Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-29239

Users without moodle/course:changesummary permission can not edit other course fields

    XMLWordPrintable

Details

    • MOODLE_21_STABLE
    • MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • Hide

      One possible workaround which seems to have no secondary issues is to include the following lines in the file course/edit.php, which manually sets previous summary text and format.

      } else {
      // Save any changes to the files used in the editor
      if (!empty($course->id) and !has_capability('moodle/course:changesummary', $coursecontext))

      { $data->summary_editor["text"]=$course->summary; $data->summary_editor["format"]=1; }

      update_course($data, $editoroptions);
      }

      Show
      One possible workaround which seems to have no secondary issues is to include the following lines in the file course/edit.php, which manually sets previous summary text and format. } else { // Save any changes to the files used in the editor if (!empty($course->id) and !has_capability('moodle/course:changesummary', $coursecontext)) { $data->summary_editor["text"]=$course->summary; $data->summary_editor["format"]=1; } update_course($data, $editoroptions); }
    • Hide

      As admin

      1. create a course and assign a teacher.
      2. go to site admin > users > permissions > define roles
      3. edit teacher (editingteacher)role, set moodle/course:changesummary to prevent and save

      login as teacher

      1. access the course and edit the course settings.
      2. change the number of topics to some numbers and save it.

      Make sure, there's no error occurs for the submit.

      Show
      As admin create a course and assign a teacher. go to site admin > users > permissions > define roles edit teacher (editingteacher)role, set moodle/course:changesummary to prevent and save login as teacher access the course and edit the course settings. change the number of topics to some numbers and save it. Make sure, there's no error occurs for the submit.

    Description

      If one removes moodle/course:changesummary permission the user can not edit other course fields, such as, for example, the number of topics or the format of the course because the form always requires summary and summaryformat to be specified. However, the user can not edit them since they are invisible as expected.

      Replication instructions:

      1. remove moodle/course:changesummary from teacher role
      2. edit a course configuration
      3. summary / summaryformat fields are not displayed
      4. change number of topics of the course and save the form

      Moodle throws an error writing to the database.

      The reason is:

      Debug info: Column 'summaryformat' cannot be null
      		 
      UPDATE course SET category = ?,fullname = ?,shortname = ?,idnumber = ?,format = ?,numsections = ?,startdate = ?,hiddensections = ?,newsitems = ?,showgrades = ?,showreports = ?,maxbytes = ?,groupmode = ?,groupmodeforce = ?,defaultgroupingid = ?,visible = ?,lang = ?,enablecompletion = ?,completionstartonenrol = ?,restrictmodules = ?,timemodified = ?,summary = ?,summaryformat = ? WHERE id=?
      		 
      [array (
      		 
      0 => '10',
      		 
      1 => 'COURSE',
      		 
      2 => 'SHORTNAME',
      		 
      3 => '',
      		 
      4 => 'topics',
      		 
      5 => '12',
      		 
      6 => 1314831600,
      		 
      7 => '0',
      		 
      8 => '5',
      		 
      9 => '1',
      		 
      10 => '0',
      		 
      11 => '33554432',
      		 
      12 => '0',
      		 
      13 => '0',
      		 
      14 => '0',
      		 
      15 => '1',
      		 
      16 => '',
      		 
      17 => 0,
      		 
      18 => 0,
      		 
      19 => 0,
      		 
      20 => 1315255126,
      		 
      21 => NULL,
      		 
      22 => NULL,
      		 
      23 => 32,
      		 
      )]

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents Moodle from functioning correctly. MDL-27762 User without moodle/course:changesummary capability receives database error when saving course settings

          • Minor - Minor loss of function where workaround is possible
          • Closed

          Activity

            People

              rwijaya Rossiani Wijaya
              watersevenub Jozas Nhial
              Sam Hemelryk Sam Hemelryk
              Sam Hemelryk Sam Hemelryk
              Ankit Agarwal Ankit Agarwal
              Amaia Anabitarte, Carlos Escobedo, Laurent David, Mikel Martín Corrales, Sabina Abellan, Sara Arjona (@sarjona)
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                9/Jan/12