Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-50664

add setting to disallow managing of own entries after approval

XMLWordPrintable

    • PostgreSQL
    • MOODLE_29_STABLE
    • MOODLE_30_STABLE
    • MDL-50664_mod_data-ManageApprovedSetting
    • Hide
      1. Create a Database activity within a course and set "Approval required" to yes and "Allow editing of approved entries" to no
      2. Create some fields and a list/single view template
      3. Create a database entry as teacher or admin
      4. Enrol a user as student
      5. As the enrolled user create a database entry and check it is manageable
      6. Confirm that the entry not owned by the user can't be managed by the user
      7. Approve the database entry as teacher or admin
      8. Confirm that the user is now unable to manage his own entry
      9. Change the "Allow editing of approved entries" setting to yes
      10. Confirm that the user is now able to manage his own entry
      11. Change back the "Allow editing of approved entries" setting to no and the "Approval required" to no
      12. Confirm that the user is still able to manage his own entry

      Unit tests

      Please run the unit tests: mod/data/tests/lib_test.php

      Behat tests

      Please run the behat tests:
      mod/data/tests/behat/manageapproved_enable.feature
      mod/data/tests/behat/manageapproved_disable.feature

      Show
      Create a Database activity within a course and set "Approval required" to yes and "Allow editing of approved entries" to no Create some fields and a list/single view template Create a database entry as teacher or admin Enrol a user as student As the enrolled user create a database entry and check it is manageable Confirm that the entry not owned by the user can't be managed by the user Approve the database entry as teacher or admin Confirm that the user is now unable to manage his own entry Change the "Allow editing of approved entries" setting to yes Confirm that the user is now able to manage his own entry Change back the "Allow editing of approved entries" setting to no and the "Approval required" to no Confirm that the user is still able to manage his own entry Unit tests Please run the unit tests: mod/data/tests/lib_test.php Behat tests Please run the behat tests: mod/data/tests/behat/manageapproved_enable.feature mod/data/tests/behat/manageapproved_disable.feature

      I propose an additional yes/no-setting for database activities beside to the 'approval required' setting to allow/disallow managing (edit, delete) an entry by its owner when the entry is approved.

      The attached patch does the following:

      • add manageapproved database field to data table
      • add setting 'manage approved entries' (default yes)
      • add function 'data_user_can_manage_entry' to lib.php. This function checks whether the current user is allowed to manage the given record considering manageentries capability, data_in_readonly_period() result, ownership (determined by data_isowner()) and manageapproved setting.
      • adjusts if statements (for restricting editing and deleting entries) at view.php:376 and lib.php:1252 to make use of the new data_user_can_manage_entry function

            jojoob Johannes Burk
            jojoob Johannes Burk
            Ryan Wyllie Ryan Wyllie
            Dan Poltawski Dan Poltawski
            Adrian Greeve Adrian Greeve
            Votes:
            1 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.