Merge branch 'MDL-50666-master' of https://github.com/junpataleta/moodle

admin/roles/allow.php

@@ -29,7 +29,8 @@
 $classformode = array(
     'assign' => 'core_role_allow_assign_page',
     'override' => 'core_role_allow_override_page',
-    'switch' => 'core_role_allow_switch_page'
+    'switch' => 'core_role_allow_switch_page',
+    'view' => 'core_role_allow_view_page'
 );
 if (!isset($classformode[$mode])) {
     print_error('invalidmode', '', '', $mode);
@@ -58,6 +59,9 @@
         case 'switch':
             $event = \core\event\role_allow_switch_updated::create(array('context' => $syscontext));
             break;
+        case 'view':
+            $event = \core\event\role_allow_view_updated::create(array('context' => $syscontext));
+            break;
     }
     if ($event) {
         $event->trigger();

admin/roles/classes/allow_assign_page.php

@@ -33,7 +33,7 @@ public function __construct() {
     }
 
     protected function set_allow($fromroleid, $targetroleid) {
-        allow_assign($fromroleid, $targetroleid);
+        core_role_set_assign_allowed($fromroleid, $targetroleid);
     }
 
     protected function get_cell_tooltip($fromrole, $targetrole) {

admin/roles/classes/allow_override_page.php

@@ -33,7 +33,7 @@ public function __construct() {
     }
 
     protected function set_allow($fromroleid, $targetroleid) {
-        allow_override($fromroleid, $targetroleid);
+        core_role_set_override_allowed($fromroleid, $targetroleid);
     }
 
     protected function get_cell_tooltip($fromrole, $targetrole) {

admin/roles/classes/allow_switch_page.php

@@ -41,7 +41,7 @@ protected function load_required_roles() {
     }
 
     protected function set_allow($fromroleid, $targetroleid) {
-        allow_switch($fromroleid, $targetroleid);
+        core_role_set_switch_allowed($fromroleid, $targetroleid);
     }
 
     protected function is_allowed_target($targetroleid) {

admin/roles/classes/allow_view_page.php

@@ -0,0 +1,77 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * Role view matrix.
+ *
+ * @package    core_role
+ * @copyright  2016 onwards Andrew Hancox <[email protected]>
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+
+defined('MOODLE_INTERNAL') || die();
+
+/**
+ * Subclass of role_allow_role_page for the Allow views tab.
+ *
+ * @package    core_role
+ * @copyright  2016 onwards Andrew Hancox <[email protected]>
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+class core_role_allow_view_page extends core_role_allow_role_page {
+    /** @var array */
+    protected $allowedtargetroles;
+
+    /**
+     * core_role_allow_view_page constructor.
+     */
+    public function __construct() {
+        parent::__construct('role_allow_view', 'allowview');
+    }
+
+
+    /**
+     * Allow from role to view target role.
+     * @param int $fromroleid
+     * @param int $targetroleid
+     */
+    protected function set_allow($fromroleid, $targetroleid) {
+        core_role_set_view_allowed($fromroleid, $targetroleid);
+    }
+
+    /**
+     * Get tool tip for cell.
+     * @param string $fromrole
+     * @param string $targetrole
+     * @return string
+     * @throws \coding_exception
+     */
+    protected function get_cell_tooltip($fromrole, $targetrole) {
+        $a = new stdClass;
+        $a->fromrole = $fromrole->localname;
+        $a->targetrole = $targetrole->localname;
+        return get_string('allowroletoview', 'core_role', $a);
+    }
+
+    /**
+     * Get intro text for role allow view page.
+     * @return string
+     * @throws \coding_exception
+     */
+    public function get_intro_text() {
+        return get_string('configallowview', 'core_admin');
+    }
+}

admin/roles/classes/define_role_table_advanced.php

@@ -42,6 +42,7 @@ class core_role_define_role_table_advanced extends core_role_capability_table_wi
     protected $allowassign;
     protected $allowoverride;
     protected $allowswitch;
+    protected $allowview;
 
     public function __construct($context, $roleid) {
         $this->roleid = $roleid;
@@ -72,6 +73,7 @@ protected function load_current_permissions() {
             $this->allowassign = array_keys($this->get_allow_roles_list('assign'));
             $this->allowoverride = array_keys($this->get_allow_roles_list('override'));
             $this->allowswitch = array_keys($this->get_allow_roles_list('switch'));
+            $this->allowview = array_keys($this->get_allow_roles_list('view'));
 
         } else {
             $this->role = new stdClass;
@@ -83,6 +85,7 @@ protected function load_current_permissions() {
             $this->allowassign = array();
             $this->allowoverride = array();
             $this->allowswitch = array();
+            $this->allowview = array();
         }
         parent::load_current_permissions();
     }
@@ -162,6 +165,10 @@ public function read_submitted_permissions() {
         if (!is_null($allow)) {
             $this->allowswitch = $allow;
         }
+        $allow = optional_param_array('allowview', null, PARAM_INT);
+        if (!is_null($allow)) {
+            $this->allowview = $allow;
+        }
 
         // Now read the permissions for each capability.
         parent::read_submitted_permissions();
@@ -178,7 +185,8 @@ public function is_submission_valid() {
      * @param int $roleid role id or 0 for no role
      * @param array $options array with following keys:
      *      'name', 'shortname', 'description', 'permissions', 'archetype',
-     *      'contextlevels', 'allowassign', 'allowoverride', 'allowswitch'
+     *      'contextlevels', 'allowassign', 'allowoverride', 'allowswitch',
+     *      'allowview'
      */
     public function force_duplicate($roleid, array $options) {
         global $DB;
@@ -215,6 +223,9 @@ public function force_duplicate($roleid, array $options) {
             if ($options['allowswitch']) {
                 $this->allowswitch = array();
             }
+            if ($options['allowview']) {
+                $this->allowview = array();
+            }
 
             if ($options['permissions']) {
                 foreach ($this->capabilities as $capid => $cap) {
@@ -260,6 +271,9 @@ public function force_duplicate($roleid, array $options) {
         if ($options['allowswitch']) {
             $this->allowswitch = array_keys($this->get_allow_roles_list('switch', $roleid));
         }
+        if ($options['allowview']) {
+            $this->allowview = array_keys($this->get_allow_roles_list('view', $roleid));
+        }
 
         if ($options['permissions']) {
             $this->permissions = $DB->get_records_menu('role_capabilities',
@@ -280,7 +294,8 @@ public function force_duplicate($roleid, array $options) {
      * @param string $archetype
      * @param array $options array with following keys:
      *      'name', 'shortname', 'description', 'permissions', 'archetype',
-     *      'contextlevels', 'allowassign', 'allowoverride', 'allowswitch'
+     *      'contextlevels', 'allowassign', 'allowoverride', 'allowswitch',
+     *      'allowview'
      */
     public function force_archetype($archetype, array $options) {
         $archetypes = get_role_archetypes();
@@ -321,6 +336,9 @@ public function force_archetype($archetype, array $options) {
         if ($options['allowswitch']) {
             $this->allowswitch = get_default_role_archetype_allows('switch', $archetype);
         }
+        if ($options['allowview']) {
+            $this->allowview = get_default_role_archetype_allows('view', $archetype);
+        }
 
         if ($options['permissions']) {
             $defaultpermissions = get_default_capabilities($archetype);
@@ -340,7 +358,8 @@ public function force_archetype($archetype, array $options) {
      * @param string $xml
      * @param array $options array with following keys:
      *      'name', 'shortname', 'description', 'permissions', 'archetype',
-     *      'contextlevels', 'allowassign', 'allowoverride', 'allowswitch'
+     *      'contextlevels', 'allowassign', 'allowoverride', 'allowswitch',
+     *      'allowview'
      */
     public function force_preset($xml, array $options) {
         if (!$info = core_role_preset::parse_preset($xml)) {
@@ -377,7 +396,7 @@ public function force_preset($xml, array $options) {
             }
         }
 
-        foreach (array('assign', 'override', 'switch') as $type) {
+        foreach (array('assign', 'override', 'switch', 'view') as $type) {
             if ($options['allow'.$type]) {
                 if (isset($info['allow'.$type])) {
                     $this->{'allow'.$type} = $info['allow'.$type];
@@ -438,6 +457,7 @@ public function save_changes() {
         $this->save_allow('assign');
         $this->save_allow('override');
         $this->save_allow('switch');
+        $this->save_allow('view');
 
         // Permissions.
         parent::save_changes();
@@ -449,7 +469,7 @@ protected function save_allow($type) {
         $current = array_keys($this->get_allow_roles_list($type));
         $wanted = $this->{'allow'.$type};
 
-        $addfunction = 'allow_'.$type;
+        $addfunction = "core_role_set_{$type}_allowed";
         $deltable = 'role_allow_'.$type;
         $field = 'allow'.$type;
 
@@ -523,7 +543,7 @@ protected function get_assignable_levels_control() {
     protected function get_allow_roles_list($type, $roleid = null) {
         global $DB;
 
-        if ($type !== 'assign' and $type !== 'switch' and $type !== 'override') {
+        if ($type !== 'assign' and $type !== 'switch' and $type !== 'override' and $type !== 'view') {
             debugging('Invalid role allowed type specified', DEBUG_DEVELOPER);
             return array();
         }
@@ -547,11 +567,11 @@ protected function get_allow_roles_list($type, $roleid = null) {
     /**
      * Returns an array of roles with the allowed type.
      *
-     * @param string $type Must be one of: assign, switch, or override.
+     * @param string $type Must be one of: assign, switch, override or view.
      * @return array Am array of role names with the allowed type
      */
     protected function get_allow_role_control($type) {
-        if ($type !== 'assign' and $type !== 'switch' and $type !== 'override') {
+        if ($type !== 'assign' and $type !== 'switch' and $type !== 'override' and $type !== 'view') {
             debugging('Invalid role allowed type specified', DEBUG_DEVELOPER);
             return '';
         }
@@ -641,6 +661,7 @@ public function display() {
         $this->print_field('menuallowassign', get_string('allowassign', 'core_role'), $this->get_allow_role_control('assign'));
         $this->print_field('menuallowoverride', get_string('allowoverride', 'core_role'), $this->get_allow_role_control('override'));
         $this->print_field('menuallowswitch', get_string('allowswitch', 'core_role'), $this->get_allow_role_control('switch'));
+        $this->print_field('menuallowview', get_string('allowview', 'core_role'), $this->get_allow_role_control('view'));
         if ($risks = $this->get_role_risks_info()) {
             $this->print_field('', get_string('rolerisks', 'core_role'), $risks);
         }

admin/roles/classes/preset.php

@@ -84,7 +84,7 @@ public static function get_export_xml($roleid) {
             $contextlevels->appendChild($dom->createElement('level', $name));
         }
 
-        foreach (array('assign', 'override', 'switch') as $type) {
+        foreach (array('assign', 'override', 'switch', 'view') as $type) {
             $allows = $dom->createElement('allow'.$type);
             $top->appendChild($allows);
             $records = $DB->get_records('role_allow_'.$type, array('roleid'=>$roleid), "allow$type ASC");
@@ -205,7 +205,7 @@ public static function parse_preset($xml) {
             }
         }
 
-        foreach (array('assign', 'override', 'switch') as $type) {
+        foreach (array('assign', 'override', 'switch', 'view') as $type) {
             $values = self::get_node_children_values($dom, '/role/allow'.$type, 'shortname');
             if (!isset($values)) {
                 $info['allow'.$type] = null;

admin/roles/classes/preset_form.php

@@ -79,6 +79,7 @@ protected function definition() {
             $mform->addElement('advcheckbox', 'allowassign', get_string('allowassign', 'core_role'));
             $mform->addElement('advcheckbox', 'allowoverride', get_string('allowoverride', 'core_role'));
             $mform->addElement('advcheckbox', 'allowswitch', get_string('allowswitch', 'core_role'));
+            $mform->addElement('advcheckbox', 'allowview', get_string('allowview', 'core_role'));
             $mform->addElement('advcheckbox', 'permissions', get_string('permissions', 'core_role'));
         }
 

admin/roles/define.php

@@ -103,7 +103,8 @@
             'contextlevels' => 1,
             'allowassign'   => 1,
             'allowoverride' => 1,
-            'allowswitch'   => 1);
+            'allowswitch'   => 1,
+            'allowview'   => 1);
         if ($showadvanced) {
             $definitiontable = new core_role_define_role_table_advanced($systemcontext, 0);
         } else {
@@ -150,7 +151,8 @@
             'contextlevels' => $data->contextlevels,
             'allowassign'   => $data->allowassign,
             'allowoverride' => $data->allowoverride,
-            'allowswitch'   => $data->allowswitch);
+            'allowswitch'   => $data->allowswitch,
+            'allowview'     => $data->allowview);
         if ($showadvanced) {
             $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid);
         } else {

admin/roles/managetabs.php

@@ -29,6 +29,7 @@
 $toprow[] = new tabobject('assign', new moodle_url('/admin/roles/allow.php', array('mode'=>'assign')), get_string('allowassign', 'core_role'));
 $toprow[] = new tabobject('override', new moodle_url('/admin/roles/allow.php', array('mode'=>'override')), get_string('allowoverride', 'core_role'));
 $toprow[] = new tabobject('switch', new moodle_url('/admin/roles/allow.php', array('mode'=>'switch')), get_string('allowswitch', 'core_role'));
+$toprow[] = new tabobject('view', new moodle_url('/admin/roles/allow.php', ['mode' => 'view']), get_string('allowview', 'core_role'));
 
 echo $OUTPUT->tabtree($toprow, $currenttab);
 

admin/roles/role_schema.xml

@@ -11,6 +11,7 @@
                 <xs:element ref="allowassign" minOccurs="0"/>
                 <xs:element ref="allowoverride" minOccurs="0"/>
                 <xs:element ref="allowswitch" minOccurs="0"/>
+                <xs:element ref="allowview" minOccurs="0"/>
                 <xs:element ref="permissions" minOccurs="0"/>
             </xs:sequence>
         </xs:complexType>
@@ -45,6 +46,13 @@
             </xs:sequence>
         </xs:complexType>
     </xs:element>
+    <xs:element name="allowview">
+        <xs:complexType>
+            <xs:sequence>
+                <xs:element maxOccurs="unbounded" minOccurs="0" ref="shortname"/>
+            </xs:sequence>
+        </xs:complexType>
+    </xs:element>
     <xs:element name="permissions">
         <xs:complexType>
             <xs:sequence>

admin/roles/tests/preset_test.php

@@ -44,7 +44,7 @@ public function test_xml() {
             $contextlevels = get_role_contextlevels($role->id);
             $this->assertEquals(array_values($contextlevels), array_values($info['contextlevels']));
 
-            foreach (array('assign', 'override', 'switch') as $type) {
+            foreach (array('assign', 'override', 'switch', 'view') as $type) {
                 $records = $DB->get_records('role_allow_'.$type, array('roleid'=>$role->id), "allow$type ASC");
                 $allows = array();
                 foreach ($records as $record) {

backup/moodle2/tests/moodle2_test.php

@@ -596,7 +596,7 @@ protected function prepare_for_enrolments_test($target, $additionalcaps = []) {
             assign_capability($cap, CAP_ALLOW, $roleidcat, $categorycontext);
         }
 
-        allow_assign($roleidcat, $studentrole->id);
+        core_role_set_assign_allowed($roleidcat, $studentrole->id);
         role_assign($roleidcat, $user->id, $categorycontext);
         accesslib_clear_all_caches_for_unit_testing();
 

badges/criteria/award_criteria_manual.php

@@ -65,6 +65,7 @@ public function get_options(&$mform) {
         $none = true;
 
         $roles = get_roles_with_capability('moodle/badges:awardbadge', CAP_ALLOW, $PAGE->context);
+        $visibleroles = get_viewable_roles($PAGE->context);
         $roleids = array_map(function($o) {
             return $o->id;
         }, $roles);
@@ -89,6 +90,9 @@ public function get_options(&$mform) {
             $mform->addElement('header', 'first_header', $this->get_title());
             $mform->addHelpButton('first_header', 'criteria_' . $this->criteriatype, 'badges');
             foreach ($roleids as $rid) {
+                if (!key_exists($rid, $visibleroles)) {
+                    continue;
+                }
                 $checked = false;
                 if (in_array($rid, $existing)) {
                     $checked = true;