/** * Can user add more entries? * * @param object $data * @param mixed $currentgroup * @param int $groupmode * @param stdClass $context * @return bool */ function data_user_can_add_entry($data, $currentgroup, $groupmode, $context = null) { global $USER; if (empty($context)) { $cm = get_coursemodule_from_instance('data', $data->id, 0, false, MUST_EXIST); $context = context_module::instance($cm->id); } if (has_capability('mod/data:manageentries', $context)) { // no entry limits apply if user can manage } else if (!has_capability('mod/data:writeentry', $context)) { return false; } else if (data_atmaxentries($data)) { return false; } else if (data_in_readonly_period($data)) { // Check whether we're in a read-only period return false; } if (!$groupmode or has_capability('moodle/site:accessallgroups', $context)) { return true; } if ($currentgroup) { return groups_is_member($currentgroup); } else { //else it might be group 0 in visible mode if ($groupmode == VISIBLEGROUPS){ return true; } else { return false; } } }
/** * Check whether the current user is allowed to manage the given record considering manageentries capability, * data_in_readonly_period() result, ownership (determined by data_isowner()) and manageapproved setting. * @param mixed $record record object or id * @param object $data data object * @param object $context context object * @return bool returns true if the user is allowd to edit the entry, false otherwise */ function data_user_can_manage_entry($record, $data, $context) { global $DB; if (has_capability('mod/data:manageentries', $context)) { return true; } // Check whether this activity is read-only at present. $readonly = data_in_readonly_period($data); if (!$readonly) { // Get record object from db if just id given like in data_isowner. // ...done before calling data_isowner() to avoid querying db twice. if (!is_object($record)) { if (!($record = $DB->get_record('data_records', array('id' => $record)))) { return false; } } if (data_isowner($record)) { if ($data->approval && $record->approved) { return $data->manageapproved == 1; } else { return true; } } } return false; }
// Brand new database! redirect($CFG->wwwroot . '/mod/data/field.php?d=' . $data->id); // Redirect to field entry } } if ($rid) { // When editing an existing record, we require the session key require_sesskey(); } // Get Group information for permission testing and record creation $currentgroup = groups_get_activity_group($cm); $groupmode = groups_get_activity_groupmode($cm); if (!has_capability('mod/data:manageentries', $context)) { if ($rid) { // User is editing an existing record if (!data_isowner($rid) || data_in_readonly_period($data)) { print_error('noaccess', 'data'); } } else { if (!data_user_can_add_entry($data, $currentgroup, $groupmode, $context)) { // User is trying to create a new record print_error('noaccess', 'data'); } } } if ($cancel) { redirect('view.php?d=' . $data->id); } /// RSS and CSS and JS meta if (!empty($CFG->enablerssfeeds) && !empty($CFG->data_enablerssfeeds) && $data->rssarticles > 0) { $courseshortname = format_string($course->shortname, true, array('context' => context_course::instance($course->id)));