/**
* Find a list of userset folders that the user has access to.
*
* @param $CFG
* @param array $opts The current drop down list to which to add userset folders
* @return array Alfresco repository folder names.
*/
function find_userset_folders(&$opts, $createonly) {
global $CFG, $DB, $USER;
require_once($CFG->libdir . '/ddllib.php');
// Ensure that the cluster table actually exists before we query it.
$manager = $DB->get_manager();
if (!$manager->table_exists('local_elisprogram_uset')) {
return false;
}
if (!file_exists($CFG->dirroot.'/local/elisprogram/plugins/usetclassify/usersetclassification.class.php')) {
return false;
}
require_once($CFG->dirroot.'/local/elisprogram/plugins/usetclassify/usersetclassification.class.php');
require_once($CFG->dirroot.'/local/elisprogram/lib/data/userset.class.php');
// Get cm userid
$cmuserid = pm_get_crlmuserid($USER->id);
$timenow = time();
$capability = 'repository/elisfiles:viewusersetcontent';
$child_path = $DB->sql_concat('c_parent.path', "'/%'");
$like = $DB->sql_like('c.path',':child_path');
// Select clusters and sub-clusters for the current user
// to which they have the vieworganization capability
$sql = "SELECT DISTINCT clst.id AS instanceid
FROM {local_elisprogram_uset} clst
WHERE EXISTS ( SELECT 'x'
FROM {context} c
JOIN {context} c_parent
ON {$like}
OR c.path = c_parent.path
JOIN {role_assignments} ra
ON ra.contextid = c_parent.id
AND ra.userid = :muserid
JOIN {role_capabilities} rc
ON ra.roleid = rc.roleid
WHERE c_parent.instanceid = clst.id
AND c.contextlevel = :contextlevelnum
AND c_parent.contextlevel = :contextlevelnum2
AND rc.capability = :capability
)
OR EXISTS ( SELECT 'x'
FROM {local_elisprogram_uset_asign} ca
WHERE ca.clusterid = clst.id
AND ca.userid = :cmuserid)
";
$params = array(
'capability' => $capability,
'child_path' => $child_path,
'contextlevelnum' => CONTEXT_ELIS_USERSET,
'contextlevelnum2' => CONTEXT_ELIS_USERSET,
'muserid' => $USER->id,
'cmuserid' => $cmuserid
);
$viewable_clusters = $DB->get_recordset_sql($sql, $params);
// Get user clusters
$cluster_info = array();
if ($viewable_clusters) {
foreach ($viewable_clusters as $cluster) {
if (!$new_cluster_info = $this->load_cluster_info($cluster->instanceid)) {
continue;
} else {
$cluster_info[$cluster->instanceid] = $new_cluster_info;
}
}
} else {
return false;
}
if (empty($cluster_info)) {
return false;
}
// There may be multiple clusters that this user is assigned to...
foreach ($cluster_info as $cluster) {
// Get the extra cluster data and ensure it is present before proceeding.
$clusterdata = usersetclassification::get_for_cluster($cluster);
if (empty($clusterdata->params)) {
continue;
}
$clusterparams = unserialize($clusterdata->params);
// Make sure this cluster has the Alfresco shared folder property defined
if (empty($clusterparams['elis_files_shared_folder'])) {
continue;
}
// Make sure we can get the storage space from Alfresco for this userset.
if (!$uuid = $this->get_userset_store($cluster->id)) {
continue;
}
// Add to opts array
$cluster_context = \local_elisprogram\context\userset::instance($cluster->id);
$system_context = context_system::instance();
$viewalfuserset = has_capability('repository/elisfiles:viewusersetcontent', $cluster_context) ||
has_capability('repository/elisfiles:viewsitecontent', $system_context);
$editalfuserset = has_capability('repository/elisfiles:createusersetcontent', $cluster_context) ||
has_capability('repository/elisfiles:createsitecontent', $system_context);
if ($editalfuserset) {
if (!elis_files_has_permission($uuid, $USER->username, true)) {
$this->allow_edit($USER->username, $uuid);
}
} else if ($viewalfuserset) { // viewalfuserset
if (!elis_files_has_permission($uuid, $USER->username)) {
$this->allow_read($USER->username, $uuid);
}
}
if ((!$createonly && ($editalfuserset || $viewalfuserset)) || ($createonly && $editalfuserset)) {
$params = array('path'=>$uuid,
'shared'=>(boolean)0,
'oid'=>(int)$cluster->id,
'cid'=>0,
'uid'=>0);
$encodedpath = base64_encode(serialize($params));
$unbiasedparams = array(
'path' => $uuid,
'shared' => false,
'oid' => 0,
'cid' => 0,
'uid' => 0
);
$unbiasedpath = base64_encode(serialize($unbiasedparams));
$opts[] = array('name'=> $cluster->name,
'path'=> $encodedpath,
'unbiasedpath'=> $unbiasedpath
);
}
}
return true;
}
/**
* Handle the event when a user is assigned to a cluster.
*
* @uses $DB
* @param object $usersetinfo The ELIS crlm_cluster_assignments record object.
* @return bool True on success or failure (event handlers must always return true).
*/
function elis_files_userset_assigned($usersetinfo) {
global $DB;
// Only proceed here if we have valid userid, clusterid & the Alfresco plug-in is actually enabled.
if (empty($usersetinfo->userid) || empty($usersetinfo->clusterid) ||
!($repo = repository_factory::factory('elisfiles'))) {
return true;
}
$user = new user($usersetinfo->userid);
// Get the Moodle user info from the CM user record.
if (!$muser = $user->get_moodleuser()) {
return true;
}
if (!$userset = $DB->get_record(userset::TABLE, array('id' => $usersetinfo->clusterid))) {
return true;
}
if (!file_exists(elispm::file('plugins/usetclassify/usersetclassification.class.php'))) {
return true;
}
require_once(elispm::file('plugins/usetclassify/usersetclassification.class.php'));
// Get the extra user set data and ensure it is present before proceeding.
$usersetdata = usersetclassification::get_for_cluster($userset);
if (empty($usersetdata->params)) {
return true;
}
$usersetparams = unserialize($usersetdata->params);
// Make sure this user set has the Alfresco shared folder property defined
if (empty($usersetparams['elis_files_shared_folder'])) {
return true;
}
// Make sure we can get the storage space from Alfresco for this organization.
if (!$uuid = $repo->get_userset_store($userset->id)) {
return true;
}
$context = \local_elisprogram\context\userset::instance($userset->id);
$sql = 'SELECT ra.*
FROM {role_assignments} ra
INNER JOIN {role} r ON ra.roleid = r.id
INNER JOIN {role_capabilities} rc ON r.id = rc.roleid
WHERE ra.contextid = :contextid
AND ra.userid = :userid
AND rc.capability IN (:cap1, :cap2)
AND rc.permission = '.CAP_ALLOW;
$params = array(
'contextid' => $context->id,
'userid' => $muser->id,
'cap1' => 'repository/elisfiles:createusersetcontent',
'cap2' => 'local/elisprogram:userset_enrol'
);
// Check if the user has the the editing capability for the Alfresco organization shared
// storage space assigned at this user set context level or is designated as a user set leader in order to
// enable editing permission on the Alfresco space.
if ($DB->record_exists_sql($sql, $params)) {
// Ensure that this user already has an Alfresco account.
if (!$repo->elis_files_userdir($muser->username)) {
if (!$repo->migrate_user($muser->username)) {
return true;
}
}
if (!elis_files_has_permission($uuid, $muser->username, true)) {
elis_files_set_permission($muser->username, $uuid, ELIS_FILES_ROLE_COLLABORATOR, ELIS_FILES_CAPABILITY_ALLOWED);
}
// Double-check tjhat the user is designated as a user set member (we should not be here otherwise) in order to
// enable viewinging permission on the Alfresco space.
} else if ($DB->record_exists(clusterassignment::TABLE, array('userid' => $usersetinfo->userid, 'clusterid' => $userset->id))) {
// Ensure that this user already has an Alfresco account.
if (!$repo->elis_files_userdir($muser->username)) {
if (!$repo->migrate_user($muser->username)) {
return true;
}
}
if (!elis_files_has_permission($uuid, $muser->username, false)) {
elis_files_set_permission($muser->username, $uuid, ELIS_FILES_ROLE_CONSUMER, ELIS_FILES_CAPABILITY_ALLOWED);
}
}
return true;
}
