moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 08:56:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

ROLES AND PERMISSIONS - FIRST CHECK-IN

Browse source 
=======================================

WARNING:  DEV IS CURRENTLY VERY UNSTABLE.

This is a mega-checkin of the new Roles system.   A lot of changes have
been made in core and modules.

Currently there are a lot of rough edges and known problems.  We are
working hard on these .. .the reason for getting this into HEAD at this
stage is enable us to move faster (our branch was diverging from HEAD
too much).

Please keep an eye on http://docs.moodle.org/en/Roles for current status
and information for developers on how to use the new Roles system.
This commit is contained in:
moodler 2006-08-08 05:13:06 +00:00
parent 394577c3e4
commit bbbf2d4015
139 changed files with 40452 additions and 2001 deletions
Download patch file Download diff file Expand all files Collapse all files

20
blog/edit.php
View file

@ -16,29 +16,31 @@ if (!$referrer = optional_param('referrer','', PARAM_URL)) {
}
}
//first verify that user is not a guest
if (isguest()) {
error(get_string('noguestpost', 'blog'), $referrer);
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
if (!has_capability('moodle/blog:readentries', $context->id)) {
error(get_string('nopost', 'blog'), $referrer);
}
// make sure that the person trying to edit have access right
// Make sure that the person trying to edit have access right
if ($editid = optional_param('editid', 0, PARAM_INT)) {
$blogEntry = get_record('post', 'id', $editid);
if (!blog_user_can_edit_post($blogEntry)) {
error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
if (!blog_user_can_edit_post($blogEntry, $context->id)) {
error( get_string('notallowedtoedit', 'blog'), $CFG->wwwroot .'/login/index.php');
}
}
//check to see if there is a requested blog to edit
// Check to see if there is a requested blog to edit
if (isloggedin() && !isguest()) {
$userid = $USER->id;
} else {
error(get_string('noblogspecified', 'blog') .'<a href="'. $CFG->blog_blogurl .'">' .get_string('viewentries', 'blog') .'</a>');
}
// if we are trying to delete an non-existing blog entry
// If we are trying to delete an non-existing blog entry
if (isset($act) && ($act == 'del') && (empty($blogEntry))) {
error ('the entry you are trying to delete does not exist');
}
@ -153,7 +155,7 @@ function do_delete($postid) {
// check ownership
$blogEntry = get_record('post','id',$postid);
if (blog_user_can_edit_post($blogEntry)) {
if (blog_user_can_edit_post($blogEntry, $context->id)) {
if (delete_records('post','id',$postid)) {
//echo "bloginfo_arg:"; //debug