forked from moodle/moodle
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathusersroles.php
216 lines (186 loc) · 8.21 KB
/
usersroles.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* User roles report list all the users who have been assigned a particular
* role in all contexts.
*
* @package core
* @subpackage role
* @copyright © 2007 The Open University and others
* @author [email protected] and others
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require_once(dirname(__FILE__) . '/../../config.php');
// Get params.
$userid = required_param('userid', PARAM_INT);
$courseid = required_param('courseid', PARAM_INT);
// Validate them and get the corresponding objects.
$user = $DB->get_record('user', array('id' => $userid), '*', MUST_EXIST);
$course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST);
$usercontext = context_user::instance($user->id);
$coursecontext = context_course::instance($course->id);
$systemcontext = context_system::instance();
$baseurl = new moodle_url('/admin/roles/usersroles.php', array('userid'=>$userid, 'courseid'=>$courseid));
$PAGE->set_url($baseurl);
$PAGE->set_context($coursecontext);
$PAGE->set_pagelayout('admin');
/// Check login and permissions.
require_login($course);
$canview = has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride',
'moodle/role:override', 'moodle/role:manage'), $usercontext);
if (!$canview) {
print_error('nopermissions', 'error', '', get_string('checkpermissions', 'role'));
}
if ($userid != $USER->id) {
// If its not the current user we need to extend the navigation for that user to ensure
// their navigation is loaded and this page found upon it.
$PAGE->navigation->extend_for_user($user);
}
if ($course->id != $SITE->id || $userid != $USER->id) {
// If we're within a course OR if we're viewing another user then we need to include the
// settings base on the navigation to ensure that the navbar will contain the users name.
$PAGE->navbar->includesettingsbase = true;
}
/// Now get the role assignments for this user.
$sql = "SELECT
ra.id, ra.userid, ra.contextid, ra.roleid, ra.component, ra.itemid,
c.path
FROM
{role_assignments} ra
JOIN {context} c ON ra.contextid = c.id
JOIN {role} r ON ra.roleid = r.id
WHERE
ra.userid = ?
"./*AND ra.active = 1*/"
ORDER BY
contextlevel DESC, contextid ASC, r.sortorder ASC";
$roleassignments = $DB->get_records_sql($sql, array($user->id));
$allroles = role_fix_names(get_all_roles());
/// In order to display a nice tree of contexts, we need to get all the
/// ancestors of all the contexts in the query we just did.
$requiredcontexts = array();
foreach ($roleassignments as $ra) {
$requiredcontexts = array_merge($requiredcontexts, explode('/', trim($ra->path, '/')));
}
$requiredcontexts = array_unique($requiredcontexts);
/// Now load those contexts.
if ($requiredcontexts) {
list($sqlcontexttest, $contextparams) = $DB->get_in_or_equal($requiredcontexts);
$contexts = get_sorted_contexts('ctx.id ' . $sqlcontexttest, $contextparams);
} else {
$contexts = array();
}
/// Prepare some empty arrays to hold the data we are about to compute.
foreach ($contexts as $conid => $con) {
$contexts[$conid]->children = array();
$contexts[$conid]->roleassignments = array();
}
/// Put the contexts into a tree structure.
foreach ($contexts as $conid => $con) {
$context = context::instance_by_id($conid);
$parentcontextid = get_parent_contextid($context);
if ($parentcontextid) {
$contexts[$parentcontextid]->children[] = $conid;
}
}
/// Put the role capabilities into the context tree.
foreach ($roleassignments as $ra) {
$contexts[$ra->contextid]->roleassignments[$ra->roleid] = $ra;
}
$assignableroles = get_assignable_roles($usercontext, ROLENAME_BOTH);
$overridableroles = get_overridable_roles($usercontext, ROLENAME_BOTH);
/// Print the header
$fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext));
$straction = get_string('thisusersroles', 'role');
$title = get_string('xroleassignments', 'role', $fullname);
/// Course header
$PAGE->set_title($title);
if ($courseid != SITEID) {
$PAGE->set_heading($fullname);
} else {
$PAGE->set_heading($course->fullname);
}
echo $OUTPUT->header();
echo $OUTPUT->heading($title, 3);
echo $OUTPUT->box_start('generalbox boxaligncenter boxwidthnormal');
// Display them.
if (!$roleassignments) {
echo '<p>', get_string('noroleassignments', 'role'), '</p>';
} else {
print_report_tree($systemcontext->id, $contexts, $systemcontext, $fullname, $allroles);
}
/// End of page.
echo $OUTPUT->box_end();
echo $OUTPUT->footer();
function print_report_tree($contextid, $contexts, $systemcontext, $fullname, $allroles) {
global $CFG, $OUTPUT;
// Only compute lang strings, etc once.
static $stredit = null, $strcheckpermissions, $globalroleassigner, $assignurl, $checkurl;
if (is_null($stredit)) {
$stredit = get_string('edit');
$strcheckpermissions = get_string('checkpermissions', 'role');
$globalroleassigner = has_capability('moodle/role:assign', $systemcontext);
$assignurl = $CFG->wwwroot . '/' . $CFG->admin . '/roles/assign.php';
$checkurl = $CFG->wwwroot . '/' . $CFG->admin . '/roles/check.php';
}
// Pull the current context into an array for convinience.
$context = context::instance_by_id($contextid);
// Print the context name.
echo $OUTPUT->heading(html_writer::link($context->get_url(), $context->get_context_name()),
4, 'contextname');
// If there are any role assignments here, print them.
foreach ($contexts[$contextid]->roleassignments as $ra) {
$role = $allroles[$ra->roleid];
$value = $ra->contextid . ',' . $ra->roleid;
$inputid = 'unassign' . $value;
echo '<p>';
echo $role->localname;
if (has_capability('moodle/role:assign', $context)) {
$raurl = $assignurl . '?contextid=' . $ra->contextid . '&roleid=' .
$ra->roleid . '&removeselect[]=' . $ra->userid;
$churl = $checkurl . '?contextid=' . $ra->contextid . '&reportuser=' . $ra->userid;
if ($context->contextlevel == CONTEXT_USER) {
$raurl .= '&userid=' . $context->instanceid;
$churl .= '&userid=' . $context->instanceid;
}
$a = new stdClass;
$a->fullname = $fullname;
$a->contextlevel = $context->get_level_name();
if ($context->contextlevel == CONTEXT_SYSTEM) {
$strgoto = get_string('gotoassignsystemroles', 'role');
$strcheck = get_string('checksystempermissionsfor', 'role', $a);
} else {
$strgoto = get_string('gotoassignroles', 'role', $a);
$strcheck = get_string('checkuserspermissionshere', 'role', $a);
}
echo ' <a title="' . $strgoto . '" href="' . $raurl . '"><img class="iconsmall" src="' .
$OUTPUT->pix_url('t/edit') . '" alt="' . $stredit . '" /></a> ';
echo ' <a title="' . $strcheck . '" href="' . $churl . '"><img class="iconsmall" src="' .
$OUTPUT->pix_url('t/preview') . '" alt="' . $strcheckpermissions . '" /></a> ';
echo "</p>\n";
}
}
// If there are any child contexts, print them recursively.
if (!empty($contexts[$contextid]->children)) {
echo '<ul>';
foreach ($contexts[$contextid]->children as $childcontextid) {
echo '<li>';
print_report_tree($childcontextid, $contexts, $systemcontext, $fullname, $allroles);
echo '</li>';
}
echo '</ul>';
}
}