From bcab2b21b3cedf7698a384aeeb8e61881905d84e Mon Sep 17 00:00:00 2001 From: Jason Fowler Date: Thu, 22 Mar 2012 15:27:48 +0800 Subject: [PATCH] MDL-30482 - Glossary - Fixing the capability controls for the recent activity block --- .../glossary_random/block_glossary_random.php | 17 ++++++-------- mod/glossary/lib.php | 22 +++++++++---------- 2 files changed, 18 insertions(+), 21 deletions(-) diff --git a/blocks/glossary_random/block_glossary_random.php b/blocks/glossary_random/block_glossary_random.php index 4a4d0d40ac5..dac296a531d 100644 --- a/blocks/glossary_random/block_glossary_random.php +++ b/blocks/glossary_random/block_glossary_random.php @@ -118,10 +118,6 @@ class block_glossary_random extends block_base { function get_content() { global $USER, $CFG, $DB; - if (!has_capability('mod/glossary:view', $this->context)) { - return ''; - } - if (empty($this->config->glossary)) { $this->content = new stdClass(); $this->content->text = get_string('notyetconfigured','block_glossary_random'); @@ -129,12 +125,15 @@ class block_glossary_random extends block_base { return $this->content; } - $glossaryid = $this->config->glossary; - - $course = $this->page->course; - require_once($CFG->dirroot.'/course/lib.php'); + $course = $this->page->course; $modinfo = get_fast_modinfo($course); + $glossaryid = $this->config->glossary; + $cm = $modinfo->instances['glossary'][$glossaryid]; + + if (!has_capability('mod/glossary:view', get_context_instance(CONTEXT_MODULE, $cm->id))) { + return ''; + } if (!isset($modinfo->instances['glossary'][$glossaryid])) { // we can get here if the glossary has been deleted, so @@ -148,8 +147,6 @@ class block_glossary_random extends block_base { return $this->content; } - $cm = $modinfo->instances['glossary'][$glossaryid]; - if (empty($this->config->cache)) { $this->config->cache = ''; } diff --git a/mod/glossary/lib.php b/mod/glossary/lib.php index 6a22120c34a..a2da16dd758 100644 --- a/mod/glossary/lib.php +++ b/mod/glossary/lib.php @@ -329,7 +329,6 @@ function glossary_print_recent_activity($course, $viewfullnames, $timestart) { if (!defined('GLOSSARY_RECENT_ACTIVITY_LIMIT')) { define('GLOSSARY_RECENT_ACTIVITY_LIMIT', 50); } - $modinfo = get_fast_modinfo($course); $ids = array(); @@ -351,18 +350,20 @@ function glossary_print_recent_activity($course, $viewfullnames, $timestart) { $approvals = array(); foreach ($ids as $glinstanceid => $glcmid) { $context = get_context_instance(CONTEXT_MODULE, $glcmid); - if (!has_capability('mod/glossary:view', $context)) { - continue; - } - // get records glossary entries that are approved if user has no capability to approve entries. - if (has_capability('mod/glossary:approve', $context)) { - $approvals[] = ' ge.glossaryid = :glsid'.$glinstanceid.' '; - } else { - $approvals[] = ' (ge.approved = 1 AND ge.glossaryid = :glsid'.$glinstanceid.') '; + if (has_capability('mod/glossary:view', $context)) { + // get records glossary entries that are approved if user has no capability to approve entries. + if (has_capability('mod/glossary:approve', $context)) { + $approvals[] = ' ge.glossaryid = :glsid'.$glinstanceid.' '; + } else { + $approvals[] = ' (ge.approved = 1 AND ge.glossaryid = :glsid'.$glinstanceid.') '; + } + $params['glsid'.$glinstanceid] = $glinstanceid; } - $params['glsid'.$glinstanceid] = $glinstanceid; } + if (count($approvals) == 0) { + return false; + } $selectsql = 'SELECT ge.id, ge.concept, ge.approved, ge.timemodified, ge.glossaryid, '.user_picture::fields('u',null,'userid'); $countsql = 'SELECT COUNT(*)'; @@ -387,7 +388,6 @@ function glossary_print_recent_activity($course, $viewfullnames, $timestart) { } echo $OUTPUT->heading(get_string('newentries', 'glossary').':'); - $strftimerecent = get_string('strftimerecent'); $entrycount = 0; foreach ($entries as $entry) { -- 2.43.0