Moodle 4.1 XRef and Diffs

Search moodle.org's
Developer Documentation
See Release Notes
Long Term Support Release
Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
Moodle 4.1 Database Schema (by Marcus Green)
/reportbuilder/classes/ -> permission.php (source)
Differences Between: [Versions 400 and 401]
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  declare(strict_types=1);
  18  
  19  namespace core_reportbuilder;
  20  
  21  use context;
  22  use context_system;
  23  use core_reportbuilder\local\helpers\audience;
  24  use core_reportbuilder\local\models\report;
  25  use core_reportbuilder\local\report\base;
  26  
  27  /**
  28   * Report permission class
  29   *
  30   * @package     core_reportbuilder
  31   * @copyright   2021 Paul Holden <paulh@moodle.com>
  32   * @license     http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  33   */
  34  class permission {
  35  
  36      /**
  37       * Require given user can view reports list
  38       *
  39       * @param int|null $userid User ID to check, or the current user if omitted
  40       * @param context|null $context
  41       * @throws report_access_exception
  42       */
  43      public static function require_can_view_reports_list(?int $userid = null, ?context $context = null): void {
  44          if (!static::can_view_reports_list($userid, $context)) {
  45              throw new report_access_exception();
  46          }
  47      }
  48  
  49      /**
  50       * Whether given user can view reports list
  51       *
  52       * @param int|null $userid User ID to check, or the current user if omitted
  53       * @param context|null $context
  54       * @return bool
  55       */
  56      public static function can_view_reports_list(?int $userid = null, ?context $context = null): bool {
  57          global $CFG;
  58  
  59          if ($context === null) {
  60              $context = context_system::instance();
  61          }
  62  
  63          return !empty($CFG->enablecustomreports) && has_any_capability([
  64              'moodle/reportbuilder:editall',
  65              'moodle/reportbuilder:edit',
  66              'moodle/reportbuilder:view',
  67          ], $context, $userid);
  68      }
  69  
  70      /**
  71       * Require given user can view report
  72       *
  73       * @param report $report
  74       * @param int|null $userid User ID to check, or the current user if omitted
  75       * @throws report_access_exception
  76       */
  77      public static function require_can_view_report(report $report, ?int $userid = null): void {
  78          if (!static::can_view_report($report, $userid)) {
  79              throw new report_access_exception('errorreportview');
  80          }
  81      }
  82  
  83      /**
  84       * Whether given user can view report
  85       *
  86       * @param report $report
  87       * @param int|null $userid User ID to check, or the current user if omitted
  88       * @return bool
  89       */
  90      public static function can_view_report(report $report, ?int $userid = null): bool {
  91          if (!static::can_view_reports_list($userid, $report->get_context())) {
  92              return false;
  93          }
  94  
  95          if (self::can_edit_report($report, $userid)) {
  96              return true;
  97          }
  98  
  99          $reports = audience::user_reports_list($userid);
 100          return in_array($report->get('id'), $reports);
 101      }
 102  
 103      /**
 104       * Require given user can edit report
 105       *
 106       * @param report $report
 107       * @param int|null $userid User ID to check, or the current user if omitted
 108       * @throws report_access_exception
 109       */
 110      public static function require_can_edit_report(report $report, ?int $userid = null): void {
 111          if (!static::can_edit_report($report, $userid)) {
 112              throw new report_access_exception('errorreportedit');
 113          }
 114      }
 115  
 116      /**
 117       * Whether given user can edit report
 118       *
 119       * @param report $report
 120       * @param int|null $userid User ID to check, or the current user if omitted
 121       * @return bool
 122       */
 123      public static function can_edit_report(report $report, ?int $userid = null): bool {
 124          global $CFG, $USER;
 125  
 126          if (empty($CFG->enablecustomreports)) {
 127              return false;
 128          }
 129  
 130          // We can only edit custom reports.
 131          if ($report->get('type') !== base::TYPE_CUSTOM_REPORT) {
 132              return false;
 133          }
 134  
 135          // To edit their own reports, users must have either of the 'edit' or 'editall' capabilities. For reports belonging
 136          // to other users, they must have the specific 'editall' capability.
 137          $userid = $userid ?: (int) $USER->id;
 138          if ($report->get('usercreated') === $userid) {
 139              return has_any_capability([
 140                  'moodle/reportbuilder:edit',
 141                  'moodle/reportbuilder:editall',
 142              ], $report->get_context(), $userid);
 143          } else {
 144              return has_capability('moodle/reportbuilder:editall', $report->get_context(), $userid);
 145          }
 146      }
 147  
 148      /**
 149       * Whether given user can create a new report
 150       *
 151       * @param int|null $userid User ID to check, or the current user if omitted
 152       * @param context|null $context
 153       * @return bool
 154       */
 155      public static function can_create_report(?int $userid = null, ?context $context = null): bool {
 156          global $CFG;
 157  
 158          if ($context === null) {
 159              $context = context_system::instance();
 160          }
 161  
 162          return !empty($CFG->enablecustomreports) && has_any_capability([
 163              'moodle/reportbuilder:edit',
 164              'moodle/reportbuilder:editall',
 165          ], $context, $userid) && !manager::report_limit_reached();
 166      }
 167  
 168      /**
 169       * Require given user can create a new report
 170       *
 171       * @param int|null $userid User ID to check, or the current user if omitted
 172       * @param context|null $context
 173       * @throws report_access_exception
 174       */
 175      public static function require_can_create_report(?int $userid = null, ?context $context = null): void {
 176          if (!static::can_create_report($userid, $context)) {
 177              throw new report_access_exception('errorreportcreate');
 178          }
 179      }
 180  }