mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-18 05:58:34 +01:00
Code Issues Projects Releases Wiki Activity

enrol MDL-23232 Added missing caps and plugins checks and copied both sets from the manager to implementing scripts

Browse Source
This commit is contained in:
Sam Hemelryk 2010-07-13 03:43:41 +00:00
parent eacae660b9
commit a3c7198453
3 changed files with 158 additions and 237 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
enrol/ajax.php
View File

@ -61,9 +61,9 @@ if (!confirm_sesskey()) {
switch ($action) {
case 'unenrol':
$ue = $DB->get_record('user_enrolments', array('id'=>required_param('ue', PARAM_INT)), '*', MUST_EXIST);
if ($manager->unenrol_user($ue)) {
list ($instance, $plugin) = $manager->get_user_enrolment_components($ue);
if ($instance && $plugin && $plugin->allow_unenrol($instance) && has_capability("enrol/$instance->enrol:unenrol", $manager->get_context()) && $manager->unenrol_user($ue)) {
$outcome->success = true;
} else {
$outcome->error = 'unabletounenrol';
@ -72,7 +72,7 @@ switch ($action) {
case 'unassign':
$role = required_param('role', PARAM_INT);
$user = required_param('user', PARAM_INT);
if ($manager->unassign_role_from_user($user, $role)) {
if (has_capability('moodle/role:assign', $manager->get_context()) && $manager->unassign_role_from_user($user, $role)) {
$outcome->success = true;
} else {
$outcome->error = 'unabletounassign';
@ -80,9 +80,7 @@ switch ($action) {
break;
case 'assign':
$user = required_param('user', PARAM_INT);
$user = $DB->get_record('user', array('id'=>$user), '*', MUST_EXIST);
$user = $DB->get_record('user', array('id'=>required_param('user', PARAM_INT)), '*', MUST_EXIST);
$roleid = required_param('roleid', PARAM_INT);
if (!is_enrolled($context, $user)) {
@ -90,7 +88,7 @@ switch ($action) {
break; // no roles without enrolments here in this script
}
if ($manager->assign_role_to_user($roleid, $user->id)) {
if (has_capability('moodle/role:assign', $manager->get_context()) && $manager->assign_role_to_user($roleid, $user->id)) {
$outcome->success = true;
$outcome->response->roleid = $roleid;
} else {
@ -134,7 +132,6 @@ switch ($action) {
$user->fullname = fullname($user);
}
$outcome->success = true;
break;
case 'enrol':
@ -175,10 +172,15 @@ switch ($action) {
}
$instance = $instances[$enrolid];
$plugin = $plugins[$instance->enrol];
try {
$plugin->enrol_user($instance, $user->id, $roleid, $timestart, $timeend);
} catch (Exception $e) {
$outcome->error = 'unabletoenrol';
if ($plugin->allow_enrol($instance) && require_capability('enrol/'.$plugin->get_name().':enrol', $context)) {
try {
$plugin->enrol_user($instance, $user->id, $roleid, $timestart, $timeend);
} catch (Exception $e) {
$outcome->error = 'unabletoenrol';
break;
}
} else {
$outcome->error = 'unablenotallowed';
break;
}
$outcome->success = true;

171
enrol/locallib.php
View File

@ -327,23 +327,35 @@ class course_enrolment_manager {
* @return bool
*/
public function unenrol_user($ue) {
global $DB;
global $DB;
list ($instance, $plugin) = $this->get_user_enrolment_components($ue);
if ($instance && $plugin && $plugin->allow_unenrol($instance) && has_capability("enrol/$instance->enrol:unenrol", $this->context)) {
$plugin->unenrol_user($instance, $ue->userid);
return true;
}
return false;
}
/**
* Given a user enrolment record this method returns the plugin and enrolment
* instance that relate to it.
*
* @param stdClass|int $userenrolment
* @return array array($instance, $plugin)
*/
public function get_user_enrolment_components($userenrolment) {
global $DB;
if (!is_numeric($userenrolment)) {
$userenrolment = $DB->get_record('user_enrolments', array('id'=>(int)$userenrolment));
}
$instances = $this->get_enrolment_instances();
$plugins = $this->get_enrolment_plugins();
$user = $DB->get_record('user', array('id'=>$ue->userid), '*', MUST_EXIST);
if (!isset($instances[$ue->enrolid])) {
return false;
if (!$userenrolment || !isset($instances[$userenrolment->enrolid])) {
return array(false, false);
}
$instance = $instances[$ue->enrolid];
$instance = $instances[$userenrolment->enrolid];
$plugin = $plugins[$instance->enrol];
if (!$plugin->allow_unenrol($instance) || !has_capability("enrol/$instance->enrol:unenrol", $this->context)) {
return false;
}
$plugin->unenrol_user($instance, $ue->userid);
return true;
return array($instance, $plugin);
}
/**
@ -356,6 +368,7 @@ class course_enrolment_manager {
*/
public function unassign_role_from_user($userid, $roleid) {
global $DB;
require_capability('moodle/role:assign', $this->context);
$user = $DB->get_record('user', array('id'=>$userid), '*', MUST_EXIST);
try {
role_unassign($roleid, $user->id, $this->context->id, '', NULL);
@ -433,24 +446,15 @@ class course_enrolment_manager {
* @return bool
*/
public function edit_enrolment($userenrolment, $data) {
$instances = $this->get_enrolment_instances();
if (!array_key_exists($userenrolment->enrolid, $instances)) {
return false;
list($instance, $plugin) = $this->get_user_enrolment_components($ue);
if ($instance && $plugin && $plugin->allow_manage($instance) && has_capability("enrol/$instance->enrol:manage", $this->context)) {
if (!isset($data->status)) {
$data->status = $userenrolment->status;
}
$plugin->update_user_enrol($instance, $userenrolment->userid, $data->status, $data->timestart, $data->timeend);
return true;
}
$instance = $instances[$userenrolment->enrolid];
$plugins = $this->get_enrolment_plugins();
$plugin = $plugins[$instance->enrol];
if (!$plugin->allow_unenrol($instance) || !has_capability("enrol/$instance->enrol:unenrol", $this->context)) {
return false;
}
if (!isset($data->status)) {
$data->status = $userenrolment->status;
}
$plugin->update_user_enrol($instance, $userenrolment->userid, $data->status, $data->timestart, $data->timeend);
return true;
return false;
}
/**
@ -629,20 +633,18 @@ class course_enrolment_manager {
public function enrol_cohort_users($cohortid, $roleid) {
global $DB;
require_capability('moodle/course:enrolconfig', $this->get_context());
require_capability('enrol/manual:enrol', $this->get_context());
$instances = $this->get_enrolment_instances();
$instance = false;
$instances = $this->get_enrolment_instances();
foreach ($instances as $i) {
if ($i->enrol == 'manual') {
$instance = $i;
break;
}
}
if (!$instance) {
$plugin = enrol_get_plugin('manual');
if (!$instance || !$plugin || !$plugin->allow_enrol($instance) || !has_capability('enrol/'.$plugin->get_name().':enrol', $this->get_context())) {
return false;
}
$plugin = enrol_get_plugin('manual');
$sql = "SELECT com.userid
FROM {cohort_members} com
LEFT JOIN (
@ -751,106 +753,5 @@ class course_enrolment_manager {
$userdetails[$user->id] = $details;
}
return $userdetails;
if (1==2){
// get list of roles
$roles = $this->get_user_roles($user->id);
foreach ($roles as $rid=>$unassignable) {
if ($unassignable && isset($assignable[$rid])) {
$icon = html_writer::empty_tag('img', array('alt'=>get_string('unassignarole', 'role', $allroles[$rid]->localname), 'src'=>$iconenrolremove));
$url = new moodle_url($url, array('action'=>'unassign', 'role'=>$rid, 'user'=>$user->id));
$roles[$rid] = html_writer::tag('div', $allroles[$rid]->localname . html_writer::link($url, $icon, array('class'=>'unassignrolelink', 'rel'=>$rid)), array('class'=>'role role_'.$rid));
} else {
$roles[$rid] = html_writer::tag('div', $allroles[$rid]->localname, array('class'=>'role unchangeable', 'rel'=>$rid));
}
}
$addrole = '';
if ($assignable) {
foreach ($assignable as $rid=>$unused) {
if (!isset($roles[$rid])) {
//candidate for role assignment
$url = new moodle_url($url, array('action'=>'assign', 'user'=>$user->id));
$icon = html_writer::empty_tag('img', array('alt'=>get_string('assignroles', 'role', $allroles[$rid]->localname), 'src'=>$iconenroladd));
$addrole .= html_writer::link($url, $icon, array('class'=>'assignrolelink'));
break;
}
}
}
$roles = html_writer::tag('div', implode('', $roles), array('class'=>'roles'));
if ($addrole) {
$roles = html_writer::tag('div', $addrole, array('class'=>'addrole')).$roles;
}
// Get list of groups
$usergroups = $this->get_user_groups($user->id);
$groups = array();
foreach($usergroups as $gid=>$unused) {
$group = $allgroups[$gid];
if ($canmanagegroups) {
$icon = html_writer::empty_tag('img', array('alt'=>get_string('removefromgroup', 'group', $group->name), 'src'=>$iconenrolremove));
$url = new moodle_url($url, array('action'=>'removemember', 'group'=>$gid, 'user'=>$user->id));
$groups[] = $group->name . html_writer::link($url, $icon);
} else {
$groups[] = $group->name;
}
}
$groups = implode(', ', $groups);
if ($canmanagegroups and (count($usergroups) < count($allgroups))) {
$icon = html_writer::empty_tag('img', array('alt'=>$straddgroup, 'src'=>$iconenroladd));
$url = new moodle_url($url, array('action'=>'addmember', 'user'=>$user->id));
$groups .= '<div>'.html_writer::link($url, $icon).'</div>';
}
// get list of enrol instances
$ues = $this->get_user_enrolments($user->id);
$edits = array();
foreach ($ues as $ue) {
$edit = $ue->enrolmentinstancename;
$dimmed = false;
if ($ue->timestart and $ue->timeend) {
$edit .= '&nbsp;('.get_string('periodstartend', 'enrol', array('start'=>userdate($ue->timestart), 'end'=>userdate($ue->timeend))).')';
$dimmed = ($now < $ue->timestart and $now > $ue->timeend);
} else if ($ue->timestart) {
$edit .= '&nbsp;('.get_string('periodstart', 'enrol', userdate($ue->timestart)).')';
$dimmed = ($now < $ue->timestart);
} else if ($ue->timeend) {
$edit .= '&nbsp;('.get_string('periodend', 'enrol', userdate($ue->timeend)).')';
$dimmed = ($now > $ue->timeend);
}
if ($dimmed or $ue->status != ENROL_USER_ACTIVE) {
$edit = html_writer::tag('span', $edit, array('class'=>'dimmed_text'));
}
if ($ue->enrolmentplugin->allow_unenrol($ue->enrolmentinstance) && has_capability("enrol/".$ue->enrolmentinstance->enrol.":unenrol", $context)) {
$icon = html_writer::empty_tag('img', array('alt'=>$strunenrol, 'src'=>$iconenrolremove));
$url = new moodle_url($url, array('action'=>'unenrol', 'ue'=>$ue->id));
$edit .= html_writer::link($url, $icon, array('class'=>'unenrollink', 'rel'=>$ue->id));
}
if ($ue->enrolmentplugin->allow_manage($ue->enrolmentinstance) && has_capability("enrol/".$ue->enrolmentinstance->enrol.":manage", $context)) {
$icon = html_writer::empty_tag('img', array('alt'=>$stredit, 'src'=>$iconedit));
$url = new moodle_url($url, array('action'=>'edit', 'ue'=>$ue->id));
$edit .= html_writer::link($url, $icon, array('class'=>'editenrollink', 'rel'=>$ue->id));
}
$edits[] = html_writer::tag('div', $edit, array('class'=>'enrolment'));
}
$edits = implode('', $edits);
$userdetails[$user->id] = array(
'picture' => $renderer->user_picture($user, array('courseid'=>$courseid)),
'firstname' => html_writer::link(new moodle_url('/user/view.php', array('id'=>$user->id, 'course'=>$courseid)), fullname($user, true)),
'email' => $user->email,
'lastseen' => $strlastaccess,
'role' => $roles,
'group' => $groups,
'enrol' => $edits
);
}
return $userdetails;
}
}

198
enrol/users.php
View File

@ -62,110 +62,128 @@ if ($action) {
$pagecontent = null;
switch ($action) {
/**
* Unenrols a user from this course
*/
case 'unenrol':
$ue = $DB->get_record('user_enrolments', array('id'=>required_param('ue', PARAM_INT)), '*', MUST_EXIST);
if ($confirm && $manager->unenrol_user($ue)) {
redirect($pageurl);
} else {
$user = $DB->get_record('user', array('id'=>$ue->userid), '*', MUST_EXIST);
$yesurl = new moodle_url($pageurl, array('action'=>'unenrol', 'ue'=>$ue->id, 'confirm'=>1, 'sesskey'=>sesskey()));
$message = get_string('unenrolconfirm', 'enrol', array('user'=>fullname($user, true), 'course'=>format_string($course->fullname)));
$pagetitle = get_string('unenrol', 'enrol');
$pagecontent = $OUTPUT->confirm($message, $yesurl, $pageurl);
}
$actiontaken = true;
break;
case 'unassign':
$role = required_param('role', PARAM_INT);
$user = required_param('user', PARAM_INT);
if ($confirm && $manager->unassign_role_from_user($user, $role)) {
redirect($pageurl);
} else {
$user = $DB->get_record('user', array('id'=>$user), '*', MUST_EXIST);
$allroles = $manager->get_all_roles();
$role = $allroles[$role];
$yesurl = new moodle_url($pageurl, array('action'=>'unassign', 'role'=>$role->id, 'user'=>$user->id, 'confirm'=>1, 'sesskey'=>sesskey()));
$message = get_string('unassignconfirm', 'role', array('user'=>fullname($user, true), 'role'=>$role->localname));
$pagetitle = get_string('unassignarole', 'role', $role->localname);
$pagecontent = $OUTPUT->confirm($message, $yesurl, $pageurl);
}
$actiontaken = true;
break;
case 'assign':
$user = required_param('user', PARAM_INT);
$user = $DB->get_record('user', array('id'=>$user), '*', MUST_EXIST);
if (!is_enrolled($context, $user)) {
break; // no roles without enrolments here in this script
}
$mform = new enrol_users_assign_form(NULL, array('user'=>$user, 'course'=>$course, 'assignable'=>$manager->get_assignable_roles()));
$mform->set_data($pageurl->params());
$data = $mform->get_data();
if ($mform->is_cancelled() || ($data && $manager->assign_role_to_user($data->roleid, $user->id))) {
redirect($pageurl);
} else {
$pagetitle = get_string('assignroles', 'role');
}
$actiontaken = true;
break;
case 'removemember':
$groupid = required_param('group', PARAM_INT);
$userid = required_param('user', PARAM_INT);
$user = $DB->get_record('user', array('id'=>$userid), '*', MUST_EXIST);
if ($confirm && $manager->remove_user_from_group($user, $groupid)) {
redirect($pageurl);
} else {
$group = $manager->get_group($groupid);
if (!$group) {
break;
list ($instance, $plugin) = $manager->get_user_enrolment_components($ue);
if ($instance && $plugin && $plugin->allow_unenrol($instance) && has_capability("enrol/$instance->enrol:unenrol", $manager->get_context())) {
if ($confirm && $manager->unenrol_user($ue)) {
redirect($pageurl);
} else {
$user = $DB->get_record('user', array('id'=>$ue->userid), '*', MUST_EXIST);
$yesurl = new moodle_url($pageurl, array('action'=>'unenrol', 'ue'=>$ue->id, 'confirm'=>1, 'sesskey'=>sesskey()));
$message = get_string('unenrolconfirm', 'enrol', array('user'=>fullname($user, true), 'course'=>format_string($course->fullname)));
$pagetitle = get_string('unenrol', 'enrol');
$pagecontent = $OUTPUT->confirm($message, $yesurl, $pageurl);
}
$yesurl = new moodle_url($pageurl, array('action'=>'removemember', 'group'=>$groupid, 'user'=>$userid, 'confirm'=>1, 'sesskey'=>sesskey()));
$message = get_string('removefromgroupconfirm', 'group', array('user'=>fullname($user, true), 'group'=>$group->name));
$pagetitle = get_string('removefromgroup', 'group', $group->name);
$pagecontent = $OUTPUT->confirm($message, $yesurl, $pageurl);
$actiontaken = true;
}
$actiontaken = true;
break;
/**
* Removes a role from the user with this course
*/
case 'unassign':
if (has_capability('moodle/role:assign', $manager->get_context())) {
$role = required_param('role', PARAM_INT);
$user = required_param('user', PARAM_INT);
if ($confirm && $manager->unassign_role_from_user($user, $role)) {
redirect($pageurl);
} else {
$user = $DB->get_record('user', array('id'=>$user), '*', MUST_EXIST);
$allroles = $manager->get_all_roles();
$role = $allroles[$role];
$yesurl = new moodle_url($pageurl, array('action'=>'unassign', 'role'=>$role->id, 'user'=>$user->id, 'confirm'=>1, 'sesskey'=>sesskey()));
$message = get_string('unassignconfirm', 'role', array('user'=>fullname($user, true), 'role'=>$role->localname));
$pagetitle = get_string('unassignarole', 'role', $role->localname);
$pagecontent = $OUTPUT->confirm($message, $yesurl, $pageurl);
}
$actiontaken = true;
}
break;
/**
* Assigns a new role to a user enrolled within this course.
* A user must be enrolled in the course in order for this script to action
*/
case 'assign':
$user = $DB->get_record('user', array('id'=>required_param('user', PARAM_INT)), '*', MUST_EXIST);
if (is_enrolled($context, $user) && has_capability('moodle/role:assign', $manager->get_context())) {
$mform = new enrol_users_assign_form(NULL, array('user'=>$user, 'course'=>$course, 'assignable'=>$manager->get_assignable_roles()));
$mform->set_data($pageurl->params());
$data = $mform->get_data();
if ($mform->is_cancelled() || ($data && $manager->assign_role_to_user($data->roleid, $user->id))) {
redirect($pageurl);
} else {
$pagetitle = get_string('assignroles', 'role');
}
$actiontaken = true;
}
break;
/**
* Removes the user from the given group
*/
case 'removemember':
if (has_capability('moodle/course:managegroups', $manager->get_context())) {
$groupid = required_param('group', PARAM_INT);
$userid = required_param('user', PARAM_INT);
$user = $DB->get_record('user', array('id'=>$userid), '*', MUST_EXIST);
if ($confirm && $manager->remove_user_from_group($user, $groupid)) {
redirect($pageurl);
} else {
$group = $manager->get_group($groupid);
if (!$group) {
break;
}
$yesurl = new moodle_url($pageurl, array('action'=>'removemember', 'group'=>$groupid, 'user'=>$userid, 'confirm'=>1, 'sesskey'=>sesskey()));
$message = get_string('removefromgroupconfirm', 'group', array('user'=>fullname($user, true), 'group'=>$group->name));
$pagetitle = get_string('removefromgroup', 'group', $group->name);
$pagecontent = $OUTPUT->confirm($message, $yesurl, $pageurl);
}
$actiontaken = true;
}
break;
/**
* Makes the user a member of a given group
*/
case 'addmember':
$userid = required_param('user', PARAM_INT);
$user = $DB->get_record('user', array('id'=>$userid), '*', MUST_EXIST);
if (has_capability('moodle/course:managegroups', $manager->get_context())) {
$userid = required_param('user', PARAM_INT);
$user = $DB->get_record('user', array('id'=>$userid), '*', MUST_EXIST);
$mform = new enrol_users_addmember_form(NULL, array('user'=>$user, 'course'=>$course, 'allgroups'=>$manager->get_all_groups()));
$mform->set_data($pageurl->params());
$data = $mform->get_data();
if ($mform->is_cancelled() || ($data && $manager->add_user_to_group($user, $data->groupid))) {
redirect($pageurl);
} else {
$pagetitle = get_string('addgroup', 'group');
$mform = new enrol_users_addmember_form(NULL, array('user'=>$user, 'course'=>$course, 'allgroups'=>$manager->get_all_groups()));
$mform->set_data($pageurl->params());
$data = $mform->get_data();
if ($mform->is_cancelled() || ($data && $manager->add_user_to_group($user, $data->groupid))) {
redirect($pageurl);
} else {
$pagetitle = get_string('addgroup', 'group');
}
$actiontaken = true;
}
$actiontaken = true;
break;
/**
* Edits the details of a users enrolment in the course
*/
case 'edit':
$ue = required_param('ue', PARAM_INT);
if (!$ue = $DB->get_record('user_enrolments', array('id'=>$ue))) {
$actiontaken = false;
break;
$ue = $DB->get_record('user_enrolments', array('id'=>required_param('ue', PARAM_INT)), '*', MUST_EXIST);
list($instance, $plugin) = $manager->get_user_enrolment_components($ue);
if ($instance && $plugin && $plugin->allow_manage($instance) && has_capability("enrol/$instance->enrol:manage", $manager->get_context())) {
$user = $DB->get_record('user', array('id'=>$ue->userid), '*', MUST_EXIST);
$mform = new enrol_users_edit_form(NULL, array('user'=>$user, 'course'=>$course, 'ue'=>$ue));
$mform->set_data($pageurl->params());
$data = $mform->get_data();
if ($mform->is_cancelled() || ($data && $manager->edit_enrolment($ue, $data))) {
redirect($pageurl);
} else {
$pagetitle = fullname($user);
}
$actiontaken = true;
}
$user = $DB->get_record('user', array('id'=>$ue->userid), '*', MUST_EXIST);
$mform = new enrol_users_edit_form(NULL, array('user'=>$user, 'course'=>$course, 'ue'=>$ue));
$mform->set_data($pageurl->params());
$data = $mform->get_data();
if ($mform->is_cancelled() || ($data && $manager->edit_enrolment($ue, $data))) {
redirect($pageurl);
} else {
$pagetitle = fullname($user);
}
$actiontaken = true;
break;
}
// If we took an action display we need to display something special.
if ($actiontaken) {
if (empty($pageheading)) {
$pageheading = $pagetitle;