2010-08-18 15:48:22
version 1.6.2
I'm building a module where admins will have more functionality than instructors. According to the documentation, authenticate() with AT_PRIV_RETURN will always return true for instructors, and admins get logged in as the instructor when viewing the courses. Is there a built-in feature or session var for this?
Thanks,
Mike
2010-08-19 03:29:30
If you need to check if it's an admin logged in as an instructor (not if it's an admin acting under his own login), the code is this:
[php]
if (isset($_SESSION['is_super_admin']) && $_SESSION['is_super_admin']) {
// it's an admin logged in as an instructor
} else {
// it's a student, assistant, alumnus or instructor
}
[/php]
As for the role of AT_PRIV_RETURN, the docs actually don't say that.
What they say is that if authenticate() has determined that a person doesn't have the rights specified by the first parameter ([i]$privilege[/i]), then it will: a) return FALSE if AT_PRIV_RETURN is present as the second parameter (hence its name); b) entirely abort the script execution otherwise.
2010-08-19 09:29:31
I was going to look at the session vars today. Thanks for the reminder about the is_super_admin var.
I looked at the docs again, and in section 18 (documentation\developer\guidelines.html#fn-authenticate), it says "The instructor user will always return TRUE" as a stand-alone sentence. (see attached) If what you say is true, then that sentence is incorrect.
Thanks again,
Mike
2010-08-19 17:45:46
Yes, the explanation could've been clearer. On the other hand, it being a separate paragraph, it's logical to assume that here the entire authenticate() function is meant, not just the second parameter.
So just replace "What they say" with "What actually happens" in my previous post.