Skip to content

Commit

Permalink
MDL-67837 backup: Verify caps before unenrolling users on course restore
Browse files Browse the repository at this point in the history
  • Loading branch information
Mihail Geshoski authored and Jenkins committed Nov 3, 2020
1 parent 8599402 commit c8ac07f
Show file tree
Hide file tree
Showing 4 changed files with 37 additions and 7 deletions.
1 change: 1 addition & 0 deletions backup/controller/restore_controller.class.php
Original file line number Diff line number Diff line change
Expand Up @@ -369,6 +369,7 @@ public function execute_plan() {
$options = array();
$options['keep_roles_and_enrolments'] = $this->get_setting_value('keep_roles_and_enrolments');
$options['keep_groups_and_groupings'] = $this->get_setting_value('keep_groups_and_groupings');
$options['userid'] = $this->userid;
restore_dbops::delete_course_content($this->get_courseid(), $options);
}
// If this is not a course restore or single activity restore (e.g. duplicate), inform the plan we are not
Expand Down
17 changes: 14 additions & 3 deletions backup/moodle2/restore_stepslib.php
Original file line number Diff line number Diff line change
Expand Up @@ -2163,11 +2163,22 @@ public function define_execution() {
}

$course = $DB->get_record('course', array('id'=>$this->get_courseid()), '*', MUST_EXIST);
// Return any existing course enrolment instances.
$enrolinstances = enrol_get_instances($course->id, false);

if ($enrolinstances) {
// Something already added instances.
// Get the existing enrolment methods in the course.
$enrolmethods = array_map(function($enrolinstance) {
return $enrolinstance->enrol;
}, $enrolinstances);

if ($DB->record_exists('enrol', array('courseid'=>$this->get_courseid(), 'enrol'=>'manual'))) {
// Something already added instances, do not add default instances.
$plugins = enrol_get_plugins(true);
foreach ($plugins as $plugin) {
foreach ($plugins as $pluginname => $plugin) {
// Make sure all default enrolment methods exist in the course.
if (!in_array($pluginname, $enrolmethods)) {
$plugin->course_updated(true, $course, null);
}
$plugin->restore_sync_course($course);
}

Expand Down
19 changes: 17 additions & 2 deletions lib/enrollib.php
Original file line number Diff line number Diff line change
Expand Up @@ -1089,20 +1089,35 @@ function enrol_user_delete($user) {

/**
* Called when course is about to be deleted.
* If a user id is passed, only enrolments that the user has permission to un-enrol will be removed,
* otherwise all enrolments in the course will be removed.
*
* @param stdClass $course
* @param int|null $userid
* @return void
*/
function enrol_course_delete($course) {
function enrol_course_delete($course, $userid = null) {
global $DB;

$context = context_course::instance($course->id);
$instances = enrol_get_instances($course->id, false);
$plugins = enrol_get_plugins(true);

if ($userid) {
// If the user id is present, include only course enrolment instances which allow manual unenrolment and
// the given user have a capability to perform unenrolment.
$instances = array_filter($instances, function($instance) use ($userid, $plugins, $context) {
$unenrolcap = "enrol/{$instance->enrol}:unenrol";
return $plugins[$instance->enrol]->allow_unenrol($instance) &&
has_capability($unenrolcap, $context, $userid);
});
}

foreach ($instances as $instance) {
if (isset($plugins[$instance->enrol])) {
$plugins[$instance->enrol]->delete_instance($instance);
}
// low level delete in case plugin did not do it
$DB->delete_records('user_enrolments', array('enrolid'=>$instance->id));
$DB->delete_records('role_assignments', array('itemid'=>$instance->id, 'component'=>'enrol_'.$instance->enrol));
$DB->delete_records('user_enrolments', array('enrolid'=>$instance->id));
$DB->delete_records('enrol', array('id'=>$instance->id));
Expand Down
7 changes: 5 additions & 2 deletions lib/moodlelib.php
Original file line number Diff line number Diff line change
Expand Up @@ -5371,11 +5371,14 @@ function remove_course_contents($courseid, $showfeedback = true, array $options
}
unset($childcontexts);

// Remove all roles and enrolments by default.
// Remove roles and enrolments by default.
if (empty($options['keep_roles_and_enrolments'])) {
// This hack is used in restore when deleting contents of existing course.
// During restore, we should remove only enrolment related data that the user performing the restore has a
// permission to remove.
$userid = $options['userid'] ?? null;
enrol_course_delete($course, $userid);
role_unassign_all(array('contextid' => $coursecontext->id, 'component' => ''), true);
enrol_course_delete($course);
if ($showfeedback) {
echo $OUTPUT->notification($strdeleted.get_string('type_enrol_plural', 'plugin'), 'notifysuccess');
}
Expand Down

0 comments on commit c8ac07f

Please sign in to comment.