* only one of the 4 (moduleinstance, courseid, site, userid) would be set at 1 time
* This is a recursive funciton.
* @uses $USER
- * @param string $capability - name of the capability
+ * @param string $capability - name of the capability (or debugcache or clearcache)
* @param object $context - a context object (record from context table)
* @param integer $userid - a userid number
* @param bool $doanything - if false, ignore do anything
static $capcache = array(); // Cache of capabilities
+
+/// Cache management
+
+ if ($capability == 'clearcache') {
+ $capcache = array(); // Clear ALL the capability cache
+ return false;
+ }
+
/// Some sanity checks
if (debugging()) {
if ($capability == 'debugcache') {
/// Check and return cache in case we've processed this one before.
$cachekey = $capability.'_'.$context->id.'_'.intval($userid).'_'.intval($doanything);
+
if (isset($capcache[$cachekey])) {
return $capcache[$cachekey];
}
$userid = $USER->id;
}
+/// We act a little differently when switchroles is active
+
+ $switchroleactive = false; // Assume it isn't active in this context
+
/// First deal with the "doanything" capability
/// First make sure that we aren't in a "switched role"
- $switchroleactive = false; // Assume it isn't active in this context
-
if (!empty($USER->switchrole)) { // Switchrole is active somewhere!
if (!empty($USER->switchrole[$context->id])) { // Because of current context
$switchroleactive = true;
return $result;
}
}
- /// do_anything has not been set, we now look for it the normal way. (checking individual capability)
- $result = (0 < capability_search($capability, $context, $capabilities));
+ // do_anything has not been set, we now look for it the normal way.
+ $result = (0 < capability_search($capability, $context, $capabilities, $switchroleactive));
$capcache[$cachekey] = $result;
return $result;
* @param $capabilities - either $USER->capability or loaded array (for other users)
* @return permission (int)
*/
-function capability_search($capability, $context, $capabilities) {
+function capability_search($capability, $context, $capabilities, $switchroleactive=false) {
global $USER, $CFG;
break;
case CONTEXT_COURSE: // 1 to 1 to course cat
- // find the course cat, and return its value
- $course = get_record('course','id',$context->instanceid);
- // Yu: Separating site and site course context
- if ($course->id == SITEID) {
- $parentcontext = get_context_instance(CONTEXT_SYSTEM);
- } else {
- $parentcontext = get_context_instance(CONTEXT_COURSECAT, $course->category);
+ if (empty($switchroleactive)) {
+ // find the course cat, and return its value
+ $course = get_record('course','id',$context->instanceid);
+ if ($course->id == SITEID) { // In 1.8 we've separated site course and system
+ $parentcontext = get_context_instance(CONTEXT_SYSTEM);
+ } else {
+ $parentcontext = get_context_instance(CONTEXT_COURSECAT, $course->category);
+ }
+ $permission = capability_search($capability, $parentcontext, $capabilities);
}
- $permission = capability_search($capability, $parentcontext, $capabilities);
break;
case CONTEXT_GROUP: // 1 to 1 to course
|| !empty($USER->switchrole[$context->id]) || !confirm_sesskey()) {
load_user_capability('', $context); // Reset all permissions for this context to normal
unset($USER->switchrole[$context->id]); // Delete old capabilities
+ has_capability('clearcache');
return true;
}
$USER->capabilities[$context->id]['moodle/course:view'] = CAP_ALLOW;
+/// Clear the entire capability cache to avoid mixups
+
+ has_capability('clearcache');
+
return true;
}
projects / moodle.git / commitdiff