From 452d483f652c2d66044b791b28a43e19b46ff798 Mon Sep 17 00:00:00 2001 From: Dan Marsden Date: Thu, 13 Aug 2015 22:30:51 +1200 Subject: [PATCH] More improvements to prevent the hiding of permission checks --- locallib.php | 27 --------------------------- renderables.php | 20 ++++++++++++-------- 2 files changed, 12 insertions(+), 35 deletions(-) diff --git a/locallib.php b/locallib.php index 9a2296b..a528e42 100644 --- a/locallib.php +++ b/locallib.php @@ -42,9 +42,6 @@ class attendance_permissions { private $cantake; private $canchange; private $canmanage; - private $canmanagetemp; // Can manage temporary users. - private $canchangepreferences; - private $canexport; private $canaccessallgroups; private $cm; @@ -92,30 +89,6 @@ class attendance_permissions { return $this->canmanage; } - - // Check to see if the user can manage temporary users. - public function can_managetemp() { - if (is_null($this->canmanagetemp)) { - $this->canmanagetemp = has_capability('mod/attendance:managetemporaryusers', $this->context); - } - return $this->canmanagetemp; - } - - public function can_change_preferences() { - if (is_null($this->canchangepreferences)) { - $this->canchangepreferences = has_capability('mod/attendance:changepreferences', $this->context); - } - - return $this->canchangepreferences; - } - - public function can_export() { - if (is_null($this->canexport)) { - $this->canexport = has_capability('mod/attendance:export', $this->context); - } - - return $this->canexport; - } public function can_access_all_groups() { if (is_null($this->canaccessallgroups)) { diff --git a/renderables.php b/renderables.php index 4ce0d91..56e6d20 100644 --- a/renderables.php +++ b/renderables.php @@ -66,14 +66,18 @@ class attendance_tabs implements renderable { */ public function get_tabs() { $toprow = array(); - if ($this->att->perm->can_manage() or - $this->att->perm->can_take() or - $this->att->perm->can_change()) { + + $capabilities = array( + 'mod/attendance:manageattendances', + 'mod/attendance:takeattendances', + 'mod/attendance:changeattendances' + ); + if (has_any_capability($capabilities, $this->att->context)) { $toprow[] = new tabobject(self::TAB_SESSIONS, $this->att->url_manage()->out(), - get_string('sessions', 'attendance')); + get_string('sessions', 'attendance')); } - if ($this->att->perm->can_manage()) { + if (has_capability('mod/attendance:manageattendances', $this->att->context)) { $toprow[] = new tabobject(self::TAB_ADD, $this->att->url_sessions()->out(true, array('action' => att_sessions_page_params::ACTION_ADD)), get_string('add', 'attendance')); @@ -83,16 +87,16 @@ class attendance_tabs implements renderable { get_string('report', 'attendance')); } - if ($this->att->perm->can_export()) { + if (has_capability('mod/attendance:export', $this->att->context)) { $toprow[] = new tabobject(self::TAB_EXPORT, $this->att->url_export()->out(), get_string('export', 'attendance')); } - if ($this->att->perm->can_change_preferences()) { + if (has_capability('mod/attendance:changepreferences', $this->att->context)) { $toprow[] = new tabobject(self::TAB_PREFERENCES, $this->att->url_preferences()->out(), get_string('settings', 'attendance')); } - if ($this->att->perm->can_managetemp()) { + if (has_capability('mod/attendance:managetemporaryusers', $this->att->context)) { $toprow[] = new tabobject(self::TAB_TEMPORARYUSERS, $this->att->url_managetemp()->out(), get_string('tempusers', 'attendance')); }