$context_cache = array(); // Cache of all used context objects for performance (by level and instance)
$context_cache_id = array(); // Index to above cache by id
+function load_notloggedin_role() {
+ global $CFG, $USER;
+
+ $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
+ // load default not logged in role capabilities when user is not logged in
+
+ $SQL = "select * from {$CFG->prefix}role_capabilities where roleid=$CFG->notloggedinroleid
+ AND contextid = $sitecontext->id";
+
+ $capabilities = get_records_sql($SQL);
+
+ foreach ($capabilities as $capability) {
+ $USER->capabilities[$sitecontext->id][$capability->capability] = $capability->permission;
+ }
+
+ return true;
+}
/**
* This functions get all the course categories in proper order
* @param string $capability - name of the capability
* @param object $context - a context object (record from context table)
* @param integer $userid - a userid number
+ * @param bool $doanything - if false, ignore do anything
* @return bool
*/
-function has_capability($capability, $context=NULL, $userid=NULL) {
+function has_capability($capability, $context=NULL, $userid=NULL, $doanything='true') {
- global $USER, $CONTEXT;
+ global $USER, $CONTEXT, $CFG;
- if ($userid) {
+ if (!isloggedin() && !isset($USER->capabilities)) {
+ load_notloggedin_role();
+ }
+
+ if ($userid && $userid != $USER->id) {
if (empty($USER->id) or ($userid != $USER->id)) {
$capabilities = load_user_capability($capability, $context, $userid);
} else { //$USER->id == $userid
}
}
- // Check site
- $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
- if (isset($capabilities[$sitecontext->id]['moodle/site:doanything'])) {
- return (0 < $capabilities[$sitecontext->id]['moodle/site:doanything']);
- }
+ if ($doanything) {
+ // Check site
+ $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
+ if (isset($capabilities[$sitecontext->id]['moodle/site:doanything'])) {
+ return (0 < $capabilities[$sitecontext->id]['moodle/site:doanything']);
+ }
- switch ($context->aggregatelevel) {
+ switch ($context->aggregatelevel) {
- case CONTEXT_COURSECAT:
- // Check parent cats.
- $parentcats = get_parent_cats($context, CONTEXT_COURSECAT);
- foreach ($parentcats as $parentcat) {
- if (isset($capabilities[$parentcat]['moodle/site:doanything'])) {
- return (0 < $capabilities[$parentcat]['moodle/site:doanything']);
+ case CONTEXT_COURSECAT:
+ // Check parent cats.
+ $parentcats = get_parent_cats($context, CONTEXT_COURSECAT);
+ foreach ($parentcats as $parentcat) {
+ if (isset($capabilities[$parentcat]['moodle/site:doanything'])) {
+ return (0 < $capabilities[$parentcat]['moodle/site:doanything']);
+ }
}
- }
- break;
+ break;
- case CONTEXT_COURSE:
- // Check parent cat.
- $parentcats = get_parent_cats($context, CONTEXT_COURSE);
+ case CONTEXT_COURSE:
+ // Check parent cat.
+ $parentcats = get_parent_cats($context, CONTEXT_COURSE);
- foreach ($parentcats as $parentcat) {
- if (isset($capabilities[$parentcat]['do_anything'])) {
- return (0 < $capabilities[$parentcat]['do_anything']);
+ foreach ($parentcats as $parentcat) {
+ if (isset($capabilities[$parentcat]['do_anything'])) {
+ return (0 < $capabilities[$parentcat]['do_anything']);
+ }
}
- }
- break;
+ break;
- case CONTEXT_GROUP:
- // Find course.
- $group = get_record('groups','id',$context->instanceid);
- $courseinstance = get_context_instance(CONTEXT_COURSE, $group->courseid);
+ case CONTEXT_GROUP:
+ // Find course.
+ $group = get_record('groups','id',$context->instanceid);
+ $courseinstance = get_context_instance(CONTEXT_COURSE, $group->courseid);
- $parentcats = get_parent_cats($courseinstance, CONTEXT_COURSE);
- foreach ($parentcats as $parentcat) {
- if (isset($capabilities[$parentcat->id]['do_anything'])) {
- return (0 < $capabilities[$parentcat->id]['do_anything']);
+ $parentcats = get_parent_cats($courseinstance, CONTEXT_COURSE);
+ foreach ($parentcats as $parentcat) {
+ if (isset($capabilities[$parentcat->id]['do_anything'])) {
+ return (0 < $capabilities[$parentcat->id]['do_anything']);
+ }
}
- }
- $coursecontext = '';
- if (isset($capabilities[$courseinstance->id]['do_anything'])) {
- return (0 < $capabilities[$courseinstance->id]['do_anything']);
- }
+ $coursecontext = '';
+ if (isset($capabilities[$courseinstance->id]['do_anything'])) {
+ return (0 < $capabilities[$courseinstance->id]['do_anything']);
+ }
- break;
+ break;
- case CONTEXT_MODULE:
- // Find course.
- $cm = get_record('course_modules', 'id', $context->instanceid);
- $courseinstance = get_context_instance(CONTEXT_COURSE, $cm->course);
+ case CONTEXT_MODULE:
+ // Find course.
+ $cm = get_record('course_modules', 'id', $context->instanceid);
+ $courseinstance = get_context_instance(CONTEXT_COURSE, $cm->course);
- if ($parentcats = get_parent_cats($courseinstance, CONTEXT_COURSE)) {
- foreach ($parentcats as $parentcat) {
- if (isset($capabilities[$parentcat]['do_anything'])) {
- return (0 < $capabilities[$parentcat]['do_anything']);
+ if ($parentcats = get_parent_cats($courseinstance, CONTEXT_COURSE)) {
+ foreach ($parentcats as $parentcat) {
+ if (isset($capabilities[$parentcat]['do_anything'])) {
+ return (0 < $capabilities[$parentcat]['do_anything']);
+ }
}
}
- }
- if (isset($capabilities[$courseinstance->id]['do_anything'])) {
- return (0 < $capabilities[$courseinstance->id]['do_anything']);
- }
+ if (isset($capabilities[$courseinstance->id]['do_anything'])) {
+ return (0 < $capabilities[$courseinstance->id]['do_anything']);
+ }
- break;
+ break;
- case CONTEXT_BLOCK:
- // 1 to 1 to course.
- // Find course.
- $block = get_record('block_instance','id',$context->instanceid);
- $courseinstance = get_context_instance(CONTEXT_COURSE, $block->pageid); // needs check
+ case CONTEXT_BLOCK:
+ // 1 to 1 to course.
+ // Find course.
+ $block = get_record('block_instance','id',$context->instanceid);
+ $courseinstance = get_context_instance(CONTEXT_COURSE, $block->pageid); // needs check
- $parentcats = get_parent_cats($courseinstance, CONTEXT_COURSE);
- foreach ($parentcats as $parentcat) {
- if (isset($capabilities[$parentcat]['do_anything'])) {
- return (0 < $capabilities[$parentcat]['do_anything']);
+ $parentcats = get_parent_cats($courseinstance, CONTEXT_COURSE);
+ foreach ($parentcats as $parentcat) {
+ if (isset($capabilities[$parentcat]['do_anything'])) {
+ return (0 < $capabilities[$parentcat]['do_anything']);
+ }
}
- }
- if (isset($capabilities[$courseinstance->id]['do_anything'])) {
- return (0 < $capabilities[$courseinstance->id]['do_anything']);
- }
- break;
+ if (isset($capabilities[$courseinstance->id]['do_anything'])) {
+ return (0 < $capabilities[$courseinstance->id]['do_anything']);
+ }
+ break;
- default:
- // CONTEXT_SYSTEM: CONTEXT_PERSONAL: CONTEXT_USERID:
- // Do nothing.
- break;
- }
+ default:
+ // CONTEXT_SYSTEM: CONTEXT_PERSONAL: CONTEXT_USERID:
+ // Do nothing.
+ break;
+ }
- // Last: check self.
- if (isset($capabilities[$context->id]['do_anything'])) {
- return (0 < $capabilities[$context->id]['do_anything']);
+ // Last: check self.
+ if (isset($capabilities[$context->id]['do_anything'])) {
+ return (0 < $capabilities[$context->id]['do_anything']);
+ }
}
-
// do_anything has not been set, we now look for it the normal way.
return (0 < capability_search($capability, $context, $capabilities));
* @return permission (int)
*/
function capability_search($capability, $context, $capabilities) {
+
global $USER, $CFG;
-
if (isset($capabilities[$context->id][$capability])) {
if ($CFG->debug > 15) {
notify("Found $capability in context $context->id at level $context->aggregatelevel: ".$capabilities[$context->id][$capability], 'notifytiny');
global $USER, $CFG;
+ // make sure it's cleaned when loaded (again)
+ if (!empty($USER->capabilities)) {
+ unset($USER->capabilities);
+ }
+
if (empty($userid)) {
$userid = $USER->id;
} else {
$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
if ($sitecontext->id == $context->id) {
- return array();
+ $contexts = array($sitecontext->id);
+ } else {
+ // first of all, figure out all parental contexts
+ $contexts = array_reverse(get_parent_contexts($context));
}
-
- // first of all, figure out all parental contexts
- $contexts = array_reverse(get_parent_contexts($context));
$contexts = '('.implode(',', $contexts).')';
if ($cap) {
* @param $fields - fields to be pulled
* @param $sort - the sort order
*/
-function get_users_by_capability($context, $capability, $fields='distinct u.*', $sort='') {
+function get_users_by_capability($context, $capability, $fields='distinct u.*', $sort='', $limit='') {
global $CFG;
$from = ' FROM '.$CFG->prefix.'user u LEFT JOIN '.$CFG->prefix.'role_assignments ra ON ra.userid = u.id ';
$where = ' WHERE (ra.contextid = '.$context->id.' OR ra.contextid in '.$listofcontexts.') AND u.deleted = 0 AND ra.roleid in '.$roleids.' ';
- return get_records_sql($select.$from.$where);
+ return get_records_sql($select.$from.$where.$sort.$limit);
}
?>
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
if (!$userid) {
- return has_capability('moodle/legacy:admin', $context);
+ return has_capability('moodle/legacy:admin', $context, $USER->id, false);
} else {
- return has_capability('moodle/legacy:admin', $context, false, $userid);
+ return has_capability('moodle/legacy:admin', $context, false, $userid, false);
}
}
if (!$userid) {
- return (has_capability('moodle/legacy:teacher', $context)
- or has_capability('moodle/legacy:editingteacher', $context));
+ return (has_capability('moodle/legacy:teacher', $context, $USER->id, false)
+ or has_capability('moodle/legacy:editingteacher', $context, $USER->id, false)
+ or has_capability('moodle/legacy:admin', $context, $USER->id, false));
} else {
- return (has_capability('moodle/legacy:teacher', $context, $userid)
- or has_capability('moodle/legacy:editingteacher', $context, $userid));
+ return (has_capability('moodle/legacy:teacher', $context, $userid, false)
+ or has_capability('moodle/legacy:editingteacher', $context, $userid, false)
+ or has_capability('moodle/legacy:admin', $context, $userid, false));
}
}
}
if (!$userid) {
- return has_capability('moodle/legacy:editingteacher', $context);
+ return (has_capability('moodle/legacy:editingteacher', $context, $USER->id, false)
+ or has_capability('moodle/legacy:admin', $context, $USER->id, false));
} else {
- return has_capability('moodle/legacy:editingteacher', $context, $userid);
+ return (has_capability('moodle/legacy:editingteacher', $context, $userid, false)
+ or has_capability('moodle/legacy:admin', $context, $userid, false));
}
}
// we can't edit in studentview
$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
if (!$userid) {
- return has_capability('moodle/legacy:coursecreator', $context);
+ return (has_capability('moodle/legacy:coursecreator', $context, $USER->id, false)
+ or has_capability('moodle/legacy:admin', $context, $USER->id, false));
} else {
- return has_capability('moodle/legacy:coursecreator', $context, $userid);
+ return (has_capability('moodle/legacy:coursecreator', $context, $userid, false)
+ or has_capability('moodle/legacy:admin', $context, $userid, false));
}
}
}
if (!$userid) {
- return has_capability('moodle/legacy:student', $context);
+ return has_capability('moodle/legacy:student', $context, $USER->id, false);
} else {
- return has_capability('moodle/legacy:student', $context, $userid);
+ return has_capability('moodle/legacy:student', $context, $userid, false);
}
}
projects / moodle.git / commitdiff