}
}
}
//CAPABILITIES
$access_createreports = has_capability('block/ilp:addreport', $context);
$access_editreports = has_capability('block/ilp:editreport', $context);
$access_deletereports = has_capability('block/ilp:deletereport', $context);
$access_viewreports = has_capability('block/ilp:viewreport', $context);
$access_viewilp = has_capability('block/ilp:viewilp', $context);
$access_viewotherilp = has_capability('block/ilp:viewotherilp', $context);
$access_addcomment = has_capability('block/ilp:addcomment', $context);
$access_editcomment = has_capability('block/ilp:editcomment', $context);
$access_deletecomment = has_capability('block/ilp:deletecomment', $context);
$access_viewcomment = has_capability('block/ilp:viewcomment', $context);
//check if the current user is an admin or has the ilpviewall capabilty at site level
$ilpadmin = has_capability('block/ilp:ilpviewall', $sitecontext);
$access_ilp_admin = ilp_is_siteadmin($USER->id) || $ilpadmin ? true : false;
if (!empty($access_ilp_admin)) {
$access_createreports = true;
$access_editreports = true;
$access_deletereports = true;
$access_viewreports = true;
$access_viewilp = true;
$access_viewotherilp = true;
$access_addcomment = true;
$access_editcomment = true;
$access_deletecomment = true;
$access_viewcomment = true;
}
//TODO: we should not be in the course context change to another context
$PAGE->set_context($context);
/**
* returns true or false depending on whether role (or one of the roles given)
* has a cappability in a report
*
* @param int $report_id the id of the report whose permission
* is being checked
* @param mixed $role_id int a single role id or array filled with
* a series of role_ids
* @param the id of the capability we are checking if the user has for the report
*
* @return mixed array with recordset objects or false
*/
function has_report_permission($report_id, $role_id, $capability_id)
{
global $USER, $CFG;
require_once $CFG->dirroot . "/blocks/ilp/lib.php";
//adding addtional lines that return true if the user is either a site admin or has the ilpviewall capabilty at site level
//get sote context
$sitecontext = get_context_instance(CONTEXT_SYSTEM);
//check for the ilpviewall capability at site level this gives the user rights to view all
$ilpadmin = has_capability('block/ilp:ilpviewall', $sitecontext);
$is_admin = ilp_is_siteadmin($USER->id) || $ilpadmin ? true : false;
//if permissions where returned from then the role (or one of the roles given) has the permission in the course
$permissions = $this->get_reportpermissions_by_criteria($report_id, $role_id, $capability_id);
return !empty($permissions) || !empty($is_admin) ? true : false;
}
if (!empty($capability)) {
$access_report_editcomment = $dbc->has_report_permission($report_id, $role_ids, $capability->id);
}
}
if ($access_deletecomment) {
$capability = $dbc->get_capability_by_name('block/ilp:deletecomment');
if (!empty($capability)) {
$access_report_deletecomment = $dbc->has_report_permission($report_id, $role_ids, $capability->id);
}
}
if ($access_viewcomment) {
$capability = $dbc->get_capability_by_name('block/ilp:viewcomment');
if (!empty($capability)) {
$access_report_viewcomment = $dbc->has_report_permission($report_id, $role_ids, $capability->id);
}
}
//check for the ilpviewall capability at site level this gives the user rights to view all
$ilpadmin = has_capability('block/ilp:ilpviewall', $sitecontext);
//this is only in for debug and testing purposes
if (ilp_is_siteadmin($USER->id) || $ilpadmin) {
$access_report_createreports = 1;
$access_report_editreports = 1;
$access_report_deletereports = 1;
$access_report_viewreports = 1;
$access_report_viewilp = 1;
$access_report_viewotherilp = 1;
}
if (empty($access_report_viewotherilp) && $USER->id != $user_id) {
//the user doesnt have the capability to create this type of report entry
print_error('accessnotallowed', 'block_ilp');
}
