Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-33741

Teacher can't access course files in hidden categories using the Filepicker with the server files repository

    Details

    • Testing Instructions:
      Hide

      Test 1. Teacher

      1. As admin create two course categories
      2. Edit categories descriptions and add files in them
      3. In each category create a course, enrol user as a teacher in both of them.
      4. Make sure each course contains at least one file (in course or section summary or in a module)
      5. Hide one of the categories
      6. Copy the URL to the file in the description of the hidden category.
      7. Log in as a teacher
      8. You should be able to access both courses
      9. Inside one of the courses open filepicker and make sure in 'Server files' you can access files in both courses.
      10. as admin enable $CFG->navshowmycoursecategories
      11. As teacher make sure you can see the categories names in the 'server files' only for courses that have all visible parents.
      12. Try to access file in the description of the hidden category by typing URL, this should be prohibited.

      Test 2. Manager

      1. Create a user who can access the hidden categories and manage all categories
      2. Make sure this user can access files in categories descriptions through Server files.
      Show
      Test 1. Teacher As admin create two course categories Edit categories descriptions and add files in them In each category create a course, enrol user as a teacher in both of them. Make sure each course contains at least one file (in course or section summary or in a module) Hide one of the categories Copy the URL to the file in the description of the hidden category. Log in as a teacher You should be able to access both courses Inside one of the courses open filepicker and make sure in 'Server files' you can access files in both courses. as admin enable $CFG->navshowmycoursecategories As teacher make sure you can see the categories names in the 'server files' only for courses that have all visible parents. Try to access file in the description of the hidden category by typing URL, this should be prohibited. Test 2. Manager Create a user who can access the hidden categories and manage all categories Make sure this user can access files in categories descriptions through Server files.
    • Affected Branches:
      MOODLE_23_STABLE, MOODLE_30_STABLE, MOODLE_31_STABLE
    • Fixed Branches:
      MOODLE_30_STABLE, MOODLE_31_STABLE
    • Pull 3.0 Branch:
      wip-MDL-33741-m30
    • Pull 3.1 Branch:
      wip-MDL-33741-m31
    • Pull Master Branch:
      wip-MDL-33741-master
    • Story Points (Obsolete):
      3.67
    • Sprint:
      3.2 Sprint 3

      Description

      Replication instructions:

      1. Login as administrator
      2. Create 2 categories
      3. Create two courses, one in each category and assign the same teacher to both.
      4. Create 1 file resource (with 1 file) on each course.
      5. Hide one of the categories
      6. Logout and login as the teacher
      7. Enter the course on the visible category
      8. Create a file resource
      9. Click on add file button to access the file Picker
      10. Select the server files repository
      11. Click on system to access the root dir

      Result: The course on the hidden category is not listed. If you try to do steps 7 to 11 as an admin, you will be able to see the course and the files.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Votes:
                  5 Vote for this issue
                  Watchers:
                  11 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    12/Sep/16