Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.

Differences Between: [Versions 401 and 402] [Versions 401 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * New role XML processing.
  19   *
  20   * @package    core_role
  21   * @copyright  2013 Petr Skoda {@link http://skodak.org}
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  defined('MOODLE_INTERNAL') || die();
  26  
  27  /**
  28   * XML role file manipulation class.
  29   *
  30   * @package    core_role
  31   * @copyright  2013 Petr Skoda {@link http://skodak.org}
  32   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  33   */
  34  class core_role_preset {
  35  
  36      /**
  37       * Send role export xml file to browser.
  38       *
  39       * @param int $roleid
  40       * @return void does not return, send the file to output
  41       */
  42      public static function send_export_xml($roleid) {
  43          global $CFG, $DB;
  44          require_once($CFG->libdir . '/filelib.php');
  45  
  46          $role = $DB->get_record('role', array('id'=>$roleid), '*', MUST_EXIST);
  47  
  48          if ($role->shortname) {
  49              $filename = $role->shortname.'.xml';
  50          } else {
  51              $filename = 'role.xml';
  52          }
  53          $xml = self::get_export_xml($roleid);
  54          send_file($xml, $filename, 0, false, true, true);
  55          die();
  56      }
  57  
  58      /**
  59       * Generate role export xml file.
  60       *
  61       * @param $roleid
  62       * @return string
  63       */
  64      public static function get_export_xml($roleid) {
  65          global $DB;
  66  
  67          $role = $DB->get_record('role', array('id'=>$roleid), '*', MUST_EXIST);
  68  
  69          $dom = new DOMDocument('1.0', 'UTF-8');
  70          $top = $dom->createElement('role');
  71          $dom->appendChild($top);
  72  
  73          $top->appendChild($dom->createElement('shortname', $role->shortname));
  74          $top->appendChild($dom->createElement('name', htmlspecialchars($role->name, ENT_COMPAT | ENT_HTML401, 'UTF-8')));
  75          $top->appendChild($dom->createElement('description', htmlspecialchars($role->description, ENT_COMPAT | ENT_HTML401,
  76                  'UTF-8')));
  77          $top->appendChild($dom->createElement('archetype', $role->archetype));
  78  
  79          $contextlevels = $dom->createElement('contextlevels');
  80          $top->appendChild($contextlevels);
  81          foreach (get_role_contextlevels($roleid) as $level) {
  82              $name = context_helper::get_class_for_level($level);
  83              $name = preg_replace('/^context_/', '', $name);
  84              $contextlevels->appendChild($dom->createElement('level', $name));
  85          }
  86  
  87          foreach (array('assign', 'override', 'switch', 'view') as $type) {
  88              $allows = $dom->createElement('allow'.$type);
  89              $top->appendChild($allows);
  90              $records = $DB->get_records('role_allow_'.$type, array('roleid'=>$roleid), "allow$type ASC");
  91              foreach ($records as $record) {
  92                  if (!$ar = $DB->get_record('role', array('id'=>$record->{'allow'.$type}))) {
  93                      continue;
  94                  }
  95                  $allows->appendChild($dom->createElement('shortname', $ar->shortname));
  96              }
  97          }
  98  
  99          $permissions = $dom->createElement('permissions');
 100          $top->appendChild($permissions);
 101  
 102          $capabilities = $DB->get_records_sql_menu(
 103              "SELECT capability, permission
 104                 FROM {role_capabilities}
 105                WHERE contextid = :syscontext AND roleid = :roleid
 106             ORDER BY capability ASC",
 107              array('syscontext'=>context_system::instance()->id, 'roleid'=>$roleid));
 108  
 109          $allcapabilities = $DB->get_records('capabilities', array(), 'name ASC');
 110          foreach ($allcapabilities as $cap) {
 111              if (!isset($capabilities[$cap->name])) {
 112                  $permissions->appendChild($dom->createElement('inherit', $cap->name));
 113              }
 114          }
 115  
 116          foreach ($capabilities as $capability => $permission) {
 117              if ($permission == CAP_ALLOW) {
 118                  $permissions->appendChild($dom->createElement('allow', $capability));
 119              }
 120          }
 121          foreach ($capabilities as $capability => $permission) {
 122              if ($permission == CAP_PREVENT) {
 123                  $permissions->appendChild($dom->createElement('prevent', $capability));
 124              }
 125          }
 126          foreach ($capabilities as $capability => $permission) {
 127              if ($permission == CAP_PROHIBIT) {
 128                  $permissions->appendChild($dom->createElement('prohibit', $capability));
 129              }
 130          }
 131  
 132          return $dom->saveXML();
 133      }
 134  
 135      /**
 136       * Is this XML valid role preset?
 137       *
 138       * @param string $xml
 139       * @return bool
 140       */
 141      public static function is_valid_preset($xml) {
 142          $dom = new DOMDocument();
 143          if (!$dom->loadXML($xml)) {
 144              return false;
 145          } else {
 146              $val = @$dom->schemaValidate(__DIR__.'/../role_schema.xml');
 147              if (!$val) {
 148                  return false;
 149              }
 150          }
 151          return true;
 152      }
 153  
 154      /**
 155       * Parse role preset xml file.
 156       *
 157       * @param string $xml
 158       * @return array role info, null on error
 159       */
 160      public static function parse_preset($xml) {
 161          global $DB;
 162  
 163          $info = array();
 164  
 165          if (!self::is_valid_preset($xml)) {
 166              return null;
 167          }
 168  
 169          $dom = new DOMDocument();
 170          $dom->loadXML($xml);
 171  
 172          $info['shortname'] = self::get_node_value($dom, '/role/shortname');
 173          if (isset($info['shortname'])) {
 174              $info['shortname'] = strtolower(clean_param($info['shortname'], PARAM_ALPHANUMEXT));
 175          }
 176  
 177          $info['name'] = self::get_node_value($dom, '/role/name');
 178          if (isset($value)) {
 179              $info['name'] = clean_param($info['name'], PARAM_TEXT);
 180          }
 181  
 182          $info['description'] = self::get_node_value($dom, '/role/description');
 183          if (isset($value)) {
 184              $info['description'] = clean_param($info['description'], PARAM_CLEANHTML);
 185          }
 186  
 187          $info['archetype'] = self::get_node_value($dom, '/role/archetype');
 188          if (isset($value)) {
 189              $archetypes = get_role_archetypes();
 190              if (!isset($archetypes[$info['archetype']])) {
 191                  $info['archetype'] = null;
 192              }
 193          }
 194  
 195          $values = self::get_node_children_values($dom, '/role/contextlevels', 'level');
 196          if (isset($values)) {
 197              $info['contextlevels'] = array();
 198              $levelmap = array_flip(context_helper::get_all_levels());
 199              foreach ($values as $value) {
 200                  $level = 'context_'.$value;
 201                  if (isset($levelmap[$level])) {
 202                      $cl = $levelmap[$level];
 203                      $info['contextlevels'][$cl] = $cl;
 204                  }
 205              }
 206          }
 207  
 208          foreach (array('assign', 'override', 'switch', 'view') as $type) {
 209              $values = self::get_node_children_values($dom, '/role/allow'.$type, 'shortname');
 210              if (!isset($values)) {
 211                  $info['allow'.$type] = null;
 212                  continue;
 213              }
 214              $info['allow'.$type] = array();
 215              foreach ($values as $value) {
 216                  if ($value === $info['shortname']) {
 217                      array_unshift($info['allow'.$type], -1); // Means self.
 218                  }
 219                  if ($role = $DB->get_record('role', array('shortname'=>$value))) {
 220                      $info['allow'.$type][] = $role->id;
 221                      continue;
 222                  }
 223              }
 224          }
 225  
 226          $info['permissions'] = array();
 227          $values = self::get_node_children_values($dom, '/role/permissions', 'inherit');
 228          if (isset($values)) {
 229              foreach ($values as $value) {
 230                  if ($value = clean_param($value, PARAM_CAPABILITY)) {
 231                      $info['permissions'][$value] = CAP_INHERIT;
 232                  }
 233              }
 234          }
 235          $values = self::get_node_children_values($dom, '/role/permissions', 'allow');
 236          if (isset($values)) {
 237              foreach ($values as $value) {
 238                  if ($value = clean_param($value, PARAM_CAPABILITY)) {
 239                      $info['permissions'][$value] = CAP_ALLOW;
 240                  }
 241              }
 242          }
 243          $values = self::get_node_children_values($dom, '/role/permissions', 'prevent');
 244          if (isset($values)) {
 245              foreach ($values as $value) {
 246                  if ($value = clean_param($value, PARAM_CAPABILITY)) {
 247                      $info['permissions'][$value] = CAP_PREVENT;
 248                  }
 249              }
 250          }
 251          $values = self::get_node_children_values($dom, '/role/permissions', 'prohibit');
 252          if (isset($values)) {
 253              foreach ($values as $value) {
 254                  if ($value = clean_param($value, PARAM_CAPABILITY)) {
 255                      $info['permissions'][$value] = CAP_PROHIBIT;
 256                  }
 257              }
 258          }
 259  
 260          return $info;
 261      }
 262  
 263      protected static function get_node(DOMDocument $dom, $path) {
 264          $parts = explode('/', $path);
 265          $elname = end($parts);
 266  
 267          $nodes = $dom->getElementsByTagName($elname);
 268  
 269          if ($nodes->length == 0) {
 270              return null;
 271          }
 272  
 273          foreach ($nodes as $node) {
 274              if ($node->getNodePath() === $path) {
 275                  return $node;
 276              }
 277          }
 278  
 279          return null;
 280      }
 281  
 282      protected static function get_node_value(DOMDocument $dom, $path) {
 283          if (!$node = self::get_node($dom, $path)) {
 284              return null;
 285          }
 286          return $node->nodeValue;
 287      }
 288  
 289      protected static function get_node_children(DOMDocument $dom, $path, $tagname) {
 290          if (!$node = self::get_node($dom, $path)) {
 291              return null;
 292          }
 293  
 294          $return = array();
 295          foreach ($node->childNodes as $child) {
 296              if ($child->nodeName === $tagname) {
 297                  $return[] = $child;
 298              }
 299          }
 300          return $return;
 301      }
 302  
 303      protected static function get_node_children_values(DOMDocument $dom, $path, $tagname) {
 304          $children = self::get_node_children($dom, $path, $tagname);
 305  
 306          if ($children === null) {
 307              return null;
 308          }
 309          $return = array();
 310          foreach ($children as $child) {
 311              $return[] = $child->nodeValue;
 312          }
 313          return $return;
 314      }
 315  }