Permalink
Browse files

MDL-37245 Blog: Fixed comments.

Conflicts:

	blog/lib.php

Signed-off-by: Rajesh Taneja <rajesh@moodle.com>

Conflicts:

	blog/lib.php
  • Loading branch information...
1 parent 28772fb commit 4b5dcd72d5d1bec150ecccde12f48beecff94afb Rajesh Taneja committed with danpoltawski May 7, 2013
Showing with 10 additions and 8 deletions.
  1. +10 −8 blog/lib.php
View
@@ -65,42 +65,44 @@ function blog_user_can_view_user_entry($targetuserid, $blogentry=null) {
global $CFG, $USER, $DB;
if (empty($CFG->bloglevel)) {
- return false; // blog system disabled
+ return false; // Blog system disabled.
}
if (isloggedin() && $USER->id == $targetuserid) {
- return true; // can view own entries in any case
+ return true; // Can view own entries in any case.
}
$sitecontext = get_context_instance(CONTEXT_SYSTEM);
if (has_capability('moodle/blog:manageentries', $sitecontext)) {
- return true; // can manage all entries
+ return true; // Can manage all entries.
}
- // coming for 1 entry, make sure it's not a draft
+ // If blog is in draft state, then make sure user have proper capability.
if ($blogentry && $blogentry->publishstate == 'draft' && !has_capability('moodle/blog:viewdrafts', $sitecontext)) {
- return false; // can not view draft of others
+ return false; // Can not view draft of others.
}
// If blog entry is not public, make sure user is logged in.
if ($blogentry && $blogentry->publishstate != 'public' && !isloggedin()) {
return false;
}
+ // If blogentry is not passed or all above checks pass, then check capability based on system config.
switch ($CFG->bloglevel) {
case BLOG_GLOBAL_LEVEL:
return true;
break;
case BLOG_SITE_LEVEL:
- if (isloggedin()) { // not logged in viewers forbidden
+ if (isloggedin()) { // Not logged in viewers forbidden.
return true;
}
return false;
break;
case BLOG_USER_LEVEL:
default:
+ // If user is viewing other user blog, then user should have user:readuserblogs capability.
$personalcontext = get_context_instance(CONTEXT_USER, $targetuserid);
return has_capability('moodle/user:readuserblogs', $personalcontext);
break;
@@ -1055,14 +1057,14 @@ function blog_comment_validate($comment_param) {
throw new comment_exception('nopermissiontocomment');
}
- // validate comment area
+ // Validate comment area.
if ($comment_param->commentarea != 'format_blog') {
throw new comment_exception('invalidcommentarea');
}
$blogentry = $DB->get_record('post', array('id' => $comment_param->itemid), '*', MUST_EXIST);
- // validation for comment deletion
+ // Validation for comment deletion.
if (!empty($comment_param->commentid)) {
if ($record = $DB->get_record('comments', array('id'=>$comment_param->commentid))) {
if ($record->commentarea != 'format_blog') {

0 comments on commit 4b5dcd7

Please sign in to comment.