Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
- Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
- PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
/lib/tests/ -> accesslib_test.php (source)
Differences Between: [Versions 310 and 311] [Versions 311 and 400] [Versions 311 and 401] [Versions 311 and 402] [Versions 311 and 403] [Versions 39 and 311]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Full functional accesslib test. 19 * 20 * @package core 21 * @category phpunit 22 * @copyright 2011 Petr Skoda {@link http://skodak.org} 23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 24 */ 25 26 defined('MOODLE_INTERNAL') || die(); 27 28 29 /** 30 * Functional test for accesslib.php 31 * 32 * Note: execution may take many minutes especially on slower servers. 33 */ 34 class core_accesslib_testcase extends advanced_testcase { 35 /** 36 * Verify comparison of context instances in phpunit asserts. 37 */ 38 public function test_context_comparisons() { 39 $frontpagecontext1 = context_course::instance(SITEID); 40 context_helper::reset_caches(); 41 $frontpagecontext2 = context_course::instance(SITEID); 42 $this->assertEquals($frontpagecontext1, $frontpagecontext2); 43 44 $user1 = context_user::instance(1); 45 $user2 = context_user::instance(2); 46 $this->assertNotEquals($user1, $user2); 47 } 48 49 /** 50 * Test resetting works. 51 */ 52 public function test_accesslib_clear_all_caches() { 53 global $ACCESSLIB_PRIVATE; 54 55 $this->resetAfterTest(); 56 57 $this->setAdminUser(); 58 load_all_capabilities(); 59 60 $this->assertNotEmpty($ACCESSLIB_PRIVATE->accessdatabyuser); 61 accesslib_clear_all_caches_for_unit_testing(); 62 $this->assertEmpty($ACCESSLIB_PRIVATE->dirtycontexts); 63 $this->assertEmpty($ACCESSLIB_PRIVATE->accessdatabyuser); 64 } 65 66 /** 67 * Check modifying capability record is not exposed to other code. 68 */ 69 public function test_capabilities_mutation() { 70 $oldcap = get_capability_info('moodle/site:config'); 71 $cap = get_capability_info('moodle/site:config'); 72 unset($cap->name); 73 $newcap = get_capability_info('moodle/site:config'); 74 75 $this->assertFalse(isset($cap->name)); 76 $this->assertTrue(isset($newcap->name)); 77 $this->assertTrue(isset($oldcap->name)); 78 } 79 80 /** 81 * Test getting of role access 82 */ 83 public function test_get_role_access() { 84 global $DB; 85 86 $roles = $DB->get_records('role'); 87 foreach ($roles as $role) { 88 $access = get_role_access($role->id); 89 90 $this->assertTrue(is_array($access)); 91 $this->assertTrue(is_array($access['ra'])); 92 $this->assertFalse(isset($access['rdef'])); 93 $this->assertFalse(isset($access['rdef_count'])); 94 $this->assertFalse(isset($access['loaded'])); 95 $this->assertTrue(isset($access['time'])); 96 $this->assertTrue(is_array($access['rsw'])); 97 } 98 99 // Note: the data is validated in the functional permission evaluation test at the end of this testcase. 100 } 101 102 /** 103 * Test getting of guest role. 104 */ 105 public function test_get_guest_role() { 106 global $CFG; 107 108 $guest = get_guest_role(); 109 $this->assertEquals('guest', $guest->archetype); 110 $this->assertEquals('guest', $guest->shortname); 111 112 $this->assertEquals($CFG->guestroleid, $guest->id); 113 } 114 115 /** 116 * Test if user is admin. 117 */ 118 public function test_is_siteadmin() { 119 global $DB, $CFG; 120 121 $this->resetAfterTest(); 122 123 $users = $DB->get_records('user'); 124 125 foreach ($users as $user) { 126 $this->setUser(0); 127 if ($user->username === 'admin') { 128 $this->assertTrue(is_siteadmin($user)); 129 $this->assertTrue(is_siteadmin($user->id)); 130 $this->setUser($user); 131 $this->assertTrue(is_siteadmin()); 132 $this->assertTrue(is_siteadmin(null)); 133 } else { 134 $this->assertFalse(is_siteadmin($user)); 135 $this->assertFalse(is_siteadmin($user->id)); 136 $this->setUser($user); 137 $this->assertFalse(is_siteadmin()); 138 $this->assertFalse(is_siteadmin(null)); 139 } 140 } 141 142 // Change the site admin list and check that it still works with 143 // multiple admins. We do this with userids only (not real user 144 // accounts) because it makes the test simpler. 145 $before = $CFG->siteadmins; 146 set_config('siteadmins', '666,667,668'); 147 $this->assertTrue(is_siteadmin(666)); 148 $this->assertTrue(is_siteadmin(667)); 149 $this->assertTrue(is_siteadmin(668)); 150 $this->assertFalse(is_siteadmin(669)); 151 set_config('siteadmins', '13'); 152 $this->assertTrue(is_siteadmin(13)); 153 $this->assertFalse(is_siteadmin(666)); 154 set_config('siteadmins', $before); 155 } 156 157 /** 158 * Test if user is enrolled in a course 159 */ 160 public function test_is_enrolled() { 161 global $DB; 162 163 $this->resetAfterTest(); 164 165 // Generate data. 166 $user = $this->getDataGenerator()->create_user(); 167 $course = $this->getDataGenerator()->create_course(); 168 $coursecontext = context_course::instance($course->id); 169 $role = $DB->get_record('role', array('shortname'=>'student')); 170 171 // There should be a manual enrolment as part of the default install. 172 $plugin = enrol_get_plugin('manual'); 173 $instance = $DB->get_record('enrol', array( 174 'courseid' => $course->id, 175 'enrol' => 'manual', 176 )); 177 $this->assertNotSame(false, $instance); 178 179 // Enrol the user in the course. 180 $plugin->enrol_user($instance, $user->id, $role->id); 181 182 // We'll test with the mod/assign:submit capability. 183 $capability= 'mod/assign:submit'; 184 $this->assertTrue($DB->record_exists('capabilities', array('name' => $capability))); 185 186 // Switch to our user. 187 $this->setUser($user); 188 189 // Ensure that the user has the capability first. 190 $this->assertTrue(has_capability($capability, $coursecontext, $user->id)); 191 192 // We first test whether the user is enrolled on the course as this 193 // seeds the cache, then we test for the capability. 194 $this->assertTrue(is_enrolled($coursecontext, $user, '', true)); 195 $this->assertTrue(is_enrolled($coursecontext, $user, $capability)); 196 197 // Prevent the capability for this user role. 198 assign_capability($capability, CAP_PROHIBIT, $role->id, $coursecontext); 199 $this->assertFalse(has_capability($capability, $coursecontext, $user->id)); 200 201 // Again, we seed the cache first by checking initial enrolment, 202 // and then we test the actual capability. 203 $this->assertTrue(is_enrolled($coursecontext, $user, '', true)); 204 $this->assertFalse(is_enrolled($coursecontext, $user, $capability)); 205 } 206 207 /** 208 * Test logged in test. 209 */ 210 public function test_isloggedin() { 211 global $USER; 212 213 $this->resetAfterTest(); 214 215 $USER->id = 0; 216 $this->assertFalse(isloggedin()); 217 $USER->id = 1; 218 $this->assertTrue(isloggedin()); 219 } 220 221 /** 222 * Test guest user test. 223 */ 224 public function test_isguestuser() { 225 global $DB; 226 227 $this->resetAfterTest(); 228 229 $guest = $DB->get_record('user', array('username'=>'guest')); 230 $this->setUser(0); 231 $this->assertFalse(isguestuser()); 232 $this->setAdminUser(); 233 $this->assertFalse(isguestuser()); 234 $this->assertTrue(isguestuser($guest)); 235 $this->assertTrue(isguestuser($guest->id)); 236 $this->setUser($guest); 237 $this->assertTrue(isguestuser()); 238 239 $users = $DB->get_records('user'); 240 foreach ($users as $user) { 241 if ($user->username === 'guest') { 242 continue; 243 } 244 $this->assertFalse(isguestuser($user)); 245 } 246 } 247 248 /** 249 * Test capability riskiness. 250 */ 251 public function test_is_safe_capability() { 252 global $DB; 253 // Note: there is not much to test, just make sure no notices are throw for the most dangerous cap. 254 $capability = $DB->get_record('capabilities', array('name'=>'moodle/site:config'), '*', MUST_EXIST); 255 $this->assertFalse(is_safe_capability($capability)); 256 } 257 258 /** 259 * Test context fetching. 260 */ 261 public function test_get_context_info_array() { 262 $this->resetAfterTest(); 263 264 $syscontext = context_system::instance(); 265 $user = $this->getDataGenerator()->create_user(); 266 $usercontext = context_user::instance($user->id); 267 $course = $this->getDataGenerator()->create_course(); 268 $catcontext = context_coursecat::instance($course->category); 269 $coursecontext = context_course::instance($course->id); 270 $page = $this->getDataGenerator()->create_module('page', array('course'=>$course->id)); 271 $modcontext = context_module::instance($page->cmid); 272 $cm = get_coursemodule_from_instance('page', $page->id); 273 $block1 = $this->getDataGenerator()->create_block('online_users', array('parentcontextid'=>$coursecontext->id)); 274 $block1context = context_block::instance($block1->id); 275 $block2 = $this->getDataGenerator()->create_block('online_users', array('parentcontextid'=>$modcontext->id)); 276 $block2context = context_block::instance($block2->id); 277 278 $result = get_context_info_array($syscontext->id); 279 $this->assertCount(3, $result); 280 $this->assertEquals($syscontext, $result[0]); 281 $this->assertNull($result[1]); 282 $this->assertNull($result[2]); 283 284 $result = get_context_info_array($usercontext->id); 285 $this->assertCount(3, $result); 286 $this->assertEquals($usercontext, $result[0]); 287 $this->assertNull($result[1]); 288 $this->assertNull($result[2]); 289 290 $result = get_context_info_array($catcontext->id); 291 $this->assertCount(3, $result); 292 $this->assertEquals($catcontext, $result[0]); 293 $this->assertNull($result[1]); 294 $this->assertNull($result[2]); 295 296 $result = get_context_info_array($coursecontext->id); 297 $this->assertCount(3, $result); 298 $this->assertEquals($coursecontext, $result[0]); 299 $this->assertEquals($course->id, $result[1]->id); 300 $this->assertSame($course->shortname, $result[1]->shortname); 301 $this->assertNull($result[2]); 302 303 $result = get_context_info_array($block1context->id); 304 $this->assertCount(3, $result); 305 $this->assertEquals($block1context, $result[0]); 306 $this->assertEquals($course->id, $result[1]->id); 307 $this->assertEquals($course->shortname, $result[1]->shortname); 308 $this->assertNull($result[2]); 309 310 $result = get_context_info_array($modcontext->id); 311 $this->assertCount(3, $result); 312 $this->assertEquals($modcontext, $result[0]); 313 $this->assertEquals($course->id, $result[1]->id); 314 $this->assertSame($course->shortname, $result[1]->shortname); 315 $this->assertEquals($cm->id, $result[2]->id); 316 317 $result = get_context_info_array($block2context->id); 318 $this->assertCount(3, $result); 319 $this->assertEquals($block2context, $result[0]); 320 $this->assertEquals($course->id, $result[1]->id); 321 $this->assertSame($course->shortname, $result[1]->shortname); 322 $this->assertEquals($cm->id, $result[2]->id); 323 } 324 325 /** 326 * Test looking for course contacts. 327 */ 328 public function test_has_coursecontact_role() { 329 global $DB, $CFG; 330 331 $this->resetAfterTest(); 332 333 $users = $DB->get_records('user'); 334 335 // Nobody is expected to have any course level roles. 336 $this->assertNotEmpty($CFG->coursecontact); 337 foreach ($users as $user) { 338 $this->assertFalse(has_coursecontact_role($user->id)); 339 } 340 341 $user = $this->getDataGenerator()->create_user(); 342 $course = $this->getDataGenerator()->create_course(); 343 $contactroles = preg_split('/,/', $CFG->coursecontact); 344 $roleid = reset($contactroles); 345 role_assign($roleid, $user->id, context_course::instance($course->id)); 346 $this->assertTrue(has_coursecontact_role($user->id)); 347 } 348 349 /** 350 * Test creation of roles. 351 */ 352 public function test_create_role() { 353 global $DB; 354 355 $this->resetAfterTest(); 356 357 $id = create_role('New student role', 'student2', 'New student description', 'student'); 358 $role = $DB->get_record('role', array('id'=>$id)); 359 360 $this->assertNotEmpty($role); 361 $this->assertSame('New student role', $role->name); 362 $this->assertSame('student2', $role->shortname); 363 $this->assertSame('New student description', $role->description); 364 $this->assertSame('student', $role->archetype); 365 } 366 367 /** 368 * Test adding of capabilities to roles. 369 */ 370 public function test_assign_capability() { 371 global $DB, $USER; 372 373 $this->resetAfterTest(); 374 375 $user = $this->getDataGenerator()->create_user(); 376 $syscontext = context_system::instance(); 377 $frontcontext = context_course::instance(SITEID); 378 $student = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 379 $this->assertTrue($DB->record_exists('capabilities', array('name'=>'moodle/backup:backupcourse'))); // Any capability assigned to student by default. 380 $this->assertFalse($DB->record_exists('role_capabilities', array('contextid'=>$syscontext->id, 'roleid'=>$student->id, 'capability'=>'moodle/backup:backupcourse'))); 381 $this->assertFalse($DB->record_exists('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$student->id, 'capability'=>'moodle/backup:backupcourse'))); 382 383 $this->setUser($user); 384 $result = assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $frontcontext->id); 385 $this->assertTrue($result); 386 $permission = $DB->get_record('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$student->id, 'capability'=>'moodle/backup:backupcourse')); 387 $this->assertNotEmpty($permission); 388 $this->assertEquals(CAP_ALLOW, $permission->permission); 389 $this->assertEquals($user->id, $permission->modifierid); 390 391 $this->setUser(0); 392 $result = assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $student->id, $frontcontext->id, false); 393 $this->assertTrue($result); 394 $permission = $DB->get_record('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$student->id, 'capability'=>'moodle/backup:backupcourse')); 395 $this->assertNotEmpty($permission); 396 $this->assertEquals(CAP_ALLOW, $permission->permission); 397 $this->assertEquals($user->id, $permission->modifierid); 398 399 $result = assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $student->id, $frontcontext->id, true); 400 $this->assertTrue($result); 401 $permission = $DB->get_record('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$student->id, 'capability'=>'moodle/backup:backupcourse')); 402 $this->assertNotEmpty($permission); 403 $this->assertEquals(CAP_PROHIBIT, $permission->permission); 404 $this->assertEquals(0, $permission->modifierid); 405 406 $result = assign_capability('moodle/backup:backupcourse', CAP_INHERIT, $student->id, $frontcontext->id); 407 $this->assertTrue($result); 408 $permission = $DB->get_record('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$student->id, 'capability'=>'moodle/backup:backupcourse')); 409 $this->assertEmpty($permission); 410 411 // Test event triggered. 412 $sink = $this->redirectEvents(); 413 $capability = 'moodle/backup:backupcourse'; 414 assign_capability($capability, CAP_ALLOW, $student->id, $syscontext); 415 $events = $sink->get_events(); 416 $sink->close(); 417 $this->assertCount(1, $events); 418 $event = $events[0]; 419 $this->assertInstanceOf('\core\event\capability_assigned', $event); 420 $this->assertSame('role_capabilities', $event->objecttable); 421 $this->assertEquals($student->id, $event->objectid); 422 $this->assertEquals($syscontext->id, $event->contextid); 423 $other = ['capability' => $capability, 'oldpermission' => CAP_INHERIT, 'permission' => CAP_ALLOW]; 424 $this->assertEquals($other, $event->other); 425 $description = "The user id '$USER->id' assigned the '$capability' capability for " . 426 "role '$student->id' with 'Allow' permission"; 427 $this->assertEquals($description, $event->get_description()); 428 429 // Test if the event has different description when updating the capability permission. 430 $sink = $this->redirectEvents(); 431 assign_capability($capability, CAP_PROHIBIT, $student->id, $syscontext, true); 432 $events = $sink->get_events(); 433 $sink->close(); 434 $event = $events[0]; 435 $description = "The user id '$USER->id' changed the '$capability' capability permission for " . 436 "role '$student->id' from 'Allow' to 'Prohibit'"; 437 $this->assertEquals($description, $event->get_description()); 438 } 439 440 /** 441 * Test removing of capabilities from roles. 442 */ 443 public function test_unassign_capability() { 444 global $DB, $USER; 445 446 $this->resetAfterTest(); 447 448 $syscontext = context_system::instance(); 449 $frontcontext = context_course::instance(SITEID); 450 $manager = $DB->get_record('role', array('shortname'=>'manager'), '*', MUST_EXIST); 451 $this->assertTrue($DB->record_exists('capabilities', array('name'=>'moodle/backup:backupcourse'))); // Any capability assigned to manager by default. 452 assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $manager->id, $frontcontext->id); 453 454 $this->assertTrue($DB->record_exists('role_capabilities', array('contextid'=>$syscontext->id, 'roleid'=>$manager->id, 'capability'=>'moodle/backup:backupcourse'))); 455 $this->assertTrue($DB->record_exists('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$manager->id, 'capability'=>'moodle/backup:backupcourse'))); 456 457 $result = unassign_capability('moodle/backup:backupcourse', $manager->id, $syscontext->id); 458 $this->assertTrue($result); 459 $this->assertFalse($DB->record_exists('role_capabilities', array('contextid'=>$syscontext->id, 'roleid'=>$manager->id, 'capability'=>'moodle/backup:backupcourse'))); 460 $this->assertTrue($DB->record_exists('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$manager->id, 'capability'=>'moodle/backup:backupcourse'))); 461 unassign_capability('moodle/backup:backupcourse', $manager->id, $frontcontext); 462 $this->assertFalse($DB->record_exists('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$manager->id, 'capability'=>'moodle/backup:backupcourse'))); 463 464 assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $manager->id, $syscontext->id); 465 assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $manager->id, $frontcontext->id); 466 $this->assertTrue($DB->record_exists('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$manager->id, 'capability'=>'moodle/backup:backupcourse'))); 467 468 $result = unassign_capability('moodle/backup:backupcourse', $manager->id); 469 $this->assertTrue($result); 470 $this->assertFalse($DB->record_exists('role_capabilities', array('contextid'=>$syscontext->id, 'roleid'=>$manager->id, 'capability'=>'moodle/backup:backupcourse'))); 471 $this->assertFalse($DB->record_exists('role_capabilities', array('contextid'=>$frontcontext->id, 'roleid'=>$manager->id, 'capability'=>'moodle/backup:backupcourse'))); 472 473 // Test event triggered. 474 $sink = $this->redirectEvents(); 475 $capability = 'moodle/backup:backupcourse'; 476 unassign_capability($capability, CAP_ALLOW, $manager->id); 477 $events = $sink->get_events(); 478 $sink->close(); 479 $this->assertCount(1, $events); 480 $event = $events[0]; 481 $this->assertInstanceOf('\core\event\capability_unassigned', $event); 482 $this->assertSame('role_capabilities', $event->objecttable); 483 $this->assertEquals($manager->id, $event->objectid); 484 $this->assertEquals($syscontext->id, $event->contextid); 485 $this->assertEquals($capability, $event->other['capability']); 486 $description = "The user id id '$USER->id' has unassigned the '$capability' capability for role '$manager->id'"; 487 $this->assertEquals($description, $event->get_description()); 488 } 489 490 /** 491 * Test role assigning. 492 */ 493 public function test_role_assign() { 494 global $DB, $USER; 495 496 $this->resetAfterTest(); 497 498 $user = $this->getDataGenerator()->create_user(); 499 $course = $this->getDataGenerator()->create_course(); 500 $role = $DB->get_record('role', array('shortname'=>'student')); 501 502 $this->setUser(0); 503 $context = context_system::instance(); 504 $this->assertFalse($DB->record_exists('role_assignments', array('userid'=>$user->id, 'roleid'=>$role->id, 'contextid'=>$context->id))); 505 role_assign($role->id, $user->id, $context->id); 506 $ras = $DB->get_record('role_assignments', array('userid'=>$user->id, 'roleid'=>$role->id, 'contextid'=>$context->id)); 507 $this->assertNotEmpty($ras); 508 $this->assertSame('', $ras->component); 509 $this->assertSame('0', $ras->itemid); 510 $this->assertEquals($USER->id, $ras->modifierid); 511 512 $this->setAdminUser(); 513 $context = context_course::instance($course->id); 514 $this->assertFalse($DB->record_exists('role_assignments', array('userid'=>$user->id, 'roleid'=>$role->id, 'contextid'=>$context->id))); 515 role_assign($role->id, $user->id, $context->id, 'enrol_self', 1, 666); 516 $ras = $DB->get_record('role_assignments', array('userid'=>$user->id, 'roleid'=>$role->id, 'contextid'=>$context->id)); 517 $this->assertNotEmpty($ras); 518 $this->assertSame('enrol_self', $ras->component); 519 $this->assertSame('1', $ras->itemid); 520 $this->assertEquals($USER->id, $ras->modifierid); 521 $this->assertEquals(666, $ras->timemodified); 522 523 // Test event triggered. 524 525 $user2 = $this->getDataGenerator()->create_user(); 526 $sink = $this->redirectEvents(); 527 $raid = role_assign($role->id, $user2->id, $context->id); 528 $events = $sink->get_events(); 529 $sink->close(); 530 $this->assertCount(1, $events); 531 $event = $events[0]; 532 $this->assertInstanceOf('\core\event\role_assigned', $event); 533 $this->assertSame('role', $event->target); 534 $this->assertSame('role', $event->objecttable); 535 $this->assertEquals($role->id, $event->objectid); 536 $this->assertEquals($context->id, $event->contextid); 537 $this->assertEquals($user2->id, $event->relateduserid); 538 $this->assertCount(3, $event->other); 539 $this->assertEquals($raid, $event->other['id']); 540 $this->assertSame('', $event->other['component']); 541 $this->assertEquals(0, $event->other['itemid']); 542 $this->assertInstanceOf('moodle_url', $event->get_url()); 543 $this->assertSame('role_assigned', $event::get_legacy_eventname()); 544 $roles = get_all_roles(); 545 $rolenames = role_fix_names($roles, $context, ROLENAME_ORIGINAL, true); 546 $expectedlegacylog = array($course->id, 'role', 'assign', 547 'admin/roles/assign.php?contextid='.$context->id.'&roleid='.$role->id, $rolenames[$role->id], '', $USER->id); 548 $this->assertEventLegacyLogData($expectedlegacylog, $event); 549 } 550 551 /** 552 * Test role unassigning. 553 */ 554 public function test_role_unassign() { 555 global $DB, $USER; 556 557 $this->resetAfterTest(); 558 559 $user = $this->getDataGenerator()->create_user(); 560 $course = $this->getDataGenerator()->create_course(); 561 $role = $DB->get_record('role', array('shortname'=>'student')); 562 563 $context = context_course::instance($course->id); 564 role_assign($role->id, $user->id, $context->id); 565 $this->assertTrue($DB->record_exists('role_assignments', array('userid'=>$user->id, 'roleid'=>$role->id, 'contextid'=>$context->id))); 566 role_unassign($role->id, $user->id, $context->id); 567 $this->assertFalse($DB->record_exists('role_assignments', array('userid'=>$user->id, 'roleid'=>$role->id, 'contextid'=>$context->id))); 568 569 role_assign($role->id, $user->id, $context->id, 'enrol_self', 1); 570 $this->assertTrue($DB->record_exists('role_assignments', array('userid'=>$user->id, 'roleid'=>$role->id, 'contextid'=>$context->id))); 571 role_unassign($role->id, $user->id, $context->id, 'enrol_self', 1); 572 $this->assertFalse($DB->record_exists('role_assignments', array('userid'=>$user->id, 'roleid'=>$role->id, 'contextid'=>$context->id))); 573 574 // Test event triggered. 575 576 role_assign($role->id, $user->id, $context->id); 577 $sink = $this->redirectEvents(); 578 role_unassign($role->id, $user->id, $context->id); 579 $events = $sink->get_events(); 580 $sink->close(); 581 $this->assertCount(1, $events); 582 $event = $events[0]; 583 $this->assertInstanceOf('\core\event\role_unassigned', $event); 584 $this->assertSame('role', $event->target); 585 $this->assertSame('role', $event->objecttable); 586 $this->assertEquals($role->id, $event->objectid); 587 $this->assertEquals($context->id, $event->contextid); 588 $this->assertEquals($user->id, $event->relateduserid); 589 $this->assertCount(3, $event->other); 590 $this->assertSame('', $event->other['component']); 591 $this->assertEquals(0, $event->other['itemid']); 592 $this->assertInstanceOf('moodle_url', $event->get_url()); 593 $roles = get_all_roles(); 594 $rolenames = role_fix_names($roles, $context, ROLENAME_ORIGINAL, true); 595 $expectedlegacylog = array($course->id, 'role', 'unassign', 596 'admin/roles/assign.php?contextid='.$context->id.'&roleid='.$role->id, $rolenames[$role->id], '', $USER->id); 597 $this->assertEventLegacyLogData($expectedlegacylog, $event); 598 } 599 600 /** 601 * Test role unassigning. 602 */ 603 public function test_role_unassign_all() { 604 global $DB; 605 606 $this->resetAfterTest(); 607 608 $user = $this->getDataGenerator()->create_user(); 609 $course = $this->getDataGenerator()->create_course(); 610 $role = $DB->get_record('role', array('shortname'=>'student')); 611 $role2 = $DB->get_record('role', array('shortname'=>'teacher')); 612 $syscontext = context_system::instance(); 613 $coursecontext = context_course::instance($course->id); 614 $page = $this->getDataGenerator()->create_module('page', array('course'=>$course->id)); 615 $modcontext = context_module::instance($page->cmid); 616 617 role_assign($role->id, $user->id, $syscontext->id); 618 role_assign($role->id, $user->id, $coursecontext->id, 'enrol_self', 1); 619 $this->assertEquals(2, $DB->count_records('role_assignments', array('userid'=>$user->id))); 620 role_unassign_all(array('userid'=>$user->id, 'roleid'=>$role->id)); 621 $this->assertEquals(0, $DB->count_records('role_assignments', array('userid'=>$user->id))); 622 623 role_assign($role->id, $user->id, $syscontext->id); 624 role_assign($role->id, $user->id, $coursecontext->id, 'enrol_self', 1); 625 role_assign($role->id, $user->id, $modcontext->id); 626 $this->assertEquals(3, $DB->count_records('role_assignments', array('userid'=>$user->id))); 627 role_unassign_all(array('userid'=>$user->id, 'contextid'=>$coursecontext->id), false); 628 $this->assertEquals(2, $DB->count_records('role_assignments', array('userid'=>$user->id))); 629 role_unassign_all(array('userid'=>$user->id, 'contextid'=>$coursecontext->id), true); 630 $this->assertEquals(1, $DB->count_records('role_assignments', array('userid'=>$user->id))); 631 role_unassign_all(array('userid'=>$user->id)); 632 $this->assertEquals(0, $DB->count_records('role_assignments', array('userid'=>$user->id))); 633 634 role_assign($role->id, $user->id, $syscontext->id); 635 role_assign($role->id, $user->id, $coursecontext->id, 'enrol_self', 1); 636 role_assign($role->id, $user->id, $coursecontext->id); 637 role_assign($role->id, $user->id, $modcontext->id); 638 $this->assertEquals(4, $DB->count_records('role_assignments', array('userid'=>$user->id))); 639 role_unassign_all(array('userid'=>$user->id, 'contextid'=>$coursecontext->id, 'component'=>'enrol_self'), true, true); 640 $this->assertEquals(1, $DB->count_records('role_assignments', array('userid'=>$user->id))); 641 642 // Test events triggered. 643 644 role_assign($role2->id, $user->id, $coursecontext->id); 645 role_assign($role2->id, $user->id, $modcontext->id); 646 $sink = $this->redirectEvents(); 647 role_unassign_all(array('userid'=>$user->id, 'roleid'=>$role2->id)); 648 $events = $sink->get_events(); 649 $sink->close(); 650 $this->assertCount(2, $events); 651 $this->assertInstanceOf('\core\event\role_unassigned', $events[0]); 652 $this->assertInstanceOf('\core\event\role_unassigned', $events[1]); 653 } 654 655 /** 656 * Test role queries. 657 */ 658 public function test_get_roles_with_capability() { 659 global $DB; 660 661 $this->resetAfterTest(); 662 663 $syscontext = context_system::instance(); 664 $frontcontext = context_course::instance(SITEID); 665 $manager = $DB->get_record('role', array('shortname'=>'manager'), '*', MUST_EXIST); 666 $teacher = $DB->get_record('role', array('shortname'=>'teacher'), '*', MUST_EXIST); 667 668 $this->assertTrue($DB->record_exists('capabilities', array('name'=>'moodle/backup:backupcourse'))); // Any capability is ok. 669 $DB->delete_records('role_capabilities', array('capability'=>'moodle/backup:backupcourse')); 670 671 $roles = get_roles_with_capability('moodle/backup:backupcourse'); 672 $this->assertEquals(array(), $roles); 673 674 assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $manager->id, $syscontext->id); 675 assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $manager->id, $frontcontext->id); 676 assign_capability('moodle/backup:backupcourse', CAP_PREVENT, $teacher->id, $frontcontext->id); 677 678 $roles = get_roles_with_capability('moodle/backup:backupcourse'); 679 $this->assertEqualsCanonicalizing(array($teacher->id, $manager->id), array_keys($roles), true); 680 681 $roles = get_roles_with_capability('moodle/backup:backupcourse', CAP_ALLOW); 682 $this->assertEqualsCanonicalizing(array($manager->id), array_keys($roles), true); 683 684 $roles = get_roles_with_capability('moodle/backup:backupcourse', null, $syscontext); 685 $this->assertEqualsCanonicalizing(array($manager->id), array_keys($roles), true); 686 } 687 688 /** 689 * Test deleting of roles. 690 */ 691 public function test_delete_role() { 692 global $DB; 693 694 $this->resetAfterTest(); 695 696 $role = $DB->get_record('role', array('shortname'=>'manager'), '*', MUST_EXIST); 697 $user = $this->getDataGenerator()->create_user(); 698 role_assign($role->id, $user->id, context_system::instance()); 699 $course = $this->getDataGenerator()->create_course(); 700 $rolename = (object)array('roleid'=>$role->id, 'name'=>'Man', 'contextid'=>context_course::instance($course->id)->id); 701 $DB->insert_record('role_names', $rolename); 702 703 $this->assertTrue($DB->record_exists('role_assignments', array('roleid'=>$role->id))); 704 $this->assertTrue($DB->record_exists('role_capabilities', array('roleid'=>$role->id))); 705 $this->assertTrue($DB->record_exists('role_names', array('roleid'=>$role->id))); 706 $this->assertTrue($DB->record_exists('role_context_levels', array('roleid'=>$role->id))); 707 $this->assertTrue($DB->record_exists('role_allow_assign', array('roleid'=>$role->id))); 708 $this->assertTrue($DB->record_exists('role_allow_assign', array('allowassign'=>$role->id))); 709 $this->assertTrue($DB->record_exists('role_allow_override', array('roleid'=>$role->id))); 710 $this->assertTrue($DB->record_exists('role_allow_override', array('allowoverride'=>$role->id))); 711 712 // Delete role and get event. 713 $sink = $this->redirectEvents(); 714 $result = delete_role($role->id); 715 $events = $sink->get_events(); 716 $sink->close(); 717 $event = array_pop($events); 718 719 $this->assertTrue($result); 720 $this->assertFalse($DB->record_exists('role', array('id'=>$role->id))); 721 $this->assertFalse($DB->record_exists('role_assignments', array('roleid'=>$role->id))); 722 $this->assertFalse($DB->record_exists('role_capabilities', array('roleid'=>$role->id))); 723 $this->assertFalse($DB->record_exists('role_names', array('roleid'=>$role->id))); 724 $this->assertFalse($DB->record_exists('role_context_levels', array('roleid'=>$role->id))); 725 $this->assertFalse($DB->record_exists('role_allow_assign', array('roleid'=>$role->id))); 726 $this->assertFalse($DB->record_exists('role_allow_assign', array('allowassign'=>$role->id))); 727 $this->assertFalse($DB->record_exists('role_allow_override', array('roleid'=>$role->id))); 728 $this->assertFalse($DB->record_exists('role_allow_override', array('allowoverride'=>$role->id))); 729 730 // Test triggered event. 731 $this->assertInstanceOf('\core\event\role_deleted', $event); 732 $this->assertSame('role', $event->target); 733 $this->assertSame('role', $event->objecttable); 734 $this->assertSame($role->id, $event->objectid); 735 $this->assertEquals(context_system::instance(), $event->get_context()); 736 $this->assertSame($role->shortname, $event->other['shortname']); 737 $this->assertSame($role->description, $event->other['description']); 738 $this->assertSame($role->archetype, $event->other['archetype']); 739 740 $expectedlegacylog = array(SITEID, 'role', 'delete', 'admin/roles/manage.php?action=delete&roleid='.$role->id, 741 $role->shortname, ''); 742 $this->assertEventLegacyLogData($expectedlegacylog, $event); 743 } 744 745 /** 746 * Test fetching of all roles. 747 */ 748 public function test_get_all_roles() { 749 global $DB; 750 751 $this->resetAfterTest(); 752 753 $allroles = get_all_roles(); 754 $this->assertIsArray($allroles); 755 $initialrolescount = count($allroles); 756 $this->assertTrue($initialrolescount >= 8); // There are 8 roles is standard install. 757 $rolenames = array_column($allroles, 'shortname'); 758 foreach (get_role_archetypes() as $archetype) { 759 $this->assertContains($archetype, $rolenames); 760 } 761 762 $role = reset($allroles); 763 $role = (array)$role; 764 765 $this->assertEqualsCanonicalizing(array('id', 'name', 'shortname', 'description', 'sortorder', 'archetype'), 766 array_keys($role)); 767 768 foreach ($allroles as $roleid => $role) { 769 $this->assertEquals($role->id, $roleid); 770 } 771 772 $teacher = $DB->get_record('role', array('shortname'=>'teacher'), '*', MUST_EXIST); 773 $course = $this->getDataGenerator()->create_course(); 774 $coursecontext = context_course::instance($course->id); 775 $otherid = create_role('Other role', 'other', 'Some other role', ''); 776 $teacherename = (object)array('roleid'=>$teacher->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 777 $DB->insert_record('role_names', $teacherename); 778 $otherrename = (object)array('roleid'=>$otherid, 'name'=>'Ostatní', 'contextid'=>$coursecontext->id); 779 $DB->insert_record('role_names', $otherrename); 780 $renames = $DB->get_records_menu('role_names', array('contextid'=>$coursecontext->id), '', 'roleid, name'); 781 782 $allroles = get_all_roles($coursecontext); 783 $this->assertIsArray($allroles); 784 $this->assertCount($initialrolescount + 1, $allroles); 785 $role = reset($allroles); 786 $role = (array)$role; 787 788 $this->assertEqualsCanonicalizing(array('id', 'name', 'shortname', 'description', 'sortorder', 'archetype', 'coursealias'), array_keys($role)); 789 790 foreach ($allroles as $roleid => $role) { 791 $this->assertEquals($role->id, $roleid); 792 if (isset($renames[$roleid])) { 793 $this->assertSame($renames[$roleid], $role->coursealias); 794 } else { 795 $this->assertNull($role->coursealias); 796 } 797 } 798 } 799 800 /** 801 * Test getting of all archetypes. 802 */ 803 public function test_get_role_archetypes() { 804 $archetypes = get_role_archetypes(); 805 $this->assertCount(8, $archetypes); // There are 8 archetypes in standard install. 806 foreach ($archetypes as $k => $v) { 807 $this->assertSame($k, $v); 808 } 809 } 810 811 /** 812 * Test getting of roles with given archetype. 813 */ 814 public function test_get_archetype_roles() { 815 $this->resetAfterTest(); 816 817 // New install should have at least 1 role for each archetype. 818 $archetypes = get_role_archetypes(); 819 foreach ($archetypes as $archetype) { 820 $roles = get_archetype_roles($archetype); 821 $this->assertGreaterThanOrEqual(1, count($roles)); 822 $role = reset($roles); 823 $this->assertSame($archetype, $role->archetype); 824 } 825 826 create_role('New student role', 'student2', 'New student description', 'student'); 827 $roles = get_archetype_roles('student'); 828 $this->assertGreaterThanOrEqual(2, count($roles)); 829 } 830 831 /** 832 * Test aliased role names. 833 */ 834 public function test_role_get_name() { 835 global $DB; 836 837 $this->resetAfterTest(); 838 839 $allroles = $DB->get_records('role'); 840 $teacher = $DB->get_record('role', array('shortname'=>'teacher'), '*', MUST_EXIST); 841 $course = $this->getDataGenerator()->create_course(); 842 $coursecontext = context_course::instance($course->id); 843 $otherid = create_role('Other role', 'other', 'Some other role', ''); 844 $teacherename = (object)array('roleid'=>$teacher->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 845 $DB->insert_record('role_names', $teacherename); 846 $otherrename = (object)array('roleid'=>$otherid, 'name'=>'Ostatní', 'contextid'=>$coursecontext->id); 847 $DB->insert_record('role_names', $otherrename); 848 $renames = $DB->get_records_menu('role_names', array('contextid'=>$coursecontext->id), '', 'roleid, name'); 849 850 foreach ($allroles as $role) { 851 if (in_array($role->shortname, get_role_archetypes())) { 852 // Standard roles do not have a set name. 853 $this->assertSame('', $role->name); 854 } 855 // Get localised name from lang pack. 856 $name = role_get_name($role, null, ROLENAME_ORIGINAL); 857 $this->assertNotEmpty($name); 858 $this->assertNotEquals($role->shortname, $name); 859 860 if (isset($renames[$role->id])) { 861 $this->assertSame($renames[$role->id], role_get_name($role, $coursecontext)); 862 $this->assertSame($renames[$role->id], role_get_name($role, $coursecontext, ROLENAME_ALIAS)); 863 $this->assertSame($renames[$role->id], role_get_name($role, $coursecontext, ROLENAME_ALIAS_RAW)); 864 $this->assertSame("{$renames[$role->id]} ($name)", role_get_name($role, $coursecontext, ROLENAME_BOTH)); 865 } else { 866 $this->assertSame($name, role_get_name($role, $coursecontext)); 867 $this->assertSame($name, role_get_name($role, $coursecontext, ROLENAME_ALIAS)); 868 $this->assertNull(role_get_name($role, $coursecontext, ROLENAME_ALIAS_RAW)); 869 $this->assertSame($name, role_get_name($role, $coursecontext, ROLENAME_BOTH)); 870 } 871 $this->assertSame($name, role_get_name($role)); 872 $this->assertSame($name, role_get_name($role, $coursecontext, ROLENAME_ORIGINAL)); 873 $this->assertSame($name, role_get_name($role, null, ROLENAME_ORIGINAL)); 874 $this->assertSame($role->shortname, role_get_name($role, $coursecontext, ROLENAME_SHORT)); 875 $this->assertSame($role->shortname, role_get_name($role, null, ROLENAME_SHORT)); 876 $this->assertSame("$name ($role->shortname)", role_get_name($role, $coursecontext, ROLENAME_ORIGINALANDSHORT)); 877 $this->assertSame("$name ($role->shortname)", role_get_name($role, null, ROLENAME_ORIGINALANDSHORT)); 878 $this->assertNull(role_get_name($role, null, ROLENAME_ALIAS_RAW)); 879 } 880 } 881 882 /** 883 * Test tweaking of role name arrays. 884 */ 885 public function test_role_fix_names() { 886 global $DB; 887 888 $this->resetAfterTest(); 889 890 $teacher = $DB->get_record('role', array('shortname'=>'teacher'), '*', MUST_EXIST); 891 $student = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 892 $otherid = create_role('Other role', 'other', 'Some other role', ''); 893 $anotherid = create_role('Another role', 'another', 'Yet another other role', ''); 894 $allroles = $DB->get_records('role'); 895 896 $syscontext = context_system::instance(); 897 $frontcontext = context_course::instance(SITEID); 898 $course = $this->getDataGenerator()->create_course(); 899 $coursecontext = context_course::instance($course->id); 900 $category = $DB->get_record('course_categories', array('id'=>$course->category), '*', MUST_EXIST); 901 $categorycontext = context_coursecat::instance($category->id); 902 903 $teacherename = (object)array('roleid'=>$teacher->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 904 $DB->insert_record('role_names', $teacherename); 905 $otherrename = (object)array('roleid'=>$otherid, 'name'=>'Ostatní', 'contextid'=>$coursecontext->id); 906 $DB->insert_record('role_names', $otherrename); 907 $renames = $DB->get_records_menu('role_names', array('contextid'=>$coursecontext->id), '', 'roleid, name'); 908 909 // Make sure all localname contain proper values for each ROLENAME_ constant, 910 // note role_get_name() on frontpage is used to get the original name for future compatibility. 911 $roles = $allroles; 912 unset($roles[$student->id]); // Remove one role to make sure no role is added or removed. 913 $rolenames = array(); 914 foreach ($roles as $role) { 915 $rolenames[$role->id] = $role->name; 916 } 917 918 $alltypes = array(ROLENAME_ALIAS, ROLENAME_ALIAS_RAW, ROLENAME_BOTH, ROLENAME_ORIGINAL, ROLENAME_ORIGINALANDSHORT, ROLENAME_SHORT); 919 foreach ($alltypes as $type) { 920 $fixed = role_fix_names($roles, $coursecontext, $type); 921 $this->assertCount(count($roles), $fixed); 922 foreach ($fixed as $roleid => $rolename) { 923 $this->assertInstanceOf('stdClass', $rolename); 924 $role = $allroles[$roleid]; 925 $name = role_get_name($role, $coursecontext, $type); 926 $this->assertSame($name, $rolename->localname); 927 } 928 $fixed = role_fix_names($rolenames, $coursecontext, $type); 929 $this->assertCount(count($rolenames), $fixed); 930 foreach ($fixed as $roleid => $rolename) { 931 $role = $allroles[$roleid]; 932 $name = role_get_name($role, $coursecontext, $type); 933 $this->assertSame($name, $rolename); 934 } 935 } 936 } 937 938 /** 939 * Test role default allows. 940 */ 941 public function test_get_default_role_archetype_allows() { 942 $archetypes = get_role_archetypes(); 943 foreach ($archetypes as $archetype) { 944 945 $result = get_default_role_archetype_allows('assign', $archetype); 946 $this->assertIsArray($result); 947 948 $result = get_default_role_archetype_allows('override', $archetype); 949 $this->assertIsArray($result); 950 951 $result = get_default_role_archetype_allows('switch', $archetype); 952 $this->assertIsArray($result); 953 954 $result = get_default_role_archetype_allows('view', $archetype); 955 $this->assertIsArray($result); 956 } 957 958 $result = get_default_role_archetype_allows('assign', ''); 959 $this->assertSame(array(), $result); 960 961 $result = get_default_role_archetype_allows('override', ''); 962 $this->assertSame(array(), $result); 963 964 $result = get_default_role_archetype_allows('switch', ''); 965 $this->assertSame(array(), $result); 966 967 $result = get_default_role_archetype_allows('view', ''); 968 $this->assertSame(array(), $result); 969 970 $result = get_default_role_archetype_allows('assign', 'wrongarchetype'); 971 $this->assertSame(array(), $result); 972 $this->assertDebuggingCalled(); 973 974 $result = get_default_role_archetype_allows('override', 'wrongarchetype'); 975 $this->assertSame(array(), $result); 976 $this->assertDebuggingCalled(); 977 978 $result = get_default_role_archetype_allows('switch', 'wrongarchetype'); 979 $this->assertSame(array(), $result); 980 $this->assertDebuggingCalled(); 981 982 $result = get_default_role_archetype_allows('view', 'wrongarchetype'); 983 $this->assertSame(array(), $result); 984 $this->assertDebuggingCalled(); 985 } 986 987 /** 988 * Test allowing of role assignments. 989 */ 990 public function test_core_role_set_assign_allowed() { 991 global $DB, $CFG; 992 993 $this->resetAfterTest(); 994 995 $otherid = create_role('Other role', 'other', 'Some other role', ''); 996 $student = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 997 998 $this->assertFalse($DB->record_exists('role_allow_assign', array('roleid'=>$otherid, 'allowassign'=>$student->id))); 999 core_role_set_assign_allowed($otherid, $student->id); 1000 $this->assertTrue($DB->record_exists('role_allow_assign', array('roleid'=>$otherid, 'allowassign'=>$student->id))); 1001 1002 // Test event trigger. 1003 $allowroleassignevent = \core\event\role_allow_assign_updated::create([ 1004 'context' => context_system::instance(), 1005 'objectid' => $otherid, 1006 'other' => ['targetroleid' => $student->id] 1007 ]); 1008 $sink = $this->redirectEvents(); 1009 $allowroleassignevent->trigger(); 1010 $events = $sink->get_events(); 1011 $sink->close(); 1012 $event = array_pop($events); 1013 $this->assertInstanceOf('\core\event\role_allow_assign_updated', $event); 1014 $mode = 'assign'; 1015 $baseurl = new moodle_url('/admin/roles/allow.php', array('mode' => $mode)); 1016 $expectedlegacylog = array(SITEID, 'role', 'edit allow ' . $mode, str_replace($CFG->wwwroot . '/', '', $baseurl)); 1017 $this->assertEventLegacyLogData($expectedlegacylog, $event); 1018 } 1019 1020 /** 1021 * Test allowing of role overrides. 1022 */ 1023 public function test_core_role_set_override_allowed() { 1024 global $DB, $CFG; 1025 1026 $this->resetAfterTest(); 1027 1028 $otherid = create_role('Other role', 'other', 'Some other role', ''); 1029 $student = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 1030 1031 $this->assertFalse($DB->record_exists('role_allow_override', array('roleid'=>$otherid, 'allowoverride'=>$student->id))); 1032 core_role_set_override_allowed($otherid, $student->id); 1033 $this->assertTrue($DB->record_exists('role_allow_override', array('roleid'=>$otherid, 'allowoverride'=>$student->id))); 1034 1035 // Test event trigger. 1036 $allowroleassignevent = \core\event\role_allow_override_updated::create([ 1037 'context' => context_system::instance(), 1038 'objectid' => $otherid, 1039 'other' => ['targetroleid' => $student->id] 1040 ]); 1041 $sink = $this->redirectEvents(); 1042 $allowroleassignevent->trigger(); 1043 $events = $sink->get_events(); 1044 $sink->close(); 1045 $event = array_pop($events); 1046 $this->assertInstanceOf('\core\event\role_allow_override_updated', $event); 1047 $mode = 'override'; 1048 $baseurl = new moodle_url('/admin/roles/allow.php', array('mode' => $mode)); 1049 $expectedlegacylog = array(SITEID, 'role', 'edit allow ' . $mode, str_replace($CFG->wwwroot . '/', '', $baseurl)); 1050 $this->assertEventLegacyLogData($expectedlegacylog, $event); 1051 } 1052 1053 /** 1054 * Test allowing of role switching. 1055 */ 1056 public function test_core_role_set_switch_allowed() { 1057 global $DB, $CFG; 1058 1059 $this->resetAfterTest(); 1060 1061 $otherid = create_role('Other role', 'other', 'Some other role', ''); 1062 $student = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 1063 1064 $this->assertFalse($DB->record_exists('role_allow_switch', array('roleid'=>$otherid, 'allowswitch'=>$student->id))); 1065 core_role_set_switch_allowed($otherid, $student->id); 1066 $this->assertTrue($DB->record_exists('role_allow_switch', array('roleid'=>$otherid, 'allowswitch'=>$student->id))); 1067 1068 // Test event trigger. 1069 $allowroleassignevent = \core\event\role_allow_switch_updated::create([ 1070 'context' => context_system::instance(), 1071 'objectid' => $otherid, 1072 'other' => ['targetroleid' => $student->id] 1073 ]); 1074 $sink = $this->redirectEvents(); 1075 $allowroleassignevent->trigger(); 1076 $events = $sink->get_events(); 1077 $sink->close(); 1078 $event = array_pop($events); 1079 $this->assertInstanceOf('\core\event\role_allow_switch_updated', $event); 1080 $mode = 'switch'; 1081 $baseurl = new moodle_url('/admin/roles/allow.php', array('mode' => $mode)); 1082 $expectedlegacylog = array(SITEID, 'role', 'edit allow ' . $mode, str_replace($CFG->wwwroot . '/', '', $baseurl)); 1083 $this->assertEventLegacyLogData($expectedlegacylog, $event); 1084 } 1085 1086 /** 1087 * Test allowing of role switching. 1088 */ 1089 public function test_core_role_set_view_allowed() { 1090 global $DB, $CFG; 1091 1092 $this->resetAfterTest(); 1093 1094 $otherid = create_role('Other role', 'other', 'Some other role', ''); 1095 $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 1096 1097 $this->assertFalse($DB->record_exists('role_allow_view', array('roleid' => $otherid, 'allowview' => $student->id))); 1098 core_role_set_view_allowed($otherid, $student->id); 1099 $this->assertTrue($DB->record_exists('role_allow_view', array('roleid' => $otherid, 'allowview' => $student->id))); 1100 1101 // Test event trigger. 1102 $allowroleassignevent = \core\event\role_allow_view_updated::create([ 1103 'context' => context_system::instance(), 1104 'objectid' => $otherid, 1105 'other' => ['targetroleid' => $student->id] 1106 ]); 1107 $sink = $this->redirectEvents(); 1108 $allowroleassignevent->trigger(); 1109 $events = $sink->get_events(); 1110 $sink->close(); 1111 $event = array_pop($events); 1112 $this->assertInstanceOf('\core\event\role_allow_view_updated', $event); 1113 $mode = 'view'; 1114 $baseurl = new moodle_url('/admin/roles/allow.php', array('mode' => $mode)); 1115 $expectedlegacylog = array(SITEID, 'role', 'edit allow ' . $mode, str_replace($CFG->wwwroot . '/', '', $baseurl)); 1116 $this->assertEventLegacyLogData($expectedlegacylog, $event); 1117 } 1118 1119 /** 1120 * Test returning of assignable roles in context. 1121 */ 1122 public function test_get_assignable_roles() { 1123 global $DB; 1124 1125 $this->resetAfterTest(); 1126 1127 $course = $this->getDataGenerator()->create_course(); 1128 $coursecontext = context_course::instance($course->id); 1129 1130 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 1131 $teacher = $this->getDataGenerator()->create_user(); 1132 role_assign($teacherrole->id, $teacher->id, $coursecontext); 1133 $teacherename = (object)array('roleid'=>$teacherrole->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 1134 $DB->insert_record('role_names', $teacherename); 1135 1136 $studentrole = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 1137 $student = $this->getDataGenerator()->create_user(); 1138 role_assign($studentrole->id, $student->id, $coursecontext); 1139 1140 $contexts = $DB->get_records('context'); 1141 $users = $DB->get_records('user'); 1142 $allroles = $DB->get_records('role'); 1143 1144 // Evaluate all results for all users in all contexts. 1145 foreach ($users as $user) { 1146 $this->setUser($user); 1147 foreach ($contexts as $contextid => $unused) { 1148 $context = context_helper::instance_by_id($contextid); 1149 $roles = get_assignable_roles($context, ROLENAME_SHORT); 1150 foreach ($allroles as $roleid => $role) { 1151 if (isset($roles[$roleid])) { 1152 if (is_siteadmin()) { 1153 $this->assertTrue($DB->record_exists('role_context_levels', array('contextlevel'=>$context->contextlevel, 'roleid'=>$roleid))); 1154 } else { 1155 $this->assertTrue(user_can_assign($context, $roleid), "u:$user->id r:$roleid"); 1156 } 1157 $this->assertEquals($role->shortname, $roles[$roleid]); 1158 } else { 1159 $allowed = $DB->record_exists('role_context_levels', array('contextlevel'=>$context->contextlevel, 'roleid'=>$roleid)); 1160 if (is_siteadmin()) { 1161 $this->assertFalse($allowed); 1162 } else { 1163 $this->assertFalse($allowed and user_can_assign($context, $roleid), "u:$user->id, r:{$allroles[$roleid]->name}, c:$context->contextlevel"); 1164 } 1165 } 1166 } 1167 } 1168 } 1169 1170 // Not-logged-in user. 1171 $this->setUser(0); 1172 foreach ($contexts as $contextid => $unused) { 1173 $context = context_helper::instance_by_id($contextid); 1174 $roles = get_assignable_roles($context, ROLENAME_SHORT); 1175 $this->assertSame(array(), $roles); 1176 } 1177 1178 // Test current user. 1179 $this->setUser(0); 1180 $admin = $DB->get_record('user', array('username'=>'admin'), '*', MUST_EXIST); 1181 $roles1 = get_assignable_roles($coursecontext, ROLENAME_SHORT, false, $admin); 1182 $roles2 = get_assignable_roles($coursecontext, ROLENAME_SHORT, false, $admin->id); 1183 $this->setAdminUser(); 1184 $roles3 = get_assignable_roles($coursecontext, ROLENAME_SHORT); 1185 $this->assertSame($roles1, $roles3); 1186 $this->assertSame($roles2, $roles3); 1187 1188 // Test parameter defaults. 1189 $this->setAdminUser(); 1190 $roles1 = get_assignable_roles($coursecontext); 1191 $roles2 = get_assignable_roles($coursecontext, ROLENAME_ALIAS, false, $admin); 1192 $this->assertEquals($roles2, $roles1); 1193 1194 // Verify returned names - let's allow all roles everywhere to simplify this a bit. 1195 $alllevels = context_helper::get_all_levels(); 1196 $alllevels = array_keys($alllevels); 1197 foreach ($allroles as $roleid => $role) { 1198 set_role_contextlevels($roleid, $alllevels); 1199 } 1200 $alltypes = array(ROLENAME_ALIAS, ROLENAME_ALIAS_RAW, ROLENAME_BOTH, ROLENAME_ORIGINAL, ROLENAME_ORIGINALANDSHORT, ROLENAME_SHORT); 1201 foreach ($alltypes as $type) { 1202 $rolenames = role_fix_names($allroles, $coursecontext, $type); 1203 $roles = get_assignable_roles($coursecontext, $type, false, $admin); 1204 foreach ($roles as $roleid => $rolename) { 1205 $this->assertSame($rolenames[$roleid]->localname, $rolename); 1206 } 1207 } 1208 1209 // Verify counts. 1210 $alltypes = array(ROLENAME_ALIAS, ROLENAME_ALIAS_RAW, ROLENAME_BOTH, ROLENAME_ORIGINAL, ROLENAME_ORIGINALANDSHORT, ROLENAME_SHORT); 1211 foreach ($alltypes as $type) { 1212 $roles = get_assignable_roles($coursecontext, $type, false, $admin); 1213 list($rolenames, $rolecounts, $nameswithcounts) = get_assignable_roles($coursecontext, $type, true, $admin); 1214 $this->assertEquals($roles, $rolenames); 1215 foreach ($rolenames as $roleid => $name) { 1216 if ($roleid == $teacherrole->id or $roleid == $studentrole->id) { 1217 $this->assertEquals(1, $rolecounts[$roleid]); 1218 } else { 1219 $this->assertEquals(0, $rolecounts[$roleid]); 1220 } 1221 $this->assertSame("$name ($rolecounts[$roleid])", $nameswithcounts[$roleid]); 1222 } 1223 } 1224 } 1225 1226 /** 1227 * Test user count of assignable roles in context where users are assigned the role via different components. 1228 */ 1229 public function test_get_assignable_roles_distinct_usercount() { 1230 global $DB; 1231 1232 $this->resetAfterTest(true); 1233 1234 $this->setAdminUser(); 1235 1236 $course = $this->getDataGenerator()->create_course(); 1237 $context = \context_course::instance($course->id); 1238 1239 $user1 = $this->getDataGenerator()->create_user(); 1240 $user2 = $this->getDataGenerator()->create_user(); 1241 1242 $studentrole = $DB->get_record('role', ['shortname' => 'student']); 1243 1244 // Assign each user the student role in course. 1245 role_assign($studentrole->id, $user1->id, $context->id); 1246 role_assign($studentrole->id, $user2->id, $context->id); 1247 1248 list($rolenames, $rolecounts, $nameswithcounts) = get_assignable_roles($context, ROLENAME_SHORT, true); 1249 $this->assertEquals(2, $rolecounts[$studentrole->id]); 1250 1251 // Assign first user the student role in course again (this time via 'enrol_self' component). 1252 role_assign($studentrole->id, $user1->id, $context->id, 'enrol_self', 1); 1253 1254 // There are still only two distinct users. 1255 list($rolenames, $rolecounts, $nameswithcounts) = get_assignable_roles($context, ROLENAME_SHORT, true); 1256 $this->assertEquals(2, $rolecounts[$studentrole->id]); 1257 } 1258 1259 /** 1260 * Test getting of all switchable roles. 1261 */ 1262 public function test_get_switchable_roles() { 1263 global $DB; 1264 1265 $this->resetAfterTest(); 1266 1267 $course = $this->getDataGenerator()->create_course(); 1268 $coursecontext = context_course::instance($course->id); 1269 1270 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 1271 $teacher = $this->getDataGenerator()->create_user(); 1272 role_assign($teacherrole->id, $teacher->id, $coursecontext); 1273 $teacherename = (object)array('roleid'=>$teacherrole->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 1274 $DB->insert_record('role_names', $teacherename); 1275 1276 $contexts = $DB->get_records('context'); 1277 $users = $DB->get_records('user'); 1278 $allroles = $DB->get_records('role'); 1279 1280 // Evaluate all results for all users in all contexts. 1281 foreach ($users as $user) { 1282 $this->setUser($user); 1283 foreach ($contexts as $contextid => $unused) { 1284 $context = context_helper::instance_by_id($contextid); 1285 $roles = get_switchable_roles($context); 1286 foreach ($allroles as $roleid => $role) { 1287 if (is_siteadmin()) { 1288 $this->assertTrue(isset($roles[$roleid])); 1289 } else { 1290 $parents = $context->get_parent_context_ids(true); 1291 $pcontexts = implode(',' , $parents); 1292 $allowed = $DB->record_exists_sql( 1293 "SELECT r.id 1294 FROM {role} r 1295 JOIN {role_allow_switch} ras ON ras.allowswitch = r.id 1296 JOIN {role_assignments} ra ON ra.roleid = ras.roleid 1297 WHERE ra.userid = :userid AND ra.contextid IN ($pcontexts) AND r.id = :roleid 1298 ", 1299 array('userid'=>$user->id, 'roleid'=>$roleid) 1300 ); 1301 if (isset($roles[$roleid])) { 1302 $this->assertTrue($allowed); 1303 } else { 1304 $this->assertFalse($allowed); 1305 } 1306 } 1307 1308 if (isset($roles[$roleid])) { 1309 $coursecontext = $context->get_course_context(false); 1310 $this->assertSame(role_get_name($role, $coursecontext), $roles[$roleid]); 1311 } 1312 } 1313 } 1314 } 1315 } 1316 1317 /** 1318 * Test getting of all overridable roles. 1319 */ 1320 public function test_get_overridable_roles() { 1321 global $DB; 1322 1323 $this->resetAfterTest(); 1324 1325 $course = $this->getDataGenerator()->create_course(); 1326 $coursecontext = context_course::instance($course->id); 1327 1328 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 1329 $teacher = $this->getDataGenerator()->create_user(); 1330 role_assign($teacherrole->id, $teacher->id, $coursecontext); 1331 $teacherename = (object)array('roleid'=>$teacherrole->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 1332 $DB->insert_record('role_names', $teacherename); 1333 $this->assertTrue($DB->record_exists('capabilities', array('name'=>'moodle/backup:backupcourse'))); // Any capability is ok. 1334 assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $teacherrole->id, $coursecontext->id); 1335 1336 $studentrole = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 1337 $student = $this->getDataGenerator()->create_user(); 1338 role_assign($studentrole->id, $student->id, $coursecontext); 1339 1340 $contexts = $DB->get_records('context'); 1341 $users = $DB->get_records('user'); 1342 $allroles = $DB->get_records('role'); 1343 1344 // Evaluate all results for all users in all contexts. 1345 foreach ($users as $user) { 1346 $this->setUser($user); 1347 foreach ($contexts as $contextid => $unused) { 1348 $context = context_helper::instance_by_id($contextid); 1349 $roles = get_overridable_roles($context, ROLENAME_SHORT); 1350 foreach ($allroles as $roleid => $role) { 1351 $hascap = has_any_capability(array('moodle/role:safeoverride', 'moodle/role:override'), $context); 1352 if (is_siteadmin()) { 1353 $this->assertTrue(isset($roles[$roleid])); 1354 } else { 1355 $parents = $context->get_parent_context_ids(true); 1356 $pcontexts = implode(',' , $parents); 1357 $allowed = $DB->record_exists_sql( 1358 "SELECT r.id 1359 FROM {role} r 1360 JOIN {role_allow_override} rao ON r.id = rao.allowoverride 1361 JOIN {role_assignments} ra ON rao.roleid = ra.roleid 1362 WHERE ra.userid = :userid AND ra.contextid IN ($pcontexts) AND r.id = :roleid 1363 ", 1364 array('userid'=>$user->id, 'roleid'=>$roleid) 1365 ); 1366 if (isset($roles[$roleid])) { 1367 $this->assertTrue($hascap); 1368 $this->assertTrue($allowed); 1369 } else { 1370 $this->assertFalse($hascap and $allowed); 1371 } 1372 } 1373 1374 if (isset($roles[$roleid])) { 1375 $this->assertEquals($role->shortname, $roles[$roleid]); 1376 } 1377 } 1378 } 1379 } 1380 1381 // Test parameter defaults. 1382 $this->setAdminUser(); 1383 $roles1 = get_overridable_roles($coursecontext); 1384 $roles2 = get_overridable_roles($coursecontext, ROLENAME_ALIAS, false); 1385 $this->assertEquals($roles2, $roles1); 1386 1387 $alltypes = array(ROLENAME_ALIAS, ROLENAME_ALIAS_RAW, ROLENAME_BOTH, ROLENAME_ORIGINAL, ROLENAME_ORIGINALANDSHORT, ROLENAME_SHORT); 1388 foreach ($alltypes as $type) { 1389 $rolenames = role_fix_names($allroles, $coursecontext, $type); 1390 $roles = get_overridable_roles($coursecontext, $type, false); 1391 foreach ($roles as $roleid => $rolename) { 1392 $this->assertSame($rolenames[$roleid]->localname, $rolename); 1393 } 1394 } 1395 1396 // Verify counts. 1397 $roles = get_overridable_roles($coursecontext, ROLENAME_ALIAS, false); 1398 list($rolenames, $rolecounts, $nameswithcounts) = get_overridable_roles($coursecontext, ROLENAME_ALIAS, true); 1399 $this->assertEquals($roles, $rolenames); 1400 foreach ($rolenames as $roleid => $name) { 1401 if ($roleid == $teacherrole->id) { 1402 $this->assertEquals(1, $rolecounts[$roleid]); 1403 } else { 1404 $this->assertEquals(0, $rolecounts[$roleid]); 1405 } 1406 $this->assertSame("$name ($rolecounts[$roleid])", $nameswithcounts[$roleid]); 1407 } 1408 } 1409 1410 /** 1411 * Test getting of all overridable roles. 1412 */ 1413 public function test_get_viewable_roles_course() { 1414 global $DB; 1415 1416 $this->resetAfterTest(); 1417 1418 $course = $this->getDataGenerator()->create_course(); 1419 $coursecontext = context_course::instance($course->id); 1420 1421 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 1422 $teacher = $this->getDataGenerator()->create_user(); 1423 role_assign($teacherrole->id, $teacher->id, $coursecontext); 1424 1425 $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 1426 $studentrolerename = (object) array('roleid' => $studentrole->id, 'name' => 'Učitel', 'contextid' => $coursecontext->id); 1427 $DB->insert_record('role_names', $studentrolerename); 1428 1429 // By default teacher can see student. 1430 $this->setUser($teacher); 1431 $viewableroles = get_viewable_roles($coursecontext); 1432 $this->assertContains($studentrolerename->name, array_values($viewableroles)); 1433 // Remove view permission. 1434 $DB->delete_records('role_allow_view', array('roleid' => $teacherrole->id, 'allowview' => $studentrole->id)); 1435 $viewableroles = get_viewable_roles($coursecontext); 1436 // Teacher can no longer see student role. 1437 $this->assertNotContains($studentrolerename->name, array_values($viewableroles)); 1438 // Allow again teacher to view student. 1439 core_role_set_view_allowed($teacherrole->id, $studentrole->id); 1440 // Teacher can now see student role. 1441 $viewableroles = get_viewable_roles($coursecontext); 1442 $this->assertContains($studentrolerename->name, array_values($viewableroles)); 1443 } 1444 1445 /** 1446 * Test getting of all overridable roles. 1447 */ 1448 public function test_get_viewable_roles_system() { 1449 global $DB; 1450 1451 $this->resetAfterTest(); 1452 1453 $context = context_system::instance(); 1454 1455 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 1456 $teacher = $this->getDataGenerator()->create_user(); 1457 role_assign($teacherrole->id, $teacher->id, $context); 1458 1459 $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 1460 $studentrolename = role_get_name($studentrole, $context); 1461 1462 // By default teacher can see student. 1463 $this->setUser($teacher); 1464 $viewableroles = get_viewable_roles($context); 1465 $this->assertContains($studentrolename, array_values($viewableroles)); 1466 // Remove view permission. 1467 $DB->delete_records('role_allow_view', array('roleid' => $teacherrole->id, 'allowview' => $studentrole->id)); 1468 $viewableroles = get_viewable_roles($context); 1469 // Teacher can no longer see student role. 1470 $this->assertNotContains($studentrolename, array_values($viewableroles)); 1471 // Allow again teacher to view student. 1472 core_role_set_view_allowed($teacherrole->id, $studentrole->id); 1473 // Teacher can now see student role. 1474 $viewableroles = get_viewable_roles($context); 1475 $this->assertContains($studentrolename, array_values($viewableroles)); 1476 } 1477 1478 /** 1479 * Test we have context level defaults. 1480 */ 1481 public function test_get_default_contextlevels() { 1482 $archetypes = get_role_archetypes(); 1483 $alllevels = context_helper::get_all_levels(); 1484 foreach ($archetypes as $archetype) { 1485 $defaults = get_default_contextlevels($archetype); 1486 $this->assertIsArray($defaults); 1487 foreach ($defaults as $level) { 1488 $this->assertTrue(isset($alllevels[$level])); 1489 } 1490 } 1491 } 1492 1493 /** 1494 * Test role context level setup. 1495 */ 1496 public function test_set_role_contextlevels() { 1497 global $DB; 1498 1499 $this->resetAfterTest(); 1500 1501 $roleid = create_role('New student role', 'student2', 'New student description', 'student'); 1502 1503 $this->assertFalse($DB->record_exists('role_context_levels', array('roleid' => $roleid))); 1504 1505 set_role_contextlevels($roleid, array(CONTEXT_COURSE, CONTEXT_MODULE)); 1506 $levels = $DB->get_records('role_context_levels', array('roleid' => $roleid), '', 'contextlevel, contextlevel'); 1507 $this->assertCount(2, $levels); 1508 $this->assertTrue(isset($levels[CONTEXT_COURSE])); 1509 $this->assertTrue(isset($levels[CONTEXT_MODULE])); 1510 1511 set_role_contextlevels($roleid, array(CONTEXT_COURSE)); 1512 $levels = $DB->get_records('role_context_levels', array('roleid' => $roleid), '', 'contextlevel, contextlevel'); 1513 $this->assertCount(1, $levels); 1514 $this->assertTrue(isset($levels[CONTEXT_COURSE])); 1515 } 1516 1517 /** 1518 * Test getting of role context levels 1519 */ 1520 public function test_get_roles_for_contextlevels() { 1521 global $DB; 1522 1523 $allroles = get_all_roles(); 1524 foreach (context_helper::get_all_levels() as $level => $unused) { 1525 $roles = get_roles_for_contextlevels($level); 1526 foreach ($allroles as $roleid => $unused) { 1527 $exists = $DB->record_exists('role_context_levels', array('contextlevel'=>$level, 'roleid'=>$roleid)); 1528 if (in_array($roleid, $roles)) { 1529 $this->assertTrue($exists); 1530 } else { 1531 $this->assertFalse($exists); 1532 } 1533 } 1534 } 1535 } 1536 1537 /** 1538 * Test default enrol roles. 1539 */ 1540 public function test_get_default_enrol_roles() { 1541 $this->resetAfterTest(); 1542 1543 $course = $this->getDataGenerator()->create_course(); 1544 $coursecontext = context_course::instance($course->id); 1545 1546 $id2 = create_role('New student role', 'student2', 'New student description', 'student'); 1547 set_role_contextlevels($id2, array(CONTEXT_COURSE)); 1548 1549 $allroles = get_all_roles(); 1550 $expected = array($id2=>$allroles[$id2]); 1551 1552 foreach (get_roles_for_contextlevels(CONTEXT_COURSE) as $roleid) { 1553 $expected[$roleid] = $roleid; 1554 } 1555 1556 $roles = get_default_enrol_roles($coursecontext); 1557 foreach ($allroles as $role) { 1558 $this->assertEquals(isset($expected[$role->id]), isset($roles[$role->id])); 1559 if (isset($roles[$role->id])) { 1560 $this->assertSame(role_get_name($role, $coursecontext), $roles[$role->id]); 1561 } 1562 } 1563 } 1564 1565 /** 1566 * Test getting of role users. 1567 */ 1568 public function test_get_role_users() { 1569 global $DB; 1570 1571 $this->resetAfterTest(); 1572 1573 $systemcontext = context_system::instance(); 1574 $studentrole = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 1575 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 1576 $noeditteacherrole = $DB->get_record('role', array('shortname' => 'teacher'), '*', MUST_EXIST); 1577 $course = $this->getDataGenerator()->create_course(); 1578 $coursecontext = context_course::instance($course->id); 1579 $otherid = create_role('Other role', 'other', 'Some other role', ''); 1580 $teacherrename = (object)array('roleid'=>$teacherrole->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 1581 $DB->insert_record('role_names', $teacherrename); 1582 $otherrename = (object)array('roleid'=>$otherid, 'name'=>'Ostatní', 'contextid'=>$coursecontext->id); 1583 $DB->insert_record('role_names', $otherrename); 1584 1585 $user1 = $this->getDataGenerator()->create_user(array('firstname'=>'John', 'lastname'=>'Smith')); 1586 role_assign($teacherrole->id, $user1->id, $coursecontext->id); 1587 $user2 = $this->getDataGenerator()->create_user(array('firstname'=>'Jan', 'lastname'=>'Kovar')); 1588 role_assign($teacherrole->id, $user2->id, $systemcontext->id); 1589 $user3 = $this->getDataGenerator()->create_user(); 1590 $this->getDataGenerator()->enrol_user($user3->id, $course->id, $teacherrole->id); 1591 $user4 = $this->getDataGenerator()->create_user(); 1592 $this->getDataGenerator()->enrol_user($user4->id, $course->id, $studentrole->id); 1593 $this->getDataGenerator()->enrol_user($user4->id, $course->id, $noeditteacherrole->id); 1594 1595 $group = $this->getDataGenerator()->create_group(array('courseid'=>$course->id)); 1596 groups_add_member($group, $user3); 1597 1598 $users = get_role_users($teacherrole->id, $coursecontext); 1599 $this->assertCount(2, $users); 1600 $this->assertArrayHasKey($user1->id, $users); 1601 $this->assertEquals($users[$user1->id]->id, $user1->id); 1602 $this->assertEquals($users[$user1->id]->roleid, $teacherrole->id); 1603 $this->assertEquals($users[$user1->id]->rolename, $teacherrole->name); 1604 $this->assertEquals($users[$user1->id]->roleshortname, $teacherrole->shortname); 1605 $this->assertEquals($users[$user1->id]->rolecoursealias, $teacherrename->name); 1606 $this->assertArrayHasKey($user3->id, $users); 1607 $this->assertEquals($users[$user3->id]->id, $user3->id); 1608 $this->assertEquals($users[$user3->id]->roleid, $teacherrole->id); 1609 $this->assertEquals($users[$user3->id]->rolename, $teacherrole->name); 1610 $this->assertEquals($users[$user3->id]->roleshortname, $teacherrole->shortname); 1611 $this->assertEquals($users[$user3->id]->rolecoursealias, $teacherrename->name); 1612 1613 $users = get_role_users($teacherrole->id, $coursecontext, true); 1614 $this->assertCount(3, $users); 1615 1616 $users = get_role_users($teacherrole->id, $coursecontext, true, '', null, null, '', 2, 1); 1617 $this->assertCount(1, $users); 1618 1619 $users = get_role_users($teacherrole->id, $coursecontext, false, 'u.id, u.email, u.idnumber', 'u.idnumber'); 1620 $this->assertCount(2, $users); 1621 $this->assertArrayHasKey($user1->id, $users); 1622 $this->assertArrayHasKey($user3->id, $users); 1623 1624 $users = get_role_users($teacherrole->id, $coursecontext, false, 'u.id, u.email'); 1625 $this->assertDebuggingCalled('get_role_users() adding u.lastname, u.firstname to the query result because they were required by $sort but missing in $fields'); 1626 $this->assertCount(2, $users); 1627 $this->assertArrayHasKey($user1->id, $users); 1628 $this->assertObjectHasAttribute('lastname', $users[$user1->id]); 1629 $this->assertObjectHasAttribute('firstname', $users[$user1->id]); 1630 $this->assertArrayHasKey($user3->id, $users); 1631 $this->assertObjectHasAttribute('lastname', $users[$user3->id]); 1632 $this->assertObjectHasAttribute('firstname', $users[$user3->id]); 1633 1634 $users = get_role_users($teacherrole->id, $coursecontext, false, 'u.id AS id_alias'); 1635 $this->assertDebuggingCalled('get_role_users() adding u.lastname, u.firstname to the query result because they were required by $sort but missing in $fields'); 1636 $this->assertCount(2, $users); 1637 $this->assertArrayHasKey($user1->id, $users); 1638 $this->assertObjectHasAttribute('id_alias', $users[$user1->id]); 1639 $this->assertObjectHasAttribute('lastname', $users[$user1->id]); 1640 $this->assertObjectHasAttribute('firstname', $users[$user1->id]); 1641 $this->assertArrayHasKey($user3->id, $users); 1642 $this->assertObjectHasAttribute('id_alias', $users[$user3->id]); 1643 $this->assertObjectHasAttribute('lastname', $users[$user3->id]); 1644 $this->assertObjectHasAttribute('firstname', $users[$user3->id]); 1645 1646 $users = get_role_users($teacherrole->id, $coursecontext, false, 'u.id, u.email, u.idnumber', 'u.idnumber', null, $group->id); 1647 $this->assertCount(1, $users); 1648 $this->assertArrayHasKey($user3->id, $users); 1649 1650 $users = get_role_users($teacherrole->id, $coursecontext, true, 'u.id, u.email, u.idnumber, u.firstname', 'u.idnumber', null, '', '', '', 'u.firstname = :xfirstname', array('xfirstname'=>'John')); 1651 $this->assertCount(1, $users); 1652 $this->assertArrayHasKey($user1->id, $users); 1653 1654 $users = get_role_users(array($noeditteacherrole->id, $studentrole->id), $coursecontext, false, 'ra.id', 'ra.id'); 1655 $this->assertDebuggingNotCalled(); 1656 $users = get_role_users(array($noeditteacherrole->id, $studentrole->id), $coursecontext, false, 'ra.userid', 'ra.userid'); 1657 $this->assertDebuggingCalled('get_role_users() without specifying one single roleid needs to be called prefixing ' . 1658 'role assignments id (ra.id) as unique field, you can use $fields param for it.'); 1659 $users = get_role_users(array($noeditteacherrole->id, $studentrole->id), $coursecontext, false); 1660 $this->assertDebuggingCalled('get_role_users() without specifying one single roleid needs to be called prefixing ' . 1661 'role assignments id (ra.id) as unique field, you can use $fields param for it.'); 1662 $users = get_role_users(array($noeditteacherrole->id, $studentrole->id), $coursecontext, 1663 false, 'u.id, u.firstname', 'u.id, u.firstname'); 1664 $this->assertDebuggingCalled('get_role_users() without specifying one single roleid needs to be called prefixing ' . 1665 'role assignments id (ra.id) as unique field, you can use $fields param for it.'); 1666 } 1667 1668 /** 1669 * Test used role query. 1670 */ 1671 public function test_get_roles_used_in_context() { 1672 global $DB; 1673 1674 $this->resetAfterTest(); 1675 1676 $systemcontext = context_system::instance(); 1677 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 1678 $course = $this->getDataGenerator()->create_course(); 1679 $coursecontext = context_course::instance($course->id); 1680 $otherid = create_role('Other role', 'other', 'Some other role', ''); 1681 $teacherrename = (object)array('roleid'=>$teacherrole->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 1682 $DB->insert_record('role_names', $teacherrename); 1683 $otherrename = (object)array('roleid'=>$otherid, 'name'=>'Ostatní', 'contextid'=>$coursecontext->id); 1684 $DB->insert_record('role_names', $otherrename); 1685 1686 $user1 = $this->getDataGenerator()->create_user(); 1687 role_assign($teacherrole->id, $user1->id, $coursecontext->id); 1688 1689 $roles = get_roles_used_in_context($coursecontext); 1690 $this->assertCount(1, $roles); 1691 $role = reset($roles); 1692 $roleid = key($roles); 1693 $this->assertEquals($roleid, $role->id); 1694 $this->assertEquals($teacherrole->id, $role->id); 1695 $this->assertSame($teacherrole->name, $role->name); 1696 $this->assertSame($teacherrole->shortname, $role->shortname); 1697 $this->assertEquals($teacherrole->sortorder, $role->sortorder); 1698 $this->assertSame($teacherrename->name, $role->coursealias); 1699 1700 $user2 = $this->getDataGenerator()->create_user(); 1701 role_assign($teacherrole->id, $user2->id, $systemcontext->id); 1702 role_assign($otherid, $user2->id, $systemcontext->id); 1703 1704 $roles = get_roles_used_in_context($systemcontext); 1705 $this->assertCount(2, $roles); 1706 } 1707 1708 /** 1709 * Test roles used in course. 1710 */ 1711 public function test_get_user_roles_in_course() { 1712 global $DB, $CFG; 1713 1714 $this->resetAfterTest(); 1715 1716 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 1717 $studentrole = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 1718 $managerrole = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST); 1719 $course = $this->getDataGenerator()->create_course(); 1720 $coursecontext = context_course::instance($course->id); 1721 $teacherrename = (object)array('roleid'=>$teacherrole->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 1722 $DB->insert_record('role_names', $teacherrename); 1723 1724 $roleids = explode(',', $CFG->profileroles); // Should include teacher and student in new installs. 1725 $this->assertTrue(in_array($teacherrole->id, $roleids)); 1726 $this->assertTrue(in_array($studentrole->id, $roleids)); 1727 $this->assertFalse(in_array($managerrole->id, $roleids)); 1728 1729 $user1 = $this->getDataGenerator()->create_user(); 1730 role_assign($teacherrole->id, $user1->id, $coursecontext->id); 1731 role_assign($studentrole->id, $user1->id, $coursecontext->id); 1732 $user2 = $this->getDataGenerator()->create_user(); 1733 role_assign($studentrole->id, $user2->id, $coursecontext->id); 1734 $user3 = $this->getDataGenerator()->create_user(); 1735 $user4 = $this->getDataGenerator()->create_user(); 1736 role_assign($managerrole->id, $user4->id, $coursecontext->id); 1737 1738 $this->setAdminUser(); 1739 1740 $roles = get_user_roles_in_course($user1->id, $course->id); 1741 $this->assertEquals([ 1742 role_get_name($teacherrole, $coursecontext), 1743 role_get_name($studentrole, $coursecontext), 1744 ], array_map('strip_tags', explode(', ', $roles))); 1745 1746 $roles = get_user_roles_in_course($user2->id, $course->id); 1747 $this->assertEquals([ 1748 role_get_name($studentrole, $coursecontext), 1749 ], array_map('strip_tags', explode(', ', $roles))); 1750 1751 $roles = get_user_roles_in_course($user3->id, $course->id); 1752 $this->assertEmpty($roles); 1753 1754 // Managers should be able to see a link to their own role type, given they can assign it in the context. 1755 $this->setUser($user4); 1756 $roles = get_user_roles_in_course($user4->id, $course->id); 1757 $this->assertEquals([ 1758 role_get_name($managerrole, $coursecontext), 1759 ], array_map('strip_tags', explode(', ', $roles))); 1760 1761 // Managers should see 2 roles if viewing a user who has been enrolled as a student and a teacher in the course. 1762 $roles = get_user_roles_in_course($user1->id, $course->id); 1763 $this->assertEquals([ 1764 role_get_name($teacherrole, $coursecontext), 1765 role_get_name($studentrole, $coursecontext), 1766 ], array_map('strip_tags', explode(', ', $roles))); 1767 1768 // Students should not see the manager role if viewing a manager's profile. 1769 $this->setUser($user2); 1770 $roles = get_user_roles_in_course($user4->id, $course->id); 1771 $this->assertEmpty($roles); // Should see 0 roles on the manager's profile. 1772 } 1773 1774 /** 1775 * Test get_user_roles and get_users_roles 1776 */ 1777 public function test_get_user_roles() { 1778 global $DB, $CFG; 1779 1780 $this->resetAfterTest(); 1781 1782 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 1783 $studentrole = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 1784 $course = $this->getDataGenerator()->create_course(); 1785 $coursecontext = context_course::instance($course->id); 1786 $teacherrename = (object)array('roleid'=>$teacherrole->id, 'name'=>'Učitel', 'contextid'=>$coursecontext->id); 1787 $DB->insert_record('role_names', $teacherrename); 1788 1789 $roleids = explode(',', $CFG->profileroles); // Should include teacher and student in new installs. 1790 1791 $user1 = $this->getDataGenerator()->create_user(); 1792 role_assign($teacherrole->id, $user1->id, $coursecontext->id); 1793 role_assign($studentrole->id, $user1->id, $coursecontext->id); 1794 $user2 = $this->getDataGenerator()->create_user(); 1795 role_assign($studentrole->id, $user2->id, $coursecontext->id); 1796 $user3 = $this->getDataGenerator()->create_user(); 1797 1798 $u1roles = get_user_roles($coursecontext, $user1->id); 1799 1800 $u2roles = get_user_roles($coursecontext, $user2->id); 1801 1802 $allroles = get_users_roles($coursecontext, [], false); 1803 $specificuserroles = get_users_roles($coursecontext, [$user1->id, $user2->id]); 1804 $this->assertEquals($u1roles, $allroles[$user1->id]); 1805 $this->assertEquals($u1roles, $specificuserroles[$user1->id]); 1806 $this->assertEquals($u2roles, $allroles[$user2->id]); 1807 $this->assertEquals($u2roles, $specificuserroles[$user2->id]); 1808 } 1809 1810 /** 1811 * Test has_capability(), has_any_capability() and has_all_capabilities(). 1812 */ 1813 public function test_has_capability_and_friends() { 1814 global $DB; 1815 1816 $this->resetAfterTest(); 1817 1818 $course = $this->getDataGenerator()->create_course(); 1819 $coursecontext = context_course::instance($course->id); 1820 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 1821 $teacher = $this->getDataGenerator()->create_user(); 1822 role_assign($teacherrole->id, $teacher->id, $coursecontext); 1823 $admin = $DB->get_record('user', array('username'=>'admin')); 1824 1825 // Note: Here are used default capabilities, the full test is in permission evaluation bellow, 1826 // use two capabilities that teacher has and one does not, none of them should be allowed for not-logged-in user. 1827 1828 $this->assertTrue($DB->record_exists('capabilities', array('name'=>'moodle/backup:backupsection'))); 1829 $this->assertTrue($DB->record_exists('capabilities', array('name'=>'moodle/backup:backupcourse'))); 1830 $this->assertTrue($DB->record_exists('capabilities', array('name'=>'moodle/site:approvecourse'))); 1831 1832 $sca = array('moodle/backup:backupsection', 'moodle/backup:backupcourse', 'moodle/site:approvecourse'); 1833 $sc = array('moodle/backup:backupsection', 'moodle/backup:backupcourse'); 1834 1835 $this->setUser(0); 1836 $this->assertFalse(has_capability('moodle/backup:backupsection', $coursecontext)); 1837 $this->assertFalse(has_capability('moodle/backup:backupcourse', $coursecontext)); 1838 $this->assertFalse(has_capability('moodle/site:approvecourse', $coursecontext)); 1839 $this->assertFalse(has_any_capability($sca, $coursecontext)); 1840 $this->assertFalse(has_all_capabilities($sca, $coursecontext)); 1841 1842 $this->assertTrue(has_capability('moodle/backup:backupsection', $coursecontext, $teacher)); 1843 $this->assertTrue(has_capability('moodle/backup:backupcourse', $coursecontext, $teacher)); 1844 $this->assertFalse(has_capability('moodle/site:approvecourse', $coursecontext, $teacher)); 1845 $this->assertTrue(has_any_capability($sca, $coursecontext, $teacher)); 1846 $this->assertTrue(has_all_capabilities($sc, $coursecontext, $teacher)); 1847 $this->assertFalse(has_all_capabilities($sca, $coursecontext, $teacher)); 1848 1849 $this->assertTrue(has_capability('moodle/backup:backupsection', $coursecontext, $admin)); 1850 $this->assertTrue(has_capability('moodle/backup:backupcourse', $coursecontext, $admin)); 1851 $this->assertTrue(has_capability('moodle/site:approvecourse', $coursecontext, $admin)); 1852 $this->assertTrue(has_any_capability($sca, $coursecontext, $admin)); 1853 $this->assertTrue(has_all_capabilities($sc, $coursecontext, $admin)); 1854 $this->assertTrue(has_all_capabilities($sca, $coursecontext, $admin)); 1855 1856 $this->assertFalse(has_capability('moodle/backup:backupsection', $coursecontext, $admin, false)); 1857 $this->assertFalse(has_capability('moodle/backup:backupcourse', $coursecontext, $admin, false)); 1858 $this->assertFalse(has_capability('moodle/site:approvecourse', $coursecontext, $admin, false)); 1859 $this->assertFalse(has_any_capability($sca, $coursecontext, $admin, false)); 1860 $this->assertFalse(has_all_capabilities($sc, $coursecontext, $admin, false)); 1861 $this->assertFalse(has_all_capabilities($sca, $coursecontext, $admin, false)); 1862 1863 $this->setUser($teacher); 1864 $this->assertTrue(has_capability('moodle/backup:backupsection', $coursecontext)); 1865 $this->assertTrue(has_capability('moodle/backup:backupcourse', $coursecontext)); 1866 $this->assertFalse(has_capability('moodle/site:approvecourse', $coursecontext)); 1867 $this->assertTrue(has_any_capability($sca, $coursecontext)); 1868 $this->assertTrue(has_all_capabilities($sc, $coursecontext)); 1869 $this->assertFalse(has_all_capabilities($sca, $coursecontext)); 1870 1871 $this->setAdminUser(); 1872 $this->assertTrue(has_capability('moodle/backup:backupsection', $coursecontext)); 1873 $this->assertTrue(has_capability('moodle/backup:backupcourse', $coursecontext)); 1874 $this->assertTrue(has_capability('moodle/site:approvecourse', $coursecontext)); 1875 $this->assertTrue(has_any_capability($sca, $coursecontext)); 1876 $this->assertTrue(has_all_capabilities($sc, $coursecontext)); 1877 $this->assertTrue(has_all_capabilities($sca, $coursecontext)); 1878 1879 $this->assertFalse(has_capability('moodle/backup:backupsection', $coursecontext, 0)); 1880 $this->assertFalse(has_capability('moodle/backup:backupcourse', $coursecontext, 0)); 1881 $this->assertFalse(has_capability('moodle/site:approvecourse', $coursecontext, 0)); 1882 $this->assertFalse(has_any_capability($sca, $coursecontext, 0)); 1883 $this->assertFalse(has_all_capabilities($sca, $coursecontext, 0)); 1884 } 1885 1886 /** 1887 * Test that assigning a fake cap does not return. 1888 */ 1889 public function test_fake_capability() { 1890 global $DB; 1891 1892 $this->resetAfterTest(); 1893 1894 $course = $this->getDataGenerator()->create_course(); 1895 $coursecontext = context_course::instance($course->id); 1896 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 1897 $teacher = $this->getDataGenerator()->create_user(); 1898 1899 $fakecapname = 'moodle/fake:capability'; 1900 1901 role_assign($teacherrole->id, $teacher->id, $coursecontext); 1902 $admin = $DB->get_record('user', array('username' => 'admin')); 1903 1904 // Test a capability which does not exist. 1905 // Note: Do not use assign_capability because it will not allow fake caps. 1906 $DB->insert_record('role_capabilities', (object) [ 1907 'contextid' => $coursecontext->id, 1908 'roleid' => $teacherrole->id, 1909 'capability' => $fakecapname, 1910 'permission' => CAP_ALLOW, 1911 'timemodified' => time(), 1912 'modifierid' => 0, 1913 ]); 1914 1915 // Check `has_capability`. 1916 $this->assertFalse(has_capability($fakecapname, $coursecontext, $teacher)); 1917 $this->assertDebuggingCalled("Capability \"{$fakecapname}\" was not found! This has to be fixed in code."); 1918 $this->assertFalse(has_capability($fakecapname, $coursecontext, $admin)); 1919 $this->assertDebuggingCalled("Capability \"{$fakecapname}\" was not found! This has to be fixed in code."); 1920 1921 // Check `get_with_capability_sql` (with uses `get_with_capability_join`). 1922 list($sql, $params) = get_with_capability_sql($coursecontext, $fakecapname); 1923 $users = $DB->get_records_sql($sql, $params); 1924 1925 $this->assertFalse(array_key_exists($teacher->id, $users)); 1926 $this->assertFalse(array_key_exists($admin->id, $users)); 1927 1928 // Check `get_users_by_capability`. 1929 $users = get_users_by_capability($coursecontext, $fakecapname); 1930 1931 $this->assertFalse(array_key_exists($teacher->id, $users)); 1932 $this->assertFalse(array_key_exists($admin->id, $users)); 1933 } 1934 1935 /** 1936 * Test that assigning a fake cap does not return. 1937 */ 1938 public function test_fake_capability_assign() { 1939 global $DB; 1940 1941 $this->resetAfterTest(); 1942 1943 $course = $this->getDataGenerator()->create_course(); 1944 $coursecontext = context_course::instance($course->id); 1945 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 1946 $teacher = $this->getDataGenerator()->create_user(); 1947 1948 $capability = 'moodle/fake:capability'; 1949 1950 role_assign($teacherrole->id, $teacher->id, $coursecontext); 1951 $admin = $DB->get_record('user', array('username' => 'admin')); 1952 1953 $this->expectException('coding_exception'); 1954 $this->expectExceptionMessage("Capability '{$capability}' was not found! This has to be fixed in code."); 1955 assign_capability($capability, CAP_ALLOW, $teacherrole->id, $coursecontext); 1956 } 1957 1958 /** 1959 * Test that assigning a fake cap does not return. 1960 */ 1961 public function test_fake_capability_unassign() { 1962 global $DB; 1963 1964 $this->resetAfterTest(); 1965 1966 $course = $this->getDataGenerator()->create_course(); 1967 $coursecontext = context_course::instance($course->id); 1968 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 1969 $teacher = $this->getDataGenerator()->create_user(); 1970 1971 $capability = 'moodle/fake:capability'; 1972 1973 role_assign($teacherrole->id, $teacher->id, $coursecontext); 1974 $admin = $DB->get_record('user', array('username' => 'admin')); 1975 1976 $this->expectException('coding_exception'); 1977 $this->expectExceptionMessage("Capability '{$capability}' was not found! This has to be fixed in code."); 1978 unassign_capability($capability, CAP_ALLOW, $teacherrole->id, $coursecontext); 1979 } 1980 1981 /** 1982 * Test that the caching in get_role_definitions() and get_role_definitions_uncached() 1983 * works as intended. 1984 */ 1985 public function test_role_definition_caching() { 1986 global $DB; 1987 1988 $this->resetAfterTest(); 1989 1990 // Get some role ids. 1991 $authenticatedrole = $DB->get_record('role', array('shortname' => 'user'), '*', MUST_EXIST); 1992 $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 1993 $emptyroleid = create_role('No capabilities', 'empty', 'A role with no capabilties'); 1994 $course = $this->getDataGenerator()->create_course(); 1995 $coursecontext = context_course::instance($course->id); 1996 1997 // Instantiate the cache instance, since that does DB queries (get_config) 1998 // and we don't care about those. 1999 cache::make('core', 'roledefs'); 2000 2001 // One database query is not necessarily one database read, it seems. Find out how many. 2002 $startdbreads = $DB->perf_get_reads(); 2003 $rs = $DB->get_recordset('user'); 2004 $rs->close(); 2005 $readsperquery = $DB->perf_get_reads() - $startdbreads; 2006 2007 // Now load some role definitions, and check when it queries the database. 2008 2009 // Load the capabilities for two roles. Should be one query. 2010 $startdbreads = $DB->perf_get_reads(); 2011 get_role_definitions([$authenticatedrole->id, $studentrole->id]); 2012 $this->assertEquals(1 * $readsperquery, $DB->perf_get_reads() - $startdbreads); 2013 2014 // Load the capabilities for same two roles. Should not query the DB. 2015 $startdbreads = $DB->perf_get_reads(); 2016 get_role_definitions([$authenticatedrole->id, $studentrole->id]); 2017 $this->assertEquals(0 * $readsperquery, $DB->perf_get_reads() - $startdbreads); 2018 2019 // Include a third role. Should do one DB query. 2020 $startdbreads = $DB->perf_get_reads(); 2021 get_role_definitions([$authenticatedrole->id, $studentrole->id, $emptyroleid]); 2022 $this->assertEquals(1 * $readsperquery, $DB->perf_get_reads() - $startdbreads); 2023 2024 // Repeat call. No DB queries. 2025 $startdbreads = $DB->perf_get_reads(); 2026 get_role_definitions([$authenticatedrole->id, $studentrole->id, $emptyroleid]); 2027 $this->assertEquals(0 * $readsperquery, $DB->perf_get_reads() - $startdbreads); 2028 2029 // Alter a role. 2030 role_change_permission($studentrole->id, $coursecontext, 'moodle/course:tag', CAP_ALLOW); 2031 2032 // Should now know to do one query. 2033 $startdbreads = $DB->perf_get_reads(); 2034 get_role_definitions([$authenticatedrole->id, $studentrole->id]); 2035 $this->assertEquals(1 * $readsperquery, $DB->perf_get_reads() - $startdbreads); 2036 2037 // Now clear the in-memory cache, and verify that it does not query the DB. 2038 // Cannot use accesslib_clear_all_caches_for_unit_testing since that also 2039 // clears the MUC cache. 2040 global $ACCESSLIB_PRIVATE; 2041 $ACCESSLIB_PRIVATE->cacheroledefs = array(); 2042 2043 // Get all roles. Should not need the DB. 2044 $startdbreads = $DB->perf_get_reads(); 2045 get_role_definitions([$authenticatedrole->id, $studentrole->id, $emptyroleid]); 2046 $this->assertEquals(0 * $readsperquery, $DB->perf_get_reads() - $startdbreads); 2047 } 2048 2049 /** 2050 * Tests get_user_capability_course() which checks a capability across all courses. 2051 */ 2052 public function test_get_user_capability_course() { 2053 global $CFG, $USER; 2054 2055 $this->resetAfterTest(); 2056 2057 $generator = $this->getDataGenerator(); 2058 $cap = 'moodle/course:view'; 2059 2060 // The structure being created here is this: 2061 // 2062 // All tests work with the single capability 'moodle/course:view'. 2063 // 2064 // ROLE DEF/OVERRIDE ROLE ASSIGNS 2065 // Role: Allow Prohib Empty Def user u1 u2 u3 u4 u5 u6 u7 u8 2066 // System ALLOW PROHIBIT A E A+E 2067 // cat1 ALLOW 2068 // C1 (ALLOW) P 2069 // C2 ALLOW E P 2070 // cat2 PREVENT 2071 // C3 ALLOW E 2072 // C4 2073 // Misc. A 2074 // C5 PREVENT A 2075 // C6 PROHIBIT 2076 // 2077 // Front-page and guest role stuff from the end of this test not included in the diagram. 2078 2079 // Create a role which allows course:view and one that prohibits it, and one neither. 2080 $allowroleid = $generator->create_role(); 2081 $prohibitroleid = $generator->create_role(); 2082 $emptyroleid = $generator->create_role(); 2083 $systemcontext = context_system::instance(); 2084 assign_capability($cap, CAP_ALLOW, $allowroleid, $systemcontext->id); 2085 assign_capability($cap, CAP_PROHIBIT, $prohibitroleid, $systemcontext->id); 2086 2087 // Create two categories (nested). 2088 $cat1 = $generator->create_category(); 2089 $cat2 = $generator->create_category(['parent' => $cat1->id]); 2090 2091 // Create six courses - two in cat1, two in cat2, and two in default category. 2092 // Shortnames are used for a sorting test. Otherwise they are not significant. 2093 $c1 = $generator->create_course(['category' => $cat1->id, 'shortname' => 'Z']); 2094 $c2 = $generator->create_course(['category' => $cat1->id, 'shortname' => 'Y']); 2095 $c3 = $generator->create_course(['category' => $cat2->id, 'shortname' => 'X']); 2096 $c4 = $generator->create_course(['category' => $cat2->id]); 2097 $c5 = $generator->create_course(); 2098 $c6 = $generator->create_course(); 2099 2100 // Category overrides: in cat 1, empty role is allowed; in cat 2, empty role is prevented. 2101 assign_capability($cap, CAP_ALLOW, $emptyroleid, 2102 context_coursecat::instance($cat1->id)->id); 2103 assign_capability($cap, CAP_PREVENT, $emptyroleid, 2104 context_coursecat::instance($cat2->id)->id); 2105 2106 // Course overrides: in C5, allow role is prevented; in C6, empty role is prohibited; in 2107 // C3, empty role is allowed. 2108 assign_capability($cap, CAP_PREVENT, $allowroleid, 2109 context_course::instance($c5->id)->id); 2110 assign_capability($cap, CAP_PROHIBIT, $emptyroleid, 2111 context_course::instance($c6->id)->id); 2112 assign_capability($cap, CAP_ALLOW, $emptyroleid, 2113 context_course::instance($c3->id)->id); 2114 assign_capability($cap, CAP_ALLOW, $prohibitroleid, 2115 context_course::instance($c2->id)->id); 2116 2117 // User 1 has no roles except default user role. 2118 $u1 = $generator->create_user(); 2119 2120 // It returns false (annoyingly) if there are no courses. 2121 $this->assertFalse(get_user_capability_course($cap, $u1->id, true, '', 'id')); 2122 2123 // Final override: in C1, default user role is allowed. 2124 assign_capability($cap, CAP_ALLOW, $CFG->defaultuserroleid, 2125 context_course::instance($c1->id)->id); 2126 2127 // Should now get C1 only. 2128 $courses = get_user_capability_course($cap, $u1->id, true, '', 'id'); 2129 $this->assert_course_ids([$c1->id], $courses); 2130 2131 // User 2 has allow role (system wide). 2132 $u2 = $generator->create_user(); 2133 role_assign($allowroleid, $u2->id, $systemcontext->id); 2134 2135 // Should get everything except C5. 2136 $courses = get_user_capability_course($cap, $u2->id, true, '', 'id'); 2137 $this->assert_course_ids([SITEID, $c1->id, $c2->id, $c3->id, $c4->id, $c6->id], $courses); 2138 2139 // User 3 has empty role (system wide). 2140 $u3 = $generator->create_user(); 2141 role_assign($emptyroleid, $u3->id, $systemcontext->id); 2142 2143 // Should get cat 1 courses but not cat2, except C3. 2144 $courses = get_user_capability_course($cap, $u3->id, true, '', 'id'); 2145 $this->assert_course_ids([$c1->id, $c2->id, $c3->id], $courses); 2146 2147 // User 4 has allow and empty role (system wide). 2148 $u4 = $generator->create_user(); 2149 role_assign($allowroleid, $u4->id, $systemcontext->id); 2150 role_assign($emptyroleid, $u4->id, $systemcontext->id); 2151 2152 // Should get everything except C5 and C6. 2153 $courses = get_user_capability_course($cap, $u4->id, true, '', 'id'); 2154 $this->assert_course_ids([SITEID, $c1->id, $c2->id, $c3->id, $c4->id], $courses); 2155 2156 // User 5 has allow role in default category only. 2157 $u5 = $generator->create_user(); 2158 role_assign($allowroleid, $u5->id, context_coursecat::instance($c5->category)->id); 2159 2160 // Should get C1 and the default category courses but not C5. 2161 $courses = get_user_capability_course($cap, $u5->id, true, '', 'id'); 2162 $this->assert_course_ids([$c1->id, $c6->id], $courses); 2163 2164 // User 6 has a bunch of course roles: prohibit role in C1, empty role in C3, allow role in 2165 // C6. 2166 $u6 = $generator->create_user(); 2167 role_assign($prohibitroleid, $u6->id, context_course::instance($c1->id)->id); 2168 role_assign($emptyroleid, $u6->id, context_course::instance($c3->id)->id); 2169 role_assign($allowroleid, $u6->id, context_course::instance($c5->id)->id); 2170 2171 // Should get C3 only because the allow role is prevented in C5. 2172 $courses = get_user_capability_course($cap, $u6->id, true, '', 'id'); 2173 $this->assert_course_ids([$c3->id], $courses); 2174 2175 // User 7 has empty role in C2. 2176 $u7 = $generator->create_user(); 2177 role_assign($emptyroleid, $u7->id, context_course::instance($c2->id)->id); 2178 2179 // Should get C1 by the default user role override, and C2 by the cat1 level override. 2180 $courses = get_user_capability_course($cap, $u7->id, true, '', 'id'); 2181 $this->assert_course_ids([$c1->id, $c2->id], $courses); 2182 2183 // User 8 has prohibit role as system context, to verify that prohibits can't be overridden. 2184 $u8 = $generator->create_user(); 2185 role_assign($prohibitroleid, $u8->id, context_course::instance($c2->id)->id); 2186 2187 // Should get C1 by the default user role override, no other courses because the prohibit cannot be overridden. 2188 $courses = get_user_capability_course($cap, $u8->id, true, '', 'id'); 2189 $this->assert_course_ids([$c1->id], $courses); 2190 2191 // Admin user gets everything.... 2192 $courses = get_user_capability_course($cap, get_admin()->id, true, '', 'id'); 2193 $this->assert_course_ids([SITEID, $c1->id, $c2->id, $c3->id, $c4->id, $c5->id, $c6->id], 2194 $courses); 2195 2196 // Unless you turn off doanything, when it only has the things a user with no role does. 2197 $courses = get_user_capability_course($cap, get_admin()->id, false, '', 'id'); 2198 $this->assert_course_ids([$c1->id], $courses); 2199 2200 // Using u3 as an example, test the limit feature. 2201 $courses = get_user_capability_course($cap, $u3->id, true, '', 'id', 2); 2202 $this->assert_course_ids([$c1->id, $c2->id], $courses); 2203 2204 // Check sorting. 2205 $courses = get_user_capability_course($cap, $u3->id, true, '', 'shortname'); 2206 $this->assert_course_ids([$c3->id, $c2->id, $c1->id], $courses); 2207 2208 // Check returned fields - default. 2209 $courses = get_user_capability_course($cap, $u3->id, true, '', 'id'); 2210 $this->assertEquals((object)['id' => $c1->id], $courses[0]); 2211 2212 // Add a selection of fields, including the context ones with special handling. 2213 $courses = get_user_capability_course($cap, $u3->id, true, 'shortname, ctxlevel, ctxdepth, ctxinstance', 'id'); 2214 $this->assertEquals((object)['id' => $c1->id, 'shortname' => 'Z', 'ctxlevel' => 50, 2215 'ctxdepth' => 3, 'ctxinstance' => $c1->id], $courses[0]); 2216 2217 // Test front page role - user 1 has no roles, but if we change the front page role 2218 // definition so that it has our capability, then they should see the front page course. 2219 // as well as C1. 2220 assign_capability($cap, CAP_ALLOW, $CFG->defaultfrontpageroleid, $systemcontext->id); 2221 $courses = get_user_capability_course($cap, $u1->id, true, '', 'id'); 2222 $this->assert_course_ids([SITEID, $c1->id], $courses); 2223 2224 // Check that temporary guest access (in this case, given on course 2 for user 1) 2225 // also is included, if it has this capability. 2226 assign_capability($cap, CAP_ALLOW, $CFG->guestroleid, $systemcontext->id); 2227 $this->setUser($u1); 2228 load_temp_course_role(context_course::instance($c2->id), $CFG->guestroleid); 2229 $courses = get_user_capability_course($cap, $USER->id, true, '', 'id'); 2230 $this->assert_course_ids([SITEID, $c1->id, $c2->id], $courses); 2231 } 2232 2233 /** 2234 * Extracts an array of course ids to make the above test script shorter. 2235 * 2236 * @param int[] $expected Array of expected course ids 2237 * @param stdClass[] $courses Array of course objects 2238 */ 2239 protected function assert_course_ids(array $expected, array $courses) { 2240 $courseids = array_map(function($c) { 2241 return $c->id; 2242 }, $courses); 2243 $this->assertEquals($expected, $courseids); 2244 } 2245 2246 /** 2247 * Test if course creator future capability lookup works. 2248 */ 2249 public function test_guess_if_creator_will_have_course_capability() { 2250 global $DB, $CFG, $USER; 2251 2252 $this->resetAfterTest(); 2253 2254 $category = $this->getDataGenerator()->create_category(); 2255 $course = $this->getDataGenerator()->create_course(array('category'=>$category->id)); 2256 2257 $syscontext = context_system::instance(); 2258 $categorycontext = context_coursecat::instance($category->id); 2259 $coursecontext = context_course::instance($course->id); 2260 $studentrole = $DB->get_record('role', array('shortname'=>'student'), '*', MUST_EXIST); 2261 $teacherrole = $DB->get_record('role', array('shortname'=>'editingteacher'), '*', MUST_EXIST); 2262 $creatorrole = $DB->get_record('role', array('shortname'=>'coursecreator'), '*', MUST_EXIST); 2263 $managerrole = $DB->get_record('role', array('shortname'=>'manager'), '*', MUST_EXIST); 2264 2265 $this->assertEquals($teacherrole->id, $CFG->creatornewroleid); 2266 2267 $creator = $this->getDataGenerator()->create_user(); 2268 $manager = $this->getDataGenerator()->create_user(); 2269 role_assign($managerrole->id, $manager->id, $categorycontext); 2270 2271 $this->assertFalse(has_capability('moodle/course:view', $categorycontext, $creator)); 2272 $this->assertFalse(has_capability('moodle/role:assign', $categorycontext, $creator)); 2273 $this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $creator)); 2274 $this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $creator)); 2275 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $creator)); 2276 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $creator)); 2277 2278 $this->assertTrue(has_capability('moodle/role:assign', $categorycontext, $manager)); 2279 $this->assertTrue(has_capability('moodle/course:visibility', $categorycontext, $manager)); 2280 $this->assertTrue(has_capability('moodle/course:visibility', $coursecontext, $manager)); 2281 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $manager->id)); 2282 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $manager->id)); 2283 2284 $this->assertEquals(0, $USER->id); 2285 $this->assertFalse(has_capability('moodle/course:view', $categorycontext)); 2286 $this->assertFalse(has_capability('moodle/role:assign', $categorycontext)); 2287 $this->assertFalse(has_capability('moodle/course:visibility', $categorycontext)); 2288 $this->assertFalse(has_capability('moodle/course:visibility', $coursecontext)); 2289 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext)); 2290 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext)); 2291 2292 $this->setUser($manager); 2293 $this->assertTrue(has_capability('moodle/role:assign', $categorycontext)); 2294 $this->assertTrue(has_capability('moodle/course:visibility', $categorycontext)); 2295 $this->assertTrue(has_capability('moodle/course:visibility', $coursecontext)); 2296 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext)); 2297 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext)); 2298 2299 $this->setAdminUser(); 2300 $this->assertTrue(has_capability('moodle/role:assign', $categorycontext)); 2301 $this->assertTrue(has_capability('moodle/course:visibility', $categorycontext)); 2302 $this->assertTrue(has_capability('moodle/course:visibility', $coursecontext)); 2303 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext)); 2304 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext)); 2305 $this->setUser(0); 2306 2307 role_assign($creatorrole->id, $creator->id, $categorycontext); 2308 2309 $this->assertFalse(has_capability('moodle/role:assign', $categorycontext, $creator)); 2310 $this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $creator)); 2311 $this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $creator)); 2312 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $creator)); 2313 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $creator)); 2314 2315 $this->setUser($creator); 2316 $this->assertFalse(has_capability('moodle/role:assign', $categorycontext, null)); 2317 $this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, null)); 2318 $this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, null)); 2319 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, null)); 2320 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, null)); 2321 $this->setUser(0); 2322 2323 set_config('creatornewroleid', $studentrole->id); 2324 2325 $this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $creator)); 2326 $this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $creator)); 2327 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $creator)); 2328 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $creator)); 2329 2330 set_config('creatornewroleid', $teacherrole->id); 2331 2332 role_change_permission($managerrole->id, $categorycontext, 'moodle/course:visibility', CAP_PREVENT); 2333 role_assign($creatorrole->id, $manager->id, $categorycontext); 2334 2335 $this->assertTrue(has_capability('moodle/course:view', $categorycontext, $manager)); 2336 $this->assertTrue(has_capability('moodle/course:view', $coursecontext, $manager)); 2337 $this->assertTrue(has_capability('moodle/role:assign', $categorycontext, $manager)); 2338 $this->assertTrue(has_capability('moodle/role:assign', $coursecontext, $manager)); 2339 $this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $manager)); 2340 $this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $manager)); 2341 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $manager)); 2342 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $manager)); 2343 2344 role_change_permission($managerrole->id, $categorycontext, 'moodle/course:view', CAP_PREVENT); 2345 $this->assertTrue(has_capability('moodle/role:assign', $categorycontext, $manager)); 2346 $this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $manager)); 2347 $this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $manager)); 2348 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $manager)); 2349 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $manager)); 2350 2351 $this->getDataGenerator()->enrol_user($manager->id, $course->id, 0); 2352 2353 $this->assertTrue(has_capability('moodle/role:assign', $categorycontext, $manager)); 2354 $this->assertTrue(has_capability('moodle/role:assign', $coursecontext, $manager)); 2355 $this->assertTrue(is_enrolled($coursecontext, $manager)); 2356 $this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $manager)); 2357 $this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $manager)); 2358 $this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $manager)); 2359 $this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $manager)); 2360 2361 // Test problems. 2362 2363 try { 2364 guess_if_creator_will_have_course_capability('moodle/course:visibility', $syscontext, $creator); 2365 $this->fail('Exception expected when non course/category context passed to guess_if_creator_will_have_course_capability()'); 2366 } catch (moodle_exception $e) { 2367 $this->assertInstanceOf('coding_exception', $e); 2368 } 2369 } 2370 2371 /** 2372 * Test require_capability() exceptions. 2373 */ 2374 public function test_require_capability() { 2375 $this->resetAfterTest(); 2376 2377 $syscontext = context_system::instance(); 2378 2379 $this->setUser(0); 2380 $this->assertFalse(has_capability('moodle/site:config', $syscontext)); 2381 try { 2382 require_capability('moodle/site:config', $syscontext); 2383 $this->fail('Exception expected from require_capability()'); 2384 } catch (moodle_exception $e) { 2385 $this->assertInstanceOf('required_capability_exception', $e); 2386 } 2387 $this->setAdminUser(); 2388 $this->assertFalse(has_capability('moodle/site:config', $syscontext, 0)); 2389 try { 2390 require_capability('moodle/site:config', $syscontext, 0); 2391 $this->fail('Exception expected from require_capability()'); 2392 } catch (moodle_exception $e) { 2393 $this->assertInstanceOf('required_capability_exception', $e); 2394 } 2395 $this->assertFalse(has_capability('moodle/site:config', $syscontext, null, false)); 2396 try { 2397 require_capability('moodle/site:config', $syscontext, null, false); 2398 $this->fail('Exception expected from require_capability()'); 2399 } catch (moodle_exception $e) { 2400 $this->assertInstanceOf('required_capability_exception', $e); 2401 } 2402 } 2403 2404 /** 2405 * Test that enrolled users SQL does not return any values for users in 2406 * other courses. 2407 */ 2408 public function test_get_enrolled_sql_different_course() { 2409 global $DB; 2410 2411 $this->resetAfterTest(); 2412 2413 $course = $this->getDataGenerator()->create_course(); 2414 $context = context_course::instance($course->id); 2415 $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 2416 $user = $this->getDataGenerator()->create_user(); 2417 2418 // This user should not appear anywhere, we're not interested in that context. 2419 $course2 = $this->getDataGenerator()->create_course(); 2420 $this->getDataGenerator()->enrol_user($user->id, $course2->id, $student->id); 2421 2422 $enrolled = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, false); 2423 $active = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, true); 2424 $suspended = get_suspended_userids($context); 2425 2426 $this->assertFalse(isset($enrolled[$user->id])); 2427 $this->assertFalse(isset($active[$user->id])); 2428 $this->assertFalse(isset($suspended[$user->id])); 2429 $this->assertCount(0, $enrolled); 2430 $this->assertCount(0, $active); 2431 $this->assertCount(0, $suspended); 2432 } 2433 2434 /** 2435 * Test that enrolled users SQL does not return any values for role 2436 * assignments without an enrolment. 2437 */ 2438 public function test_get_enrolled_sql_role_only() { 2439 global $DB; 2440 2441 $this->resetAfterTest(); 2442 2443 $course = $this->getDataGenerator()->create_course(); 2444 $context = context_course::instance($course->id); 2445 $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 2446 $user = $this->getDataGenerator()->create_user(); 2447 2448 // Role assignment is not the same as course enrollment. 2449 role_assign($student->id, $user->id, $context->id); 2450 2451 $enrolled = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, false); 2452 $active = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, true); 2453 $suspended = get_suspended_userids($context); 2454 2455 $this->assertFalse(isset($enrolled[$user->id])); 2456 $this->assertFalse(isset($active[$user->id])); 2457 $this->assertFalse(isset($suspended[$user->id])); 2458 $this->assertCount(0, $enrolled); 2459 $this->assertCount(0, $active); 2460 $this->assertCount(0, $suspended); 2461 } 2462 2463 /** 2464 * Test that multiple enrolments for the same user are counted correctly. 2465 */ 2466 public function test_get_enrolled_sql_multiple_enrolments() { 2467 global $DB; 2468 2469 $this->resetAfterTest(); 2470 2471 $course = $this->getDataGenerator()->create_course(); 2472 $context = context_course::instance($course->id); 2473 $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 2474 $user = $this->getDataGenerator()->create_user(); 2475 2476 // Add a suspended enrol. 2477 $selfinstance = $DB->get_record('enrol', array('courseid' => $course->id, 'enrol' => 'self')); 2478 $selfplugin = enrol_get_plugin('self'); 2479 $selfplugin->update_status($selfinstance, ENROL_INSTANCE_ENABLED); 2480 $this->getDataGenerator()->enrol_user($user->id, $course->id, $student->id, 'self', 0, 0, ENROL_USER_SUSPENDED); 2481 2482 // Should be enrolled, but not active - user is suspended. 2483 $enrolled = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, false); 2484 $active = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, true); 2485 $suspended = get_suspended_userids($context); 2486 2487 $this->assertTrue(isset($enrolled[$user->id])); 2488 $this->assertFalse(isset($active[$user->id])); 2489 $this->assertTrue(isset($suspended[$user->id])); 2490 $this->assertCount(1, $enrolled); 2491 $this->assertCount(0, $active); 2492 $this->assertCount(1, $suspended); 2493 2494 // Add an active enrol for the user. Any active enrol makes them enrolled. 2495 $this->getDataGenerator()->enrol_user($user->id, $course->id, $student->id); 2496 2497 // User should be active now. 2498 $enrolled = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, false); 2499 $active = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, true); 2500 $suspended = get_suspended_userids($context); 2501 2502 $this->assertTrue(isset($enrolled[$user->id])); 2503 $this->assertTrue(isset($active[$user->id])); 2504 $this->assertFalse(isset($suspended[$user->id])); 2505 $this->assertCount(1, $enrolled); 2506 $this->assertCount(1, $active); 2507 $this->assertCount(0, $suspended); 2508 2509 } 2510 2511 /** 2512 * Test that enrolled users SQL does not return any values for users 2513 * without a group when $context is not a valid course context. 2514 */ 2515 public function test_get_enrolled_sql_userswithoutgroup() { 2516 global $DB; 2517 2518 $this->resetAfterTest(); 2519 2520 $systemcontext = context_system::instance(); 2521 $course = $this->getDataGenerator()->create_course(); 2522 $coursecontext = context_course::instance($course->id); 2523 $user1 = $this->getDataGenerator()->create_user(); 2524 $user2 = $this->getDataGenerator()->create_user(); 2525 2526 $this->getDataGenerator()->enrol_user($user1->id, $course->id); 2527 $this->getDataGenerator()->enrol_user($user2->id, $course->id); 2528 2529 $group = $this->getDataGenerator()->create_group(array('courseid' => $course->id)); 2530 groups_add_member($group, $user1); 2531 2532 $enrolled = get_enrolled_users($coursecontext); 2533 $this->assertCount(2, $enrolled); 2534 2535 // Get users without any group on the course context. 2536 $enrolledwithoutgroup = get_enrolled_users($coursecontext, '', USERSWITHOUTGROUP); 2537 $this->assertCount(1, $enrolledwithoutgroup); 2538 $this->assertFalse(isset($enrolledwithoutgroup[$user1->id])); 2539 2540 // Get users without any group on the system context (it should throw an exception). 2541 $this->expectException('coding_exception'); 2542 get_enrolled_users($systemcontext, '', USERSWITHOUTGROUP); 2543 } 2544 2545 public function get_enrolled_sql_provider() { 2546 return array( 2547 array( 2548 // Two users who are enrolled. 2549 'users' => array( 2550 array( 2551 'enrolled' => true, 2552 'active' => true, 2553 ), 2554 array( 2555 'enrolled' => true, 2556 'active' => true, 2557 ), 2558 ), 2559 'counts' => array( 2560 'enrolled' => 2, 2561 'active' => 2, 2562 'suspended' => 0, 2563 ), 2564 ), 2565 array( 2566 // A user who is suspended. 2567 'users' => array( 2568 array( 2569 'status' => ENROL_USER_SUSPENDED, 2570 'enrolled' => true, 2571 'suspended' => true, 2572 ), 2573 ), 2574 'counts' => array( 2575 'enrolled' => 1, 2576 'active' => 0, 2577 'suspended' => 1, 2578 ), 2579 ), 2580 array( 2581 // One of each. 2582 'users' => array( 2583 array( 2584 'enrolled' => true, 2585 'active' => true, 2586 ), 2587 array( 2588 'status' => ENROL_USER_SUSPENDED, 2589 'enrolled' => true, 2590 'suspended' => true, 2591 ), 2592 ), 2593 'counts' => array( 2594 'enrolled' => 2, 2595 'active' => 1, 2596 'suspended' => 1, 2597 ), 2598 ), 2599 array( 2600 // One user who is not yet enrolled. 2601 'users' => array( 2602 array( 2603 'timestart' => DAYSECS, 2604 'enrolled' => true, 2605 'active' => false, 2606 'suspended' => true, 2607 ), 2608 ), 2609 'counts' => array( 2610 'enrolled' => 1, 2611 'active' => 0, 2612 'suspended' => 1, 2613 ), 2614 ), 2615 array( 2616 // One user who is no longer enrolled 2617 'users' => array( 2618 array( 2619 'timeend' => -DAYSECS, 2620 'enrolled' => true, 2621 'active' => false, 2622 'suspended' => true, 2623 ), 2624 ), 2625 'counts' => array( 2626 'enrolled' => 1, 2627 'active' => 0, 2628 'suspended' => 1, 2629 ), 2630 ), 2631 array( 2632 // One user who is not yet enrolled, and one who is no longer enrolled. 2633 'users' => array( 2634 array( 2635 'timeend' => -DAYSECS, 2636 'enrolled' => true, 2637 'active' => false, 2638 'suspended' => true, 2639 ), 2640 array( 2641 'timestart' => DAYSECS, 2642 'enrolled' => true, 2643 'active' => false, 2644 'suspended' => true, 2645 ), 2646 ), 2647 'counts' => array( 2648 'enrolled' => 2, 2649 'active' => 0, 2650 'suspended' => 2, 2651 ), 2652 ), 2653 ); 2654 } 2655 2656 /** 2657 * @dataProvider get_enrolled_sql_provider 2658 */ 2659 public function test_get_enrolled_sql_course($users, $counts) { 2660 global $DB; 2661 2662 $this->resetAfterTest(); 2663 2664 $course = $this->getDataGenerator()->create_course(); 2665 $context = context_course::instance($course->id); 2666 $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 2667 $createdusers = array(); 2668 2669 foreach ($users as &$userdata) { 2670 $user = $this->getDataGenerator()->create_user(); 2671 $userdata['id'] = $user->id; 2672 2673 $timestart = 0; 2674 $timeend = 0; 2675 $status = null; 2676 if (isset($userdata['timestart'])) { 2677 $timestart = time() + $userdata['timestart']; 2678 } 2679 if (isset($userdata['timeend'])) { 2680 $timeend = time() + $userdata['timeend']; 2681 } 2682 if (isset($userdata['status'])) { 2683 $status = $userdata['status']; 2684 } 2685 2686 // Enrol the user in the course. 2687 $this->getDataGenerator()->enrol_user($user->id, $course->id, $student->id, 'manual', $timestart, $timeend, $status); 2688 } 2689 2690 // After all users have been enroled, check expectations. 2691 $enrolled = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, false); 2692 $active = get_enrolled_users($context, '', 0, 'u.id', null, 0, 0, true); 2693 $suspended = get_suspended_userids($context); 2694 2695 foreach ($users as $userdata) { 2696 if (isset($userdata['enrolled']) && $userdata['enrolled']) { 2697 $this->assertTrue(isset($enrolled[$userdata['id']])); 2698 } else { 2699 $this->assertFalse(isset($enrolled[$userdata['id']])); 2700 } 2701 2702 if (isset($userdata['active']) && $userdata['active']) { 2703 $this->assertTrue(isset($active[$userdata['id']])); 2704 } else { 2705 $this->assertFalse(isset($active[$userdata['id']])); 2706 } 2707 2708 if (isset($userdata['suspended']) && $userdata['suspended']) { 2709 $this->assertTrue(isset($suspended[$userdata['id']])); 2710 } else { 2711 $this->assertFalse(isset($suspended[$userdata['id']])); 2712 } 2713 } 2714 2715 $this->assertCount($counts['enrolled'], $enrolled); 2716 $this->assertCount($counts['active'], $active); 2717 $this->assertCount($counts['suspended'], $suspended); 2718 } 2719 2720 /** 2721 * A small functional test of permission evaluations. 2722 */ 2723 public function test_permission_evaluation() { 2724 global $USER, $SITE, $CFG, $DB, $ACCESSLIB_PRIVATE; 2725 2726 $this->resetAfterTest(); 2727 2728 $generator = $this->getDataGenerator(); 2729 2730 // Fill the site with some real data. 2731 $testcategories = array(); 2732 $testcourses = array(); 2733 $testpages = array(); 2734 $testblocks = array(); 2735 $allroles = $DB->get_records_menu('role', array(), 'id', 'shortname, id'); 2736 2737 $systemcontext = context_system::instance(); 2738 $frontpagecontext = context_course::instance(SITEID); 2739 2740 // Add block to system context. 2741 $bi = $generator->create_block('online_users'); 2742 context_block::instance($bi->id); 2743 $testblocks[] = $bi->id; 2744 2745 // Some users. 2746 $testusers = array(); 2747 for ($i=0; $i<20; $i++) { 2748 $user = $generator->create_user(); 2749 $testusers[$i] = $user->id; 2750 $usercontext = context_user::instance($user->id); 2751 2752 // Add block to user profile. 2753 $bi = $generator->create_block('online_users', array('parentcontextid'=>$usercontext->id)); 2754 $testblocks[] = $bi->id; 2755 } 2756 2757 // Add block to frontpage. 2758 $bi = $generator->create_block('online_users', array('parentcontextid'=>$frontpagecontext->id)); 2759 $frontpageblockcontext = context_block::instance($bi->id); 2760 $testblocks[] = $bi->id; 2761 2762 // Add a resource to frontpage. 2763 $page = $generator->create_module('page', array('course'=>$SITE->id)); 2764 $testpages[] = $page->cmid; 2765 $frontpagepagecontext = context_module::instance($page->cmid); 2766 2767 // Add block to frontpage resource. 2768 $bi = $generator->create_block('online_users', array('parentcontextid'=>$frontpagepagecontext->id)); 2769 $frontpagepageblockcontext = context_block::instance($bi->id); 2770 $testblocks[] = $bi->id; 2771 2772 // Some nested course categories with courses. 2773 $manualenrol = enrol_get_plugin('manual'); 2774 $parentcat = 0; 2775 for ($i=0; $i<5; $i++) { 2776 $cat = $generator->create_category(array('parent'=>$parentcat)); 2777 $testcategories[] = $cat->id; 2778 $catcontext = context_coursecat::instance($cat->id); 2779 $parentcat = $cat->id; 2780 2781 if ($i >= 4) { 2782 continue; 2783 } 2784 2785 // Add resource to each category. 2786 $bi = $generator->create_block('online_users', array('parentcontextid'=>$catcontext->id)); 2787 context_block::instance($bi->id); 2788 2789 // Add a few courses to each category. 2790 for ($j=0; $j<6; $j++) { 2791 $course = $generator->create_course(array('category'=>$cat->id)); 2792 $testcourses[] = $course->id; 2793 $coursecontext = context_course::instance($course->id); 2794 2795 if ($j >= 5) { 2796 continue; 2797 } 2798 // Add manual enrol instance. 2799 $manualenrol->add_default_instance($DB->get_record('course', array('id'=>$course->id))); 2800 2801 // Add block to each course. 2802 $bi = $generator->create_block('online_users', array('parentcontextid'=>$coursecontext->id)); 2803 $testblocks[] = $bi->id; 2804 2805 // Add a resource to each course. 2806 $page = $generator->create_module('page', array('course'=>$course->id)); 2807 $testpages[] = $page->cmid; 2808 $modcontext = context_module::instance($page->cmid); 2809 2810 // Add block to each module. 2811 $bi = $generator->create_block('online_users', array('parentcontextid'=>$modcontext->id)); 2812 $testblocks[] = $bi->id; 2813 } 2814 } 2815 2816 // Make sure all contexts were created properly. 2817 $count = 1; // System. 2818 $count += $DB->count_records('user', array('deleted'=>0)); 2819 $count += $DB->count_records('course_categories'); 2820 $count += $DB->count_records('course'); 2821 $count += $DB->count_records('course_modules'); 2822 $count += $DB->count_records('block_instances'); 2823 $this->assertEquals($count, $DB->count_records('context')); 2824 $this->assertEquals(0, $DB->count_records('context', array('depth'=>0))); 2825 $this->assertEquals(0, $DB->count_records('context', array('path'=>null))); 2826 2827 2828 // Test context_helper::get_level_name() method. 2829 2830 $levels = context_helper::get_all_levels(); 2831 foreach ($levels as $level => $classname) { 2832 $name = context_helper::get_level_name($level); 2833 $this->assertNotEmpty($name); 2834 } 2835 2836 2837 // Test context::instance_by_id(), context_xxx::instance() methods. 2838 2839 $context = context::instance_by_id($frontpagecontext->id); 2840 $this->assertSame(CONTEXT_COURSE, $context->contextlevel); 2841 $this->assertFalse(context::instance_by_id(-1, IGNORE_MISSING)); 2842 try { 2843 context::instance_by_id(-1); 2844 $this->fail('exception expected'); 2845 } catch (moodle_exception $e) { 2846 $this->assertTrue(true); 2847 } 2848 $this->assertInstanceOf('context_system', context_system::instance()); 2849 $this->assertInstanceOf('context_coursecat', context_coursecat::instance($testcategories[0])); 2850 $this->assertInstanceOf('context_course', context_course::instance($testcourses[0])); 2851 $this->assertInstanceOf('context_module', context_module::instance($testpages[0])); 2852 $this->assertInstanceOf('context_block', context_block::instance($testblocks[0])); 2853 2854 $this->assertFalse(context_coursecat::instance(-1, IGNORE_MISSING)); 2855 $this->assertFalse(context_course::instance(-1, IGNORE_MISSING)); 2856 $this->assertFalse(context_module::instance(-1, IGNORE_MISSING)); 2857 $this->assertFalse(context_block::instance(-1, IGNORE_MISSING)); 2858 try { 2859 context_coursecat::instance(-1); 2860 $this->fail('exception expected'); 2861 } catch (moodle_exception $e) { 2862 $this->assertTrue(true); 2863 } 2864 try { 2865 context_course::instance(-1); 2866 $this->fail('exception expected'); 2867 } catch (moodle_exception $e) { 2868 $this->assertTrue(true); 2869 } 2870 try { 2871 context_module::instance(-1); 2872 $this->fail('exception expected'); 2873 } catch (moodle_exception $e) { 2874 $this->assertTrue(true); 2875 } 2876 try { 2877 context_block::instance(-1); 2878 $this->fail('exception expected'); 2879 } catch (moodle_exception $e) { 2880 $this->assertTrue(true); 2881 } 2882 2883 2884 // Test $context->get_url(), $context->get_context_name(), $context->get_capabilities() methods. 2885 2886 $testcontexts = array(); 2887 $testcontexts[CONTEXT_SYSTEM] = context_system::instance(); 2888 $testcontexts[CONTEXT_COURSECAT] = context_coursecat::instance($testcategories[0]); 2889 $testcontexts[CONTEXT_COURSE] = context_course::instance($testcourses[0]); 2890 $testcontexts[CONTEXT_MODULE] = context_module::instance($testpages[0]); 2891 $testcontexts[CONTEXT_BLOCK] = context_block::instance($testblocks[0]); 2892 2893 foreach ($testcontexts as $context) { 2894 $name = $context->get_context_name(true, true); 2895 $this->assertNotEmpty($name); 2896 2897 $this->assertInstanceOf('moodle_url', $context->get_url()); 2898 2899 $caps = $context->get_capabilities(); 2900 $this->assertTrue(is_array($caps)); 2901 foreach ($caps as $cap) { 2902 $cap = (array)$cap; 2903 $this->assertSame(array_keys($cap), array('id', 'name', 'captype', 'contextlevel', 'component', 'riskbitmask')); 2904 } 2905 } 2906 unset($testcontexts); 2907 2908 // Test $context->get_course_context() method. 2909 2910 $this->assertFalse($systemcontext->get_course_context(false)); 2911 try { 2912 $systemcontext->get_course_context(); 2913 $this->fail('exception expected'); 2914 } catch (moodle_exception $e) { 2915 $this->assertInstanceOf('coding_exception', $e); 2916 } 2917 $context = context_coursecat::instance($testcategories[0]); 2918 $this->assertFalse($context->get_course_context(false)); 2919 try { 2920 $context->get_course_context(); 2921 $this->fail('exception expected'); 2922 } catch (moodle_exception $e) { 2923 $this->assertInstanceOf('coding_exception', $e); 2924 } 2925 $this->assertEquals($frontpagecontext, $frontpagecontext->get_course_context(true)); 2926 $this->assertEquals($frontpagecontext, $frontpagepagecontext->get_course_context(true)); 2927 $this->assertEquals($frontpagecontext, $frontpagepageblockcontext->get_course_context(true)); 2928 2929 2930 // Test $context->get_parent_context(), $context->get_parent_contexts(), $context->get_parent_context_ids() methods. 2931 2932 $userid = reset($testusers); 2933 $usercontext = context_user::instance($userid); 2934 $this->assertEquals($systemcontext, $usercontext->get_parent_context()); 2935 $this->assertEquals(array($systemcontext->id=>$systemcontext), $usercontext->get_parent_contexts()); 2936 $this->assertEquals(array($usercontext->id=>$usercontext, $systemcontext->id=>$systemcontext), $usercontext->get_parent_contexts(true)); 2937 2938 $this->assertEquals(array(), $systemcontext->get_parent_contexts()); 2939 $this->assertEquals(array($systemcontext->id=>$systemcontext), $systemcontext->get_parent_contexts(true)); 2940 $this->assertEquals(array(), $systemcontext->get_parent_context_ids()); 2941 $this->assertEquals(array($systemcontext->id), $systemcontext->get_parent_context_ids(true)); 2942 $this->assertEquals(array(), $systemcontext->get_parent_context_paths()); 2943 $this->assertEquals(array($systemcontext->id => $systemcontext->path), $systemcontext->get_parent_context_paths(true)); 2944 2945 $this->assertEquals($systemcontext, $frontpagecontext->get_parent_context()); 2946 $this->assertEquals(array($systemcontext->id=>$systemcontext), $frontpagecontext->get_parent_contexts()); 2947 $this->assertEquals(array($frontpagecontext->id=>$frontpagecontext, $systemcontext->id=>$systemcontext), $frontpagecontext->get_parent_contexts(true)); 2948 $this->assertEquals(array($systemcontext->id), $frontpagecontext->get_parent_context_ids()); 2949 $this->assertEquals(array($frontpagecontext->id, $systemcontext->id), $frontpagecontext->get_parent_context_ids(true)); 2950 $this->assertEquals(array($systemcontext->id => $systemcontext->path), $frontpagecontext->get_parent_context_paths()); 2951 $expected = array($systemcontext->id => $systemcontext->path, $frontpagecontext->id => $frontpagecontext->path); 2952 $this->assertEquals($expected, $frontpagecontext->get_parent_context_paths(true)); 2953 2954 $this->assertFalse($systemcontext->get_parent_context()); 2955 $frontpagecontext = context_course::instance($SITE->id); 2956 $parent = $systemcontext; 2957 foreach ($testcategories as $catid) { 2958 $catcontext = context_coursecat::instance($catid); 2959 $this->assertEquals($parent, $catcontext->get_parent_context()); 2960 $parent = $catcontext; 2961 } 2962 $this->assertEquals($frontpagecontext, $frontpagepagecontext->get_parent_context()); 2963 $this->assertEquals($frontpagecontext, $frontpageblockcontext->get_parent_context()); 2964 $this->assertEquals($frontpagepagecontext, $frontpagepageblockcontext->get_parent_context()); 2965 2966 2967 // Test $context->get_child_contexts() method. 2968 2969 $children = $systemcontext->get_child_contexts(); 2970 $this->resetDebugging(); 2971 $this->assertEquals(count($children)+1, $DB->count_records('context')); 2972 2973 $context = context_coursecat::instance($testcategories[3]); 2974 $children = $context->get_child_contexts(); 2975 $countcats = 0; 2976 $countcourses = 0; 2977 $countblocks = 0; 2978 foreach ($children as $child) { 2979 if ($child->contextlevel == CONTEXT_COURSECAT) { 2980 $countcats++; 2981 } 2982 if ($child->contextlevel == CONTEXT_COURSE) { 2983 $countcourses++; 2984 } 2985 if ($child->contextlevel == CONTEXT_BLOCK) { 2986 $countblocks++; 2987 } 2988 } 2989 $this->assertCount(8, $children); 2990 $this->assertEquals(1, $countcats); 2991 $this->assertEquals(6, $countcourses); 2992 $this->assertEquals(1, $countblocks); 2993 2994 $context = context_course::instance($testcourses[2]); 2995 $children = $context->get_child_contexts(); 2996 2997 $context = context_module::instance($testpages[3]); 2998 $children = $context->get_child_contexts(); 2999 $this->assertCount(1, $children); 3000 3001 $context = context_block::instance($testblocks[1]); 3002 $children = $context->get_child_contexts(); 3003 $this->assertCount(0, $children); 3004 3005 unset($children); 3006 unset($countcats); 3007 unset($countcourses); 3008 unset($countblocks); 3009 3010 3011 // Test context_helper::reset_caches() method. 3012 3013 context_helper::reset_caches(); 3014 $this->assertEquals(0, context_inspection::test_context_cache_size()); 3015 context_course::instance($SITE->id); 3016 $this->assertEquals(1, context_inspection::test_context_cache_size()); 3017 3018 3019 // Test context preloading. 3020 3021 context_helper::reset_caches(); 3022 $sql = "SELECT ".context_helper::get_preload_record_columns_sql('c')." 3023 FROM {context} c 3024 WHERE c.contextlevel <> ".CONTEXT_SYSTEM; 3025 $records = $DB->get_records_sql($sql); 3026 $firstrecord = reset($records); 3027 $columns = context_helper::get_preload_record_columns('c'); 3028 $firstrecord = (array)$firstrecord; 3029 $this->assertSame(array_keys($firstrecord), array_values($columns)); 3030 context_helper::reset_caches(); 3031 foreach ($records as $record) { 3032 context_helper::preload_from_record($record); 3033 $this->assertEquals(new stdClass(), $record); 3034 } 3035 $this->assertEquals(count($records), context_inspection::test_context_cache_size()); 3036 unset($records); 3037 unset($columns); 3038 3039 context_helper::reset_caches(); 3040 context_helper::preload_course($SITE->id); 3041 $numfrontpagemodules = $DB->count_records('course_modules', array('course' => $SITE->id)); 3042 $this->assertEquals(3 + $numfrontpagemodules, context_inspection::test_context_cache_size()); // Depends on number of default blocks. 3043 3044 // Test assign_capability(), unassign_capability() functions. 3045 3046 $rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups')); 3047 $this->assertFalse($rc); 3048 assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $allroles['teacher'], $frontpagecontext->id); 3049 $rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups')); 3050 $this->assertEquals(CAP_ALLOW, $rc->permission); 3051 assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $allroles['teacher'], $frontpagecontext->id); 3052 $rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups')); 3053 $this->assertEquals(CAP_ALLOW, $rc->permission); 3054 assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $allroles['teacher'], $frontpagecontext, true); 3055 $rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups')); 3056 $this->assertEquals(CAP_PREVENT, $rc->permission); 3057 3058 assign_capability('moodle/site:accessallgroups', CAP_INHERIT, $allroles['teacher'], $frontpagecontext); 3059 $rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups')); 3060 $this->assertFalse($rc); 3061 assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $allroles['teacher'], $frontpagecontext); 3062 unassign_capability('moodle/site:accessallgroups', $allroles['teacher'], $frontpagecontext, true); 3063 $rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups')); 3064 $this->assertFalse($rc); 3065 unassign_capability('moodle/site:accessallgroups', $allroles['teacher'], $frontpagecontext->id, true); 3066 unset($rc); 3067 3068 accesslib_clear_all_caches_for_unit_testing(); // Must be done after assign_capability(). 3069 3070 3071 // Test role_assign(), role_unassign(), role_unassign_all() functions. 3072 3073 $context = context_course::instance($testcourses[1]); 3074 $this->assertEquals(0, $DB->count_records('role_assignments', array('contextid'=>$context->id))); 3075 role_assign($allroles['teacher'], $testusers[1], $context->id); 3076 role_assign($allroles['teacher'], $testusers[2], $context->id); 3077 role_assign($allroles['manager'], $testusers[1], $context->id); 3078 $this->assertEquals(3, $DB->count_records('role_assignments', array('contextid'=>$context->id))); 3079 role_unassign($allroles['teacher'], $testusers[1], $context->id); 3080 $this->assertEquals(2, $DB->count_records('role_assignments', array('contextid'=>$context->id))); 3081 role_unassign_all(array('contextid'=>$context->id)); 3082 $this->assertEquals(0, $DB->count_records('role_assignments', array('contextid'=>$context->id))); 3083 unset($context); 3084 3085 accesslib_clear_all_caches_for_unit_testing(); // Just in case. 3086 3087 3088 // Test has_capability(), get_users_by_capability(), role_switch(), reload_all_capabilities() and friends functions. 3089 3090 $adminid = get_admin()->id; 3091 $guestid = $CFG->siteguest; 3092 3093 // Enrol some users into some courses. 3094 $course1 = $DB->get_record('course', array('id'=>$testcourses[22]), '*', MUST_EXIST); 3095 $course2 = $DB->get_record('course', array('id'=>$testcourses[7]), '*', MUST_EXIST); 3096 $cms = $DB->get_records('course_modules', array('course'=>$course1->id), 'id'); 3097 $cm1 = reset($cms); 3098 $blocks = $DB->get_records('block_instances', array('parentcontextid'=>context_module::instance($cm1->id)->id), 'id'); 3099 $block1 = reset($blocks); 3100 $instance1 = $DB->get_record('enrol', array('enrol'=>'manual', 'courseid'=>$course1->id)); 3101 $instance2 = $DB->get_record('enrol', array('enrol'=>'manual', 'courseid'=>$course2->id)); 3102 for ($i=0; $i<9; $i++) { 3103 $manualenrol->enrol_user($instance1, $testusers[$i], $allroles['student']); 3104 } 3105 $manualenrol->enrol_user($instance1, $testusers[8], $allroles['teacher']); 3106 $manualenrol->enrol_user($instance1, $testusers[9], $allroles['editingteacher']); 3107 3108 for ($i=10; $i<15; $i++) { 3109 $manualenrol->enrol_user($instance2, $testusers[$i], $allroles['student']); 3110 } 3111 $manualenrol->enrol_user($instance2, $testusers[15], $allroles['editingteacher']); 3112 3113 // Add tons of role assignments - the more the better. 3114 role_assign($allroles['coursecreator'], $testusers[11], context_coursecat::instance($testcategories[2])); 3115 role_assign($allroles['manager'], $testusers[12], context_coursecat::instance($testcategories[1])); 3116 role_assign($allroles['student'], $testusers[9], context_module::instance($cm1->id)); 3117 role_assign($allroles['teacher'], $testusers[8], context_module::instance($cm1->id)); 3118 role_assign($allroles['guest'], $testusers[13], context_course::instance($course1->id)); 3119 role_assign($allroles['teacher'], $testusers[7], context_block::instance($block1->id)); 3120 role_assign($allroles['manager'], $testusers[9], context_block::instance($block1->id)); 3121 role_assign($allroles['editingteacher'], $testusers[9], context_course::instance($course1->id)); 3122 3123 role_assign($allroles['teacher'], $adminid, context_course::instance($course1->id)); 3124 role_assign($allroles['editingteacher'], $adminid, context_block::instance($block1->id)); 3125 3126 // Add tons of overrides - the more the better. 3127 assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultuserroleid, $frontpageblockcontext, true); 3128 assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpageblockcontext, true); 3129 assign_capability('moodle/block:view', CAP_PROHIBIT, $allroles['guest'], $frontpageblockcontext, true); 3130 assign_capability('block/online_users:viewlist', CAP_PREVENT, $allroles['user'], $frontpageblockcontext, true); 3131 assign_capability('block/online_users:viewlist', CAP_PREVENT, $allroles['student'], $frontpageblockcontext, true); 3132 3133 assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $CFG->defaultuserroleid, $frontpagepagecontext, true); 3134 assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpagepagecontext, true); 3135 assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $frontpagepagecontext, true); 3136 assign_capability('mod/page:view', CAP_ALLOW, $allroles['user'], $frontpagepagecontext, true); 3137 assign_capability('mod/page:view', CAP_ALLOW, $allroles['student'], $frontpagepagecontext, true); 3138 3139 assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultuserroleid, $frontpagecontext, true); 3140 assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpagecontext, true); 3141 assign_capability('mod/page:view', CAP_ALLOW, $allroles['guest'], $frontpagecontext, true); 3142 assign_capability('mod/page:view', CAP_PROHIBIT, $allroles['user'], $frontpagecontext, true); 3143 3144 assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $systemcontext, true); 3145 3146 // Prepare for prohibit test. 3147 role_assign($allroles['editingteacher'], $testusers[19], context_system::instance()); 3148 role_assign($allroles['teacher'], $testusers[19], context_course::instance($testcourses[17])); 3149 role_assign($allroles['editingteacher'], $testusers[19], context_course::instance($testcourses[17])); 3150 assign_capability('moodle/course:update', CAP_PROHIBIT, $allroles['teacher'], context_course::instance($testcourses[17]), true); 3151 3152 accesslib_clear_all_caches_for_unit_testing(); /// Must be done after assign_capability(). 3153 3154 // Extra tests for guests and not-logged-in users because they can not be verified by cross checking 3155 // with get_users_by_capability() where they are ignored. 3156 $this->assertFalse(has_capability('moodle/block:view', $frontpageblockcontext, $guestid)); 3157 $this->assertFalse(has_capability('mod/page:view', $frontpagepagecontext, $guestid)); 3158 $this->assertTrue(has_capability('mod/page:view', $frontpagecontext, $guestid)); 3159 $this->assertFalse(has_capability('mod/page:view', $systemcontext, $guestid)); 3160 3161 $this->assertFalse(has_capability('moodle/block:view', $frontpageblockcontext, 0)); 3162 $this->assertFalse(has_capability('mod/page:view', $frontpagepagecontext, 0)); 3163 $this->assertTrue(has_capability('mod/page:view', $frontpagecontext, 0)); 3164 $this->assertFalse(has_capability('mod/page:view', $systemcontext, 0)); 3165 3166 $this->assertFalse(has_capability('moodle/course:create', $systemcontext, $testusers[11])); 3167 $this->assertTrue(has_capability('moodle/course:create', context_coursecat::instance($testcategories[2]), $testusers[11])); 3168 $this->assertFalse(has_capability('moodle/course:create', context_course::instance($testcourses[1]), $testusers[11])); 3169 $this->assertTrue(has_capability('moodle/course:create', context_course::instance($testcourses[19]), $testusers[11])); 3170 3171 $this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[1]), $testusers[9])); 3172 $this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[19]), $testusers[9])); 3173 $this->assertFalse(has_capability('moodle/course:update', $systemcontext, $testusers[9])); 3174 3175 // Test prohibits. 3176 $this->assertTrue(has_capability('moodle/course:update', context_system::instance(), $testusers[19])); 3177 $ids = get_users_by_capability(context_system::instance(), 'moodle/course:update', 'u.id'); 3178 $this->assertArrayHasKey($testusers[19], $ids); 3179 $this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[17]), $testusers[19])); 3180 $ids = get_users_by_capability(context_course::instance($testcourses[17]), 'moodle/course:update', 'u.id'); 3181 $this->assertArrayNotHasKey($testusers[19], $ids); 3182 3183 // Test the list of enrolled users. 3184 $coursecontext = context_course::instance($course1->id); 3185 $enrolled = get_enrolled_users($coursecontext); 3186 $this->assertCount(10, $enrolled); 3187 for ($i=0; $i<10; $i++) { 3188 $this->assertTrue(isset($enrolled[$testusers[$i]])); 3189 } 3190 $enrolled = get_enrolled_users($coursecontext, 'moodle/course:update'); 3191 $this->assertCount(1, $enrolled); 3192 $this->assertTrue(isset($enrolled[$testusers[9]])); 3193 unset($enrolled); 3194 3195 // Role switching. 3196 $userid = $testusers[9]; 3197 $USER = $DB->get_record('user', array('id'=>$userid)); 3198 load_all_capabilities(); 3199 $coursecontext = context_course::instance($course1->id); 3200 $this->assertTrue(has_capability('moodle/course:update', $coursecontext)); 3201 $this->assertFalse(is_role_switched($course1->id)); 3202 role_switch($allroles['student'], $coursecontext); 3203 $this->assertTrue(is_role_switched($course1->id)); 3204 $this->assertEquals($allroles['student'], $USER->access['rsw'][$coursecontext->path]); 3205 $this->assertFalse(has_capability('moodle/course:update', $coursecontext)); 3206 reload_all_capabilities(); 3207 $this->assertFalse(has_capability('moodle/course:update', $coursecontext)); 3208 role_switch(0, $coursecontext); 3209 $this->assertTrue(has_capability('moodle/course:update', $coursecontext)); 3210 $userid = $adminid; 3211 $USER = $DB->get_record('user', array('id'=>$userid)); 3212 load_all_capabilities(); 3213 $coursecontext = context_course::instance($course1->id); 3214 $blockcontext = context_block::instance($block1->id); 3215 $this->assertTrue(has_capability('moodle/course:update', $blockcontext)); 3216 role_switch($allroles['student'], $coursecontext); 3217 $this->assertEquals($allroles['student'], $USER->access['rsw'][$coursecontext->path]); 3218 $this->assertFalse(has_capability('moodle/course:update', $blockcontext)); 3219 reload_all_capabilities(); 3220 $this->assertFalse(has_capability('moodle/course:update', $blockcontext)); 3221 load_all_capabilities(); 3222 $this->assertTrue(has_capability('moodle/course:update', $blockcontext)); 3223 3224 // Temp course role for enrol. 3225 $DB->delete_records('cache_flags', array()); // This prevents problem with dirty contexts immediately resetting the temp role - this is a known problem... 3226 $userid = $testusers[5]; 3227 $roleid = $allroles['editingteacher']; 3228 $USER = $DB->get_record('user', array('id'=>$userid)); 3229 load_all_capabilities(); 3230 $coursecontext = context_course::instance($course1->id); 3231 $this->assertFalse(has_capability('moodle/course:update', $coursecontext)); 3232 $this->assertFalse(isset($USER->access['ra'][$coursecontext->path][$roleid])); 3233 load_temp_course_role($coursecontext, $roleid); 3234 $this->assertEquals($USER->access['ra'][$coursecontext->path][$roleid], $roleid); 3235 $this->assertTrue(has_capability('moodle/course:update', $coursecontext)); 3236 remove_temp_course_roles($coursecontext); 3237 $this->assertFalse(has_capability('moodle/course:update', $coursecontext, $userid)); 3238 load_temp_course_role($coursecontext, $roleid); 3239 reload_all_capabilities(); 3240 $this->assertFalse(has_capability('moodle/course:update', $coursecontext, $userid)); 3241 $USER = new stdClass(); 3242 $USER->id = 0; 3243 3244 // Now cross check has_capability() with get_users_by_capability(), each using different code paths, 3245 // they have to be kept in sync, usually only one of them breaks, so we know when something is wrong, 3246 // at the same time validate extra restrictions (guest read only no risks, admin exception, non existent and deleted users). 3247 $contexts = $DB->get_records('context', array(), 'id'); 3248 $contexts = array_values($contexts); 3249 $capabilities = $DB->get_records('capabilities', array(), 'id'); 3250 $capabilities = array_values($capabilities); 3251 $roles = array($allroles['guest'], $allroles['user'], $allroles['teacher'], $allroles['editingteacher'], $allroles['coursecreator'], $allroles['manager']); 3252 $userids = array_values($testusers); 3253 $userids[] = get_admin()->id; 3254 3255 if (!PHPUNIT_LONGTEST) { 3256 $contexts = array_slice($contexts, 0, 10); 3257 $capabilities = array_slice($capabilities, 0, 5); 3258 $userids = array_slice($userids, 0, 5); 3259 } 3260 3261 foreach ($userids as $userid) { // No guest or deleted. 3262 // Each user gets 0-10 random roles. 3263 $rcount = rand(0, 10); 3264 for ($j=0; $j<$rcount; $j++) { 3265 $roleid = $roles[rand(0, count($roles)-1)]; 3266 $contextid = $contexts[rand(0, count($contexts)-1)]->id; 3267 role_assign($roleid, $userid, $contextid); 3268 } 3269 } 3270 3271 $permissions = array(CAP_ALLOW, CAP_PREVENT, CAP_INHERIT, CAP_PREVENT); 3272 $maxoverrides = count($contexts)*10; 3273 for ($j=0; $j<$maxoverrides; $j++) { 3274 $roleid = $roles[rand(0, count($roles)-1)]; 3275 $contextid = $contexts[rand(0, count($contexts)-1)]->id; 3276 $permission = $permissions[rand(0, count($permissions)-1)]; 3277 $capname = $capabilities[rand(0, count($capabilities)-1)]->name; 3278 assign_capability($capname, $permission, $roleid, $contextid, true); 3279 } 3280 unset($permissions); 3281 unset($roles); 3282 3283 accesslib_clear_all_caches_for_unit_testing(); // must be done after assign_capability(). 3284 3285 // Test time - let's set up some real user, just in case the logic for USER affects the others... 3286 $USER = $DB->get_record('user', array('id'=>$testusers[3])); 3287 load_all_capabilities(); 3288 3289 $userids[] = $CFG->siteguest; 3290 $userids[] = 0; // Not-logged-in user. 3291 $userids[] = -1; // Non-existent user. 3292 3293 foreach ($contexts as $crecord) { 3294 $context = context::instance_by_id($crecord->id); 3295 if ($coursecontext = $context->get_course_context(false)) { 3296 $enrolled = get_enrolled_users($context); 3297 } else { 3298 $enrolled = array(); 3299 } 3300 foreach ($capabilities as $cap) { 3301 $allowed = get_users_by_capability($context, $cap->name, 'u.id, u.username'); 3302 if ($enrolled) { 3303 $enrolledwithcap = get_enrolled_users($context, $cap->name); 3304 } else { 3305 $enrolledwithcap = array(); 3306 } 3307 foreach ($userids as $userid) { 3308 if ($userid == 0 or isguestuser($userid)) { 3309 if ($userid == 0) { 3310 $CFG->forcelogin = true; 3311 $this->assertFalse(has_capability($cap->name, $context, $userid)); 3312 unset($CFG->forcelogin); 3313 } 3314 if (($cap->captype === 'write') or ($cap->riskbitmask & (RISK_XSS | RISK_CONFIG | RISK_DATALOSS))) { 3315 $this->assertFalse(has_capability($cap->name, $context, $userid)); 3316 } 3317 $this->assertFalse(isset($allowed[$userid])); 3318 } else { 3319 if (is_siteadmin($userid)) { 3320 $this->assertTrue(has_capability($cap->name, $context, $userid, true)); 3321 } 3322 $hascap = has_capability($cap->name, $context, $userid, false); 3323 $this->assertSame($hascap, isset($allowed[$userid]), "Capability result mismatch user:$userid, context:$context->id, $cap->name, hascap: ".(int)$hascap." "); 3324 if (isset($enrolled[$userid])) { 3325 $this->assertSame(isset($allowed[$userid]), isset($enrolledwithcap[$userid]), "Enrolment with capability result mismatch user:$userid, context:$context->id, $cap->name, hascap: ".(int)$hascap." "); 3326 } 3327 } 3328 } 3329 } 3330 } 3331 // Back to nobody. 3332 $USER = new stdClass(); 3333 $USER->id = 0; 3334 unset($contexts); 3335 unset($userids); 3336 unset($capabilities); 3337 3338 // Now let's do all the remaining tests that break our carefully prepared fake site. 3339 3340 3341 // Test $context->mark_dirty() method. 3342 3343 $DB->delete_records('cache_flags', array()); 3344 accesslib_clear_all_caches(false); 3345 $systemcontext->mark_dirty(); 3346 $dirty = get_cache_flags('accesslib/dirtycontexts', time()-2); 3347 $this->assertTrue(isset($dirty[$systemcontext->path])); 3348 $this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$systemcontext->path])); 3349 3350 3351 // Test $context->reload_if_dirty() method. 3352 3353 $DB->delete_records('cache_flags', array()); 3354 accesslib_clear_all_caches(false); 3355 load_all_capabilities(); 3356 $context = context_course::instance($testcourses[2]); 3357 $page = $DB->get_record('page', array('course'=>$testcourses[2])); 3358 $pagecm = get_coursemodule_from_instance('page', $page->id); 3359 $pagecontext = context_module::instance($pagecm->id); 3360 3361 $context->mark_dirty(); 3362 $this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$context->path])); 3363 $USER->access['test'] = true; 3364 $context->reload_if_dirty(); 3365 $this->assertFalse(isset($USER->access['test'])); 3366 3367 $context->mark_dirty(); 3368 $this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$context->path])); 3369 $USER->access['test'] = true; 3370 $pagecontext->reload_if_dirty(); 3371 $this->assertFalse(isset($USER->access['test'])); 3372 3373 3374 // Test context_helper::build_all_paths() method. 3375 3376 $oldcontexts = $DB->get_records('context', array(), 'id'); 3377 $DB->set_field_select('context', 'path', null, "contextlevel <> ".CONTEXT_SYSTEM); 3378 $DB->set_field_select('context', 'depth', 0, "contextlevel <> ".CONTEXT_SYSTEM); 3379 context_helper::build_all_paths(); 3380 $newcontexts = $DB->get_records('context', array(), 'id'); 3381 $this->assertEquals($oldcontexts, $newcontexts); 3382 unset($oldcontexts); 3383 unset($newcontexts); 3384 3385 3386 // Test $context->reset_paths() method. 3387 3388 $context = context_course::instance($testcourses[2]); 3389 $children = $context->get_child_contexts(); 3390 $context->reset_paths(false); 3391 $this->assertNull($DB->get_field('context', 'path', array('id'=>$context->id))); 3392 $this->assertEquals(0, $DB->get_field('context', 'depth', array('id'=>$context->id))); 3393 foreach ($children as $child) { 3394 $this->assertNull($DB->get_field('context', 'path', array('id'=>$child->id))); 3395 $this->assertEquals(0, $DB->get_field('context', 'depth', array('id'=>$child->id))); 3396 } 3397 $this->assertEquals(count($children)+1, $DB->count_records('context', array('depth'=>0))); 3398 $this->assertEquals(count($children)+1, $DB->count_records('context', array('path'=>null))); 3399 3400 $context = context_course::instance($testcourses[2]); 3401 $context->reset_paths(true); 3402 $context = context_course::instance($testcourses[2]); 3403 $this->assertSame($context->path, $DB->get_field('context', 'path', array('id'=>$context->id))); 3404 $this->assertSame($context->depth, $DB->get_field('context', 'depth', array('id'=>$context->id))); 3405 $this->assertEquals(0, $DB->count_records('context', array('depth'=>0))); 3406 $this->assertEquals(0, $DB->count_records('context', array('path'=>null))); 3407 3408 3409 // Test $context->update_moved() method. 3410 3411 accesslib_clear_all_caches(false); 3412 $DB->delete_records('cache_flags', array()); 3413 $course = $DB->get_record('course', array('id'=>$testcourses[0])); 3414 $context = context_course::instance($course->id); 3415 $oldpath = $context->path; 3416 $miscid = $DB->get_field_sql("SELECT MIN(id) FROM {course_categories}"); 3417 $categorycontext = context_coursecat::instance($miscid); 3418 $course->category = $miscid; 3419 $DB->update_record('course', $course); 3420 $context->update_moved($categorycontext); 3421 3422 $context = context_course::instance($course->id); 3423 $this->assertEquals($categorycontext, $context->get_parent_context()); 3424 $dirty = get_cache_flags('accesslib/dirtycontexts', time()-2); 3425 $this->assertFalse(isset($dirty[$oldpath])); 3426 $this->assertTrue(isset($dirty[$context->path])); 3427 3428 3429 // Test $context->delete_content() method. 3430 3431 context_helper::reset_caches(); 3432 $context = context_module::instance($testpages[3]); 3433 $this->assertTrue($DB->record_exists('context', array('id'=>$context->id))); 3434 $this->assertEquals(1, $DB->count_records('block_instances', array('parentcontextid'=>$context->id))); 3435 $context->delete_content(); 3436 $this->assertTrue($DB->record_exists('context', array('id'=>$context->id))); 3437 $this->assertEquals(0, $DB->count_records('block_instances', array('parentcontextid'=>$context->id))); 3438 3439 3440 // Test $context->delete() method. 3441 3442 context_helper::reset_caches(); 3443 $context = context_module::instance($testpages[4]); 3444 $this->assertTrue($DB->record_exists('context', array('id'=>$context->id))); 3445 $this->assertEquals(1, $DB->count_records('block_instances', array('parentcontextid'=>$context->id))); 3446 $bi = $DB->get_record('block_instances', array('parentcontextid'=>$context->id)); 3447 $bicontext = context_block::instance($bi->id); 3448 $DB->delete_records('cache_flags', array()); 3449 $context->delete(); // Should delete also linked blocks. 3450 $dirty = get_cache_flags('accesslib/dirtycontexts', time()-2); 3451 $this->assertFalse(isset($dirty[$context->path])); 3452 $this->assertFalse($DB->record_exists('context', array('id'=>$context->id))); 3453 $this->assertFalse($DB->record_exists('context', array('id'=>$bicontext->id))); 3454 $this->assertFalse($DB->record_exists('context', array('contextlevel'=>CONTEXT_MODULE, 'instanceid'=>$testpages[4]))); 3455 $this->assertFalse($DB->record_exists('context', array('contextlevel'=>CONTEXT_BLOCK, 'instanceid'=>$bi->id))); 3456 $this->assertEquals(0, $DB->count_records('block_instances', array('parentcontextid'=>$context->id))); 3457 context_module::instance($testpages[4]); 3458 3459 3460 // Test context_helper::delete_instance() method. 3461 3462 context_helper::reset_caches(); 3463 $lastcourse = array_pop($testcourses); 3464 $this->assertTrue($DB->record_exists('context', array('contextlevel'=>CONTEXT_COURSE, 'instanceid'=>$lastcourse))); 3465 $coursecontext = context_course::instance($lastcourse); 3466 $this->assertEquals(1, context_inspection::test_context_cache_size()); 3467 $this->assertNotEquals(CONTEXT_COURSE, $coursecontext->instanceid); 3468 $DB->delete_records('cache_flags', array()); 3469 context_helper::delete_instance(CONTEXT_COURSE, $lastcourse); 3470 $dirty = get_cache_flags('accesslib/dirtycontexts', time()-2); 3471 $this->assertFalse(isset($dirty[$coursecontext->path])); 3472 $this->assertEquals(0, context_inspection::test_context_cache_size()); 3473 $this->assertFalse($DB->record_exists('context', array('contextlevel'=>CONTEXT_COURSE, 'instanceid'=>$lastcourse))); 3474 context_course::instance($lastcourse); 3475 3476 3477 // Test context_helper::create_instances() method. 3478 3479 $prevcount = $DB->count_records('context'); 3480 $DB->delete_records('context', array('contextlevel'=>CONTEXT_BLOCK)); 3481 context_helper::create_instances(null, true); 3482 $this->assertSame($DB->count_records('context'), $prevcount); 3483 $this->assertEquals(0, $DB->count_records('context', array('depth'=>0))); 3484 $this->assertEquals(0, $DB->count_records('context', array('path'=>null))); 3485 3486 $DB->delete_records('context', array('contextlevel'=>CONTEXT_BLOCK)); 3487 $DB->delete_records('block_instances', array()); 3488 $prevcount = $DB->count_records('context'); 3489 $DB->delete_records_select('context', 'contextlevel <> '.CONTEXT_SYSTEM); 3490 context_helper::create_instances(null, true); 3491 $this->assertSame($prevcount, $DB->count_records('context')); 3492 $this->assertEquals(0, $DB->count_records('context', array('depth'=>0))); 3493 $this->assertEquals(0, $DB->count_records('context', array('path'=>null))); 3494 3495 // Test context_helper::cleanup_instances() method. 3496 3497 $lastcourse = $DB->get_field_sql("SELECT MAX(id) FROM {course}"); 3498 $DB->delete_records('course', array('id'=>$lastcourse)); 3499 $lastcategory = $DB->get_field_sql("SELECT MAX(id) FROM {course_categories}"); 3500 $DB->delete_records('course_categories', array('id'=>$lastcategory)); 3501 $lastuser = $DB->get_field_sql("SELECT MAX(id) FROM {user} WHERE deleted=0"); 3502 $DB->delete_records('user', array('id'=>$lastuser)); 3503 $DB->delete_records('block_instances', array('parentcontextid'=>$frontpagepagecontext->id)); 3504 $DB->delete_records('course_modules', array('id'=>$frontpagepagecontext->instanceid)); 3505 context_helper::cleanup_instances(); 3506 $count = 1; // System. 3507 $count += $DB->count_records('user', array('deleted'=>0)); 3508 $count += $DB->count_records('course_categories'); 3509 $count += $DB->count_records('course'); 3510 $count += $DB->count_records('course_modules'); 3511 $count += $DB->count_records('block_instances'); 3512 $this->assertEquals($count, $DB->count_records('context')); 3513 3514 3515 // Test context cache size restrictions. 3516 3517 $testusers= array(); 3518 for ($i=0; $i<CONTEXT_CACHE_MAX_SIZE + 100; $i++) { 3519 $user = $generator->create_user(); 3520 $testusers[$i] = $user->id; 3521 } 3522 context_helper::create_instances(null, true); 3523 context_helper::reset_caches(); 3524 for ($i=0; $i<CONTEXT_CACHE_MAX_SIZE + 100; $i++) { 3525 context_user::instance($testusers[$i]); 3526 if ($i == CONTEXT_CACHE_MAX_SIZE - 1) { 3527 $this->assertEquals(CONTEXT_CACHE_MAX_SIZE, context_inspection::test_context_cache_size()); 3528 } else if ($i == CONTEXT_CACHE_MAX_SIZE) { 3529 // Once the limit is reached roughly 1/3 of records should be removed from cache. 3530 $this->assertEquals((int)ceil(CONTEXT_CACHE_MAX_SIZE * (2/3) + 101), context_inspection::test_context_cache_size()); 3531 } 3532 } 3533 // We keep the first 100 cached. 3534 $prevsize = context_inspection::test_context_cache_size(); 3535 for ($i=0; $i<100; $i++) { 3536 context_user::instance($testusers[$i]); 3537 $this->assertEquals($prevsize, context_inspection::test_context_cache_size()); 3538 } 3539 context_user::instance($testusers[102]); 3540 $this->assertEquals($prevsize+1, context_inspection::test_context_cache_size()); 3541 unset($testusers); 3542 3543 3544 3545 // Test basic test of legacy functions. 3546 // Note: watch out, the fake site might be pretty borked already. 3547 3548 $this->assertEquals(get_system_context(), context_system::instance()); 3549 $this->assertDebuggingCalled('get_system_context() is deprecated, please use context_system::instance() instead.', DEBUG_DEVELOPER); 3550 3551 foreach ($DB->get_records('context') as $contextid => $record) { 3552 $context = context::instance_by_id($contextid); 3553 $this->assertEquals($context, get_context_instance($record->contextlevel, $record->instanceid)); 3554 $this->assertDebuggingCalled('get_context_instance() is deprecated, please use context_xxxx::instance() instead.', DEBUG_DEVELOPER); 3555 } 3556 3557 // Make sure a debugging is thrown. 3558 get_context_instance($record->contextlevel, $record->instanceid); 3559 $this->assertDebuggingCalled('get_context_instance() is deprecated, please use context_xxxx::instance() instead.', DEBUG_DEVELOPER); 3560 get_system_context(); 3561 $this->assertDebuggingCalled('get_system_context() is deprecated, please use context_system::instance() instead.', DEBUG_DEVELOPER); 3562 } 3563 3564 /** 3565 * Helper that verifies a list of capabilities, as returned by 3566 * $context->get_capabilities() contains certain capabilities. 3567 * 3568 * @param array $expected a list of capability names 3569 * @param array $actual a list of capability info from $context->get_capabilities(). 3570 */ 3571 protected function assert_capability_list_contains($expected, $actual) { 3572 $actualnames = []; 3573 foreach ($actual as $cap) { 3574 $actualnames[] = $cap->name; 3575 } 3576 // Verify each expected element exists. 3577 foreach ($expected as $key => $value) { 3578 $this->assertContains($value, $actualnames); 3579 } 3580 } 3581 3582 /** 3583 * Test that context_system::get_capabilities returns capabilities relevant to all modules. 3584 */ 3585 public function test_context_module_caps_returned_by_get_capabilities_in_sys_context() { 3586 $actual = context_system::instance()->get_capabilities(); 3587 3588 // Just test a few representative capabilities. 3589 $expectedcapabilities = ['moodle/site:accessallgroups', 'moodle/site:viewfullnames', 3590 'repository/upload:view', 'atto/recordrtc:recordaudio']; 3591 3592 $this->assert_capability_list_contains($expectedcapabilities, $actual); 3593 } 3594 3595 /** 3596 * Test that context_coursecat::get_capabilities returns capabilities relevant to all modules. 3597 */ 3598 public function test_context_module_caps_returned_by_get_capabilities_in_course_cat_context() { 3599 $this->resetAfterTest(true); 3600 $generator = $this->getDataGenerator(); 3601 $cat = $generator->create_category(); 3602 3603 $actual = context_coursecat::instance($cat->id)->get_capabilities(); 3604 3605 // Just test a few representative capabilities. 3606 $expectedcapabilities = ['moodle/site:accessallgroups', 'moodle/site:viewfullnames', 3607 'repository/upload:view', 'atto/recordrtc:recordaudio']; 3608 3609 $this->assert_capability_list_contains($expectedcapabilities, $actual); 3610 } 3611 3612 /** 3613 * Test that context_course::get_capabilities returns capabilities relevant to all modules. 3614 */ 3615 public function test_context_module_caps_returned_by_get_capabilities_in_course_context() { 3616 $this->resetAfterTest(true); 3617 $generator = $this->getDataGenerator(); 3618 $cat = $generator->create_category(); 3619 $course = $generator->create_course(['category' => $cat->id]); 3620 3621 $actual = context_course::instance($course->id)->get_capabilities(); 3622 3623 // Just test a few representative capabilities. 3624 $expectedcapabilities = ['moodle/site:accessallgroups', 'moodle/site:viewfullnames', 3625 'repository/upload:view', 'atto/recordrtc:recordaudio']; 3626 3627 $this->assert_capability_list_contains($expectedcapabilities, $actual); 3628 } 3629 3630 /** 3631 * Test that context_module::get_capabilities returns capabilities relevant to all modules. 3632 */ 3633 public function test_context_module_caps_returned_by_get_capabilities_mod_context() { 3634 $this->resetAfterTest(true); 3635 $generator = $this->getDataGenerator(); 3636 $cat = $generator->create_category(); 3637 $course = $generator->create_course(['category' => $cat->id]); 3638 $page = $generator->create_module('page', ['course' => $course->id]); 3639 3640 $actual = context_module::instance($page->cmid)->get_capabilities(); 3641 3642 // Just test a few representative capabilities. 3643 $expectedcapabilities = ['moodle/site:accessallgroups', 'moodle/site:viewfullnames', 3644 'repository/upload:view', 'atto/recordrtc:recordaudio']; 3645 3646 $this->assert_capability_list_contains($expectedcapabilities, $actual); 3647 } 3648 3649 /** 3650 * Test that {@see context_block::get_capabilities} returns capabilities relevant to blocks 3651 */ 3652 public function test_context_block_caps_returned_by_get_capabilities_block_context(): void { 3653 $this->resetAfterTest(); 3654 3655 $course = $this->getDataGenerator()->create_course(); 3656 $block = $this->getDataGenerator()->create_block('online_users', [ 3657 'parentcontextid' => context_course::instance($course->id)->id, 3658 ]); 3659 3660 $capabilities = context_block::instance($block->id)->get_capabilities(); 3661 3662 // Just test a few representative capabilities. 3663 $expected = ['block/online_users:addinstance', 'moodle/block:edit', 'moodle/block:view']; 3664 $this->assert_capability_list_contains($expected, $capabilities); 3665 3666 // Now test with different sorting. 3667 $capabilitiesbyname = context_block::instance($block->id)->get_capabilities('riskbitmask'); 3668 3669 $capabilitynames = array_column($capabilities, 'name'); 3670 $capabilitynamesordered = array_column($capabilitiesbyname, 'name'); 3671 3672 // Each array should contain the same data, ordered differently. 3673 $this->assertEqualsCanonicalizing($capabilitynames, $capabilitynamesordered); 3674 $this->assertNotSame($capabilitynames, $capabilitynamesordered); 3675 } 3676 3677 /** 3678 * Test that {@see context_user::get_capabilities} returns capabilities relevant to users 3679 */ 3680 public function test_context_user_caps_returned_by_get_capabilities_user_context(): void { 3681 $this->resetAfterTest(); 3682 3683 $user = $this->getDataGenerator()->create_user(); 3684 $capabilities = context_user::instance($user->id)->get_capabilities(); 3685 3686 // Just test a few representative capabilities. 3687 $expected = ['moodle/user:editmessageprofile', 'moodle/user:editprofile', 'moodle/user:viewalldetails']; 3688 $this->assert_capability_list_contains($expected, $capabilities); 3689 3690 // Now test with different sorting. 3691 $capabilitiesbyname = context_user::instance($user->id)->get_capabilities('name'); 3692 3693 $capabilitynames = array_column($capabilities, 'name'); 3694 $capabilitynamesordered = array_column($capabilitiesbyname, 'name'); 3695 3696 // Each array should contain the same data, ordered differently. 3697 $this->assertEqualsCanonicalizing($capabilitynames, $capabilitynamesordered); 3698 $this->assertNotSame($capabilitynames, $capabilitynamesordered); 3699 } 3700 3701 /** 3702 * Test updating of role capabilities during upgrade 3703 */ 3704 public function test_update_capabilities() { 3705 global $DB, $SITE; 3706 3707 $this->resetAfterTest(true); 3708 3709 $froncontext = context_course::instance($SITE->id); 3710 $student = $DB->get_record('role', array('shortname'=>'student')); 3711 $teacher = $DB->get_record('role', array('shortname'=>'teacher')); 3712 3713 $existingcaps = $DB->get_records('capabilities', array(), 'id', 'name, captype, contextlevel, component, riskbitmask'); 3714 3715 $this->assertFalse(isset($existingcaps['moodle/site:restore'])); // Moved to new 'moodle/restore:restorecourse'. 3716 $this->assertTrue(isset($existingcaps['moodle/restore:restorecourse'])); // New cap from 'moodle/site:restore'. 3717 $this->assertTrue(isset($existingcaps['moodle/site:sendmessage'])); // New capability. 3718 $this->assertTrue(isset($existingcaps['moodle/backup:backupcourse'])); 3719 $this->assertTrue(isset($existingcaps['moodle/backup:backupsection'])); // Cloned from 'moodle/backup:backupcourse'. 3720 $this->assertTrue(isset($existingcaps['moodle/site:approvecourse'])); // Updated bitmask. 3721 $this->assertTrue(isset($existingcaps['moodle/course:manageactivities'])); 3722 $this->assertTrue(isset($existingcaps['mod/page:addinstance'])); // Cloned from core 'moodle/course:manageactivities'. 3723 3724 // Fake state before upgrade. 3725 $DB->set_field('capabilities', 'name', 'moodle/site:restore', array('name'=>'moodle/restore:restorecourse')); 3726 $DB->set_field('role_capabilities', 'capability', 'moodle/site:restore', array('capability'=>'moodle/restore:restorecourse')); 3727 assign_capability('moodle/site:restore', CAP_PROHIBIT, $teacher->id, $froncontext->id, true); 3728 $perms1 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/site:restore', 'roleid'=>$teacher->id), 'contextid, permission', 'contextid, permission')); 3729 3730 $DB->delete_records('role_capabilities', array('capability'=>'moodle/site:sendmessage')); 3731 $DB->delete_records('capabilities', array('name'=>'moodle/site:sendmessage')); 3732 3733 $DB->delete_records('role_capabilities', array('capability'=>'moodle/backup:backupsection')); 3734 $DB->delete_records('capabilities', array('name'=>'moodle/backup:backupsection')); 3735 assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $student->id, $froncontext->id, true); 3736 assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $teacher->id, $froncontext->id, true); 3737 3738 $DB->set_field('capabilities', 'riskbitmask', 0, array('name'=>'moodle/site:approvecourse')); 3739 3740 $DB->delete_records('role_capabilities', array('capability'=>'mod/page:addinstance')); 3741 $DB->delete_records('capabilities', array('name'=>'mod/page:addinstance')); 3742 assign_capability('moodle/course:manageactivities', CAP_PROHIBIT, $student->id, $froncontext->id, true); 3743 assign_capability('moodle/course:manageactivities', CAP_ALLOW, $teacher->id, $froncontext->id, true); 3744 3745 // Execute core. 3746 update_capabilities('moodle'); 3747 3748 // Only core should be upgraded. 3749 $caps = $DB->get_records('capabilities', array(), 'id', 'name, captype, contextlevel, component, riskbitmask'); 3750 3751 $this->assertFalse(isset($existingcaps['moodle/site:restore'])); 3752 $this->assertTrue(isset($caps['moodle/restore:restorecourse'])); 3753 $this->assertEquals($existingcaps['moodle/restore:restorecourse'], $caps['moodle/restore:restorecourse']); 3754 $perms2 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/restore:restorecourse', 'roleid'=>$teacher->id), 'contextid, permission', 'contextid, permission')); 3755 $this->assertEquals($perms1, $perms2); 3756 3757 $this->assertTrue(isset($caps['moodle/site:sendmessage'])); 3758 $this->assertEquals($existingcaps['moodle/site:sendmessage'], $caps['moodle/site:sendmessage']); 3759 3760 $this->assertTrue(isset($caps['moodle/backup:backupsection'])); 3761 $this->assertEquals($existingcaps['moodle/backup:backupsection'], $caps['moodle/backup:backupsection']); 3762 $roles = $DB->get_records_sql('SELECT DISTINCT roleid AS id FROM {role_capabilities} WHERE capability=? OR capability=?', array('moodle/backup:backupcourse', 'moodle/backup:backupsection')); 3763 foreach ($roles as $role) { 3764 $perms1 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/backup:backupcourse', 'roleid'=>$role->id), 'contextid, permission', 'contextid, permission')); 3765 $perms2 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/backup:backupsection', 'roleid'=>$role->id), 'contextid, permission', 'contextid, permission')); 3766 $this->assertEquals($perms1, $perms2); 3767 } 3768 3769 $this->assertTrue(isset($caps['moodle/site:approvecourse'])); 3770 $this->assertEquals($existingcaps['moodle/site:approvecourse'], $caps['moodle/site:approvecourse']); 3771 3772 $this->assertFalse(isset($caps['mod/page:addinstance'])); 3773 3774 // Execute plugin. 3775 update_capabilities('mod_page'); 3776 $caps = $DB->get_records('capabilities', array(), 'id', 'name, captype, contextlevel, component, riskbitmask'); 3777 $this->assertTrue(isset($caps['mod/page:addinstance'])); 3778 $roles = $DB->get_records_sql('SELECT DISTINCT roleid AS id FROM {role_capabilities} WHERE capability=? OR capability=?', array('moodle/course:manageactivities', 'mod/page:addinstance')); 3779 foreach ($roles as $role) { 3780 $perms1 = array_values($DB->get_records('role_capabilities', array('capability'=>'moodle/course:manageactivities', 'roleid'=>$role->id), 'contextid, permission', 'contextid, permission')); 3781 $perms2 = array_values($DB->get_records('role_capabilities', array('capability'=>'mod/page:addinstance', 'roleid'=>$role->id), 'contextid, permission', 'contextid, permission')); 3782 } 3783 $this->assertEquals($perms1, $perms2); 3784 } 3785 3786 /** 3787 * Tests reset_role_capabilities function. 3788 */ 3789 public function test_reset_role_capabilities() { 3790 global $DB; 3791 $this->resetAfterTest(true); 3792 $generator = $this->getDataGenerator(); 3793 3794 // Create test course and user, enrol one in the other. 3795 $course = $generator->create_course(); 3796 $user = $generator->create_user(); 3797 $roleid = $DB->get_field('role', 'id', array('shortname' => 'student'), MUST_EXIST); 3798 $generator->enrol_user($user->id, $course->id, $roleid); 3799 3800 // Change student role so it DOES have 'mod/forum:addinstance'. 3801 $systemcontext = context_system::instance(); 3802 assign_capability('mod/forum:addinstance', CAP_ALLOW, $roleid, $systemcontext->id); 3803 3804 // Override course so it does NOT allow students 'mod/forum:viewdiscussion'. 3805 $coursecontext = context_course::instance($course->id); 3806 assign_capability('mod/forum:viewdiscussion', CAP_PREVENT, $roleid, $coursecontext->id); 3807 3808 // Check expected capabilities so far. 3809 $this->assertTrue(has_capability('mod/forum:addinstance', $coursecontext, $user)); 3810 $this->assertFalse(has_capability('mod/forum:viewdiscussion', $coursecontext, $user)); 3811 3812 // Oops, allowing student to add forums was a mistake, let's reset the role. 3813 reset_role_capabilities($roleid); 3814 3815 // Check new expected capabilities - role capabilities should have been reset, 3816 // while the override at course level should remain. 3817 $this->assertFalse(has_capability('mod/forum:addinstance', $coursecontext, $user)); 3818 $this->assertFalse(has_capability('mod/forum:viewdiscussion', $coursecontext, $user)); 3819 } 3820 3821 /** 3822 * Tests count_role_users function. 3823 */ 3824 public function test_count_role_users() { 3825 global $DB; 3826 $this->resetAfterTest(true); 3827 $generator = self::getDataGenerator(); 3828 // Create a course in a category, and some users. 3829 $category = $generator->create_category(); 3830 $course = $generator->create_course(array('category' => $category->id)); 3831 $user1 = $generator->create_user(); 3832 $user2 = $generator->create_user(); 3833 $user3 = $generator->create_user(); 3834 $user4 = $generator->create_user(); 3835 $user5 = $generator->create_user(); 3836 $roleid1 = $DB->get_field('role', 'id', array('shortname' => 'manager'), MUST_EXIST); 3837 $roleid2 = $DB->get_field('role', 'id', array('shortname' => 'coursecreator'), MUST_EXIST); 3838 // Enrol two users as managers onto the course, and 1 onto the category. 3839 $generator->enrol_user($user1->id, $course->id, $roleid1); 3840 $generator->enrol_user($user2->id, $course->id, $roleid1); 3841 $generator->role_assign($roleid1, $user3->id, context_coursecat::instance($category->id)); 3842 // Enrol 1 user as a coursecreator onto the course, and another onto the category. 3843 // This is to ensure we do not count users with roles that are not specified. 3844 $generator->enrol_user($user4->id, $course->id, $roleid2); 3845 $generator->role_assign($roleid2, $user5->id, context_coursecat::instance($category->id)); 3846 // Check that the correct users are found on the course. 3847 $this->assertEquals(2, count_role_users($roleid1, context_course::instance($course->id), false)); 3848 $this->assertEquals(3, count_role_users($roleid1, context_course::instance($course->id), true)); 3849 // Check for the category. 3850 $this->assertEquals(1, count_role_users($roleid1, context_coursecat::instance($category->id), false)); 3851 $this->assertEquals(1, count_role_users($roleid1, context_coursecat::instance($category->id), true)); 3852 // Have a user with the same role at both the category and course level. 3853 $generator->role_assign($roleid1, $user1->id, context_coursecat::instance($category->id)); 3854 // The course level checks should remain the same. 3855 $this->assertEquals(2, count_role_users($roleid1, context_course::instance($course->id), false)); 3856 $this->assertEquals(3, count_role_users($roleid1, context_course::instance($course->id), true)); 3857 } 3858 3859 /** 3860 * Test fetching users by capability. 3861 */ 3862 public function test_get_users_by_capability() { 3863 global $DB; 3864 3865 $this->resetAfterTest(); 3866 3867 $course = $this->getDataGenerator()->create_course(); 3868 $coursecontext = context_course::instance($course->id); 3869 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 3870 $teacher = $this->getDataGenerator()->create_user(); 3871 $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 3872 $student = $this->getDataGenerator()->create_user(); 3873 $guest = $DB->get_record('user', array('username' => 'guest')); 3874 3875 role_assign($teacherrole->id, $teacher->id, $coursecontext); 3876 role_assign($studentrole->id, $student->id, $coursecontext); 3877 $admin = $DB->get_record('user', array('username' => 'admin')); 3878 3879 // Note: Here are used default capabilities, the full test is in permission evaluation below, 3880 // use two capabilities that teacher has and one does not, none of them should be allowed for not-logged-in user. 3881 $this->assertTrue($DB->record_exists('capabilities', array('name' => 'moodle/backup:backupcourse'))); 3882 $this->assertTrue($DB->record_exists('capabilities', array('name' => 'moodle/site:approvecourse'))); 3883 3884 $users = get_users_by_capability($coursecontext, 'moodle/backup:backupcourse'); 3885 3886 $this->assertTrue(array_key_exists($teacher->id, $users)); 3887 $this->assertFalse(array_key_exists($admin->id, $users)); 3888 $this->assertFalse(array_key_exists($student->id, $users)); 3889 $this->assertFalse(array_key_exists($guest->id, $users)); 3890 3891 $users = get_users_by_capability($coursecontext, 'moodle/site:approvecourse'); 3892 3893 $this->assertFalse(array_key_exists($teacher->id, $users)); 3894 $this->assertFalse(array_key_exists($admin->id, $users)); 3895 $this->assertFalse(array_key_exists($student->id, $users)); 3896 $this->assertFalse(array_key_exists($guest->id, $users)); 3897 3898 // Test role override. 3899 assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $teacherrole->id, $coursecontext, true); 3900 assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $studentrole->id, $coursecontext, true); 3901 3902 $users = get_users_by_capability($coursecontext, 'moodle/backup:backupcourse'); 3903 3904 $this->assertFalse(array_key_exists($teacher->id, $users)); 3905 $this->assertFalse(array_key_exists($admin->id, $users)); 3906 $this->assertTrue(array_key_exists($student->id, $users)); 3907 $this->assertFalse(array_key_exists($guest->id, $users)); 3908 } 3909 3910 public function test_get_with_capability_sql() { 3911 global $DB; 3912 3913 $this->resetAfterTest(); 3914 3915 $course = $this->getDataGenerator()->create_course(); 3916 $coursecontext = context_course::instance($course->id); 3917 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 3918 $teacher = $this->getDataGenerator()->create_user(); 3919 $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 3920 $student = $this->getDataGenerator()->create_user(); 3921 $guest = $DB->get_record('user', array('username' => 'guest')); 3922 3923 role_assign($teacherrole->id, $teacher->id, $coursecontext); 3924 role_assign($studentrole->id, $student->id, $coursecontext); 3925 $admin = $DB->get_record('user', array('username' => 'admin')); 3926 3927 // Note: Here are used default capabilities, the full test is in permission evaluation below, 3928 // use two capabilities that teacher has and one does not, none of them should be allowed for not-logged-in user. 3929 $this->assertTrue($DB->record_exists('capabilities', array('name' => 'moodle/backup:backupcourse'))); 3930 $this->assertTrue($DB->record_exists('capabilities', array('name' => 'moodle/site:approvecourse'))); 3931 3932 list($sql, $params) = get_with_capability_sql($coursecontext, 'moodle/backup:backupcourse'); 3933 $users = $DB->get_records_sql($sql, $params); 3934 3935 $this->assertTrue(array_key_exists($teacher->id, $users)); 3936 $this->assertFalse(array_key_exists($admin->id, $users)); 3937 $this->assertFalse(array_key_exists($student->id, $users)); 3938 $this->assertFalse(array_key_exists($guest->id, $users)); 3939 3940 list($sql, $params) = get_with_capability_sql($coursecontext, 'moodle/site:approvecourse'); 3941 $users = $DB->get_records_sql($sql, $params); 3942 3943 $this->assertFalse(array_key_exists($teacher->id, $users)); 3944 $this->assertFalse(array_key_exists($admin->id, $users)); 3945 $this->assertFalse(array_key_exists($student->id, $users)); 3946 $this->assertFalse(array_key_exists($guest->id, $users)); 3947 3948 // Test role override. 3949 assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $teacherrole->id, $coursecontext, true); 3950 assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $studentrole->id, $coursecontext, true); 3951 3952 list($sql, $params) = get_with_capability_sql($coursecontext, 'moodle/backup:backupcourse'); 3953 $users = $DB->get_records_sql($sql, $params); 3954 3955 $this->assertFalse(array_key_exists($teacher->id, $users)); 3956 $this->assertFalse(array_key_exists($admin->id, $users)); 3957 $this->assertTrue(array_key_exists($student->id, $users)); 3958 $this->assertFalse(array_key_exists($guest->id, $users)); 3959 } 3960 3961 3962 /** 3963 * Get the test cases for {@link test_get_with_capability_join_when_overrides_present()}. 3964 * 3965 * The particular capabilties used here do not really matter. What is important is 3966 * that they are capabilities which the Student roles has by default, but the 3967 * authenticated suser role does not. 3968 * 3969 * @return array 3970 */ 3971 public function get_get_with_capability_join_override_cases() { 3972 return [ 3973 'no overrides' => [true, []], 3974 'one override' => [true, ['moodle/course:viewscales']], 3975 'both overrides' => [false, ['moodle/course:viewscales', 'moodle/question:flag']], 3976 ]; 3977 } 3978 3979 /** 3980 * Test get_with_capability_join. 3981 * 3982 * @dataProvider get_get_with_capability_join_override_cases 3983 * 3984 * @param bool $studentshouldbereturned whether, with this combination of capabilities, the student should be in the results. 3985 * @param array $capabilitiestoprevent capabilities to override to prevent in the course context. 3986 */ 3987 public function test_get_with_capability_join_when_overrides_present( 3988 bool $studentshouldbereturned, array $capabilitiestoprevent) { 3989 global $DB; 3990 $this->resetAfterTest(); 3991 $generator = $this->getDataGenerator(); 3992 3993 // Create a course. 3994 $category = $generator->create_category(); 3995 $course = $generator->create_course(['category' => $category->id]); 3996 3997 // Create a user. 3998 $student = $generator->create_user(); 3999 $studentrole = $DB->get_record('role', ['shortname' => 'student'], '*', MUST_EXIST); 4000 $generator->enrol_user($student->id, $course->id, $studentrole->id); 4001 4002 // This test assumes that by default the student roles has the two 4003 // capabilities. Check this now in case the role definitions are every changed. 4004 $coursecontext = context_course::instance($course->id); 4005 $this->assertTrue(has_capability('moodle/course:viewscales', $coursecontext, $student)); 4006 $this->assertTrue(has_capability('moodle/question:flag', $coursecontext, $student)); 4007 4008 // We test cases where there are a varying number of prevent overrides. 4009 foreach ($capabilitiestoprevent as $capability) { 4010 role_change_permission($studentrole->id, $coursecontext, $capability, CAP_PREVENT); 4011 } 4012 4013 // So now, assemble our query using the method under test, and verify that it returns the student. 4014 $sqljoin = get_with_capability_join($coursecontext, 4015 ['moodle/course:viewscales', 'moodle/question:flag'], 'u.id'); 4016 4017 $users = $DB->get_records_sql("SELECT u.* 4018 FROM {user} u 4019 {$sqljoin->joins} 4020 WHERE {$sqljoin->wheres}", $sqljoin->params); 4021 if ($studentshouldbereturned) { 4022 $this->assertEquals([$student->id], array_keys($users)); 4023 } else { 4024 $this->assertEmpty($users); 4025 } 4026 } 4027 4028 /** 4029 * Test the get_profile_roles() function. 4030 */ 4031 public function test_get_profile_roles() { 4032 global $DB; 4033 $this->resetAfterTest(); 4034 4035 $course = $this->getDataGenerator()->create_course(); 4036 $coursecontext = context_course::instance($course->id); 4037 4038 // Assign a student role. 4039 $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); 4040 $user1 = $this->getDataGenerator()->create_user(); 4041 role_assign($studentrole->id, $user1->id, $coursecontext); 4042 4043 // Assign an editing teacher role. 4044 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 4045 $user2 = $this->getDataGenerator()->create_user(); 4046 role_assign($teacherrole->id, $user2->id, $coursecontext); 4047 4048 // Create a custom role that can be assigned at course level, but don't assign it yet. 4049 create_role('Custom role', 'customrole', 'Custom course role'); 4050 $customrole = $DB->get_record('role', array('shortname' => 'customrole'), '*', MUST_EXIST); 4051 set_role_contextlevels($customrole->id, [CONTEXT_COURSE]); 4052 core_role_set_assign_allowed($teacherrole->id, $customrole->id); // Allow teacher to assign the role in the course. 4053 4054 // Set the site policy 'profileroles' to show student, teacher and non-editing teacher roles (i.e. not the custom role). 4055 $neteacherrole = $DB->get_record('role', array('shortname' => 'teacher'), '*', MUST_EXIST); 4056 set_config('profileroles', "{$studentrole->id}, {$teacherrole->id}, {$neteacherrole->id}"); 4057 4058 // A student in the course (given they can't assign roles) should see those roles which are: 4059 // - listed in the 'profileroles' site policy AND 4060 // - are assigned in the course context (or parent contexts). 4061 // In this case, the non-editing teacher role is not assigned and should not be returned. 4062 $expected = [ 4063 $teacherrole->id => (object) [ 4064 'id' => $teacherrole->id, 4065 'name' => '', 4066 'shortname' => $teacherrole->shortname, 4067 'sortorder' => $teacherrole->sortorder, 4068 'coursealias' => null 4069 ], 4070 $studentrole->id => (object) [ 4071 'id' => $studentrole->id, 4072 'name' => '', 4073 'shortname' => $studentrole->shortname, 4074 'sortorder' => $studentrole->sortorder, 4075 'coursealias' => null 4076 ] 4077 ]; 4078 $this->setUser($user1); 4079 $this->assertEquals($expected, get_profile_roles($coursecontext)); 4080 4081 // An editing teacher should also see only 2 roles at this stage as only 2 roles are assigned: 'teacher' and 'student'. 4082 $this->setUser($user2); 4083 $this->assertEquals($expected, get_profile_roles($coursecontext)); 4084 4085 // Assign a custom role in the course. 4086 $user3 = $this->getDataGenerator()->create_user(); 4087 role_assign($customrole->id, $user3->id, $coursecontext); 4088 4089 // Confirm that the teacher can see the custom role now that it's assigned. 4090 $expectedteacher = [ 4091 $teacherrole->id => (object) [ 4092 'id' => $teacherrole->id, 4093 'name' => '', 4094 'shortname' => $teacherrole->shortname, 4095 'sortorder' => $teacherrole->sortorder, 4096 'coursealias' => null 4097 ], 4098 $studentrole->id => (object) [ 4099 'id' => $studentrole->id, 4100 'name' => '', 4101 'shortname' => $studentrole->shortname, 4102 'sortorder' => $studentrole->sortorder, 4103 'coursealias' => null 4104 ], 4105 $customrole->id => (object) [ 4106 'id' => $customrole->id, 4107 'name' => 'Custom role', 4108 'shortname' => $customrole->shortname, 4109 'sortorder' => $customrole->sortorder, 4110 'coursealias' => null 4111 ] 4112 ]; 4113 $this->setUser($user2); 4114 $this->assertEquals($expectedteacher, get_profile_roles($coursecontext)); 4115 4116 // And that the student can't, because the role isn't included in the 'profileroles' site policy. 4117 $expectedstudent = [ 4118 $teacherrole->id => (object) [ 4119 'id' => $teacherrole->id, 4120 'name' => '', 4121 'shortname' => $teacherrole->shortname, 4122 'sortorder' => $teacherrole->sortorder, 4123 'coursealias' => null 4124 ], 4125 $studentrole->id => (object) [ 4126 'id' => $studentrole->id, 4127 'name' => '', 4128 'shortname' => $studentrole->shortname, 4129 'sortorder' => $studentrole->sortorder, 4130 'coursealias' => null 4131 ] 4132 ]; 4133 $this->setUser($user1); 4134 $this->assertEquals($expectedstudent, get_profile_roles($coursecontext)); 4135 4136 // If we have no roles listed in the site policy, the teacher should be able to see the assigned roles. 4137 $expectedteacher = [ 4138 $studentrole->id => (object) [ 4139 'id' => $studentrole->id, 4140 'name' => '', 4141 'shortname' => $studentrole->shortname, 4142 'sortorder' => $studentrole->sortorder, 4143 'coursealias' => null 4144 ], 4145 $customrole->id => (object) [ 4146 'id' => $customrole->id, 4147 'name' => 'Custom role', 4148 'shortname' => $customrole->shortname, 4149 'sortorder' => $customrole->sortorder, 4150 'coursealias' => null 4151 ], 4152 $teacherrole->id => (object) [ 4153 'id' => $teacherrole->id, 4154 'name' => '', 4155 'shortname' => $teacherrole->shortname, 4156 'sortorder' => $teacherrole->sortorder, 4157 'coursealias' => null 4158 ], 4159 ]; 4160 set_config('profileroles', ""); 4161 $this->setUser($user2); 4162 $this->assertEquals($expectedteacher, get_profile_roles($coursecontext)); 4163 } 4164 4165 /** 4166 * Data provider for is_parent_of context checks. 4167 * 4168 * @return array 4169 */ 4170 public function is_parent_of_provider(): array { 4171 $provideboth = function(string $desc, string $contextpath, string $testpath, bool $expected): array { 4172 return [ 4173 "includeself: true; {$desc}" => [ 4174 $contextpath, 4175 $testpath, 4176 true, 4177 $expected, 4178 ], 4179 "includeself: false; {$desc}" => [ 4180 $contextpath, 4181 $testpath, 4182 false, 4183 $expected, 4184 ], 4185 ]; 4186 }; 4187 4188 return array_merge( 4189 [ 4190 'includeself: true, testing self' => [ 4191 '/1/4/17/291/1001/17105', 4192 '/1/4/17/291/1001/17105', 4193 true, 4194 true, 4195 ], 4196 'includeself: false, testing self' => [ 4197 '/1/4/17/291/1001/17105', 4198 '/1/4/17/291/1001/17105', 4199 false, 4200 false, 4201 ], 4202 ], 4203 $provideboth( 4204 'testing parent', 4205 '/1/4/17/291/1001/17105', 4206 '/1/4/17/291/1001', 4207 false 4208 ), 4209 $provideboth( 4210 'testing child', 4211 '/1/4/17/291/1001', 4212 '/1/4/17/291/1001/17105', 4213 true 4214 ), 4215 $provideboth( 4216 'testing grandchild', 4217 '/1', 4218 '/1/4/17/291/1001/17105', 4219 true 4220 ) 4221 ); 4222 } 4223 4224 /** 4225 * Ensure that the is_parent_of() function works as anticipated. 4226 * 4227 * @dataProvider is_parent_of_provider 4228 * @param string $contextpath The path of the context being compared with 4229 * @param string $testpath The path of the context being compared 4230 * @param bool $testself Whether to check the current context 4231 * @param bool $expected The expected result 4232 */ 4233 public function test_is_parent_of(string $contextpath, string $testpath, bool $testself, bool $expected): void { 4234 $context = $this->getMockBuilder(\context::class) 4235 ->disableOriginalConstructor() 4236 ->onlyMethods([ 4237 'get_url', 4238 'get_capabilities', 4239 ]) 4240 ->getMock(); 4241 4242 $rcp = new ReflectionProperty($context, '_path'); 4243 $rcp->setAccessible(true); 4244 $rcp->setValue($context, $contextpath); 4245 4246 $comparisoncontext = $this->getMockBuilder(\context::class) 4247 ->disableOriginalConstructor() 4248 ->onlyMethods([ 4249 'get_url', 4250 'get_capabilities', 4251 ]) 4252 ->getMock(); 4253 4254 $rcp = new ReflectionProperty($comparisoncontext, '_path'); 4255 $rcp->setAccessible(true); 4256 $rcp->setValue($comparisoncontext, $testpath); 4257 4258 $this->assertEquals($expected, $context->is_parent_of($comparisoncontext, $testself)); 4259 } 4260 4261 /** 4262 * Data provider for is_child_of context checks. 4263 * 4264 * @return array 4265 */ 4266 public function is_child_of_provider(): array { 4267 $provideboth = function(string $desc, string $contextpath, string $testpath, bool $expected): array { 4268 return [ 4269 "includeself: true; {$desc}" => [ 4270 $contextpath, 4271 $testpath, 4272 true, 4273 $expected, 4274 ], 4275 "includeself: false; {$desc}" => [ 4276 $contextpath, 4277 $testpath, 4278 false, 4279 $expected, 4280 ], 4281 ]; 4282 }; 4283 4284 return array_merge( 4285 [ 4286 'includeself: true, testing self' => [ 4287 '/1/4/17/291/1001/17105', 4288 '/1/4/17/291/1001/17105', 4289 true, 4290 true, 4291 ], 4292 'includeself: false, testing self' => [ 4293 '/1/4/17/291/1001/17105', 4294 '/1/4/17/291/1001/17105', 4295 false, 4296 false, 4297 ], 4298 ], 4299 $provideboth( 4300 'testing child', 4301 '/1/4/17/291/1001/17105', 4302 '/1/4/17/291/1001', 4303 true 4304 ), 4305 $provideboth( 4306 'testing parent', 4307 '/1/4/17/291/1001', 4308 '/1/4/17/291/1001/17105', 4309 false 4310 ), 4311 $provideboth( 4312 'testing grandchild', 4313 '/1/4/17/291/1001/17105', 4314 '/1', 4315 true 4316 ), 4317 $provideboth( 4318 'testing grandparent', 4319 '/1', 4320 '/1/4/17/291/1001/17105', 4321 false 4322 ) 4323 ); 4324 } 4325 4326 /** 4327 * Ensure that the is_child_of() function works as anticipated. 4328 * 4329 * @dataProvider is_child_of_provider 4330 * @param string $contextpath The path of the context being compared with 4331 * @param string $testpath The path of the context being compared 4332 * @param bool $testself Whether to check the current context 4333 * @param bool $expected The expected result 4334 */ 4335 public function test_is_child_of(string $contextpath, string $testpath, bool $testself, bool $expected): void { 4336 $context = $this->getMockBuilder(\context::class) 4337 ->disableOriginalConstructor() 4338 ->onlyMethods([ 4339 'get_url', 4340 'get_capabilities', 4341 ]) 4342 ->getMock(); 4343 4344 $rcp = new ReflectionProperty($context, '_path'); 4345 $rcp->setAccessible(true); 4346 $rcp->setValue($context, $contextpath); 4347 4348 $comparisoncontext = $this->getMockBuilder(\context::class) 4349 ->disableOriginalConstructor() 4350 ->onlyMethods([ 4351 'get_url', 4352 'get_capabilities', 4353 ]) 4354 ->getMock(); 4355 4356 $rcp = new ReflectionProperty($comparisoncontext, '_path'); 4357 $rcp->setAccessible(true); 4358 $rcp->setValue($comparisoncontext, $testpath); 4359 4360 $this->assertEquals($expected, $context->is_child_of($comparisoncontext, $testself)); 4361 } 4362 4363 /** 4364 * Ensure that the get_parent_contexts() function limits the number of queries it performs. 4365 */ 4366 public function test_get_parent_contexts_preload() { 4367 global $DB; 4368 4369 $this->resetAfterTest(); 4370 4371 /* 4372 * Given the following data structure: 4373 * System 4374 * - Category 4375 * --- Category 4376 * ----- Category 4377 * ------- Category 4378 * --------- Course 4379 * ----------- Activity (Forum) 4380 */ 4381 4382 $contexts = []; 4383 4384 $cat1 = $this->getDataGenerator()->create_category(); 4385 $cat2 = $this->getDataGenerator()->create_category(['parent' => $cat1->id]); 4386 $cat3 = $this->getDataGenerator()->create_category(['parent' => $cat2->id]); 4387 $cat4 = $this->getDataGenerator()->create_category(['parent' => $cat3->id]); 4388 $course = $this->getDataGenerator()->create_course(['category' => $cat4->id]); 4389 $forum = $this->getDataGenerator()->create_module('forum', ['course' => $course->id]); 4390 4391 $modcontext = context_module::instance($forum->cmid); 4392 4393 context_helper::reset_caches(); 4394 4395 // There should only be a single DB query. 4396 $predbqueries = $DB->perf_get_reads(); 4397 4398 $parents = $modcontext->get_parent_contexts(); 4399 // Note: For some databases There is one read, plus one FETCH, plus one CLOSE. 4400 // These all show as reads, when there has actually only been a single query. 4401 $this->assertLessThanOrEqual(3, $DB->perf_get_reads() - $predbqueries); 4402 } 4403 4404 /** 4405 * Ensure that get_with_capability_sql and get_with_capability_join respect context locking. 4406 */ 4407 public function test_get_with_capability_sql_locked() { 4408 global $DB; 4409 4410 $this->resetAfterTest(); 4411 4412 $generator = $this->getDataGenerator(); 4413 4414 $cat1 = $generator->create_category(); 4415 $cat2 = $generator->create_category(); 4416 $cat1course1 = $generator->create_course(['category' => $cat1->id]); 4417 $cat1course1forum = $generator->create_module('forum', ['course' => $cat1course1]); 4418 4419 $contexts = (object) [ 4420 'system' => \context_system::instance(), 4421 'cat1' => \context_coursecat::instance($cat1->id), 4422 'cat2' => \context_coursecat::instance($cat2->id), 4423 'cat1course1' => \context_course::instance($cat1course1->id), 4424 'cat1course1forum' => \context_module::instance($cat1course1forum->cmid), 4425 ]; 4426 4427 // Test with the 'mod/forum:startdiscussion' capability. 4428 $caput = 'mod/forum:startdiscussion'; 4429 4430 // Create a test user. 4431 $uut = $generator->create_and_enrol($cat1course1, 'teacher'); 4432 4433 // Initially the user will be returned by get_users_by_capability. 4434 list($sql, $params) = get_with_capability_sql($contexts->cat1course1forum, $caput); 4435 $users = $DB->get_records_sql($sql, $params); 4436 $this->assertArrayHasKey($uut->id, $users); 4437 4438 // Freezing the forum will remove the user. 4439 set_config('contextlocking', 1); 4440 $contexts->cat1course1forum->set_locked(true); 4441 list($sql, $params) = get_with_capability_sql($contexts->cat1course1forum, $caput); 4442 $users = $DB->get_records_sql($sql, $params); 4443 $this->assertArrayNotHasKey($uut->id, $users); 4444 4445 // But not if context locking is disabled. 4446 set_config('contextlocking', 0); 4447 list($sql, $params) = get_with_capability_sql($contexts->cat1course1forum, $caput); 4448 $users = $DB->get_records_sql($sql, $params); 4449 $this->assertArrayHasKey($uut->id, $users); 4450 4451 $contexts->cat1course1forum->set_locked(false); 4452 4453 // Freezing the course will have the same effect. 4454 set_config('contextlocking', 1); 4455 $contexts->cat1course1->set_locked(true); 4456 list($sql, $params) = get_with_capability_sql($contexts->cat1course1forum, $caput); 4457 $users = $DB->get_records_sql($sql, $params); 4458 $this->assertArrayNotHasKey($uut->id, $users); 4459 4460 // But not if context locking is disabled. 4461 set_config('contextlocking', 0); 4462 list($sql, $params) = get_with_capability_sql($contexts->cat1course1forum, $caput); 4463 $users = $DB->get_records_sql($sql, $params); 4464 $this->assertArrayHasKey($uut->id, $users); 4465 4466 $contexts->cat1course1->set_locked(false); 4467 4468 // Freezing the category will have the same effect. 4469 set_config('contextlocking', 1); 4470 $contexts->cat1->set_locked(true); 4471 list($sql, $params) = get_with_capability_sql($contexts->cat1course1forum, $caput); 4472 $users = $DB->get_records_sql($sql, $params); 4473 $this->assertArrayNotHasKey($uut->id, $users); 4474 4475 // But not if context locking is disabled. 4476 set_config('contextlocking', 0); 4477 list($sql, $params) = get_with_capability_sql($contexts->cat1course1forum, $caput); 4478 $users = $DB->get_records_sql($sql, $params); 4479 $this->assertArrayHasKey($uut->id, $users); 4480 4481 $contexts->cat1->set_locked(false); 4482 4483 // Freezing an unrelated category will have no effect. 4484 set_config('contextlocking', 1); 4485 $contexts->cat2->set_locked(true); 4486 list($sql, $params) = get_with_capability_sql($contexts->cat1course1forum, $caput); 4487 $users = $DB->get_records_sql($sql, $params); 4488 $this->assertArrayHasKey($uut->id, $users); 4489 } 4490 4491 /** 4492 * Ensure that get_users_by_capability respects context freezing. 4493 */ 4494 public function test_get_users_by_capability_locked() { 4495 $this->resetAfterTest(); 4496 4497 $generator = $this->getDataGenerator(); 4498 4499 $cat1 = $generator->create_category(); 4500 $cat2 = $generator->create_category(); 4501 $cat1course1 = $generator->create_course(['category' => $cat1->id]); 4502 $cat1course1forum = $generator->create_module('forum', ['course' => $cat1course1]); 4503 4504 $contexts = (object) [ 4505 'system' => \context_system::instance(), 4506 'cat1' => \context_coursecat::instance($cat1->id), 4507 'cat2' => \context_coursecat::instance($cat2->id), 4508 'cat1course1' => \context_course::instance($cat1course1->id), 4509 'cat1course1forum' => \context_module::instance($cat1course1forum->cmid), 4510 ]; 4511 4512 // Test with the 'mod/forum:startdiscussion' capability. 4513 $caput = 'mod/forum:startdiscussion'; 4514 4515 // Create a test user. 4516 $uut = $generator->create_and_enrol($cat1course1, 'teacher'); 4517 4518 // Initially the user will be returned by get_users_by_capability. 4519 $users = get_users_by_capability($contexts->cat1course1forum, $caput); 4520 $this->assertArrayHasKey($uut->id, $users); 4521 4522 // Freezing the forum will remove the user. 4523 set_config('contextlocking', 1); 4524 $contexts->cat1course1forum->set_locked(true); 4525 $users = get_users_by_capability($contexts->cat1course1forum, $caput); 4526 $this->assertArrayNotHasKey($uut->id, $users); 4527 4528 // But not if context locking is disabled. 4529 set_config('contextlocking', 0); 4530 $users = get_users_by_capability($contexts->cat1course1forum, $caput); 4531 $this->assertArrayHasKey($uut->id, $users); 4532 4533 $contexts->cat1course1forum->set_locked(false); 4534 4535 // Freezing the course will have the same effect. 4536 set_config('contextlocking', 1); 4537 $contexts->cat1course1->set_locked(true); 4538 $users = get_users_by_capability($contexts->cat1course1forum, $caput); 4539 $this->assertArrayNotHasKey($uut->id, $users); 4540 4541 // But not if context locking is disabled. 4542 set_config('contextlocking', 0); 4543 $users = get_users_by_capability($contexts->cat1course1forum, $caput); 4544 $this->assertArrayHasKey($uut->id, $users); 4545 4546 $contexts->cat1course1->set_locked(false); 4547 4548 // Freezing the category will have the same effect. 4549 set_config('contextlocking', 1); 4550 $contexts->cat1->set_locked(true); 4551 $users = get_users_by_capability($contexts->cat1course1forum, $caput); 4552 $this->assertArrayNotHasKey($uut->id, $users); 4553 4554 // But not if context locking is disabled. 4555 set_config('contextlocking', 0); 4556 $users = get_users_by_capability($contexts->cat1course1forum, $caput); 4557 $this->assertArrayHasKey($uut->id, $users); 4558 4559 $contexts->cat1->set_locked(false); 4560 4561 // Freezing an unrelated category will have no effect. 4562 set_config('contextlocking', 1); 4563 $contexts->cat2->set_locked(true); 4564 $users = get_users_by_capability($contexts->cat1course1forum, $caput); 4565 $this->assertArrayHasKey($uut->id, $users); 4566 } 4567 4568 /** 4569 * Test require_all_capabilities. 4570 */ 4571 public function test_require_all_capabilities() { 4572 global $DB; 4573 4574 $this->resetAfterTest(); 4575 4576 $course = $this->getDataGenerator()->create_course(); 4577 $coursecontext = context_course::instance($course->id); 4578 $teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST); 4579 $teacher = $this->getDataGenerator()->create_user(); 4580 role_assign($teacherrole->id, $teacher->id, $coursecontext); 4581 4582 // Note: Here are used default capabilities, the full test is in permission evaluation bellow, 4583 // use two capabilities that teacher has and one does not, none of them should be allowed for not-logged-in user. 4584 $this->assertTrue($DB->record_exists('capabilities', array('name' => 'moodle/backup:backupsection'))); 4585 $this->assertTrue($DB->record_exists('capabilities', array('name' => 'moodle/backup:backupcourse'))); 4586 4587 $sca = array('moodle/backup:backupsection', 'moodle/backup:backupcourse'); 4588 4589 $this->setUser($teacher); 4590 require_all_capabilities($sca, $coursecontext); 4591 require_all_capabilities($sca, $coursecontext, $teacher); 4592 4593 // Guest users should not have any of these perms. 4594 $this->setUser(0); 4595 $this->expectException(\required_capability_exception::class); 4596 require_all_capabilities($sca, $coursecontext); 4597 } 4598 4599 /** 4600 * Test get_navigation_filter_context. 4601 * 4602 * @covers ::get_navigation_filter_context 4603 */ 4604 public function test_get_navigation_filter_context() { 4605 $this->resetAfterTest(); 4606 $course = $this->getDataGenerator()->create_course(); 4607 set_config('filternavigationwithsystemcontext', 0); 4608 // First test passed values are returned if disabled. 4609 $this->assertNull(context_helper::get_navigation_filter_context(null)); 4610 $coursecontext = context_course::instance($course->id); 4611 $filtercontext = context_helper::get_navigation_filter_context($coursecontext); 4612 $this->assertEquals($coursecontext->id, $filtercontext->id); 4613 4614 // Now test that any input returns system context if enabled. 4615 set_config('filternavigationwithsystemcontext', 1); 4616 $filtercontext = context_helper::get_navigation_filter_context(null); 4617 $this->assertInstanceOf('\context_system', $filtercontext); 4618 $filtercontext = context_helper::get_navigation_filter_context($coursecontext); 4619 $this->assertInstanceOf('\context_system', $filtercontext); 4620 } 4621 } 4622 4623 /** 4624 * Context caching fixture 4625 */ 4626 class context_inspection extends context_helper { 4627 public static function test_context_cache_size() { 4628 return self::$cache_count; 4629 } 4630 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
