From dc5586907dc4d6f6122dcfc3477e5e114fd025da Mon Sep 17 00:00:00 2001 From: toyomoyo Date: Wed, 20 Sep 2006 09:00:04 +0000 Subject: [PATCH] replacing deprecated calls and references to capability calls --- course/category.php | 7 ++++++- grade/exceptions.php | 17 ++++++++++++----- lib/accesslib.php | 16 ++++++++++------ lib/db/access.php | 15 ++++++++++++++- lib/deprecatedlib.php | 10 +--------- lib/editor/htmlarea/popups/insert_image.php | 8 ++++---- lib/editor/htmlarea/popups/link.php | 6 +++--- lib/editor/htmlarea/popups/link_std.php | 7 ++----- lib/editor/htmlarea/popups/preview.php | 5 +---- lib/editor/tinymce/tinymce.class.php | 4 ++-- lib/weblib.php | 11 +++-------- mod/data/preset.php | 2 +- mod/hotpot/view.php | 11 +---------- mod/quiz/report/overview/report.php | 14 ++++++++------ mod/resource/type/ims/finder.php | 4 ++-- mod/resource/type/ims/repository_deploy.php | 4 +--- user/view.php | 11 ++++++----- 17 files changed, 77 insertions(+), 75 deletions(-) diff --git a/course/category.php b/course/category.php index f25e5e0562..6bd757a899 100644 --- a/course/category.php +++ b/course/category.php @@ -21,7 +21,9 @@ if (!$site = get_site()) { error("Site isn't defined!"); } - + + $context = get_context_instance(CONTEXT_COURSECAT, $id); + if ($CFG->forcelogin) { require_login(); } @@ -104,6 +106,9 @@ "$strcategories -> $category->name", "", "", true, $navbaritem); } +/// Print link to roles + print(''.get_string('roles').''); + /// Print the category selector $displaylist = array(); diff --git a/grade/exceptions.php b/grade/exceptions.php index 3ac4a6e906..90657b3eef 100644 --- a/grade/exceptions.php +++ b/grade/exceptions.php @@ -132,12 +132,19 @@ exit; function grade_get_grade_item_exceptions($id) { - global $CFG; - global $course; - $sql = "SELECT ge.id, ge.userid FROM {$CFG->prefix}grade_exceptions ge, {$CFG->prefix}user_students us WHERE us.course=$course->id AND grade_itemid=$id AND ge.userid = us.userid AND us.course=ge.courseid"; - $grade_exceptions = get_records_sql($sql); - return $grade_exceptions; + global $CFG, $course; + + $contextlists = get_related_contexts_string(get_context_instance(CONTEXT_COURSE, $course->id)); + + $sql = "SELECT ge.id, ge.userid + FROM {$CFG->prefix}grade_exceptions ge, + {$CFG->prefix}role_assignments ra + WHERE grade_itemid = $id + AND ge.userid = ra.userid + AND ra.contextid $contextlists"; + + return get_records_sql($sql); } ?> diff --git a/lib/accesslib.php b/lib/accesslib.php index 89c30a18e2..a961b709f2 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -1984,10 +1984,11 @@ function fetch_context_independent_capabilities() { * context. * @param obj $context * @param int $roleid + * @param bool self - if set to true, resolve till this level, else stop at immediate parent level * @return array */ function role_context_capabilities($roleid, $context, $cap='') { - global $CFG; + global $CFG; $contexts = get_parent_contexts($context); $contexts[] = $context->id; @@ -1999,11 +2000,14 @@ function role_context_capabilities($roleid, $context, $cap='') { $search = ''; } - $SQL = "SELECT rc.* FROM {$CFG->prefix}role_capabilities rc, {$CFG->prefix}context c - where rc.contextid in $contexts - and rc.roleid = $roleid - and rc.contextid = c.id $search - ORDER BY c.aggregatelevel DESC, rc.capability DESC"; + $SQL = "SELECT rc.* + FROM {$CFG->prefix}role_capabilities rc, + {$CFG->prefix}context c + WHERE rc.contextid in $contexts + AND rc.roleid = $roleid + AND rc.contextid = c.id $search + ORDER BY c.aggregatelevel DESC, + rc.capability DESC"; $capabilities = array(); diff --git a/lib/db/access.php b/lib/db/access.php index 13fa9c6299..c590a5dcb8 100644 --- a/lib/db/access.php +++ b/lib/db/access.php @@ -976,7 +976,20 @@ $moodle_capabilities = array( 'admin' => CAP_ALLOW ) ), - + + 'moodle/course:useremail' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_PREVENT, + 'admin' => CAP_ALLOW + ) + ), + 'moodle/course:viewhiddensections' => array( 'captype' => 'write', 'contextlevel' => CONTEXT_COURSE, diff --git a/lib/deprecatedlib.php b/lib/deprecatedlib.php index b48f0e43be..d8bac08978 100644 --- a/lib/deprecatedlib.php +++ b/lib/deprecatedlib.php @@ -428,15 +428,7 @@ function remove_teacher($userid, $courseid=0) { } } - /// Next if the teacher is not registered as a student, but is - /// a member of a group, remove them from the group. - if (!isstudent($courseid, $userid)) { - if ($groups = get_groups($courseid, $userid)) { - foreach ($groups as $group) { - delete_records('groups_members', 'groupid', $group->id, 'userid', $userid); - } - } - } + /// No need to remove from groups now foreach ($roles as $role) { // Unassign them from all the teacher roles $newreturn = role_unassign($role->id, $userid, 0, $context->id); diff --git a/lib/editor/htmlarea/popups/insert_image.php b/lib/editor/htmlarea/popups/insert_image.php index ecbfd127c4..b4c1d0c0af 100644 --- a/lib/editor/htmlarea/popups/insert_image.php +++ b/lib/editor/htmlarea/popups/insert_image.php @@ -262,12 +262,12 @@ form { margin-bottom: 0px; margin-top: 0px; } @@ -279,7 +279,7 @@ form { margin-bottom: 0px; margin-top: 0px; }

- wwwroot."/lib/editor/htmlarea/coursefiles.php?usecheckboxes=1&id=".$course->id."\" style=\"width: 100%; height: 200px;\">": "";?>
- + "; echo "
:
@@ -315,7 +315,7 @@ form { margin-bottom: 0px; margin-top: 0px; }
+ if(has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))) { ?> diff --git a/lib/editor/htmlarea/popups/link.php b/lib/editor/htmlarea/popups/link.php index 5cd2a60e1f..48995ca149 100644 --- a/lib/editor/htmlarea/popups/link.php +++ b/lib/editor/htmlarea/popups/link.php @@ -79,14 +79,14 @@ form { margin-bottom: 1px; margin-top: 1px; }
- id."\" width=\"420\" height=\"180\">": ""; ?>

@@ -124,7 +124,7 @@ form { margin-bottom: 1px; margin-top: 1px; }
+ if(has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $id))) { ?> diff --git a/lib/editor/htmlarea/popups/link_std.php b/lib/editor/htmlarea/popups/link_std.php index f30fddfa91..eb8080ee8d 100644 --- a/lib/editor/htmlarea/popups/link_std.php +++ b/lib/editor/htmlarea/popups/link_std.php @@ -3,10 +3,7 @@ $id = required_param('id', PARAM_INT); - if ($course = get_record("course", "id", $id)) { - $isteacher = isteacher($course->id); - } else { - $isteacher = false; + if (!$course = get_record("course", "id", $id)) { $course->fullname = ""; // Just to keep display happy, though browsing may fail } ?> @@ -177,7 +174,7 @@ border-bottom: 1px solid black; letter-spacing: 2px;

- ".get_string("browse","editor")."..."; } ?> diff --git a/lib/editor/htmlarea/popups/preview.php b/lib/editor/htmlarea/popups/preview.php index 553eda90b0..f4e02e1521 100644 --- a/lib/editor/htmlarea/popups/preview.php +++ b/lib/editor/htmlarea/popups/preview.php @@ -10,10 +10,7 @@ } require_login($course->id); - - if (!isteacher($course->id)) { - error("Only teachers can use this functionality"); - } + require_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $course->id)); $imagetag = clean_text(''); diff --git a/lib/editor/tinymce/tinymce.class.php b/lib/editor/tinymce/tinymce.class.php index 17e1222a1a..ab89d9b3c9 100644 --- a/lib/editor/tinymce/tinymce.class.php +++ b/lib/editor/tinymce/tinymce.class.php @@ -95,7 +95,7 @@ class tinymce extends editorObject { $this->cfg->tinymcepopupcss : '', "editor_css" => !empty($this->cfg->tinymceeditorcss) ? $this->cfg->tinymceeditorcss : '', - "file_browser_callback" => $isteacher ? 'moodleFileBrowser' : '', + "file_browser_callback" => has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $courseid)) ? 'moodleFileBrowser' : '', "convert_urls" => false, "relative_urls" => false); @@ -112,7 +112,7 @@ class tinymce extends editorObject { $this->defaults['theme_advanced_resize_horizontal'] = true; } - $this->printdialogs = $isteacher ? true : false; + $this->printdialogs = has_capability('moodle/course:managefiles', get_context_instance(CONTEXT_COURSE, $courseid)) ? true : false; } /** diff --git a/lib/weblib.php b/lib/weblib.php index 65da4f2063..8b8d6b10a9 100644 --- a/lib/weblib.php +++ b/lib/weblib.php @@ -3036,8 +3036,8 @@ function print_user($user, $course, $messageselect=false, $return=false) { static $string; static $datestring; static $countries; - static $isteacher; static $isadmin; + static $isteacher; $context = get_context_instance(CONTEXT_COURSE, $course->id); if (empty($string)) { // Cache all the strings for the rest of the page @@ -3063,7 +3063,6 @@ function print_user($user, $course, $messageselect=false, $return=false) { $datestring->secs = get_string('secs'); $countries = get_list_of_countries(); - $isteacher = isteacher($course->id); $isadmin = isadmin(); } @@ -3086,7 +3085,7 @@ function print_user($user, $course, $messageselect=false, $return=false) { if (!empty($user->role) and ($user->role <> $course->teacher)) { $output .= $string->role .': '. $user->role .'
'; } - if ($user->maildisplay == 1 or ($user->maildisplay == 2 and $course->category and !isguest()) or $isteacher) { + if ($user->maildisplay == 1 or ($user->maildisplay == 2 and $course->category and !isguest()) or has_capability('moodle/course:viewhiddenuserfields', get_context_instance(CONTEXT_COURSE, $course->id))) { $output .= $string->email .': '. $user->email .'
'; } if (($user->city or $user->country) and (!isset($hiddenfields['city']) or !isset($hiddenfields['country']))) { @@ -3117,7 +3116,7 @@ function print_user($user, $course, $messageselect=false, $return=false) { $output .= ''.get_string('blogs','blog').'
'; } - if ($isteacher) { + if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $course->id))) { $timemidnight = usergetmidnight(time()); $output .= ''. $string->activity .'
'; if (!has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID, $user->id)) or ($isadmin and !isadmin($user->id))) { // Includes admins @@ -3177,11 +3176,7 @@ function print_group_picture($group, $courseid, $large=false, $return=false, $li } } - static $isteacheredit; $context = get_context_instance(CONTEXT_COURSE, $courseid); - if (!isset($isteacheredit)) { - $isteacheredit = isteacheredit($courseid); - } if ($group->hidepicture and !has_capability('moodle/course:managegroups', $context)) { return ''; diff --git a/mod/data/preset.php b/mod/data/preset.php index d38ab83e40..cf0b55f130 100644 --- a/mod/data/preset.php +++ b/mod/data/preset.php @@ -144,7 +144,7 @@ switch ($action) { } echo "
"; - if ($preset->user == $USER->id || isadmin()) { + if ($preset->user == $USER->id || has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) { echo "
"; echo ""; echo ""; diff --git a/mod/hotpot/view.php b/mod/hotpot/view.php index 8e2d76f789..af1a0d31fd 100644 --- a/mod/hotpot/view.php +++ b/mod/hotpot/view.php @@ -429,16 +429,7 @@ /////////////////////////////////// function hotpot_feedback_teachers(&$course, &$hotpot) { global $CFG; - $teachers = get_records_sql(" - SELECT - u.* - FROM - {$CFG->prefix}user AS u, - {$CFG->prefix}user_teachers AS t - WHERE - t.userid = u.id - AND t.course = $course->id - "); + $teachers = get_users_by_capability(get_context_instance(CONTEXT_COURSE, $course->id), 'mod/hotpot:grade'); $teacherdetails = ''; if (!empty($teachers)) { $details = array(); diff --git a/mod/quiz/report/overview/report.php b/mod/quiz/report/overview/report.php index f657d0d8cd..febf8c1a60 100644 --- a/mod/quiz/report/overview/report.php +++ b/mod/quiz/report/overview/report.php @@ -239,6 +239,8 @@ class quiz_report extends quiz_default_report { } echo $headers." \n"; } + + $contextlists = get_related_contexts_string(get_context_instance(CONTEXT_COURSE, $course->id)); // Construct the SQL $select = 'SELECT '.$db->Concat('u.id', '\'#\'', $db->IfNull('qa.attempt', '0')).' AS uniqueid, '. @@ -248,15 +250,15 @@ class quiz_report extends quiz_default_report { if (!empty($currentgroup) && empty($noattempts)) { // we want a particular group and we only want to see students WITH attempts. // So join on groups_members and do an inner join on attempts. - $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'user_students us ON us.userid = u.id JOIN '.$CFG->prefix.'groups_members gm ON u.id = gm.userid '. + $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id JOIN '.$CFG->prefix.'groups_members gm ON u.id = gm.userid '. 'JOIN '.$CFG->prefix.'quiz_attempts qa ON u.id = qa.userid AND qa.quiz = '.$quiz->id; - $where = ' WHERE us.course = '.$course->id.' AND gm.groupid = '.$currentgroup.' AND qa.preview = 0'; + $where = ' WHERE ra.contextid $contextlists AND gm.groupid = '.$currentgroup.' AND qa.preview = 0'; } else if (!empty($currentgroup) && !empty($noattempts)) { // We want a particular group and we want to do something funky with attempts // So join on groups_members and left join on attempts... - $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'user_students us ON us.userid = u.id JOIN '.$CFG->prefix.'groups_members gm ON u.id = gm.userid '. + $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id JOIN '.$CFG->prefix.'groups_members gm ON u.id = gm.userid '. 'LEFT JOIN '.$CFG->prefix.'quiz_attempts qa ON u.id = qa.userid AND qa.quiz = '.$quiz->id; - $where = ' WHERE us.course = '.$course->id.' AND gm.groupid = '.$currentgroup.' AND qa.preview = 0'; + $where = ' WHERE ra.contextid $contextlists AND gm.groupid = '.$currentgroup.' AND qa.preview = 0'; if ($noattempts == 1) { // noattempts = 1 means only no attempts, so make the left join ask for only records where the right is null (no attempts) $where .= ' AND qa.userid IS NULL'; // show ONLY no attempts; @@ -264,8 +266,8 @@ class quiz_report extends quiz_default_report { } else if (empty($currentgroup)) { // We don't care about group, and we to do something funky with attempts // So do a left join on attempts - $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'user_students us ON us.userid = u.id LEFT JOIN '.$CFG->prefix.'quiz_attempts qa ON u.id = qa.userid AND qa.quiz = '.$quiz->id; - $where = " WHERE us.course = '$course->id'"; + $from = 'FROM '.$CFG->prefix.'user u JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id LEFT JOIN '.$CFG->prefix.'quiz_attempts qa ON u.id = qa.userid AND qa.quiz = '.$quiz->id; + $where = " WHERE ra.contextid $contextlists"; if (empty($noattempts)) { $where .= ' AND qa.userid IS NOT NULL'; // show ONLY students with attempts; } else if ($noattempts == 1) { diff --git a/mod/resource/type/ims/finder.php b/mod/resource/type/ims/finder.php index d05b46210d..554864a653 100644 --- a/mod/resource/type/ims/finder.php +++ b/mod/resource/type/ims/finder.php @@ -62,7 +62,7 @@ ims_print_crumbtrail($directory); /// If admin, add extra buttons - redeploy & help. - if (isadmin()) { + if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) { echo " | ($strdeployall) "; helpbutton("deploy", get_string("deployall", "resource"), "resource", true); } @@ -82,7 +82,7 @@ } else if ($item->type == 'not deployed') { /// Only displays non-deployed IMS CP's if admin user. - if (isadmin()) { + if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) { echo "
  • \"IMS $item->path - $strnotdeployed (path\">$strdeploy)
    • \n"; } } diff --git a/mod/resource/type/ims/repository_deploy.php b/mod/resource/type/ims/repository_deploy.php index 0e5599c41b..c007db4084 100644 --- a/mod/resource/type/ims/repository_deploy.php +++ b/mod/resource/type/ims/repository_deploy.php @@ -46,9 +46,7 @@ require_once('repository_config.php'); /// Security - Admin Only - if (!isadmin()) { - error("Not admin!"); - } + require_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID)) $file = required_param ('file', PARAM_PATH); $all = optional_param ('all', '', PARAM_ALPHA); diff --git a/user/view.php b/user/view.php index 72523c5c8e..dd21c97471 100644 --- a/user/view.php +++ b/user/view.php @@ -52,7 +52,7 @@ $currentuser = ($user->id == $USER->id); } - if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/course:managegroups', $coursecontext)) { // Groups must be kept separate + if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) { // Groups must be kept separate require_login(); ///this is changed because of mygroupid @@ -64,8 +64,9 @@ } } } - - if (!$currentuser && !isteacheredit($course->id, $user->id) && !$gtrue) { + // took the teacheredit check out because teacheredit will have moodle/site:accessallgroups capability + // which was already checked + if (!$currentuser && !$gtrue) { print_header("$personalprofile: ", "$personalprofile: ", "id\">$course->shortname -> id\">$participants", @@ -175,7 +176,7 @@ $emailswitch = ''; - if (isteacheredit($course->id) or $currentuser) { /// Can use the enable/disable email stuff + if (has_capability('moodle/course:useremail', get_context_instance(CONTEXT_COURSE, $course->id)) or $currentuser) { /// Can use the enable/disable email stuff if (!empty($enable)) { /// Recieved a parameter to enable the email address set_field('user', 'emailstop', 0, 'id', $user->id); $user->emailstop = 0; @@ -186,7 +187,7 @@ } } - if (isteacheredit($course->id)) { /// Can use the enable/disable email stuff + if (has_capability('moodle/course:useremail', get_context_instance(CONTEXT_COURSE, $course->id))) { /// Can use the enable/disable email stuff if ($user->emailstop) { $switchparam = 'enable'; $switchtitle = get_string('emaildisable'); -- 2.39.5