Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
  • Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.

Differences Between: [Versions 310 and 403] [Versions 311 and 403] [Versions 39 and 403] [Versions 400 and 403] [Versions 401 and 403]

   1  <?php
   2  
   3  // This file is part of Moodle - http://moodle.org/
   4  //
   5  // Moodle is free software: you can redistribute it and/or modify
   6  // it under the terms of the GNU General Public License as published by
   7  // the Free Software Foundation, either version 3 of the License, or
   8  // (at your option) any later version.
   9  //
  10  // Moodle is distributed in the hope that it will be useful,
  11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  // GNU General Public License for more details.
  14  //
  15  // You should have received a copy of the GNU General Public License
  16  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  17  
  18  
  19  /**
  20   * This file is used to manage repositories
  21   *
  22   * @since Moodle 2.0
  23   * @package    core
  24   * @subpackage repository
  25   * @copyright  2009 Dongsheng Cai <dongsheng@moodle.com>
  26   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  27   */
  28  
  29  require_once(__DIR__ . '/../config.php');
  30  require_once($CFG->dirroot . '/repository/lib.php');
  31  
  32  $edit    = optional_param('edit', 0, PARAM_INT);
  33  $new     = optional_param('new', '', PARAM_ALPHANUMEXT);
  34  $delete  = optional_param('delete', 0, PARAM_INT);
  35  $sure    = optional_param('sure', '', PARAM_ALPHA);
  36  $contextid = optional_param('contextid', 0, PARAM_INT);
  37  $usercourseid = optional_param('usercourseid', SITEID, PARAM_INT);  // Extra: used for user context only
  38  
  39  $url = new moodle_url('/repository/manage_instances.php');
  40  $baseurl = new moodle_url('/repository/manage_instances.php');
  41  
  42  if ($edit){
  43      $url->param('edit', $edit);
  44      $pagename = 'repositoryinstanceedit';
  45  } else if ($delete) {
  46      $url->param('delete', $delete);
  47      $pagename = 'repositorydelete';
  48  } else if ($new) {
  49      $url->param('new', $new);
  50      $pagename = 'repositoryinstancenew';
  51  } else {
  52      $pagename = 'repositorylist';
  53  }
  54  
  55  if ($sure !== '') {
  56      $url->param('sure', $sure);
  57  }
  58  if ($contextid !== 0) {
  59      $url->param('contextid', $contextid);
  60      $baseurl->param('contextid', $contextid);
  61  }
  62  if ($usercourseid != SITEID) {
  63      $url->param('usercourseid', $usercourseid);
  64  }
  65  
  66  $context = context::instance_by_id($contextid);
  67  
  68  $PAGE->set_url($url);
  69  $PAGE->set_context($context);
  70  $PAGE->set_pagelayout('standard');
  71  
  72  /// Security: make sure we're allowed to do this operation
  73  if ($context->contextlevel == CONTEXT_COURSE) {
  74      $pagename = get_string("repositorycourse",'repository');
  75  
  76      if ( !$course = $DB->get_record('course', array('id'=>$context->instanceid))) {
  77          throw new \moodle_exception('invalidcourseid');
  78      }
  79      require_login($course, false);
  80      // If the user is allowed to edit this course, he's allowed to edit list of repository instances
  81      require_capability('moodle/course:update',  $context);
  82  
  83  
  84  } else if ($context->contextlevel == CONTEXT_USER) {
  85      require_login();
  86      $pagename = get_string('manageinstances', 'repository');
  87      //is the user looking at its own repository instances
  88      if ($USER->id != $context->instanceid){
  89          throw new \moodle_exception('notyourinstances', 'repository');
  90      }
  91      $user = $USER;
  92  } else {
  93      throw new \moodle_exception('invalidcontext');
  94  }
  95  
  96  /// Security: we cannot perform any action if the type is not visible or if the context has been disabled
  97  if (!empty($new) && empty($edit)){
  98      $type = repository::get_type_by_typename($new);
  99  } else if (!empty($edit)){
 100      $instance = repository::get_repository_by_id($edit, $context->id);
 101      $type = repository::get_type_by_id($instance->options['typeid']);
 102  } else if (!empty($delete)){
 103      $instance = repository::get_repository_by_id($delete, $context->id);
 104      $type = repository::get_type_by_id($instance->options['typeid']);
 105  }
 106  
 107  if (isset($type)) {
 108      if (!$type->get_visible()) {
 109          throw new \moodle_exception('typenotvisible', 'repository', $baseurl);
 110      }
 111      // Prevents the user from creating/editing an instance if the repository is not visible in
 112      // this context OR if the user does not have the capability to view this repository in this context.
 113      $canviewrepository = has_capability('repository/'.$type->get_typename().':view', $context);
 114      if (!$type->get_contextvisibility($context) || !$canviewrepository) {
 115          throw new \moodle_exception('usercontextrepositorydisabled', 'repository', $baseurl);
 116      }
 117  }
 118  
 119  // We have an instance when we are going to edit, or delete. Several checks need to be done!
 120  if (!empty($instance)) {
 121      // The context passed MUST match the context of the repository. And as both have to be
 122      // similar, this also ensures that the context is either a user one, or a course one.
 123      if ($instance->instance->contextid != $context->id) {
 124          throw new \moodle_exception('invalidcontext');
 125      }
 126      if ($instance->readonly) {
 127          // Cannot edit, or delete a readonly instance.
 128          throw new repository_exception('readonlyinstance', 'repository');
 129      } else if (!$instance->can_be_edited_by_user()) {
 130          // The user has to have the right to edit the instance.
 131          throw new repository_exception('nopermissiontoaccess', 'repository');
 132      }
 133  }
 134  
 135  // Create navigation links.
 136  if (!empty($course)) {
 137      $pageheading = $course->fullname;
 138  } else {
 139      $pageheading = $pagename;
 140  }
 141  
 142  // Display page header.
 143  $PAGE->set_title($pagename);
 144  $PAGE->set_heading($pageheading);
 145  
 146  $return = true;
 147  if (!empty($edit) || !empty($new)) {
 148      if (!empty($edit)) {
 149          $instancetype = repository::get_type_by_id($instance->options['typeid']);
 150          $classname = 'repository_' . $instancetype->get_typename();
 151          $configs  = $instance->get_instance_option_names();
 152          $plugin = $instancetype->get_typename();
 153          $typeid = $instance->options['typeid'];
 154      } else {
 155          $plugin = $new;
 156          $typeid = $new;
 157          $instance = null;
 158      }
 159  
 160  /// Create edit form for this instance
 161      $mform = new repository_instance_form('', array('plugin' => $plugin, 'typeid' => $typeid,'instance' => $instance, 'contextid' => $contextid));
 162  
 163  /// Process the form data if any, or display
 164      if ($mform->is_cancelled()){
 165          redirect($baseurl);
 166          exit;
 167  
 168      } else if ($fromform = $mform->get_data()){
 169          if ($edit) {
 170              $settings = array();
 171              $settings['name'] = $fromform->name;
 172              foreach($configs as $config) {
 173                  $settings[$config] = isset($fromform->$config) ? $fromform->$config : null;
 174              }
 175              $success = $instance->set_option($settings);
 176          } else {
 177              $success = repository::static_function($plugin, 'create', $plugin, 0, context::instance_by_id($contextid), $fromform);
 178              $data = data_submitted();
 179          }
 180          if ($success) {
 181              $savedstr = get_string('configsaved', 'repository');
 182              redirect($baseurl);
 183          } else {
 184              throw new \moodle_exception('instancenotsaved', 'repository', $baseurl);
 185          }
 186          exit;
 187      } else {     // Display the form
 188          echo $OUTPUT->header();
 189          echo $OUTPUT->heading(get_string('configplugin', 'repository_'.$plugin));
 190          $OUTPUT->box_start();
 191          $mform->display();
 192          $OUTPUT->box_end();
 193          $return = false;
 194      }
 195  } else if (!empty($delete)) {
 196      if ($sure) {
 197          require_sesskey();
 198          if ($instance->delete()) {
 199              $deletedstr = get_string('instancedeleted', 'repository');
 200              redirect($baseurl, $deletedstr, 3);
 201          } else {
 202              throw new \moodle_exception('instancenotdeleted', 'repository', $baseurl);
 203          }
 204          exit;
 205      }
 206      echo $OUTPUT->header();
 207      $formcontinue = new single_button(new moodle_url($baseurl, array('delete' => $delete, 'sure' => 'yes')), get_string('yes'));
 208      $formcancel = new single_button($baseurl, get_string('no'));
 209      echo $OUTPUT->confirm(get_string('confirmdelete', 'repository', $instance->name), $formcontinue, $formcancel);
 210      $return = false;
 211  } else {
 212      echo $OUTPUT->header();
 213      repository::display_instances_list($context);
 214      $return = false;
 215  }
 216  
 217  if (!empty($return)) {
 218      redirect($baseurl);
 219  }
 220  
 221  echo $OUTPUT->footer();