forked from moodle/moodle
-
Notifications
You must be signed in to change notification settings - Fork 1
/
ajax.php
129 lines (115 loc) · 5.38 KB
/
ajax.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* This file processes AJAX enrolment actions and returns JSON
*
* The general idea behind this file is that any errors should throw exceptions
* which will be returned and acted upon by the calling AJAX script.
*
* @package core_enrol
* @copyright 2010 Sam Hemelryk
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
define('AJAX_SCRIPT', true);
require('../config.php');
require_once("$CFG->dirroot/enrol/locallib.php");
require_once("$CFG->dirroot/enrol/renderer.php");
require_once("$CFG->dirroot/group/lib.php");
// Must have the sesskey
$id = required_param('id', PARAM_INT); // course id
$action = required_param('action', PARAM_ALPHANUMEXT);
$PAGE->set_url(new moodle_url('/enrol/ajax.php', array('id'=>$id, 'action'=>$action)));
$course = $DB->get_record('course', array('id'=>$id), '*', MUST_EXIST);
$context = context_course::instance($course->id, MUST_EXIST);
if ($course->id == SITEID) {
throw new moodle_exception('invalidcourse');
}
require_login($course);
require_capability('moodle/course:enrolreview', $context);
require_sesskey();
echo $OUTPUT->header(); // send headers
$manager = new course_enrolment_manager($PAGE, $course);
$outcome = new stdClass();
$outcome->success = true;
$outcome->response = new stdClass();
$outcome->error = '';
$searchanywhere = get_user_preferences('userselector_searchtype') === USER_SEARCH_CONTAINS;
switch ($action) {
case 'unenrol':
$ue = $DB->get_record('user_enrolments', array('id'=>required_param('ue', PARAM_INT)), '*', MUST_EXIST);
list ($instance, $plugin) = $manager->get_user_enrolment_components($ue);
if (!$instance || !$plugin || !enrol_is_enabled($instance->enrol) || !$plugin->allow_unenrol_user($instance, $ue) || !has_capability("enrol/$instance->enrol:unenrol", $manager->get_context()) || !$manager->unenrol_user($ue)) {
throw new enrol_ajax_exception('unenrolnotpermitted');
}
break;
case 'unassign':
$role = required_param('role', PARAM_INT);
$user = required_param('user', PARAM_INT);
if (!has_capability('moodle/role:assign', $manager->get_context()) || !$manager->unassign_role_from_user($user, $role)) {
throw new enrol_ajax_exception('unassignnotpermitted');
}
break;
case 'assign':
$user = $DB->get_record('user', array('id'=>required_param('user', PARAM_INT)), '*', MUST_EXIST);
$roleid = required_param('roleid', PARAM_INT);
if (!array_key_exists($roleid, $manager->get_assignable_roles())) {
throw new enrol_ajax_exception('invalidrole');
}
if (!has_capability('moodle/role:assign', $manager->get_context()) || !$manager->assign_role_to_user($roleid, $user->id)) {
throw new enrol_ajax_exception('assignnotpermitted');
}
$outcome->response->roleid = $roleid;
break;
case 'getassignable':
$otheruserroles = optional_param('otherusers', false, PARAM_BOOL);
$outcome->response = $manager->get_assignable_roles_for_json($otheruserroles);
break;
case 'searchotherusers':
$search = optional_param('search', '', PARAM_RAW);
$page = optional_param('page', 0, PARAM_INT);
$outcome->response = $manager->search_other_users($search, $searchanywhere, $page);
// TODO Does not support custom user profile fields (MDL-70456).
$extrafields = \core_user\fields::get_identity_fields($context, false);
$useroptions = array();
// User is not enrolled, either link to site profile or do not link at all.
if (has_capability('moodle/user:viewdetails', context_system::instance())) {
$useroptions['courseid'] = SITEID;
} else {
$useroptions['link'] = false;
}
foreach ($outcome->response['users'] as &$user) {
$user->userId = $user->id;
$user->picture = $OUTPUT->user_picture($user, $useroptions);
$user->fullname = fullname($user);
$fieldvalues = array();
foreach ($extrafields as $field) {
$fieldvalues[] = s($user->{$field});
unset($user->{$field});
}
$user->extrafields = implode(', ', $fieldvalues);
unset($user->id);
}
// Chrome will display users in the order of the array keys, so we need
// to ensure that the results ordered array keys. Fortunately, the JavaScript
// does not care what the array keys are. It uses user.id where necessary.
$outcome->response['users'] = array_values($outcome->response['users']);
$outcome->success = true;
break;
default:
throw new enrol_ajax_exception('unknowajaxaction');
}
echo json_encode($outcome);
die();