/** * Lookup the avatar/real name associations for everybody in the current course. * NOTE: fails if a course is not loaded in the current {@link SloodleSession} * @return array|bool An associative array of avatar names to (full) real names if successful, or false if a course is not available */ function find_real_names_course() { // Make sure we have a course loaded if (!isset($this->_session)) { return false; } if (!$this->_session->course->is_loaded()) { return false; } $user = new SloodleUser($this->_session); // Get a list of users of the course $courseusers = get_course_users($this->_session->course->get_course_id()); if (!is_array($courseusers)) { $courseusers = array(); } // Go through each user $output = array(); foreach ($courseusers as $u) { // Attempt to fetch the avatar data for this Moodle user $user->load_user($u->id); if (!$user->load_linked_avatar()) { continue; } // Store the name association $output[$user->get_avatar_name()] = $u->firstname . ' ' . $u->lastname; } return $output; }
/** * Add a new submission (or replace an existing one). * Ignores all submission checks, such as permissions and time. * @param SloodleUser $user The user making the submission * @param string $obj_name Name of the object being submitted * @param int $num_prims Number of prims in the object being submitted * @param string $primdrop_name Name of the PrimDrop being submitted to * @param string $primdrop_uuid UUID of the PrimDrop being submitted to * @param string $primdrop_region Region of the PrimDrop being submitted to * @param string $primdrop_pos Position vector (<x,y,z>) of the PrimDrop being submitted to * @return bool True if successful, or false otherwise */ function submit($user, $obj_name, $num_prims, $primdrop_name, $primdrop_uuid, $primdrop_region, $primdrop_pos) { // Make sure the user is loaded if (!$user->is_user_loaded()) { return false; } // Construct a submission object $sloodle_submission = new assignment_sloodleobject_submission(); $sloodle_submission->obj_name = $obj_name; $sloodle_submission->num_prims = $num_prims; $sloodle_submission->primdrop_name = $primdrop_name; $sloodle_submission->primdrop_uuid = $primdrop_uuid; $sloodle_submission->primdrop_region = $primdrop_region; $sloodle_submission->primdrop_pos = $primdrop_pos; // Update the submission return $this->assignment->update_submission($user->get_user_id(), $sloodle_submission); }
/** * Validates the user account and enrolment (ensures there is an avatar linked to a VLE account, and that the VLE account is enrolled in the current course). * Attempts auto-registration/enrolment if that is allowed and required, and logs-in the user. * Server access level is checked if it is specified in the request parameters. * If the request indicates that it relates to an object, then the validation fails. * Note: if you only require to ensure that an avatar is registered, then use {@link validate_avatar()}. * @param bool $require If true, the script will be terminated with an error message if validation fails * @param bool $suppress_autoreg If true, auto-registration will be completely suppressed for this function call * @param bool $suppress_autoenrol If true, auto-enrolment will be completely suppressed for this function call * @return bool Returns true if validation and/or autoregistration were successful. Returns false on failure (unless $require was true). * @see SloodleSession::validate_avatar() */ function validate_user($require = true, $suppress_autoreg = false, $suppress_autoenrol = false) { // Is it an object request? if ($this->request->is_object_request()) { if ($require) { $this->response->quick_output(-301, 'USER_AUTH', 'Cannot validate object as user.', false); exit; } return false; } // Was a server access level specified in the request? $sal = $this->request->get_server_access_level(false); if ($sal != null) { // Check what level was specified $sal = (int) $sal; $allowed = false; $reason = 'Unknown.'; switch ($sal) { case SLOODLE_SERVER_ACCESS_LEVEL_PUBLIC: // Always allowed $allowed = true; break; case SLOODLE_SERVER_ACCESS_LEVEL_COURSE: // Is a course already loaded? if (!$this->course->is_loaded()) { $reason = 'No course loaded.'; break; } // Was a user account already fully loaded? if ($this->user->is_avatar_linked()) { // Is the user enrolled on the current course? if ($this->user->is_enrolled($this->course->get_course_id())) { $allowed = true; } else { $reason = 'User not enrolled in course.'; } } else { $reason = 'User not registered on site.'; } break; case SLOODLE_SERVER_ACCESS_LEVEL_SITE: // Was a user account already fully loaded? if ($this->user->is_avatar_linked()) { $allowed = true; } else { $reason = 'User not registered on site.'; } break; case SLOODLE_SERVER_ACCESS_LEVEL_STAFF: // Is a course already loaded? if (!$this->course->is_loaded()) { $reason = 'No course loaded.'; break; } // Was a user account already fully loaded? if ($this->user->is_avatar_linked()) { // Is the user staff on the current course? if ($this->user->is_staff($this->course->get_course_id())) { $allowed = true; } else { $reason = 'User not staff in course.'; } } else { $reason = 'User not registered on site.'; } break; default: // Unknown access level $reason = 'Access level not recognised'; break; } // Was the user blocked by access level? if (!$allowed) { if ($require) { $this->response->quick_output(-331, 'USER_AUTH', $reason, false); exit; } return false; } } // REGISTRATION // // Make sure a the course is loaded if (!$this->course->is_loaded()) { if ($require) { $this->response->quick_output(-511, 'COURSE', 'Cannot validate user - no course data loaded.', false); exit; } return false; } // Is the user already loaded? if (!$this->user->is_avatar_linked()) { // If an avatar is loaded, but the user isn't, then we probably have a deleted Moodle user if ($this->user->is_avatar_loaded() == true && $this->user->is_user_loaded() == false) { $this->response->quick_output(-301, 'USER_AUTH', 'Avatar linked to deleted user account', false); exit; } // Make sure avatar details were provided $uuid = $this->request->get_avatar_uuid(false); $avname = $this->request->get_avatar_name(false); // Is validation required? if ($require) { // Check the UUID if (empty($uuid)) { $this->response->quick_output(-311, 'USER_AUTH', 'User UUID required', false); exit; } // Check the name if (empty($avname)) { $this->response->quick_output(-311, 'USER_AUTH', 'Avatar name required', false); exit; } } else { if (empty($uuid) || empty($avname)) { // If there was a problem, just stop return false; } } // Ensure autoreg is not suppressed, and that it is permitted on that course and on the site if ($suppress_autoreg == true || $this->course->check_autoreg() == false) { if ($require) { $this->response->quick_output(-321, 'USER_AUTH', 'User not registered, and auto-registration of users was not permitted', false); exit; } return false; } // It is important that we also check auto-enrolment here. // If that is not enabled, but the call here requires it, then there is no point registering the user. if ($suppress_autoenrol == true || $this->course->check_autoenrol() == false) { if ($require) { $this->response->quick_output(-421, 'USER_ENROL', 'User not enrolled, and auto-enrolment of users was not permitted', false); exit; } return false; } // Is there an avatar loaded? if (!$this->user->is_avatar_loaded()) { // Add the avatar details, linked to imaginary user 0 if (!$this->user->add_linked_avatar(0, $uuid, $avname)) { if ($require) { $this->response->quick_output(-322, 'USER_AUTH', 'Failed to add new avatar', false); exit; } return false; } } // If we reached here then we definitely have an avatar // Create a matching Moodle user $password = $this->user->autoregister_avatar_user(); if ($password === FALSE) { if ($require) { $this->response->quick_output(-322, 'USER_AUTH', 'Failed to register new user account', false); exit; } return false; } // Add a side effect code to our response data $this->response->add_side_effect(322); // The user needs to be notified of their new username/password if (isset($_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'])) { sloodle_login_notification($_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'], $uuid, $this->user->get_username(), $password); } } // ENROLMENT // // Is the user already enrolled on the course? if (!$this->user->is_enrolled($this->course->get_course_id())) { // Ensure auto-enrolment is not suppressed, and that it is permitted on that course and on the site if ($suppress_autoenrol == true || $this->course->check_autoenrol() == false) { if ($require) { $this->response->quick_output(-421, 'USER_ENROL', 'Auto-enrolment of users was not permitted', false); exit; } return false; } // Attempt to enrol the user if (!$this->user->enrol()) { if ($require) { $this->response->quick_output(-422, 'USER_ENROL', 'Auto-enrolment failed', false); exit; } return false; } // Add a side effect code to our response data $this->response->add_side_effect(422); } // Make sure the user is logged-in return $this->user->login(); }
/** * Authorises an otherwise unauthorised active object against the given user and the current controller. * (NOTE: the object must previously have been registered using {@link register_object()}). * <b>Must not be called statically.</b> * @param string $uuid The UUID of the object being updated * @param SloodleUser $user The user to authorise the object against * @param string $type (Optional). Specifies the type to store for this object. Ignored if null. * @return bool True if successful, or false if not */ function authorise_object($uuid, $user, $type = null) { // Attempt to find an unauthorised entry for the object $entry = get_record('sloodle_active_object', 'uuid', $uuid); if (!$entry) { return false; } // Update the controller, user and time $entry->controllerid = $this->get_id(); $entry->userid = $user->get_user_id(); if (!empty($type)) { $entry->type = $type; } $entry->timeupdated = time(); if (!update_record('sloodle_active_object', $entry)) { return false; } return true; }
/** * Deletes any loginzone allocations for the given user * If there are multiple for the same user (which there should never be) it will delete them all. * @param SloodleUser $user The user whose allocation is to be deleted * @return void */ function delete_loginzone_allocation($user) { delete_records('sloodle_loginzone_allocation', 'userid', $user->get_user_id()); }