Search moodle.org's
Developer Documentation

  • Bug fixes for general core bugs in 3.11.x will end 9 May 2022 (12 months).
  • Bug fixes for security issues in 3.11.x will end 14 November 2022 (18 months).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
  • Differences Between: [Versions 35 and 311] [Versions 36 and 311] [Versions 37 and 311]

       1  <?php
       2  // This file is part of Moodle - http://moodle.org/
       3  //
       4  // Moodle is free software: you can redistribute it and/or modify
       5  // it under the terms of the GNU General Public License as published by
       6  // the Free Software Foundation, either version 3 of the License, or
       7  // (at your option) any later version.
       8  //
       9  // Moodle is distributed in the hope that it will be useful,
      10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
      11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      12  // GNU General Public License for more details.
      13  //
      14  // You should have received a copy of the GNU General Public License
      15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
      16  
      17  /**
      18   * Lets you override role definitions in contexts.
      19   *
      20   * @package    core_role
      21   * @copyright  1999 onwards Martin Dougiamas (http://dougiamas.com)
      22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
      23   */
      24  
      25  require('../../config.php');
      26  
      27  $contextid = required_param('contextid', PARAM_INT);
      28  $roleid    = required_param('roleid', PARAM_INT);
      29  
      30  list($context, $course, $cm) = get_context_info_array($contextid);
      31  
      32  $url = new moodle_url('/admin/roles/override.php', array('contextid' => $contextid, 'roleid' => $roleid));
      33  
      34  if ($course) {
      35      $isfrontpage = ($course->id == SITEID);
      36  } else {
      37      $isfrontpage = false;
      38      if ($context->contextlevel == CONTEXT_USER) {
      39          $course = $DB->get_record('course', array('id'=>optional_param('courseid', SITEID, PARAM_INT)), '*', MUST_EXIST);
      40          $user = $DB->get_record('user', array('id'=>$context->instanceid), '*', MUST_EXIST);
      41          $url->param('courseid', $course->id);
      42          $url->param('userid', $user->id);
      43      } else {
      44          $course = $SITE;
      45      }
      46  }
      47  
      48  // Security first.
      49  require_login($course, false, $cm);
      50  $safeoverridesonly = false;
      51  if (!has_capability('moodle/role:override', $context)) {
      52      require_capability('moodle/role:safeoverride', $context);
      53      $safeoverridesonly = true;
      54  }
      55  $PAGE->set_url($url);
      56  $PAGE->set_pagelayout('admin');
      57  
      58  if ($context->contextlevel == CONTEXT_USER and $USER->id != $context->instanceid) {
      59      $PAGE->navigation->extend_for_user($user);
      60      $PAGE->set_context(context_course::instance($course->id));
      61      navigation_node::override_active_url(new moodle_url('/admin/roles/permissions.php',
      62          array('contextid'=>$context->id, 'userid'=>$context->instanceid, 'courseid'=>$course->id)));
      63  
      64  } else {
      65      $PAGE->set_context($context);
      66      navigation_node::override_active_url(new moodle_url('/admin/roles/permissions.php', array('contextid'=>$context->id)));
      67  }
      68  
      69  $courseid = $course->id;
      70  
      71  $returnurl = new moodle_url('/admin/roles/permissions.php', array('contextid' => $context->id));
      72  
      73  // Handle the cancel button.
      74  if (optional_param('cancel', false, PARAM_BOOL)) {
      75      redirect($returnurl);
      76  }
      77  
      78  $role = $DB->get_record('role', array('id'=>$roleid), '*', MUST_EXIST);
      79  
      80  // These are needed early.
      81  $assignableroles  = get_assignable_roles($context, ROLENAME_BOTH);
      82  list($overridableroles, $overridecounts, $nameswithcounts) = get_overridable_roles($context, ROLENAME_BOTH, true);
      83  
      84  // Work out an appropriate page title.
      85  $contextname = $context->get_context_name();
      86  $straction = get_string('overrideroles', 'core_role'); // Used by tabs.php.
      87  $a = (object)array('context' => $contextname, 'role' => $overridableroles[$roleid]);
      88  $title = get_string('overridepermissionsforrole', 'core_role', $a);
      89  
      90  $currenttab = 'permissions';
      91  
      92  $PAGE->set_title($title);
      93  $PAGE->navbar->add($straction);
      94  switch ($context->contextlevel) {
      95      case CONTEXT_SYSTEM:
      96          print_error('cannotoverridebaserole', 'error');
      97          break;
      98      case CONTEXT_USER:
      99          $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $context));
     100          $PAGE->set_heading($fullname);
     101          $showroles = 1;
     102          break;
     103      case CONTEXT_COURSECAT:
     104          $PAGE->set_heading($SITE->fullname);
     105          break;
     106      case CONTEXT_COURSE:
     107          if ($isfrontpage) {
     108              $PAGE->set_heading(get_string('frontpage', 'admin'));
     109          } else {
     110              $PAGE->set_heading($course->fullname);
     111          }
     112          break;
     113      case CONTEXT_MODULE:
     114          $PAGE->set_heading($context->get_context_name(false));
     115          $PAGE->set_cacheable(false);
     116          break;
     117      case CONTEXT_BLOCK:
     118          $PAGE->set_heading($PAGE->course->fullname);
     119          break;
     120  }
     121  
     122  // Make sure this user can override that role.
     123  if (empty($overridableroles[$roleid])) {
     124      $a = new stdClass;
     125      $a->roleid = $roleid;
     126      $a->context = $contextname;
     127      print_error('cannotoverriderolehere', '', $context->get_url(), $a);
     128  }
     129  
     130  // If we are actually overriding a role, create the table object, and save changes if appropriate.
     131  $overridestable = new core_role_override_permissions_table_advanced($context, $roleid, $safeoverridesonly);
     132  $overridestable->read_submitted_permissions();
     133  
     134  if (optional_param('savechanges', false, PARAM_BOOL) && confirm_sesskey()) {
     135      $overridestable->save_changes();
     136      $rolename = $overridableroles[$roleid];
     137  
     138      redirect($returnurl);
     139  }
     140  
     141  // Finally start page output.
     142  echo $OUTPUT->header();
     143  echo $OUTPUT->heading_with_help($title, 'overridepermissions', 'core_role');
     144  
     145  // Show UI for overriding roles.
     146  if (!empty($capabilities)) {
     147      echo $OUTPUT->box(get_string('nocapabilitiesincontext', 'core_role'), 'generalbox boxaligncenter');
     148  
     149  } else {
     150      // Print the capabilities overrideable in this context.
     151      echo $OUTPUT->box_start('generalbox capbox');
     152      echo html_writer::start_tag('form', array('id'=>'overrideform', 'action'=>$PAGE->url->out(), 'method'=>'post'));
     153      echo html_writer::start_tag('div');
     154      echo html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'sesskey', 'value'=>sesskey()));
     155      echo html_writer::empty_tag('input', array('type'=>'hidden', 'name'=>'roleid', 'value'=>$roleid));
     156      echo html_writer::tag('p', get_string('highlightedcellsshowinherit', 'core_role'), array('class'=>'overridenotice'));
     157  
     158      $overridestable->display();
     159      if ($overridestable->has_locked_capabilities()) {
     160          echo '<p class="overridenotice">' . get_string('safeoverridenotice', 'core_role') . "</p>\n";
     161      }
     162  
     163      echo html_writer::start_tag('div', array('class'=>'submit_buttons'));
     164      $attrs = array('type'=>'submit', 'name'=>'savechanges', 'value'=>get_string('savechanges'), 'class'=>'btn btn-primary');
     165      echo html_writer::empty_tag('input', $attrs);
     166      $attrs = array('type'=>'submit', 'name'=>'cancel', 'value'=>get_string('cancel'), 'class' => 'btn btn-secondary');
     167      echo html_writer::empty_tag('input', $attrs);
     168      echo html_writer::end_tag('div');
     169      echo html_writer::end_tag('div');
     170      echo html_writer::end_tag('form');
     171      echo $OUTPUT->box_end();
     172  }
     173  
     174  // Print a form to swap roles, and a link back to the all roles list.
     175  echo html_writer::start_tag('div', array('class'=>'backlink'));
     176  $select = new single_select($PAGE->url, 'roleid', $nameswithcounts, $roleid, null);
     177  $select->label = get_string('overrideanotherrole', 'core_role');
     178  echo $OUTPUT->render($select);
     179  echo html_writer::tag('p', html_writer::tag('a', get_string('backtoallroles', 'core_role'), array('href'=>$returnurl)));
     180  echo html_writer::end_tag('div');
     181  
     182  echo $OUTPUT->footer();