moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-09 19:06:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-56501 message: introduce new manageallmessaging capability

Browse source
This commit is contained in:
Simey Lameze 2016-10-25 14:40:36 +08:00
parent 4e5d96ee3a
commit 343ba16c31
6 changed files with 92 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

65
message/externallib.php
View file

@ -214,13 +214,26 @@ class core_message_external extends external_api {
* @since Moodle 2.5
*/
public static function create_contacts($userids, $userid = 0) {
global $CFG;
global $CFG, $USER;
// Check if messaging is enabled.
if (empty($CFG->messaging)) {
throw new moodle_exception('disabled', 'message');
}
if (empty($userid)) {
$userid = $USER->id;
}
// Validate context.
$context = context_system::instance();
self::validate_context($context);
$capability = 'moodle/site:manageallmessaging';
if (($USER->id != $userid) && !has_capability($capability, $context)) {
throw new required_capability_exception($context, $capability, 'nopermissions', '');
}
$params = array('userids' => $userids, 'userid' => $userid);
$params = self::validate_parameters(self::create_contacts_parameters(), $params);
@ -276,13 +289,26 @@ class core_message_external extends external_api {
* @since Moodle 2.5
*/
public static function delete_contacts($userids, $userid = 0) {
global $CFG;
global $CFG, $USER;
// Check if messaging is enabled.
if (empty($CFG->messaging)) {
throw new moodle_exception('disabled', 'message');
}
if (empty($userid)) {
$userid = $USER->id;
}
// Validate context.
$context = context_system::instance();
self::validate_context($context);
$capability = 'moodle/site:manageallmessaging';
if (($USER->id != $userid) && !has_capability($capability, $context)) {
throw new required_capability_exception($context, $capability, 'nopermissions', '');
}
$params = array('userids' => $userids, 'userid' => $userid);
$params = self::validate_parameters(self::delete_contacts_parameters(), $params);
@ -331,13 +357,26 @@ class core_message_external extends external_api {
* @since Moodle 2.5
*/
public static function block_contacts($userids, $userid = 0) {
global $CFG;
global $CFG, $USER;
// Check if messaging is enabled.
if (empty($CFG->messaging)) {
throw new moodle_exception('disabled', 'message');
}
if (empty($userid)) {
$userid = $USER->id;
}
// Validate context.
$context = context_system::instance();
self::validate_context($context);
$capability = 'moodle/site:manageallmessaging';
if (($USER->id != $userid) && !has_capability($capability, $context)) {
throw new required_capability_exception($context, $capability, 'nopermissions', '');
}
$params = array('userids' => $userids, 'userid' => $userid);
$params = self::validate_parameters(self::block_contacts_parameters(), $params);
@ -393,13 +432,26 @@ class core_message_external extends external_api {
* @since Moodle 2.5
*/
public static function unblock_contacts($userids, $userid = 0) {
global $CFG;
global $CFG, $USER;
// Check if messaging is enabled.
if (empty($CFG->messaging)) {
throw new moodle_exception('disabled', 'message');
}
if (empty($userid)) {
$userid = $USER->id;
}
// Validate context.
$context = context_system::instance();
self::validate_context($context);
$capability = 'moodle/site:manageallmessaging';
if (($USER->id != $userid) && !has_capability($capability, $context)) {
throw new required_capability_exception($context, $capability, 'nopermissions', '');
}
$params = array('userids' => $userids, 'userid' => $userid);
$params = self::validate_parameters(self::unblock_contacts_parameters(), $params);
@ -1679,8 +1731,9 @@ class core_message_external extends external_api {
core_user::require_active_user($user);
// Check if we have permissions for retrieve the information.
if ($userid != $USER->id and !has_capability('moodle/site:readallmessages', $context)) {
throw new moodle_exception('accessdenied', 'admin');
$capability = 'moodle/site:manageallmessaging';
if (($USER->id != $userid) && !has_capability($capability, $context)) {
throw new required_capability_exception($context, $capability, 'nopermissions', '');
}
// Now, we can get safely all the blocked users.