Moodle
  1. Moodle
  2. MDL-37026

The function user_can_assign() in accesslib.php always returns false for administrators.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 2.2.6, 2.3, 2.4
    • Fix Version/s: 2.2.7, 2.3.4, 2.4.1
    • Component/s: Libraries
    • Labels:
    • Testing Instructions:
      Hide

      Test pre-requisites

      • A course with students enrolled in it.

      Test steps

      1. Navigate to the participants page of a course with students in it as the administrator.
        • Observe an icon for editing which will redirect you to the enrolment page.
      2. Change the current role to 'Teacher' or 'Student'.
        • The edit icon should still be present on the page.
      Show
      Test pre-requisites A course with students enrolled in it. Test steps Navigate to the participants page of a course with students in it as the administrator. Observe an icon for editing which will redirect you to the enrolment page. Change the current role to 'Teacher' or 'Student'. The edit icon should still be present on the page.
    • Affected Branches:
      MOODLE_22_STABLE, MOODLE_23_STABLE, MOODLE_24_STABLE
    • Fixed Branches:
      MOODLE_22_STABLE, MOODLE_23_STABLE, MOODLE_24_STABLE
    • Pull from Repository:
    • Pull 2.4 Branch:
      wip-MDL-37026-MOODLE_24_STABLE
    • Pull Master Branch:
      wip-MDL-37026-master
    • Rank:
      46564

      Description

      While fixing an issues with icons I discovered that the edit icon for assigning roles on the participants page was not enabled for the administrator.

      After some further investigation I discovered the area where the problem lies.
      user_can_assign() calls get_user_roles(). get_user_roles() does a search on the role_assignments table which administrators are not entered into. It finds no records and so no permission is given for assigning roles.

      A change needs to be made in either of these functions (both in accesslib.php) to check for administrators.

        Issue Links

          Activity

          Hide
          Dan Poltawski added a comment -

          Hi Adrian,

          This looks good, normally this would be covered by has_capability returning true for admins, but it makes sense because we are initially doing a negative 'has_capability' check and then checking the db.

          [Y] Syntax
          [-] Output
          [Y] Whitespace
          [-] Language
          [-] Databases
          [Y] Testing
          [Y] Security
          [-] Documentation
          [Y] Git
          [Y] Sanity check

          Show
          Dan Poltawski added a comment - Hi Adrian, This looks good, normally this would be covered by has_capability returning true for admins, but it makes sense because we are initially doing a negative 'has_capability' check and then checking the db. [Y] Syntax [-] Output [Y] Whitespace [-] Language [-] Databases [Y] Testing [Y] Security [-] Documentation [Y] Git [Y] Sanity check
          Hide
          Adrian Greeve added a comment -

          Thanks for looking this over for me Dan,

          As I mentioned before, It seemed like a logical check, but I wasn't sure if I was missing the big picture.

          Sending for integration review.

          Show
          Adrian Greeve added a comment - Thanks for looking this over for me Dan, As I mentioned before, It seemed like a logical check, but I wasn't sure if I was missing the big picture. Sending for integration review.
          Hide
          Sam Hemelryk added a comment -

          Thanks Adrian this has been integrated now.

          Show
          Sam Hemelryk added a comment - Thanks Adrian this has been integrated now.
          Hide
          Michael de Raadt added a comment -

          Test results: Success!

          Tested in 2.2, 2.3 and master.

          Show
          Michael de Raadt added a comment - Test results: Success! Tested in 2.2, 2.3 and master.
          Hide
          Eloy Lafuente (stronk7) added a comment -

          Many thanks for your effort, the whole Moodle Community will be enjoying your great solutions starting now!

          Closing, ciao

          Show
          Eloy Lafuente (stronk7) added a comment - Many thanks for your effort, the whole Moodle Community will be enjoying your great solutions starting now! Closing, ciao

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: