Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-29239

Users without moodle/course:changesummary permission can not edit other course fields

XMLWordPrintable

    • MOODLE_21_STABLE
    • MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • Hide

      One possible workaround which seems to have no secondary issues is to include the following lines in the file course/edit.php, which manually sets previous summary text and format.

      } else {
      // Save any changes to the files used in the editor
      if (!empty($course->id) and !has_capability('moodle/course:changesummary', $coursecontext))

      { $data->summary_editor["text"]=$course->summary; $data->summary_editor["format"]=1; }

      update_course($data, $editoroptions);
      }

      Show
      One possible workaround which seems to have no secondary issues is to include the following lines in the file course/edit.php, which manually sets previous summary text and format. } else { // Save any changes to the files used in the editor if (!empty($course->id) and !has_capability('moodle/course:changesummary', $coursecontext)) { $data->summary_editor["text"]=$course->summary; $data->summary_editor["format"]=1; } update_course($data, $editoroptions); }
    • Hide

      As admin

      1. create a course and assign a teacher.
      2. go to site admin > users > permissions > define roles
      3. edit teacher (editingteacher)role, set moodle/course:changesummary to prevent and save

      login as teacher

      1. access the course and edit the course settings.
      2. change the number of topics to some numbers and save it.

      Make sure, there's no error occurs for the submit.

      Show
      As admin create a course and assign a teacher. go to site admin > users > permissions > define roles edit teacher (editingteacher)role, set moodle/course:changesummary to prevent and save login as teacher access the course and edit the course settings. change the number of topics to some numbers and save it. Make sure, there's no error occurs for the submit.

      If one removes moodle/course:changesummary permission the user can not edit other course fields, such as, for example, the number of topics or the format of the course because the form always requires summary and summaryformat to be specified. However, the user can not edit them since they are invisible as expected.

      Replication instructions:

      1. remove moodle/course:changesummary from teacher role
      2. edit a course configuration
      3. summary / summaryformat fields are not displayed
      4. change number of topics of the course and save the form

      Moodle throws an error writing to the database.

      The reason is:

      Debug info: Column 'summaryformat' cannot be null
      UPDATE course SET category = ?,fullname = ?,shortname = ?,idnumber = ?,format = ?,numsections = ?,startdate = ?,hiddensections = ?,newsitems = ?,showgrades = ?,showreports = ?,maxbytes = ?,groupmode = ?,groupmodeforce = ?,defaultgroupingid = ?,visible = ?,lang = ?,enablecompletion = ?,completionstartonenrol = ?,restrictmodules = ?,timemodified = ?,summary = ?,summaryformat = ? WHERE id=?
      [array (
      0 => '10',
      1 => 'COURSE',
      2 => 'SHORTNAME',
      3 => '',
      4 => 'topics',
      5 => '12',
      6 => 1314831600,
      7 => '0',
      8 => '5',
      9 => '1',
      10 => '0',
      11 => '33554432',
      12 => '0',
      13 => '0',
      14 => '0',
      15 => '1',
      16 => '',
      17 => 0,
      18 => 0,
      19 => 0,
      20 => 1315255126,
      21 => NULL,
      22 => NULL,
      23 => 32,
      )]

            rwijaya Rossiani Wijaya
            watersevenub Jozas Nhial
            Sam Hemelryk Sam Hemelryk
            Sam Hemelryk Sam Hemelryk
            Ankit Agarwal Ankit Agarwal
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.