public function process_edit()
 {
     require_capability('users:editcapabilities');
     $capability_id = (int) $this->input->post('capability_id');
     if (!empty($capability_id)) {
         $redirect_url = base_url() . 'users/capability/edit/' . $capability_id;
     }
     $this->form_validation->set_rules('name', 'Name', 'trim|required');
     $this->form_validation->set_rules('description', 'Description', 'trim|required');
     $this->form_validation->set_rules('dependson', 'Parent capability', 'required');
     $success = $this->form_validation->run();
     if (!$success) {
         add_message('Some of the fields were not filled correctly. Please check the messages below.', 'danger');
         return $this->edit($capability_id);
     }
     $capability_data = array('name' => $this->input->post('name'), 'description' => $this->input->post('description'), 'dependson' => $this->input->post('dependson'));
     $updated_or_added = empty($capability_id) ? 'added' : 'updated';
     if (empty($capability_id)) {
         if (!($capability_id = $this->capability_model->add($capability_data))) {
             add_message('Could not create this capability!', 'danger');
             redirect($redirect_url);
         }
     } else {
         if (!$this->capability_model->edit($capability_id, $capability_data)) {
             add_message('Could not update this capability!', 'danger');
             redirect($redirect_url);
         }
     }
     add_message("The {$capability_data['name']} capability has been successfully {$updated_or_added}!", 'success');
     redirect(base_url() . 'users/capability/browse');
 }
 function display()
 {
     global $CFG, $PAGE;
     require_capability('format/page:managepages', $this->context);
     $locks = format_page_lock::get_locks();
     $mform = new format_page_lock_form($CFG->wwwroot . '/course/format/page/format.php', format_page_lock::decode($this->page->locks));
     if ($mform->is_cancelled()) {
         redirect($PAGE->url_build('action', 'manage'));
     } else {
         if ($data = $mform->get_data()) {
             $lockdata = array();
             foreach ($locks as $lock) {
                 $lockdata = array_merge($lockdata, $lock->process_form($data));
             }
             $lockinfo = array();
             $lockinfo['showprereqs'] = $data->showprereqs;
             $lockinfo['visible'] = $data->visible;
             $lockinfo['locks'] = $lockdata;
             if (empty($lockinfo['locks'])) {
                 $lockinfo = '';
             } else {
                 $lockinfo = format_page_lock::encode($lockinfo);
             }
             if (!set_field('format_page', 'locks', $lockinfo, 'id', $this->page->id)) {
                 error('Failed to save lock information');
             }
             redirect($PAGE->url_build('page', $this->page->id, 'action', 'lock'));
         } else {
             $PAGE->print_tabs('manage');
             $mform->display();
         }
     }
 }
Example #3
0
 function praxe_view_headm()
 {
     global $USER, $cm, $tab, $tab_modes, $CFG, $context;
     //$praxeaction = optional_param('praxeaction', null, PARAM_ALPHAEXT);
     //$school = optional_param('school', null, PARAM_INT);
     switch ($tab) {
         case PRAXE_TAB_HEADM_HOME:
             //$schoolid = optional_param('schoolid', 0, PARAM_INT);
             if ($schools = praxe_get_schools($USER->id)) {
                 $this->content .= self::show_schools($schools, array('mode' => $tab_modes['headm'][PRAXE_TAB_HEADM_EDITSCHOOL]));
             } else {
                 $this->content .= get_string('noschoolsavailable', 'praxe');
             }
             break;
         case PRAXE_TAB_HEADM_ADDSCHOOL:
             self::addschool_form();
             break;
         case PRAXE_TAB_HEADM_TEACHERS:
             $schoolid = optional_param('schoolid', 0, PARAM_INT);
             if ($schoolid > 0) {
                 $this->content .= self::school_teachers_by_schools($USER->id, $schoolid);
             } else {
                 $this->content .= self::school_teachers_by_schools($USER->id);
             }
             break;
         case PRAXE_TAB_HEADM_LOCATIONS:
             $schoolid = optional_param('schoolid', 0, PARAM_INT);
             if ($schoolid > 0) {
                 $this->content .= self::show_locations($schoolid);
             } else {
                 $this->content .= self::show_locations(null, $USER->id);
                 $this->content .= "<p>" . get_string('to_create_location_choose_school', 'praxe') . "</p>";
             }
             break;
         case PRAXE_TAB_HEADM_EDITSCHOOL:
             $schoolid = required_param('schoolid', PARAM_INT);
             $school = praxe_get_school($schoolid);
             if (!praxe_has_capability('editownschool') || !is_object($school) || !$school->headmaster == $USER->id) {
                 print_error('notallowedaction', 'praxe');
             }
             self::addschool_form();
             $this->form->set_form_to_edit($school);
             break;
         case PRAXE_TAB_HEADM_ASSIGNTEACHERS:
             require_capability('mod/praxe:assignteachertoownschool', $context, $USER->id);
             $schoolid = required_param('schoolid', PARAM_INT);
             require_once $CFG->dirroot . '/mod/praxe/c_assignteachers.php';
             $this->form = new praxe_assignteachers($schoolid);
             break;
         case PRAXE_TAB_HEADM_ADDLOCATION:
             require_capability('mod/praxe:createownlocation', $context, $USER->id);
             $schoolid = required_param('schoolid', PARAM_INT);
             require_once $CFG->dirroot . '/mod/praxe/c_addlocation.php';
             $this->form = new praxe_addlocation($schoolid);
             break;
         default:
             redirect($CFG->wwwroot . '/mod/praxe/view.php?id=' . $cm->id);
             break;
     }
 }
Example #4
0
 public static function fix_page($pages)
 {
     //Don't forget to set it as static
     global $CFG, $DB;
     $params = self::validate_parameters(self::fix_page_parameters(), array('pages' => $pages));
     $transaction = $DB->start_delegated_transaction();
     //If an exception is thrown in the below code, all DB queries in this code will be rollback.
     $newpages = array();
     foreach ($params['pages'] as $page) {
         $page = (object) $page;
         if (!($student = $DB->get_record('user', array('id' => $page->studentid)))) {
             throw new invalid_parameter_exception('No student with the specified id');
         }
         list($cm, $emarking, $course, $context) = emarking_get_cm_course_instance_by_id($page->cmid);
         // now security checks
         self::validate_context($context);
         require_capability('mod/emarking:uploadexam', $context);
         // finally fix the page
         $page->id = emarking_fix_page($page->fileid, $student, $emarking, $context, $page->pagenumber);
         if ($page->id > 0) {
             $newpages[] = array('id' => $page->id);
         }
     }
     $transaction->allow_commit();
     return $newpages;
 }
Example #5
0
File: lib.php Project: dg711/moodle
/**
 * Manage inplace editable saves.
 *
 * @param   string      $itemtype       The type of item.
 * @param   int         $itemid         The ID of the item.
 * @param   mixed       $newvalue       The new value
 * @return  string
 */
function tool_usertours_inplace_editable($itemtype, $itemid, $newvalue)
{
    $context = \context_system::instance();
    external_api::validate_context($context);
    require_capability('tool/usertours:managetours', $context);
    if ($itemtype === 'tourname') {
        $tour = helper::get_tour($itemid);
        $tour->set_name($newvalue)->persist();
        return helper::render_tourname_inplace_editable($tour);
    } else {
        if ($itemtype === 'tourdescription') {
            $tour = helper::get_tour($itemid);
            $tour->set_description($newvalue)->persist();
            return helper::render_tourdescription_inplace_editable($tour);
        } else {
            if ($itemtype === 'tourenabled') {
                $tour = helper::get_tour($itemid);
                $tour->set_enabled(!!$newvalue)->persist();
                return helper::render_tourenabled_inplace_editable($tour);
            } else {
                if ($itemtype === 'stepname') {
                    $step = helper::get_step($itemid);
                    $step->set_title($newvalue)->persist();
                    return helper::render_stepname_inplace_editable($step);
                }
            }
        }
    }
}
 public function edit($invoice_tenancy_id, $order_id)
 {
     require_capability('orders:viewdocuments');
     $this->load->model('miniant/abbreviation_model');
     $this->load->model('miniant/invoice_tenancy_abbreviation_model');
     $invoice_tenancy = $this->invoice_tenancy_model->get($invoice_tenancy_id);
     $invoice = $this->invoice_model->get(array('order_id' => $order_id), true);
     $tenancy = $this->tenancy_model->get($invoice_tenancy->tenancy_id);
     $abbreviations = $this->abbreviation_model->get();
     $invoice_tenancy_abbreviations = $this->invoice_tenancy_abbreviation_model->get(array('invoice_tenancy_id' => $invoice_tenancy_id));
     $invoice_tenancy->system_time = $this->order_model->get_total_time($invoice->order_id);
     form_element::$default_data['technician_time_hours'] = floor($invoice_tenancy->technician_time / 60 / 60);
     form_element::$default_data['technician_time_minutes'] = ($invoice_tenancy->technician_time - form_element::$default_data['technician_time_hours'] * 60 * 60) / 60;
     foreach ($abbreviations as $key => $abbreviation) {
         $abbreviations[$key]->selected = false;
         foreach ($invoice_tenancy_abbreviations as $invoice_tenancy_abbreviation) {
             if ($invoice_tenancy_abbreviation->abbreviation_id == $abbreviation->id) {
                 $abbreviations[$key]->selected = true;
             }
         }
     }
     $title = "Edit invoice for {$tenancy->name}, job J{$order_id}";
     $help = "Use this form to edit the time spent by technicians on this job.";
     $this->config->set_item('replacer', array('miniant' => null, 'orders' => array('/miniant/orders/order/index|Jobs'), 'documents' => array('/miniant/orders/documents/index/html/' . $order_id . '/0|Tenancy invoices', $order_id => 'J' . $order_id, $invoice_tenancy_id => 'Edit invoice')));
     $this->config->set_item('exclude', array('edit'));
     $this->config->set_item('exclude_segment', array(7));
     $title_options = array('title' => $title, 'help' => $help, 'expand' => 'page', 'icons' => array());
     $pageDetails = array('title' => $title, 'title_options' => $title_options, 'content_view' => 'orders/documents/edit', 'tenancy' => $tenancy, 'invoice' => $invoice, 'order_id' => $order_id, 'abbreviations' => $abbreviations, 'invoice_tenancy_abbreviations' => $invoice_tenancy_abbreviations, 'invoice_tenancy' => $invoice_tenancy, 'jstoload' => array('bootstrap-slider'), 'feature_type' => 'Custom Feature', 'csstoload' => array('slider'));
     $this->load->view('template/default', $pageDetails);
 }
Example #7
0
 public function view_tree($unit_type_id)
 {
     $this->load->model('miniant/diagnostic_tree_model');
     require_capability('orders:viewdiagnosticrules');
     $tree = $this->diagnostic_tree_model->get_tree();
     // Remove parts that cannot have issues
     foreach ($tree as $this_unit_type_id => $unit_type_object) {
         if ($this_unit_type_id != $unit_type_id) {
             unset($tree[$this_unit_type_id]);
             continue;
         } else {
             $unit_type_name = $unit_type_object->unit_type;
         }
         foreach ($unit_type_object->part_types as $key => $part_type) {
             if (!$part_type->can_have_issues) {
                 unset($tree[$this_unit_type_id]->part_types[$key]);
             }
         }
     }
     $this->config->set_item('replacer', array('miniant' => null, 'steps' => array('/home|Administration', '/miniant/orders/steps/diagnostic_rules|Diagnostic rules'), 'orders' => null, 'view_tree' => array($unit_type_name)));
     $title = 'Diagnostic business rules';
     $help = 'This tree can be used to edit diagnostic business rules';
     $title_options = array('title' => $title, 'help' => $help, 'icons' => array());
     $pageDetails = array('title' => $title, 'title_options' => $title_options, 'content_view' => 'orders/steps', 'tree' => $tree, 'jstoload' => array('orders/steps'), 'feature_type' => 'Custom Feature', 'unit_type_name' => $unit_type_name, 'module' => 'miniant', 'csstoload' => array('tree'));
     $this->load->view('template/default', $pageDetails);
 }
Example #8
0
    /**
     * Simulate the imscp/view.php web interface page: trigger events, completion, etc...
     *
     * @param int $imscpid the imscp instance id
     * @return array of warnings and status result
     * @since Moodle 3.0
     * @throws moodle_exception
     */
    public static function view_imscp($imscpid) {
        global $DB, $CFG;
        require_once($CFG->dirroot . "/mod/imscp/lib.php");

        $params = self::validate_parameters(self::view_imscp_parameters(),
                                            array(
                                                'imscpid' => $imscpid
                                            ));
        $warnings = array();

        // Request and permission validation.
        $imscp = $DB->get_record('imscp', array('id' => $params['imscpid']), '*', MUST_EXIST);
        list($course, $cm) = get_course_and_cm_from_instance($imscp, 'imscp');

        $context = context_module::instance($cm->id);
        self::validate_context($context);

        require_capability('mod/imscp:view', $context);

        // Call the imscp/lib API.
        imscp_view($imscp, $course, $cm, $context);

        $result = array();
        $result['status'] = true;
        $result['warnings'] = $warnings;
        return $result;
    }
Example #9
0
/**
 * Creates tags
 * Ex: tag_create('A VeRY   cOoL    Tag, Another NICE tag')
 * will create the following normalized {@link tag_normalize()} entries in tags table:
 *  'a very cool tag'
 *  'another nice tag'
 *
 * @param string $tag_names_csv CSV tag names (can be unnormalized) to be created.
 * @param string $tag_type type of tag to be created ("default" is the default value).
 * @return an array of tags ids, indexed by their normalized names
 */
function tag_create($tag_names_csv, $tag_type = "default")
{
    global $USER;
    $textlib = textlib_get_instance();
    $tags = explode(",", $tag_names_csv);
    $tag_object = new StdClass();
    $tag_object->tagtype = $tag_type;
    $tag_object->userid = $USER->id;
    $systemcontext = get_context_instance(CONTEXT_SYSTEM);
    $can_create_tags = has_capability('moodle/tag:create', $systemcontext);
    $norm_tag_names_csv = '';
    foreach ($tags as $tag) {
        // rawname keeps the original casing of the string
        $tag_object->rawname = tag_normalize($tag, false);
        // name lowercases the string
        $tag_object->name = tag_normalize($tag);
        $norm_tag_names_csv .= $tag_object->name . ',';
        $tag_object->timemodified = time();
        $exists = record_exists('tag', 'name', $tag_object->name);
        if (!$exists && is_tag_name_valid($tag_object->name)) {
            if ($can_create_tags) {
                insert_record('tag', $tag_object);
            } else {
                require_capability('moodle/tag:create', $systemcontext);
            }
        }
    }
    $norm_tag_names_csv = $textlib->substr($norm_tag_names_csv, 0, -1);
    return tags_id($norm_tag_names_csv);
}
Example #10
0
 /**
  * Updates the value in database and returns itself, called from inplace_editable callback
  *
  * @param int $itemid
  * @param mixed $newvalue
  * @return \self
  */
 public static function update($itemid, $newvalue)
 {
     require_capability('moodle/tag:manage', context_system::instance());
     $tag = core_tag_tag::get($itemid, '*', MUST_EXIST);
     $tag->update(array('rawname' => $newvalue));
     return new self($tag);
 }
Example #11
0
/**
 * Get course/cm/zoom objects from url parameters, and check for login/permissions.
 *
 * @return array Array of ($course, $cm, $zoom)
 */
function zoom_get_instance_setup()
{
    global $DB;
    $id = optional_param('id', 0, PARAM_INT);
    // Course_module ID, or
    $n = optional_param('n', 0, PARAM_INT);
    // ... zoom instance ID - it should be named as the first character of the module.
    if ($id) {
        $cm = get_coursemodule_from_id('zoom', $id, 0, false, MUST_EXIST);
        $course = $DB->get_record('course', array('id' => $cm->course), '*', MUST_EXIST);
        $zoom = $DB->get_record('zoom', array('id' => $cm->instance), '*', MUST_EXIST);
    } else {
        if ($n) {
            $zoom = $DB->get_record('zoom', array('id' => $n), '*', MUST_EXIST);
            $course = $DB->get_record('course', array('id' => $zoom->course), '*', MUST_EXIST);
            $cm = get_coursemodule_from_instance('zoom', $zoom->id, $course->id, false, MUST_EXIST);
        } else {
            print_error('You must specify a course_module ID or an instance ID');
        }
    }
    require_login($course, true, $cm);
    $context = context_module::instance($cm->id);
    require_capability('mod/zoom:view', $context);
    return array($course, $cm, $zoom);
}
Example #12
0
 /**
  * Performs class deletion
  * @throws moodle_exception If there was an error in passed parameters.
  * @throws data_object_exception If there was an error deleting the entity.
  * @param array $data The incoming data parameter.
  * @return array An array of parameters, if successful.
  */
 public static function class_delete(array $data)
 {
     global $USER, $DB;
     if (static::require_elis_dependencies() !== true) {
         throw new moodle_exception('ws_function_requires_elis', 'local_datahub');
     }
     // Parameter validation.
     $params = self::validate_parameters(self::class_delete_parameters(), array('data' => $data));
     // Context validation.
     $context = context_user::instance($USER->id);
     self::validate_context($context);
     // Initialize version1elis importplugin for utility functions.
     $importplugin = rlip_dataplugin_factory::factory('dhimport_version1elis');
     // Get the class.
     $clsid = $DB->get_field(pmclass::TABLE, 'id', array('idnumber' => $data['idnumber']));
     if (empty($clsid)) {
         throw new data_object_exception('ws_class_delete_fail_invalid_idnumber', 'local_datahub', '', $data);
     }
     // Capability checking.
     require_capability('local/elisprogram:class_delete', \local_elisprogram\context\pmclass::instance($clsid));
     // Delete the class.
     $pmclass = new pmclass($clsid);
     $pmclass->delete();
     // Verify class deleted & respond.
     if (!$DB->record_exists(pmclass::TABLE, array('id' => $clsid))) {
         return array('messagecode' => get_string('ws_class_delete_success_code', 'local_datahub'), 'message' => get_string('ws_class_delete_success_msg', 'local_datahub'));
     } else {
         throw new data_object_exception('ws_class_delete_fail', 'local_datahub');
     }
 }
Example #13
0
    function view() {

        global $USER, $OUTPUT;

        $context = context_module::instance($this->cm->id);
        require_capability('mod/assignment:view', $context);

        add_to_log($this->course->id, "assignment", "view", "view.php?id={$this->cm->id}", $this->assignment->id, $this->cm->id);

        $this->view_header();

        $this->view_intro();

        $this->view_dates();

        $filecount = false;

        if ($submission = $this->get_submission($USER->id)) {
            $filecount = $this->count_user_files($submission->id);
            if ($submission->timemarked) {
                $this->view_feedback();
            }
            if ($filecount) {
                echo $OUTPUT->box($this->print_user_files($USER->id, true), 'generalbox boxaligncenter');
            }
        }

        if (is_enrolled($this->context, $USER, 'mod/assignment:submit') && $this->isopen() && (!$filecount || $this->assignment->resubmit || !$submission->timemarked)) {
            $this->view_upload_form();
        }

        $this->view_footer();
    }
 public function index($assignment_id)
 {
     require_capability('servicequotes:writesqs');
     if (!($assignment = $this->assignment_model->get($assignment_id))) {
         die("The assignment ID {$assignment_id} could not be found!");
     }
     $this->assignment = $this->assignment_model->get($assignment_id);
     if (empty($this->assignment)) {
         add_message('This job is no longer on record.', 'warning');
         redirect(base_url());
     }
     $order = $this->order_model->get($this->assignment->order_id);
     $order_type = $this->order_model->get_type_string($order->order_type_id);
     parent::update_time($order->id);
     $diagnostics = $this->diagnostic_model->get_for_technician($this->assignment, $this->session->userdata('technician_id'), $order->senior_technician_id);
     $diagnostic = reset($diagnostics);
     $tasks = $this->order_model->get_tasks($order->id);
     $this->load->library('Miniant_Workflow_manager', array(), 'workflow_manager');
     $this->workflow_manager->initialise(array('workflow' => $order_type, 'stage' => 'postjob_checklist', 'param' => $assignment_id, 'module' => 'miniant'));
     $title_options = array('title' => $order_type . ' post-job checklist', 'help' => 'You must complete these tasks before obtaining the client\'s signature', 'icons' => array());
     $complete = $this->order_model->has_statuses($order->id, array('POST-JOB COMPLETE'));
     if (!$complete) {
         add_message('You must complete all the tasks below before moving to the next section', 'warning');
     }
     $this->load_stage_view(array('tasks' => $tasks, 'completed' => $complete));
 }
Example #15
0
 /**
  * Return a list of comments
  *
  * @param string $contextlevel ('system, course, user', etc..)
  * @param int $instanceid
  * @param string $component the name of the component
  * @param int $itemid the item id
  * @param string $area comment area
  * @param int $page page number
  * @return array of comments and warnings
  * @since Moodle 2.9
  */
 public static function get_comments($contextlevel, $instanceid, $component, $itemid, $area = '', $page = 0)
 {
     $warnings = array();
     $arrayparams = array('contextlevel' => $contextlevel, 'instanceid' => $instanceid, 'component' => $component, 'itemid' => $itemid, 'area' => $area, 'page' => $page);
     $params = self::validate_parameters(self::get_comments_parameters(), $arrayparams);
     $context = self::get_context_from_params($params);
     self::validate_context($context);
     require_capability('moodle/comment:view', $context);
     $args = new stdClass();
     $args->context = $context;
     $args->area = $params['area'];
     $args->itemid = $params['itemid'];
     $args->component = $params['component'];
     $commentobject = new comment($args);
     $comments = $commentobject->get_comments($params['page']);
     // False means no permissions to see comments.
     if ($comments === false) {
         throw new moodle_exception('nopermissions', 'error', '', 'view comments');
     }
     foreach ($comments as $key => $comment) {
         list($comments[$key]->content, $comments[$key]->format) = external_format_text($comment->content, $comment->format, $context->id, $params['component'], '', 0);
     }
     $results = array('comments' => $comments, 'warnings' => $warnings);
     return $results;
 }
Example #16
0
 /**
  * Validate access permissions to the report
  *
  * @param  int  $courseid the courseid
  * @param  int  $userid   the user id to retrieve data from
  * @param  int $groupid   the group id
  * @return array with the parameters cleaned and other required information
  * @since  Moodle 3.2
  */
 protected static function check_report_access($courseid, $userid, $groupid = 0)
 {
     global $USER;
     // Validate the parameter.
     $params = self::validate_parameters(self::get_grades_table_parameters(), array('courseid' => $courseid, 'userid' => $userid, 'groupid' => $groupid));
     // Compact/extract functions are not recommended.
     $courseid = $params['courseid'];
     $userid = $params['userid'];
     $groupid = $params['groupid'];
     // Function get_course internally throws an exception if the course doesn't exist.
     $course = get_course($courseid);
     $context = context_course::instance($courseid);
     self::validate_context($context);
     // Specific capabilities.
     require_capability('gradereport/user:view', $context);
     $user = null;
     if (empty($userid)) {
         require_capability('moodle/grade:viewall', $context);
     } else {
         $user = core_user::get_user($userid, '*', MUST_EXIST);
         core_user::require_active_user($user);
         // Check if we can view the user group (if any).
         // When userid == 0, we are retrieving all the users, we'll check then if a groupid is required.
         if (!groups_user_groups_visible($course, $user->id)) {
             throw new moodle_exception('notingroup');
         }
     }
     $access = false;
     if (has_capability('moodle/grade:viewall', $context)) {
         // Can view all course grades.
         $access = true;
     } else {
         if ($userid == $USER->id and has_capability('moodle/grade:view', $context) and $course->showgrades) {
             // View own grades.
             $access = true;
         }
     }
     if (!$access) {
         throw new moodle_exception('nopermissiontoviewgrades', 'error');
     }
     if (!empty($groupid)) {
         // Determine is the group is visible to user.
         if (!groups_group_visible($groupid, $course)) {
             throw new moodle_exception('notingroup');
         }
     } else {
         // Check to see if groups are being used here.
         if ($groupmode = groups_get_course_groupmode($course)) {
             $groupid = groups_get_course_group($course);
             // Determine is the group is visible to user (this is particullary for the group 0).
             if (!groups_group_visible($groupid, $course)) {
                 throw new moodle_exception('notingroup');
             }
         } else {
             $groupid = 0;
         }
     }
     return array($params, $course, $context, $user, $groupid);
 }
Example #17
0
    function view() {
        global $USER, $OUTPUT;

        require_capability('mod/assignment:view', $this->context);
        $cansubmit = has_capability('mod/assignment:submit', $this->context);

        add_to_log($this->course->id, 'assignment', 'view', "view.php?id={$this->cm->id}", $this->assignment->id, $this->cm->id);

        $this->view_header();

        if ($this->assignment->timeavailable > time()
          and !has_capability('mod/assignment:grade', $this->context)      // grading user can see it anytime
          and $this->assignment->var3) {                                   // force hiding before available date
            echo $OUTPUT->box_start('generalbox boxaligncenter', 'intro');
            print_string('notavailableyet', 'assignment');
            echo $OUTPUT->box_end();
        } else {
            $this->view_intro();
        }

        $this->view_dates();

        if (is_enrolled($this->context, $USER)) {
            if ($submission = $this->get_submission($USER->id)) {
                $filecount = $this->count_user_files($submission->id);
            } else {
                $filecount = 0;
            }
            if ($cansubmit or !empty($filecount)) { //if a user has submitted files using a previous role we should still show the files
                $this->view_feedback();

                if (!$this->drafts_tracked() or !$this->isopen() or $this->is_finalized($submission)) {
                    echo $OUTPUT->heading(get_string('submission', 'assignment'), 3);
                } else {
                    echo $OUTPUT->heading(get_string('submissiondraft', 'assignment'), 3);
                }

                if ($filecount and $submission) {
                    echo $OUTPUT->box($this->print_user_files($USER->id, true), 'generalbox boxaligncenter', 'userfiles');
                } else {
                    if (!$this->isopen() or $this->is_finalized($submission)) {
                        echo $OUTPUT->box(get_string('nofiles', 'assignment'), 'generalbox boxaligncenter nofiles', 'userfiles');
                    } else {
                        echo $OUTPUT->box(get_string('nofilesyet', 'assignment'), 'generalbox boxaligncenter nofiles', 'userfiles');
                    }
                }

                $this->view_upload_form();

                if ($this->notes_allowed()) {
                    echo $OUTPUT->heading(get_string('notes', 'assignment'), 3);
                    $this->view_notes();
                }

                $this->view_final_submission();
            }
        }
        $this->view_footer();
    }
Example #18
0
 /**
  * Updates the value in database and returns itself, called from inplace_editable callback
  *
  * @param int $itemid
  * @param mixed $newvalue
  * @return \self
  */
 public static function update($itemid, $newvalue)
 {
     global $DB;
     require_capability('moodle/tag:manage', context_system::instance());
     $tagcoll = $DB->get_record('tag_coll', array('id' => $itemid), '*', MUST_EXIST);
     \core_tag_collection::update($tagcoll, array('name' => $newvalue));
     return new self($tagcoll);
 }
Example #19
0
 /**
  * Updates the value in database and returns itself, called from inplace_editable callback
  *
  * @param int $itemid
  * @param mixed $newvalue
  * @return \self
  */
 public static function update($itemid, $newvalue)
 {
     require_capability('moodle/tag:manage', context_system::instance());
     $tag = core_tag_tag::get($itemid, '*', MUST_EXIST);
     $newvalue = (int) clean_param($newvalue, PARAM_BOOL);
     $tag->update(array('isstandard' => $newvalue));
     return new self($tag);
 }
Example #20
0
 public function __construct()
 {
     parent::__construct();
     $this->load->library('form_validation');
     $this->config->set_item('replacer', array('orders' => array('index|Jobs')));
     $this->config->set_item('exclude', array('index'));
     require_capability('orders:manageunits');
 }
 /**
  * Do any security checks needed for the passed action
  *
  * @param string $action
  */
 public function require_capability($action)
 {
     global $PAGE;
     if ($action !== 'addsection') {
         throw new \coding_exception("Missing capability check for {$action} action");
     }
     require_capability('moodle/course:update', $PAGE->context);
 }
 /**
  * Do any security checks needed for the passed action
  *
  * @param string $action
  */
 public function require_capability($action)
 {
     global $PAGE;
     require_capability('mod/hsuforum:viewdiscussion', $PAGE->context);
     if (is_guest($PAGE->context)) {
         print_error('noguest');
     }
 }
Example #23
0
function check_move_permissions($forum, $targetforum)
{
    // Check permission for move.
    require_capability('mod/forumng:movediscussions', $forum->get_context());
    require_capability('mod/forumng:movediscussions', $targetforum->get_context());
    $aag = has_capability('moodle/site:accessallgroups', $targetforum->get_context());
    return $aag;
}
 public function process_edit()
 {
     require_capability('maintenance_contracts:editcontracts');
     if ($this->input->post('return')) {
         redirect(base_url() . 'miniant/maintenance_contracts/browse');
     }
     $required_fields = array('account_id' => "Billing account", 'site_address_id' => "Job site address");
     if ($maintenance_contract_id = (int) $this->input->post('maintenance_contract_id')) {
         $maintenance_contract = $this->maintenance_contract_model->get($maintenance_contract_id);
         $redirect_url = base_url() . 'miniant/maintenance_contracts/browse';
     } else {
         $required_fields['creation_date'] = "Creation date";
         $required_fields['next_maintenance_date'] = "Next maintenance date";
         $required_fields['schedule_interval'] = "Schedule type";
     }
     foreach ($required_fields as $field => $description) {
         $this->form_validation->set_rules($field, $description, 'trim|required');
     }
     $success = $this->form_validation->run();
     $action_word = $maintenance_contract_id ? 'updated' : 'created';
     if (!$success) {
         echo validation_errors();
         add_message('The form could not be submitted. Please check the errors below', 'danger');
         return $this->edit($maintenance_contract_id);
     }
     // The billing and property manager contacts are created dynamically through AJAX before we get to this point
     $billing_contact_id = $this->contact_model->get(array('contact_type_id' => $this->contact_model->get_type_id('Billing'), 'account_id' => $this->input->post('account_id')), true)->id;
     $maintenance_contract_type_id = $this->input->post('maintenance_contract_type_id');
     $maintenance_contract_data = array('creation_date' => human_to_unix($this->input->post('creation_date')), 'account_id' => $this->input->post('account_id'), 'site_address_id' => $this->input->post('site_address_id'), 'billing_contact_id' => $billing_contact_id);
     $maintenance_contract_data['next_maintenance_date'] = human_to_unix($this->input->post('next_maintenance_date'));
     $property_manager_contact = $this->contact_model->get(array('contact_type_id' => $this->contact_model->get_type_id('Property manager'), 'account_id' => $this->input->post('account_id')), true);
     if (!empty($property_manager_contact)) {
         $maintenance_contract_data['property_manager_contact_id'] = $property_manager_contact->id;
     }
     // Don't allow removal of creation date
     if (empty($maintenance_contract_data['creation_date'])) {
         unset($maintenance_contract_data['creation_date']);
     }
     if (!empty($maintenance_contract_id)) {
         if (!$this->maintenance_contract_model->edit($maintenance_contract_id, $maintenance_contract_data)) {
             add_message('Could not update this Maintenance contract!', 'error');
             redirect($redirect_url);
         } else {
             trigger_event('admin_prep_finished', 'maintenance_contracts', $maintenance_contract_id, false, 'miniant');
             $redirect_url = base_url() . 'miniant/maintenance_contracts/browse/';
         }
     } else {
         if (!($maintenance_contract_id = $this->maintenance_contract_model->add($maintenance_contract_data))) {
             add_message('Could not create this Maintenance contract!', 'error');
             redirect($redirect_url);
         } else {
             trigger_event('create_maintenance_contract', 'maintenance_contracts', $maintenance_contract_id, false, 'miniant');
             $redirect_url = base_url() . 'miniant/maintenance_contracts/edit/' . $maintenance_contract_id . '#maintenance_contract_units';
         }
     }
     add_message("Maintenance contract {$maintenance_contract_id} has been successfully {$action_word}!", 'success');
     redirect($redirect_url);
 }
Example #25
0
 public function process_edit()
 {
     require_capability('site:editsettings');
     $required_fields = array('name' => 'Name');
     if ($setting_id = (int) $this->input->post('setting_id')) {
         $setting = $this->setting_model->get($setting_id);
         $redirect_url = base_url() . 'settings/edit/' . $setting_id;
     } else {
         $redirect_url = base_url() . 'settings/add';
         $setting_id = null;
     }
     foreach ($required_fields as $field => $value) {
         $this->form_validation->set_rules($field, $value, 'trim|required');
     }
     $success = $this->form_validation->run();
     $action_word = $setting_id ? 'updated' : 'created';
     if (IS_AJAX) {
         $json = new stdClass();
         if ($success) {
             $json->result = 'success';
             $json->message = "setting {$setting_id} has been successfully {$action_word}!";
         } else {
             $json->result = 'error';
             $json->message = $this->form_validation->error_string(' ', "\n");
             echo json_encode($json);
             return null;
         }
     } else {
         if (!$success) {
             add_message('The form could not be submitted. Please check the errors below', 'danger');
             $errors = validation_errors();
             return $this->edit($setting_id);
         }
     }
     $value = $this->input->post('value');
     if (is_array($value)) {
         $value = implode(',', $value);
     }
     $setting_data = array('name' => $this->input->post('name'), 'value' => $value);
     if (empty($setting_id)) {
         if (!($setting_id = $this->setting_model->add($setting_data))) {
             add_message('Could not create this setting!', 'error');
             redirect($redirect_url);
         }
     } else {
         if (!$this->setting_model->edit($setting_id, $setting_data)) {
             add_message('Could not update this setting!', 'error');
             redirect($redirect_url);
         }
     }
     // If requested through AJAX, echo response, do not redirect
     if (IS_AJAX) {
         echo json_encode($json);
         return null;
     }
     add_message("setting {$setting_id} has been successfully {$action_word}!", 'success');
     redirect(base_url() . 'settings');
 }
Example #26
0
 function process_edit()
 {
     require_capability('users:editcontacts');
     $required_fields = array('first_name' => 'First Name', 'surname' => 'Surname', 'phone' => 'Landline phone 1', 'email' => 'Email address 1', 'account_id' => 'Account', 'contact_type_id' => 'Contact type');
     if ($contact_id = (int) $this->input->post('contact_id')) {
         require_capability('users:editcontacts');
         $contact = $this->contact_model->get($contact_id);
         $redirect_url = base_url() . 'users/contact/edit/' . $contact_id;
     } else {
         require_capability('users:writecontacts');
         $redirect_url = base_url() . 'users/contact/add';
         $contact_id = null;
     }
     foreach ($required_fields as $field => $description) {
         $rule = strstr($field, 'email') ? 'trim|required|valid_email' : 'trim|required';
         $this->form_validation->set_rules($field, $description, $rule);
     }
     $this->form_validation->set_rules('email2', 'Email address 2', 'trim|valid_email');
     $success = $this->form_validation->run();
     $action_word = $contact_id ? 'updated' : 'created';
     if (IS_AJAX) {
         $json = new stdClass();
         if ($success) {
             $json->result = 'success';
             $json->message = "contact {$contact_id} has been successfully {$action_word}!";
         } else {
             $json->result = 'error';
             $json->message = $this->form_validation->error_string(' ', "\n");
             echo json_encode($json);
             return null;
         }
     } else {
         if (!$success) {
             add_message('The form could not be submitted. Please check the errors below', 'danger');
             $errors = validation_errors();
             return $this->edit($contact_id);
         }
     }
     $contact_data = array('first_name' => $this->input->post('first_name'), 'surname' => $this->input->post('surname'), 'phone' => $this->input->post('phone'), 'mobile' => $this->input->post('mobile'), 'email' => $this->input->post('email'), 'phone2' => $this->input->post('phone2'), 'mobile2' => $this->input->post('mobile2'), 'email2' => $this->input->post('email2'), 'account_id' => $this->input->post('account_id'), 'contact_type_id' => $this->input->post('contact_type_id'));
     if (empty($contact_id)) {
         if (!($contact_id = $this->contact_model->add($contact_data))) {
             add_message('Could not create this contact!', 'error');
             redirect($redirect_url);
         }
     } else {
         if (!$this->contact_model->edit($contact_id, $contact_data)) {
             add_message('Could not update this contact!', 'error');
             redirect($redirect_url);
         }
     }
     // If requested through AJAX, echo response, do not redirect
     if (IS_AJAX) {
         echo json_encode($json);
         return null;
     }
     add_message("contact {$contact_id} has been successfully {$action_word}!", 'success');
     redirect(base_url() . 'users/contact');
 }
Example #27
0
 /**
  * Enrolment of users.
  *
  * Function throw an exception at the first error encountered.
  * @param array $enrolments  An array of user enrolment
  * @since Moodle 2.2
  */
 public static function enrol_users($enrolments)
 {
     global $DB, $CFG;
     require_once $CFG->libdir . '/enrollib.php';
     $params = self::validate_parameters(self::enrol_users_parameters(), array('enrolments' => $enrolments));
     $transaction = $DB->start_delegated_transaction();
     // Rollback all enrolment if an error occurs
     // (except if the DB doesn't support it).
     // Retrieve the manual enrolment plugin.
     $enrol = enrol_get_plugin('manual');
     if (empty($enrol)) {
         throw new moodle_exception('manualpluginnotinstalled', 'enrol_manual');
     }
     foreach ($params['enrolments'] as $enrolment) {
         // Ensure the current user is allowed to run this function in the enrolment context.
         $context = context_course::instance($enrolment['courseid'], IGNORE_MISSING);
         self::validate_context($context);
         // Check that the user has the permission to manual enrol.
         require_capability('enrol/manual:enrol', $context);
         // Throw an exception if user is not able to assign the role.
         $roles = get_assignable_roles($context);
         if (!array_key_exists($enrolment['roleid'], $roles)) {
             $errorparams = new stdClass();
             $errorparams->roleid = $enrolment['roleid'];
             $errorparams->courseid = $enrolment['courseid'];
             $errorparams->userid = $enrolment['userid'];
             throw new moodle_exception('wsusercannotassign', 'enrol_manual', '', $errorparams);
         }
         // Check manual enrolment plugin instance is enabled/exist.
         $instance = null;
         $enrolinstances = enrol_get_instances($enrolment['courseid'], true);
         foreach ($enrolinstances as $courseenrolinstance) {
             if ($courseenrolinstance->enrol == "manual") {
                 $instance = $courseenrolinstance;
                 break;
             }
         }
         if (empty($instance)) {
             $errorparams = new stdClass();
             $errorparams->courseid = $enrolment['courseid'];
             throw new moodle_exception('wsnoinstance', 'enrol_manual', $errorparams);
         }
         // Check that the plugin accept enrolment (it should always the case, it's hard coded in the plugin).
         if (!$enrol->allow_enrol($instance)) {
             $errorparams = new stdClass();
             $errorparams->roleid = $enrolment['roleid'];
             $errorparams->courseid = $enrolment['courseid'];
             $errorparams->userid = $enrolment['userid'];
             throw new moodle_exception('wscannotenrol', 'enrol_manual', '', $errorparams);
         }
         // Finally proceed the enrolment.
         $enrolment['timestart'] = isset($enrolment['timestart']) ? $enrolment['timestart'] : 0;
         $enrolment['timeend'] = isset($enrolment['timeend']) ? $enrolment['timeend'] : 0;
         $enrolment['status'] = isset($enrolment['suspend']) && !empty($enrolment['suspend']) ? ENROL_USER_SUSPENDED : ENROL_USER_ACTIVE;
         $enrol->enrol_user($instance, $enrolment['userid'], $enrolment['roleid'], $enrolment['timestart'], $enrolment['timeend'], $enrolment['status']);
     }
     $transaction->allow_commit();
 }
Example #28
0
 function upload()
 {
     global $CFG, $USER;
     require_capability('mod/assignment:submit', get_context_instance(CONTEXT_MODULE, $this->cm->id));
     $this->view_header(get_string('upload'));
     $filecount = $this->count_user_files($USER->id);
     $submission = $this->get_submission($USER->id);
     if ($this->isopen() && (!$filecount || $this->assignment->resubmit || !$submission->timemarked)) {
         if ($submission = $this->get_submission($USER->id)) {
             //TODO: change later to ">= 0", to prevent resubmission when graded 0
             if ($submission->grade > 0 and !$this->assignment->resubmit) {
                 notify(get_string('alreadygraded', 'assignment'));
             }
         }
         $dir = $this->file_area_name($USER->id);
         require_once $CFG->dirroot . '/lib/uploadlib.php';
         $um = new upload_manager('newfile', true, false, $this->course, false, $this->assignment->maxbytes);
         if ($um->process_file_uploads($dir)) {
             $newfile_name = $um->get_new_filename();
             if ($submission) {
                 $submission->timemodified = time();
                 $submission->numfiles = 1;
                 $submission->submissioncomment = addslashes($submission->submissioncomment);
                 unset($submission->data1);
                 // Don't need to update this.
                 unset($submission->data2);
                 // Don't need to update this.
                 if (update_record("assignment_submissions", $submission)) {
                     add_to_log($this->course->id, 'assignment', 'upload', 'view.php?a=' . $this->assignment->id, $this->assignment->id, $this->cm->id);
                     $submission = $this->get_submission($USER->id);
                     $this->update_grade($submission);
                     $this->email_teachers($submission);
                     print_heading(get_string('uploadedfile'));
                 } else {
                     notify(get_string("uploadfailnoupdate", "assignment"));
                 }
             } else {
                 $newsubmission = $this->prepare_new_submission($USER->id);
                 $newsubmission->timemodified = time();
                 $newsubmission->numfiles = 1;
                 if (insert_record('assignment_submissions', $newsubmission)) {
                     add_to_log($this->course->id, 'assignment', 'upload', 'view.php?a=' . $this->assignment->id, $this->assignment->id, $this->cm->id);
                     $submission = $this->get_submission($USER->id);
                     $this->update_grade($submission);
                     $this->email_teachers($newsubmission);
                     print_heading(get_string('uploadedfile'));
                 } else {
                     notify(get_string("uploadnotregistered", "assignment", $newfile_name));
                 }
             }
         }
     } else {
         notify(get_string("uploaderror", "assignment"));
         //submitting not allowed!
     }
     print_continue('view.php?id=' . $this->cm->id);
     $this->view_footer();
 }
Example #29
0
/**
 * Implements callback inplace_editable() allowing to edit values in-place
 *
 * @param string $itemtype
 * @param int $itemid
 * @param mixed $newvalue
 * @return \core\output\inplace_editable
 */
function core_tag_inplace_editable($itemtype, $itemid, $newvalue)
{
    if ($itemtype === 'tagname') {
        require_capability('moodle/tag:manage', context_system::instance());
        $tag = core_tag_tag::get($itemid, '*', MUST_EXIST);
        $tag->update(array('rawname' => $newvalue));
        return new \core_tag\output\tagname($tag);
    }
}
Example #30
0
 /**
  * Toggle user vote for a question.
  *
  * @param $qid
  * @return array [string]
  * @throws \invalid_parameter_exception
  */
 public static function vote($qaqid)
 {
     global $DB;
     $params = self::validate_parameters(self::vote_parameters(), array('qaqid' => $qaqid));
     $qaqid = $params['qaqid'];
     $question = \mod_qa\question::from_id($qaqid);
     require_capability('mod/qa:vote', $question->get_context());
     return $question->toggle_vote();
 }