Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 3.9.x will end* 10 May 2021 (12 months).
  • Bug fixes for security issues in 3.9.x will end* 8 May 2023 (36 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Functions used by the capability tool.
  19   *
  20   * @package    tool_capability
  21   * @copyright  2013 Sam Hemelryk
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  /**
  26   * Calculates capability data organised by context for the given roles.
  27   *
  28   * @param string $capability The capability to get data for.
  29   * @param array $roles An array of roles to get data for.
  30   * @return context[] An array of contexts.
  31   */
  32  function tool_capability_calculate_role_data($capability, array $roles) {
  33      global $DB;
  34  
  35      $systemcontext = context_system::instance();
  36      $roleids = array_keys($roles);
  37  
  38      // Work out the bits needed for the SQL WHERE clauses.
  39      $params = array($capability);
  40      list($sqlroletest, $roleparams) = $DB->get_in_or_equal($roleids);
  41      $params = array_merge($params, $roleparams);
  42      $sqlroletest = 'AND roleid ' . $sqlroletest;
  43  
  44      // Get all the role_capabilities rows for this capability - that is, all
  45      // role definitions, and all role overrides.
  46      $sql = 'SELECT id, roleid, contextid, permission
  47                FROM {role_capabilities}
  48               WHERE capability = ? '.$sqlroletest;
  49      $rolecaps = $DB->get_records_sql($sql, $params);
  50  
  51      // In order to display a nice tree of contexts, we need to get all the
  52      // ancestors of all the contexts in the query we just did.
  53      $sql = 'SELECT DISTINCT con.path, 1
  54                FROM {context} con
  55                JOIN {role_capabilities} rc ON rc.contextid = con.id
  56               WHERE capability = ? ' .
  57              $sqlroletest .
  58              // Context path should never be null, but can happen in old database with
  59              // bad data (e.g. a course_module where the corresponding course no longer exists).
  60              // We need to leave these out of the report to prevent errors.
  61              ' AND con.path IS NOT NULL';
  62      $relevantpaths = $DB->get_records_sql_menu($sql, $params);
  63      $requiredcontexts = array($systemcontext->id);
  64      foreach ($relevantpaths as $path => $notused) {
  65          $requiredcontexts = array_merge($requiredcontexts, explode('/', trim($path, '/')));
  66      }
  67      $requiredcontexts = array_unique($requiredcontexts);
  68  
  69      // Now load those contexts.
  70      list($sqlcontexttest, $contextparams) = $DB->get_in_or_equal($requiredcontexts);
  71      $contexts = get_sorted_contexts('ctx.id ' . $sqlcontexttest, $contextparams);
  72  
  73      // Prepare some empty arrays to hold the data we are about to compute.
  74      foreach ($contexts as $conid => $con) {
  75          $contexts[$conid]->children = array();
  76          $contexts[$conid]->rolecapabilities = array();
  77      }
  78  
  79      // Put the contexts into a tree structure.
  80      foreach ($contexts as $conid => $con) {
  81          $context = context::instance_by_id($conid);
  82          try {
  83              $parentcontext = $context->get_parent_context();
  84              if ($parentcontext) { // Will be false if $context is the system context.
  85                  $contexts[$parentcontext->id]->children[] = $conid;
  86              }
  87          } catch (dml_missing_record_exception $e) {
  88              // Ignore corrupt context tree structure here. Don't let it break
  89              // showing the rest of the report.
  90              continue;
  91          }
  92      }
  93  
  94      // Put the role capabilities into the context tree.
  95      foreach ($rolecaps as $rolecap) {
  96          if (!isset($contexts[$rolecap->contextid])) {
  97              // Skip capabilities in orphaned contexts that are not in the tree.
  98              continue;
  99          }
 100          $contexts[$rolecap->contextid]->rolecapabilities[$rolecap->roleid] = $rolecap->permission;
 101      }
 102  
 103      // Fill in any missing rolecaps for the system context.
 104      foreach ($roleids as $roleid) {
 105          if (!isset($contexts[$systemcontext->id]->rolecapabilities[$roleid])) {
 106              $contexts[$systemcontext->id]->rolecapabilities[$roleid] = CAP_INHERIT;
 107          }
 108      }
 109  
 110      return $contexts;
 111  }