Skip to content

Commit

Permalink
MDL-17463 - reparate capabilities for course and admin reports
Browse files Browse the repository at this point in the history
  • Loading branch information
skodak committed Nov 29, 2008
1 parent 088a4df commit a2e4bf7
Show file tree
Hide file tree
Showing 51 changed files with 527 additions and 169 deletions.
2 changes: 1 addition & 1 deletion admin/qtypes.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
require_login();
$systemcontext = get_context_instance(CONTEXT_SYSTEM);
require_capability('moodle/question:config', $systemcontext);
$canviewreports = has_capability('moodle/site:viewreports', $systemcontext);
$canviewreports = has_capability('report/questioninstances:view', $systemcontext);

admin_externalpage_setup('manageqtypes');

Expand Down
4 changes: 1 addition & 3 deletions admin/report/capability/settings.php
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
<?php // $Id$
if ($hassiteconfig) {
$ADMIN->add('roles', new admin_externalpage('reportcapability', get_string('capability', 'report_capability'), "$CFG->wwwroot/$CFG->admin/report/capability/index.php",'moodle/role:manage'));
}
$ADMIN->add('roles', new admin_externalpage('reportcapability', get_string('capability', 'report_capability'), "$CFG->wwwroot/$CFG->admin/report/capability/index.php",'moodle/role:manage'));
?>
42 changes: 42 additions & 0 deletions admin/report/courseoverview/db/access.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
<?php // $Id$

///////////////////////////////////////////////////////////////////////////
// //
// NOTICE OF COPYRIGHT //
// //
// Moodle - Modular Object-Oriented Dynamic Learning Environment //
// http://moodle.com //
// //
// Copyright (C) 1999 onwards Martin Dougiamas http://moodle.com //
// //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details: //
// //
// http://www.gnu.org/copyleft/gpl.html //
// //
///////////////////////////////////////////////////////////////////////////

$report_courseoverview_capabilities = array(

'report/courseoverview:view' => array(
'riskbitmask' => RISK_PERSONAL,
'captype' => 'read',
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
),

'clonepermissionsfrom' => 'moodle/site:viewreports',
)
);

?>
6 changes: 5 additions & 1 deletion admin/report/courseoverview/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,11 @@
admin_externalpage_print_header();

if (empty($CFG->enablestats)) {
redirect("$CFG->wwwroot/$CFG->admin/settings.php?section=stats", get_string('mustenablestats', 'admin'), 3);
if (has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM))) {
redirect("$CFG->wwwroot/$CFG->admin/settings.php?section=stats", get_string('mustenablestats', 'admin'), 3);
} else {
error("Stats is not enabled.");
}
}

$course = get_site();
Expand Down
2 changes: 1 addition & 1 deletion admin/report/courseoverview/reportsgraph.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@

require_login();

require_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM));
require_capability('report/courseoverview:view', get_context_instance(CONTEXT_SYSTEM));

stats_check_uptodate();

Expand Down
2 changes: 1 addition & 1 deletion admin/report/courseoverview/settings.php
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<?php // $Id$
$ADMIN->add('reports', new admin_externalpage('reportcourseoverview', get_string('courseoverview', 'admin'), "$CFG->wwwroot/$CFG->admin/report/courseoverview/index.php",'moodle/site:viewreports'));
$ADMIN->add('reports', new admin_externalpage('reportcourseoverview', get_string('courseoverview', 'admin'), "$CFG->wwwroot/$CFG->admin/report/courseoverview/index.php",'report/courseoverview:view'));
?>
29 changes: 29 additions & 0 deletions admin/report/courseoverview/version.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
<?PHP // $Id$

///////////////////////////////////////////////////////////////////////////
// //
// NOTICE OF COPYRIGHT //
// //
// Moodle - Modular Object-Oriented Dynamic Learning Environment //
// http://moodle.com //
// //
// Copyright (C) 1999 onwards Martin Dougiamas http://moodle.com //
// //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details: //
// //
// http://www.gnu.org/copyleft/gpl.html //
// //
///////////////////////////////////////////////////////////////////////////

$plugin->version = 2007101502;
$plugin->requires = 2007101532;

?>
30 changes: 0 additions & 30 deletions admin/report/log/index.php
View file

This file was deleted.

3 changes: 2 additions & 1 deletion admin/report/log/settings.php
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
<?php // $Id$
$ADMIN->add('reports', new admin_externalpage('reportlog', get_string('log', 'admin'), "$CFG->wwwroot/$CFG->admin/report/log/index.php",'moodle/site:viewreports'));
// just a link to course report
$ADMIN->add('reports', new admin_externalpage('reportlog', get_string('log', 'admin'), "$CFG->wwwroot/course/report/log/index.php?id=".SITEID, 'coursereport/log:view'));
?>
39 changes: 39 additions & 0 deletions admin/report/questioninstances/db/access.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
<?php // $Id$

///////////////////////////////////////////////////////////////////////////
// //
// NOTICE OF COPYRIGHT //
// //
// Moodle - Modular Object-Oriented Dynamic Learning Environment //
// http://moodle.com //
// //
// Copyright (C) 1999 onwards Martin Dougiamas http://moodle.com //
// //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details: //
// //
// http://www.gnu.org/copyleft/gpl.html //
// //
///////////////////////////////////////////////////////////////////////////

$report_questioninstances_capabilities = array(

'report/questioninstances:view' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_SYSTEM,
'legacy' => array(
'admin' => CAP_ALLOW
),

'clonepermissionsfrom' => 'moodle/site:config',
)
);

?>
2 changes: 1 addition & 1 deletion admin/report/questioninstances/settings.php
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<?php // $Id$
$ADMIN->add('reports', new admin_externalpage('reportquestioninstances', get_string('questioninstances', 'report_questioninstances'), "$CFG->wwwroot/$CFG->admin/report/questioninstances/index.php", 'moodle/site:viewreports'));
$ADMIN->add('reports', new admin_externalpage('reportquestioninstances', get_string('questioninstances', 'report_questioninstances'), "$CFG->wwwroot/$CFG->admin/report/questioninstances/index.php", 'report/questioninstances:view'));
?>
29 changes: 29 additions & 0 deletions admin/report/questioninstances/version.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
<?PHP // $Id$

///////////////////////////////////////////////////////////////////////////
// //
// NOTICE OF COPYRIGHT //
// //
// Moodle - Modular Object-Oriented Dynamic Learning Environment //
// http://moodle.com //
// //
// Copyright (C) 1999 onwards Martin Dougiamas http://moodle.com //
// //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details: //
// //
// http://www.gnu.org/copyleft/gpl.html //
// //
///////////////////////////////////////////////////////////////////////////

$plugin->version = 2007101502;
$plugin->requires = 2007101532;

?>
69 changes: 0 additions & 69 deletions admin/report/stats/index.php
View file

This file was deleted.

3 changes: 2 additions & 1 deletion admin/report/stats/settings.php
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
<?php // $Id$
$ADMIN->add('reports', new admin_externalpage('reportstats', get_string('stats', 'admin'), "$CFG->wwwroot/$CFG->admin/report/stats/index.php",'moodle/site:viewreports'));
// just a link to course report
$ADMIN->add('reports', new admin_externalpage('reportstats', get_string('stats', 'admin'), "$CFG->wwwroot/course/report/stats/index.php", 'coursereport/stats:view'));
?>
2 changes: 1 addition & 1 deletion blocks/admin/block_admin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@ function get_content() {
}

/// View course reports
if ($course->id !== SITEID and has_capability('moodle/site:viewreports', $context)) {
if ($course->id !== SITEID and has_capability('moodle/site:viewreports', $context)) { // basic capability for listing of reports
$this->content->items[]='<a href="'.$CFG->wwwroot.'/course/report.php?id='.$this->instance->pageid.'">'.get_string('reports').'</a>';
$this->content->icons[]='<img src="'.$CFG->pixpath.'/i/stats.gif" class="icon" alt="" />';
}
Expand Down
2 changes: 1 addition & 1 deletion course/lib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -775,7 +775,7 @@ function print_log_graph($course, $userid=0, $type="course.png", $date=0) {
echo "(".get_string("gdneed").")";
} else {
// MDL-10818, do not display broken graph when user has no permission to view graph
if (has_capability('moodle/site:viewreports', get_context_instance(CONTEXT_COURSE, $course->id)) ||
if (has_capability('coursereport/log:view', get_context_instance(CONTEXT_COURSE, $course->id)) ||
($course->showreports and $USER->id == $userid)) {
echo '<img src="'.$CFG->wwwroot.'/course/report/log/graph.php?id='.$course->id.
'&amp;user='.$userid.'&amp;type='.$type.'&amp;date='.$date.'" alt="" />';
Expand Down
2 changes: 1 addition & 1 deletion course/report.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
require_login($course);

$context = get_context_instance(CONTEXT_COURSE, $course->id);
require_capability('moodle/site:viewreports', $context);
require_capability('moodle/site:viewreports', $context); // basic capability for listing of reports

$strreports = get_string('reports');

Expand Down
42 changes: 42 additions & 0 deletions course/report/log/db/access.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
<?php // $Id$

///////////////////////////////////////////////////////////////////////////
// //
// NOTICE OF COPYRIGHT //
// //
// Moodle - Modular Object-Oriented Dynamic Learning Environment //
// http://moodle.com //
// //
// Copyright (C) 1999 onwards Martin Dougiamas http://moodle.com //
// //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details: //
// //
// http://www.gnu.org/copyleft/gpl.html //
// //
///////////////////////////////////////////////////////////////////////////

$coursereport_log_capabilities = array(

'coursereport/log:view' => array(
'riskbitmask' => RISK_PERSONAL,
'captype' => 'read',
'contextlevel' => CONTEXT_COURSE,
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
),

'clonepermissionsfrom' => 'moodle/site:viewreports',
)
);

?>
9 changes: 5 additions & 4 deletions course/report/log/graph.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,13 @@
print_error('invalidcourseid');
}

require_login($course->id);
require_login($course);
$context = get_context_instance(CONTEXT_COURSE, $course->id);

if (! (has_capability('moodle/site:viewreports', $context)
or ($course->showreports and $USER->id == $user)) ) {
print_error("nopermissions");
if ($course->showreports and $USER->id == $user and !isguestuser()) {
// no cap required to view own graph
} else {
require_capability('coursereport/log:view', $context);
}

if ($user) {
Expand Down
Loading

0 comments on commit a2e4bf7

Please sign in to comment.