mahara-contributors team mailing list archive

Thread
Date

[Bug 1262040] A change has been merged

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Mahara Bot <1262040@xxxxxxxxxxxxxxxxxx>
Date: Wed, 18 Dec 2013 03:34:58 -0000
Reply-to: Bug 1262040 <1262040@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://reviews.mahara.org/2826
Committed: http://gitorious.org/mahara/mahara/commit/2f2d9c18fb16d3847af13f5df6ece85435104288
Submitter: Aaron Wells (aaronw@xxxxxxxxxxxxxxx)
Branch:    master

commit 2f2d9c18fb16d3847af13f5df6ece85435104288
Author: Aaron Wells <aaronw@xxxxxxxxxxxxxxx>
Date:   Wed Dec 18 16:28:13 2013 +1300

Add function descriptions to $USER->can_view_artefact() et al

Bug 1262040: Since it turns out these methods don't do exactly
what their name suggests, it's a good idea to at least put a comment
on there

Change-Id: I1fd8138d004768a534072c0485144bba3ebee5d1

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1262040

Title:
  I've been misusing $USER->can_view_artefact()

Status in Mahara ePortfolio:
  Confirmed
Status in Mahara 1.6 series:
  Confirmed
Status in Mahara 1.7 series:
  Confirmed
Status in Mahara 1.8 series:
  Confirmed
Status in Mahara 1.9 series:
  Confirmed

Bug description:
  While discussing the export to ZIP bug ( Bug 1013022 ) I realized that
  $USER->can_view_artefact() does not do what I thought it did. I
  thought that it was like can_view_view(), i.e. it was an easy way to
  tell whether a particular user is allowed to see the contents of a
  particular artefact.

  But it does not mean that, as evidenced by the fact that it's not
  accessed at all on the artefact detail page, view/artefact.php.
  Instead, this function refers to whether or not the user should be
  able to see the artefact in their own or a group's Content area.

  The reason it exists and has this name, is because of the group files
  permissions system (see
  http://manual.mahara.org/en/1.8/groups/inside_group.html#index-16 ).
  This defines three permission levels for a file: "View" lets you see
  the page in Contents and use it in Group pages, "Edit" lets you change
  the file's metadata, and "Publish" lets you use the file in your own
  Portfolio pages.

  Anyway, I misunderstood it as doing the same thing as can_view_view(),
  which checks whether a particular user can see a particular Page in
  display-mode. The similar functionality for artefacts, as seen on
  view/artefact.php, is to provide an artefact ID & a page ID, and to
  check whether the artefact is in the page and the user can view the
  page.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1262040/+subscriptions

References

[Bug 1262040] [NEW] I've been misusing $USER->can_view_artefact()
From: Aaron Wells, 2013-12-18