From 39cb6fdfcc5065b6d53cfff4ce00ec0b5884e8ff Mon Sep 17 00:00:00 2001 From: Dan Marsden Date: Thu, 13 Aug 2015 22:04:14 +1200 Subject: [PATCH] Don't hide capability checks on manage.php --- manage.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/manage.php b/manage.php index 830c61f..27709d6 100644 --- a/manage.php +++ b/manage.php @@ -39,12 +39,18 @@ $att = $DB->get_record('attendance', array('id' => $cm->instance), '* require_login($course, true, $cm); -$pageparams->init($cm); -$att = new attendance($att, $cm, $course, $PAGE->context, $pageparams); -if (!$att->perm->can_manage() && !$att->perm->can_take() && !$att->perm->can_change()) { +$capabilities = array( + 'mod/attendance:manageattendances', + 'mod/attendance:takeattendances', + 'mod/attendance:changeattendances' +); +if (!has_any_capability($capabilities, $PAGE->context)) { redirect($att->url_view()); } +$pageparams->init($cm); +$att = new attendance($att, $cm, $course, $PAGE->context, $pageparams); + // If teacher is coming from block, then check for a session exists for today. if ($from === 'block') { $sessions = $att->get_today_sessions();