Home
Documentation
Downloads
Demo
Tracker
Development
Translation
Moodle.net
Search
projects
/
moodle.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
40a0465
)
MDL-47921 mod_lti: Add access control to mod/lti/launch.php
author
John Okely
<john@moodle.com>
Wed, 29 Oct 2014 02:50:25 +0000
(10:50 +0800)
committer
Sam Hemelryk
<sam@moodle.com>
Mon, 3 Nov 2014 20:09:26 +0000
(09:09 +1300)
mod/lti/launch.php
patch
|
blob
|
blame
|
history
diff --git
a/mod/lti/launch.php
b/mod/lti/launch.php
index
580d88b
..
f6fd502
100644
(file)
--- a/
mod/lti/launch.php
+++ b/
mod/lti/launch.php
@@
-56,7
+56,10
@@
$cm = get_coursemodule_from_id('lti', $id, 0, false, MUST_EXIST);
$lti = $DB->get_record('lti', array('id' => $cm->instance), '*', MUST_EXIST);
$course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
-require_login($course);
+$context = context_module::instance($cm->id);
+
+require_login($course, true, $cm);
+require_capability('mod/lti:view', $context);
$lti->cmid = $cm->id;
lti_view($lti);
