Skip to content

Commit

Permalink
messaging: MDL-26960 Check correct users permissions
Browse files Browse the repository at this point in the history 
When on message profile page, the incorrect capability was checked
  • Loading branch information
@danpoltawski
danpoltawski committed Jun 9, 2011
1 parent 6911fa1 commit a8134ff
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 8 deletions.
7 changes: 4 additions & 3 deletions lib/messagelib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -353,11 +353,12 @@ function message_set_default_message_preference($component, $messagename, $filep
}

/**
* Returns the active providers for the current user, based on capability
* Returns the active providers for the user specified, based on capability
*
* @param int $userid id of user
* @return array of message providers
*/
function message_get_my_providers() {
function message_get_providers_for_user($userid) {
global $DB;

$systemcontext = get_context_instance(CONTEXT_SYSTEM);
Expand All @@ -367,7 +368,7 @@ function message_get_my_providers() {
// Remove all the providers we aren't allowed to see now
foreach ($providers as $providerid => $provider) {
if (!empty($provider->capability)) {
if (!has_capability($provider->capability, $systemcontext)) {
if (!has_capability($provider->capability, $systemcontext, $userid)) {
unset($providers[$providerid]); // Not allowed to see this
}
}
Expand Down
8 changes: 3 additions & 5 deletions message/edit.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,13 +91,14 @@
$PAGE->navigation->extend_for_user($user);
}

// Fetch message providers
$providers = message_get_providers_for_user($user->id);

/// Save new preferences if data was submitted

if (($form = data_submitted()) && confirm_sesskey()) {
$preferences = array();

/// Set all the preferences for all the message providers
$providers = message_get_my_providers();
foreach ($providers as $provider) {
$componentproviderbase = $provider->component.'_'.$provider->name;
foreach (array('loggedin', 'loggedoff') as $state) {
Expand Down Expand Up @@ -142,7 +143,6 @@
$preferences->userdefaultemail = $user->email;//may be displayed by the email processor

/// Get providers preferences
$providers = message_get_my_providers();
foreach ($providers as $provider) {
foreach (array('loggedin', 'loggedoff') as $state) {
$linepref = get_user_preferences('message_provider_'.$provider->component.'_'.$provider->name.'_'.$state, '', $user->id);
Expand Down Expand Up @@ -182,8 +182,6 @@

// Grab the renderer
$renderer = $PAGE->get_renderer('core', 'message');
// Fetch message providers
$providers = message_get_my_providers();
// Fetch default (site) preferences
$defaultpreferences = get_message_output_default_preferences();

Expand Down

0 comments on commit a8134ff

Please sign in to comment.