Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed a bug in the new capability allowing users to view all areas of

the ilp
  • Loading branch information...
commit e4dcb32a069e8769dae8743fbb0b290f2d1eae4b 1 parent 4431aaf
@nigeldaley nigeldaley authored
Showing with 35 additions and 6 deletions.
  1. +3 −3 actions_includes.php
  2. +11 −3 block_ilp.php
  3. +21 −0 db/accesscheck.php
View
6 actions_includes.php
@@ -25,15 +25,15 @@
require_once($CFG->dirroot.'/blocks/ilp/db/accesscheck.php');
if ($USER->id != $user_id ) {
- require_capability('block/ilp:viewotherilp', $context);
+
+ //we only require the viewotherilp capabilty id the user is not a ilp admin
+ if (empty($access_ilp_admin)) require_capability('block/ilp:viewotherilp', $context);
if (!empty($course_id)) {
$currentcoursecontext = get_context_instance(CONTEXT_COURSE, $course_id);
if ($context == $currentcoursecontext) {
-
-
$dbc = new ilp_db();
$userenrolled = $dbc->get_user_by_id($user_id);
//check that the user is enrolled on the current course if not then print error
View
14 block_ilp.php
@@ -72,27 +72,35 @@ function get_content() {
return $this->content;
}
- //get all course that the current user is enrolled in
+ //get all course that the current user is enrolled in
$my_courses = $dbc->get_user_courses($USER->id);
$access_viewilp = false;
$access_viewotherilp = false;
+ if (empty($my_courses)) {
+ $c = new stdClass();
+ $c->id = $course_id;
+ $my_courses = array($c);
+ }
+
//we are going to loop through all the courses the user is enrolled in so that we can
//choose which display they will see
$found_current_course = false;
foreach($my_courses as $c) {
+
+ $sitecontext = get_context_instance(CONTEXT_SYSTEM);
$coursecontext = get_context_instance(CONTEXT_COURSE, $c->id);
$set_course_groups_link = false;
//we need to get the capabilites of the current user so we can deceide what to display in the block
- if (has_capability('block/ilp:viewilp', $coursecontext,$USER->id,false)) {
+ if (has_capability('block/ilp:viewilp', $coursecontext,$USER->id,false) ) {
$access_viewilp = true;
//I have removed the var below as we dont want the my course groups link to contain
//the id of a course which the user is not a teacher in
//$set_course_groups_link = true;
}
- if ( has_capability('block/ilp:viewotherilp', $coursecontext,$USER->id,false) ) {
+ if ( has_capability('block/ilp:viewotherilp', $coursecontext,$USER->id,false) || has_capability('block/ilp:ilpviewall', $sitecontext,$USER->id,false) || is_siteadmin($USER)) {
$access_viewotherilp = true;
$set_course_groups_link = true;
}
View
21 db/accesscheck.php
@@ -77,6 +77,27 @@
$access_deletecomment = has_capability('block/ilp:deletecomment', $context);
$access_viewcomment = has_capability('block/ilp:viewcomment', $context);
+
+//check if the current user is an admin or has the ilpviewall capabilty at site level
+$ilpadmin = has_capability('block/ilp:ilpviewall',$sitecontext);
+
+$access_ilp_admin = (is_siteadmin($USER) || $ilpadmin) ? true : false;
+
+if (!empty($access_ilp_admin)) {
+ $access_createreports = true;
+ $access_editreports = true;
+ $access_deletereports = true;
+ $access_viewreports = true;
+ $access_viewilp = true;
+ $access_viewotherilp = true;
+
+ $access_addcomment = true;
+ $access_editcomment = true;
+ $access_deletecomment = true;
+ $access_viewcomment = true;
+}
+
+
//TODO: we should not be in the course context change to another context
$PAGE->set_context($context);
Please sign in to comment.
Something went wrong with that request. Please try again.