From c154ce5a7f5c58b7dfe984563093a45e1ff29d9f Mon Sep 17 00:00:00 2001
From: Adrian Greeve <adrian@moodle.com>
Date: Thu, 6 Dec 2012 10:52:09 +0800
Subject: [PATCH] MDL-37026 - lib: The function user_can_assign() returns true
 for admins.

---
 lib/accesslib.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/accesslib.php b/lib/accesslib.php
index 50a9ee4b606..48f24df88af 100644
--- a/lib/accesslib.php
+++ b/lib/accesslib.php
@@ -2937,8 +2937,13 @@ function get_user_roles_in_course($userid, $courseid) {
 function user_can_assign(context $context, $targetroleid) {
     global $DB;
 
-    // first check if user has override capability
-    // if not return false;
+    // First check to see if the user is a site administrator.
+    if (is_siteadmin()) {
+        return true;
+    }
+
+    // Check if user has override capability.
+    // If not return false.
     if (!has_capability('moodle/role:assign', $context)) {
         return false;
     }
-- 
2.43.0