MDL-37852 repository: Prevent user from deleting a site-wide instance

This commit is contained in:
Frederic Massart
2013-03-07 12:09:06 +08:00
committed by Damyon Wiese
parent a28da5d9b8
commit 103efbc271
+10 -5
View File
@@ -106,6 +106,14 @@ if (!empty($new)){
$type = repository::get_type_by_id($instance->options['typeid']);
}
// The context passed MUST match the context of the repository. And as both have to be
// similar, this also ensures that the context is either a user one, or a course one.
if (!empty($instance)) {
if ($instance->instance->contextid != $context->id) {
print_error('invalidcontext');
}
}
if (isset($type)) {
if (!$type->get_visible()) {
print_error('typenotvisible', 'repository', $baseurl);
@@ -150,11 +158,6 @@ if (!empty($edit) || !empty($new)) {
if ($instance->readonly) {
throw new repository_exception('readonlyinstance', 'repository');
}
// System instances settings should not be accessible here.
$repocontext = context::instance_by_id($instance->instance->contextid);
if ($repocontext->contextlevel == CONTEXT_SYSTEM) {
throw new repository_exception('nopermissiontoaccess', 'repository');
}
// Check if we can read the content of the repository, if not exception is thrown.
repository::check_capability($context->id, $instance);
$instancetype = repository::get_type_by_id($instance->options['typeid']);
@@ -213,6 +216,8 @@ if (!empty($edit) || !empty($new)) {
if ($instance->readonly) {
throw new repository_exception('readonlyinstance', 'repository');
}
// Check if we can read the content of the repository, if not exception is thrown.
repository::check_capability($context->id, $instance);
if ($sure) {
if (!confirm_sesskey()) {
print_error('confirmsesskeybad', '', $baseurl);