From 945f88ca155495b0b06ee2949f08be8a2d350262 Mon Sep 17 00:00:00 2001 From: toyomoyo Date: Wed, 23 Aug 2006 06:36:08 +0000 Subject: [PATCH] various changes - loading capabilities for questions, quiz, hide tab if no assignalbe or no overridable role is found, added some functions and comments in accesslib --- admin/roles/allowassign.php | 4 +- admin/roles/allowoverride.php | 4 +- admin/roles/assign.php | 12 +--- admin/roles/override.php | 14 ++-- admin/roles/tabs.php | 26 +++++-- lib/accesslib.php | 130 ++++++++++++++++++++++++++++++++-- lib/db/access.php | 53 +++++++++++++- mod/quiz/version.php | 2 +- version.php | 2 +- 9 files changed, 205 insertions(+), 42 deletions(-) diff --git a/admin/roles/allowassign.php b/admin/roles/allowassign.php index 1c55b204462..4e7ccaf9d49 100755 --- a/admin/roles/allowassign.php +++ b/admin/roles/allowassign.php @@ -39,9 +39,7 @@ foreach ($roles as $trole) { if (isset($temp[$srole->id][$trole->id])) { // if set, need to write to db if (!$record = get_record('role_allow_assign', 'roleid', $srole->id, 'allowassign', $trole->id)) { - $record->roleid = $srole->id; - $record->allowassign = $trole->id; - insert_record('role_allow_assign', $record); + allow_assign($srole->id, $trole->id); } } else { //if set, means can access, attempt to remove it from db delete_records('role_allow_assign', 'roleid', $srole->id, 'allowassign', $trole->id); diff --git a/admin/roles/allowoverride.php b/admin/roles/allowoverride.php index d35e52ede16..f65af9b8138 100755 --- a/admin/roles/allowoverride.php +++ b/admin/roles/allowoverride.php @@ -37,9 +37,7 @@ foreach ($roles as $trole) { if (isset($temp[$srole->id][$trole->id])) { // if set, need to write to db if (!$record = get_record('role_allow_override', 'roleid', $srole->id, 'allowoverride', $trole->id)) { - $record->roleid = $srole->id; - $record->allowoverride = $trole->id; - insert_record('role_allow_override', $record); + allow_override($srole->id, $trole->id); } } else { //if set, means can access, attempt to remove it from db delete_records('role_allow_override', 'roleid', $srole->id, 'allowoverride', $trole->id); diff --git a/admin/roles/assign.php b/admin/roles/assign.php index 9fb40a83c58..8525b2d127f 100755 --- a/admin/roles/assign.php +++ b/admin/roles/assign.php @@ -54,6 +54,7 @@ $strshowall = get_string('showall'); $context = get_record('context', 'id', $contextid); + $assignableroles = get_assignable_roles($context); // role assigning permission checking if ($roleid) { @@ -158,15 +159,6 @@ } } - - // this needs to check capability too - $role = get_records('role'); - $options = array(); - foreach ($role as $rolex) { - if (user_can_assign($context, $rolex->id)) { - $options[$rolex->id] = $rolex->name; - } - } // prints a form to swap roles print ('
'); @@ -178,7 +170,7 @@ print (''); } print (''.$strcurrentrole.': '); - choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform.submit()'); + choose_from_menu ($assignableroles, 'roleid', $roleid, 'choose', $script='rolesform.submit()'); print ('
'); if ($roleid) { diff --git a/admin/roles/override.php b/admin/roles/override.php index 1a2ac849578..75d5565aecf 100755 --- a/admin/roles/override.php +++ b/admin/roles/override.php @@ -30,6 +30,7 @@ $strshowall = get_string('showall'); $context = get_record('context', 'id', $contextid); + $overridableroles = get_overridable_roles($context); // role overriding permission checking if ($roleid) { @@ -43,6 +44,8 @@ $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $context)); $straction = get_string('overrideroles', 'role'); + + // we got a few tabs there if ($context->aggregatelevel == CONTEXT_USERID) { @@ -118,15 +121,6 @@ /***************************************** * drop down for swapping between roles * *****************************************/ - - // this needs to check capability too - $role = get_records('role'); - $options = array(); - foreach ($role as $rolex) { - if (user_can_override($context, $rolex->id)) { - $options[$rolex->id] = $rolex->name; - } - } print ('
'); print ('
'.$strcurrentcontext.': '.print_context_name($context).'
'); @@ -137,7 +131,7 @@ if ($course->id) { print (''); } - choose_from_menu ($options, 'roleid', $roleid, 'choose', $script='rolesform.submit()'); + choose_from_menu ($overridableroles, 'roleid', $roleid, 'choose', $script='rolesform.submit()'); print ('
'); /************************************** diff --git a/admin/roles/tabs.php b/admin/roles/tabs.php index 9487e9d10c7..d3b0a82aae5 100755 --- a/admin/roles/tabs.php +++ b/admin/roles/tabs.php @@ -86,15 +86,27 @@ if ($currenttab != 'update') { $toprow[] = new tabobject('roles', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('roles')); if (isset($tabsmode)) { + + if (!isset($assignableroles)) { + $assignableroles = get_assignable_roles($context); + } + if (!isset($overridableroles)) { + $overridableroles = get_overridable_roles($context); + } + + $inactive[] = 'roles'; - - $secondrow[] = new tabobject('assign', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('assignroles', 'role')); - - if ($context->aggregatelevel == CONTEXT_SYSTEM) { - $secondrow[] = new tabobject('override', '', get_string('overrideroles', 'role')); - } else { - $secondrow[] = new tabobject('override', $CFG->wwwroot.'/admin/roles/override.php?contextid='.$context->id, + if (!empty($assignableroles)) { + $secondrow[] = new tabobject('assign', $CFG->wwwroot.'/admin/roles/assign.php?contextid='.$context->id, get_string('assignroles', 'role')); + } + + if (!empty($overridableroles)) { + if ($context->aggregatelevel == CONTEXT_SYSTEM) { + $secondrow[] = new tabobject('override', '', get_string('overrideroles', 'role')); + } else { + $secondrow[] = new tabobject('override', $CFG->wwwroot.'/admin/roles/override.php?contextid='.$context->id, get_string('overrideroles', 'role')); + } } if ($tabsmode == 'override') { diff --git a/lib/accesslib.php b/lib/accesslib.php index d861a818cdb..f71a10ee2c9 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -13,14 +13,12 @@ * [273][moodle:blahblah] = 1 * [273][moodle:blahblahblah] = 2 */ - // permission definitions define('CAP_ALLOW', 1); define('CAP_PREVENT', -1); define('CAP_PROHIBIT', -1000); - // context definitions define('CONTEXT_SYSTEM', 10); define('CONTEXT_PERSONAL', 20); @@ -752,6 +750,41 @@ function moodle_install_roles() { role_assign($guestrole, $guestuser->id, 0, $systemcontext->id); } + /** + * Insert the correct records for legacy roles + */ + allow_assign($adminrole, $adminrole); + allow_assign($adminrole, $coursecreatorrole); + allow_assign($adminrole, $noneditteacherrole); + allow_assign($adminrole, $editteacherrole); + allow_assign($adminrole, $studentrole); + allow_assign($adminrole, $guestrole); + + allow_assign($coursecreatorrole, $noneditteacherrole); + allow_assign($coursecreatorrole, $editteacherrole); + allow_assign($coursecreatorrole, $studentrole); + allow_assign($coursecreatorrole, $guestrole); + + allow_assign($editteacherrole, $noneditteacherrole); + allow_assign($editteacherrole, $studentrole); + allow_assign($editteacherrole, $guestrole); + + /// overrides + allow_override($adminrole, $adminrole); + allow_override($adminrole, $coursecreatorrole); + allow_override($adminrole, $noneditteacherrole); + allow_override($adminrole, $editteacherrole); + allow_override($adminrole, $studentrole); + allow_override($adminrole, $guestrole); + + allow_override($coursecreatorrole, $noneditteacherrole); + allow_override($coursecreatorrole, $editteacherrole); + allow_override($coursecreatorrole, $studentrole); + allow_override($coursecreatorrole, $guestrole); + + allow_override($editteacherrole, $noneditteacherrole); + allow_override($editteacherrole, $studentrole); + allow_override($editteacherrole, $guestrole); // Should we delete the tables after we are done? Not yet. } @@ -1581,7 +1614,10 @@ function get_component_string($component, $contextlevel) { return $string; } - +/** gets the list of roles assigned to this context + * @param object $context + * @return array + */ function get_roles_used_in_context($context) { global $CFG; @@ -1594,7 +1630,11 @@ function get_roles_used_in_context($context) { ORDER BY r.sortorder ASC'); } -// this function is used to print roles column in user profile page. +/** this function is used to print roles column in user profile page. + * @param int userid + * @param int contextid + * @return string + */ function get_user_roles_in_context($userid, $contextid){ global $CFG; @@ -1610,7 +1650,12 @@ function get_user_roles_in_context($userid, $contextid){ } -// returns bool +/** + * Checks if a user can override capabilities of a particular role in this context + * @param object $context + * @param int targetroleid - the id of the role you want to override + * @return boolean + */ function user_can_override($context, $targetroleid) { // first check if user has override capability // if not return false; @@ -1631,6 +1676,12 @@ function user_can_override($context, $targetroleid) { } +/** + * Checks if a user can assign users to a particular role in this context + * @param object $context + * @param int targetroleid - the id of the role you want to assign users to + * @return boolean + */ function user_can_assign($context, $targetroleid) { // first check if user has override capability @@ -1651,7 +1702,15 @@ function user_can_assign($context, $targetroleid) { return false; } -// gets all the user roles assigned in this context, or higher +/** + * gets all the user roles assigned in this context, or higher contexts + * this is mainly used when checking if a user can assign a role, or overriding a role + * i.e. we need to know what this user holds, in order to verify against allow_assign and + * allow_override tables + * @param object $context + * @param int $userid + * @return array + */ function get_user_roles($context, $userid=0) { global $USER, $CFG, $db; @@ -1675,4 +1734,63 @@ function get_user_roles($context, $userid=0) { $contexts); } +/** + * Creates a record in the allow_override table + * @param int sroleid - source roleid + * @param int troleid - target roleid + * @return int - id or false + */ +function allow_override($sroleid, $troleid) { + $record->roleid = $sroleid; + $record->allowoverride = $troleid; + return insert_record('role_allow_override', $record); +} + +/** + * Creates a record in the allow_assign table + * @param int sroleid - source roleid + * @param int troleid - target roleid + * @return int - id or false + */ +function allow_assign($sroleid, $troleid) { + $record->roleid = $sroleid; + $record->allowassign = $troleid; + return insert_record('role_allow_assign', $record); +} + +/** + * gets a list of roles assignalbe in this context for this user + * @param object $context + * @return array + */ +function get_assignable_roles ($context) { + + $role = get_records('role'); + $options = array(); + foreach ($role as $rolex) { + if (user_can_assign($context, $rolex->id)) { + $options[$rolex->id] = $rolex->name; + } + } + return $options; +} + +/** + * gets a list of roles that can be overriden in this context by this user + * @param object $context + * @return array + */ +function get_overridable_roles ($context) { + + $role = get_records('role'); + $options = array(); + foreach ($role as $rolex) { + if (user_can_override($context, $rolex->id)) { + $options[$rolex->id] = $rolex->name; + } + } + + return $options; + +} ?> diff --git a/lib/db/access.php b/lib/db/access.php index bc1917a9fad..c4d6d40e745 100644 --- a/lib/db/access.php +++ b/lib/db/access.php @@ -687,8 +687,59 @@ $moodle_capabilities = array( 'coursecreator' => CAP_ALLOW, 'admin' => CAP_ALLOW ) + ), + + 'moodle/question:import' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/question:export' => array( + 'captype' => 'read', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/question:managecateory' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) + ), + + 'moodle/question:manage' => array( + 'captype' => 'write', + 'contextlevel' => CONTEXT_COURSE, + 'legacy' => array( + 'guest' => CAP_PREVENT, + 'student' => CAP_PREVENT, + 'teacher' => CAP_PREVENT, + 'editingteacher' => CAP_ALLOW, + 'coursecreator' => CAP_ALLOW, + 'admin' => CAP_ALLOW + ) ) - ); ?> diff --git a/mod/quiz/version.php b/mod/quiz/version.php index 5d7d53dcce2..90c2a77c984 100644 --- a/mod/quiz/version.php +++ b/mod/quiz/version.php @@ -5,7 +5,7 @@ // This fragment is called by moodle_needs_upgrading() and /admin/index.php //////////////////////////////////////////////////////////////////////////////// -$module->version = 2006081400; // The (date) version of this module +$module->version = 2006082300; // The (date) version of this module $module->requires = 2006080900; // Requires this Moodle version $module->cron = 0; // How often should cron check this module (seconds)? diff --git a/version.php b/version.php index 49a30214e93..cbd51bd4d39 100644 --- a/version.php +++ b/version.php @@ -6,7 +6,7 @@ // This is compared against the values stored in the database to determine // whether upgrades should be performed (see lib/db/*.php) - $version = 2006082200; // YYYYMMDD = date + $version = 2006082300; // YYYYMMDD = date // XY = increments within a single day $release = '1.7 dev'; // Human-friendly version name