Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

MDL-12635 - Manual grading report does not check capabilites - also, …

…only show the tabs for the reports people can access. Backported from MOODLE_19_STABLE.
  • Loading branch information...
commit 3e2d9e95675c764248cc7b89fab2131489d49741 1 parent 40beb0f
tjhunt authored
View
1  lang/en_utf8/quiz_grading.php
@@ -4,5 +4,6 @@
$string['essayonly'] = 'The following questions need to be graded manually';
$string['grading'] = 'Manual grading';
+$string['gradingnotallowed'] = 'You do not have permission to manually grade responses in this quiz';
?>
View
7 mod/quiz/report/grading/report.php
@@ -33,6 +33,13 @@ function display($quiz, $cm, $course) { /// This function just displays the
$this->print_header_and_tabs($cm, $course, $quiz, $reportmode="grading");
+ // Check permissions
+ $context = get_context_instance(CONTEXT_MODULE, $cm->id);
+ if (!has_capability('mod/quiz:grade', $context)) {
+ notify(get_string('gradingnotallowed', 'quiz_grading'));
+ return true;
+ }
+
if (!empty($questionid)) {
if (! $question = get_record('question', 'id', $questionid)) {
error("Question with id $questionid not found");
View
22 mod/quiz/tabs.php
@@ -50,9 +50,17 @@
if ($currenttab == 'reports' and isset($mode)) {
$inactive[] = 'reports';
- $allreports = get_list_of_plugins("mod/quiz/report");
- $reportlist = array ('overview', 'regrade', 'grading', 'analysis'); // Standard reports we want to show first
+ $activated[] = 'reports';
+
+ // Standard reports we want to show first.
+ $reportlist = array ('overview', 'regrade', 'grading', 'analysis');
+ // Reports that are restricted by capability.
+ $reportrestrictions = array(
+ 'regrade' => 'mod/quiz:grade',
+ 'grading' => 'mod/quiz:grade'
+ );
+ $allreports = get_list_of_plugins("mod/quiz/report");
foreach ($allreports as $report) {
if (!in_array($report, $reportlist)) {
$reportlist[] = $report;
@@ -62,10 +70,12 @@
$row = array();
$currenttab = '';
foreach ($reportlist as $report) {
- $row[] = new tabobject($report, "$CFG->wwwroot/mod/quiz/report.php?q=$quiz->id&mode=$report",
- get_string($report, 'quiz_'.$report));
- if ($report == $mode) {
- $currenttab = $report;
+ if (!isset($reportrestrictions[$report]) || has_capability($reportrestrictions[$report], $context)) {
+ $row[] = new tabobject($report, "$CFG->wwwroot/mod/quiz/report.php?q=$quiz->id&mode=$report",
+ get_string($report, 'quiz_'.$report));
+ if ($report == $mode) {
+ $currenttab = $report;
+ }
}
}
$tabs[] = $row;
Please sign in to comment.
Something went wrong with that request. Please try again.