function get_records($filter)
{
global $DB, $USER;
$id = $this->required_param('id', PARAM_INT);
$sort = $this->optional_param('sort', 'name', PARAM_ALPHA);
$dir = $this->optional_param('dir', 'ASC', PARAM_ALPHA);
$pagenum = $this->optional_param('page', 0, PARAM_INT);
$perpage = $this->optional_param('perpage', 30, PARAM_INT);
$filters = array();
// find users who do not have a manual assignment already
$filters[] = new join_filter('id', clusterassignment::TABLE, 'userid', new AND_filter(array(new field_filter('clusterid', $id), new field_filter('plugin', 'manual'))), true);
// user-defined filter
list($extrasql, $params) = $filter->get_sql_filter();
if ($extrasql) {
$filters[] = new select_filter($extrasql, $params);
}
// TODO: Ugly, this needs to be overhauled
$upage = new usersetpage();
if (!$upage->_has_capability('local/elisprogram:userset_enrol')) {
//perform SQL filtering for the more "conditional" capability
//get the context for the "indirect" capability
$context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:userset_enrol_userset_user', $USER->id);
$allowed_clusters = userset::get_allowed_clusters($id);
if (empty($allowed_clusters)) {
$filters[] = new select_filter('FALSE');
} else {
$filters[] = new join_filter('id', clusterassignment::TABLE, 'userid', new in_list_filter('clusterid', $allowed_clusters));
}
}
$count = user::count($filters);
$users = user::find($filters, array($sort => $dir), $pagenum * $perpage, $perpage);
return array($users, $count);
}
/**
* Determine whether the current can manage the association between a given user and userset.
* @param int $userid The ID of a user.
* @param int $clustid The ID of a userset.
* @return bool Success status.
*/
public static function can_manage_assoc($userid, $usersetid)
{
global $USER;
$allowedusersets = array();
// TODO: Ugly, this needs to be overhauled.
$upage = new usersetpage();
if (!usersetpage::can_enrol_into_cluster($usersetid)) {
// The users who satisfty this condition are a superset of those who can manage associations.
return false;
} else {
if ($upage->_has_capability('local/elisprogram:userset_enrol', $usersetid)) {
// Current user has the direct capability.
return true;
}
}
$allowedusersets = userset::get_allowed_clusters($usersetid);
$filter = array(new field_filter('userid', $userid));
// Query to get users associated to at least one enabling userset.
if (empty($allowedusersets)) {
$filter[] = new select_filter('FALSE');
} else {
$filter[] = new in_list_filter('clusterid', $allowedusersets);
}
// User just needs to be in one of the possible usersets.
if (clusterassignment::exists($filter)) {
return true;
}
return false;
}
/**
* Determines whether the current user is allowed to enrol users into the provided cluster
*
* @param int $clusterid The id of the cluster we are checking permissions on
*
* @return boolean Whether the user is allowed to enrol users into the cluster
*
*/
static function can_enrol_into_cluster($clusterid)
{
global $USER;
//check the standard capability
$page = new usersetpage();
if ($page->_has_capability('local/elisprogram:userset_enrol', $clusterid)) {
return true;
}
/* TBD: the folowing commented-out code was removed for ELIS-3846
$cluster = new userset($clusterid);
$cluster->load(); // ELIS-3848 Needed otherwise the 'parent' property is not set =(
if (!empty($cluster->parent)) {
//check to see if the current user has the secondary capability anywhere up the cluster tree
$contexts = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:userset_enrol_userset_user', $USER->id);
return $contexts->context_allowed($clusterid, 'cluster');
}
*/
//check to see if the current user has the secondary capability anywhere up the cluster tree
$contexts = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:userset_enrol_userset_user', $USER->id);
return $contexts->context_allowed($clusterid, 'cluster');
}
