Commit 840e20b6 authored by anupamadharmajan's avatar anupamadharmajan

Bug 1833889: Access denied message twice via AccessDeniedException

When throwing the AccessDeniedException we don't need to add the
'accessdenied' error string again

behatnotneeded

Change-Id: Ic1c9d2be94a421218ef2558e89df0f0344fd4209
parent 30ea8c74
......@@ -16,7 +16,7 @@ require(dirname(dirname(__FILE__)) . '/init.php');
define('TITLE', get_string('deleteaccountuser', 'account', display_name($USER, null, false, false, true)));
if (!$USER->can_delete_self()) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$cancelrequestform = pieform(array(
......
......@@ -16,7 +16,7 @@ require(dirname(dirname(__FILE__)) . '/init.php');
define('TITLE', get_string('deleteaccountuser', 'account', display_name($USER, null, false, false, true)));
if (!$USER->can_delete_self()) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$deleteform = array(
......
......@@ -16,7 +16,7 @@ require(dirname(dirname(__FILE__)) . '/init.php');
define('TITLE', get_string('deleteaccountuser', 'account', display_name($USER, null, false, false, true)));
if (!$USER->can_delete_self()) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$deleteform = pieform(array(
......
......@@ -25,11 +25,11 @@ $ingroup = param_boolean('ingroup', false);
$versioning = param_boolean('versioning', false);
if (!can_view_view($viewid)) {
throw new AccessDeniedException('');
throw new AccessDeniedException();
}
if (!$versioning && !artefact_in_view($fileid, $viewid)) {
throw new AccessDeniedException('');
throw new AccessDeniedException();
}
$file = artefact_instance_from_id($fileid);
......
......@@ -78,26 +78,26 @@ if ($viewid && $fileid) {
// been attached to a public comment on the page
if ($commentid = param_integer('comment', null)) {
if (!record_exists('artefact_attachment', 'artefact', $commentid, 'attachment', $fileid)) {
throw new AccessDeniedException('');
throw new AccessDeniedException();
}
safe_require('artefact', 'comment');
$comment = new ArtefactTypeComment($commentid);
if (!$comment->viewable_in($viewid)) {
throw new AccessDeniedException('');
throw new AccessDeniedException();
}
}
else if ($artefactok == false && $isembedded && $file instanceof ArtefactTypeImage) {
// Check if the image is embedded in some text somewhere.
if (!check_is_embedded_image_visible($fileid, null, array('comment'))) {
throw new AccessDeniedException('');
throw new AccessDeniedException();
}
}
else if ($artefactok == false) {
throw new AccessDeniedException('');
throw new AccessDeniedException();
}
if (!can_view_view($viewid)) {
throw new AccessDeniedException('');
throw new AccessDeniedException();
}
if (!($file instanceof ArtefactTypeFile)) {
......@@ -156,7 +156,7 @@ else {
require_once('view.php');
$view = group_get_homepage_view($groupid);
if (!can_view_view($view->get('id'))) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$imagevisible = EmbeddedImage::can_see_embedded_image($fileid, 'group', $groupid);
}
......@@ -166,7 +166,7 @@ else {
}
if (!$imagevisible) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
}
}
......
......@@ -313,7 +313,7 @@ else {
serve_file($filepath, $downloadname, 'application/zip', $options);
}
else {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
}
else {
......
......@@ -23,7 +23,7 @@ define('TITLE', get_string('editnote', 'artefact.internal'));
$note = param_integer('id');
$artefact = new ArtefactTypeHtml($note);
if (!$USER->can_edit_artefact($artefact) || $artefact->get('locked')) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$goto = get_config('wwwroot') . 'artefact/internal/notes.php';
......
......@@ -27,7 +27,7 @@ if ($group = param_integer('group', null)) {
define('GROUP', $group);
require_once('group.php');
if (!group_user_can_edit_views($group, $USER->get('id'))) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$groupobj = group_current_group();
$pageheading = get_string('notesfor', 'artefact.internal', $groupobj->name);
......@@ -49,7 +49,7 @@ else if ($institution = param_alpha('institution', null)) {
$pageheading = get_string('notesfor', 'artefact.internal', $institutionobj->displayname);
}
if (!$USER->can_edit_institution($institution)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$where = 'institution = ?';
$values = array($institution);
......
......@@ -27,7 +27,7 @@ if ($group = param_integer('group', null)) {
define('GROUP', $group);
require_once('group.php');
if (!group_user_can_edit_views($group, $USER->get('id'))) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$groupobj = group_current_group();
$pageheading = get_string('notesfor', 'artefact.internal', $groupobj->name);
......@@ -49,7 +49,7 @@ else if ($institution = param_alpha('institution', null)) {
$pageheading = get_string('notesfor', 'artefact.internal', $institutionobj->displayname);
}
if (!$USER->can_edit_institution($institution)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$where = 'institution = ?';
$values = array($institution);
......
......@@ -24,7 +24,7 @@ safe_require('artefact', 'internal');
if (!get_record('blocktype_installed', 'active', 1, 'name', 'socialprofile')) {
// This block type is not installed. The user is not allowed in this form.
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$id = param_integer('id', 0);
......@@ -46,7 +46,7 @@ if ($delete) {
$todelete = new ArtefactTypeSocialprofile($id);
if (!$USER->can_edit_artefact($todelete)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$deleteform = array(
'name' => 'deleteprofileform',
......@@ -70,7 +70,7 @@ else {
if ($id > 0) {
$toedit = new ArtefactTypeSocialprofile($id);
if (!$USER->can_edit_artefact($toedit)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
// Get default values
$title = $toedit->get('title');
......
......@@ -20,7 +20,7 @@ define('TITLE', get_string('deleteplan','artefact.plans'));
$id = param_integer('id');
$todelete = new ArtefactTypePlan($id);
if (!$USER->can_edit_artefact($todelete)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$viewid = param_integer('view', 0);
if ($viewid) {
......
......@@ -20,7 +20,7 @@ define('TITLE', get_string('deletetask','artefact.plans'));
$id = param_integer('id');
$todelete = new ArtefactTypeTask($id);
if (!$USER->can_edit_artefact($todelete)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$viewid = param_integer('view', 0);
if ($viewid) {
......
......@@ -33,7 +33,7 @@ else {
}
$artefact = new ArtefactTypePlan($id);
if (!$USER->can_edit_artefact($artefact)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$editform = ArtefactTypePlan::get_form($artefact);
......
......@@ -26,7 +26,7 @@ define('TITLE', get_string('edittask','artefact.plans'));
$id = param_integer('id');
$task = new ArtefactTypeTask($id);
if (!$USER->can_edit_artefact($task)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$viewid = param_integer('view', 0);
if ($viewid) {
......
......@@ -33,7 +33,7 @@ if ($id) {
define('SECTION_PAGE', 'newtask');
$plan = new ArtefactTypePlan($id);
if (!$USER->can_edit_artefact($plan)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
define('TITLE', get_string('newtask','artefact.plans'));
$form = ArtefactTypeTask::get_form($id);
......
......@@ -32,7 +32,7 @@ $limit = param_integer('limit', 10);
$plan = new ArtefactTypePlan($id);
if (!$USER->can_edit_artefact($plan)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
......
......@@ -23,7 +23,7 @@ session_write_close();
$blockid = param_integer('blockid');
$block = new BlockInstance($blockid);
if (!can_view_view($block->get('view'))) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
safe_require_plugin('blocktype', $block->get('blocktype'));
......
......@@ -43,7 +43,7 @@ else {
define('CREATEGROUP', true);
if (!group_can_create_groups()) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$group_data = (object) array(
......
......@@ -26,7 +26,7 @@ $sortoptionidx = param_alpha('sortoption', 'adminfirst');
define('GROUP', $id);
$group = group_current_group();
if (!is_logged_in() && !$group->public) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$role = group_user_access($group->id);
......
......@@ -21,7 +21,7 @@ require_once('group.php');
define('TITLE', get_string('discussiontopics', 'interaction.forum'));
if (!$USER->is_logged_in()) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$limit = param_integer('limit', 10);
......
......@@ -52,7 +52,7 @@ function objection_form_submit(Pieform $form, $values) {
global $USER, $view, $artefact;
if (!$USER->is_logged_in()) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
require_once('activity.php');
......@@ -442,7 +442,7 @@ function review_form_submit(Pieform $form, $values) {
if (!$USER->is_logged_in() &&
$USER->get('id') === $view->get_owner_object()->get('owner')) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
require_once('activity.php');
......
......@@ -5289,7 +5289,7 @@ class View {
$userid = $USER->get('id');
require_once(get_config('libroot') . 'group.php');
if (!group_user_access($groupid)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$from = '
FROM {view} v
......@@ -5421,7 +5421,7 @@ class View {
$userid = $USER->get('id');
require_once(get_config('libroot') . 'group.php');
if (!group_user_access($groupid)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
// Get the count of member and non-member comments for both collections and stand alone pages
......@@ -5482,7 +5482,7 @@ class View {
$userid = $USER->get('id');
require_once(get_config('libroot') . 'group.php');
if (!group_user_access($groupid)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
// Get the count of member and non-member comments for both collections and stand alone pages
......@@ -5670,7 +5670,7 @@ class View {
require_once(get_config('libroot') . 'group.php');
if (!group_user_access($groupid)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$from = '
......
......@@ -61,8 +61,7 @@ $firstview = $views['views'][0];
$view = new View($firstview->id);
if (!can_view_view($view->get('id'))) {
$errorstr = get_string('accessdenied', 'error');
throw new AccessDeniedException($errorstr);
throw new AccessDeniedException();
}
$frameworkid = $collection->get('framework');
$framework = new Framework($frameworkid);
......
......@@ -83,5 +83,5 @@ else if (PluginModuleLti::can_submit_for_grading()) {
}
}
else {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
\ No newline at end of file
......@@ -26,8 +26,7 @@ if ($viewid) {
$view = new View($viewid);
$owner = $view->get('owner');
if (!can_view_view($view) || !$owner) {
$errorstr = get_string('accessdenied', 'error');
throw new AccessDeniedException($errorstr);
throw new AccessDeniedException();
}
if ($owner == $USER->get('id')) {
// we are looking at our own stuff so send them to my tags page
......
......@@ -90,7 +90,7 @@ $viewid = $view->get('id');
$restrictedview = !can_view_view($viewid);
// Logged-out users can't see any details, though
if ($restrictedview && !$USER->is_logged_in()) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
if (!$restrictedview) {
$viewcontent = $view->build_rows(); // Build content before initialising smarty in case pieform elements define headers.
......
......@@ -24,7 +24,7 @@ $offset = param_integer('offset', 0);
$view = param_integer('view');
if (!can_view_view($view)) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$fromdate = param_variable('fromdate', '-3 months');
......
......@@ -50,14 +50,14 @@ $viewtoken = null;
if ($mnettoken) {
$viewtoken = get_view_from_token($mnettoken, false);
if (!$viewtoken->viewid) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$viewid = $viewtoken->viewid;
}
else if ($usertoken) {
$viewtoken = get_view_from_token($usertoken, true);
if (!$viewtoken->viewid) {
throw new AccessDeniedException(get_string('accessdenied', 'error'));
throw new AccessDeniedException();
}
$viewid = $viewtoken->viewid;
}
......@@ -100,7 +100,7 @@ if (is_view_suspended($view) && !$is_admin && !$is_owner && !($groupid && $is_gr
}
if (!can_view_view($view)) {
$errorstr = (param_integer('objection', null)) ? get_string('accessdeniedobjection', 'error') : get_string('accessdenied', 'error');
$errorstr = (param_integer('objection', null)) ? get_string('accessdeniedobjection', 'error') : '';
throw new AccessDeniedException($errorstr);
}
$institution = $view->get('institution');
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment