From caac897791c5e840d2e579c5f3786ab047f2307c Mon Sep 17 00:00:00 2001
From: moodler <moodler>
Date: Tue, 5 Dec 2006 05:45:08 +0000
Subject: [PATCH] Merged fixes for switchroles from stable   MDL-7605

---
 lib/accesslib.php | 45 +++++++++++++++++++++++++++++++--------------
 1 file changed, 31 insertions(+), 14 deletions(-)

diff --git a/lib/accesslib.php b/lib/accesslib.php
index fd5d337d52..b2866829d1 100755
--- a/lib/accesslib.php
+++ b/lib/accesslib.php
@@ -293,7 +293,7 @@ function require_capability($capability, $context=NULL, $userid=NULL, $doanythin
  * only one of the 4 (moduleinstance, courseid, site, userid) would be set at 1 time
  * This is a recursive funciton.
  * @uses $USER
- * @param string $capability - name of the capability
+ * @param string $capability - name of the capability (or debugcache or clearcache)
  * @param object $context - a context object (record from context table)
  * @param integer $userid - a userid number
  * @param bool $doanything - if false, ignore do anything
@@ -305,6 +305,14 @@ function has_capability($capability, $context=NULL, $userid=NULL, $doanything=tr
 
     static $capcache = array();   // Cache of capabilities 
 
+
+/// Cache management
+
+    if ($capability == 'clearcache') {
+        $capcache = array();             // Clear ALL the capability cache
+        return false;
+    }
+
 /// Some sanity checks
     if (debugging()) {
         if ($capability == 'debugcache') {
@@ -338,6 +346,7 @@ function has_capability($capability, $context=NULL, $userid=NULL, $doanything=tr
 /// Check and return cache in case we've processed this one before.
 
     $cachekey = $capability.'_'.$context->id.'_'.intval($userid).'_'.intval($doanything);
+
     if (isset($capcache[$cachekey])) {
         return $capcache[$cachekey];
     }
@@ -363,6 +372,10 @@ function has_capability($capability, $context=NULL, $userid=NULL, $doanything=tr
         $userid = $USER->id;
     }
 
+/// We act a little differently when switchroles is active
+
+    $switchroleactive = false;             // Assume it isn't active in this context
+
 
 /// First deal with the "doanything" capability
 
@@ -370,8 +383,6 @@ function has_capability($capability, $context=NULL, $userid=NULL, $doanything=tr
 
     /// First make sure that we aren't in a "switched role"
 
-        $switchroleactive = false;             // Assume it isn't active in this context
-
         if (!empty($USER->switchrole)) {       // Switchrole is active somewhere!
             if (!empty($USER->switchrole[$context->id])) {  // Because of current context
                 $switchroleactive = true;   
@@ -515,8 +526,8 @@ function has_capability($capability, $context=NULL, $userid=NULL, $doanything=tr
             return $result;
         }
     }
-    /// do_anything has not been set, we now look for it the normal way. (checking individual capability)
-    $result = (0 < capability_search($capability, $context, $capabilities));
+    // do_anything has not been set, we now look for it the normal way.
+    $result = (0 < capability_search($capability, $context, $capabilities, $switchroleactive));
     $capcache[$cachekey] = $result;
     return $result;
 
@@ -531,7 +542,7 @@ function has_capability($capability, $context=NULL, $userid=NULL, $doanything=tr
  * @param $capabilities - either $USER->capability or loaded array (for other users)
  * @return permission (int)
  */
-function capability_search($capability, $context, $capabilities) {
+function capability_search($capability, $context, $capabilities, $switchroleactive=false) {
 
     global $USER, $CFG;
 
@@ -574,15 +585,16 @@ function capability_search($capability, $context, $capabilities) {
         break;
 
         case CONTEXT_COURSE: // 1 to 1 to course cat
-            // find the course cat, and return its value
-            $course = get_record('course','id',$context->instanceid);
-            // Yu: Separating site and site course context
-            if ($course->id == SITEID) {
-                $parentcontext = get_context_instance(CONTEXT_SYSTEM);
-            } else {
-                $parentcontext = get_context_instance(CONTEXT_COURSECAT, $course->category);
+            if (empty($switchroleactive)) {
+                // find the course cat, and return its value
+                $course = get_record('course','id',$context->instanceid);
+                if ($course->id == SITEID) {   // In 1.8 we've separated site course and system
+                    $parentcontext = get_context_instance(CONTEXT_SYSTEM);
+                } else {
+                    $parentcontext = get_context_instance(CONTEXT_COURSECAT, $course->category);
+                }
+                $permission = capability_search($capability, $parentcontext, $capabilities);
             }
-            $permission = capability_search($capability, $parentcontext, $capabilities);
         break;
 
         case CONTEXT_GROUP: // 1 to 1 to course
@@ -3248,6 +3260,7 @@ function role_switch($roleid, $context) {
         || !empty($USER->switchrole[$context->id])  || !confirm_sesskey()) {
         load_user_capability('', $context);   // Reset all permissions for this context to normal
         unset($USER->switchrole[$context->id]);  // Delete old capabilities
+        has_capability('clearcache');  
         return true;
     }
 
@@ -3280,6 +3293,10 @@ function role_switch($roleid, $context) {
 
     $USER->capabilities[$context->id]['moodle/course:view'] = CAP_ALLOW;
 
+/// Clear the entire capability cache to avoid mixups
+
+    has_capability('clearcache');  
+
     return true;
 
 }
-- 
2.39.5