From 6ac96fcb3c80d94fc1b2a2c28c415f9ec8700846 Mon Sep 17 00:00:00 2001 From: vyshane Date: Fri, 25 Aug 2006 08:27:28 +0000 Subject: [PATCH] Added has_capability checks --- course/report/stats/graph.php | 6 ++++-- course/report/stats/index.php | 6 ++++-- course/report/stats/report.php | 4 +++- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/course/report/stats/graph.php b/course/report/stats/graph.php index 610710bad2..09c69d5d1e 100644 --- a/course/report/stats/graph.php +++ b/course/report/stats/graph.php @@ -21,8 +21,10 @@ } require_login(); - if (!isteacher($course->id)) { - error("You need to be a teacher to use this page"); + $context = get_context_instance(CONTEXT_COURSE, $course->id); + + if (!has_capability('moodle/site:viewreports', $context)) { + error('You need do not have the required permission to view reports for this course'); } stats_check_uptodate($course->id); diff --git a/course/report/stats/index.php b/course/report/stats/index.php index e45c200acd..6554fb7f17 100644 --- a/course/report/stats/index.php +++ b/course/report/stats/index.php @@ -33,8 +33,10 @@ } require_login(); - if (!isteacher($course->id)) { - error("You need to be a teacher to use this page"); + $context = get_context_instance(CONTEXT_COURSE, $course->id); + + if (!has_capability('moodle/site:viewreports', $context)) { + error('You need do not have the required permission to view reports for this course'); } add_to_log($course->id, "course", "report stats", "report/stats/index.php?course=$course->id", $course->id); diff --git a/course/report/stats/report.php b/course/report/stats/report.php index b413fb2903..f25bf74db0 100644 --- a/course/report/stats/report.php +++ b/course/report/stats/report.php @@ -4,7 +4,9 @@ $courseoptions = array(); foreach ($courses as $c) { - if (isteacher($c->id)) { + $context = get_context_instance(CONTEXT_COURSE, $c->id); + + if (has_capability('moodle/site:viewreports', $context)) { $courseoptions[$c->id] = $c->shortname; } } -- 2.39.5