Skip to content

Commit

Permalink
adding capabilities
Browse files Browse the repository at this point in the history
  • Loading branch information
toyomoyo committed Sep 7, 2006
1 parent f43ce1a commit ec7a8b7
Show file tree
Hide file tree
Showing 24 changed files with 113 additions and 84 deletions.
8 changes: 4 additions & 4 deletions backup/backup.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,17 +17,17 @@
require_login();

if (!empty($id)) {
if (!isteacheredit($id)) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $id))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}

if (!empty($to)) {
if (!isteacheredit($to)) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $to))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand Down Expand Up @@ -95,7 +95,7 @@
}

//Print header
if (isadmin()) {
if (has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
print_header("$site->shortname: $strcoursebackup", $site->fullname,
"<a href=\"$CFG->wwwroot/$CFG->admin/index.php\">$stradministration</a> ->
<a href=\"backup.php\">$strcoursebackup</a> -> $course->fullname ($course->shortname)");
Expand Down
6 changes: 3 additions & 3 deletions backup/backup_check.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,17 @@
require_login();

if (!empty($course->id)) {
if (!isteacheredit($course->id)) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) {
if (empty($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
} else {
if (!isteacheredit($to)) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $to))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand Down
4 changes: 2 additions & 2 deletions backup/backup_execute.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
require_login();

if (!empty($course->id)) {
if (!isteacheredit($course->id)) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) {
if (empty($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
} else {
Expand All @@ -15,7 +15,7 @@
}
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand Down
6 changes: 3 additions & 3 deletions backup/backup_form.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,17 @@
require_login();

if (!empty($course->id)) {
if (!isteacheredit($course->id)) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) {
if (empty($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
} else {
if (!isteacheredit($to)) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $to))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand Down
4 changes: 1 addition & 3 deletions backup/log.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,7 @@

require_login();

if (!isadmin()) {
error("Only an admin can use this page");
}
require_capability('moodle/site:backup', get_context_instance(CONTEXT_SYSTEM, SITEID));

if (!$site = get_site()) {
error("Site isn't defined!");
Expand Down
8 changes: 4 additions & 4 deletions backup/restore.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,17 +50,17 @@
}

if (!empty($id)) {
if (!isteacheredit($id)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) {
if (empty($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
} else {
if (!isteacheredit($to)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $to))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand Down Expand Up @@ -117,7 +117,7 @@
}

//Print header
if (isadmin()) {
if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
print_header("$site->shortname: $strcourserestore", $site->fullname,
"<a href=\"$CFG->wwwroot/$CFG->admin/index.php\">$stradministration</a> ->
$strcourserestore -> ".basename($file));
Expand Down
12 changes: 6 additions & 6 deletions backup/restore_check.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,11 +124,11 @@

//Check admin
if (!empty($id)) {
if (!isteacheredit($id)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand All @@ -150,7 +150,7 @@
// 2-New course: Create the restore object and launch the execute.

//If the user is a teacher and not a creator
if (isteacheredit($id) and !iscreator()) {
if (!has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$restore->course_id = $id;
if ($restore->restoreto == 0) {
$restore->deleting = true;
Expand All @@ -160,7 +160,7 @@
}

//If the user is a creator (or admin)
if (iscreator()) {
if (has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
//Set restore->deleting as needed
if ($restore->restoreto == 0) {
$restore->deleting = true;
Expand All @@ -170,7 +170,7 @@
}

//Now, select the course if needed
if (($restore->restoreto == 0 or $restore->restoreto == 1) and ($restore->course_id == 0) and (iscreator())) {
if (($restore->restoreto == 0 or $restore->restoreto == 1) and ($restore->course_id == 0) and has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
if ($courses = get_courses("all","c.fullname","c.id,c.fullname,c.shortname,c.visible")) {
print_heading(get_string("choosecourse"));
print_simple_box_start("center");
Expand All @@ -193,7 +193,7 @@
//Checks everything and execute restore
} else if ((($restore->restoreto == 0 or $restore->restoreto == 1) and ($restore->course_id != 0)) or ($restore->restoreto == 2)) {
//Final access control check
if ($restore->course_id == 0 and !iscreator()) {
if ($restore->course_id == 0 and !has_capability('moodle/course:create', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be a creator or admin to restore into new course!");
} else if ($restore->course_id != 0 and !isteacheredit($restore->course_id)) {
error("You need to be an edit teacher or admin to restore into selected course!");
Expand Down
6 changes: 3 additions & 3 deletions backup/restore_execute.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,17 +22,17 @@

//Check admin
if (!empty($id)) {
if (!isteacheredit($id)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COUESE, $id))) {
if (empty($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
} else {
if (!isteacheredit($to)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COUESE, $to))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand Down
10 changes: 5 additions & 5 deletions backup/restore_form.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,11 @@

//Check admin
if (!empty($id)) {
if (!isteacheredit($id)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COUESE, $id))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand Down Expand Up @@ -92,10 +92,10 @@
}

if (!isset($restore_restoreto)) {
if (isteacheredit($id) and !isadmin()) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$restore_restoreto = 1;
}
if (isadmin()) {
if (has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
$restore_restoreto = 2;
}
}
Expand Down Expand Up @@ -157,7 +157,7 @@
echo "<td align=\"right\"><b>";
echo get_string("restoreto").":</b>";
echo "</td><td colspan=\"3\">";
if (isteacheredit($id) and !iscreator()) {
if (!has_capability('moodle/course:create', get_context_instance(CONTEXT_COUESE, $id))) {
$restore_restoreto_options[0] = get_string("currentcoursedeleting");
$restore_restoreto_options[1] = get_string("currentcourseadding");
}
Expand Down
6 changes: 3 additions & 3 deletions backup/restore_precheck.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,17 +14,17 @@

//Check admin
if (!empty($id)) {
if (!isteacheredit($id)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) {
if (empty($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
} else {
if (!isteacheredit($to)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $to))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
}
} else {
if (!isadmin()) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
Expand Down
2 changes: 1 addition & 1 deletion backup/restorelib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -634,7 +634,7 @@ function restore_get_best_question_category($cat, $courseid) {
//Second shot. Try to obtain any concordant category and check its publish status and editing rights
} else if ($fcats = get_records('question_categories', $searchfield, $searchvalue, 'id', 'id, publish, course')) {
foreach ($fcats as $fcat) {
if ($fcat->publish == 1 && isteacheredit($fcat->course)) {
if ($fcat->publish == 1 && has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $fcat->course))) {
$found = $fcat->id;
break;
}
Expand Down
4 changes: 1 addition & 3 deletions backup/try.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,7 @@

require_login();

if (!isadmin()) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
require_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM, SITEID));

//Check site
if (!$site = get_site()) {
Expand Down
2 changes: 1 addition & 1 deletion blocks/course_list/block_course_list.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ function get_content() {
$this->content->items = array();
$this->content->icons = array();
$this->content->footer = get_string('nocoursesyet').'<br /><br />';
if (iscreator()) {
if (has_capability('moodle/course:create', get_context_instance(CONTEXT_COURSECAT, $category->id))) {
$this->content->footer .= '<a href="'.$CFG->wwwroot.'/course/edit.php?category='.$category->id.'">'.get_string("addnewcourse").'</a>...';
}
}
Expand Down
4 changes: 1 addition & 3 deletions course/delete.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,7 @@

require_login();

if (!isadmin()) {
error("You must be an administrator to use this page.");
}
require_capability('moodle/course:delete', get_context_instance(CONTEXT_SYSTEM, SITEID));

if (!$site = get_site()) {
error("Site not found!");
Expand Down
4 changes: 2 additions & 2 deletions course/edit.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
?>
<form method="post" action="edit.php" name="form">
<table cellpadding="9" cellspacing="0" >
<?php if (iscreator()) { ?>
<?php if (has_capability('moodle/course:create', get_context_instance(CONTEXT_COURSECAT, $form->category))) { ?>
<tr valign="top">
<td align="right"><?php print_string("category") ?>:</td>
<td><?php
Expand Down Expand Up @@ -453,7 +453,7 @@
<td><input type="submit" value="<?php print_string("savechanges") ?>" /></td>
</tr>
</table>
<?php if(!iscreator()) { ?>
<?php if(!has_capability('moodle/course:create', get_context_instance(CONTEXT_COURSECAT, $form->category))) { ?>
<input type="hidden" name="category" value="<?php echo $form->category ?>" />
<?php } ?>
<input type="hidden" name="id" value="<?php echo $form->id ?>" />
Expand Down
2 changes: 1 addition & 1 deletion course/lib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1332,7 +1332,7 @@ function print_whole_category_list($category=NULL, $displaylist=NULL, $parentsli
}

if ($category) {
if ($category->visible or iscreator()) {
if ($category->visible or has_capability('moodle/course:update', get_context_instance(CONTEXT_SYSTEM, SITEID))) {
print_category_info($category, $depth, $files);
} else {
return; // Don't bother printing children of invisible categories
Expand Down
2 changes: 2 additions & 0 deletions course/teacher.php
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
<?php // $Id$
// Admin-only script to assign teachers to courses

/// This page is deprecated

require_once("../config.php");

define("MAX_USERS_PER_PAGE", 50);
Expand Down
Loading

0 comments on commit ec7a8b7

Please sign in to comment.