Permalink
Browse files

MDL-20849 moodle/restore:userinfo - new cababilty to allow/deny

permissions to restore any (users, messages, modulesactivity...)
user-level information.
  • Loading branch information...
stronk7 committed Nov 19, 2009
1 parent 4a7ab3c commit 826e1aa33c66598d2c157d719c664340b072235b
Showing with 157 additions and 106 deletions.
  1. +1 −1 backup/backup_form.html
  2. +32 −0 backup/restore_check.html
  3. +105 −100 backup/restore_form.html
  4. +2 −2 backup/restorelib.php
  5. +1 −0 lang/en_utf8/moodle.php
  6. +2 −0 lang/en_utf8/role.php
  7. +13 −2 lib/db/access.php
  8. +1 −1 version.php
View
@@ -289,7 +289,7 @@
}
// do you want grade histories to be backed up?
- if (empty($CFG->disablegradehistory)) {
+ if (empty($to) and $backupuserinfo and empty($CFG->disablegradehistory)) {
echo "<tr>";
echo "<td align=\"right\" colspan=\"2\"><b>";
echo '<label for="menubackup_gradebook_history">'.get_string ('gradebookhistories', 'grades').'</label>';
View
@@ -194,15 +194,21 @@
//Check login
require_login();
+ //Init restoreuserinfo
+ $restoreuserinfo = false;
+
+
//Check admin
if (!empty($id)) {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_COURSE, $id))) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
+ $restoreuserinfo = has_capability('moodle/restore:userinfo', get_context_instance(CONTEXT_COURSE, $id));
} else {
if (!has_capability('moodle/site:restore', get_context_instance(CONTEXT_SYSTEM))) {
error("You need to be an admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
+ $restoreuserinfo = has_capability('moodle/restore:userinfo', get_context_instance(CONTEXT_SYSTEM));
}
//Check site
@@ -316,6 +322,32 @@
}
}
+ // Re-enforce moodle/restore:userinfo capability
+ if (!$restoreuserinfo) {
+ $userinfocheck = true;
+ // Confirm that all the settings are properly set to no users
+ // if anything is wrong, message and stop
+ // First global settings
+ if ($restore->users != 2 or $restore->user_files or $restore->messages or $restore->blogs) {
+ $userinfocheck = false;
+
+ // Now all modules userinfo flag
+ } else {
+ $mods = $restore->mods;
+ foreach ($mods as $mod) {
+ if ($mod->userinfo) {
+ $userinfocheck = false;
+ }
+ }
+ }
+
+ if (!$userinfocheck) { // Something was wrong
+ $messages[] = get_string('restoreuserinfofailed');
+ $show_continue_button = false;
+ }
+ }
+
+
/// If restoring users and backup has mnet remote users and we are restoring to different site, forbid restore to non-admins. MDL-17009
if ($restore->users != 2 && /// If restoring users
!empty($info->mnet_remoteusers) && $info->mnet_remoteusers === 'true' && /// and backup contains remote users
View

Large diffs are not rendered by default.

Oops, something went wrong.
View
@@ -1415,7 +1415,7 @@ function restore_migrate_old_gradebook($restore,$xml_file) {
$restoreall = true; // set to false if any grade_item is not selected/restored
$importing = !empty($SESSION->restore->importing); // there should not be a way to import old backups, but anyway ;-)
- if ($importing) {
+ if ($importing || $restore->users == 2) {
$restoreall = false;
} else {
@@ -1606,7 +1606,7 @@ function restore_create_gradebook($restore,$xml_file) {
$restoreall = true; // set to false if any grade_item is not selected/restored or already exist
$importing = !empty($SESSION->restore->importing);
- if ($importing) {
+ if ($importing || $restore->users == 2) {
$restoreall = false;
} else {
View
@@ -1310,6 +1310,7 @@
$string['restoreto'] = 'Restore to';
$string['restoretositeadding'] = 'Warning: You are about to restore to the site front page, adding data to it!';
$string['restoretositedeleting'] = 'Warning: You are about to restore to the site front page, deleting data from it first!';
+$string['restoreuserinfofailed'] = '<strong>Warning:</strong> To be able to restore any user data (in activities, files, messages...) the \"moodle/restore:userinfo\" capability is required and you are missing it. Restore process stopped.';
$string['restricted'] = 'Restricted';
$string['restrictmodules'] = 'Restrict activity modules?';
$string['returningtosite'] = 'Returning to this web site?';
View
@@ -10,6 +10,7 @@
$string['assignroles'] = 'Assign roles';
$string['assignrolesin'] = 'Assign roles in $a';
$string['assignglobalroles'] = 'Assign system roles';
+$string['backup:userinfo'] = 'Backup user data';
$string['blog:create'] = 'Create new blog entries';
$string['blog:manageentries'] = 'Edit and manage entries';
$string['blog:manageofficialtags'] = 'Manage official tags';
@@ -129,6 +130,7 @@
$string['resetrolesure'] = 'Are you sure that you want to reset role \"$a->name ($a->shortname)\" to defaults?<p></p>The defaults are taken from the selected legacy capability ($a->legacytype).';
$string['resetrolesurenolegacy'] = 'Are you sure that you want to clear all permissions defined in this role \"$a->name ($a->shortname)\"?';
$string['restore:rolldates'] = 'Allowed to roll activity configuration dates on restore';
+$string['restore:userinfo'] = 'Restore user data';
$string['risks'] = 'Risks';
$string['role:assign'] = 'Assign roles to users';
$string['role:manage'] = 'Create and manage roles';
View
@@ -170,9 +170,9 @@
'moodle/backup:userinfo' => array(
- 'riskbitmask' => RISK_PERSONAL | RISK_CONFIG,
+ 'riskbitmask' => RISK_PERSONAL,
- 'captype' => 'write',
+ 'captype' => 'read',
'contextlevel' => CONTEXT_COURSE,
'legacy' => array(
'admin' => CAP_ALLOW
@@ -191,6 +191,17 @@
)
),
+ 'moodle/restore:userinfo' => array(
+
+ 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
+
+ 'captype' => 'write',
+ 'contextlevel' => CONTEXT_COURSE,
+ 'legacy' => array(
+ 'admin' => CAP_ALLOW
+ )
+ ),
+
'moodle/restore:rolldates' => array(
'captype' => 'write',
View
@@ -6,7 +6,7 @@
// This is compared against the values stored in the database to determine
// whether upgrades should be performed (see lib/db/*.php)
- $version = 2007101562; // YYYYMMDD = date of the 1.9 branch (don't change)
+ $version = 2007101563; // YYYYMMDD = date of the 1.9 branch (don't change)
// X = release number 1.9.[0,1,2,3,4,5...]
// Y.YY = micro-increments between releases

0 comments on commit 826e1aa

Please sign in to comment.