From c154ce5a7f5c58b7dfe984563093a45e1ff29d9f Mon Sep 17 00:00:00 2001 From: Adrian Greeve Date: Thu, 6 Dec 2012 10:52:09 +0800 Subject: [PATCH] MDL-37026 - lib: The function user_can_assign() returns true for admins. --- lib/accesslib.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/accesslib.php b/lib/accesslib.php index 50a9ee4b606..48f24df88af 100644 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -2937,8 +2937,13 @@ function get_user_roles_in_course($userid, $courseid) { function user_can_assign(context $context, $targetroleid) { global $DB; - // first check if user has override capability - // if not return false; + // First check to see if the user is a site administrator. + if (is_siteadmin()) { + return true; + } + + // Check if user has override capability. + // If not return false. if (!has_capability('moodle/role:assign', $context)) { return false; } -- 2.43.0