Background:
Given the following "users" exist:
- | username | firstname | lastname | email |
- | teacher1 | Teacher | 1 | teacher1@example.com |
+ | username | firstname | lastname |
+ | teacher1 | Teacher | 1 |
+ | tutor | Teaching | Assistant |
+ | student | Student | One |
And the following "courses" exist:
- | fullname | shortname | category |
- | Course 1 | C1 | 0 |
+ | fullname | shortname |
+ | Course 1 | C1 |
And the following "course enrolments" exist:
- | user | course | role |
- | teacher1 | C1 | editingteacher |
+ | user | course | role |
+ | teacher1 | C1 | editingteacher |
+ | tutor | C1 | teacher |
+ | student | C1 | student |
Scenario: Default system capabilities modification
Given I log in as "admin"
Then "mod/forum:deleteanypost" capability has "Prohibit" permission
And "mod/forum:editanypost" capability has "Prevent" permission
And "mod/forum:addquestion" capability has "Allow" permission
+
+ @javascript
+ Scenario: Edit permissions escapes role names correctly
+ When I am on the "C1" "Course" page logged in as "admin"
+ And I navigate to "Edit settings" in current page administration
+ And I set the following fields to these values:
+ | Your word for 'Teacher' | Teacher >= editing |
+ | Your word for 'Non-editing teacher' | Teacher < "editing" |
+ | Your word for 'Student' | Studier & 'learner' |
+ And I press "Save and display"
+ And I navigate to course participants
+ Then I should see "Teacher >= editing (Teacher)" in the "Teacher 1" "table_row"
+ And I should see "Teacher < \"editing\" (Non-editing teacher)" in the "Teaching Assistant" "table_row"
+ And I should see "Studier & 'learner' (Student)" in the "Student One" "table_row"
+ And I navigate to "Permissions" in current page administration
+ And I should see "Teacher >= editing" in the "mod/forum:replypost" "table_row"
+ And I should see "Teacher < \"editing\"" in the "mod/forum:replypost" "table_row"
+ And I should see "Studier & 'learner'" in the "mod/forum:replypost" "table_row"
+ And I follow "Prohibit"
+ And "Teacher >= editing" "button" in the "Prohibit role" "dialogue" should be visible
+ And "Teacher < \"editing\"" "button" in the "Prohibit role" "dialogue" should be visible
+ And "Studier & 'learner'" "button" in the "Prohibit role" "dialogue" should be visible
.done(function(content) {
panel.set('bodyContent', content);
panel.show();
- $('div.role_buttons').on('click', 'input', function(e) {
+ $('div.role_buttons').on('click', 'button', function(e) {
var roleid = $(e.currentTarget).data('role-id');
changePermissions(row, roleid, action);
});
Context variables required for this template:
* confirmation Confirmation text
- * roles array of role details
+ * roles array of role details. Note: in this array, rolename must have been
+ prepared for output with format_string, or more likely one of the role API functions like role_fix_names.
Example context (json):
{ "message": "Do you really want to remove Non-editing teacher from the list of allowed roles for capability View added and updated modules in recent activity block?",
- "roles": [{"roleid": 1, "rolename": "manager", "disabled":"disabled"}]}
+ "roles": [{"roleid": 1, "rolename": "Manager", "disabled": "disabled"}]}
}}
<div class="popup_content" style="text-align:center;">
{{message}} <hr/>
<div class="role_buttons">
{{#roles}}
- <input type="button" value="{{rolename}}" class="btn btn-secondary mb-1" data-role-id="{{roleid}}" {{disabled}}/>
+ <button type="button" class="btn btn-secondary mb-1" data-role-id="{{roleid}}" {{disabled}}>{{{rolename}}}</button>
{{/roles}}
</div>
</div>
* action
Context variables required for this template:
- * rolename Name of the role rendered
+ * rolename Name of the role rendered - must have been prepared for output with format_string,
+ or more likely one of the role API functions like role_fix_names.
* roleid Id of the role
* action WEhich action is done on click
* spanclass class attribute of span
"linkclass": "preventlink",
"adminurl" : "http://localhost/moodle/admin/"}
}}
-<span style="display:inline-block;" class="{{spanclass}}"> {{rolename}}
+<span style="display:inline-block;" class="{{spanclass}}"> {{{rolename}}}
<a href="{{adminurl}}roles/permissions.php" class="{{linkclass}}" data-role-id="{{roleid}}" data-action="{{action}}">
{{#icon}}
{{#pix}}{{icon}}, core, {{iconalt}}{{/pix}}
