Details
-
Type:
Bug
-
Status:
Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 1.9.4
-
Fix Version/s: 1.9.6
-
Component/s: Administration, Roles / Access
-
Labels:None
-
Difficulty:Easy
-
Affected Branches:MOODLE_19_STABLE
-
Fixed Branches:MOODLE_19_STABLE
Description
The role required to display search box in /user/index.php is currently set to 'moodle/course:bulkmessaging'
$bulkoperations = has_capability('moodle/course:bulkmessaging', $context);
...
if ($bulkoperations && $totalcount > ($perpage*3)) {
echo '<form action="index.php"><div><input type="hidden" name="id" value="'.$course->id.'" />'.get_string('search').': '."\n";
echo '<input type="text" name="search" value="'.s($search).'" /> <input type="submit" value="'.get_string('search').'" /></div></form>'."\n";
}
Displaying this search box should instead be restricted by something like '/moodle/site:viewparticipants'
The simple fix is to change the above if statement to:
if (has_capability('moodle/site:viewparticipants', $context) && $totalcount > ($perpage*3)) { echo '<form action="index.php"><div><input type="hidden" name="id" value="'.$course->id.'" />'.get_string('search').': '."\n"; echo '<input type="text" name="search" value="'.s($search).'" /> <input type="submit" value="'.get_string('search').'" /></div></form>'."\n"; }
I followed Mark's instructions to create this minor patch. I tested it, and I think it works.