public static function update_view_access($config, $viewids) { db_begin(); // Use set_access() on the first view to get a hopefully consistent // and complete representation of the access list $firstview = new View($viewids[0]); $fullaccesslist = $firstview->set_access($config['accesslist'], $viewids, $config['allowcomments']); // Copy the first view's access records to all the other views $firstview->copy_access($viewids); // Sort the full access list in the same order as the list // returned by get_access, so that views with the same set of // access records get grouped together usort($fullaccesslist, array('self', 'cmp_accesslist')); // Hash the config object so later on we can easily find // all the views with the same config/access rights $config['accesslist'] = $fullaccesslist; $accessconf = substr(md5(serialize($config)), 0, 10); foreach ($viewids as $viewid) { $v = new View((int) $viewid); $v->set('startdate', $config['startdate']); $v->set('stopdate', $config['stopdate']); $v->set('template', $config['template']); $v->set('retainview', $config['retainview']); $v->set('allowcomments', $config['allowcomments']); $v->set('approvecomments', $config['approvecomments']); if (isset($config['copynewuser'])) { $v->set('copynewuser', $config['copynewuser']); } if (isset($config['copynewgroups'])) { $v->set('copynewgroups', $config['copynewgroups']); } $v->set('accessconf', $accessconf); $v->commit(); } db_commit(); }
function viewskin_submit(Pieform $form, $values) { global $SESSION; $view = new View($values['view']); $new = $values['new']; $view->set('skin', $values['skin']); $view->commit(); handle_event('saveview', $view->get('id')); $SESSION->add_ok_msg(get_string('viewskinchanged', 'skin')); redirect('/view/view.php?id=' . $view->get('id') . ($new ? '&new=1' : '')); }
/** * Creates a new View for the given user, based on the given information * about the view. * * Validation of the view data is performed, then the View is created. If * the View is to be owned by a group, that group is given access to it. * * @param array $viewdata Data about the view. You can pass in most fields * that appear in the view table. * * Note that you set who owns the View by setting * either the owner, group or institution field as * approriate. * * Currently, you cannot pass in access data. Use * $view->set_access() after retrieving the $view * object. * * @param int $userid The user who has issued the command to create the * View (note: this is different from the "owner" of the * View - a group or institution could be the "owner", * but it's a _user_ who requests a View is created for it) * @return View The created View * @throws SystemException if the View data is invalid - mostly this is due * to owner information being specified incorrectly. */ private static function _create(&$viewdata, $userid) { // If no owner information is provided, assume that the view is being // created by the user for themself if (!isset($viewdata['owner']) && !isset($viewdata['group']) && !isset($viewdata['institution'])) { $viewdata['owner'] = $userid; } if (isset($viewdata['owner'])) { if ($viewdata['owner'] != $userid) { $userobj = new User(); $userobj->find_by_id($userid); if (!$userobj->is_admin_for_user($viewdata['owner'])) { throw new SystemException("View::_create: User {$userid} is not allowed to create a view for owner {$viewdata['owner']}"); } } // Users can only have one view of each non-portfolio type if (isset($viewdata['type']) && $viewdata['type'] != 'portfolio' && get_record('view', 'owner', $viewdata['owner'], 'type', $viewdata['type'])) { $viewdata['type'] = 'portfolio'; } // Try to create the view with the owner's default theme if that theme is set by an // institution (i.e. if it's different from the site theme) // // This needs to be modified if users are ever allowed to change their own theme // preference. Currently it's okay because users' themes are forced on them by // the site or institution default, but if some users are allowed to change their // own theme pref, we should create those users' views without a theme. if (!get_config('userscanchooseviewthemes') && !isset($viewdata['theme']) && (!isset($viewdata['type']) || $viewdata['type'] != 'dashboard')) { global $USER; if ($viewdata['owner'] == $USER->get('id')) { $owner = $USER; } else { $owner = new User(); $owner->find_by_id($viewdata['owner']); } $ownertheme = $owner->get('theme'); if ($ownertheme && $ownertheme != get_config('theme')) { $viewdata['theme'] = $ownertheme; } } } if (isset($viewdata['group'])) { require_once 'group.php'; if (!group_user_can_edit_views($viewdata['group'], $userid)) { throw new SystemException("View::_create: User {$userid} is not permitted to create a view for group {$viewdata['group']}"); } } if (isset($viewdata['institution'])) { $user = new User(); $user->find_by_id($userid); if (!$user->can_edit_institution($viewdata['institution'])) { throw new SystemException("View::_create: User {$userid} is not permitted to create a view for institution {$viewdata['institution']}"); } } // Create the view $defaultdata = array('numcolumns' => 3, 'template' => 0, 'type' => 'portfolio', 'title' => self::new_title(get_string('Untitled', 'view'), (object) $viewdata)); $data = (object) array_merge($defaultdata, $viewdata); $view = new View(0, $data); $view->commit(); if (isset($viewdata['group'])) { // By default, group views should be visible to the group insert_record('view_access', (object) array('view' => $view->get('id'), 'group' => $viewdata['group'])); } return new View($view->get('id')); // Reread to ensure defaults are set }
function submit_view_for_assessment($username, $viewid) { global $REMOTEWWWROOT; list($user, $authinstance) = find_remote_user($username, $REMOTEWWWROOT); if (!$user) { return false; } $viewid = (int) $viewid; if (!$viewid) { return false; } require_once 'view.php'; $view = new View($viewid); $view->set('submittedhost', $authinstance->config['wwwroot']); $view->set('submittedtime', db_format_timestamp(time())); // Create secret key $access = View::new_token($view->get('id'), false); $data = array('id' => $view->get('id'), 'title' => $view->get('title'), 'description' => $view->get('description'), 'fullurl' => get_config('wwwroot') . 'view/view.php?id=' . $view->get('id') . '&mt=' . $access->token, 'url' => '/view/view.php?id=' . $view->get('id') . '&mt=' . $access->token, 'accesskey' => $access->token); foreach (plugins_installed('artefact') as $plugin) { safe_require('artefact', $plugin->name); $classname = generate_class_name('artefact', $plugin->name); if (is_callable($classname . '::view_submit_external_data')) { $data[$plugin->name] = call_static_method($classname, 'view_submit_external_data', $view->get('id')); } } $view->commit(); // Lock view contents require_once get_config('docroot') . 'artefact/lib.php'; ArtefactType::update_locked($user->get('id')); return $data; }
/** * Creates a new View for the given user, based on the given information * about the view. * * Validation of the view data is performed, then the View is created. If * the View is to be owned by a group, that group is given access to it. * * @param array $viewdata Data about the view. You can pass in most fields * that appear in the view table. * * Note that you set who owns the View by setting * either the owner, group or institution field as * approriate. * * Currently, you cannot pass in access data. Use * $view->set_access() after retrieving the $view * object. * * @param int $userid The user who has issued the command to create the * View (note: this is different from the "owner" of the * View - a group or institution could be the "owner", * but it's a _user_ who requests a View is created for it) * @return View The created View * @throws SystemException if the View data is invalid - mostly this is due * to owner information being specified incorrectly. */ private static function _create(&$viewdata, $userid) { // If no owner information is provided, assume that the view is being // created by the user for themself if (!isset($viewdata['owner']) && !isset($viewdata['group']) && !isset($viewdata['institution'])) { $viewdata['owner'] = $userid; } if (isset($viewdata['owner'])) { if ($viewdata['owner'] != $userid) { $userobj = new User(); $userobj->find_by_id($userid); if (!$userobj->is_admin_for_user($viewdata['owner'])) { throw new SystemException("View::_create: User {$userid} is not allowed to create a view for owner {$viewdata['owner']}"); } } } if (isset($viewdata['group'])) { require_once 'group.php'; if (!group_user_can_edit_views($viewdata['group'], $userid)) { throw new SystemException("View::_create: User {$userid} is not permitted to create a view for group {$viewdata['group']}"); } } if (isset($viewdata['institution'])) { $user = new User(); $user->find_by_id($userid); if (!$user->can_edit_institution($viewdata['institution'])) { throw new SystemException("View::_create: User {$userid} is not permitted to create a view for institution {$viewdata['institution']}"); } } // Create the view $defaultdata = array('numcolumns' => 3, 'template' => 0, 'type' => 'portfolio', 'title' => self::new_title(get_string('Untitled', 'view'), (object) $viewdata)); $data = (object) array_merge($defaultdata, $viewdata); $view = new View(0, $data); $view->commit(); if (isset($viewdata['group'])) { // By default, group views should be visible to the group $view->set_access(array(array('type' => 'group', 'id' => $viewdata['group'], 'startdate' => null, 'stopdate' => null, 'role' => null))); } return $view; }