Commit Graph

488 Commits

Author SHA1 Message Date
dc10f119bb MDL-14679 fixed warning and change false to array() when no users found 2008-05-24 20:43:33 +00:00
5a4e739817 MDL-14679 accesslib conversion to new dml 2008-05-24 18:35:48 +00:00
c2f10673b2 MDL-14965: Pass-by-reference call broke install on php5 2008-05-23 10:36:28 +00:00
7ade55ad96 "MDL-14668, fix course full in activity reports (upgrade course module version)" 2008-05-16 02:15:23 +00:00
137e0e6f65 Fixed typo preventing params to be properly passed. 2008-05-15 22:55:27 +00:00
f33e1ed4ae MDL-14679 ok, here is the big patch with new dmllib and ddlib API, some code is already converted, XML db editor works; see tracker for details of regressions and TODOs 2008-05-15 21:40:00 +00:00
e49ef64a2e "MDL-14129, fix print_error" 2008-05-15 03:07:21 +00:00
d33725bd2d New convinience function in accesslib: get_parent_contextid. Also, the start of some unit tests for accesslib, but only this trivial funciton, and the get_parent_contexts function it is based on. Still, it is a start. 2008-05-12 15:28:34 +00:00
db70c4bdf3 MDL-13261 Merged the removal of get_context_users_bycap and get_context_users_byrole from accesslib 2008-04-29 06:53:19 +00:00
1969b60e61 MDL-11323 Merged from Moodle 1.9 (fixes for display of aliases) 2008-04-18 06:21:00 +00:00
1d19d8a7b3 MDL-11142 Roles upgrade was losing timestart and timeend for teachers and students (Merged from 1.7) 2008-04-18 03:33:22 +00:00
5a2a53316f MDL-14129, remove all the other error() call 2008-04-04 02:54:20 +00:00
85edee26f3 MDL-13810 Merged from 1.9 2008-03-19 07:49:40 +00:00
fffb5d240a Merged MDL-13810 Fixed check for ul.timeaccess 2008-03-06 02:15:00 +00:00
12d0d174b7 Merged MDL-13754: get_users_by_capability minor fix 2008-03-03 06:20:52 +00:00
be4c1a81d6 Merged MDL-13676 Fixed some mistakes I just made 2008-02-29 08:56:39 +00:00
87486420a5 Merged MDL-13676: last-minute field change to fix an Oracle problem 2008-02-29 08:44:23 +00:00
36832e1a30 MDL-13723 - Unbalanced brackets in get_users_by_capability in the groups bit. 2008-02-28 22:41:38 +00:00
8e5a25f6f0 MDL-13560 simplify dealing with role name course aliases; merged from MOODLE_19_STABLE 2008-02-21 09:20:20 +00:00
bfb6a6564d MDL-13459 fixed hardcoded mdl_ prefix; merged from MOODLE_19_STABLE 2008-02-16 11:37:07 +00:00
d423b6dc9a MDL-13459 Didn't use the patch, which puts its finger in too many pies. Instead just implemented a quick-fix, a temporary get_assignable_for_switchrole() function. It only affects the switchroles menu. Merging from MOODLE_19_STABLE 2008-02-15 16:40:45 +00:00
65bcf17b95 MDL-13450 and MDL-13303 - sorry for changing forum API so late, but it was needed; major perf improvement for forum; fixed printing of user pictures; merged from MOODLE_19_STABLE 2008-02-13 17:03:25 +00:00
f405c6e4d8 MDL-13314 count_role_users was showing different count to those returned from
get_role_users(), based on patch from Patrick Pollett
merged from MOODLE_19_STABLE
2008-02-05 17:19:41 +00:00
76b570d602 MDL-12938, MDL-12937 - unenrol fixes - can not unenrol if can not unassign all users roles in course, do not show self unenrol if enrolment comes from parent context, fixed rturn value from get_user_roles; based on patch by Eric Merrill; merged from MOODLE_19_STABLE 2008-02-05 12:59:28 +00:00
133d5a97db MDL-13334 get_role_access() static cache in cron only; merged from MOODLE_19_STABLE 2008-02-05 10:41:05 +00:00
683ff270fe MDL-13317 use cached system context in get_user_access_sitewide and when rebuilding paths; merged from MOODLE_19_STABLE 2008-02-03 16:23:54 +00:00
c2d88da708 accesslib: Fix get_context_users_bycap() when no roles grant the cap
When no roles mention the capability, get_context_users_bycap() breaks
badly. This trivial patch does a sanity check before jumping into the
SQL shark-pool...

MDL-13160
2008-01-25 00:53:01 +00:00
588cd516e1 tweak has_capability() debug mode to add only one query per page for cap name verification; merged from MOODLE_19_STABLE 2008-01-16 17:24:08 +00:00
d46a26c309 Merged from MOODLE_19_STABLE:
MDL-13000 Adding support for developers to add their own capabilities to local/db/access.php
This relies on a local/ language pack as well for the capability names.
Notes on implementation are in lib/locallib.php
2008-01-15 04:20:12 +00:00
cc3d5e10ec Put back DEBUG_DEVELOPER sanity check in has_capability, that makes sure the capabiltiy you are asking about actually exists. I know it takes an extra DB query, but it is DEBUG_DEVELOPER only, and it is worth its weight in gold, because otherwise you get really subtle bugs that take forever to diagnose. I know, I have just been banging my head against the wall for an hour. 2008-01-08 15:04:00 +00:00
19f2318a44 accesslib: get_users_by_capability() now excludes doanything'ers properly
With some subselect-outer-join poison-pill magic, when the we don't
want doanything users, we remove the roles that would grant such
dubious status.

Just a flick of the SQL muscle, actually.
2008-01-06 23:26:19 +00:00
92c879cef1 accesslib: get_users_by_capability() fix subselect with ra.hidden
MDL-12452
2008-01-06 23:26:08 +00:00
635bfbad21 accesslib: Introducing sort_by_roleassignment_authority()
This will help us bridge the gap from olden-style order-by
user_teachers.id. From the phpdoc...

 Will re-sort a $users results array (from get_users_by_capability(), usually)
 based on a sorting policy. This is to support the odd practice of
 sorting teachers by 'authority', where authority was "lowest id of the role
 assignment".

 Will execute 1 database query. Only suitable for small numbers of users, as it
 uses an u.id IN() clause.

 Notes about the sorting criteria.

 As a default, we cannot rely on role.sortorder because then
 admins/coursecreators will always win. That is why the sane
 rule "is locality matters most", with sortorder as 2nd
 consideration.

 If you want role.sortorder, use the 'sortorder' policy, and
 name explicitly what roles you want to cover. It's probably
 a good idea to see what roles have the capabilities you want
 (array_diff() them against roiles that have 'can-do-anything'
 to weed out admin-ish roles. Or fetch a list of roles from
 variables like $CFG->coursemanagers .

MDL-12452
2008-01-06 23:25:37 +00:00
f17a660a05 accesslib: get_user_by_capability() - Fix pagination
Ooops! Off-by-one error

MDL-12452
2008-01-06 23:25:03 +00:00
c92bce4614 accesslib: get_user_by_capability() - Fix last_access handling
We were missing $courseid, which is actually $context->instanceid.

MDL-12452
2008-01-06 23:24:37 +00:00
6c9d86b7a6 accesslib: get_user_by_capability() - Move capcheck to has_capability_from_rarc()
This fixes the handling of default roles as "tie breakers" for lower
RAs in conflict, and simplifies the code a lot.

The main loop in get_user_by_capability() runs a simpler state machine
that just collects role assignments (roleid and depth), and handles
pagination.

The complex part of the state machine has moved to
has_capability_from_rarc() which will walk the data structures
collected by get_user_by_capability() for each user.

Having all the complex state handling of $hascap there makes things a
lot easier for pagination and general sanity of
get_user_by_capability().

MDL-12452
2008-01-06 23:24:25 +00:00
d2c5b7a9fa accesslib: get_user_by_capability() - Move hidden RA checks to subselect
we don't deal with RAs in the main SELECT -- we deal with _capabilities_
which is an entirely different matter ;-) -- so push the ra.hidden check
into the subselect.

Also, remove ra.hidden from the default list of fields. Hopefully no
callers are using ra.hidden -- if they are, they should be calling
something else, as this function deals with capabilities. So we might
need an audit of callers, to check that noone is expecting ra.hidden
to be there.

MDL-12452
2008-01-06 23:24:14 +00:00
a4436c6db8 accesslib: get_user_by_capability() - Handle the complex case
With this commit, we can handle the complex cases with

 - correct pagination, but not very efficient over large datasets

 - mostly-correct application of the override rules

The structure of the code is fairly complex in that we want to do
it without holding all the recs in memory, so we use a small state
machine. We have to handle the complex override rules over 1 or 2
permissions (when $doanything is set) so it all ends up quite complex.

There is one known issue with this code, in cases where the default
role ends up as the decider between 2 conflicting RAs, we fail to
apply it. This will need a bit of reorg of how the loop works.

MDL-12452
2008-01-06 23:23:58 +00:00
2d1669b0d5 accesslib: get_user_by_capability() - Simple cases now handle multiple RAs
The "simple" case SQL did not handle multiple enrolments for the same
user correctly -- it would generate multiple rows for those users,
incorrectly.

With this patch we move the join to RA to a subselect where DISTINCT
takes care of things.

MDL-12452
2008-01-06 23:23:46 +00:00
8b8bf40cc7 accesslib: get_user_by_capability() - Handle complex rolecap resolution
With this patch, get_user_by_capability() can handle the cases where
users have multiple role assignments to the same course, and PREVENTs
and PROHIBITs affect the rolecaps of this course.

Without stored procedures we cannot resolve this entirely on the
server side - so in the complex cases we do as much as we can on SQL,
and post-process the data on the PHP side, including SQL-style
pagination.

MDL-12452
2008-01-06 23:23:24 +00:00
26843e106b accesslib: get_user_by_capability() - First, handle simple cases
This patch reorganises the conditions and field handling so
we can spot if this is a call we can resolve in a single SQL
query that we just pass back the results.

If there are any PREVENTs or PROHIBITs, we need to delve into
more involved stuff...

MDL-12452
2008-01-06 23:22:26 +00:00
987e745442 accesslib: revert changes to get_users_by_capability() - MDL-12452 MDL-12451
The changes made by Yu and Tim are superceded by the patches that
follow -- and would not apply cleanly without this revert.
2008-01-06 23:22:08 +00:00
47af2e43f3 MDL-12720 removing confusing/not implemented CONTEXT_PERSONAL; merged from MOODLE_19_STABLE 2007-12-23 19:48:32 +00:00
7bb03e8a7b merged from MOODLE_19_STABLE: fixing lying phpdoc comments in role_cap_duplicate function that I moved to accesslib yesterday 2007-12-19 23:32:53 +00:00
d4564cf018 merged from MOODLE_19_STABLE: moving two functions from admin/roles/manage.php (switch_roles and role_cap_duplicate) to accesslib & added phpdoc. Fixes MDL-12621 2007-12-18 20:51:07 +00:00
d9854bee3f MDL-12602 redirect to course if require_capability() fails for module context; merged from MOODLE_19_STABLE 2007-12-16 13:53:04 +00:00
6967ba2846 MDL-12544, hide hidden roles in profile when user has no capability 2007-12-12 07:13:09 +00:00
b04ad8649b Take out debugging output in role_assign. It only tells you that something has worked, and everywhere else we use debugging output to warn people they have called an API wrongly. Therefore, this is just confusing now that we trust this bit of roles code. 2007-12-11 10:37:53 +00:00
70dd126e0b MDL-12523 accesslib:cleanup_contexts() - Fix invalid SQL syntax and reserved keywords
cleanup_contexts() was not working on Oracle - mostly due to 2 SQL
syntax problems. So probably marginally working elsewhere.

 - We should not use AS when naming table/subselect aliases - only
   when referring to column aliases in the resultset

 - level is a reserved word - oops! - so back to contextlevel
2007-12-10 21:35:58 +00:00
176058849a MDL-12451, in get_users_by_capability(), defaultroleid bit fixes 2007-12-06 03:57:05 +00:00