/**
* Get accessdata for a given user.
*
* @private
* @param int $userid
* @param bool $preloadonly true means do not return access array
* @return array accessdata
*/
function get_user_accessdata($userid, $preloadonly = false)
{
global $CFG, $ACCESSLIB_PRIVATE, $USER;
if (!empty($USER->acces['rdef']) and empty($ACCESSLIB_PRIVATE->rolepermissions)) {
// share rdef from USER session with rolepermissions cache in order to conserve memory
foreach ($USER->acces['rdef'] as $k => $v) {
$ACCESSLIB_PRIVATE->rolepermissions[$k] =& $USER->acces['rdef'][$k];
}
$ACCESSLIB_PRIVATE->accessdatabyuser[$USER->id] = $USER->acces;
}
if (!isset($ACCESSLIB_PRIVATE->accessdatabyuser[$userid])) {
if (empty($userid)) {
if (!empty($CFG->notloggedinroleid)) {
$accessdata = get_role_access($CFG->notloggedinroleid);
} else {
// weird
return get_empty_accessdata();
}
} else {
if (isguestuser($userid)) {
if ($guestrole = get_guest_role()) {
$accessdata = get_role_access($guestrole->id);
} else {
//weird
return get_empty_accessdata();
}
} else {
$accessdata = get_user_access_sitewide($userid);
// includes default role and frontpage role
}
}
$ACCESSLIB_PRIVATE->accessdatabyuser[$userid] = $accessdata;
}
if ($preloadonly) {
return;
} else {
return $ACCESSLIB_PRIVATE->accessdatabyuser[$userid];
}
}
/**
* Test getting of role access
*/
public function test_get_role_access()
{
global $DB;
$roles = $DB->get_records('role');
foreach ($roles as $role) {
$access = get_role_access($role->id);
$this->assertTrue(is_array($access));
$this->assertTrue(is_array($access['ra']));
$this->assertTrue(is_array($access['rdef']));
$this->assertTrue(isset($access['rdef_count']));
$this->assertTrue(is_array($access['loaded']));
$this->assertTrue(isset($access['time']));
$this->assertTrue(is_array($access['rsw']));
}
// Note: the data is validated in the functional permission evaluation test at the end of this testcase.
}
/**
* A convenience function to completely load all the capabilities
* for the current user. This is what gets called from complete_user_login()
* for example. Call it only _after_ you've setup $USER and called
* check_enrolment_plugins();
*
*/
function load_all_capabilities()
{
global $USER, $CFG, $ACCESSLIB_PRIVATE;
// roles not installed yet - we are in the middle of installation
if (empty($CFG->rolesactive)) {
return;
}
$base = '/' . SYSCONTEXTID;
if (isguestuser()) {
$guest = get_guest_role();
// Load the rdefs
$USER->access = get_role_access($guest->id);
// Put the ghost enrolment in place...
$USER->access['ra'][$base] = array($guest->id);
} else {
if (isloggedin()) {
$accessdata = get_user_access_sitewide($USER->id);
//
// provide "default role" & set 'dr'
//
if (!empty($CFG->defaultuserroleid)) {
$accessdata = get_role_access($CFG->defaultuserroleid, $accessdata);
if (!isset($accessdata['ra'][$base])) {
$accessdata['ra'][$base] = array($CFG->defaultuserroleid);
} else {
array_push($accessdata['ra'][$base], $CFG->defaultuserroleid);
}
$accessdata['dr'] = $CFG->defaultuserroleid;
}
$frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID);
//
// provide "default frontpage role"
//
if (!empty($CFG->defaultfrontpageroleid)) {
$base = '/' . SYSCONTEXTID . '/' . $frontpagecontext->id;
$accessdata = get_default_frontpage_role_access($CFG->defaultfrontpageroleid, $accessdata);
if (!isset($accessdata['ra'][$base])) {
$accessdata['ra'][$base] = array($CFG->defaultfrontpageroleid);
} else {
array_push($accessdata['ra'][$base], $CFG->defaultfrontpageroleid);
}
}
$USER->access = $accessdata;
} else {
if (!empty($CFG->notloggedinroleid)) {
$USER->access = get_role_access($CFG->notloggedinroleid);
$USER->access['ra'][$base] = array($CFG->notloggedinroleid);
}
}
}
// Timestamp to read dirty context timestamps later
$USER->access['time'] = time();
$ACCESSLIB_PRIVATE->dirtycontexts = array();
// Clear to force a refresh
unset($USER->mycourses);
}
// This duplicates code in load_all_capabilities and has_capability.
$systempath = '/' . SYSCONTEXTID;
if ($userid == 0) {
if (!empty($CFG->notloggedinroleid)) {
$accessdata = get_role_access($CFG->notloggedinroleid);
$accessdata['ra'][$systempath] = array($CFG->notloggedinroleid);
} else {
$accessdata = array();
$accessdata['ra'] = array();
$accessdata['rdef'] = array();
$accessdata['loaded'] = array();
}
} else {
if (isguestuser($user)) {
$guestrole = get_guest_role();
$accessdata = get_role_access($guestrole->id);
$accessdata['ra'][$systempath] = array($guestrole->id);
} else {
load_user_accessdata($userid);
$accessdata = $ACCESS[$userid];
}
}
if ($context->contextlevel > CONTEXT_COURSE && !path_inaccessdata($context->path, $accessdata)) {
load_subcontext($userid, $context, $accessdata);
}
// Load the roles we need.
$roleids = array();
foreach ($accessdata['ra'] as $roleassignments) {
$roleids = array_merge($roleassignments, $roleids);
}
$roles = get_records_list('role', 'id', $roleids);
/**
* A convenience function to completely load all the capabilities
* for the current user. This is what gets called from complete_user_login()
* for example. Call it only _after_ you've setup $USER and called
* check_enrolment_plugins();
* @see check_enrolment_plugins()
*
* @return void
*/
function load_all_capabilities()
{
global $CFG, $ACCESSLIB_PRIVATE;
//NOTE: we can not use $USER here because it may no be linked to $_SESSION['USER'] yet!
// roles not installed yet - we are in the middle of installation
if (during_initial_install()) {
return;
}
$base = '/' . SYSCONTEXTID;
if (isguestuser($_SESSION['USER'])) {
$guest = get_guest_role();
// Load the rdefs
$_SESSION['USER']->access = get_role_access($guest->id);
// Put the ghost enrolment in place...
$_SESSION['USER']->access['ra'][$base] = array($guest->id => $guest->id);
} else {
if (!empty($_SESSION['USER']->id)) {
// can not use isloggedin() yet
$accessdata = get_user_access_sitewide($_SESSION['USER']->id);
//
// provide "default role" & set 'dr'
//
if (!empty($CFG->defaultuserroleid)) {
$accessdata = get_role_access($CFG->defaultuserroleid, $accessdata);
if (!isset($accessdata['ra'][$base])) {
$accessdata['ra'][$base] = array();
}
$accessdata['ra'][$base][$CFG->defaultuserroleid] = $CFG->defaultuserroleid;
$accessdata['dr'] = $CFG->defaultuserroleid;
}
$frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID);
//
// provide "default frontpage role"
//
if (!empty($CFG->defaultfrontpageroleid)) {
$base = '/' . SYSCONTEXTID . '/' . $frontpagecontext->id;
$accessdata = get_default_frontpage_role_access($CFG->defaultfrontpageroleid, $accessdata);
if (!isset($accessdata['ra'][$base])) {
$accessdata['ra'][$base] = array();
}
$accessdata['ra'][$base][$CFG->defaultfrontpageroleid] = $CFG->defaultfrontpageroleid;
}
$_SESSION['USER']->access = $accessdata;
} else {
if (!empty($CFG->notloggedinroleid)) {
$_SESSION['USER']->access = get_role_access($CFG->notloggedinroleid);
$_SESSION['USER']->access['ra'][$base] = array($CFG->notloggedinroleid => $CFG->notloggedinroleid);
}
}
}
// Timestamp to read dirty context timestamps later
$_SESSION['USER']->access['time'] = time();
$ACCESSLIB_PRIVATE->dirtycontexts = array();
// Clear to force a refresh
unset($_SESSION['USER']->mycourses);
}
/**
* A convenience function to completely load all the capabilities
* for the current user. This is what gets called from login, for example.
*/
function load_all_capabilities()
{
global $USER, $CFG;
$base = '/' . SYSCONTEXTID;
if (isguestuser()) {
$guest = get_guest_role();
// Load the rdefs
$USER->access = get_role_access($guest->id);
// Put the ghost enrolment in place...
$USER->access['ra'][$base] = array($guest->id);
} else {
if (isloggedin()) {
check_enrolment_plugins($USER);
$accessdata = get_user_access_sitewide($USER->id);
//
// provide "default role" & set 'dr'
//
if (!empty($CFG->defaultuserroleid)) {
$accessdata = get_role_access($CFG->defaultuserroleid, $accessdata);
if (!isset($accessdata['ra'][$base])) {
$accessdata['ra'][$base] = array($CFG->defaultuserroleid);
} else {
array_push($accessdata['ra'][$base], $CFG->defaultuserroleid);
}
$accessdata['dr'] = $CFG->defaultuserroleid;
}
$frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID);
//
// provide "default frontpage role"
//
if (!empty($CFG->defaultfrontpageroleid)) {
$base = '/' . SYSCONTEXTID . '/' . $frontpagecontext->id;
$accessdata = get_default_frontpage_role_access($CFG->defaultfrontpageroleid, $accessdata);
if (!isset($accessdata['ra'][$base])) {
$accessdata['ra'][$base] = array($CFG->defaultfrontpageroleid);
} else {
array_push($accessdata['ra'][$base], $CFG->defaultfrontpageroleid);
}
}
$USER->access = $accessdata;
} else {
if (!empty($CFG->notloggedinroleid)) {
$USER->access = get_role_access($CFG->notloggedinroleid);
$USER->access['ra'][$base] = array($CFG->notloggedinroleid);
}
}
}
// Timestamp to read
// dirty context timestamps
$USER->access['time'] = time();
// Clear to force a refresh
unset($USER->mycourses);
}
