Adds new API support within search engines for optional methods to
delete data for courses and contexts, and implements this for the
two core search plugins (simpledb and solr).
The new API is automatically called when courses or contexts are
deleted. When a whole course is deleted, it only sends the course
delete rather than sending 1,000 separate context deletions as
each activity/block is deleted.
This was originalyl intended as a performance improvement, but the
parent is already stored, and once calculated the value of locked is
already returned.
This chagne adds support for a new feature known as Context Locking.
This allows a context to be locked, thereby removing all write
capabilities for all users (including admin) for that context, and all
child contexts.
This change ensures that all capabilities at module context level are
shown within a module, only filtering out those which belong to another
module or the subplugins of another module.
This has the effect that module-level capabilities are included
providing they relate to
- the module being queried
- any subplugin of that module
- any capability at module level which does not belong to another module
or its subplugin
- any other explicitly included capability
This allows permissions to be defined on a capability at a context
level.
Whenever the role_capabilities table is changed, we need to remember
to clear the cache for the role(s) being modified. This is far simpler
when all of those changes happen in a single file, i.e. accesslib.php,
allowing other parts of the application to use the public functions
without requiring knowledge of the cache internals.
Thanks to MDL-49398, we can separate the combined user session and role
definition cache clearing function into two separate functions. At the
same time, we want to identify and remove mark_dirty() calls that were
added for role definition changes but were incorrectly left behind.
Change highlights:
- Remove unnecessary mark_dirty() calls performed after
assign_capability(), unassign_capability(), delete_role(),
deleted contexts, brand new contexts
- Move role definition cache clear from the user-centric
accesslib_clear_all_caches() to the newly created,
role-dedicated accesslib_reset_role_cache()
Fixed to return both those roles in the profileroles site policy and
any roles which the current user can assign in the respective context,
meaning a user can see a link to any role they can assign.
This change removes the complex and partial loading of role definition data for users.
It is replaced by keeping one system-wide definition for each role in MUC.
This is cheaper to regenerate as it avoids complex database queries (repeated LEFT JOIN to context).
Memory usage is kept low thanks to array CoW for each user access data.
Refactor similar SQL generation code from get_users_by_capability
and get_enrolled_uses to make get_with_capability_sql.
Modified files: accesslib.php, enrollib.php, grouplib.php, new tests.
The new query is logically equivalen, but much, much faster, at
least on Postgred. (15ms, instead of 700ms, in one example I tried
on the database for the OU's main Moodle site.)
The function get_role_users() requires the caller to include the $sort fields in
the $fields argument. On PostgreSQL this will cause the function to fail when
the default $sort fields aren't part of the requested fields. The behavior of
the function is augmented to add the $sort fields to $fields if they are not
already present.
With no PHPDocs and $instanceid as name some module developers confuse
context_module::instance argument to be instanceid of the module while
it actually should be cmid.
