require_login($course);
require_capability('moodle/course:enrolconfig', $context);
+require_capability('enrol/cohort:config', $context);
$PAGE->set_url('/enrol/cohort/addinstance.php', array('id'=>$course->id));
$PAGE->set_pagelayout('admin');
break;
case 'enrolcohort':
require_capability('moodle/course:enrolconfig', $context);
+ require_capability('enrol/cohort:config', $context);
$roleid = required_param('roleid', PARAM_INT);
$cohortid = required_param('cohortid', PARAM_INT);
enrol_cohort_sync($manager->get_course()->id);
break;
case 'enrolcohortusers':
- require_capability('moodle/course:enrolconfig', $context);
+ require_capability('enrol/manual:enrol', $context);
$roleid = required_param('roleid', PARAM_INT);
$cohortid = required_param('cohortid', PARAM_INT);
$result = enrol_cohort_enrol_all_users($manager, $cohortid, $roleid);
+
+ $roles = $manager->get_assignable_roles();
+ $cohorts = enrol_cohort_get_cohorts($manager);
+ if (!array_key_exists($cohortid, $cohorts) || !array_key_exists($roleid, $roles)) {
+ throw new enrol_ajax_exception('errorenrolcohort');
+ }
if ($result === false) {
throw new enrol_ajax_exception('errorenrolcohortusers');
}
$button->strings_for_js('users', 'moodle');
// No point showing this at all if the user cant manually enrol users
- $hasmanualinstance = has_capability('enrol/manual:manage', $manager->get_context()) && $manager->has_instance('manual');
+ $hasmanualinstance = has_capability('enrol/manual:enrol', $manager->get_context()) && $manager->has_instance('manual');
$modules = array('moodle-enrol_cohort-quickenrolment', 'moodle-enrol_cohort-quickenrolment-skin');
$function = 'M.enrol_cohort.quickenrolment.init';
