public static function update_view_access($config, $viewids)
{
db_begin();
// Use set_access() on the first view to get a hopefully consistent
// and complete representation of the access list
$firstview = new View($viewids[0]);
$fullaccesslist = $firstview->set_access($config['accesslist'], $viewids, $config['allowcomments']);
// Copy the first view's access records to all the other views
$firstview->copy_access($viewids);
// Sort the full access list in the same order as the list
// returned by get_access, so that views with the same set of
// access records get grouped together
usort($fullaccesslist, array('self', 'cmp_accesslist'));
// Hash the config object so later on we can easily find
// all the views with the same config/access rights
$config['accesslist'] = $fullaccesslist;
$accessconf = substr(md5(serialize($config)), 0, 10);
foreach ($viewids as $viewid) {
$v = new View((int) $viewid);
$v->set('startdate', $config['startdate']);
$v->set('stopdate', $config['stopdate']);
$v->set('template', $config['template']);
$v->set('retainview', $config['retainview']);
$v->set('allowcomments', $config['allowcomments']);
$v->set('approvecomments', $config['approvecomments']);
if (isset($config['copynewuser'])) {
$v->set('copynewuser', $config['copynewuser']);
}
if (isset($config['copynewgroups'])) {
$v->set('copynewgroups', $config['copynewgroups']);
}
$v->set('accessconf', $accessconf);
$v->commit();
}
db_commit();
}
function viewskin_submit(Pieform $form, $values)
{
global $SESSION;
$view = new View($values['view']);
$new = $values['new'];
$view->set('skin', $values['skin']);
$view->commit();
handle_event('saveview', $view->get('id'));
$SESSION->add_ok_msg(get_string('viewskinchanged', 'skin'));
redirect('/view/view.php?id=' . $view->get('id') . ($new ? '&new=1' : ''));
}
/**
* Creates a new View for the given user, based on the given information
* about the view.
*
* Validation of the view data is performed, then the View is created. If
* the View is to be owned by a group, that group is given access to it.
*
* @param array $viewdata Data about the view. You can pass in most fields
* that appear in the view table.
*
* Note that you set who owns the View by setting
* either the owner, group or institution field as
* approriate.
*
* Currently, you cannot pass in access data. Use
* $view->set_access() after retrieving the $view
* object.
*
* @param int $userid The user who has issued the command to create the
* View (note: this is different from the "owner" of the
* View - a group or institution could be the "owner",
* but it's a _user_ who requests a View is created for it)
* @return View The created View
* @throws SystemException if the View data is invalid - mostly this is due
* to owner information being specified incorrectly.
*/
private static function _create(&$viewdata, $userid)
{
// If no owner information is provided, assume that the view is being
// created by the user for themself
if (!isset($viewdata['owner']) && !isset($viewdata['group']) && !isset($viewdata['institution'])) {
$viewdata['owner'] = $userid;
}
if (isset($viewdata['owner'])) {
if ($viewdata['owner'] != $userid) {
$userobj = new User();
$userobj->find_by_id($userid);
if (!$userobj->is_admin_for_user($viewdata['owner'])) {
throw new SystemException("View::_create: User {$userid} is not allowed to create a view for owner {$viewdata['owner']}");
}
}
// Users can only have one view of each non-portfolio type
if (isset($viewdata['type']) && $viewdata['type'] != 'portfolio' && get_record('view', 'owner', $viewdata['owner'], 'type', $viewdata['type'])) {
$viewdata['type'] = 'portfolio';
}
// Try to create the view with the owner's default theme if that theme is set by an
// institution (i.e. if it's different from the site theme)
//
// This needs to be modified if users are ever allowed to change their own theme
// preference. Currently it's okay because users' themes are forced on them by
// the site or institution default, but if some users are allowed to change their
// own theme pref, we should create those users' views without a theme.
if (!get_config('userscanchooseviewthemes') && !isset($viewdata['theme']) && (!isset($viewdata['type']) || $viewdata['type'] != 'dashboard')) {
global $USER;
if ($viewdata['owner'] == $USER->get('id')) {
$owner = $USER;
} else {
$owner = new User();
$owner->find_by_id($viewdata['owner']);
}
$ownertheme = $owner->get('theme');
if ($ownertheme && $ownertheme != get_config('theme')) {
$viewdata['theme'] = $ownertheme;
}
}
}
if (isset($viewdata['group'])) {
require_once 'group.php';
if (!group_user_can_edit_views($viewdata['group'], $userid)) {
throw new SystemException("View::_create: User {$userid} is not permitted to create a view for group {$viewdata['group']}");
}
}
if (isset($viewdata['institution'])) {
$user = new User();
$user->find_by_id($userid);
if (!$user->can_edit_institution($viewdata['institution'])) {
throw new SystemException("View::_create: User {$userid} is not permitted to create a view for institution {$viewdata['institution']}");
}
}
// Create the view
$defaultdata = array('numcolumns' => 3, 'template' => 0, 'type' => 'portfolio', 'title' => self::new_title(get_string('Untitled', 'view'), (object) $viewdata));
$data = (object) array_merge($defaultdata, $viewdata);
$view = new View(0, $data);
$view->commit();
if (isset($viewdata['group'])) {
// By default, group views should be visible to the group
insert_record('view_access', (object) array('view' => $view->get('id'), 'group' => $viewdata['group']));
}
return new View($view->get('id'));
// Reread to ensure defaults are set
}
function submit_view_for_assessment($username, $viewid)
{
global $REMOTEWWWROOT;
list($user, $authinstance) = find_remote_user($username, $REMOTEWWWROOT);
if (!$user) {
return false;
}
$viewid = (int) $viewid;
if (!$viewid) {
return false;
}
require_once 'view.php';
$view = new View($viewid);
$view->set('submittedhost', $authinstance->config['wwwroot']);
$view->set('submittedtime', db_format_timestamp(time()));
// Create secret key
$access = View::new_token($view->get('id'), false);
$data = array('id' => $view->get('id'), 'title' => $view->get('title'), 'description' => $view->get('description'), 'fullurl' => get_config('wwwroot') . 'view/view.php?id=' . $view->get('id') . '&mt=' . $access->token, 'url' => '/view/view.php?id=' . $view->get('id') . '&mt=' . $access->token, 'accesskey' => $access->token);
foreach (plugins_installed('artefact') as $plugin) {
safe_require('artefact', $plugin->name);
$classname = generate_class_name('artefact', $plugin->name);
if (is_callable($classname . '::view_submit_external_data')) {
$data[$plugin->name] = call_static_method($classname, 'view_submit_external_data', $view->get('id'));
}
}
$view->commit();
// Lock view contents
require_once get_config('docroot') . 'artefact/lib.php';
ArtefactType::update_locked($user->get('id'));
return $data;
}
/**
* Creates a new View for the given user, based on the given information
* about the view.
*
* Validation of the view data is performed, then the View is created. If
* the View is to be owned by a group, that group is given access to it.
*
* @param array $viewdata Data about the view. You can pass in most fields
* that appear in the view table.
*
* Note that you set who owns the View by setting
* either the owner, group or institution field as
* approriate.
*
* Currently, you cannot pass in access data. Use
* $view->set_access() after retrieving the $view
* object.
*
* @param int $userid The user who has issued the command to create the
* View (note: this is different from the "owner" of the
* View - a group or institution could be the "owner",
* but it's a _user_ who requests a View is created for it)
* @return View The created View
* @throws SystemException if the View data is invalid - mostly this is due
* to owner information being specified incorrectly.
*/
private static function _create(&$viewdata, $userid)
{
// If no owner information is provided, assume that the view is being
// created by the user for themself
if (!isset($viewdata['owner']) && !isset($viewdata['group']) && !isset($viewdata['institution'])) {
$viewdata['owner'] = $userid;
}
if (isset($viewdata['owner'])) {
if ($viewdata['owner'] != $userid) {
$userobj = new User();
$userobj->find_by_id($userid);
if (!$userobj->is_admin_for_user($viewdata['owner'])) {
throw new SystemException("View::_create: User {$userid} is not allowed to create a view for owner {$viewdata['owner']}");
}
}
}
if (isset($viewdata['group'])) {
require_once 'group.php';
if (!group_user_can_edit_views($viewdata['group'], $userid)) {
throw new SystemException("View::_create: User {$userid} is not permitted to create a view for group {$viewdata['group']}");
}
}
if (isset($viewdata['institution'])) {
$user = new User();
$user->find_by_id($userid);
if (!$user->can_edit_institution($viewdata['institution'])) {
throw new SystemException("View::_create: User {$userid} is not permitted to create a view for institution {$viewdata['institution']}");
}
}
// Create the view
$defaultdata = array('numcolumns' => 3, 'template' => 0, 'type' => 'portfolio', 'title' => self::new_title(get_string('Untitled', 'view'), (object) $viewdata));
$data = (object) array_merge($defaultdata, $viewdata);
$view = new View(0, $data);
$view->commit();
if (isset($viewdata['group'])) {
// By default, group views should be visible to the group
$view->set_access(array(array('type' => 'group', 'id' => $viewdata['group'], 'startdate' => null, 'stopdate' => null, 'role' => null)));
}
return $view;
}
