mirror of
https://github.com/moodle/moodle.git
synced 2025-08-06 17:36:38 +02:00
MDL-56501 message: introduce new manageallmessaging capability
This commit is contained in:
Simey Lameze
parent
4e5d96ee3a
commit
343ba16c31
6 changed files with 92 additions and 8 deletions
|
|
@ -214,13 +214,26 @@ class core_message_external extends external_api {
|
|||
* @since Moodle 2.5
|
||||
*/
|
||||
public static function create_contacts($userids, $userid = 0) {
|
||||
global $CFG;
|
||||
global $CFG, $USER;
|
||||
|
||||
// Check if messaging is enabled.
|
||||
if (empty($CFG->messaging)) {
|
||||
throw new moodle_exception('disabled', 'message');
|
||||
}
|
||||
|
||||
if (empty($userid)) {
|
||||
$userid = $USER->id;
|
||||
}
|
||||
|
||||
// Validate context.
|
||||
$context = context_system::instance();
|
||||
self::validate_context($context);
|
||||
|
||||
$capability = 'moodle/site:manageallmessaging';
|
||||
if (($USER->id != $userid) && !has_capability($capability, $context)) {
|
||||
throw new required_capability_exception($context, $capability, 'nopermissions', '');
|
||||
}
|
||||
|
||||
$params = array('userids' => $userids, 'userid' => $userid);
|
||||
$params = self::validate_parameters(self::create_contacts_parameters(), $params);
|
||||
|
||||
|
|
@ -276,13 +289,26 @@ class core_message_external extends external_api {
|
|||
* @since Moodle 2.5
|
||||
*/
|
||||
public static function delete_contacts($userids, $userid = 0) {
|
||||
global $CFG;
|
||||
global $CFG, $USER;
|
||||
|
||||
// Check if messaging is enabled.
|
||||
if (empty($CFG->messaging)) {
|
||||
throw new moodle_exception('disabled', 'message');
|
||||
}
|
||||
|
||||
if (empty($userid)) {
|
||||
$userid = $USER->id;
|
||||
}
|
||||
|
||||
// Validate context.
|
||||
$context = context_system::instance();
|
||||
self::validate_context($context);
|
||||
|
||||
$capability = 'moodle/site:manageallmessaging';
|
||||
if (($USER->id != $userid) && !has_capability($capability, $context)) {
|
||||
throw new required_capability_exception($context, $capability, 'nopermissions', '');
|
||||
}
|
||||
|
||||
$params = array('userids' => $userids, 'userid' => $userid);
|
||||
$params = self::validate_parameters(self::delete_contacts_parameters(), $params);
|
||||
|
||||
|
|
@ -331,13 +357,26 @@ class core_message_external extends external_api {
|
|||
* @since Moodle 2.5
|
||||
*/
|
||||
public static function block_contacts($userids, $userid = 0) {
|
||||
global $CFG;
|
||||
global $CFG, $USER;
|
||||
|
||||
// Check if messaging is enabled.
|
||||
if (empty($CFG->messaging)) {
|
||||
throw new moodle_exception('disabled', 'message');
|
||||
}
|
||||
|
||||
if (empty($userid)) {
|
||||
$userid = $USER->id;
|
||||
}
|
||||
|
||||
// Validate context.
|
||||
$context = context_system::instance();
|
||||
self::validate_context($context);
|
||||
|
||||
$capability = 'moodle/site:manageallmessaging';
|
||||
if (($USER->id != $userid) && !has_capability($capability, $context)) {
|
||||
throw new required_capability_exception($context, $capability, 'nopermissions', '');
|
||||
}
|
||||
|
||||
$params = array('userids' => $userids, 'userid' => $userid);
|
||||
$params = self::validate_parameters(self::block_contacts_parameters(), $params);
|
||||
|
||||
|
|
@ -393,13 +432,26 @@ class core_message_external extends external_api {
|
|||
* @since Moodle 2.5
|
||||
*/
|
||||
public static function unblock_contacts($userids, $userid = 0) {
|
||||
global $CFG;
|
||||
global $CFG, $USER;
|
||||
|
||||
// Check if messaging is enabled.
|
||||
if (empty($CFG->messaging)) {
|
||||
throw new moodle_exception('disabled', 'message');
|
||||
}
|
||||
|
||||
if (empty($userid)) {
|
||||
$userid = $USER->id;
|
||||
}
|
||||
|
||||
// Validate context.
|
||||
$context = context_system::instance();
|
||||
self::validate_context($context);
|
||||
|
||||
$capability = 'moodle/site:manageallmessaging';
|
||||
if (($USER->id != $userid) && !has_capability($capability, $context)) {
|
||||
throw new required_capability_exception($context, $capability, 'nopermissions', '');
|
||||
}
|
||||
|
||||
$params = array('userids' => $userids, 'userid' => $userid);
|
||||
$params = self::validate_parameters(self::unblock_contacts_parameters(), $params);
|
||||
|
||||
|
|
@ -1679,8 +1731,9 @@ class core_message_external extends external_api {
|
|||
core_user::require_active_user($user);
|
||||
|
||||
// Check if we have permissions for retrieve the information.
|
||||
if ($userid != $USER->id and !has_capability('moodle/site:readallmessages', $context)) {
|
||||
throw new moodle_exception('accessdenied', 'admin');
|
||||
$capability = 'moodle/site:manageallmessaging';
|
||||
if (($USER->id != $userid) && !has_capability($capability, $context)) {
|
||||
throw new required_capability_exception($context, $capability, 'nopermissions', '');
|
||||
}
|
||||
|
||||
// Now, we can get safely all the blocked users.
|
||||
|
|
|
|||
|
|
@ -161,6 +161,11 @@ class core_message_externallib_testcase extends externallib_advanced_testcase {
|
|||
$return = array_pop($return);
|
||||
$this->assertEquals($return['warningcode'], 'contactnotcreated');
|
||||
$this->assertEquals($return['itemid'], 99999);
|
||||
|
||||
// Try to add a contact to another user, should throw an exception.
|
||||
// All assertions must be added before this point.
|
||||
$this->expectException('required_capability_exception');
|
||||
core_message_external::create_contacts(array($user2->id), $user3->id);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -198,6 +203,11 @@ class core_message_externallib_testcase extends externallib_advanced_testcase {
|
|||
// Removing mixed valid and invalid data.
|
||||
$return = core_message_external::delete_contacts(array($user6->id, 99999));
|
||||
$this->assertNull($return);
|
||||
|
||||
// Try to delete a contact of another user contact list, should throw an exception.
|
||||
// All assertions must be added before this point.
|
||||
$this->expectException('required_capability_exception');
|
||||
core_message_external::delete_contacts(array($user2->id), $user3->id);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -244,6 +254,11 @@ class core_message_externallib_testcase extends externallib_advanced_testcase {
|
|||
$return = array_pop($return);
|
||||
$this->assertEquals($return['warningcode'], 'contactnotblocked');
|
||||
$this->assertEquals($return['itemid'], 99999);
|
||||
|
||||
// Try to block a contact of another user contact list, should throw an exception.
|
||||
// All assertions must be added before this point.
|
||||
$this->expectException('required_capability_exception');
|
||||
core_message_external::block_contacts(array($user2->id), $user3->id);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -282,6 +297,10 @@ class core_message_externallib_testcase extends externallib_advanced_testcase {
|
|||
$return = core_message_external::unblock_contacts(array($user6->id, 99999));
|
||||
$this->assertNull($return);
|
||||
|
||||
// Try to unblock a contact of another user contact list, should throw an exception.
|
||||
// All assertions must be added before this point.
|
||||
$this->expectException('required_capability_exception');
|
||||
core_message_external::unblock_contacts(array($user2->id), $user3->id);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue