From d67de0ca05f8dead462086bc9b82a1a4ba7d4a64 Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Tue, 6 Mar 2007 22:01:22 +0000
Subject: [PATCH] MDL-7633 legacy capabilities now have special menu

---
 admin/roles/manage.html   | 75 +++++++++++++++++++++++----------------
 admin/roles/manage.php    | 64 ++++++++++++++++++++++++++++-----
 admin/roles/override.html |  8 ++++-
 admin/roles/override.php  |  4 +++
 lang/en_utf8/role.php     |  1 +
 lib/accesslib.php         |  6 ++--
 6 files changed, 115 insertions(+), 43 deletions(-)

diff --git a/admin/roles/manage.html b/admin/roles/manage.html
index 9a357ac63a4..18f5f3e460b 100755
--- a/admin/roles/manage.html
+++ b/admin/roles/manage.html
@@ -34,26 +34,54 @@
         <td align="right"><?php print_string('description') ?>:</td>
         <td><?php p($role->description); $usehtmleditor = false; ?></td>
     </tr>
+    <tr valign="top">
+        <td align="right"><?php print_string('legacytype', 'role') ?>:</td>
+        <td><?php 
+                $usehtmleditor = false;
+                if (empty($role->legacytype)) {
+                    print_string('none');
+                } else {
+                    print_string('legacy:'.$role->legacytype, 'role');
+                }
+            ?>
+        </td>
+    </tr>
 <?php } else { ?>
     <tr valign="top">
         <td align="right"><label for="name"><?php print_string('name') ?></label></td>
         <td><?php
             echo '<input type="text" id="name" name="name" maxlength="254" size="50" value="'.s($role->name).'" />';
             if (isset($errors["name"])) formerr($errors["name"]);
-            ?></td>
+            ?>
+        </td>
     </tr>
     <tr valign="top">
         <td align="right"><label for="shortname"><?php print_string('shortname') ?></label></td>
         <td><?php
             echo '<input type="text" id="shortname" name="shortname" maxlength="20" size="15" value="'.s($role->shortname).'" />';
             if (isset($errors["shortname"])) formerr($errors["shortname"]);
-            ?></td>
+            ?>
+        </td>
     </tr>
     <tr valign="top">
         <td align="right"><label for="edit-description"><?php print_string('description') ?></label></td>
         <td><?php
             print_textarea($usehtmleditor, 10, 50, 50, 10, 'description', $role->description);
-            ?></td>
+            ?>
+        </td>
+    </tr>
+    <tr valign="top">
+        <td align="right"><label for="menulegacytype"><?php print_string('legacytype', 'role') ?></label></td>
+        <td><?php
+            $options = array();
+            $options[''] = get_string('none');
+            $legacyroles = get_legacy_roles();
+            foreach($legacyroles as $ltype=>$lcap) {
+                $options[$ltype] = get_string('legacy:'.$ltype, 'role');
+            }
+            choose_from_menu($options, 'legacytype', $role->legacytype, '');
+            ?>
+        </td>
     </tr>
 <?php } ?>
 </table>
@@ -88,27 +116,19 @@ $strrisks = s(get_string('risks', 'role'));
 $strcapabilities = s(get_string('capabilities', 'role'));
 
 // prepare legacy defaults
-$legacyroles = get_legacy_roles();
-
-$defaultcaps = false;
-foreach($legacyroles as $ltype=>$lcap) {
-    if (empty($errors)) {
-       // check the capability override for this cap, this role in this context
-        $localoverride = get_local_override($roleid, $sitecontext->id, $lcap);
-    } else {
-        $localoverride->permission = $role->{$lcap};
-    }
-    if (!empty($localoverride->permission) and $localoverride->permission == CAP_ALLOW) {
-        if ($defaultcaps !== false) {
-            //oh, several legacy caps selected!
-            $defaultcaps = false;
-            break;
-        }
-        $defaultcaps = get_default_capabilities($ltype);
-    }
+if (!empty($role->legacytype)) {
+    $defaultcaps = get_default_capabilities($role->legacytype);
+} else {
+    $defaultcaps = false;
 }
 
 foreach ($capabilities as $capability) {
+
+    //legacy caps have their own selector
+    if (strpos($capability->name, 'moodle/legacy:') === 0 ) {
+        continue;
+    }
+
     // prints a breaker if component or name or context level
     if ($capability->component != $component or $capability->contextlevel != $contextlevel) {
         echo ('<tr class="rolecapheading header"><td colspan="10" class="header"><strong>'.
@@ -162,15 +182,10 @@ foreach ($capabilities as $capability) {
     }
     $riskinfo .= '</td>';
 
-    if ($defaultcaps === false) {
-        $capclass = '';
-    } else {
-        $capclass = 'capdefault';
-    }
-    $isinherit  = (!isset($defaultcaps[$capability->name]) or $defaultcaps[$capability->name] == CAP_INHERIT) ? $capclass : '';
-    $isallow    = (isset($defaultcaps[$capability->name]) and $defaultcaps[$capability->name] == CAP_ALLOW) ? $capclass : '';
-    $isprevent  = (isset($defaultcaps[$capability->name]) and $defaultcaps[$capability->name] == CAP_PREVENT) ? $capclass : '';
-    $isprohibit = (isset($defaultcaps[$capability->name]) and $defaultcaps[$capability->name] == CAP_PROHIBIT) ? $capclass : '';
+    $isinherit  = (!isset($defaultcaps[$capability->name]) or $defaultcaps[$capability->name] == CAP_INHERIT) ? 'capdefault' : '';
+    $isallow    = (isset($defaultcaps[$capability->name]) and $defaultcaps[$capability->name] == CAP_ALLOW) ? 'capdefault' : '';
+    $isprevent  = (isset($defaultcaps[$capability->name]) and $defaultcaps[$capability->name] == CAP_PREVENT) ? 'capdefault' : '';
+    $isprohibit = (isset($defaultcaps[$capability->name]) and $defaultcaps[$capability->name] == CAP_PROHIBIT) ? 'capdefault' : '';
 
     ?>
 
diff --git a/admin/roles/manage.php b/admin/roles/manage.php
index e7db01baa9a..20896cce809 100755
--- a/admin/roles/manage.php
+++ b/admin/roles/manage.php
@@ -57,6 +57,12 @@
             if ($data = data_submitted() and confirm_sesskey()) {
 
                 $shortname = moodle_strtolower(clean_param(clean_filename($shortname), PARAM_SAFEDIR)); // only lowercase safe ASCII characters
+                $legacytype = required_param('legacytype', PARAM_RAW);
+
+                $legacyroles = get_legacy_roles();
+                if (!array_key_exists($legacytype, $legacyroles)) {
+                    $legacytype = '';
+                }
 
                 if (empty($name)) {
                     $errors['name'] = get_string('errorbadrolename', 'role');
@@ -71,12 +77,19 @@
                 }
 
                 if (empty($errors)) {
-                    $newrole = create_role($name, $shortname, $description);
+                    $newroleid = create_role($name, $shortname, $description);
+
+                    // set proper legacy type
+                    if (!empty($legacytype)) {
+                        assign_capability($legacyroles[$legacytype], CAP_ALLOW, $newroleid, $sitecontext->id);
+                    }
+
                 } else {
                     $newrole = new object();
-                    $newrole->name = $name;
-                    $newrole->shortname = $shortname;
+                    $newrole->name        = $name;
+                    $newrole->shortname   = $shortname;
                     $newrole->description = $description;
+                    $newrole->legacytype  = $legacytype;
                 }
 
                 $allowed_values = array(CAP_INHERIT, CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT);
@@ -86,6 +99,12 @@
                     if (!isset($data->{$cap->name})) {
                         continue;
                     }
+
+                    // legacy caps have their own selector
+                    if (islegacy($data->{$cap->name})) {
+                        continue;
+                    }
+
                     $capname = $cap->name;
                     $value = clean_param($data->{$cap->name}, PARAM_INT);
                     if (!in_array($value, $allowed_values)) {
@@ -93,11 +112,12 @@
                     }
 
                     if (empty($errors)) {
-                        assign_capability($capname, $value, $newrole, $sitecontext->id);
+                        assign_capability($capname, $value, $newroleid, $sitecontext->id);
                     } else {
                         $newrole->$capname = $value;
                     }
                 }
+
                 if (empty($errors)) {
                     redirect('manage.php');
                 }
@@ -108,6 +128,12 @@
             if ($data = data_submitted() and confirm_sesskey()) {
 
                 $shortname = moodle_strtolower(clean_param(clean_filename($shortname), PARAM_SAFEDIR)); // only lowercase safe ASCII characters
+                $legacytype = required_param('legacytype', PARAM_RAW);
+
+                $legacyroles = get_legacy_roles();
+                if (!array_key_exists($legacytype, $legacyroles)) {
+                    $legacytype = '';
+                }
 
                 if (empty($name)) {
                     $errors['name'] = get_string('errorbadrolename', 'role');
@@ -128,9 +154,10 @@
                 }
                 if (!empty($errors)) {
                     $newrole = new object();
-                    $newrole->name = $name;
-                    $newrole->shortname = $shortname;
+                    $newrole->name        = $name;
+                    $newrole->shortname   = $shortname;
                     $newrole->description = $description;
+                    $newrole->legacytype  = $legacytype;
                 }
 
                 $allowed_values = array(CAP_INHERIT, CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT);
@@ -140,6 +167,12 @@
                     if (!isset($data->{$cap->name})) {
                         continue;
                     }
+
+                    // legacy caps have their own selector
+                    if (islegacy($data->{$cap->name}) === 0 ) {
+                        continue;
+                    }
+
                     $capname = $cap->name;
                     $value = clean_param($data->{$cap->name}, PARAM_INT);
                     if (!in_array($value, $allowed_values)) {
@@ -173,6 +206,7 @@
                             assign_capability($capname, $value, $roleid, $sitecontext->id);
                         }
                     }
+
                 }
 
                 if (empty($errors)) {
@@ -185,6 +219,16 @@
                     if (!update_record('role', $role)) {
                         error('Could not update role!');
                     }
+
+                    // set proper legacy type
+                    foreach($legacyroles as $ltype=>$lcap) {
+                        if ($ltype == $legacytype) {
+                            assign_capability($lcap, CAP_ALLOW, $roleid, $sitecontext->id);
+                        } else {
+                            unassign_capability($lcap, $roleid);
+                        } 
+                    }                    
+
                     redirect('manage.php');
                 }
             }
@@ -349,9 +393,10 @@
             $roleid = 0;
             if (empty($errors) or empty($newrole)) {
                 $role = new object();
-                $role->name='';
-                $role->shortname='';
-                $role->description='';
+                $role->name        = '';
+                $role->shortname   = '';
+                $role->description = '';
+                $role->legacytype  = '';
             } else {
                 $role = stripslashes_safe($newrole);
             }
@@ -361,6 +406,7 @@
             if(!$role = get_record('role', 'id', $roleid)) {
                 error('Incorrect role ID!');
             }
+            $role->legacytype = get_legacy_type($role->id);
         }
 
         foreach ($roles as $rolex) {
diff --git a/admin/roles/override.html b/admin/roles/override.html
index 6ccff871df0..614163af784 100755
--- a/admin/roles/override.html
+++ b/admin/roles/override.html
@@ -33,6 +33,12 @@
         $strcapabilities = s(get_string('capabilities', 'role'));
 
         foreach ($capabilities as $capability) {
+
+            // legacy caps should not be overriden - we must use proper capabilities if needed
+            if (islegacy($capability->name)) {
+                continue;
+            }
+
         // prints a breaker if component or name or context level
             if ($capability->component != $component or $capability->contextlevel != $contextlevel) {
                 echo ('<tr class="rolecapheading header"><td colspan="10" class="header"><strong>'.get_component_string($capability->component, $capability->contextlevel).'</strong></td></tr>');
@@ -59,7 +65,7 @@
                 $isprohibit = 0;
             }
 
-            $isdisabled = $isprohibit || islegacy($capability->name);
+            $isdisabled = $isprohibit;
 
             $riskinfo = '<td class="risk managetrust">';
             $rowclasses = '';
diff --git a/admin/roles/override.php b/admin/roles/override.php
index 8f1700b0f89..b031d785204 100755
--- a/admin/roles/override.php
+++ b/admin/roles/override.php
@@ -90,6 +90,10 @@
                 continue;
             }
 
+            if (islegacy($data->{$cap->name})) {
+                continue;
+            }
+
             $capname = $cap->name;
             $value = clean_param($data->{$cap->name}, PARAM_INT);
             if (!in_array($value, $allowed_values)) {
diff --git a/lang/en_utf8/role.php b/lang/en_utf8/role.php
index b220b6f660a..75172632ab0 100644
--- a/lang/en_utf8/role.php
+++ b/lang/en_utf8/role.php
@@ -65,6 +65,7 @@ $string['legacy:guest'] = 'LEGACY ROLE: Guest';
 $string['legacy:student'] = 'LEGACY ROLE: Student';
 $string['legacy:teacher'] = 'LEGACY ROLE: Teacher (non-editing)';
 $string['legacy:user'] = 'LEGACY ROLE: Authenticated user';
+$string['legacytype'] = 'Legacy role type';
 $string['listallroles'] = 'List all roles';
 $string['manageroles'] = 'Manage roles';
 $string['metaassignerror'] = 'Can not assign this role to user \"$a\" because Manage metacourse capability is needed.';
diff --git a/lib/accesslib.php b/lib/accesslib.php
index 5632324670a..fbcb5016d2d 100755
--- a/lib/accesslib.php
+++ b/lib/accesslib.php
@@ -1628,10 +1628,10 @@ function assign_legacy_capabilities($capability, $legacyperms) {
  * @return boolean
  */
 function islegacy($capabilityname) {
-    if (strstr($capabilityname, 'legacy') === false) {
-        return false;
-    } else {
+    if (strpos($capabilityname, 'moodle/legacy') === 0) {
         return true;
+    } else {
+        return false;
     }
 }