foreach ($roles as $trole) {
if (isset($temp[$srole->id][$trole->id])) { // if set, need to write to db
if (!$record = get_record('role_allow_assign', 'roleid', $srole->id, 'allowassign', $trole->id)) {
- $record->roleid = $srole->id;
- $record->allowassign = $trole->id;
- insert_record('role_allow_assign', $record);
+ allow_assign($srole->id, $trole->id);
}
} else { //if set, means can access, attempt to remove it from db
delete_records('role_allow_assign', 'roleid', $srole->id, 'allowassign', $trole->id);
foreach ($roles as $trole) {
if (isset($temp[$srole->id][$trole->id])) { // if set, need to write to db
if (!$record = get_record('role_allow_override', 'roleid', $srole->id, 'allowoverride', $trole->id)) {
- $record->roleid = $srole->id;
- $record->allowoverride = $trole->id;
- insert_record('role_allow_override', $record);
+ allow_override($srole->id, $trole->id);
}
} else { //if set, means can access, attempt to remove it from db
delete_records('role_allow_override', 'roleid', $srole->id, 'allowoverride', $trole->id);
$strshowall = get_string('showall');
$context = get_record('context', 'id', $contextid);
+ $assignableroles = get_assignable_roles($context);
// role assigning permission checking
if ($roleid) {
}
}
-
- // this needs to check capability too
- $role = get_records('role');
- $options = array();
- foreach ($role as $rolex) {
- if (user_can_assign($context, $rolex->id)) {
- $options[$rolex->id] = $rolex->name;
- }
- }
// prints a form to swap roles
print ('<form name="rolesform" action="assign.php" method="post">');
print ('<input type="hidden" name="courseid" value="'.$courseid.'" />');
}
print ('<input type="hidden" name="contextid" value="'.$context->id.'" />'.$strcurrentrole.': ');
- choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
+ choose_from_menu ($assignableroles, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
print ('</div></form>');
if ($roleid) {
$strshowall = get_string('showall');
$context = get_record('context', 'id', $contextid);
+ $overridableroles = get_overridable_roles($context);
// role overriding permission checking
if ($roleid) {
$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $context));
$straction = get_string('overrideroles', 'role');
+
+
// we got a few tabs there
if ($context->aggregatelevel == CONTEXT_USERID) {
/*****************************************
* drop down for swapping between roles *
*****************************************/
-
- // this needs to check capability too
- $role = get_records('role');
- $options = array();
- foreach ($role as $rolex) {
- if (user_can_override($context, $rolex->id)) {
- $options[$rolex->id] = $rolex->name;
- }
- }
print ('<form name="rolesform" action="override.php" method="post">');
print ('<div align="center">'.$strcurrentcontext.': '.print_context_name($context).'<br/>');
if ($course->id) {
print ('<input type="hidden" name="courseid" value="'.$courseid.'" />');
}
- choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
+ choose_from_menu ($overridableroles, 'roleid', $roleid, 'choose', $script='rolesform.submit()');
print ('</div></form>');
/**************************************
$toprow[] = new tabobject('roles', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('roles'));
if (isset($tabsmode)) {
+
+ if (!isset($assignableroles)) {
+ $assignableroles = get_assignable_roles($context);
+ }
+ if (!isset($overridableroles)) {
+ $overridableroles = get_overridable_roles($context);
+ }
+
+
$inactive[] = 'roles';
-
- $secondrow[] = new tabobject('assign', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('assignroles', 'role'));
-
- if ($context->aggregatelevel == CONTEXT_SYSTEM) {
- $secondrow[] = new tabobject('override', '', get_string('overrideroles', 'role'));
- } else {
- $secondrow[] = new tabobject('override', $CFG->wwwroot.'/admin/roles/override.php?contextid='.$context->id,
+ if (!empty($assignableroles)) {
+ $secondrow[] = new tabobject('assign', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('assignroles', 'role'));
+ }
+
+ if (!empty($overridableroles)) {
+ if ($context->aggregatelevel == CONTEXT_SYSTEM) {
+ $secondrow[] = new tabobject('override', '', get_string('overrideroles', 'role'));
+ } else {
+ $secondrow[] = new tabobject('override', $CFG->wwwroot.'/admin/roles/override.php?contextid='.$context->id,
get_string('overrideroles', 'role'));
+ }
}
if ($tabsmode == 'override') {
* [273][moodle:blahblah] = 1
* [273][moodle:blahblahblah] = 2
*/
-
// permission definitions
define('CAP_ALLOW', 1);
define('CAP_PREVENT', -1);
define('CAP_PROHIBIT', -1000);
-
// context definitions
define('CONTEXT_SYSTEM', 10);
define('CONTEXT_PERSONAL', 20);
role_assign($guestrole, $guestuser->id, 0, $systemcontext->id);
}
+ /**
+ * Insert the correct records for legacy roles
+ */
+ allow_assign($adminrole, $adminrole);
+ allow_assign($adminrole, $coursecreatorrole);
+ allow_assign($adminrole, $noneditteacherrole);
+ allow_assign($adminrole, $editteacherrole);
+ allow_assign($adminrole, $studentrole);
+ allow_assign($adminrole, $guestrole);
+
+ allow_assign($coursecreatorrole, $noneditteacherrole);
+ allow_assign($coursecreatorrole, $editteacherrole);
+ allow_assign($coursecreatorrole, $studentrole);
+ allow_assign($coursecreatorrole, $guestrole);
+
+ allow_assign($editteacherrole, $noneditteacherrole);
+ allow_assign($editteacherrole, $studentrole);
+ allow_assign($editteacherrole, $guestrole);
+
+ /// overrides
+ allow_override($adminrole, $adminrole);
+ allow_override($adminrole, $coursecreatorrole);
+ allow_override($adminrole, $noneditteacherrole);
+ allow_override($adminrole, $editteacherrole);
+ allow_override($adminrole, $studentrole);
+ allow_override($adminrole, $guestrole);
+
+ allow_override($coursecreatorrole, $noneditteacherrole);
+ allow_override($coursecreatorrole, $editteacherrole);
+ allow_override($coursecreatorrole, $studentrole);
+ allow_override($coursecreatorrole, $guestrole);
+
+ allow_override($editteacherrole, $noneditteacherrole);
+ allow_override($editteacherrole, $studentrole);
+ allow_override($editteacherrole, $guestrole);
// Should we delete the tables after we are done? Not yet.
}
return $string;
}
-
+/** gets the list of roles assigned to this context
+ * @param object $context
+ * @return array
+ */
function get_roles_used_in_context($context) {
global $CFG;
ORDER BY r.sortorder ASC');
}
-// this function is used to print roles column in user profile page.
+/** this function is used to print roles column in user profile page.
+ * @param int userid
+ * @param int contextid
+ * @return string
+ */
function get_user_roles_in_context($userid, $contextid){
global $CFG;
}
-// returns bool
+/**
+ * Checks if a user can override capabilities of a particular role in this context
+ * @param object $context
+ * @param int targetroleid - the id of the role you want to override
+ * @return boolean
+ */
function user_can_override($context, $targetroleid) {
// first check if user has override capability
// if not return false;
}
+/**
+ * Checks if a user can assign users to a particular role in this context
+ * @param object $context
+ * @param int targetroleid - the id of the role you want to assign users to
+ * @return boolean
+ */
function user_can_assign($context, $targetroleid) {
// first check if user has override capability
return false;
}
-// gets all the user roles assigned in this context, or higher
+/**
+ * gets all the user roles assigned in this context, or higher contexts
+ * this is mainly used when checking if a user can assign a role, or overriding a role
+ * i.e. we need to know what this user holds, in order to verify against allow_assign and
+ * allow_override tables
+ * @param object $context
+ * @param int $userid
+ * @return array
+ */
function get_user_roles($context, $userid=0) {
global $USER, $CFG, $db;
$contexts);
}
+/**
+ * Creates a record in the allow_override table
+ * @param int sroleid - source roleid
+ * @param int troleid - target roleid
+ * @return int - id or false
+ */
+function allow_override($sroleid, $troleid) {
+ $record->roleid = $sroleid;
+ $record->allowoverride = $troleid;
+ return insert_record('role_allow_override', $record);
+}
+
+/**
+ * Creates a record in the allow_assign table
+ * @param int sroleid - source roleid
+ * @param int troleid - target roleid
+ * @return int - id or false
+ */
+function allow_assign($sroleid, $troleid) {
+ $record->roleid = $sroleid;
+ $record->allowassign = $troleid;
+ return insert_record('role_allow_assign', $record);
+}
+
+/**
+ * gets a list of roles assignalbe in this context for this user
+ * @param object $context
+ * @return array
+ */
+function get_assignable_roles ($context) {
+
+ $role = get_records('role');
+ $options = array();
+ foreach ($role as $rolex) {
+ if (user_can_assign($context, $rolex->id)) {
+ $options[$rolex->id] = $rolex->name;
+ }
+ }
+ return $options;
+}
+
+/**
+ * gets a list of roles that can be overriden in this context by this user
+ * @param object $context
+ * @return array
+ */
+function get_overridable_roles ($context) {
+
+ $role = get_records('role');
+ $options = array();
+ foreach ($role as $rolex) {
+ if (user_can_override($context, $rolex->id)) {
+ $options[$rolex->id] = $rolex->name;
+ }
+ }
+
+ return $options;
+
+}
?>
'coursecreator' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
+ ),
+
+ 'moodle/question:import' => array(
+ 'captype' => 'write',
+ 'contextlevel' => CONTEXT_COURSE,
+ 'legacy' => array(
+ 'guest' => CAP_PREVENT,
+ 'student' => CAP_PREVENT,
+ 'teacher' => CAP_PREVENT,
+ 'editingteacher' => CAP_ALLOW,
+ 'coursecreator' => CAP_ALLOW,
+ 'admin' => CAP_ALLOW
+ )
+ ),
+
+ 'moodle/question:export' => array(
+ 'captype' => 'read',
+ 'contextlevel' => CONTEXT_COURSE,
+ 'legacy' => array(
+ 'guest' => CAP_PREVENT,
+ 'student' => CAP_PREVENT,
+ 'teacher' => CAP_PREVENT,
+ 'editingteacher' => CAP_ALLOW,
+ 'coursecreator' => CAP_ALLOW,
+ 'admin' => CAP_ALLOW
+ )
+ ),
+
+ 'moodle/question:managecateory' => array(
+ 'captype' => 'write',
+ 'contextlevel' => CONTEXT_COURSE,
+ 'legacy' => array(
+ 'guest' => CAP_PREVENT,
+ 'student' => CAP_PREVENT,
+ 'teacher' => CAP_PREVENT,
+ 'editingteacher' => CAP_ALLOW,
+ 'coursecreator' => CAP_ALLOW,
+ 'admin' => CAP_ALLOW
+ )
+ ),
+
+ 'moodle/question:manage' => array(
+ 'captype' => 'write',
+ 'contextlevel' => CONTEXT_COURSE,
+ 'legacy' => array(
+ 'guest' => CAP_PREVENT,
+ 'student' => CAP_PREVENT,
+ 'teacher' => CAP_PREVENT,
+ 'editingteacher' => CAP_ALLOW,
+ 'coursecreator' => CAP_ALLOW,
+ 'admin' => CAP_ALLOW
+ )
)
-
);
?>
// This fragment is called by moodle_needs_upgrading() and /admin/index.php
////////////////////////////////////////////////////////////////////////////////
-$module->version = 2006081400; // The (date) version of this module
+$module->version = 2006082300; // The (date) version of this module
$module->requires = 2006080900; // Requires this Moodle version
$module->cron = 0; // How often should cron check this module (seconds)?
// This is compared against the values stored in the database to determine
// whether upgrades should be performed (see lib/db/*.php)
- $version = 2006082200; // YYYYMMDD = date
+ $version = 2006082300; // YYYYMMDD = date
// XY = increments within a single day
$release = '1.7 dev'; // Human-friendly version name
projects / moodle.git / commitdiff