Permalink
Browse files

MDL-37245 Blog: Fixed comments.

Conflicts:

	blog/lib.php

Signed-off-by: Rajesh Taneja <rajesh@moodle.com>

Conflicts:

	blog/lib.php
  • Loading branch information...
Rajesh Taneja authored and danpoltawski committed May 7, 2013
1 parent cb538f0 commit b9c29ff6d3a37092b07c61976e9c380842f77da0
Showing with 10 additions and 8 deletions.
  1. +10 −8 blog/lib.php
View
@@ -65,42 +65,44 @@ function blog_user_can_view_user_entry($targetuserid, $blogentry=null) {
global $CFG, $USER, $DB;
if (empty($CFG->bloglevel)) {
- return false; // blog system disabled
+ return false; // Blog system disabled.
}
if (isloggedin() && $USER->id == $targetuserid) {
- return true; // can view own entries in any case
+ return true; // Can view own entries in any case.
}
$sitecontext = get_context_instance(CONTEXT_SYSTEM);
if (has_capability('moodle/blog:manageentries', $sitecontext)) {
- return true; // can manage all entries
+ return true; // Can manage all entries.
}
- // coming for 1 entry, make sure it's not a draft
+ // If blog is in draft state, then make sure user have proper capability.
if ($blogentry && $blogentry->publishstate == 'draft' && !has_capability('moodle/blog:viewdrafts', $sitecontext)) {
- return false; // can not view draft of others
+ return false; // Can not view draft of others.
}
// If blog entry is not public, make sure user is logged in.
if ($blogentry && $blogentry->publishstate != 'public' && !isloggedin()) {
return false;
}
+ // If blogentry is not passed or all above checks pass, then check capability based on system config.
switch ($CFG->bloglevel) {
case BLOG_GLOBAL_LEVEL:
return true;
break;
case BLOG_SITE_LEVEL:
- if (isloggedin()) { // not logged in viewers forbidden
+ if (isloggedin()) { // Not logged in viewers forbidden.
return true;
}
return false;
break;
case BLOG_USER_LEVEL:
default:
+ // If user is viewing other user blog, then user should have user:readuserblogs capability.
$personalcontext = get_context_instance(CONTEXT_USER, $targetuserid);
return has_capability('moodle/user:readuserblogs', $personalcontext);
break;
@@ -1050,14 +1052,14 @@ function blog_comment_validate($comment_param) {
throw new comment_exception('nopermissiontocomment');
}
- // validate comment area
+ // Validate comment area.
if ($comment_param->commentarea != 'format_blog') {
throw new comment_exception('invalidcommentarea');
}
$blogentry = $DB->get_record('post', array('id' => $comment_param->itemid), '*', MUST_EXIST);
- // validation for comment deletion
+ // Validation for comment deletion.
if (!empty($comment_param->commentid)) {
if ($record = $DB->get_record('comments', array('id'=>$comment_param->commentid))) {
if ($record->commentarea != 'format_blog') {

0 comments on commit b9c29ff

Please sign in to comment.