moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-09 10:56:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-69672 core_contentbank: Check used context level

Browse source
This commit is contained in:
Amaia Anabitarte 2020-09-16 17:10:39 +02:00
parent 8b026809c5
commit 3490f29ad9
5 changed files with 31 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
contentbank/index.php
View file

@ -30,6 +30,11 @@ $contextid = optional_param('contextid', \context_system::instance()->id, PAR
$search = optional_param('search', '', PARAM_CLEAN);
$context = context::instance_by_id($contextid, MUST_EXIST);
$cb = new \core_contentbank\contentbank();
if (!$cb->is_context_allowed($context)) {
print_error('contextnotallowed', 'core_contentbank');
}
require_capability('moodle/contentbank:access', $context);
$statusmsg = optional_param('statusmsg', '', PARAM_ALPHANUMEXT);
@ -47,7 +52,6 @@ $PAGE->set_heading($title);
$PAGE->set_pagetype('contentbank');
// Get all contents managed by active plugins where the user has permission to render them.
$cb = new \core_contentbank\contentbank();
$contenttypes = [];
$enabledcontenttypes = $cb->get_enabled_content_types();
foreach ($enabledcontenttypes as $contenttypename) {