/** * Determines whether the current user is allowed to enrol users into the provided track * * @param int $trackid The id of the track we are checking permissions on * * @return boolean Whether the user is allowed to enrol users into the curriculum * */ static function can_enrol_into_track($trackid) { global $USER; //check the standard capability if (trackpage::_has_capability('block/curr_admin:track:enrol', $trackid)) { return true; } //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:track:enrol_cluster_user', $USER->id); //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { return true; } } } return false; }
/** * Dynamically loads child menu items for a track entity * * @param int $id The entity id * @param int $parent_cluster_id The last cluster passed going down the elisadmin tree, or 0 if none * @param int $parent_curriculum_id The last curriculum passed going down the elisadmin tree, or 0 if none * @param int $num_block_icons Max number of entries to display * @param string $parent_path Path of parent curriculum elements in the tree * @return menuitem array The appropriate child items */ function block_elisadmin_load_menu_children_track($id, $parent_cluster_id, $parent_curriculum_id, $num_block_icons, $parent_path = '') { global $CFG; //page dependencies require_once elispm::file('pmclasspage.class.php'); $result_items = array(); /***************************************** * Track - Class Associations *****************************************/ $class_css_class = block_elisadmin_get_item_css_class('class_instance'); //permissions filter $class_filter = array('contexts' => pmclasspage::get_contexts('local/elisprogram:class_view')); $listing = track_assignment_get_listing($id, 'cls.idnumber', 'ASC', 0, $num_block_icons, '', '', $class_filter); foreach ($listing as $item) { $item->id = $item->classid; $params = array('id' => $item->id, 'action' => 'view'); $result_items[] = block_elisadmin_get_menu_item('pmclass', $item, 'root', $class_css_class, $parent_cluster_id, $parent_curriculum_id, $params, false, $parent_path); } unset($listing); //summary item $num_records = track_assignment_count_records($id, '', '', $class_filter); if ($num_block_icons < $num_records) { $params = array('id' => $id); $result_items[] = block_elisadmin_get_menu_summary_item('trackassignment', $class_css_class, $num_records - $num_block_icons, $params, '', $parent_path); } /***************************************** * Track - Cluster Associations *****************************************/ $cluster_css_class = block_elisadmin_get_item_css_class('cluster_instance'); //permissions filter $cluster_filter = array('contexts' => usersetpage::get_contexts('local/elisprogram:userset_view')); $clusters = clustertrack::get_clusters($id, $parent_cluster_id, 'name', 'ASC', 0, $num_block_icons, $cluster_filter); //$clusters = clustertrack::get_clusters($id, 0, 'priority, name', 'ASC', $num_block_icons, $parent_cluster_id); if (!empty($clusters)) { foreach ($clusters as $cluster) { $cluster->id = $cluster->clusterid; $params = array('id' => $cluster->id, 'action' => 'view'); $result_items[] = block_elisadmin_get_menu_item('cluster', $cluster, 'root', $cluster_css_class, $cluster->id, $parent_curriculum_id, $params, false, $parent_path); } } //summary item $num_records = clustertrack::count_clusters($id, $parent_cluster_id, $cluster_filter); if ($num_block_icons < $num_records) { $params = array('id' => $id); //add extra param if appropriate if (!empty($parent_cluster_id)) { $params['parent_clusterid'] = $parent_cluster_id; } $result_items[] = block_elisadmin_get_menu_summary_item('trackcluster', $cluster_css_class, $num_records - $num_block_icons, $params, 'clustertrackpage.class.php', $parent_path); } return $result_items; }
/** * Obtain the count of users who can be assigned to the provided track * * @param int $trackid The record id of the track we are currently assigning to * @param string $namesearch A substring of users' fullnames to search by * @param string $alpha The first letter of users' fullnames to search by * * @return array The total count of appropriate users */ public static function count_available_users($trackid, $namesearch = '', $alpha = '') { global $CFG, $DB, $USER; require_once elispm::file('trackpage.class.php'); require_once elispm::lib('data/clusterassignment.class.php'); $FULLNAME = $DB->sql_concat('usr.firstname', "' '", 'usr.lastname'); $select = 'SELECT COUNT(*) '; $sql = 'FROM {' . user::TABLE . '} usr ' . 'LEFT OUTER JOIN {' . usertrack::TABLE . '} ut ON ut.userid = usr.id AND ut.trackid = :trackid ' . 'WHERE ut.userid IS NULL '; $params = array('trackid' => $trackid); if ($namesearch != '') { $NAMELIKE = $DB->sql_like($FULLNAME, ':namesearch', false); $namesearch = trim($namesearch); $sql .= 'AND ' . $NAMELIKE . ' '; $params['namesearch'] = "%{$namesearch}%"; } if ($alpha != '') { //todo: determine if this should actually be using last name? $ALPHA_LIKE = $DB->sql_like($FULLNAME, ':lastname', false); $sql .= 'AND ' . $ALPHA_LIKE . ' '; $params['lastname'] = "{$alpha}%"; } if (empty(elis::$config->local_elisprogram->legacy_show_inactive_users)) { $sql .= 'AND usr.inactive = 0 '; } // TODO: Ugly, this needs to be overhauled $tpage = new trackpage(); if (!$tpage->_has_capability('local/elisprogram:track_enrol', $trackid)) { //perform SQL filtering for the more "conditional" capability //get the context for the "indirect" capability $context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:track_enrol_userset_user', $USER->id); //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); $allowed_clusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); if (empty($allowed_clusters)) { $sql .= 'AND 0=1 '; } else { $cluster_filter = implode(',', $allowed_clusters); $sql .= "AND usr.id IN (\n SELECT userid FROM {" . clusterassignment::TABLE . "}\n WHERE clusterid IN (:clusterfilter)) "; $params['clusterfilter'] = $cluster_filter; } } return $DB->count_records_sql($select . $sql, $params); }
function action_default() { $id = $this->required_param('id', PARAM_INT); $parent_clusterid = $this->optional_param('parent_clusterid', 0, PARAM_INT); $sort = $this->optional_param('sort', 'name', PARAM_CLEAN); $dir = $this->optional_param('dir', 'ASC', PARAM_CLEAN); $columns = array('name' => get_string('cluster_name', 'block_curr_admin'), 'display' => get_string('description', 'block_curr_admin'), 'autoenrol' => get_string('auto_enrol', 'block_curr_admin'), 'buttons' => ''); $items = clustertrack::get_clusters($id, $parent_clusterid, $sort, $dir); $formatters = $this->create_link_formatters(array('name'), 'clusterpage', 'clusterid'); $this->print_list_view($items, $columns, $formatters, 'clusters'); // find the tracks that the user can associate with this cluster $contexts = clusterpage::get_contexts('block/curr_admin:associate'); $clusters = cluster_get_listing('name', 'ASC', 0, 0, '', '', array('contexts' => $contexts)); if (empty($clusters)) { $num_clusters = cluster_count_records(); if (!empty($num_clusters)) { // some clusters exist, but don't have associate capability on // any of them echo '<div align="center"><br />'; print_string('no_associate_caps_cluster', 'block_curr_admin'); echo '</div>'; } else { // no clusters at all echo '<div align="center"><br />'; print_string('all_items_assigned', 'block_curr_admin'); echo '</div>'; } } else { $this->print_dropdown($clusters, $items, 'trackid', 'clusterid'); } }
/** * Returns an array of cluster ids that are associated to the supplied class through tracks and * the current user has access to enrol users into * * @param int $clsid The class whose association ids we care about * @return int array The array of accessible cluster ids */ public static function get_allowed_clusters($clsid) { global $USER; $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:class:enrol_cluster_user', $USER->id); $allowed_clusters = array(); if (cmclasspage::_has_capability('block/curr_admin:class:enrol_cluster_user', $clsid)) { global $CURMAN; require_once CURMAN_DIRLOCATION . '/lib/usercluster.class.php'; $cmuserid = cm_get_crlmuserid($USER->id); $userclusters = $CURMAN->db->get_records(CLSTUSERTABLE, 'userid', $cmuserid); foreach ($userclusters as $usercluster) { $allowed_clusters[] = $usercluster->clusterid; } } //we first need to go through tracks to get to clusters $track_listing = new trackassignmentclass(array('classid' => $clsid)); $tracks = $track_listing->get_assigned_tracks(); //iterate over the track ides, which are the keys of the array if (!empty($tracks)) { foreach (array_keys($tracks) as $track) { //get the clusters and check the context against them $clusters = clustertrack::get_clusters($track); $allowed_track_clusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); //append all clusters that are allowed by the available clusters contexts foreach ($allowed_track_clusters as $allowed_track_cluster) { $allowed_clusters[] = $allowed_track_cluster; } } } return $allowed_clusters; }
/** * Returns an array of cluster ids that are associated to the supplied class through tracks and * the current user has access to enrol users into * * @param int $clsid The class whose association ids we care about * @return int array The array of accessible cluster ids */ public static function get_allowed_clusters($clsid) { global $USER; $context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:assign_userset_user_class_instructor', $USER->id); $allowed_clusters = array(); // TODO: Ugly, this needs to be overhauled $cpage = new pmclasspage(); if ($cpage->_has_capability('local/elisprogram:assign_userset_user_class_instructor', $clsid)) { require_once elispm::lib('data/clusterassignment.class.php'); $cmuserid = pm_get_crlmuserid($USER->id); $userclusters = clusterassignment::find(new field_filter('userid', $cmuserid)); foreach ($userclusters as $usercluster) { $allowed_clusters[] = $usercluster->clusterid; } } //we first need to go through tracks to get to clusters $track_listing = new trackassignment(array('classid' => $clsid)); $tracks = $track_listing->get_assigned_tracks(); //iterate over the track ides, which are the keys of the array if (!empty($tracks)) { foreach (array_keys($tracks) as $track) { //get the clusters and check the context against them $clusters = clustertrack::get_clusters($track); $allowed_track_clusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); //append all clusters that are allowed by the available clusters contexts foreach ($allowed_track_clusters as $allowed_track_cluster) { $allowed_clusters[] = $allowed_track_cluster; } } } return $allowed_clusters; }
/** * Determines whether the current user is allowed to create, edit, and delete associations * between a user and a track * * @param int $userid The id of the user being associated to the track * @param int $trackid The id of the track we are associating the user to * * @return boolean True if the current user has the required permissions, otherwise false */ public static function can_manage_assoc($userid, $trackid) { global $USER; //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:track:enrol_cluster_user', $USER->id); $allowed_clusters = array(); if (!trackpage::can_enrol_into_track($trackid)) { //the users who satisfty this condition are a superset of those who can manage associations return false; } else { if (trackpage::_has_capability('block/curr_admin:track:enrol', $trackid)) { //current user has the direct capability return true; } } //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); $allowed_clusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); //query to get users associated to at least one enabling cluster $cluster_select = ''; if (empty($allowed_clusters)) { $cluster_select = '0=1'; } else { $cluster_select = 'clusterid IN (' . implode(',', $allowed_clusters) . ')'; } $select = "userid = {$userid} AND {$cluster_select}"; //user just needs to be in one of the possible clusters if (record_exists_select(CLSTUSERTABLE, $select)) { return true; } return false; }
/** * Determines whether the current user is allowed to enrol users into the provided class * * @param int $classid The id of the class we are checking permissions on * * @return boolean Whether the user is allowed to enrol users into the class * */ static function can_enrol_into_class($classid) { global $USER; //check the standard capability // TODO: Ugly, this needs to be overhauled $cpage = new pmclasspage(); if ($cpage->_has_capability('local/elisprogram:class_enrol', $classid) || $cpage->_has_capability('local/elisprogram:class_enrol_userset_user', $classid)) { return true; } //get the context for the "indirect" capability $context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:class_enrol_userset_user', $USER->id); //we first need to go through tracks to get to clusters $track_listing = new trackassignment(array('classid' => $classid)); $tracks = $track_listing->get_assigned_tracks(); //iterate over the track ides, which are the keys of the array if (!empty($tracks)) { foreach (array_keys($tracks) as $track) { //get the clusters and check the context against them $clusters = clustertrack::get_clusters($track); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { return true; } } } } } return false; }
$sql = 'FROM ' . $CURMAN->db->prefix_table(USRTABLE) . ' usr ' . 'LEFT OUTER JOIN ' . $CURMAN->db->prefix_table(USRTRKTABLE) . ' ut ON ut.userid = usr.id AND ut.trackid = ' . $trackid . ' ' . 'WHERE ut.userid IS NULL '; if (empty($CURMAN->config->legacy_show_inactive_users)) { $sql .= 'AND usr.inactive = 0 '; } if ($alpha) { $sql .= 'AND ' . $FULLNAME . ' ' . $LIKE . ' \'' . $alpha . '%\' '; } if ($namesearch) { $sql .= 'AND ' . $FULLNAME . ' ' . $LIKE . ' \'%' . $namesearch . '%\' '; } if (!trackpage::_has_capability('block/curr_admin:track:enrol', $trackid)) { //perform SQL filtering for the more "conditional" capability //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:track:enrol_cluster_user', $USER->id); //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); $allowed_clusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); if (empty($allowed_clusters)) { $sql .= 'AND 0=1'; } else { $cluster_filter = implode(',', $allowed_clusters); $sql .= "AND usr.id IN (\n SELECT userid FROM " . $CURMAN->db->prefix_table(CLSTUSERTABLE) . "\n WHERE clusterid IN ({$cluster_filter}))"; } } // get the total number of matching users $count = $CURMAN->db->count_records_sql('SELECT COUNT(usr.id) ' . $sql); if ($sort) { $sql .= 'ORDER BY ' . $sort . ' ' . $dir . ' '; } if ($count < $page * $perpage) { $page = 0;
/** * Determines whether the current user is allowed to enrol users into the provided track * * @param int $trackid The id of the track we are checking permissions on * * @return boolean Whether the user is allowed to enrol users into the curriculum * */ public static function can_enrol_into_track($trackid) { global $USER; //check the standard capability // TODO: Ugly, this needs to be overhauled $tpage = new trackpage(); if ($tpage->_has_capability('local/elisprogram:track_enrol', $trackid)) { return true; } //get the context for the "indirect" capability $context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:track_enrol_userset_user', $USER->id); //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { return true; } } } return false; }
/** * Determines whether the current user is allowed to enrol users into the provided class * * @param int $classid The id of the class we are checking permissions on * * @return boolean Whether the user is allowed to enrol users into the class * */ static function can_enrol_into_class($classid) { global $USER; //check the standard capability if (cmclasspage::_has_capability('block/curr_admin:class:enrol', $classid) || cmclasspage::_has_capability('block/curr_admin:class:enrol_cluster_user', $classid)) { return true; } //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:class:enrol_cluster_user', $USER->id); //we first need to go through tracks to get to clusters $track_listing = new trackassignmentclass(array('classid' => $classid)); $tracks = $track_listing->get_assigned_tracks(); //iterate over the track ides, which are the keys of the array if (!empty($tracks)) { foreach (array_keys($tracks) as $track) { //get the clusters and check the context against them $clusters = clustertrack::get_clusters($track); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { return true; } } } } } return false; }