Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-32082

Add message_current_user_is_involved() to improve readability

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.1.5, 2.2.2, 2.3
    • Fix Version/s: 2.1.6, 2.2.3
    • Component/s: Messages
    • Labels:
    • Testing Instructions:
      Hide

      Log in as a student. Go to http://localhost/moodle/dev/master/message/index.php?user=3&viewing=recentconversations where user == the student's user id. Your own recent conversations should be displayed.

      Edit the url to contain the user id of another user. You should get an error.

      Click through the options in the messaging navigation drop down. All pages should display without error.

      Show
      Log in as a student. Go to http://localhost/moodle/dev/master/message/index.php?user=3&viewing=recentconversations where user == the student's user id. Your own recent conversations should be displayed. Edit the url to contain the user id of another user. You should get an error. Click through the options in the messaging navigation drop down. All pages should display without error.
    • Affected Branches:
      MOODLE_21_STABLE, MOODLE_22_STABLE, MOODLE_23_STABLE
    • Fixed Branches:
      MOODLE_21_STABLE, MOODLE_22_STABLE
    • Pull Master Branch:
      MDL-32082_messaging_readability

      Description

      Originally suggested by Eloy in MDL-31834. Some of the security checks could be made more readable. For example

      if (!message_is_currentuser_any_of($user1, $user2) &&
              !has_capability('moodle/site:readallmessages', $context)) {
          print_error('accessdenied','admin');
      }

        Attachments

          Activity

            People

            Assignee:
            andyjdavis Andrew Davis
            Reporter:
            andyjdavis Andrew Davis
            Peer reviewer:
            Ankit Agarwal
            Integrator:
            Eloy Lafuente (stronk7)
            Tester:
            Rajesh Taneja
            Participants:
            Component watchers:
            Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Víctor Déniz Falcón
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              14/May/12