Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-13925

WITH SOLUTION: editcategory.php: only admin is allowed to create categories!

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9
    • Fix Version/s: 1.9.3, 2.0
    • Component/s: Administration
    • Labels:
      None
    • Environment:
      Solaris
      Apache
      Oracle
    • Database:
      Any
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_19_STABLE, MOODLE_20_STABLE
    • URL:
      /course/editcategory.php?categoryadd=x&id=y

      Description

      We have several course creators, who have the roles only in the context of a certain category (not for the whole site). We gave them the role moodle/category:create so that they are allowed to create their own subcategories.
      They get to the editcategory.php-form, but are not allowed to create subcategories...the form always reloads without error oder other message...

      We examined and found the following solution to this:
      (Changes in editcategory.php)
      // new variable for the parent category (someone forgot that...)
      $parent = optional_param('parent', 0, PARAM_INT);

      if (!$site = get_site()) {
      error("Site isn't defined!");
      }

      // add parent variable in if clause and add new (middle) elseif
      if ($categoryadd && !$parent) { // Show Add category form: if $id is given, it is used as the parent category
      $strtitle = get_string("addnewcategory");
      $context = get_context_instance(CONTEXT_SYSTEM);
      //$context = get_context_instance(CONTEXT_COURSECAT, $id);
      $category = null;
      } elseif ($categoryadd && $parent) { // Show Add category form: if $id is given, it is used as the parent category
      $strtitle = get_string("addnewcategory");
      //$context = get_context_instance(CONTEXT_SYSTEM);
      $context = get_context_instance(CONTEXT_COURSECAT, $parent);
      $category = null;
      } elseif (!is_null($id) && !$categoryadd) { // Show Edit category form: $id is given as the identifier of the category being edited
      mtrace("!isnull_id && !categoryadd");
      $strtitle = get_string("editcategorysettings");
      $context = get_context_instance(CONTEXT_COURSECAT, $id);
      if (!$category = get_record("course_categories", "id", $id))

      { error("Category not known!"); }

      }

      Now everyone with the right role should be allowed to create subcategories...

      Is this solution correct? Could you please look over it?

        Attachments

          Activity

            People

            Assignee:
            howardsmiller Howard Miller
            Reporter:
            protzek D P
            Tester:
            Petr Skoda Petr Skoda
            Participants:
            Component watchers:
            Andrew Lyons, Dongsheng Cai, Huong Nguyen, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              15/Oct/08