Merge "Bug 1609200: Limit group config to group's admins"

htdocs/group/edit.php

@@ -20,7 +20,7 @@ if ($id = param_integer('id', null)) {
     define('TITLE', get_string('editgroup', 'group'));
     define('GROUP', $id);
 
-    if (!group_user_access($id)) {
+    if (!group_user_can_configure($id)) {
         $SESSION->add_error_msg(get_string('canteditdontown', 'group'));
         redirect('/group/mygroups.php');
     }

htdocs/lib/group.php

@@ -921,6 +921,24 @@ function group_user_can_leave($group, $userid=null) {
     return ($result[$group->id][$userid] = true);
 }
 
+/**
+ * Checks whether a user is allowed to change the group's configuration settings.
+ * (via edit/group.php)
+ *
+ * @param int $groupid Group to check
+ * @param int $userid User to check (default: current user)
+ * @param boolean $refresh Whether to re-check the user's role in the database (default: false)
+ */
+function group_user_can_configure($groupid, $userid = null, $refresh = false) {
+
+    if ('admin' === group_user_access($groupid, $userid, $refresh)) {
+        return true;
+    }
+    else {
+        return false;
+    }
+}
+
 /**
  * Removes a user from a group.
  *