coursecontext)) { + $secondrow[] = new tabobject('complete', $CFG->wwwroot.'/course/user.php?id='.$course->id. + '&user='.$user->id.'&mode=complete', get_string('completereport')); + } - $secondrow = array(); - $secondrow[] = new tabobject('outline', $CFG->wwwroot.'/course/user.php?id='.$course->id. - '&user='.$user->id.'&mode=outline', get_string('outlinereport')); - $secondrow[] = new tabobject('complete', $CFG->wwwroot.'/course/user.php?id='.$course->id. - '&user='.$user->id.'&mode=complete', get_string('completereport')); - $secondrow[] = new tabobject('todaylogs', $CFG->wwwroot.'/course/user.php?id='.$course->id. - '&user='.$user->id.'&mode=todaylogs', get_string('todaylogs')); - $secondrow[] = new tabobject('alllogs', $CFG->wwwroot.'/course/user.php?id='.$course->id. - '&user='.$user->id.'&mode=alllogs', get_string('alllogs')); - if (!empty($CFG->enablestats)) { - $secondrow[] = new tabobject('stats',$CFG->wwwroot.'/course/user.php?id='.$course->id. - '&user='.$user->id.'&mode=stats',get_string('stats')); - } + if ($myreports or $anyreport or has_capability('coursereport/log:viewtoday', $coursecontext)) { + $secondrow[] = new tabobject('todaylogs', $CFG->wwwroot.'/course/user.php?id='.$course->id. + '&user='.$user->id.'&mode=todaylogs', get_string('todaylogs')); + } - if ($course->showgrades) { - $secondrow[] = new tabobject('grade', $CFG->wwwroot.'/course/user.php?id='.$course->id. - '&user='.$user->id.'&mode=grade', get_string('grade')); - } + if ($myreports or $anyreport or has_capability('coursereport/log:view', $coursecontext)) { + $secondrow[] = new tabobject('alllogs', $CFG->wwwroot.'/course/user.php?id='.$course->id. + '&user='.$user->id.'&mode=alllogs', get_string('alllogs')); + } + if (!empty($CFG->enablestats)) { + if ($myreports or $anyreport or has_capability('coursereport/stats:view', $coursecontext)) { + $secondrow[] = new tabobject('stats',$CFG->wwwroot.'/course/user.php?id='.$course->id. + '&user='.$user->id.'&mode=stats',get_string('stats')); } + } + + if (has_capability('moodle/grade:viewall', $coursecontext)) { + //ok - can view all course grades + $gradeaccess = true; + } else if ($course->showgrades and $user->id == $USER->id and has_capability('moodle/grade:view', $coursecontext)) { + //ok - can view own grades + $gradeaccess = true; + + } else if ($course->showgrades and has_capability('moodle/grade:viewall', $personalcontext)) { + // ok - can view grades of this user - parent most probably + $gradeaccess = true; + + } else { + $gradeaccess = false; } + if ($gradeaccess) { + $secondrow[] = new tabobject('grade', $CFG->wwwroot.'/course/user.php?id='.$course->id. + '&user='.$user->id.'&mode=grade', get_string('grade')); + } + + if ($secondrow) { + $toprow[] = new tabobject('reports', $CFG->wwwroot.'/course/user.php?id='.$course->id. + '&user='.$user->id.'&mode=outline', get_string('activityreports')); + if (in_array($currenttab, array('outline', 'complete', 'todaylogs', 'alllogs', 'stats', 'grade'))) { + $inactive = array('reports'); + $activetwo = array('reports'); + } else { + $secondrow = array(); + } + } } //close last bracket (individual tags) diff --git a/version.php b/version.php index 9430795091..c672ba7105 100644 --- a/version.php +++ b/version.php @@ -6,7 +6,7 @@ // This is compared against the values stored in the database to determine // whether upgrades should be performed (see lib/db/*.php) - $version = 2008112902; // YYYYMMDD = date of the last version bump + $version = 2008113000; // YYYYMMDD = date of the last version bump // XX = daily increments $release = '2.0 dev (Build: 20081128)'; // Human-friendly version name -- 2.39.5