-
Bug
-
Resolution: Fixed
-
Minor
-
2.7.10, 2.8.8, 2.9.2
-
MOODLE_27_STABLE, MOODLE_28_STABLE, MOODLE_29_STABLE
-
MOODLE_28_STABLE, MOODLE_29_STABLE
-
If the user making the call to core_calendar_get_calendar_events does not have the 'moodle/calendar:manageentries' capability then an array called $courses is not generated. This leads to an E_WARNING in_array() expects parameter 2 to be array, null given
The issue is in core_calendar_external::get_calendar_events() in calendar/externallib.php
The code that does not set the $courses array:
// Let us findout courses that we can return events from.
|
if (!$hassystemcap) {
|
foreach ($params['events']['courseids'] as $id) {
|
try {
|
$context = context_course::instance($id);
|
self::validate_context($context);
|
$funcparam['courses'][] = $id;
|
} catch (Exception $e) {
|
$warnings[] = array(
|
'item' => 'course',
|
'itemid' => $id,
|
'warningcode' => 'nopermissions',
|
'message' => 'No access rights in course context '.$e->getMessage().$e->getTraceAsString()
|
);
|
continue;
|
}
|
}
|
} else {
|
$courses = $params['events']['courseids'];
|
$funcparam['courses'] = $courses;
|
}
|
The code that generates the warning:
if (($eventobj->courseid == $SITE->id) ||
|
(!empty($eventobj->groupid) && in_array($eventobj->groupid, $groups)) ||
|
(!empty($eventobj->courseid) && in_array($eventobj->courseid, $courses)) ||
|
($USER->id == $eventobj->userid) ||
|
(calendar_edit_event_allowed($eventid))) {
|
$events[$eventid] = $event;
|
} else {
|
$warnings[] = array('item' => $eventid, 'warningcode' => 'nopermissions', 'message' => 'you do not have permissions to view this event');
|
}
|
I think this may mean that course events may not show up correctly in the web service.