Index: lib/accesslib.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lib/accesslib.php,v
retrieving revision 1.421.2.101
diff -u -r1.421.2.101 accesslib.php
--- lib/accesslib.php	25 Mar 2009 02:37:27 -0000	1.421.2.101
+++ lib/accesslib.php	2 Apr 2009 15:53:06 -0000
@@ -3558,20 +3558,30 @@
             $cm = get_record('course_modules', 'id', $context->instanceid);
             $module = get_record('modules', 'id', $cm->module);
 
-            $extra = "";
             $modfile = "$CFG->dirroot/mod/$module->name/lib.php";
             if (file_exists($modfile)) {
                 include_once($modfile);
                 $modfunction = $module->name.'_get_extra_capabilities';
                 if (function_exists($modfunction)) {
-                    if ($extracaps = $modfunction()) {
-                        foreach ($extracaps as $key=>$value) {
-                            $extracaps[$key]= "'$value'";
-                        }
-                        $extra = implode(',', $extracaps);
-                        $extra = "OR name IN ($extra)";
-                    }
+                    $extracaps = $modfunction();
+                }
+            }
+            if(empty($extracaps)) {
+                $extracaps = array();
+            }
+
+            // All modules allow viewhiddenactivities. This is so you can hide
+            // the module then override to allow specific roles to see it.
+            // The actual check is in course page so not module-specific
+            $extracaps[]="moodle/course:viewhiddenactivities";
+            if (count($extracaps) == 1) {
+                $extra = "OR name = '".reset($extracaps)."'";
+            } else {
+                foreach ($extracaps as $key=>$value) {
+                    $extracaps[$key]= "'$value'";
                 }
+                $extra = implode(',', $extracaps);
+                $extra = "OR name IN ($extra)";
             }
 
             $SQL = "SELECT *
Index: lib/moodlelib.php
===================================================================
RCS file: /cvsroot/moodle/moodle/lib/moodlelib.php,v
retrieving revision 1.960.2.124
diff -u -r1.960.2.124 moodlelib.php
--- lib/moodlelib.php	26 Mar 2009 09:00:15 -0000	1.960.2.124
+++ lib/moodlelib.php	2 Apr 2009 15:53:07 -0000
@@ -1986,10 +1986,15 @@
             print_error('nocontext');
         }
     }
+    if (!empty($cm) && !isset($cm->context)) {
+        if ( ! $cm->context = get_context_instance(CONTEXT_MODULE, $cm->id) ) {
+            print_error('nocontext');
+        }
+    }
     if ($COURSE->id == SITEID) {
         /// Eliminate hidden site activities straight away
         if (!empty($cm) && !$cm->visible
-            && !has_capability('moodle/course:viewhiddenactivities', $COURSE->context)) {
+            && !has_capability('moodle/course:viewhiddenactivities', $cm->context)) {
             redirect($CFG->wwwroot, get_string('activityiscurrentlyhidden'));
         }
         user_accesstime_log($COURSE->id); /// Access granted, update lastaccess times
@@ -2080,7 +2085,7 @@
 
         /// Make sure they can read this activity too, if specified
 
-            if (!empty($cm) and !$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $COURSE->context)) {
+            if (!empty($cm) and !$cm->visible and !has_capability('moodle/course:viewhiddenactivities', $cm->context)) {
                 redirect($CFG->wwwroot.'/course/view.php?id='.$cm->course, get_string('activityiscurrentlyhidden'));
             }
             user_accesstime_log($COURSE->id); /// Access granted, update lastaccess times