MDL-17647 was referring to moodle/site:candoanything insstead of moodle/site:doanything
MDL-17648 Let get_users_by_capability take an array of capabilities, like has_any_capability
MDL-17649 get_users_by_capability must have unit tests (HEAD only).
The unit tests were briefly working (apart from the system context, which I had to set up by hand in the test contexts table). Then I made the mistake of trying to upgrade the test tables, and it all went horribly wrong (MDL-17644).
* Note: this would never lead to problems with default role definions.
* Also ended up mostly rewriting delete_category_form to simplify the messages that are displayed.
* New helper function require_all_capabilities, a bit like require_any_capability.
Bugs: MDL-17479, MDL-16426, MDL-16063, MDL-16013, MDL-15658, MDL-15556, MDL-15161, MDL-14925, MDL-13742, MDL-11557.
* Simplify category editing permissions to just moodle/category:manage and moodle/category:seehiddencategories.
* Enforce those correctly. (Note MDL 17502 is still outstanding.)
* Don't screw up category sort order when you just edit name or description.
* Niceties like where redirects go when you cancel or submit forms.
* Make sure a global course creator can see the site admin block.
* Don't allow a category to be made the child of one of its children!
* General code cleanup to bring key files more in line with best pracitice.
Apologies for the fact it is one big patch, rather than a series of smaller patches. However, categoryedit.php, category.php and index.php where in pretty bad shape and needed significant cleaning up. categoryedit.php, in particular, was almost completely rewritten.
Merged from MOODLE_19_STABLE.
* Move the show/hide advanced button a bit down the page.
* Improve save button caption when creating a role.
* Don't show defaults on the basic define roles screen.
* Explain the background shading on the advanced roels screen.
* Fix the problem with the risks link to Moodle docs.
* Help icon by the permissions column heading.
* Tables with rotated <th>s, make them vertical-align: bottom.
* Rename explain.php and explainhascapability.php to check.php and explain.php
* Tool tips on the number headers in the explain table.
* Explain table - role names were missing.
* Allow link_to_popup_window to work with full URLs.
* New basic define roles mode, with just an Allow checkbox for each capability.
* Button to toggle this form to/from advanced mode.
* Also, a separate mode for viewing a role definition, rather than just showing disabled checkboxes.
* Now duplicating a role just takes to you a pre-populated add role form, so you can double-check things before saving the new role.
* Deleting a role is now logged.
* Role reordering code cleaned up.
* You can now no longer delete the last role that has admin permissions.
* This includes a general refactor of manage.php, which eliminates manage.html, and splits of define.php.
I have collected code that used to be in lib/adminlib.php, lib/accesslib.php and user/selector/lib.php into a new admin/roles/lib.php file.
And I added standard GPL and Moodle comments to all the files in admin/roles.
* New table role_context_levels
* Populate table with defaults on install
* Populate table on upgrade with the same defaults, plus any additional ones needed to ensure all the role assignments already in the database are allowed.
* Change get_assignable_roles to respect these settings.
* UI for these settings on the add/edit role form.
* Save these settings when a role definition is saved.
* If in a context, there are no roles you can assign, display a polite message.
* Back up these settings.
* Restore these settings. When resotring a <=1.9.x backup file, any newly imported roles are set to be assignable at all contextlevels.
Restore not tested because it is broken in HEAD.
Including:
MDL-11529 When assigning/overriding roles, the dropdown for switching to another role should have a number in brackets
MDL-16549 Should not be able to edit the permission associated with moodle/site:doanything on any role.
At the same time, I took the opportunity to try to work on some of the usability issues on this page. Note that I have not quite finished! So don't comment until tomorrow.
In the course of doing this, I also did: half of
MDL-11529 Show the number of assignees of each role in the change role dropdown on this page.
MDL-17067 Make it clear in the UI that admins are not allowed to unassign themselves.
To do this, I found a way to clean up the method signatures of a couple of accesslib methods, so I did, hence the fact that this seems to touch some unrelated files.
Also, there is a nice new method in accesslib get_context_url, which gives you the natural URL for a context, so the course view page, or the user profile, etc.
