MDL-14908 user: Parents are not restricted when separated groups is used
authorFrederic Massart <fred@moodle.com>
Mon, 1 Dec 2014 07:14:26 +0000 (15:14 +0800)
committerFrederic Massart <fred@moodle.com>
Mon, 1 Dec 2014 07:14:26 +0000 (15:14 +0800)
lib/navigationlib.php
user/view.php

index 3a53d86..4bbdc67 100644 (file)
@@ -4150,8 +4150,8 @@ class settings_navigation extends navigation_node {
                     return false;
                 }
                 $canaccessallgroups = has_capability('moodle/site:accessallgroups', $coursecontext);
-                if (!$canaccessallgroups && groups_get_course_groupmode($course) == SEPARATEGROUPS) {
-                    // If groups are in use, make sure we can see that group (MDL-45874).
+                if (!$canaccessallgroups && groups_get_course_groupmode($course) == SEPARATEGROUPS && !$canviewuser) {
+                    // If groups are in use, make sure we can see that group (MDL-45874). That does not apply to parents.
                     if ($courseid == $this->page->course->id) {
                         $mygroups = get_fast_modinfo($this->page->course)->groups;
                     } else {
index 48e56c6..f5feffb 100644 (file)
@@ -142,8 +142,12 @@ if ($currentuser) {
     }
 
     // If groups are in use and enforced throughout the course, then make sure we can meet in at least one course level group.
-    if (groups_get_course_groupmode($course) == SEPARATEGROUPS and $course->groupmodeforce
-      and !has_capability('moodle/site:accessallgroups', $coursecontext) and !has_capability('moodle/site:accessallgroups', $coursecontext, $user->id)) {
+    // Except when we are a parent, in which case we would not be in any group.
+    if (groups_get_course_groupmode($course) == SEPARATEGROUPS
+            and $course->groupmodeforce
+            and !has_capability('moodle/site:accessallgroups', $coursecontext)
+            and !has_capability('moodle/site:accessallgroups', $coursecontext, $user->id)
+            and !$isparent) {
         if (!isloggedin() or isguestuser()) {
             // Do not use require_login() here because we might have already used require_login($course).
             redirect(get_login_url());