diff --git a/calendar/set.php b/calendar/set.php index 2c3f018ee66c3..e1496def934dd 100644 --- a/calendar/set.php +++ b/calendar/set.php @@ -64,7 +64,6 @@ calendar_set_referring_course(0); } else { - // We don't check for membership anymore: if(isstudent($id, $USER->id) || isteacher($id, $USER->id)) { if(get_record('course', 'id', $id) === false) { // There is no such course $SESSION->cal_courses_shown = array(); diff --git a/course/editsection.php b/course/editsection.php index 2e7437b06377f..c963f28b331b8 100644 --- a/course/editsection.php +++ b/course/editsection.php @@ -16,10 +16,7 @@ error("Could not find the course!"); } - if (!isteacher($course->id)) { - error("Only teachers can edit this!"); - } - + require_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $id)); /// If data submitted, then process and store. diff --git a/course/format/lams/format.php b/course/format/lams/format.php index c10e6b3a36a37..de01892fe1428 100644 --- a/course/format/lams/format.php +++ b/course/format/lams/format.php @@ -30,7 +30,9 @@ } } -if (($marker >=0) and isteacher($course->id) and confirm_sesskey()) { +$context = get_context_instance(CONTEXT_COURSE, $course->id); + +if (($marker >=0) and has_capability('moodle/course:setcurrentsection', $context) and confirm_sesskey()) { $course->marker = $marker; if (! set_field("course", "marker", $marker, "id", $course->id)) { error("Could not mark that topic for this course"); @@ -216,7 +218,7 @@ } } - $showsection = (isteacher($course->id) or $thissection->visible or !$course->hiddensections); + $showsection = (has_capability('moodle/course:viewhiddensections', $context) or $thissection->visible or !$course->hiddensections); if (!empty($displaysection) and $displaysection != $section) { if ($showsection) { @@ -249,7 +251,7 @@ echo ' '; echo ''; - if (!isteacher($course->id) and !$thissection->visible) { // Hidden for students + if (!has_capability('moodle/course:viewhiddensections', $context) and !$thissection->visible) { // Hidden for students echo get_string('notavailable'); } else { echo '
'; diff --git a/course/format/topics/format.php b/course/format/topics/format.php index 6280ba86a9dea..c2b63c1ad73ac 100644 --- a/course/format/topics/format.php +++ b/course/format/topics/format.php @@ -35,7 +35,9 @@ } } - if (($marker >=0) && isteacher($course->id) && confirm_sesskey()) { + $context = get_context_instance(CONTEXT_COURSE, $course->id); + + if (($marker >=0) && has_capability('moodle/course:setcurrentsection', $context) && confirm_sesskey()) { $course->marker = $marker; if (! set_field("course", "marker", $marker, "id", $course->id)) { error("Could not mark that topic for this course"); @@ -165,7 +167,7 @@ } } - $showsection = (isteacher($course->id) or $thissection->visible or !$course->hiddensections); + $showsection = (has_capability('moodle/course:viewhiddensections', $context) or $thissection->visible or !$course->hiddensections); if (!empty($displaysection) and $displaysection != $section) { if ($showsection) { @@ -197,7 +199,7 @@ echo ''.$section.''; echo ''; - if (!isteacher($course->id) and !$thissection->visible) { // Hidden for students + if (!has_capability('moodle/course:viewhiddensections', $context) and !$thissection->visible) { // Hidden for students echo get_string('notavailable'); } else { echo '
'; diff --git a/course/format/weeks/format.php b/course/format/weeks/format.php index 73b47780420d8..f2646d219e444 100644 --- a/course/format/weeks/format.php +++ b/course/format/weeks/format.php @@ -48,7 +48,7 @@ $strmovedown = get_string('movedown'); } - + $context = get_context_instance(CONTEXT_COURSE, $course->id); /// Layout the whole page as three big columns. echo ''; @@ -146,7 +146,7 @@ } } - $showsection = (isteacher($course->id) or $thissection->visible or !$course->hiddensections); + $showsection = (has_capability('moodle/course:viewhiddensections', $context) or $thissection->visible or !$course->hiddensections); if (!empty($displaysection) and $displaysection != $section) { // Check this week is visible if ($showsection) { @@ -173,7 +173,7 @@ echo ''; echo '
 '; - if (!isteacher($course->id) and !$thissection->visible) { // Hidden for students + if (!has_capability('moodle/course:viewhiddensections', $context) and !$thissection->visible) { // Hidden for students echo '
'.$weekday.' - '.$endweekday.' ('.get_string('notavailable').')
'; } else { diff --git a/course/format/weekscss/format.php b/course/format/weekscss/format.php index 395760291e500..3168314045df7 100644 --- a/course/format/weekscss/format.php +++ b/course/format/weekscss/format.php @@ -60,7 +60,7 @@ $strmovedown = get_string('movedown'); } - + $context = get_context_instance(CONTEXT_COURSE, $course->id); /* Internet Explorer min-width fix. (See theme/standard/styles_layout.css: min-width for Firefox.) Window width: 800px, Firefox 763px, IE 752px. (Window width: 640px, Firefox 602px, IE 588px.) */ @@ -175,7 +175,7 @@ } } - $showsection = (isteacher($course->id) or $thissection->visible or !$course->hiddensections); + $showsection = (has_capability('moodle/course:viewhiddensections', $context) or $thissection->visible or !$course->hiddensections); if (!empty($displaysection) and $displaysection != $section) { // Check this week is visible if ($showsection) { @@ -233,7 +233,7 @@ echo ''; echo '
'; - if (!isteacher($course->id) and !$thissection->visible) { // Hidden for students + if (!has_capability('moodle/course:viewhiddensections', $context) and !$thissection->visible) { // Hidden for students echo '
'.$weekday.' - '.$endweekday.' ('.get_string('notavailable').')
'; } else { diff --git a/course/import.php b/course/import.php index c1b32b00bf1d9..809d8e626ddf6 100644 --- a/course/import.php +++ b/course/import.php @@ -9,9 +9,7 @@ error("That's an invalid course id"); } - if (!isteacher($course->id)) { - error("You are not allowed to look at this page"); - } + require_capability('moodle/site:import', get_context_instance(CONTEXT_COURSE, $id)); /// Always we begin an import, we delete all backup/restore/import session structures if (isset($SESSION->course_header)) { diff --git a/course/lib.php b/course/lib.php index 20ddc2302b067..e6b8e9c999808 100644 --- a/course/lib.php +++ b/course/lib.php @@ -82,7 +82,7 @@ function print_recent_selector_form($course, $advancedfilter=0, $selecteduser=0, if ($mod->mod == "label") { continue; } - if (!$mod->visible and !$isteacher) { + if (!$mod->visible and !has_capability('moodle/course:viewhiddenactivities',get_context_instance(CONTEXT_MODULE, $mod->cm))) { continue; } @@ -174,7 +174,7 @@ function print_recent_selector_form($course, $advancedfilter=0, $selecteduser=0, $groupmode = groupmode($course); - if ($groupmode == VISIBLEGROUPS or ($groupmode and isteacheredit($course->id))) { + if ($groupmode == VISIBLEGROUPS or ($groupmode and has_capability('moodle/course:managegroups', get_context_instance(CONTEXT_COURSE, $course->id)))) { if ($groups = get_records_menu("groups", "courseid", $course->id, "name ASC", "id,name")) { echo '
'; if ($groupmode == VISIBLEGROUPS) { @@ -272,7 +272,7 @@ function build_logs_array($course, $user=0, $date=0, $order="l.time ASC", $limit /// If the group mode is separate, and this user does not have editing privileges, /// then only the user's group can be viewed. - if ($course->groupmode == SEPARATEGROUPS and !$isteacheredit) { + if ($course->groupmode == SEPARATEGROUPS and !has_capability('moodle/course:managegroups', get_context_instance(CONTEXT_COURSE, $course->id))) { $groupid = get_current_group($course->id); } /// If this course doesn't have groups, no groupid can be specified. @@ -985,7 +985,7 @@ function get_all_mods($courseid, &$mods, &$modnames, &$modnamesplural, &$modname } $mods[$mod->id] = $mod; $mods[$mod->id]->modfullname = $modnames[$mod->modname]; - if ($mod->visible or isteacher($courseid)) { + if ($mod->visible or has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_COURSE, $courseid))) { $modnamesused[$mod->modname] = $modnames[$mod->modname]; } } @@ -1099,7 +1099,7 @@ function print_section($course, $section, $mods, $modnamesused, $absolute=false, } $mod = $mods[$modnumber]; - if ($mod->visible or $isteacher) { + if ($mod->visible or has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_COURSE, $course->id))) { echo '
  • '; // Unique ID if ($ismoving) { if ($mod->id == $USER->activitycopy) { @@ -1149,7 +1149,7 @@ function print_section($course, $section, $mods, $modnamesused, $absolute=false, } if ($usetracking && $mod->modname == 'forum') { $groupmode = groupmode($course, $mod); - $groupid = ($groupmode == SEPARATEGROUPS && !isteacheredit($course->id)) ? + $groupid = ($groupmode == SEPARATEGROUPS && !has_capability('moodle/course:managegroups', get_context_instance(CONTEXT_COURSE, $course->id))) ? get_current_group($course->id) : false; if (forum_tp_can_track_forums() && !isset($untracked[$mod->instance])) { diff --git a/course/recent.php b/course/recent.php index 632fab0605fd9..56b6f1b2be3b5 100644 --- a/course/recent.php +++ b/course/recent.php @@ -109,7 +109,7 @@ } else { // you chose a group of activities - if (isteacher($course->id)) { + if (has_capability('moodle/course:viewhiddensections', get_context_instance(CONTEXT_COURSE, $course->id))) { $hiddenfilter = ""; } else { $hiddenfilter = " AND cs.visible = '1' "; @@ -134,7 +134,7 @@ $activityfilter = ""; } - if (isteacher($course->id)) { + if (has_capability('moodle/course:viewhiddensections', get_context_instance(CONTEXT_COURSE, $course->id))) { $hiddenfilter = ""; } else { $hiddenfilter = " AND cm.visible = '1' "; @@ -224,7 +224,7 @@ $section = 0; - if (isteacher($course->id)) { + if (has_capability('moodle/course:viewhiddensections', get_context_instance(CONTEXT_COURSE, $course->id))) { $teacher = true; } else { $teacher = false; diff --git a/course/report.php b/course/report.php index 408350247de1b..b846ac0fad65a 100644 --- a/course/report.php +++ b/course/report.php @@ -9,9 +9,7 @@ error("That's an invalid course id"); } - if (!isteacher($course->id)) { - error("You are not allowed to look at this page"); - } + require_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $id)); $strreports = get_string('reports'); diff --git a/course/report/outline/index.php b/course/report/outline/index.php index e2d742d91ca28..d696dcb45fdad 100644 --- a/course/report/outline/index.php +++ b/course/report/outline/index.php @@ -17,9 +17,7 @@ error("Course id is incorrect."); } - if (!isteacher($course->id)) { - error("You are not allowed to look at this page"); - } + require_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $courseid)); add_to_log($course->id, "course", "report outline", "report/outline/index.php?id=$course->id", $course->id); diff --git a/course/user.php b/course/user.php index 4519103d00994..ce5974298495e 100644 --- a/course/user.php +++ b/course/user.php @@ -23,7 +23,11 @@ error("User ID is incorrect"); } - if (! (isteacher($course->id) or ($course->showreports and $USER->id == $user->id))) { + $coursecontext = get_context_instance(CONTEXT_COURSE, $id); + $personalcontext = get_context_instance(CONTEXT_USERID, $user->id); + + // if in either context, we can read report, then we can proceed + if (!(has_capability('moodle/site:viewreports', $coursecontext) or ($course->showreports and $USER->id == $user->id) or has_capability('moodle/user:viewuseractivitiesreport', $personalcontext))) { error("You are not allowed to look at this page"); } @@ -160,7 +164,7 @@ if (isset($sections[$i])) { // should always be true $section = $sections[$i]; - $showsection = (isteacher($course->id) or $section->visible or !$course->hiddensections); + $showsection = (has_capability('moodle/course:viewhiddensections', $context) or $section->visible or !$course->hiddensections); if ($showsection) { // prevent hidden sections in user activity. Thanks to Geoff Wilbert! diff --git a/file.php b/file.php index 0e3f6f447c689..190208cced7c4 100644 --- a/file.php +++ b/file.php @@ -54,7 +54,7 @@ } // security: only editing teachers can access backups - if ((!isteacheredit($course->id)) + if ((!has_capability('moodle/site:backup', get_context_instance(CONTEXT_COURSE, $course->id))) and (count($args) >= 2) and (strtolower($args[1]) == 'backupdata')) { @@ -83,7 +83,7 @@ and (strtolower($args[2]) == 'assignment')) { $lifetime = 0; // do not cache assignments, students may reupload them - if ((!isteacher($course->id)) && (count($args) != 6 || $args[4] != $USER->id)) { + if ((!has_capability('mod/assignment:grade', get_context_instance(CONTEXT_COURSE, $course->id))) && (count($args) != 6 || $args[4] != $USER->id)) { error('Access not allowed'); } } diff --git a/grade/exceptions.php b/grade/exceptions.php index 431c2efbaa060..3ac4a6e906026 100644 --- a/grade/exceptions.php +++ b/grade/exceptions.php @@ -12,9 +12,7 @@ require_login($course->id); - if (!isteacher($course->id)) { - error(get_string('notteachererror', 'grades')); - } + require_capability('moodle/course:managegrades', get_context_instance(CONTEXT_MODULE, $id)); $group = get_current_group($course->id); diff --git a/lib/db/access.php b/lib/db/access.php index d29e889f65940..de5eed1189bc0 100644 --- a/lib/db/access.php +++ b/lib/db/access.php @@ -766,6 +766,84 @@ 'coursecreator' => CAP_ALLOW, 'admin' => CAP_ALLOW ) + ), + + 'moodle/course:sectionvisibility' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/course:viewhiddensections' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/course:setcurrentsection' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/course:viewcoursegrades' => array( + 'captype' => 'read', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_ALLOW, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/course:managegrades' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/user:viewusergrades' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_ALLOW, + 'teacher' => CAP_ALLOW, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) ) );