### Eclipse Workspace Patch 1.0 #P moodle19b Index: admin/roles/override.php =================================================================== RCS file: /cvsroot/moodle/moodle/admin/roles/override.php,v retrieving revision 1.36.2.9 diff -u -r1.36.2.9 override.php --- admin/roles/override.php 18 Apr 2008 06:18:25 -0000 1.36.2.9 +++ admin/roles/override.php 23 Jul 2008 08:15:45 -0000 @@ -20,7 +20,9 @@ error('Can not override base role capabilities'); } - if (!has_capability('moodle/role:override', $context)) { + $canoverride = has_capability('moodle/role:override', $context); + + if (!$canoverride and !has_capability('moodle/role:safeoverride', $context)) { error('You do not have permission to change overrides in this context!'); } @@ -61,7 +63,7 @@ /// Make sure this user can override that role if ($roleid) { - if (!user_can_override($context, $roleid)) { + if (!isset($overridableroles[$roleid])) { error ('you can not override this role in this context'); } } @@ -72,7 +74,30 @@ } /// get all cababilities - $capabilities = fetch_context_capabilities($context); + $safeoverridenotice = false; + if ($roleid) { + if ($capabilities = fetch_context_capabilities($context)) { + // find out if we need to lock some capabilities + foreach ($capabilities as $capname=>$capability) { + $capabilities[$capname]->locked = false; + if ($canoverride) { + //ok no locking at all + continue; + } + //only limited safe overrides - spam only allowed + if ((RISK_DATALOSS & (int)$capability->riskbitmask) + or (RISK_MANAGETRUST & (int)$capability->riskbitmask) + or (RISK_CONFIG & (int)$capability->riskbitmask) + or (RISK_XSS & (int)$capability->riskbitmask) + or (RISK_PERSONAL & (int)$capability->riskbitmask)) { + $capabilities[$capname]->locked = true; + $safeoverridenotice = true; + } + } + } + } else { + $capabilities = null; + } /// Process incoming role override if ($data = data_submitted() and $roleid and confirm_sesskey()) { @@ -82,6 +107,10 @@ '', 'capability, permission, id'); foreach ($capabilities as $cap) { + if ($cap->locked) { + //user not allowed to change this cap + continue; + } if (!isset($data->{$cap->name})) { //cap not specified in form @@ -179,7 +208,7 @@ if (!empty($capabilities)) { // Print the capabilities overrideable in this context print_simple_box_start('center'); - include_once('override.html'); + include('override.html'); print_simple_box_end(); } else { Index: admin/roles/allowoverride.php =================================================================== RCS file: /cvsroot/moodle/moodle/admin/roles/allowoverride.php,v retrieving revision 1.13.2.1 diff -u -r1.13.2.1 allowoverride.php --- admin/roles/allowoverride.php 2 May 2008 04:07:29 -0000 1.13.2.1 +++ admin/roles/allowoverride.php 23 Jul 2008 08:15:44 -0000 @@ -74,7 +74,7 @@ $table->data[] = array_merge(array(format_string($role->name)), $beta); } - print_simple_box(get_string('configallowoverride', 'admin'), 'center'); + print_simple_box(get_string('configallowoverride2', 'admin'), 'center'); echo '
'; print_table($table); Index: admin/roles/override.html =================================================================== RCS file: /cvsroot/moodle/moodle/admin/roles/override.html,v retrieving revision 1.21.2.1 diff -u -r1.21.2.1 override.html --- admin/roles/override.html 17 Oct 2007 05:36:23 -0000 1.21.2.1 +++ admin/roles/override.html 23 Jul 2008 08:15:45 -0000 @@ -3,6 +3,7 @@ $strallow = get_string('allow','role'); $strprevent = get_string('prevent','role'); $strprohibit = get_string('prohibit','role'); + $strsafewarning = get_string('safeoverridenotice', 'role'); ?> @@ -67,7 +68,7 @@ $isprohibit = 0; } - $isdisabled = $isprohibit; + $isdisabled = $isprohibit || $capability->locked; $riskinfo = ''; $rowclasses = ''; @@ -138,10 +139,17 @@ - +
+ + '.$strsafewarning.''; + } + ?> +
Index: admin/roles/assign.php =================================================================== RCS file: /cvsroot/moodle/moodle/admin/roles/assign.php,v retrieving revision 1.63.2.12 diff -u -r1.63.2.12 assign.php --- admin/roles/assign.php 18 Apr 2008 06:18:25 -0000 1.63.2.12 +++ admin/roles/assign.php 23 Jul 2008 08:15:44 -0000 @@ -107,7 +107,7 @@ /// Make sure this user can assign that role if ($roleid) { - if (!user_can_assign($context, $roleid)) { + if (!isset($assignableroles[$roleid])) { error ('you can not override this role in this context'); } } Index: version.php =================================================================== RCS file: /cvsroot/moodle/moodle/version.php,v retrieving revision 1.563.2.181 diff -u -r1.563.2.181 version.php --- version.php 23 Jul 2008 01:40:44 -0000 1.563.2.181 +++ version.php 23 Jul 2008 08:15:44 -0000 @@ -6,7 +6,7 @@ // This is compared against the values stored in the database to determine // whether upgrades should be performed (see lib/db/*.php) - $version = 2007101520; // YYYYMMDD = date of the 1.9 branch (don't change) + $version = 2007101520.16; // YYYYMMDD = date of the 1.9 branch (don't change) // X = release number 1.9.[0,1,2,3...] // Y.YY = micro-increments between releases Index: mod/forum/db/access.php =================================================================== RCS file: /cvsroot/moodle/moodle/mod/forum/db/access.php,v retrieving revision 1.15 diff -u -r1.15 access.php --- mod/forum/db/access.php 21 Mar 2007 06:07:46 -0000 1.15 +++ mod/forum/db/access.php 23 Jul 2008 08:15:53 -0000 @@ -241,6 +241,8 @@ 'mod/forum:managesubscriptions' => array( + 'riskbitmask' => RISK_SPAM, + 'captype' => 'read', 'contextlevel' => CONTEXT_MODULE, 'legacy' => array( Index: lang/en_utf8/admin.php =================================================================== RCS file: /cvsroot/moodle/moodle/lang/en_utf8/admin.php,v retrieving revision 1.154.2.46 diff -u -r1.154.2.46 admin.php --- lang/en_utf8/admin.php 15 Jul 2008 04:06:05 -0000 1.154.2.46 +++ lang/en_utf8/admin.php 23 Jul 2008 08:15:47 -0000 @@ -58,6 +58,7 @@ $string['configallowemailaddresses'] = 'If you want to restrict all new email addresses to particular domains, then list them here separated by spaces. All other domains will be rejected. To allow subdomains add the domain with a preceding \'.\'. eg ourcollege.edu.au .gov.au'; $string['configallowobjectembed'] = 'As a default security measure, normal users are not allowed to embed multimedia (like Flash) within texts using explicit EMBED and OBJECT tags in their HTML (although it can still be done safely using the mediaplugins filter). If you wish to allow these tags then enable this option.'; $string['configallowoverride'] = 'You can allow people with the roles on the left side to override some of the column roles'; +$string['configallowoverride2'] = 'Select which role(s) can be overridden by each role in the left column.
Note that these settings only apply to users who have either the capability moodle/role:override or the capability moodle/role:safeoverride allowed.'; $string['configallowunenroll'] = 'If this is set \'Yes\', then students are allowed to unenrol themselves from courses whenever they like. Otherwise they are not allowed, and this process will be solely controlled by the teachers and administrators.'; $string['configallowuserblockhiding'] = 'Do you want to allow users to hide/show side blocks throughout this site? This feature uses Javascript and cookies to remember the state of each collapsible block, and only affects the user\'s own view.'; $string['configallowusermailcharset'] = 'Enabling this, every user in the site will be able to specify his own charset for email.'; Index: lang/en_utf8/role.php =================================================================== RCS file: /cvsroot/moodle/moodle/lang/en_utf8/role.php,v retrieving revision 1.47.2.14 diff -u -r1.47.2.14 role.php --- lang/en_utf8/role.php 18 Apr 2008 08:28:58 -0000 1.47.2.14 +++ lang/en_utf8/role.php 23 Jul 2008 08:15:47 -0000 @@ -124,6 +124,7 @@ $string['role:assign'] = 'Assign roles to users'; $string['role:manage'] = 'Create and manage roles'; $string['role:override'] = 'Override permissions for others'; +$string['role:safeoverride'] = 'Override safe permissions for others'; $string['role:switchroles'] = 'Switch to other roles'; $string['role:unassignself'] = 'Unassign own roles'; $string['role:viewhiddenassigns'] = 'View hidden role assignments'; @@ -131,6 +132,7 @@ $string['roles'] = 'Roles'; $string['roletoassign'] = 'Role to assign'; $string['roletooverride'] = 'Role to override'; +$string['safeoverridenotice'] = 'Note: Capabilities with higher risks are locked because you are only allowed to override safe capabilities.'; $string['selectrole'] = 'Select a role'; $string['showallroles'] = 'Show all roles'; $string['site:accessallgroups'] = 'Access all groups'; Index: blocks/admin/block_admin.php =================================================================== RCS file: /cvsroot/moodle/moodle/blocks/admin/block_admin.php,v retrieving revision 1.100.2.8 diff -u -r1.100.2.8 block_admin.php --- blocks/admin/block_admin.php 2 May 2008 05:59:16 -0000 1.100.2.8 +++ blocks/admin/block_admin.php 23 Jul 2008 08:15:45 -0000 @@ -63,10 +63,14 @@ /// Assign roles to the course - if ($course->id !== SITEID and has_capability('moodle/role:assign', $context)) { - $this->content->items[]=''.get_string('assignroles', 'role').''; - $this->content->icons[]=''; - + if ($course->id != SITEID) { + if (has_capability('moodle/role:assign', $context)) { + $this->content->items[]=''.get_string('assignroles', 'role').''; + $this->content->icons[]=''; + } else if (get_overridable_roles($context, 'name', ROLENAME_ORIGINAL)) { + $this->content->items[]=''.get_string('overridepermissions', 'role').''; + $this->content->icons[]=''; + } } /// View course grades (or just your own grades, same link) Index: lib/accesslib.php =================================================================== RCS file: /cvsroot/moodle/moodle/lib/accesslib.php,v retrieving revision 1.421.2.67 diff -u -r1.421.2.67 accesslib.php --- lib/accesslib.php 6 Jul 2008 22:54:05 -0000 1.421.2.67 +++ lib/accesslib.php 23 Jul 2008 08:15:52 -0000 @@ -149,6 +149,7 @@ define('RISK_XSS', 0x0004); define('RISK_PERSONAL', 0x0008); define('RISK_SPAM', 0x0010); +define('RISK_DATALOSS', 0x0020); // rolename displays define('ROLENAME_ORIGINAL', 0);// the name as defined in the role definition @@ -1853,7 +1854,7 @@ allow_assign($editteacherrole, $studentrole); allow_assign($editteacherrole, $guestrole); -/// Set up default permissions for overrides +/// Set up default allow override matrix allow_override($adminrole, $adminrole); allow_override($adminrole, $coursecreatorrole); allow_override($adminrole, $noneditteacherrole); @@ -1862,6 +1863,10 @@ allow_override($adminrole, $guestrole); allow_override($adminrole, $userrole); + allow_override($editteacherrole, $noneditteacherrole); + allow_override($editteacherrole, $studentrole); + allow_override($editteacherrole, $guestrole); + /// Delete the old user tables when we are done @@ -3899,6 +3904,9 @@ * @return boolean */ function user_can_override($context, $targetroleid) { + +// TODO: not needed anymore, remove in 2.0 + // first check if user has override capability // if not return false; if (!has_capability('moodle/role:override', $context)) { @@ -4031,41 +4039,30 @@ * @param string $field * @return array */ -function get_assignable_roles ($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) { - - global $CFG; +function get_assignable_roles($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) { + global $USER, $CFG; - // this users RAs - $ras = get_user_roles($context); - $roleids = array(); - foreach ($ras as $ra) { - $roleids[] = $ra->roleid; - } - unset($ra); + if (!has_capability('moodle/role:assign', $context)) { + return array(); + } - if (count($roleids)===0) { + $parents = get_parent_contexts($context); + $parents[] = $context->id; + $contexts = implode(',' , $parents); + + if (!$roles = get_records_sql("SELECT DISTINCT r.* + FROM {$CFG->prefix}role r, + {$CFG->prefix}role_assignments ra, + {$CFG->prefix}role_allow_assign raa + WHERE ra.userid = $USER->id AND ra.contextid IN ($contexts) + AND raa.roleid = ra.roleid AND r.id = raa.allowassign + ORDER BY r.sortorder ASC")) { return array(); } - $roleids = implode(',',$roleids); - - // The subselect scopes the DISTINCT down to - // the role ids - a DISTINCT over the whole of - // the role table is much more expensive on some DBs - $sql = "SELECT r.id, r.$field - FROM {$CFG->prefix}role r - JOIN ( SELECT DISTINCT allowassign as allowedrole - FROM {$CFG->prefix}role_allow_assign raa - WHERE raa.roleid IN ($roleids) ) ar - ON r.id=ar.allowedrole - ORDER BY sortorder ASC"; - - $rs = get_recordset_sql($sql); - $roles = array(); - while ($r = rs_fetch_next_record($rs)) { - $roles[$r->id] = $r->{$field}; + foreach ($roles as $role) { + $roles[$role->id] = $role->$field; } - rs_close($rs); return role_fix_names($roles, $context, $rolenamedisplay); } @@ -4078,66 +4075,67 @@ * @param string $field * @return array */ -function get_assignable_roles_for_switchrole ($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) { - - global $CFG; +function get_assignable_roles_for_switchrole($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) { + global $USER, $CFG; - // this users RAs - $ras = get_user_roles($context); - $roleids = array(); - foreach ($ras as $ra) { - $roleids[] = $ra->roleid; - } - unset($ra); + if (!has_capability('moodle/role:assign', $context)) { + return array(); + } - if (count($roleids)===0) { + $parents = get_parent_contexts($context); + $parents[] = $context->id; + $contexts = implode(',' , $parents); + + if (!$roles = get_records_sql("SELECT DISTINCT r.* + FROM {$CFG->prefix}role r, + {$CFG->prefix}role_assignments ra, + {$CFG->prefix}role_allow_assign raa, + {$CFG->prefix}role_capabilities rc + WHERE ra.userid = $USER->id AND ra.contextid IN ($contexts) + AND raa.roleid = ra.roleid AND r.id = raa.allowassign + AND r.id = rc.roleid AND rc.capability = 'moodle/course:view' AND rc.capability != 'moodle/site:doanything' + ORDER BY r.sortorder ASC")) { return array(); } - $roleids = implode(',',$roleids); - - // The subselect scopes the DISTINCT down to - // the role ids - a DISTINCT over the whole of - // the role table is much more expensive on some DBs - $sql = "SELECT r.id, r.$field - FROM {$CFG->prefix}role r - JOIN ( SELECT DISTINCT allowassign as allowedrole - FROM {$CFG->prefix}role_allow_assign raa - WHERE raa.roleid IN ($roleids) ) ar - ON r.id=ar.allowedrole - JOIN {$CFG->prefix}role_capabilities rc - ON (r.id = rc.roleid AND rc.capability = 'moodle/course:view' - AND rc.capability != 'moodle/site:doanything') - ORDER BY sortorder ASC"; - - $rs = get_recordset_sql($sql); - $roles = array(); - while ($r = rs_fetch_next_record($rs)) { - $roles[$r->id] = $r->{$field}; + foreach ($roles as $role) { + $roles[$role->id] = $role->$field; } - rs_close($rs); return role_fix_names($roles, $context, $rolenamedisplay); } /** - * Gets a list of roles that this user can override in this context + * Gets a list of roles that this user can override or safeoverride in this context * @param object $context * @return array */ function get_overridable_roles($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) { + global $USER, $CFG; - $options = array(); + if (!has_capability('moodle/role:override', $context) and !has_capability('moodle/role:safeoverride', $context)) { + return array(); + } - if ($roles = get_all_roles()) { - foreach ($roles as $role) { - if (user_can_override($context, $role->id)) { - $options[$role->id] = $role->$field; - } - } + $parents = get_parent_contexts($context); + $parents[] = $context->id; + $contexts = implode(',' , $parents); + + if (!$roles = get_records_sql("SELECT DISTINCT r.* + FROM {$CFG->prefix}role r, + {$CFG->prefix}role_assignments ra, + {$CFG->prefix}role_allow_override rao + WHERE ra.userid = $USER->id AND ra.contextid IN ($contexts) + AND rao.roleid = ra.roleid AND r.id = rao.allowoverride + ORDER BY r.sortorder ASC")) { + return array(); + } + + foreach ($roles as $role) { + $roles[$role->id] = $role->$field; } - return role_fix_names($options, $context, $rolenamedisplay); + return role_fix_names($roles, $context, $rolenamedisplay); } /** @@ -4982,7 +4980,7 @@ * The caller *must* check * - that this op is allowed * - that the requested role can be assigned in this ctx - * (hint, use get_assignable_roles()) + * (hint, use get_assignable_roles_for_switchrole()) * - that the requested role is NOT $CFG->defaultuserroleid * * To "unswitch" pass 0 as the roleid. Index: lib/db/access.php =================================================================== RCS file: /cvsroot/moodle/moodle/lib/db/access.php,v retrieving revision 1.75.2.7 diff -u -r1.75.2.7 access.php --- lib/db/access.php 29 Feb 2008 09:32:57 -0000 1.75.2.7 +++ lib/db/access.php 23 Jul 2008 08:15:53 -0000 @@ -123,7 +123,7 @@ 'moodle/site:sendmessage' => array( - 'riskbitmask' => RISK_PERSONAL, + 'riskbitmask' => RISK_SPAM, 'captype' => 'write', 'contextlevel' => CONTEXT_SYSTEM, @@ -345,6 +345,8 @@ 'moodle/role:assign' => array( + 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, + 'captype' => 'write', 'contextlevel' => CONTEXT_SYSTEM, 'legacy' => array( @@ -364,6 +366,14 @@ ) ), + 'moodle/role:safeoverride' => array( + + 'riskbitmask' => RISK_SPAM, + + 'captype' => 'write', + 'contextlevel' => CONTEXT_SYSTEM + ), + 'moodle/role:manage' => array( 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, @@ -401,7 +411,7 @@ 'moodle/role:switchroles' => array( - 'riskbitmask' => RISK_XSS, + 'riskbitmask' => RISK_XSS | RISK_PERSONAL, 'captype' => 'read', 'contextlevel' => CONTEXT_SYSTEM, @@ -424,6 +434,8 @@ 'moodle/category:delete' => array( + 'riskbitmask' => RISK_DATALOSS, + 'captype' => 'write', 'contextlevel' => CONTEXT_COURSECAT, 'legacy' => array( @@ -465,6 +477,8 @@ 'moodle/course:delete' => array( + 'riskbitmask' => RISK_DATALOSS, + 'captype' => 'write', 'contextlevel' => CONTEXT_COURSE, 'legacy' => array( @@ -569,6 +583,8 @@ 'moodle/course:managemetacourse' => array( + 'riskbitmask' => RISK_XSS | RISK_PERSONAL, + 'captype' => 'write', 'contextlevel' => CONTEXT_COURSE, 'legacy' => array( @@ -653,6 +669,8 @@ 'moodle/course:reset' => array( + 'riskbitmask' => RISK_DATALOSS, + 'captype' => 'write', 'contextlevel' => CONTEXT_COURSE, 'legacy' => array( @@ -740,7 +758,7 @@ 'moodle/user:editprofile' => array( - 'riskbitmask' => RISK_SPAM, + 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 'captype' => 'write', 'contextlevel' => CONTEXT_USER, @@ -751,6 +769,8 @@ 'moodle/user:editownprofile' => array( + 'riskbitmask' => RISK_SPAM, + 'captype' => 'write', 'contextlevel' => CONTEXT_SYSTEM, 'legacy' => array( @@ -1010,7 +1030,7 @@ ), 'moodle/grade:import' => array( - 'riskbitmask' => RISK_PERSONAL, + 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 'captype' => 'write', 'contextlevel' => CONTEXT_COURSE, 'legacy' => array( @@ -1033,7 +1053,7 @@ ), 'moodle/grade:manage' => array( - 'riskbitmask' => RISK_PERSONAL, + 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 'captype' => 'write', 'contextlevel' => CONTEXT_COURSE, 'legacy' => array( @@ -1120,6 +1140,8 @@ ), 'moodle/notes:manage' => array( + 'riskbitmask' => RISK_SPAM, + 'captype' => 'write', 'contextlevel' => CONTEXT_SYSTEM, 'legacy' => array( @@ -1130,6 +1152,8 @@ ), 'moodle/tag:manage' => array( + 'riskbitmask' => RISK_SPAM, + 'captype' => 'write', 'contextlevel' => CONTEXT_SYSTEM, 'legacy' => array( @@ -1140,6 +1164,8 @@ ), 'moodle/tag:create' => array( + 'riskbitmask' => RISK_SPAM, + 'captype' => 'write', 'contextlevel' => CONTEXT_SYSTEM, 'legacy' => array( @@ -1149,6 +1175,8 @@ ), 'moodle/tag:edit' => array( + 'riskbitmask' => RISK_SPAM, + 'captype' => 'write', 'contextlevel' => CONTEXT_SYSTEM, 'legacy' => array( Index: mod/assignment/db/access.php =================================================================== RCS file: /cvsroot/moodle/moodle/mod/assignment/db/access.php,v retrieving revision 1.7 diff -u -r1.7 access.php --- mod/assignment/db/access.php 16 Feb 2007 08:46:56 -0000 1.7 +++ mod/assignment/db/access.php 23 Jul 2008 08:15:53 -0000 @@ -56,6 +56,7 @@ ), 'mod/assignment:grade' => array( + 'riskbitmask' => RISK_XSS, 'captype' => 'write', 'contextlevel' => CONTEXT_MODULE, Index: theme/standard/styles_layout.css =================================================================== RCS file: /cvsroot/moodle/moodle/theme/standard/styles_layout.css,v retrieving revision 1.516.2.57 diff -u -r1.516.2.57 styles_layout.css --- theme/standard/styles_layout.css 17 Jul 2008 12:39:43 -0000 1.516.2.57 +++ theme/standard/styles_layout.css 23 Jul 2008 08:15:55 -0000 @@ -967,6 +967,10 @@ padding-top: 0.75em; } +#admin-roles-override .sefeoverridenotice { + text-align:center; +} + #admin-lang .generalbox { text-align:center; margin:auto;