even non-course and sticky blocks.
The parent context is block_instances.parentcontextid.
The block context should be used for checking permissions directly
related to the block, like moodle/block:view or moodle/site:manageblocks.
However, if the block is displaying information about the current page,
for example the participants block showing who 'here', then it may be
better to use the context of the page where the bloack is appearing -
in other words $this->page->context - to check permissions about the
user's ability to see participants here.
Or, if the block is displaying something stronly related to courses,
for example, a course meny block, the block should probably use the
context for $this->page->course to check permissions.
There is a new implementation of require_js in lib/deprecatedlib.php,
based on $PAGE->requires.
There were a few other recently introduced functions in lib/weblib.php,
namely print_js_call, print_delayed_js_call, print_js_config and
standard_js_config. These have been removed, since they were never in
a stable branch, and all the places that used them have been changed
to use the newer $PAGE->requires->... methods.
get_require_js_code is also gone, and the evil places that were calling
it, even though it is an internal function, have been fixed.
Also, I made some minor improvements to the code I committed yesterday
for MDL-16695.
All that remains is to update all the places in core code that are
still using require_js.
(This commit also fixes the problem where the admin tree would not
start with the right categories expanded.)
That was becuase not enough information was being passed in for the blocks editing controls to construct the right URL to reload the page.
It is also now possible for admin external pages to add some UI next to the turn blocks editing on/off button. For example, when you are editing the list of course catgories, the turn editing off button is now in the right place.
* Move the show/hide advanced button a bit down the page.
* Improve save button caption when creating a role.
* Don't show defaults on the basic define roles screen.
* Explain the background shading on the advanced roels screen.
* Fix the problem with the risks link to Moodle docs.
* Help icon by the permissions column heading.
* Tables with rotated <th>s, make them vertical-align: bottom.
* Rename explain.php and explainhascapability.php to check.php and explain.php
* Tool tips on the number headers in the explain table.
* Explain table - role names were missing.
* Allow link_to_popup_window to work with full URLs.
I have collected code that used to be in lib/adminlib.php, lib/accesslib.php and user/selector/lib.php into a new admin/roles/lib.php file.
And I added standard GPL and Moodle comments to all the files in admin/roles.
* New table role_context_levels
* Populate table with defaults on install
* Populate table on upgrade with the same defaults, plus any additional ones needed to ensure all the role assignments already in the database are allowed.
* Change get_assignable_roles to respect these settings.
* UI for these settings on the add/edit role form.
* Save these settings when a role definition is saved.
* If in a context, there are no roles you can assign, display a polite message.
* Back up these settings.
* Restore these settings. When resotring a <=1.9.x backup file, any newly imported roles are set to be assignable at all contextlevels.
Restore not tested because it is broken in HEAD.
Including:
MDL-11529 When assigning/overriding roles, the dropdown for switching to another role should have a number in brackets
MDL-16549 Should not be able to edit the permission associated with moodle/site:doanything on any role.
* Make the role being assigned clear in the title
* Make the options in the middle of the page be in a collapsable options section, collapsed by default.
* Put them in a smaller font too.
* Switch the date selectors here to use a shorter date format, and change 'Course start date' to 'Course start'.
At the same time, I took the opportunity to try to work on some of the usability issues on this page. Note that I have not quite finished! So don't comment until tomorrow.
In the course of doing this, I also did: half of
MDL-11529 Show the number of assignees of each role in the change role dropdown on this page.
MDL-17067 Make it clear in the UI that admins are not allowed to unassign themselves.
To do this, I found a way to clean up the method signatures of a couple of accesslib methods, so I did, hence the fact that this seems to touch some unrelated files.
Also, there is a nice new method in accesslib get_context_url, which gives you the natural URL for a context, so the course view page, or the user profile, etc.
I have not copied and pasted the same code into lots of different places. That sucks. We really need to refactor this into a function that builds the navigation up to, and including the user's name. However, I don't have time now. A list of the places touched by this bug (MDL-12373) will at least give a complete list of places that such a refactoring would have to touch.
Improvements to the tabs for assigning and overriding roles. MDL-12120
Tabs are now all on the top row
Tabs have clearer titles
Other help texts improved
* improved handling of dirty contexts in general - caching, switching in cron, marking, loading, etc.
* role_assing() and role_unassign() now marks dirty contexts because we use has_capability() in this function - we can not do it later outside to speedup bulk operations
* fixed some inline docs
* fixed notice from rs closing
* removed cached $CONTEXT from has_capability() - $context is now required parameter; this was hiding serious bugs when context did not exist or ppl passed false as parameter
* removed some ===, we can not use these on function parameters - we must support ints, strings, '', nulls, etc. - this could be a source of really dangerous bugs in future
* some other improvements and fixes - documented inline
And will force a reload of $USER->access for logged-in users that need
to read _this_ context. Much lower impact - still not a great idea to
edit assignments/caps on very busy courses, but impact should be low.
