/**
* This function checks that the current user is logged in and has the
* required privileges
*
* This function checks that the current user is logged in, and optionally
* whether they are allowed to be in a particular course and view a particular
* course module.
* If they are not logged in, then it redirects them to the site login unless
* $autologinguest is set and {@link $CFG}->autologinguests is set to 1 in which
* case they are automatically logged in as guests.
* If $courseid is given and the user is not enrolled in that course then the
* user is redirected to the course enrolment page.
* If $cm is given and the course module is hidden and the user is not a teacher
* in the course then the user is redirected to the course home page.
*
* When $cm parameter specified, this function sets page layout to 'module'.
* You need to change it manually later if some other layout needed.
*
* @package core_access
* @category access
*
* @param mixed $courseorid id of the course or course object
* @param bool $autologinguest default true
* @param object $cm course module object
* @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
* true. Used to avoid (=false) some scripts (file.php...) to set that variable,
* in order to keep redirects working properly. MDL-14495
* @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions
* @return mixed Void, exit, and die depending on path
* @throws coding_exception
* @throws require_login_exception
*/
function require_login($courseorid = null, $autologinguest = true, $cm = null, $setwantsurltome = true, $preventredirect = false)
{
global $CFG, $SESSION, $USER, $PAGE, $SITE, $DB, $OUTPUT;
// Must not redirect when byteserving already started.
if (!empty($_SERVER['HTTP_RANGE'])) {
$preventredirect = true;
}
if (AJAX_SCRIPT) {
// We cannot redirect for AJAX scripts either.
$preventredirect = true;
}
// Setup global $COURSE, themes, language and locale.
if (!empty($courseorid)) {
if (is_object($courseorid)) {
$course = $courseorid;
} else {
if ($courseorid == SITEID) {
$course = clone $SITE;
} else {
$course = $DB->get_record('course', array('id' => $courseorid), '*', MUST_EXIST);
}
}
if ($cm) {
if ($cm->course != $course->id) {
throw new coding_exception('course and cm parameters in require_login() call do not match!!');
}
// Make sure we have a $cm from get_fast_modinfo as this contains activity access details.
if (!$cm instanceof cm_info) {
// Note: nearly all pages call get_fast_modinfo anyway and it does not make any
// db queries so this is not really a performance concern, however it is obviously
// better if you use get_fast_modinfo to get the cm before calling this.
$modinfo = get_fast_modinfo($course);
$cm = $modinfo->get_cm($cm->id);
}
}
} else {
// Do not touch global $COURSE via $PAGE->set_course(),
// the reasons is we need to be able to call require_login() at any time!!
$course = $SITE;
if ($cm) {
throw new coding_exception('cm parameter in require_login() requires valid course parameter!');
}
}
// If this is an AJAX request and $setwantsurltome is true then we need to override it and set it to false.
// Otherwise the AJAX request URL will be set to $SESSION->wantsurl and events such as self enrolment in the future
// risk leading the user back to the AJAX request URL.
if ($setwantsurltome && defined('AJAX_SCRIPT') && AJAX_SCRIPT) {
$setwantsurltome = false;
}
// Redirect to the login page if session has expired, only with dbsessions enabled (MDL-35029) to maintain current behaviour.
if ((!isloggedin() or isguestuser()) && !empty($SESSION->has_timed_out) && !empty($CFG->dbsessions)) {
if ($preventredirect) {
throw new require_login_session_timeout_exception();
} else {
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
redirect(get_login_url());
}
}
// If the user is not even logged in yet then make sure they are.
if (!isloggedin()) {
if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests)) {
if (!($guest = get_complete_user_data('id', $CFG->siteguest))) {
// Misconfigured site guest, just redirect to login page.
redirect(get_login_url());
exit;
// Never reached.
}
$lang = isset($SESSION->lang) ? $SESSION->lang : $CFG->lang;
complete_user_login($guest);
$USER->autologinguest = true;
$SESSION->lang = $lang;
} else {
// NOTE: $USER->site check was obsoleted by session test cookie, $USER->confirmed test is in login/index.php.
if ($preventredirect) {
throw new require_login_exception('You are not logged in');
}
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
$referer = get_local_referer(false);
if (!empty($referer)) {
$SESSION->fromurl = $referer;
}
// Give auth plugins an opportunity to authenticate or redirect to an external login page
$authsequence = get_enabled_auth_plugins(true);
// auths, in sequence
foreach ($authsequence as $authname) {
$authplugin = get_auth_plugin($authname);
$authplugin->pre_loginpage_hook();
if (isloggedin()) {
break;
}
}
// If we're still not logged in then go to the login page
if (!isloggedin()) {
redirect(get_login_url());
exit;
// Never reached.
}
}
}
// Loginas as redirection if needed.
if ($course->id != SITEID and \core\session\manager::is_loggedinas()) {
if ($USER->loginascontext->contextlevel == CONTEXT_COURSE) {
if ($USER->loginascontext->instanceid != $course->id) {
print_error('loginasonecourse', '', $CFG->wwwroot . '/course/view.php?id=' . $USER->loginascontext->instanceid);
}
}
}
// Check whether the user should be changing password (but only if it is REALLY them).
if (get_user_preferences('auth_forcepasswordchange') && !\core\session\manager::is_loggedinas()) {
$userauth = get_auth_plugin($USER->auth);
if ($userauth->can_change_password() and !$preventredirect) {
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
if ($changeurl = $userauth->change_password_url()) {
// Use plugin custom url.
redirect($changeurl);
} else {
// Use moodle internal method.
if (empty($CFG->loginhttps)) {
redirect($CFG->wwwroot . '/login/change_password.php');
} else {
$wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
redirect($wwwroot . '/login/change_password.php');
}
}
} else {
if ($userauth->can_change_password()) {
throw new moodle_exception('forcepasswordchangenotice');
} else {
throw new moodle_exception('nopasswordchangeforced', 'auth');
}
}
}
// Check that the user account is properly set up. If we can't redirect to
// edit their profile, perform just the lax check. It will allow them to
// use filepicker on the profile edit page.
if ($preventredirect) {
$usernotfullysetup = user_not_fully_set_up($USER, false);
} else {
$usernotfullysetup = user_not_fully_set_up($USER, true);
}
if ($usernotfullysetup) {
if ($preventredirect) {
throw new moodle_exception('usernotfullysetup');
}
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
redirect($CFG->wwwroot . '/user/edit.php?id=' . $USER->id . '&course=' . SITEID);
}
// Make sure the USER has a sesskey set up. Used for CSRF protection.
sesskey();
// Do not bother admins with any formalities.
if (is_siteadmin()) {
// Set the global $COURSE.
if ($cm) {
$PAGE->set_cm($cm, $course);
$PAGE->set_pagelayout('incourse');
} else {
if (!empty($courseorid)) {
$PAGE->set_course($course);
}
}
// Set accesstime or the user will appear offline which messes up messaging.
user_accesstime_log($course->id);
return;
}
// Check that the user has agreed to a site policy if there is one - do not test in case of admins.
if (!$USER->policyagreed and !is_siteadmin()) {
if (!empty($CFG->sitepolicy) and !isguestuser()) {
if ($preventredirect) {
throw new moodle_exception('sitepolicynotagreed', 'error', '', $CFG->sitepolicy);
}
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
redirect($CFG->wwwroot . '/user/policy.php');
} else {
if (!empty($CFG->sitepolicyguest) and isguestuser()) {
if ($preventredirect) {
throw new moodle_exception('sitepolicynotagreed', 'error', '', $CFG->sitepolicyguest);
}
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
redirect($CFG->wwwroot . '/user/policy.php');
}
}
}
// Fetch the system context, the course context, and prefetch its child contexts.
$sysctx = context_system::instance();
$coursecontext = context_course::instance($course->id, MUST_EXIST);
if ($cm) {
$cmcontext = context_module::instance($cm->id, MUST_EXIST);
} else {
$cmcontext = null;
}
// If the site is currently under maintenance, then print a message.
if (!empty($CFG->maintenance_enabled) and !has_capability('moodle/site:maintenanceaccess', $sysctx)) {
if ($preventredirect) {
throw new require_login_exception('Maintenance in progress');
}
$PAGE->set_context(null);
print_maintenance_message();
}
// Make sure the course itself is not hidden.
if ($course->id == SITEID) {
// Frontpage can not be hidden.
} else {
if (is_role_switched($course->id)) {
// When switching roles ignore the hidden flag - user had to be in course to do the switch.
} else {
if (!$course->visible and !has_capability('moodle/course:viewhiddencourses', $coursecontext)) {
// Originally there was also test of parent category visibility, BUT is was very slow in complex queries
// involving "my courses" now it is also possible to simply hide all courses user is not enrolled in :-).
if ($preventredirect) {
throw new require_login_exception('Course is hidden');
}
$PAGE->set_context(null);
// We need to override the navigation URL as the course won't have been added to the navigation and thus
// the navigation will mess up when trying to find it.
navigation_node::override_active_url(new moodle_url('/'));
notice(get_string('coursehidden'), $CFG->wwwroot . '/');
}
}
}
// Is the user enrolled?
if ($course->id == SITEID) {
// Everybody is enrolled on the frontpage.
} else {
if (\core\session\manager::is_loggedinas()) {
// Make sure the REAL person can access this course first.
$realuser = \core\session\manager::get_realuser();
if (!is_enrolled($coursecontext, $realuser->id, '', true) and !is_viewing($coursecontext, $realuser->id) and !is_siteadmin($realuser->id)) {
if ($preventredirect) {
throw new require_login_exception('Invalid course login-as access');
}
$PAGE->set_context(null);
echo $OUTPUT->header();
notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot . '/');
}
}
$access = false;
if (is_role_switched($course->id)) {
// Ok, user had to be inside this course before the switch.
$access = true;
} else {
if (is_viewing($coursecontext, $USER)) {
// Ok, no need to mess with enrol.
$access = true;
} else {
if (isset($USER->enrol['enrolled'][$course->id])) {
if ($USER->enrol['enrolled'][$course->id] > time()) {
$access = true;
if (isset($USER->enrol['tempguest'][$course->id])) {
unset($USER->enrol['tempguest'][$course->id]);
remove_temp_course_roles($coursecontext);
}
} else {
// Expired.
unset($USER->enrol['enrolled'][$course->id]);
}
}
if (isset($USER->enrol['tempguest'][$course->id])) {
if ($USER->enrol['tempguest'][$course->id] == 0) {
$access = true;
} else {
if ($USER->enrol['tempguest'][$course->id] > time()) {
$access = true;
} else {
// Expired.
unset($USER->enrol['tempguest'][$course->id]);
remove_temp_course_roles($coursecontext);
}
}
}
if (!$access) {
// Cache not ok.
$until = enrol_get_enrolment_end($coursecontext->instanceid, $USER->id);
if ($until !== false) {
// Active participants may always access, a timestamp in the future, 0 (always) or false.
if ($until == 0) {
$until = ENROL_MAX_TIMESTAMP;
}
$USER->enrol['enrolled'][$course->id] = $until;
$access = true;
} else {
$params = array('courseid' => $course->id, 'status' => ENROL_INSTANCE_ENABLED);
$instances = $DB->get_records('enrol', $params, 'sortorder, id ASC');
$enrols = enrol_get_plugins(true);
// First ask all enabled enrol instances in course if they want to auto enrol user.
foreach ($instances as $instance) {
if (!isset($enrols[$instance->enrol])) {
continue;
}
// Get a duration for the enrolment, a timestamp in the future, 0 (always) or false.
$until = $enrols[$instance->enrol]->try_autoenrol($instance);
if ($until !== false) {
if ($until == 0) {
$until = ENROL_MAX_TIMESTAMP;
}
$USER->enrol['enrolled'][$course->id] = $until;
$access = true;
break;
}
}
// If not enrolled yet try to gain temporary guest access.
if (!$access) {
foreach ($instances as $instance) {
if (!isset($enrols[$instance->enrol])) {
continue;
}
// Get a duration for the guest access, a timestamp in the future or false.
$until = $enrols[$instance->enrol]->try_guestaccess($instance);
if ($until !== false and $until > time()) {
$USER->enrol['tempguest'][$course->id] = $until;
$access = true;
break;
}
}
}
}
}
}
}
if (!$access) {
if ($preventredirect) {
throw new require_login_exception('Not enrolled');
}
if ($setwantsurltome) {
$SESSION->wantsurl = qualified_me();
}
redirect($CFG->wwwroot . '/enrol/index.php?id=' . $course->id);
}
}
// Check visibility of activity to current user; includes visible flag, conditional availability, etc.
if ($cm && !$cm->uservisible) {
if ($preventredirect) {
throw new require_login_exception('Activity is hidden');
}
if ($course->id != SITEID) {
$url = new moodle_url('/course/view.php', array('id' => $course->id));
} else {
$url = new moodle_url('/');
}
redirect($url, get_string('activityiscurrentlyhidden'));
}
// Set the global $COURSE.
if ($cm) {
$PAGE->set_cm($cm, $course);
$PAGE->set_pagelayout('incourse');
} else {
if (!empty($courseorid)) {
$PAGE->set_course($course);
}
}
// Finally access granted, update lastaccess times.
user_accesstime_log($course->id);
}
/**
* Returns true if the user is able to access the course.
*
* This function is in no way, shape, or form a substitute for require_login.
* It should only be used in circumstances where it is not possible to call require_login
* such as the navigation.
*
* This function checks many of the methods of access to a course such as the view
* capability, enrollments, and guest access. It also makes use of the cache
* generated by require_login for guest access.
*
* The flags within the $USER object that are used here should NEVER be used outside
* of this function can_access_course and require_login. Doing so WILL break future
* versions.
*
* @param stdClass $course record
* @param stdClass|int|null $user user record or id, current user if null
* @param string $withcapability Check for this capability as well.
* @param bool $onlyactive consider only active enrolments in enabled plugins and time restrictions
* @return boolean Returns true if the user is able to access the course
*/
function can_access_course(stdClass $course, $user = null, $withcapability = '', $onlyactive = false)
{
global $DB, $USER;
// this function originally accepted $coursecontext parameter
if ($course instanceof context) {
if ($course instanceof context_course) {
debugging('deprecated context parameter, please use $course record');
$coursecontext = $course;
$course = $DB->get_record('course', array('id' => $coursecontext->instanceid));
} else {
debugging('Invalid context parameter, please use $course record');
return false;
}
} else {
$coursecontext = context_course::instance($course->id);
}
if (!isset($USER->id)) {
// should never happen
$USER->id = 0;
}
// make sure there is a user specified
if ($user === null) {
$userid = $USER->id;
} else {
$userid = is_object($user) ? $user->id : $user;
}
unset($user);
if ($withcapability and !has_capability($withcapability, $coursecontext, $userid)) {
return false;
}
if ($userid == $USER->id) {
if (!empty($USER->access['rsw'][$coursecontext->path])) {
// the fact that somebody switched role means they can access the course no matter to what role they switched
return true;
}
}
if (!$course->visible and !has_capability('moodle/course:viewhiddencourses', $coursecontext, $userid)) {
return false;
}
if (is_viewing($coursecontext, $userid)) {
return true;
}
if ($userid != $USER->id) {
// for performance reasons we do not verify temporary guest access for other users, sorry...
return is_enrolled($coursecontext, $userid, '', $onlyactive);
}
// === from here we deal only with $USER ===
$coursecontext->reload_if_dirty();
if (isset($USER->enrol['enrolled'][$course->id])) {
if ($USER->enrol['enrolled'][$course->id] > time()) {
return true;
}
}
if (isset($USER->enrol['tempguest'][$course->id])) {
if ($USER->enrol['tempguest'][$course->id] > time()) {
return true;
}
}
if (is_enrolled($coursecontext, $USER, '', $onlyactive)) {
return true;
}
// if not enrolled try to gain temporary guest access
$instances = $DB->get_records('enrol', array('courseid' => $course->id, 'status' => ENROL_INSTANCE_ENABLED), 'sortorder, id ASC');
$enrols = enrol_get_plugins(true);
foreach ($instances as $instance) {
if (!isset($enrols[$instance->enrol])) {
continue;
}
// Get a duration for the guest access, a timestamp in the future, 0 (always) or false.
$until = $enrols[$instance->enrol]->try_guestaccess($instance);
if ($until !== false and $until > time()) {
$USER->enrol['tempguest'][$course->id] = $until;
return true;
}
}
if (isset($USER->enrol['tempguest'][$course->id])) {
unset($USER->enrol['tempguest'][$course->id]);
remove_temp_course_roles($coursecontext);
}
return false;
}
/**
* Unenrol user from course,
* the last unenrolment removes all remaining roles.
*
* @param stdClass $instance
* @param int $userid
* @return void
*/
public function unenrol_user(stdClass $instance, $userid)
{
global $CFG, $USER, $DB;
require_once "{$CFG->dirroot}/group/lib.php";
$name = $this->get_name();
$courseid = $instance->courseid;
if ($instance->enrol !== $name) {
throw new coding_exception('invalid enrol instance!');
}
$context = context_course::instance($instance->courseid, MUST_EXIST);
if (!($ue = $DB->get_record('user_enrolments', array('enrolid' => $instance->id, 'userid' => $userid)))) {
// weird, user not enrolled
return;
}
// Remove all users groups linked to this enrolment instance.
if ($gms = $DB->get_records('groups_members', array('userid' => $userid, 'component' => 'enrol_' . $name, 'itemid' => $instance->id))) {
foreach ($gms as $gm) {
groups_remove_member($gm->groupid, $gm->userid);
}
}
role_unassign_all(array('userid' => $userid, 'contextid' => $context->id, 'component' => 'enrol_' . $name, 'itemid' => $instance->id));
$DB->delete_records('user_enrolments', array('id' => $ue->id));
// add extra info and trigger event
$ue->courseid = $courseid;
$ue->enrol = $name;
$sql = "SELECT 'x'\n FROM {user_enrolments} ue\n JOIN {enrol} e ON (e.id = ue.enrolid)\n WHERE ue.userid = :userid AND e.courseid = :courseid";
if ($DB->record_exists_sql($sql, array('userid' => $userid, 'courseid' => $courseid))) {
$ue->lastenrol = false;
events_trigger('user_unenrolled', $ue);
// user still has some enrolments, no big cleanup yet
} else {
// the big cleanup IS necessary!
require_once "{$CFG->libdir}/gradelib.php";
// remove all remaining roles
role_unassign_all(array('userid' => $userid, 'contextid' => $context->id), true, false);
//clean up ALL invisible user data from course if this is the last enrolment - groups, grades, etc.
groups_delete_group_members($courseid, $userid);
grade_user_unenrol($courseid, $userid);
$DB->delete_records('user_lastaccess', array('userid' => $userid, 'courseid' => $courseid));
$ue->lastenrol = true;
// means user not enrolled any more
events_trigger('user_unenrolled', $ue);
}
// reset all enrol caches
$context->mark_dirty();
// reset current user enrolment caching
if ($userid == $USER->id) {
if (isset($USER->enrol['enrolled'][$courseid])) {
unset($USER->enrol['enrolled'][$courseid]);
}
if (isset($USER->enrol['tempguest'][$courseid])) {
unset($USER->enrol['tempguest'][$courseid]);
remove_temp_course_roles($context);
}
}
}
/**
* A small functional test of accesslib functions and classes.
* @return void
*/
public function test_everything_in_accesslib() {
global $USER, $SITE, $CFG, $DB, $ACCESSLIB_PRIVATE;
$this->resetAfterTest(true);
$generator = $this->getDataGenerator();
// Fill the site with some real data
$testcategories = array();
$testcourses = array();
$testpages = array();
$testblocks = array();
$allroles = $DB->get_records_menu('role', array(), 'id', 'archetype, id');
$systemcontext = context_system::instance();
$frontpagecontext = context_course::instance(SITEID);
// Add block to system context
$bi = $generator->create_block('online_users');
context_block::instance($bi->id);
$testblocks[] = $bi->id;
// Some users
$testusers = array();
for($i=0; $i<20; $i++) {
$user = $generator->create_user();
$testusers[$i] = $user->id;
$usercontext = context_user::instance($user->id);
// Add block to user profile
$bi = $generator->create_block('online_users', array('parentcontextid'=>$usercontext->id));
$testblocks[] = $bi->id;
}
// Deleted user - should be ignored everywhere, can not have context
$generator->create_user(array('deleted'=>1));
// Add block to frontpage
$bi = $generator->create_block('online_users', array('parentcontextid'=>$frontpagecontext->id));
$frontpageblockcontext = context_block::instance($bi->id);
$testblocks[] = $bi->id;
// Add a resource to frontpage
$page = $generator->create_module('page', array('course'=>$SITE->id));
$testpages[] = $page->id;
$frontpagepagecontext = context_module::instance($page->cmid);
// Add block to frontpage resource
$bi = $generator->create_block('online_users', array('parentcontextid'=>$frontpagepagecontext->id));
$frontpagepageblockcontext = context_block::instance($bi->id);
$testblocks[] = $bi->id;
// Some nested course categories with courses
$manualenrol = enrol_get_plugin('manual');
$parentcat = 0;
for($i=0; $i<5; $i++) {
$cat = $generator->create_category(array('parent'=>$parentcat));
$testcategories[] = $cat->id;
$catcontext = context_coursecat::instance($cat->id);
$parentcat = $cat->id;
if ($i >=4) {
continue;
}
// Add resource to each category
$bi = $generator->create_block('online_users', array('parentcontextid'=>$catcontext->id));
context_block::instance($bi->id);
// Add a few courses to each category
for($j=0; $j<6; $j++) {
$course = $generator->create_course(array('category'=>$cat->id));
$testcourses[] = $course->id;
$coursecontext = context_course::instance($course->id);
if ($j >= 5) {
continue;
}
// Add manual enrol instance
$manualenrol->add_default_instance($DB->get_record('course', array('id'=>$course->id)));
// Add block to each course
$bi = $generator->create_block('online_users', array('parentcontextid'=>$coursecontext->id));
$testblocks[] = $bi->id;
// Add a resource to each course
$page = $generator->create_module('page', array('course'=>$course->id));
$testpages[] = $page->id;
$modcontext = context_module::instance($page->cmid);
// Add block to each module
$bi = $generator->create_block('online_users', array('parentcontextid'=>$modcontext->id));
$testblocks[] = $bi->id;
}
}
// Make sure all contexts were created properly
$count = 1; //system
$count += $DB->count_records('user', array('deleted'=>0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEquals($DB->count_records('context'), $count);
$this->assertEquals($DB->count_records('context', array('depth'=>0)), 0);
$this->assertEquals($DB->count_records('context', array('path'=>NULL)), 0);
// ====== context_helper::get_level_name() ================================
$levels = context_helper::get_all_levels();
foreach ($levels as $level=>$classname) {
$name = context_helper::get_level_name($level);
$this->assertFalse(empty($name));
}
// ======= context::instance_by_id(), context_xxx::instance();
$context = context::instance_by_id($frontpagecontext->id);
$this->assertSame($context->contextlevel, CONTEXT_COURSE);
$this->assertFalse(context::instance_by_id(-1, IGNORE_MISSING));
try {
context::instance_by_id(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$this->assertTrue(context_system::instance() instanceof context_system);
$this->assertTrue(context_coursecat::instance($testcategories[0]) instanceof context_coursecat);
$this->assertTrue(context_course::instance($testcourses[0]) instanceof context_course);
$this->assertTrue(context_module::instance($testpages[0]) instanceof context_module);
$this->assertTrue(context_block::instance($testblocks[0]) instanceof context_block);
$this->assertFalse(context_coursecat::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_course::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_module::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_block::instance(-1, IGNORE_MISSING));
try {
context_coursecat::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_course::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_module::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_block::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
// ======= $context->get_url(), $context->get_context_name(), $context->get_capabilities() =========
$testcontexts = array();
$testcontexts[CONTEXT_SYSTEM] = context_system::instance();
$testcontexts[CONTEXT_COURSECAT] = context_coursecat::instance($testcategories[0]);
$testcontexts[CONTEXT_COURSE] = context_course::instance($testcourses[0]);
$testcontexts[CONTEXT_MODULE] = context_module::instance($testpages[0]);
$testcontexts[CONTEXT_BLOCK] = context_block::instance($testblocks[0]);
foreach ($testcontexts as $context) {
$name = $context->get_context_name(true, true);
$this->assertFalse(empty($name));
$this->assertTrue($context->get_url() instanceof moodle_url);
$caps = $context->get_capabilities();
$this->assertTrue(is_array($caps));
foreach ($caps as $cap) {
$cap = (array)$cap;
$this->assertSame(array_keys($cap), array('id', 'name', 'captype', 'contextlevel', 'component', 'riskbitmask'));
}
}
unset($testcontexts);
// ===== $context->get_course_context() =========================================
$this->assertFalse($systemcontext->get_course_context(false));
try {
$systemcontext->get_course_context();
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$context = context_coursecat::instance($testcategories[0]);
$this->assertFalse($context->get_course_context(false));
try {
$context->get_course_context();
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$this->assertSame($frontpagecontext->get_course_context(true), $frontpagecontext);
$this->assertSame($frontpagepagecontext->get_course_context(true), $frontpagecontext);
$this->assertSame($frontpagepageblockcontext->get_course_context(true), $frontpagecontext);
// ======= $context->get_parent_context(), $context->get_parent_contexts(), $context->get_parent_context_ids() =======
$userid = reset($testusers);
$usercontext = context_user::instance($userid);
$this->assertSame($usercontext->get_parent_context(), $systemcontext);
$this->assertSame($usercontext->get_parent_contexts(), array($systemcontext->id=>$systemcontext));
$this->assertSame($usercontext->get_parent_contexts(true), array($usercontext->id=>$usercontext, $systemcontext->id=>$systemcontext));
$this->assertSame($systemcontext->get_parent_contexts(), array());
$this->assertSame($systemcontext->get_parent_contexts(true), array($systemcontext->id=>$systemcontext));
$this->assertSame($systemcontext->get_parent_context_ids(), array());
$this->assertSame($systemcontext->get_parent_context_ids(true), array($systemcontext->id));
$this->assertSame($frontpagecontext->get_parent_context(), $systemcontext);
$this->assertSame($frontpagecontext->get_parent_contexts(), array($systemcontext->id=>$systemcontext));
$this->assertSame($frontpagecontext->get_parent_contexts(true), array($frontpagecontext->id=>$frontpagecontext, $systemcontext->id=>$systemcontext));
$this->assertSame($frontpagecontext->get_parent_context_ids(), array($systemcontext->id));
$this->assertEquals($frontpagecontext->get_parent_context_ids(true), array($frontpagecontext->id, $systemcontext->id));
$this->assertSame($systemcontext->get_parent_context(), false);
$frontpagecontext = context_course::instance($SITE->id);
$parent = $systemcontext;
foreach ($testcategories as $catid) {
$catcontext = context_coursecat::instance($catid);
$this->assertSame($catcontext->get_parent_context(), $parent);
$parent = $catcontext;
}
$this->assertSame($frontpagepagecontext->get_parent_context(), $frontpagecontext);
$this->assertSame($frontpageblockcontext->get_parent_context(), $frontpagecontext);
$this->assertSame($frontpagepageblockcontext->get_parent_context(), $frontpagepagecontext);
// ====== $context->get_child_contexts() ================================
$CFG->debug = 0;
$children = $systemcontext->get_child_contexts();
$CFG->debug = DEBUG_DEVELOPER;
$this->assertEquals(count($children)+1, $DB->count_records('context'));
$context = context_coursecat::instance($testcategories[3]);
$children = $context->get_child_contexts();
$countcats = 0;
$countcourses = 0;
$countblocks = 0;
foreach ($children as $child) {
if ($child->contextlevel == CONTEXT_COURSECAT) {
$countcats++;
}
if ($child->contextlevel == CONTEXT_COURSE) {
$countcourses++;
}
if ($child->contextlevel == CONTEXT_BLOCK) {
$countblocks++;
}
}
$this->assertEquals(count($children), 8);
$this->assertEquals($countcats, 1);
$this->assertEquals($countcourses, 6);
$this->assertEquals($countblocks, 1);
$context = context_course::instance($testcourses[2]);
$children = $context->get_child_contexts();
$this->assertEquals(count($children), 7); // depends on number of default blocks
$context = context_module::instance($testpages[3]);
$children = $context->get_child_contexts();
$this->assertEquals(count($children), 1);
$context = context_block::instance($testblocks[1]);
$children = $context->get_child_contexts();
$this->assertEquals(count($children), 0);
unset($children);
unset($countcats);
unset($countcourses);
unset($countblocks);
// ======= context_helper::reset_caches() ============================
context_helper::reset_caches();
$this->assertEquals(context_inspection::test_context_cache_size(), 0);
context_course::instance($SITE->id);
$this->assertEquals(context_inspection::test_context_cache_size(), 1);
// ======= context preloading ========================================
context_helper::reset_caches();
$sql = "SELECT ".context_helper::get_preload_record_columns_sql('c')."
FROM {context} c
WHERE c.contextlevel <> ".CONTEXT_SYSTEM;
$records = $DB->get_records_sql($sql);
$firstrecord = reset($records);
$columns = context_helper::get_preload_record_columns('c');
$firstrecord = (array)$firstrecord;
$this->assertSame(array_keys($firstrecord), array_values($columns));
context_helper::reset_caches();
foreach ($records as $record) {
context_helper::preload_from_record($record);
$this->assertEquals($record, new stdClass());
}
$this->assertEquals(context_inspection::test_context_cache_size(), count($records));
unset($records);
unset($columns);
context_helper::reset_caches();
context_helper::preload_course($SITE->id);
$this->assertEquals(7, context_inspection::test_context_cache_size()); // depends on number of default blocks
// ====== assign_capability(), unassign_capability() ====================
$rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups'));
$this->assertFalse($rc);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $allroles['teacher'], $frontpagecontext->id);
$rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups'));
$this->assertEquals($rc->permission, CAP_ALLOW);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $allroles['teacher'], $frontpagecontext->id);
$rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups'));
$this->assertEquals($rc->permission, CAP_ALLOW);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $allroles['teacher'], $frontpagecontext, true);
$rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups'));
$this->assertEquals($rc->permission, CAP_PREVENT);
assign_capability('moodle/site:accessallgroups', CAP_INHERIT, $allroles['teacher'], $frontpagecontext);
$rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups'));
$this->assertFalse($rc);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $allroles['teacher'], $frontpagecontext);
unassign_capability('moodle/site:accessallgroups', $allroles['teacher'], $frontpagecontext, true);
$rc = $DB->get_record('role_capabilities', array('contextid'=>$frontpagecontext->id, 'roleid'=>$allroles['teacher'], 'capability'=>'moodle/site:accessallgroups'));
$this->assertFalse($rc);
unassign_capability('moodle/site:accessallgroups', $allroles['teacher'], $frontpagecontext->id, true);
unset($rc);
accesslib_clear_all_caches(false); // must be done after assign_capability()
// ======= role_assign(), role_unassign(), role_unassign_all() ==============
$context = context_course::instance($testcourses[1]);
$this->assertEquals($DB->count_records('role_assignments', array('contextid'=>$context->id)), 0);
role_assign($allroles['teacher'], $testusers[1], $context->id);
role_assign($allroles['teacher'], $testusers[2], $context->id);
role_assign($allroles['manager'], $testusers[1], $context->id);
$this->assertEquals($DB->count_records('role_assignments', array('contextid'=>$context->id)), 3);
role_unassign($allroles['teacher'], $testusers[1], $context->id);
$this->assertEquals($DB->count_records('role_assignments', array('contextid'=>$context->id)), 2);
role_unassign_all(array('contextid'=>$context->id));
$this->assertEquals($DB->count_records('role_assignments', array('contextid'=>$context->id)), 0);
unset($context);
accesslib_clear_all_caches(false); // just in case
// ====== has_capability(), get_users_by_capability(), role_switch(), reload_all_capabilities() and friends ========================
$adminid = get_admin()->id;
$guestid = $CFG->siteguest;
// Enrol some users into some courses
$course1 = $DB->get_record('course', array('id'=>$testcourses[22]), '*', MUST_EXIST);
$course2 = $DB->get_record('course', array('id'=>$testcourses[7]), '*', MUST_EXIST);
$cms = $DB->get_records('course_modules', array('course'=>$course1->id), 'id');
$cm1 = reset($cms);
$blocks = $DB->get_records('block_instances', array('parentcontextid'=>context_module::instance($cm1->id)->id), 'id');
$block1 = reset($blocks);
$instance1 = $DB->get_record('enrol', array('enrol'=>'manual', 'courseid'=>$course1->id));
$instance2 = $DB->get_record('enrol', array('enrol'=>'manual', 'courseid'=>$course2->id));
for($i=0; $i<9; $i++) {
$manualenrol->enrol_user($instance1, $testusers[$i], $allroles['student']);
}
$manualenrol->enrol_user($instance1, $testusers[8], $allroles['teacher']);
$manualenrol->enrol_user($instance1, $testusers[9], $allroles['editingteacher']);
for($i=10; $i<15; $i++) {
$manualenrol->enrol_user($instance2, $testusers[$i], $allroles['student']);
}
$manualenrol->enrol_user($instance2, $testusers[15], $allroles['editingteacher']);
// Add tons of role assignments - the more the better
role_assign($allroles['coursecreator'], $testusers[11], context_coursecat::instance($testcategories[2]));
role_assign($allroles['manager'], $testusers[12], context_coursecat::instance($testcategories[1]));
role_assign($allroles['student'], $testusers[9], context_module::instance($cm1->id));
role_assign($allroles['teacher'], $testusers[8], context_module::instance($cm1->id));
role_assign($allroles['guest'], $testusers[13], context_course::instance($course1->id));
role_assign($allroles['teacher'], $testusers[7], context_block::instance($block1->id));
role_assign($allroles['manager'], $testusers[9], context_block::instance($block1->id));
role_assign($allroles['editingteacher'], $testusers[9], context_course::instance($course1->id));
role_assign($allroles['teacher'], $adminid, context_course::instance($course1->id));
role_assign($allroles['editingteacher'], $adminid, context_block::instance($block1->id));
// Add tons of overrides - the more the better
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultuserroleid, $frontpageblockcontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpageblockcontext, true);
assign_capability('moodle/block:view', CAP_PROHIBIT, $allroles['guest'], $frontpageblockcontext, true);
assign_capability('block/online_users:viewlist', CAP_PREVENT, $allroles['user'], $frontpageblockcontext, true);
assign_capability('block/online_users:viewlist', CAP_PREVENT, $allroles['student'], $frontpageblockcontext, true);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $CFG->defaultuserroleid, $frontpagepagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpagepagecontext, true);
assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $frontpagepagecontext, true);
assign_capability('mod/page:view', CAP_ALLOW, $allroles['user'], $frontpagepagecontext, true);
assign_capability('moodle/page:view', CAP_ALLOW, $allroles['student'], $frontpagepagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultuserroleid, $frontpagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpagecontext, true);
assign_capability('mod/page:view', CAP_ALLOW, $allroles['guest'], $frontpagecontext, true);
assign_capability('mod/page:view', CAP_PROHIBIT, $allroles['user'], $frontpagecontext, true);
assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $systemcontext, true);
accesslib_clear_all_caches(false); // must be done after assign_capability()
// Extra tests for guests and not-logged-in users because they can not be verified by cross checking
// with get_users_by_capability() where they are ignored
$this->assertFalse(has_capability('moodle/block:view', $frontpageblockcontext, $guestid));
$this->assertFalse(has_capability('mod/page:view', $frontpagepagecontext, $guestid));
$this->assertTrue(has_capability('mod/page:view', $frontpagecontext, $guestid));
$this->assertFalse(has_capability('mod/page:view', $systemcontext, $guestid));
$this->assertFalse(has_capability('moodle/block:view', $frontpageblockcontext, 0));
$this->assertFalse(has_capability('mod/page:view', $frontpagepagecontext, 0));
$this->assertTrue(has_capability('mod/page:view', $frontpagecontext, 0));
$this->assertFalse(has_capability('mod/page:view', $systemcontext, 0));
$this->assertFalse(has_capability('moodle/course:create', $systemcontext, $testusers[11]));
$this->assertTrue(has_capability('moodle/course:create', context_coursecat::instance($testcategories[2]), $testusers[11]));
$this->assertFalse(has_capability('moodle/course:create', context_course::instance($testcourses[1]), $testusers[11]));
$this->assertTrue(has_capability('moodle/course:create', context_course::instance($testcourses[19]), $testusers[11]));
$this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[1]), $testusers[9]));
$this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[19]), $testusers[9]));
$this->assertFalse(has_capability('moodle/course:update', $systemcontext, $testusers[9]));
// Test the list of enrolled users
$coursecontext = context_course::instance($course1->id);
$enrolled = get_enrolled_users($coursecontext);
$this->assertEquals(count($enrolled), 10);
for($i=0; $i<10; $i++) {
$this->assertTrue(isset($enrolled[$testusers[$i]]));
}
$enrolled = get_enrolled_users($coursecontext, 'moodle/course:update');
$this->assertEquals(count($enrolled), 1);
$this->assertTrue(isset($enrolled[$testusers[9]]));
unset($enrolled);
// role switching
$userid = $testusers[9];
$USER = $DB->get_record('user', array('id'=>$userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
$this->assertFalse(is_role_switched($course1->id));
role_switch($allroles['student'], $coursecontext);
$this->assertTrue(is_role_switched($course1->id));
$this->assertEquals($USER->access['rsw'][$coursecontext->path], $allroles['student']);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
role_switch(0, $coursecontext);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
$userid = $adminid;
$USER = $DB->get_record('user', array('id'=>$userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$blockcontext = context_block::instance($block1->id);
$this->assertTrue(has_capability('moodle/course:update', $blockcontext));
role_switch($allroles['student'], $coursecontext);
$this->assertEquals($USER->access['rsw'][$coursecontext->path], $allroles['student']);
$this->assertFalse(has_capability('moodle/course:update', $blockcontext));
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $blockcontext));
load_all_capabilities();
$this->assertTrue(has_capability('moodle/course:update', $blockcontext));
// temp course role for enrol
$DB->delete_records('cache_flags', array()); // this prevents problem with dirty contexts immediately resetting the temp role - this is a known problem...
$userid = $testusers[5];
$roleid = $allroles['editingteacher'];
$USER = $DB->get_record('user', array('id'=>$userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
$this->assertFalse(isset($USER->access['ra'][$coursecontext->path][$roleid]));
load_temp_course_role($coursecontext, $roleid);
$this->assertEquals($USER->access['ra'][$coursecontext->path][$roleid], $roleid);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
remove_temp_course_roles($coursecontext);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext, $userid));
load_temp_course_role($coursecontext, $roleid);
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $coursecontext, $userid));
$USER = new stdClass();
$USER->id = 0;
// Now cross check has_capability() with get_users_by_capability(), each using different code paths,
// they have to be kept in sync, usually only one of them breaks, so we know when something is wrong,
// at the same time validate extra restrictions (guest read only no risks, admin exception, non existent and deleted users)
$contexts = $DB->get_records('context', array(), 'id');
$contexts = array_values($contexts);
$capabilities = $DB->get_records('capabilities', array(), 'id');
$capabilities = array_values($capabilities);
$roles = array($allroles['guest'], $allroles['user'], $allroles['teacher'], $allroles['editingteacher'], $allroles['coursecreator'], $allroles['manager']);
$userids = array_values($testusers);
$userids[] = get_admin()->id;
if (!PHPUNIT_LONGTEST) {
$contexts = array_slice($contexts, 0, 10);
$capabilities = array_slice($capabilities, 0, 5);
$userids = array_slice($userids, 0, 5);
}
// Random time!
//srand(666);
foreach($userids as $userid) { // no guest or deleted
// each user gets 0-10 random roles
$rcount = rand(0, 10);
for($j=0; $j<$rcount; $j++) {
$roleid = $roles[rand(0, count($roles)-1)];
$contextid = $contexts[rand(0, count($contexts)-1)]->id;
role_assign($roleid, $userid, $contextid);
}
}
$permissions = array(CAP_ALLOW, CAP_PREVENT, CAP_INHERIT, CAP_PREVENT);
$maxoverrides = count($contexts)*10;
for($j=0; $j<$maxoverrides; $j++) {
$roleid = $roles[rand(0, count($roles)-1)];
$contextid = $contexts[rand(0, count($contexts)-1)]->id;
$permission = $permissions[rand(0,count($permissions)-1)];
$capname = $capabilities[rand(0, count($capabilities)-1)]->name;
assign_capability($capname, $permission, $roleid, $contextid, true);
}
unset($permissions);
unset($roles);
accesslib_clear_all_caches(false); // must be done after assign_capability()
// Test time - let's set up some real user, just in case the logic for USER affects the others...
$USER = $DB->get_record('user', array('id'=>$testusers[3]));
load_all_capabilities();
$userids[] = $CFG->siteguest;
$userids[] = 0; // not-logged-in user
$userids[] = -1; // non-existent user
foreach ($contexts as $crecord) {
$context = context::instance_by_id($crecord->id);
if ($coursecontext = $context->get_course_context(false)) {
$enrolled = get_enrolled_users($context);
} else {
$enrolled = array();
}
foreach ($capabilities as $cap) {
$allowed = get_users_by_capability($context, $cap->name, 'u.id, u.username');
if ($enrolled) {
$enrolledwithcap = get_enrolled_users($context, $cap->name);
} else {
$enrolledwithcap = array();
}
foreach ($userids as $userid) {
if ($userid == 0 or isguestuser($userid)) {
if ($userid == 0) {
$CFG->forcelogin = true;
$this->assertFalse(has_capability($cap->name, $context, $userid));
unset($CFG->forcelogin);
}
if (($cap->captype === 'write') or ($cap->riskbitmask & (RISK_XSS | RISK_CONFIG | RISK_DATALOSS))) {
$this->assertFalse(has_capability($cap->name, $context, $userid));
}
$this->assertFalse(isset($allowed[$userid]));
} else {
if (is_siteadmin($userid)) {
$this->assertTrue(has_capability($cap->name, $context, $userid, true));
}
$hascap = has_capability($cap->name, $context, $userid, false);
$this->assertSame($hascap, isset($allowed[$userid]), "Capability result mismatch user:$userid, context:$context->id, $cap->name, hascap: ".(int)$hascap." ");
if (isset($enrolled[$userid])) {
$this->assertSame(isset($allowed[$userid]), isset($enrolledwithcap[$userid]), "Enrolment with capability result mismatch user:$userid, context:$context->id, $cap->name, hascap: ".(int)$hascap." ");
}
}
}
}
}
// Back to nobody
$USER = new stdClass();
$USER->id = 0;
unset($contexts);
unset($userids);
unset($capabilities);
// Now let's do all the remaining tests that break our carefully prepared fake site
// ======= $context->mark_dirty() =======================================
$DB->delete_records('cache_flags', array());
accesslib_clear_all_caches(false);
$systemcontext->mark_dirty();
$dirty = get_cache_flags('accesslib/dirtycontexts', time()-2);
$this->assertTrue(isset($dirty[$systemcontext->path]));
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$systemcontext->path]));
// ======= $context->reload_if_dirty(); =================================
$DB->delete_records('cache_flags', array());
accesslib_clear_all_caches(false);
load_all_capabilities();
$context = context_course::instance($testcourses[2]);
$page = $DB->get_record('page', array('course'=>$testcourses[2]));
$pagecontext = context_module::instance($page->id);
$context->mark_dirty();
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$context->path]));
$USER->access['test'] = true;
$context->reload_if_dirty();
$this->assertFalse(isset($USER->access['test']));
$context->mark_dirty();
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$context->path]));
$USER->access['test'] = true;
$pagecontext->reload_if_dirty();
$this->assertFalse(isset($USER->access['test']));
// ======= context_helper::build_all_paths() ============================
$oldcontexts = $DB->get_records('context', array(), 'id');
$DB->set_field_select('context', 'path', NULL, "contextlevel <> ".CONTEXT_SYSTEM);
$DB->set_field_select('context', 'depth', 0, "contextlevel <> ".CONTEXT_SYSTEM);
context_helper::build_all_paths();
$newcontexts = $DB->get_records('context', array(), 'id');
$this->assertEquals($oldcontexts, $newcontexts);
unset($oldcontexts);
unset($newcontexts);
// ======= $context->reset_paths() ======================================
$context = context_course::instance($testcourses[2]);
$children = $context->get_child_contexts();
$context->reset_paths(false);
$this->assertSame($DB->get_field('context', 'path', array('id'=>$context->id)), NULL);
$this->assertEquals($DB->get_field('context', 'depth', array('id'=>$context->id)), 0);
foreach ($children as $child) {
$this->assertSame($DB->get_field('context', 'path', array('id'=>$child->id)), NULL);
$this->assertEquals($DB->get_field('context', 'depth', array('id'=>$child->id)), 0);
}
$this->assertEquals(count($children)+1, $DB->count_records('context', array('depth'=>0)));
$this->assertEquals(count($children)+1, $DB->count_records('context', array('path'=>NULL)));
$context = context_course::instance($testcourses[2]);
$context->reset_paths(true);
$context = context_course::instance($testcourses[2]);
$this->assertEquals($DB->get_field('context', 'path', array('id'=>$context->id)), $context->path);
$this->assertEquals($DB->get_field('context', 'depth', array('id'=>$context->id)), $context->depth);
$this->assertEquals(0, $DB->count_records('context', array('depth'=>0)));
$this->assertEquals(0, $DB->count_records('context', array('path'=>NULL)));
// ====== $context->update_moved(); ======================================
accesslib_clear_all_caches(false);
$DB->delete_records('cache_flags', array());
$course = $DB->get_record('course', array('id'=>$testcourses[0]));
$context = context_course::instance($course->id);
$oldpath = $context->path;
$miscid = $DB->get_field_sql("SELECT MIN(id) FROM {course_categories}");
$categorycontext = context_coursecat::instance($miscid);
$course->category = $miscid;
$DB->update_record('course', $course);
$context->update_moved($categorycontext);
$context = context_course::instance($course->id);
$this->assertEquals($context->get_parent_context(), $categorycontext);
$dirty = get_cache_flags('accesslib/dirtycontexts', time()-2);
$this->assertTrue(isset($dirty[$oldpath]));
$this->assertTrue(isset($dirty[$context->path]));
// ====== $context->delete_content() =====================================
context_helper::reset_caches();
$context = context_module::instance($testpages[3]);
$this->assertTrue($DB->record_exists('context', array('id'=>$context->id)));
$this->assertEquals(1, $DB->count_records('block_instances', array('parentcontextid'=>$context->id)));
$context->delete_content();
$this->assertTrue($DB->record_exists('context', array('id'=>$context->id)));
$this->assertEquals(0, $DB->count_records('block_instances', array('parentcontextid'=>$context->id)));
// ====== $context->delete() =============================
context_helper::reset_caches();
$context = context_module::instance($testpages[4]);
$this->assertTrue($DB->record_exists('context', array('id'=>$context->id)));
$this->assertEquals(1, $DB->count_records('block_instances', array('parentcontextid'=>$context->id)));
$bi = $DB->get_record('block_instances', array('parentcontextid'=>$context->id));
$bicontext = context_block::instance($bi->id);
$DB->delete_records('cache_flags', array());
$context->delete(); // should delete also linked blocks
$dirty = get_cache_flags('accesslib/dirtycontexts', time()-2);
$this->assertTrue(isset($dirty[$context->path]));
$this->assertFalse($DB->record_exists('context', array('id'=>$context->id)));
$this->assertFalse($DB->record_exists('context', array('id'=>$bicontext->id)));
$this->assertFalse($DB->record_exists('context', array('contextlevel'=>CONTEXT_MODULE, 'instanceid'=>$testpages[4])));
$this->assertFalse($DB->record_exists('context', array('contextlevel'=>CONTEXT_BLOCK, 'instanceid'=>$bi->id)));
$this->assertEquals(0, $DB->count_records('block_instances', array('parentcontextid'=>$context->id)));
context_module::instance($testpages[4]);
// ====== context_helper::delete_instance() =============================
context_helper::reset_caches();
$lastcourse = array_pop($testcourses);
$this->assertTrue($DB->record_exists('context', array('contextlevel'=>CONTEXT_COURSE, 'instanceid'=>$lastcourse)));
$coursecontext = context_course::instance($lastcourse);
$this->assertEquals(context_inspection::test_context_cache_size(), 1);
$this->assertFalse($coursecontext->instanceid == CONTEXT_COURSE);
$DB->delete_records('cache_flags', array());
context_helper::delete_instance(CONTEXT_COURSE, $lastcourse);
$dirty = get_cache_flags('accesslib/dirtycontexts', time()-2);
$this->assertTrue(isset($dirty[$coursecontext->path]));
$this->assertEquals(context_inspection::test_context_cache_size(), 0);
$this->assertFalse($DB->record_exists('context', array('contextlevel'=>CONTEXT_COURSE, 'instanceid'=>$lastcourse)));
context_course::instance($lastcourse);
// ======= context_helper::create_instances() ==========================
$prevcount = $DB->count_records('context');
$DB->delete_records('context', array('contextlevel'=>CONTEXT_BLOCK));
context_helper::create_instances(null, true);
$this->assertSame($DB->count_records('context'), $prevcount);
$this->assertEquals($DB->count_records('context', array('depth'=>0)), 0);
$this->assertEquals($DB->count_records('context', array('path'=>NULL)), 0);
$DB->delete_records('context', array('contextlevel'=>CONTEXT_BLOCK));
$DB->delete_records('block_instances', array());
$prevcount = $DB->count_records('context');
$DB->delete_records_select('context', 'contextlevel <> '.CONTEXT_SYSTEM);
context_helper::create_instances(null, true);
$this->assertSame($DB->count_records('context'), $prevcount);
$this->assertEquals($DB->count_records('context', array('depth'=>0)), 0);
$this->assertEquals($DB->count_records('context', array('path'=>NULL)), 0);
// ======= context_helper::cleanup_instances() ==========================
$lastcourse = $DB->get_field_sql("SELECT MAX(id) FROM {course}");
$DB->delete_records('course', array('id'=>$lastcourse));
$lastcategory = $DB->get_field_sql("SELECT MAX(id) FROM {course_categories}");
$DB->delete_records('course_categories', array('id'=>$lastcategory));
$lastuser = $DB->get_field_sql("SELECT MAX(id) FROM {user} WHERE deleted=0");
$DB->delete_records('user', array('id'=>$lastuser));
$DB->delete_records('block_instances', array('parentcontextid'=>$frontpagepagecontext->id));
$DB->delete_records('course_modules', array('id'=>$frontpagepagecontext->instanceid));
context_helper::cleanup_instances();
$count = 1; //system
$count += $DB->count_records('user', array('deleted'=>0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEquals($DB->count_records('context'), $count);
// ======= context cache size restrictions ==============================
$testusers= array();
for ($i=0; $i<CONTEXT_CACHE_MAX_SIZE + 100; $i++) {
$user = $generator->create_user();
$testusers[$i] = $user->id;
}
context_helper::create_instances(null, true);
context_helper::reset_caches();
for ($i=0; $i<CONTEXT_CACHE_MAX_SIZE + 100; $i++) {
context_user::instance($testusers[$i]);
if ($i == CONTEXT_CACHE_MAX_SIZE - 1) {
$this->assertEquals(context_inspection::test_context_cache_size(), CONTEXT_CACHE_MAX_SIZE);
} else if ($i == CONTEXT_CACHE_MAX_SIZE) {
// once the limit is reached roughly 1/3 of records should be removed from cache
$this->assertEquals(context_inspection::test_context_cache_size(), (int)(CONTEXT_CACHE_MAX_SIZE * (2/3) +102));
}
}
// We keep the first 100 cached
$prevsize = context_inspection::test_context_cache_size();
for ($i=0; $i<100; $i++) {
context_user::instance($testusers[$i]);
$this->assertEquals(context_inspection::test_context_cache_size(), $prevsize);
}
context_user::instance($testusers[102]);
$this->assertEquals(context_inspection::test_context_cache_size(), $prevsize+1);
unset($testusers);
// =================================================================
// ======= basic test of legacy functions ==========================
// =================================================================
// note: watch out, the fake site might be pretty borked already
$this->assertSame(get_system_context(), context_system::instance());
foreach ($DB->get_records('context') as $contextid=>$record) {
$context = context::instance_by_id($contextid);
$this->assertSame(get_context_instance_by_id($contextid), $context);
$this->assertSame(get_context_instance($record->contextlevel, $record->instanceid), $context);
$this->assertSame(get_parent_contexts($context), $context->get_parent_context_ids());
if ($context->id == SYSCONTEXTID) {
$this->assertSame(get_parent_contextid($context), false);
} else {
$this->assertSame(get_parent_contextid($context), $context->get_parent_context()->id);
}
}
$CFG->debug = 0;
$children = get_child_contexts($systemcontext);
$CFG->debug = DEBUG_DEVELOPER;
$this->assertEquals(count($children), $DB->count_records('context')-1);
unset($children);
$DB->delete_records('context', array('contextlevel'=>CONTEXT_BLOCK));
create_contexts();
$this->assertFalse($DB->record_exists('context', array('contextlevel'=>CONTEXT_BLOCK)));
$DB->set_field('context', 'depth', 0, array('contextlevel'=>CONTEXT_BLOCK));
build_context_path();
$this->assertFalse($DB->record_exists('context', array('depth'=>0)));
$lastcourse = $DB->get_field_sql("SELECT MAX(id) FROM {course}");
$DB->delete_records('course', array('id'=>$lastcourse));
$lastcategory = $DB->get_field_sql("SELECT MAX(id) FROM {course_categories}");
$DB->delete_records('course_categories', array('id'=>$lastcategory));
$lastuser = $DB->get_field_sql("SELECT MAX(id) FROM {user} WHERE deleted=0");
$DB->delete_records('user', array('id'=>$lastuser));
$DB->delete_records('block_instances', array('parentcontextid'=>$frontpagepagecontext->id));
$DB->delete_records('course_modules', array('id'=>$frontpagepagecontext->instanceid));
cleanup_contexts();
$count = 1; //system
$count += $DB->count_records('user', array('deleted'=>0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEquals($DB->count_records('context'), $count);
context_helper::reset_caches();
preload_course_contexts($SITE->id);
$this->assertEquals(context_inspection::test_context_cache_size(), 1);
context_helper::reset_caches();
list($select, $join) = context_instance_preload_sql('c.id', CONTEXT_COURSECAT, 'ctx');
$sql = "SELECT c.id $select FROM {course_categories} c $join";
$records = $DB->get_records_sql($sql);
foreach ($records as $record) {
context_instance_preload($record);
$record = (array)$record;
$this->assertEquals(1, count($record)); // only id left
}
$this->assertEquals(count($records), context_inspection::test_context_cache_size());
accesslib_clear_all_caches(true);
$DB->delete_records('cache_flags', array());
mark_context_dirty($systemcontext->path);
$dirty = get_cache_flags('accesslib/dirtycontexts', time()-2);
$this->assertTrue(isset($dirty[$systemcontext->path]));
accesslib_clear_all_caches(false);
$DB->delete_records('cache_flags', array());
$course = $DB->get_record('course', array('id'=>$testcourses[2]));
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$oldpath = $context->path;
$miscid = $DB->get_field_sql("SELECT MIN(id) FROM {course_categories}");
$categorycontext = context_coursecat::instance($miscid);
$course->category = $miscid;
$DB->update_record('course', $course);
context_moved($context, $categorycontext);
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$this->assertEquals($context->get_parent_context(), $categorycontext);
$this->assertTrue($DB->record_exists('context', array('contextlevel'=>CONTEXT_COURSE, 'instanceid'=>$testcourses[2])));
delete_context(CONTEXT_COURSE, $testcourses[2]);
$this->assertFalse($DB->record_exists('context', array('contextlevel'=>CONTEXT_COURSE, 'instanceid'=>$testcourses[2])));
$name = get_contextlevel_name(CONTEXT_COURSE);
$this->assertFalse(empty($name));
$context = get_context_instance(CONTEXT_COURSE, $testcourses[2]);
$name = print_context_name($context);
$this->assertFalse(empty($name));
$url = get_context_url($coursecontext);
$this->assertFalse($url instanceof modole_url);
$page = $DB->get_record('page', array('id'=>$testpages[7]));
$context = get_context_instance(CONTEXT_MODULE, $page->id);
$coursecontext = get_course_context($context);
$this->assertEquals($coursecontext->contextlevel, CONTEXT_COURSE);
$this->assertEquals(get_courseid_from_context($context), $page->course);
$caps = fetch_context_capabilities($systemcontext);
$this->assertTrue(is_array($caps));
unset($caps);
}
function moodlebook_require_login($courseorid = NULL, $autologinguest = true, $cm = NULL, $setwantsurltome = true, $preventredirect = false)
{
global $CFG, $SESSION, $USER, $FULLME, $DB;
// setup global $COURSE, themes, language and locale
if (!empty($courseorid)) {
if (is_object($courseorid)) {
$course = $courseorid;
} else {
if ($courseorid == SITEID) {
$course = clone $SITE;
} else {
$course = $DB->get_record('course', array('id' => $courseorid), '*', MUST_EXIST);
}
}
if ($cm) {
if ($cm->course != $course->id) {
throw new coding_exception('course and cm parameters in require_login() call do not match!!');
}
// make sure we have a $cm from get_fast_modinfo as this contains activity access details
if (!$cm instanceof cm_info) {
// note: nearly all pages call get_fast_modinfo anyway and it does not make any
// db queries so this is not really a performance concern, however it is obviously
// better if you use get_fast_modinfo to get the cm before calling this.
$modinfo = get_fast_modinfo($course);
$cm = $modinfo->get_cm($cm->id);
}
}
} else {
// do not touch global $COURSE via $PAGE->set_course(),
// the reasons is we need to be able to call require_login() at any time!!
$course = $SITE;
if ($cm) {
throw new coding_exception('cm parameter in require_login() requires valid course parameter!');
}
}
// If the user is not even logged in yet then make sure they are
if (!isloggedin()) {
if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests)) {
if (!($guest = get_complete_user_data('id', $CFG->siteguest))) {
// misconfigured site guest, just redirect to login page
redirect(get_login_url());
exit;
// never reached
}
$lang = isset($SESSION->lang) ? $SESSION->lang : $CFG->lang;
complete_user_login($guest);
$USER->autologinguest = true;
$SESSION->lang = $lang;
} else {
//NOTE: $USER->site check was obsoleted by session test cookie,
// $USER->confirmed test is in login/index.php
if ($preventredirect) {
throw new require_login_exception('You are not logged in');
}
if ($setwantsurltome) {
// TODO: switch to PAGE->url
$SESSION->wantsurl = $FULLME;
}
if (!empty($_SERVER['HTTP_REFERER'])) {
$SESSION->fromurl = $_SERVER['HTTP_REFERER'];
}
redirect(get_login_url());
exit;
// never reached
}
}
// loginas as redirection if needed
if ($course->id != SITEID and session_is_loggedinas()) {
if ($USER->loginascontext->contextlevel == CONTEXT_COURSE) {
if ($USER->loginascontext->instanceid != $course->id) {
print_error('loginasonecourse', '', $CFG->wwwroot . '/course/view.php?id=' . $USER->loginascontext->instanceid);
}
}
}
// check whether the user should be changing password (but only if it is REALLY them)
if (get_user_preferences('auth_forcepasswordchange') && !session_is_loggedinas()) {
$userauth = get_auth_plugin($USER->auth);
if ($userauth->can_change_password() and !$preventredirect) {
$SESSION->wantsurl = $FULLME;
if ($changeurl = $userauth->change_password_url()) {
//use plugin custom url
redirect($changeurl);
} else {
//use moodle internal method
if (empty($CFG->loginhttps)) {
redirect($CFG->wwwroot . '/login/change_password.php');
} else {
$wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
redirect($wwwroot . '/login/change_password.php');
}
}
} else {
print_error('nopasswordchangeforced', 'auth');
}
}
// Check that the user account is properly set up
if (user_not_fully_set_up($USER)) {
if ($preventredirect) {
throw new require_login_exception('User not fully set-up');
}
$SESSION->wantsurl = $FULLME;
redirect($CFG->wwwroot . '/user/edit.php?id=' . $USER->id . '&course=' . SITEID);
}
// Make sure the USER has a sesskey set up. Used for CSRF protection.
sesskey();
// Do not bother admins with any formalities
if (is_siteadmin()) {
return;
}
// Fetch the system context, the course context, and prefetch its child contexts
$sysctx = get_context_instance(CONTEXT_SYSTEM);
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id, MUST_EXIST);
if ($cm) {
$cmcontext = get_context_instance(CONTEXT_MODULE, $cm->id, MUST_EXIST);
} else {
$cmcontext = null;
}
// make sure the course itself is not hidden
if ($course->id == SITEID) {
// frontpage can not be hidden
} else {
if (is_role_switched($course->id)) {
// when switching roles ignore the hidden flag - user had to be in course to do the switch
} else {
if (!$course->visible and !has_capability('moodle/course:viewhiddencourses', $coursecontext)) {
// originally there was also test of parent category visibility,
// BUT is was very slow in complex queries involving "my courses"
// now it is also possible to simply hide all courses user is not enrolled in :-)
if ($preventredirect) {
throw new require_login_exception('Course is hidden');
}
notice(get_string('coursehidden'), $CFG->wwwroot . '/');
}
}
}
// is the user enrolled?
if ($course->id == SITEID) {
// everybody is enrolled on the frontpage
} else {
if (session_is_loggedinas()) {
// Make sure the REAL person can access this course first
$realuser = session_get_realuser();
if (!is_enrolled($coursecontext, $realuser->id, '', true) and !is_viewing($coursecontext, $realuser->id) and !is_siteadmin($realuser->id)) {
if ($preventredirect) {
throw new require_login_exception('Invalid course login-as access');
}
echo $OUTPUT->header();
notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot . '/');
}
}
// very simple enrolment caching - changes in course setting are not reflected immediately
if (!isset($USER->enrol)) {
$USER->enrol = array();
$USER->enrol['enrolled'] = array();
$USER->enrol['tempguest'] = array();
}
$access = false;
if (is_viewing($coursecontext, $USER)) {
// ok, no need to mess with enrol
$access = true;
} else {
if (isset($USER->enrol['enrolled'][$course->id])) {
if ($USER->enrol['enrolled'][$course->id] == 0) {
$access = true;
} else {
if ($USER->enrol['enrolled'][$course->id] > time()) {
$access = true;
} else {
//expired
unset($USER->enrol['enrolled'][$course->id]);
}
}
}
if (isset($USER->enrol['tempguest'][$course->id])) {
if ($USER->enrol['tempguest'][$course->id] == 0) {
$access = true;
} else {
if ($USER->enrol['tempguest'][$course->id] > time()) {
$access = true;
} else {
//expired
unset($USER->enrol['tempguest'][$course->id]);
$USER->access = remove_temp_roles($coursecontext, $USER->access);
}
}
}
if ($access) {
// cache ok
} else {
if (is_enrolled($coursecontext, $USER, '', true)) {
// active participants may always access
// TODO: refactor this into some new function
$now = time();
$sql = "SELECT MAX(ue.timeend)\n FROM {user_enrolments} ue\n JOIN {enrol} e ON (e.id = ue.enrolid AND e.courseid = :courseid)\n JOIN {user} u ON u.id = ue.userid\n WHERE ue.userid = :userid AND ue.status = :active AND e.status = :enabled AND u.deleted = 0\n AND ue.timestart < :now1 AND (ue.timeend = 0 OR ue.timeend > :now2)";
$params = array('enabled' => ENROL_INSTANCE_ENABLED, 'active' => ENROL_USER_ACTIVE, 'userid' => $USER->id, 'courseid' => $coursecontext->instanceid, 'now1' => $now, 'now2' => $now);
$until = $DB->get_field_sql($sql, $params);
if (!$until or $until > time() + ENROL_REQUIRE_LOGIN_CACHE_PERIOD) {
$until = time() + ENROL_REQUIRE_LOGIN_CACHE_PERIOD;
}
$USER->enrol['enrolled'][$course->id] = $until;
$access = true;
// remove traces of previous temp guest access
if (function_exists('remove_temp_course_roles')) {
if ($coursecontext->instanceid !== SITEID) {
remove_temp_course_roles($coursecontext);
}
} else {
$USER->access = remove_temp_roles($coursecontext, $USER->access);
}
} else {
$instances = $DB->get_records('enrol', array('courseid' => $course->id, 'status' => ENROL_INSTANCE_ENABLED), 'sortorder, id ASC');
$enrols = enrol_get_plugins(true);
// first ask all enabled enrol instances in course if they want to auto enrol user
foreach ($instances as $instance) {
if (!isset($enrols[$instance->enrol])) {
continue;
}
// Get a duration for the guestaccess, a timestamp in the future or false.
$until = $enrols[$instance->enrol]->try_autoenrol($instance);
if ($until !== false) {
$USER->enrol['enrolled'][$course->id] = $until;
$USER->access = remove_temp_roles($coursecontext, $USER->access);
$access = true;
break;
}
}
// if not enrolled yet try to gain temporary guest access
if (!$access) {
foreach ($instances as $instance) {
if (!isset($enrols[$instance->enrol])) {
continue;
}
// Get a duration for the guestaccess, a timestamp in the future or false.
$until = $enrols[$instance->enrol]->try_guestaccess($instance);
if ($until !== false) {
$USER->enrol['tempguest'][$course->id] = $until;
$access = true;
break;
}
}
}
}
}
}
if (!$access) {
if ($preventredirect) {
throw new require_login_exception('Not enrolled');
}
$SESSION->wantsurl = $FULLME;
redirect($CFG->wwwroot . '/enrol/index.php?id=' . $course->id);
}
}
// Check visibility of activity to current user; includes visible flag, groupmembersonly,
// conditional availability, etc
if ($cm && !$cm->uservisible) {
if ($preventredirect) {
throw new require_login_exception('Activity is hidden');
}
redirect($CFG->wwwroot, get_string('activityiscurrentlyhidden'));
}
}
/**
* Creates course enrol form, checks if form submitted
* and enrols user if necessary. It can also redirect.
*
* @param stdClass $instance
* @return string html text, usually a form in a text box
*/
public function enrol_page_hook(stdClass $instance)
{
global $CFG, $OUTPUT, $SESSION, $USER;
if ($instance->password === '') {
return null;
}
if (isset($USER->enrol['tempguest'][$instance->courseid]) and $USER->enrol['tempguest'][$instance->courseid] > time()) {
// no need to show the guest access when user can already enter course as guest
return null;
}
require_once "{$CFG->dirroot}/enrol/guest/locallib.php";
$form = new enrol_guest_enrol_form(NULL, $instance);
$instanceid = optional_param('instance', 0, PARAM_INT);
if ($instance->id == $instanceid) {
if ($data = $form->get_data()) {
// add guest role
$context = context_course::instance($instance->courseid);
$USER->enrol_guest_passwords[$instance->id] = $data->guestpassword;
// this is a hack, ideally we should not add stuff to $USER...
if (isset($USER->enrol['tempguest'][$instance->courseid])) {
remove_temp_course_roles($context);
}
load_temp_course_role($context, $CFG->guestroleid);
$USER->enrol['tempguest'][$instance->courseid] = ENROL_MAX_TIMESTAMP;
// go to the originally requested page
if (!empty($SESSION->wantsurl)) {
$destination = $SESSION->wantsurl;
unset($SESSION->wantsurl);
} else {
$destination = "{$CFG->wwwroot}/course/view.php?id={$instance->courseid}";
}
redirect($destination);
}
}
ob_start();
$form->display();
$output = ob_get_clean();
return $OUTPUT->box($output, 'generalbox');
}
/**
* A small functional test of accesslib functions and classes.
*/
public function test_everything_in_accesslib()
{
global $USER, $SITE, $CFG, $DB, $ACCESSLIB_PRIVATE;
// First of all finalize the session, we must not carry over any of this mess to the next page via SESSION!!!
session_get_instance()->write_close();
// hack - this is going to take very long time
set_time_limit(3600);
// Get rid of current user that would not work anyway,
// do NOT even think about using $this->switch_global_user_id()!
if (!isset($this->accesslibprevuser)) {
$this->accesslibprevuser = clone $USER;
$USER = new stdClass();
$USER->id = 0;
}
// Backup $SITE global
if (!isset($this->accesslibprevsite)) {
$this->accesslibprevsite = $SITE;
}
// Switch DB, if it somehow fails or you specified wrong unittest prefix it will nuke real data, you have been warned!
$this->switch_to_test_db();
// Let's switch the CFG
$prevcfg = clone $CFG;
$this->switch_to_test_cfg();
$CFG->config_php_settings = $prevcfg->config_php_settings;
$CFG->noemailever = true;
$CFG->admin = $prevcfg->admin;
$CFG->lang = 'en';
$CFG->tempdir = $prevcfg->tempdir;
$CFG->cachedir = $prevcfg->cachedir;
$CFG->directorypermissions = $prevcfg->directorypermissions;
$CFG->filepermissions = $prevcfg->filepermissions;
// Reset all caches
accesslib_clear_all_caches_for_unit_testing();
// Add some core tables - this is known to break constantly because we keep adding dependencies...
$tablenames = array('config', 'config_plugins', 'modules', 'course', 'course_modules', 'course_sections', 'course_categories', 'mnet_host', 'mnet_application', 'capabilities', 'context', 'context_temp', 'role', 'role_capabilities', 'role_allow_switch', 'license', 'my_pages', 'block', 'block_instances', 'block_positions', 'role_allow_assign', 'role_allow_override', 'role_assignments', 'role_context_levels', 'enrol', 'user_enrolments', 'filter_active', 'filter_config', 'comments', 'user', 'groups_members', 'cache_flags', 'events_handlers', 'user_lastaccess', 'rating', 'files', 'role_names', 'user_preferences');
$this->create_test_tables($tablenames, 'lib');
// Create all core default records and default settings
require_once "{$CFG->libdir}/db/install.php";
xmldb_main_install();
// installs the capabilities too
// Fake mod_page install
$tablenames = array('page');
$this->create_test_tables($tablenames, 'mod/page');
$module = new stdClass();
require $CFG->dirroot . '/mod/page/version.php';
$module->name = 'page';
$pagemoduleid = $DB->insert_record('modules', $module);
update_capabilities('mod_page');
// Fake block_online_users install
$plugin = new stdClass();
$plugin->version = NULL;
$plugin->cron = 0;
include $CFG->dirroot . '/blocks/online_users/version.php';
$plugin->name = 'online_users';
$onlineusersblockid = $DB->insert_record('block', $plugin);
update_capabilities('block_online_users');
// Finish roles setup
set_config('defaultfrontpageroleid', $DB->get_field('role', 'id', array('archetype' => 'frontpage')));
set_config('defaultuserroleid', $DB->get_field('role', 'id', array('archetype' => 'user')));
set_config('notloggedinroleid', $DB->get_field('role', 'id', array('archetype' => 'guest')));
set_config('rolesactive', 1);
// Init manual enrol
set_config('status', ENROL_INSTANCE_ENABLED, 'enrol_manual');
set_config('defaultperiod', 0, 'enrol_manual');
$manualenrol = enrol_get_plugin('manual');
// Fill the site with some real data
$testcategories = array();
$testcourses = array();
$testpages = array();
$testblocks = array();
$allroles = $DB->get_records_menu('role', array(), 'id', 'archetype, id');
$systemcontext = context_system::instance();
$frontpagecontext = context_course::instance(SITEID);
// Add block to system context
$bi = new stdClass();
$bi->blockname = 'online_users';
$bi->parentcontextid = $systemcontext->id;
$bi->showinsubcontexts = 1;
$bi->pagetypepattern = '';
$bi->subpagepattern = '';
$bi->defaultregion = '';
$bi->defaultweight = 0;
$bi->configdata = '';
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
$testblocks[] = $biid;
// Some users
$testusers = array();
for ($i = 0; $i < 20; $i++) {
$user = new stdClass();
$user->auth = 'manual';
$user->firstname = 'user' . $i;
$user->lastname = 'user' . $i;
$user->username = '******' . $i;
$user->password = '******';
$user->email = "user{$i}@example.com";
$user->confirmed = 1;
$user->mnethostid = $CFG->mnet_localhost_id;
$user->lang = $CFG->lang;
$user->maildisplay = 1;
$user->timemodified = time();
$user->deleted = 0;
$user->lastip = '0.0.0.0';
$userid = $DB->insert_record('user', $user);
$testusers[$i] = $userid;
$usercontext = context_user::instance($userid);
// Add block to user profile
$bi->parentcontextid = $usercontext->id;
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
$testblocks[] = $biid;
}
// Deleted user - should be ignored everywhere, can not have context
$user = new stdClass();
$user->auth = 'manual';
$user->firstname = '';
$user->lastname = '';
$user->username = '******';
$user->password = '';
$user->email = '';
$user->confirmed = 1;
$user->mnethostid = $CFG->mnet_localhost_id;
$user->lang = $CFG->lang;
$user->maildisplay = 1;
$user->timemodified = time();
$user->deleted = 1;
$user->lastip = '0.0.0.0';
$DB->insert_record('user', $user);
unset($user);
// Add block to frontpage
$bi->parentcontextid = $frontpagecontext->id;
$biid = $DB->insert_record('block_instances', $bi);
$frontpageblockcontext = context_block::instance($biid);
$testblocks[] = $biid;
// Add a resource to frontpage
$page = new stdClass();
$page->course = $SITE->id;
$page->intro = '...';
$page->introformat = FORMAT_HTML;
$page->content = '...';
$page->contentformat = FORMAT_HTML;
$pageid = $DB->insert_record('page', $page);
$testpages[] = $pageid;
$cm = new stdClass();
$cm->course = $SITE->id;
$cm->module = $pagemoduleid;
$cm->section = 1;
$cm->instance = $pageid;
$cmid = $DB->insert_record('course_modules', $cm);
$frontpagepagecontext = context_module::instance($cmid);
// Add block to frontpage resource
$bi->parentcontextid = $frontpagepagecontext->id;
$biid = $DB->insert_record('block_instances', $bi);
$frontpagepageblockcontext = context_block::instance($biid);
$testblocks[] = $biid;
// Some nested course categories with courses
require_once "{$CFG->dirroot}/course/lib.php";
$path = '';
$parentcat = 0;
for ($i = 0; $i < 5; $i++) {
$cat = new stdClass();
$cat->name = 'category' . $i;
$cat->parent = $parentcat;
$cat->depth = $i + 1;
$cat->sortorder = MAX_COURSES_IN_CATEGORY * ($i + 2);
$cat->timemodified = time();
$catid = $DB->insert_record('course_categories', $cat);
$path = $path . '/' . $catid;
$DB->set_field('course_categories', 'path', $path, array('id' => $catid));
$parentcat = $catid;
$testcategories[] = $catid;
$catcontext = context_coursecat::instance($catid);
if ($i >= 4) {
continue;
}
// Add resource to each category
$bi->parentcontextid = $catcontext->id;
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
// Add a few courses to each category
for ($j = 0; $j < 6; $j++) {
$course = new stdClass();
$course->fullname = 'course' . $j;
$course->shortname = 'c' . $j;
$course->summary = 'bah bah bah';
$course->newsitems = 0;
$course->numsections = 1;
$course->category = $catid;
$course->format = 'topics';
$course->timecreated = time();
$course->visible = 1;
$course->timemodified = $course->timecreated;
$courseid = $DB->insert_record('course', $course);
$section = new stdClass();
$section->course = $courseid;
$section->section = 0;
$section->summaryformat = FORMAT_HTML;
$DB->insert_record('course_sections', $section);
$section->section = 1;
$DB->insert_record('course_sections', $section);
$testcourses[] = $courseid;
$coursecontext = context_course::instance($courseid);
if ($j >= 5) {
continue;
}
// Add manual enrol instance
$manualenrol->add_default_instance($DB->get_record('course', array('id' => $courseid)));
// Add block to each course
$bi->parentcontextid = $coursecontext->id;
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
$testblocks[] = $biid;
// Add a resource to each course
$page->course = $courseid;
$pageid = $DB->insert_record('page', $page);
$testpages[] = $pageid;
$cm->course = $courseid;
$cm->instance = $pageid;
$cm->id = $DB->insert_record('course_modules', $cm);
$modcontext = context_module::instance($cm->id);
// Add block to each module
$bi->parentcontextid = $modcontext->id;
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
$testblocks[] = $biid;
}
}
// Make sure all contexts were created properly
$count = 1;
//system
$count += $DB->count_records('user', array('deleted' => 0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEqual($DB->count_records('context'), $count);
$this->assertEqual($DB->count_records('context', array('depth' => 0)), 0);
$this->assertEqual($DB->count_records('context', array('path' => NULL)), 0);
// ====== context_helper::get_level_name() ================================
$levels = context_helper::get_all_levels();
foreach ($levels as $level => $classname) {
$name = context_helper::get_level_name($level);
$this->assertFalse(empty($name));
}
// ======= context::instance_by_id(), context_xxx::instance();
$context = context::instance_by_id($frontpagecontext->id);
$this->assertidentical($context->contextlevel, CONTEXT_COURSE);
$this->assertFalse(context::instance_by_id(-1, IGNORE_MISSING));
try {
context::instance_by_id(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$this->assertTrue(context_system::instance() instanceof context_system);
$this->assertTrue(context_coursecat::instance($testcategories[0]) instanceof context_coursecat);
$this->assertTrue(context_course::instance($testcourses[0]) instanceof context_course);
$this->assertTrue(context_module::instance($testpages[0]) instanceof context_module);
$this->assertTrue(context_block::instance($testblocks[0]) instanceof context_block);
$this->assertFalse(context_coursecat::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_course::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_module::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_block::instance(-1, IGNORE_MISSING));
try {
context_coursecat::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_course::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_module::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_block::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
// ======= $context->get_url(), $context->get_context_name(), $context->get_capabilities() =========
$testcontexts = array();
$testcontexts[CONTEXT_SYSTEM] = context_system::instance();
$testcontexts[CONTEXT_COURSECAT] = context_coursecat::instance($testcategories[0]);
$testcontexts[CONTEXT_COURSE] = context_course::instance($testcourses[0]);
$testcontexts[CONTEXT_MODULE] = context_module::instance($testpages[0]);
$testcontexts[CONTEXT_BLOCK] = context_block::instance($testblocks[0]);
foreach ($testcontexts as $context) {
$name = $context->get_context_name(true, true);
$this->assertFalse(empty($name));
$this->assertTrue($context->get_url() instanceof moodle_url);
$caps = $context->get_capabilities();
$this->assertTrue(is_array($caps));
foreach ($caps as $cap) {
$cap = (array) $cap;
$this->assertIdentical(array_keys($cap), array('id', 'name', 'captype', 'contextlevel', 'component', 'riskbitmask'));
}
}
unset($testcontexts);
// ===== $context->get_course_context() =========================================
$this->assertFalse($systemcontext->get_course_context(false));
try {
$systemcontext->get_course_context();
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$context = context_coursecat::instance($testcategories[0]);
$this->assertFalse($context->get_course_context(false));
try {
$context->get_course_context();
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$this->assertIdentical($frontpagecontext->get_course_context(true), $frontpagecontext);
$this->assertIdentical($frontpagepagecontext->get_course_context(true), $frontpagecontext);
$this->assertIdentical($frontpagepageblockcontext->get_course_context(true), $frontpagecontext);
// ======= $context->get_parent_context(), $context->get_parent_contexts(), $context->get_parent_context_ids() =======
$userid = reset($testusers);
$usercontext = context_user::instance($userid);
$this->assertIdentical($usercontext->get_parent_context(), $systemcontext);
$this->assertIdentical($usercontext->get_parent_contexts(), array($systemcontext->id => $systemcontext));
$this->assertIdentical($usercontext->get_parent_contexts(true), array($usercontext->id => $usercontext, $systemcontext->id => $systemcontext));
$this->assertIdentical($systemcontext->get_parent_contexts(), array());
$this->assertIdentical($systemcontext->get_parent_contexts(true), array($systemcontext->id => $systemcontext));
$this->assertIdentical($systemcontext->get_parent_context_ids(), array());
$this->assertIdentical($systemcontext->get_parent_context_ids(true), array($systemcontext->id));
$this->assertIdentical($frontpagecontext->get_parent_context(), $systemcontext);
$this->assertIdentical($frontpagecontext->get_parent_contexts(), array($systemcontext->id => $systemcontext));
$this->assertIdentical($frontpagecontext->get_parent_contexts(true), array($frontpagecontext->id => $frontpagecontext, $systemcontext->id => $systemcontext));
$this->assertIdentical($frontpagecontext->get_parent_context_ids(), array($systemcontext->id));
$this->assertEqual($frontpagecontext->get_parent_context_ids(true), array($frontpagecontext->id, $systemcontext->id));
$this->assertIdentical($systemcontext->get_parent_context(), false);
$frontpagecontext = context_course::instance($SITE->id);
$parent = $systemcontext;
foreach ($testcategories as $catid) {
$catcontext = context_coursecat::instance($catid);
$this->assertIdentical($catcontext->get_parent_context(), $parent);
$parent = $catcontext;
}
$this->assertIdentical($frontpagepagecontext->get_parent_context(), $frontpagecontext);
$this->assertIdentical($frontpageblockcontext->get_parent_context(), $frontpagecontext);
$this->assertIdentical($frontpagepageblockcontext->get_parent_context(), $frontpagepagecontext);
// ====== $context->get_child_contexts() ================================
$children = $systemcontext->get_child_contexts();
$this->assertEqual(count($children) + 1, $DB->count_records('context'));
$context = context_coursecat::instance($testcategories[3]);
$children = $context->get_child_contexts();
$countcats = 0;
$countcourses = 0;
$countblocks = 0;
foreach ($children as $child) {
if ($child->contextlevel == CONTEXT_COURSECAT) {
$countcats++;
}
if ($child->contextlevel == CONTEXT_COURSE) {
$countcourses++;
}
if ($child->contextlevel == CONTEXT_BLOCK) {
$countblocks++;
}
}
$this->assertEqual(count($children), 8);
$this->assertEqual($countcats, 1);
$this->assertEqual($countcourses, 6);
$this->assertEqual($countblocks, 1);
$context = context_course::instance($testcourses[2]);
$children = $context->get_child_contexts();
$this->assertEqual(count($children), 3);
$context = context_module::instance($testpages[3]);
$children = $context->get_child_contexts();
$this->assertEqual(count($children), 1);
$context = context_block::instance($testblocks[1]);
$children = $context->get_child_contexts();
$this->assertEqual(count($children), 0);
unset($children);
unset($countcats);
unset($countcourses);
unset($countblocks);
// ======= context_helper::reset_caches() ============================
context_helper::reset_caches();
$this->assertEqual(context_inspection::test_context_cache_size(), 0);
context_course::instance($SITE->id);
$this->assertEqual(context_inspection::test_context_cache_size(), 1);
// ======= context preloading ========================================
context_helper::reset_caches();
$sql = "SELECT " . context_helper::get_preload_record_columns_sql('c') . "\n FROM {context} c\n WHERE c.contextlevel <> " . CONTEXT_SYSTEM;
$records = $DB->get_records_sql($sql);
$firstrecord = reset($records);
$columns = context_helper::get_preload_record_columns('c');
$firstrecord = (array) $firstrecord;
$this->assertIdentical(array_keys($firstrecord), array_values($columns));
context_helper::reset_caches();
foreach ($records as $record) {
context_helper::preload_from_record($record);
$this->assertIdentical($record, new stdClass());
}
$this->assertEqual(context_inspection::test_context_cache_size(), count($records));
unset($records);
unset($columns);
context_helper::reset_caches();
context_helper::preload_course($SITE->id);
$this->assertEqual(context_inspection::test_context_cache_size(), 4);
// ====== assign_capability(), unassign_capability() ====================
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertFalse($rc);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $allroles['teacher'], $frontpagecontext->id);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertEqual($rc->permission, CAP_ALLOW);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $allroles['teacher'], $frontpagecontext->id);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertEqual($rc->permission, CAP_ALLOW);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $allroles['teacher'], $frontpagecontext, true);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertEqual($rc->permission, CAP_PREVENT);
assign_capability('moodle/site:accessallgroups', CAP_INHERIT, $allroles['teacher'], $frontpagecontext);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertFalse($rc);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $allroles['teacher'], $frontpagecontext);
unassign_capability('moodle/site:accessallgroups', $allroles['teacher'], $frontpagecontext, true);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertFalse($rc);
unassign_capability('moodle/site:accessallgroups', $allroles['teacher'], $frontpagecontext->id, true);
unset($rc);
accesslib_clear_all_caches(false);
// must be done after assign_capability()
// ======= role_assign(), role_unassign(), role_unassign_all() ==============
$context = context_course::instance($testcourses[1]);
$this->assertEqual($DB->count_records('role_assignments', array('contextid' => $context->id)), 0);
role_assign($allroles['teacher'], $testusers[1], $context->id);
role_assign($allroles['teacher'], $testusers[2], $context->id);
role_assign($allroles['manager'], $testusers[1], $context->id);
$this->assertEqual($DB->count_records('role_assignments', array('contextid' => $context->id)), 3);
role_unassign($allroles['teacher'], $testusers[1], $context->id);
$this->assertEqual($DB->count_records('role_assignments', array('contextid' => $context->id)), 2);
role_unassign_all(array('contextid' => $context->id));
$this->assertEqual($DB->count_records('role_assignments', array('contextid' => $context->id)), 0);
unset($context);
accesslib_clear_all_caches(false);
// just in case
// ====== has_capability(), get_users_by_capability(), role_switch(), reload_all_capabilities() and friends ========================
$adminid = get_admin()->id;
$guestid = $CFG->siteguest;
// Enrol some users into some courses
$course1 = $DB->get_record('course', array('id' => $testcourses[22]), '*', MUST_EXIST);
$course2 = $DB->get_record('course', array('id' => $testcourses[7]), '*', MUST_EXIST);
$cms = $DB->get_records('course_modules', array('course' => $course1->id), 'id');
$cm1 = reset($cms);
$blocks = $DB->get_records('block_instances', array('parentcontextid' => context_module::instance($cm1->id)->id), 'id');
$block1 = reset($blocks);
$instance1 = $DB->get_record('enrol', array('enrol' => 'manual', 'courseid' => $course1->id));
$instance2 = $DB->get_record('enrol', array('enrol' => 'manual', 'courseid' => $course2->id));
for ($i = 0; $i < 9; $i++) {
$manualenrol->enrol_user($instance1, $testusers[$i], $allroles['student']);
}
$manualenrol->enrol_user($instance1, $testusers[8], $allroles['teacher']);
$manualenrol->enrol_user($instance1, $testusers[9], $allroles['editingteacher']);
for ($i = 10; $i < 15; $i++) {
$manualenrol->enrol_user($instance2, $testusers[$i], $allroles['student']);
}
$manualenrol->enrol_user($instance2, $testusers[15], $allroles['editingteacher']);
// Add tons of role assignments - the more the better
role_assign($allroles['coursecreator'], $testusers[11], context_coursecat::instance($testcategories[2]));
role_assign($allroles['manager'], $testusers[12], context_coursecat::instance($testcategories[1]));
role_assign($allroles['student'], $testusers[9], context_module::instance($cm1->id));
role_assign($allroles['teacher'], $testusers[8], context_module::instance($cm1->id));
role_assign($allroles['guest'], $testusers[13], context_course::instance($course1->id));
role_assign($allroles['teacher'], $testusers[7], context_block::instance($block1->id));
role_assign($allroles['manager'], $testusers[9], context_block::instance($block1->id));
role_assign($allroles['editingteacher'], $testusers[9], context_course::instance($course1->id));
role_assign($allroles['teacher'], $adminid, context_course::instance($course1->id));
role_assign($allroles['editingteacher'], $adminid, context_block::instance($block1->id));
// Add tons of overrides - the more the better
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultuserroleid, $frontpageblockcontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpageblockcontext, true);
assign_capability('moodle/block:view', CAP_PROHIBIT, $allroles['guest'], $frontpageblockcontext, true);
assign_capability('block/online_users:viewlist', CAP_PREVENT, $allroles['user'], $frontpageblockcontext, true);
assign_capability('block/online_users:viewlist', CAP_PREVENT, $allroles['student'], $frontpageblockcontext, true);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $CFG->defaultuserroleid, $frontpagepagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpagepagecontext, true);
assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $frontpagepagecontext, true);
assign_capability('mod/page:view', CAP_ALLOW, $allroles['user'], $frontpagepagecontext, true);
assign_capability('moodle/page:view', CAP_ALLOW, $allroles['student'], $frontpagepagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultuserroleid, $frontpagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpagecontext, true);
assign_capability('mod/page:view', CAP_ALLOW, $allroles['guest'], $frontpagecontext, true);
assign_capability('mod/page:view', CAP_PROHIBIT, $allroles['user'], $frontpagecontext, true);
assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $systemcontext, true);
accesslib_clear_all_caches(false);
// must be done after assign_capability()
// Extra tests for guests and not-logged-in users because they can not be verified by cross checking
// with get_users_by_capability() where they are ignored
$this->assertFalse(has_capability('moodle/block:view', $frontpageblockcontext, $guestid));
$this->assertFalse(has_capability('mod/page:view', $frontpagepagecontext, $guestid));
$this->assertTrue(has_capability('mod/page:view', $frontpagecontext, $guestid));
$this->assertFalse(has_capability('mod/page:view', $systemcontext, $guestid));
$this->assertFalse(has_capability('moodle/block:view', $frontpageblockcontext, 0));
$this->assertFalse(has_capability('mod/page:view', $frontpagepagecontext, 0));
$this->assertTrue(has_capability('mod/page:view', $frontpagecontext, 0));
$this->assertFalse(has_capability('mod/page:view', $systemcontext, 0));
$this->assertFalse(has_capability('moodle/course:create', $systemcontext, $testusers[11]));
$this->assertTrue(has_capability('moodle/course:create', context_coursecat::instance($testcategories[2]), $testusers[11]));
$this->assertFalse(has_capability('moodle/course:create', context_course::instance($testcourses[1]), $testusers[11]));
$this->assertTrue(has_capability('moodle/course:create', context_course::instance($testcourses[19]), $testusers[11]));
$this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[1]), $testusers[9]));
$this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[19]), $testusers[9]));
$this->assertFalse(has_capability('moodle/course:update', $systemcontext, $testusers[9]));
// Test the list of enrolled users
$coursecontext = context_course::instance($course1->id);
$enrolled = get_enrolled_users($coursecontext);
$this->assertEqual(count($enrolled), 10);
for ($i = 0; $i < 10; $i++) {
$this->assertTrue(isset($enrolled[$testusers[$i]]));
}
$enrolled = get_enrolled_users($coursecontext, 'moodle/course:update');
$this->assertEqual(count($enrolled), 1);
$this->assertTrue(isset($enrolled[$testusers[9]]));
unset($enrolled);
// role switching
$userid = $testusers[9];
$USER = $DB->get_record('user', array('id' => $userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
$this->assertFalse(is_role_switched($course1->id));
role_switch($allroles['student'], $coursecontext);
$this->assertTrue(is_role_switched($course1->id));
$this->assertEqual($USER->access['rsw'][$coursecontext->path], $allroles['student']);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
role_switch(0, $coursecontext);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
$userid = $adminid;
$USER = $DB->get_record('user', array('id' => $userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$blockcontext = context_block::instance($block1->id);
$this->assertTrue(has_capability('moodle/course:update', $blockcontext));
role_switch($allroles['student'], $coursecontext);
$this->assertEqual($USER->access['rsw'][$coursecontext->path], $allroles['student']);
$this->assertFalse(has_capability('moodle/course:update', $blockcontext));
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $blockcontext));
load_all_capabilities();
$this->assertTrue(has_capability('moodle/course:update', $blockcontext));
// temp course role for enrol
$DB->delete_records('cache_flags', array());
// this prevents problem with dirty contexts immediately resetting the temp role - this is a known problem...
$userid = $testusers[5];
$roleid = $allroles['editingteacher'];
$USER = $DB->get_record('user', array('id' => $userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
$this->assertFalse(isset($USER->access['ra'][$coursecontext->path][$roleid]));
load_temp_course_role($coursecontext, $roleid);
$this->assertEqual($USER->access['ra'][$coursecontext->path][$roleid], $roleid);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
remove_temp_course_roles($coursecontext);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext, $userid));
load_temp_course_role($coursecontext, $roleid);
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $coursecontext, $userid));
$USER = new stdClass();
$USER->id = 0;
// Now cross check has_capability() with get_users_by_capability(), each using different code paths,
// they have to be kept in sync, usually only one of them breaks, so we know when something is wrong,
// at the same time validate extra restrictions (guest read only no risks, admin exception, non existent and deleted users)
$contexts = $DB->get_records('context', array(), 'id');
$contexts = array_values($contexts);
$capabilities = $DB->get_records('capabilities', array(), 'id');
$capabilities = array_values($capabilities);
$roles = array($allroles['guest'], $allroles['user'], $allroles['teacher'], $allroles['editingteacher'], $allroles['coursecreator'], $allroles['manager']);
// Random time!
srand(666);
foreach ($testusers as $userid) {
// no guest or deleted
// each user gets 0-20 random roles
$rcount = rand(0, 10);
for ($j = 0; $j < $rcount; $j++) {
$roleid = $roles[rand(0, count($roles) - 1)];
$contextid = $contexts[rand(0, count($contexts) - 1)]->id;
role_assign($roleid, $userid, $contextid);
}
}
$permissions = array(CAP_ALLOW, CAP_PREVENT, CAP_INHERIT, CAP_PREVENT);
for ($j = 0; $j < 10000; $j++) {
$roleid = $roles[rand(0, count($roles) - 1)];
$contextid = $contexts[rand(0, count($contexts) - 1)]->id;
$permission = $permissions[rand(0, count($permissions) - 1)];
$capname = $capabilities[rand(0, count($capabilities) - 1)]->name;
assign_capability($capname, $permission, $roleid, $contextid, true);
}
unset($permissions);
unset($roles);
unset($contexts);
unset($users);
unset($capabilities);
accesslib_clear_all_caches(false);
// must be done after assign_capability()
// Test time - let's set up some real user, just in case the logic for USER affects the others...
$USER = $DB->get_record('user', array('id' => $testusers[3]));
load_all_capabilities();
$contexts = $DB->get_records('context', array(), 'id');
$users = $DB->get_records('user', array(), 'id', 'id');
$capabilities = $DB->get_records('capabilities', array(), 'id');
$users[0] = null;
// not-logged-in user
$users[-1] = null;
// non-existent user
foreach ($contexts as $crecord) {
$context = context::instance_by_id($crecord->id);
if ($coursecontext = $context->get_course_context(false)) {
$enrolled = get_enrolled_users($context);
} else {
$enrolled = array();
}
foreach ($capabilities as $cap) {
$allowed = get_users_by_capability($context, $cap->name, 'u.id, u.username');
if ($enrolled) {
$enrolledwithcap = get_enrolled_users($context, $cap->name);
} else {
$enrolledwithcap = array();
}
foreach ($users as $userid => $unused) {
if ($userid == 0 or isguestuser($userid)) {
if ($userid == 0) {
$CFG->forcelogin = true;
$this->assertFalse(has_capability($cap->name, $context, $userid));
unset($CFG->forcelogin);
}
if ($cap->captype === 'write' or $cap->riskbitmask & (RISK_XSS | RISK_CONFIG | RISK_DATALOSS)) {
$this->assertFalse(has_capability($cap->name, $context, $userid));
}
$this->assertFalse(isset($allowed[$userid]));
} else {
if (is_siteadmin($userid)) {
$this->assertTrue(has_capability($cap->name, $context, $userid, true));
}
$hascap = has_capability($cap->name, $context, $userid, false);
$this->assertIdentical($hascap, isset($allowed[$userid]), "Capability result mismatch user:{$userid}, context:{$context->id}, {$cap->name}, hascap: " . (int) $hascap . " ");
if (isset($enrolled[$userid])) {
$this->assertIdentical(isset($allowed[$userid]), isset($enrolledwithcap[$userid]), "Enrolment with capability result mismatch user:{$userid}, context:{$context->id}, {$cap->name}, hascap: " . (int) $hascap . " ");
}
}
}
}
}
// Back to nobody
$USER = new stdClass();
$USER->id = 0;
unset($contexts);
unset($users);
unset($capabilities);
// Now let's do all the remaining tests that break our carefully prepared fake site
// ======= $context->mark_dirty() =======================================
$DB->delete_records('cache_flags', array());
accesslib_clear_all_caches(false);
$systemcontext->mark_dirty();
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$systemcontext->path]));
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$systemcontext->path]));
// ======= $context->reload_if_dirty(); =================================
$DB->delete_records('cache_flags', array());
accesslib_clear_all_caches(false);
load_all_capabilities();
$context = context_course::instance($testcourses[2]);
$page = $DB->get_record('page', array('course' => $testcourses[2]));
$pagecontext = context_module::instance($page->id);
$context->mark_dirty();
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$context->path]));
$USER->access['test'] = true;
$context->reload_if_dirty();
$this->assertFalse(isset($USER->access['test']));
$context->mark_dirty();
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$context->path]));
$USER->access['test'] = true;
$pagecontext->reload_if_dirty();
$this->assertFalse(isset($USER->access['test']));
// ======= context_helper::build_all_paths() ============================
$oldcontexts = $DB->get_records('context', array(), 'id');
$DB->set_field_select('context', 'path', NULL, "contextlevel <> " . CONTEXT_SYSTEM);
$DB->set_field_select('context', 'depth', 0, "contextlevel <> " . CONTEXT_SYSTEM);
context_helper::build_all_paths();
$newcontexts = $DB->get_records('context', array(), 'id');
$this->assertIdentical($oldcontexts, $newcontexts);
unset($oldcontexts);
unset($newcontexts);
// ======= $context->reset_paths() ======================================
$context = context_course::instance($testcourses[2]);
$children = $context->get_child_contexts();
$context->reset_paths(false);
$this->assertIdentical($DB->get_field('context', 'path', array('id' => $context->id)), NULL);
$this->assertEqual($DB->get_field('context', 'depth', array('id' => $context->id)), 0);
foreach ($children as $child) {
$this->assertIdentical($DB->get_field('context', 'path', array('id' => $child->id)), NULL);
$this->assertEqual($DB->get_field('context', 'depth', array('id' => $child->id)), 0);
}
$this->assertEqual(count($children) + 1, $DB->count_records('context', array('depth' => 0)));
$this->assertEqual(count($children) + 1, $DB->count_records('context', array('path' => NULL)));
$context = context_course::instance($testcourses[2]);
$context->reset_paths(true);
$context = context_course::instance($testcourses[2]);
$this->assertEqual($DB->get_field('context', 'path', array('id' => $context->id)), $context->path);
$this->assertEqual($DB->get_field('context', 'depth', array('id' => $context->id)), $context->depth);
$this->assertEqual(0, $DB->count_records('context', array('depth' => 0)));
$this->assertEqual(0, $DB->count_records('context', array('path' => NULL)));
// ====== $context->update_moved(); ======================================
accesslib_clear_all_caches(false);
$DB->delete_records('cache_flags', array());
$course = $DB->get_record('course', array('id' => $testcourses[0]));
$context = context_course::instance($course->id);
$oldpath = $context->path;
$miscid = $DB->get_field_sql("SELECT MIN(id) FROM {course_categories}");
$categorycontext = context_coursecat::instance($miscid);
$course->category = $miscid;
$DB->update_record('course', $course);
$context->update_moved($categorycontext);
$context = context_course::instance($course->id);
$this->assertIdentical($context->get_parent_context(), $categorycontext);
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$oldpath]));
$this->assertTrue(isset($dirty[$context->path]));
// ====== $context->delete_content() =====================================
context_helper::reset_caches();
$context = context_module::instance($testpages[3]);
$this->assertTrue($DB->record_exists('context', array('id' => $context->id)));
$this->assertEqual(1, $DB->count_records('block_instances', array('parentcontextid' => $context->id)));
$context->delete_content();
$this->assertTrue($DB->record_exists('context', array('id' => $context->id)));
$this->assertEqual(0, $DB->count_records('block_instances', array('parentcontextid' => $context->id)));
// ====== $context->delete() =============================
context_helper::reset_caches();
$context = context_module::instance($testpages[4]);
$this->assertTrue($DB->record_exists('context', array('id' => $context->id)));
$this->assertEqual(1, $DB->count_records('block_instances', array('parentcontextid' => $context->id)));
$bi = $DB->get_record('block_instances', array('parentcontextid' => $context->id));
$bicontext = context_block::instance($bi->id);
$DB->delete_records('cache_flags', array());
$context->delete();
// should delete also linked blocks
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$context->path]));
$this->assertFalse($DB->record_exists('context', array('id' => $context->id)));
$this->assertFalse($DB->record_exists('context', array('id' => $bicontext->id)));
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_MODULE, 'instanceid' => $testpages[4])));
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_BLOCK, 'instanceid' => $bi->id)));
$this->assertEqual(0, $DB->count_records('block_instances', array('parentcontextid' => $context->id)));
context_module::instance($testpages[4]);
// ====== context_helper::delete_instance() =============================
context_helper::reset_caches();
$lastcourse = array_pop($testcourses);
$this->assertTrue($DB->record_exists('context', array('contextlevel' => CONTEXT_COURSE, 'instanceid' => $lastcourse)));
$coursecontext = context_course::instance($lastcourse);
$this->assertEqual(context_inspection::test_context_cache_size(), 1);
$this->assertFalse($coursecontext->instanceid == CONTEXT_COURSE);
$DB->delete_records('cache_flags', array());
context_helper::delete_instance(CONTEXT_COURSE, $lastcourse);
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$coursecontext->path]));
$this->assertEqual(context_inspection::test_context_cache_size(), 0);
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_COURSE, 'instanceid' => $lastcourse)));
context_course::instance($lastcourse);
// ======= context_helper::create_instances() ==========================
$prevcount = $DB->count_records('context');
$DB->delete_records('context', array('contextlevel' => CONTEXT_BLOCK));
context_helper::create_instances(null, true);
$this->assertIdentical($DB->count_records('context'), $prevcount);
$this->assertEqual($DB->count_records('context', array('depth' => 0)), 0);
$this->assertEqual($DB->count_records('context', array('path' => NULL)), 0);
$DB->delete_records('context', array('contextlevel' => CONTEXT_BLOCK));
$DB->delete_records('block_instances', array());
$prevcount = $DB->count_records('context');
$DB->delete_records_select('context', 'contextlevel <> ' . CONTEXT_SYSTEM);
context_helper::create_instances(null, true);
$this->assertIdentical($DB->count_records('context'), $prevcount);
$this->assertEqual($DB->count_records('context', array('depth' => 0)), 0);
$this->assertEqual($DB->count_records('context', array('path' => NULL)), 0);
// ======= context_helper::cleanup_instances() ==========================
$lastcourse = $DB->get_field_sql("SELECT MAX(id) FROM {course}");
$DB->delete_records('course', array('id' => $lastcourse));
$lastcategory = $DB->get_field_sql("SELECT MAX(id) FROM {course_categories}");
$DB->delete_records('course_categories', array('id' => $lastcategory));
$lastuser = $DB->get_field_sql("SELECT MAX(id) FROM {user} WHERE deleted=0");
$DB->delete_records('user', array('id' => $lastuser));
$DB->delete_records('block_instances', array('parentcontextid' => $frontpagepagecontext->id));
$DB->delete_records('course_modules', array('id' => $frontpagepagecontext->instanceid));
context_helper::cleanup_instances();
$count = 1;
//system
$count += $DB->count_records('user', array('deleted' => 0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEqual($DB->count_records('context'), $count);
// ======= context cache size restrictions ==============================
$testusers = array();
for ($i = 0; $i < CONTEXT_CACHE_MAX_SIZE + 100; $i++) {
$user = new stdClass();
$user->auth = 'manual';
$user->firstname = 'xuser' . $i;
$user->lastname = 'xuser' . $i;
$user->username = '******' . $i;
$user->password = '******';
$user->email = "xuser{$i}@example.com";
$user->confirmed = 1;
$user->mnethostid = $CFG->mnet_localhost_id;
$user->lang = $CFG->lang;
$user->maildisplay = 1;
$user->timemodified = time();
$user->lastip = '0.0.0.0';
$userid = $DB->insert_record('user', $user);
$testusers[$i] = $userid;
}
context_helper::create_instances(null, true);
context_helper::reset_caches();
for ($i = 0; $i < CONTEXT_CACHE_MAX_SIZE + 100; $i++) {
context_user::instance($testusers[$i]);
if ($i == CONTEXT_CACHE_MAX_SIZE - 1) {
$this->assertEqual(context_inspection::test_context_cache_size(), CONTEXT_CACHE_MAX_SIZE);
} else {
if ($i == CONTEXT_CACHE_MAX_SIZE) {
// once the limit is reached roughly 1/3 of records should be removed from cache
$this->assertEqual(context_inspection::test_context_cache_size(), (int) (CONTEXT_CACHE_MAX_SIZE * (2 / 3) + 102));
}
}
}
// We keep the first 100 cached
$prevsize = context_inspection::test_context_cache_size();
for ($i = 0; $i < 100; $i++) {
context_user::instance($testusers[$i]);
$this->assertEqual(context_inspection::test_context_cache_size(), $prevsize);
}
context_user::instance($testusers[102]);
$this->assertEqual(context_inspection::test_context_cache_size(), $prevsize + 1);
unset($testusers);
// =================================================================
// ======= basic test of legacy functions ==========================
// =================================================================
// note: watch out, the fake site might be pretty borked already
$this->assertIdentical(get_system_context(), context_system::instance());
foreach ($DB->get_records('context') as $contextid => $record) {
$context = context::instance_by_id($contextid);
$this->assertIdentical(get_context_instance_by_id($contextid), $context);
$this->assertIdentical(get_context_instance($record->contextlevel, $record->instanceid), $context);
$this->assertIdentical(get_parent_contexts($context), $context->get_parent_context_ids());
if ($context->id == SYSCONTEXTID) {
$this->assertIdentical(get_parent_contextid($context), false);
} else {
$this->assertIdentical(get_parent_contextid($context), $context->get_parent_context()->id);
}
}
$children = get_child_contexts($systemcontext);
$this->assertEqual(count($children), $DB->count_records('context') - 1);
unset($children);
$DB->delete_records('context', array('contextlevel' => CONTEXT_BLOCK));
create_contexts();
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_BLOCK)));
$DB->set_field('context', 'depth', 0, array('contextlevel' => CONTEXT_BLOCK));
build_context_path();
$this->assertFalse($DB->record_exists('context', array('depth' => 0)));
$lastcourse = $DB->get_field_sql("SELECT MAX(id) FROM {course}");
$DB->delete_records('course', array('id' => $lastcourse));
$lastcategory = $DB->get_field_sql("SELECT MAX(id) FROM {course_categories}");
$DB->delete_records('course_categories', array('id' => $lastcategory));
$lastuser = $DB->get_field_sql("SELECT MAX(id) FROM {user} WHERE deleted=0");
$DB->delete_records('user', array('id' => $lastuser));
$DB->delete_records('block_instances', array('parentcontextid' => $frontpagepagecontext->id));
$DB->delete_records('course_modules', array('id' => $frontpagepagecontext->instanceid));
cleanup_contexts();
$count = 1;
//system
$count += $DB->count_records('user', array('deleted' => 0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEqual($DB->count_records('context'), $count);
context_helper::reset_caches();
preload_course_contexts($SITE->id);
$this->assertEqual(context_inspection::test_context_cache_size(), 1);
context_helper::reset_caches();
list($select, $join) = context_instance_preload_sql('c.id', CONTEXT_COURSECAT, 'ctx');
$sql = "SELECT c.id {$select} FROM {course_categories} c {$join}";
$records = $DB->get_records_sql($sql);
foreach ($records as $record) {
context_instance_preload($record);
$record = (array) $record;
$this->assertEqual(1, count($record));
// only id left
}
$this->assertEqual(count($records), context_inspection::test_context_cache_size());
accesslib_clear_all_caches(true);
$DB->delete_records('cache_flags', array());
mark_context_dirty($systemcontext->path);
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$systemcontext->path]));
accesslib_clear_all_caches(false);
$DB->delete_records('cache_flags', array());
$course = $DB->get_record('course', array('id' => $testcourses[2]));
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$oldpath = $context->path;
$miscid = $DB->get_field_sql("SELECT MIN(id) FROM {course_categories}");
$categorycontext = context_coursecat::instance($miscid);
$course->category = $miscid;
$DB->update_record('course', $course);
context_moved($context, $categorycontext);
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$this->assertIdentical($context->get_parent_context(), $categorycontext);
$this->assertTrue($DB->record_exists('context', array('contextlevel' => CONTEXT_COURSE, 'instanceid' => $testcourses[2])));
delete_context(CONTEXT_COURSE, $testcourses[2]);
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_COURSE, 'instanceid' => $testcourses[2])));
$name = get_contextlevel_name(CONTEXT_COURSE);
$this->assertFalse(empty($name));
$context = get_context_instance(CONTEXT_COURSE, $testcourses[2]);
$name = print_context_name($context);
$this->assertFalse(empty($name));
$url = get_context_url($coursecontext);
$this->assertFalse($url instanceof modole_url);
$page = $DB->get_record('page', array('id' => $testpages[7]));
$context = get_context_instance(CONTEXT_MODULE, $page->id);
$coursecontext = get_course_context($context);
$this->assertEqual($coursecontext->contextlevel, CONTEXT_COURSE);
$this->assertEqual(get_courseid_from_context($context), $page->course);
$caps = fetch_context_capabilities($systemcontext);
$this->assertTrue(is_array($caps));
unset($caps);
}
/**
* This function checks that the current user is logged in and has the
* required privileges
*
* This function checks that the current user is logged in, and optionally
* whether they are allowed to be in a particular course and view a particular
* course module.
* If they are not logged in, then it redirects them to the site login unless
* $autologinguest is set and {@link $CFG}->autologinguests is set to 1 in which
* case they are automatically logged in as guests.
* If $courseid is given and the user is not enrolled in that course then the
* user is redirected to the course enrolment page.
* If $cm is given and the course module is hidden and the user is not a teacher
* in the course then the user is redirected to the course home page.
*
* When $cm parameter specified, this function sets page layout to 'module'.
* You need to change it manually later if some other layout needed.
*
* @package core_access
* @category access
*
* @param mixed $courseorid id of the course or course object
* @param bool $autologinguest default true
* @param object $cm course module object
* @param bool $setwantsurltome Define if we want to set $SESSION->wantsurl, defaults to
* true. Used to avoid (=false) some scripts (file.php...) to set that variable,
* in order to keep redirects working properly. MDL-14495
* @param bool $preventredirect set to true in scripts that can not redirect (CLI, rss feeds, etc.), throws exceptions
* @return mixed Void, exit, and die depending on path
*/
function require_login($courseorid = NULL, $autologinguest = true, $cm = NULL, $setwantsurltome = true, $preventredirect = false)
{
global $CFG, $SESSION, $USER, $FULLME, $PAGE, $SITE, $DB, $OUTPUT;
// setup global $COURSE, themes, language and locale
if (!empty($courseorid)) {
if (is_object($courseorid)) {
$course = $courseorid;
} else {
if ($courseorid == SITEID) {
$course = clone $SITE;
} else {
$course = $DB->get_record('course', array('id' => $courseorid), '*', MUST_EXIST);
}
}
if ($cm) {
if ($cm->course != $course->id) {
throw new coding_exception('course and cm parameters in require_login() call do not match!!');
}
// make sure we have a $cm from get_fast_modinfo as this contains activity access details
if (!$cm instanceof cm_info) {
// note: nearly all pages call get_fast_modinfo anyway and it does not make any
// db queries so this is not really a performance concern, however it is obviously
// better if you use get_fast_modinfo to get the cm before calling this.
$modinfo = get_fast_modinfo($course);
$cm = $modinfo->get_cm($cm->id);
}
$PAGE->set_cm($cm, $course);
// set's up global $COURSE
$PAGE->set_pagelayout('incourse');
} else {
$PAGE->set_course($course);
// set's up global $COURSE
}
} else {
// do not touch global $COURSE via $PAGE->set_course(),
// the reasons is we need to be able to call require_login() at any time!!
$course = $SITE;
if ($cm) {
throw new coding_exception('cm parameter in require_login() requires valid course parameter!');
}
}
// If this is an AJAX request and $setwantsurltome is true then we need to override it and set it to false.
// Otherwise the AJAX request URL will be set to $SESSION->wantsurl and events such as self enrolment in the future
// risk leading the user back to the AJAX request URL.
if ($setwantsurltome && defined('AJAX_SCRIPT') && AJAX_SCRIPT) {
$setwantsurltome = false;
}
// If the user is not even logged in yet then make sure they are
if (!isloggedin()) {
if ($autologinguest and !empty($CFG->guestloginbutton) and !empty($CFG->autologinguests)) {
if (!($guest = get_complete_user_data('id', $CFG->siteguest))) {
// misconfigured site guest, just redirect to login page
redirect(get_login_url());
exit;
// never reached
}
$lang = isset($SESSION->lang) ? $SESSION->lang : $CFG->lang;
complete_user_login($guest);
$USER->autologinguest = true;
$SESSION->lang = $lang;
} else {
//NOTE: $USER->site check was obsoleted by session test cookie,
// $USER->confirmed test is in login/index.php
if ($preventredirect) {
throw new require_login_exception('You are not logged in');
}
if ($setwantsurltome) {
// TODO: switch to PAGE->url
$SESSION->wantsurl = $FULLME;
}
if (!empty($_SERVER['HTTP_REFERER'])) {
$SESSION->fromurl = $_SERVER['HTTP_REFERER'];
}
redirect(get_login_url());
exit;
// never reached
}
}
// loginas as redirection if needed
if ($course->id != SITEID and session_is_loggedinas()) {
if ($USER->loginascontext->contextlevel == CONTEXT_COURSE) {
if ($USER->loginascontext->instanceid != $course->id) {
print_error('loginasonecourse', '', $CFG->wwwroot . '/course/view.php?id=' . $USER->loginascontext->instanceid);
}
}
}
// check whether the user should be changing password (but only if it is REALLY them)
if (get_user_preferences('auth_forcepasswordchange') && !session_is_loggedinas()) {
$userauth = get_auth_plugin($USER->auth);
if ($userauth->can_change_password() and !$preventredirect) {
if ($setwantsurltome) {
$SESSION->wantsurl = $FULLME;
}
if ($changeurl = $userauth->change_password_url()) {
//use plugin custom url
redirect($changeurl);
} else {
//use moodle internal method
if (empty($CFG->loginhttps)) {
redirect($CFG->wwwroot . '/login/change_password.php');
} else {
$wwwroot = str_replace('http:', 'https:', $CFG->wwwroot);
redirect($wwwroot . '/login/change_password.php');
}
}
} else {
print_error('nopasswordchangeforced', 'auth');
}
}
// Check that the user account is properly set up
if (user_not_fully_set_up($USER)) {
if ($preventredirect) {
throw new require_login_exception('User not fully set-up');
}
if ($setwantsurltome) {
$SESSION->wantsurl = $FULLME;
}
redirect($CFG->wwwroot . '/user/edit.php?id=' . $USER->id . '&course=' . SITEID);
}
// Make sure the USER has a sesskey set up. Used for CSRF protection.
sesskey();
// Do not bother admins with any formalities
if (is_siteadmin()) {
//set accesstime or the user will appear offline which messes up messaging
user_accesstime_log($course->id);
return;
}
// Check that the user has agreed to a site policy if there is one - do not test in case of admins
if (!$USER->policyagreed and !is_siteadmin()) {
if (!empty($CFG->sitepolicy) and !isguestuser()) {
if ($preventredirect) {
throw new require_login_exception('Policy not agreed');
}
if ($setwantsurltome) {
$SESSION->wantsurl = $FULLME;
}
redirect($CFG->wwwroot . '/user/policy.php');
} else {
if (!empty($CFG->sitepolicyguest) and isguestuser()) {
if ($preventredirect) {
throw new require_login_exception('Policy not agreed');
}
if ($setwantsurltome) {
$SESSION->wantsurl = $FULLME;
}
redirect($CFG->wwwroot . '/user/policy.php');
}
}
}
// Fetch the system context, the course context, and prefetch its child contexts
$sysctx = get_context_instance(CONTEXT_SYSTEM);
$coursecontext = get_context_instance(CONTEXT_COURSE, $course->id, MUST_EXIST);
if ($cm) {
$cmcontext = get_context_instance(CONTEXT_MODULE, $cm->id, MUST_EXIST);
} else {
$cmcontext = null;
}
// If the site is currently under maintenance, then print a message
if (!empty($CFG->maintenance_enabled) and !has_capability('moodle/site:config', $sysctx)) {
if ($preventredirect) {
throw new require_login_exception('Maintenance in progress');
}
print_maintenance_message();
}
// make sure the course itself is not hidden
if ($course->id == SITEID) {
// frontpage can not be hidden
} else {
if (is_role_switched($course->id)) {
// when switching roles ignore the hidden flag - user had to be in course to do the switch
} else {
if (!$course->visible and !has_capability('moodle/course:viewhiddencourses', $coursecontext)) {
// originally there was also test of parent category visibility,
// BUT is was very slow in complex queries involving "my courses"
// now it is also possible to simply hide all courses user is not enrolled in :-)
if ($preventredirect) {
throw new require_login_exception('Course is hidden');
}
// We need to override the navigation URL as the course won't have
// been added to the navigation and thus the navigation will mess up
// when trying to find it.
navigation_node::override_active_url(new moodle_url('/'));
notice(get_string('coursehidden'), $CFG->wwwroot . '/');
}
}
}
// is the user enrolled?
if ($course->id == SITEID) {
// everybody is enrolled on the frontpage
} else {
if (session_is_loggedinas()) {
// Make sure the REAL person can access this course first
$realuser = session_get_realuser();
if (!is_enrolled($coursecontext, $realuser->id, '', true) and !is_viewing($coursecontext, $realuser->id) and !is_siteadmin($realuser->id)) {
if ($preventredirect) {
throw new require_login_exception('Invalid course login-as access');
}
echo $OUTPUT->header();
notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot . '/');
}
}
$access = false;
if (is_role_switched($course->id)) {
// ok, user had to be inside this course before the switch
$access = true;
} else {
if (is_viewing($coursecontext, $USER)) {
// ok, no need to mess with enrol
$access = true;
} else {
if (isset($USER->enrol['enrolled'][$course->id])) {
if ($USER->enrol['enrolled'][$course->id] > time()) {
$access = true;
if (isset($USER->enrol['tempguest'][$course->id])) {
unset($USER->enrol['tempguest'][$course->id]);
remove_temp_course_roles($coursecontext);
}
} else {
//expired
unset($USER->enrol['enrolled'][$course->id]);
}
}
if (isset($USER->enrol['tempguest'][$course->id])) {
if ($USER->enrol['tempguest'][$course->id] == 0) {
$access = true;
} else {
if ($USER->enrol['tempguest'][$course->id] > time()) {
$access = true;
} else {
//expired
unset($USER->enrol['tempguest'][$course->id]);
remove_temp_course_roles($coursecontext);
}
}
}
if ($access) {
// cache ok
} else {
$until = enrol_get_enrolment_end($coursecontext->instanceid, $USER->id);
if ($until !== false) {
// active participants may always access, a timestamp in the future, 0 (always) or false.
if ($until == 0) {
$until = ENROL_MAX_TIMESTAMP;
}
$USER->enrol['enrolled'][$course->id] = $until;
$access = true;
} else {
$instances = $DB->get_records('enrol', array('courseid' => $course->id, 'status' => ENROL_INSTANCE_ENABLED), 'sortorder, id ASC');
$enrols = enrol_get_plugins(true);
// first ask all enabled enrol instances in course if they want to auto enrol user
foreach ($instances as $instance) {
if (!isset($enrols[$instance->enrol])) {
continue;
}
// Get a duration for the enrolment, a timestamp in the future, 0 (always) or false.
$until = $enrols[$instance->enrol]->try_autoenrol($instance);
if ($until !== false) {
if ($until == 0) {
$until = ENROL_MAX_TIMESTAMP;
}
$USER->enrol['enrolled'][$course->id] = $until;
$access = true;
break;
}
}
// if not enrolled yet try to gain temporary guest access
if (!$access) {
foreach ($instances as $instance) {
if (!isset($enrols[$instance->enrol])) {
continue;
}
// Get a duration for the guest access, a timestamp in the future or false.
$until = $enrols[$instance->enrol]->try_guestaccess($instance);
if ($until !== false and $until > time()) {
$USER->enrol['tempguest'][$course->id] = $until;
$access = true;
break;
}
}
}
}
}
}
}
if (!$access) {
if ($preventredirect) {
throw new require_login_exception('Not enrolled');
}
if ($setwantsurltome) {
$SESSION->wantsurl = $FULLME;
}
redirect($CFG->wwwroot . '/enrol/index.php?id=' . $course->id);
}
}
// Check visibility of activity to current user; includes visible flag, groupmembersonly,
// conditional availability, etc
if ($cm && !$cm->uservisible) {
if ($preventredirect) {
throw new require_login_exception('Activity is hidden');
}
redirect($CFG->wwwroot, get_string('activityiscurrentlyhidden'));
}
// Finally access granted, update lastaccess times
user_accesstime_log($course->id);
}
/**
* Claim a coupon
*
* @param string $code coupon submission code
*/
function claim_coupon_confirm($code)
{
global $CFG, $DB, $USER;
// Because we're outside course context we've got to include groups library manually.
require_once $CFG->dirroot . '/group/lib.php';
require_once $CFG->dirroot . '/cohort/lib.php';
$role = $DB->get_record('role', array('shortname' => 'student'));
$coupon = $DB->get_record('block_coupon', array('submission_code' => $code));
$couponcourses = $DB->get_records('block_coupon_courses', array('couponid' => $coupon->id));
// We'll handle coupon_cohorts.
if (empty($couponcourses)) {
$couponcohorts = $DB->get_records('block_coupon_cohorts', array('couponid' => $coupon->id));
if (count($couponcohorts) == 0) {
throw new exception('error:missing_cohort');
}
// Add user to cohort.
foreach ($couponcohorts as $couponcohort) {
if (!$DB->get_record('cohort', array('id' => $couponcohort->cohortid))) {
throw new exception('error:missing_cohort');
}
cohort_add_member($couponcohort->cohortid, $USER->id);
}
// Now execute the cohort sync.
$result = self::enrol_cohort_sync();
// If result = 0 it went ok. (lol!).
if ($result === 1) {
throw new exception('error:cohort_sync');
} else {
if ($result === 2) {
throw new exception('error:plugin_disabled');
}
}
// Otherwise we'll handle based on courses.
} else {
// Set enrolment period.
$endenrolment = 0;
if (!is_null($coupon->enrolperiod) && $coupon->enrolperiod > 0) {
$endenrolment = strtotime("+ {$coupon->enrolperiod} days");
}
foreach ($couponcourses as $couponcourse) {
// Make sure we only enrol if its not enrolled yet.
$context = \context_course::instance($couponcourse->courseid);
if (is_null($context) || $context === false) {
throw new exception('error:course-not-found');
}
if (is_enrolled($context, $USER->id)) {
continue;
}
// Now we can enrol.
if (!enrol_try_internal_enrol($couponcourse->courseid, $USER->id, $role->id, time(), $endenrolment)) {
throw new exception('error:unable_to_enrol');
}
// Mark the context for cache refresh.
$context->mark_dirty();
remove_temp_course_roles($context);
}
// And add user to groups.
$coupongroups = $DB->get_records('block_coupon_groups', array('couponid' => $coupon->id));
if (!empty($coupongroups)) {
foreach ($coupongroups as $coupongroup) {
// Check if the group exists.
if (!$DB->get_record('groups', array('id' => $coupongroup->groupid))) {
throw new exception('error:missing_group');
}
// Add user if its not a member yet.
if (!groups_is_member($coupongroup->groupid, $USER->id)) {
groups_add_member($coupongroup->groupid, $USER->id);
}
}
}
}
// And finally update the coupon record.
$coupon->userid = $USER->id;
$coupon->timemodified = time();
$DB->update_record('block_coupon', $coupon);
// Trigger event.
$event = \block_coupon\event\coupon_used::create(array('objectid' => $coupon->id, 'relateduserid' => $USER->id, 'context' => \context_user::instance($USER->id)));
$event->add_record_snapshot('block_coupon', $coupon);
$event->trigger();
//return (empty($coupon->redirect_url)) ? $CFG->wwwroot . "/my" : $coupon->redirect_url;
}
/**
* Returns true if the user is able to access the course.
*
* This function is in no way, shape, or form a substitute for require_login.
* It should only be used in circumstances where it is not possible to call require_login
* such as the navigation.
*
* This function checks many of the methods of access to a course such as the view
* capability, enrollments, and guest access. It also makes use of the cache
* generated by require_login for guest access.
*
* The flags within the $USER object that are used here should NEVER be used outside
* of this function can_access_course and require_login. Doing so WILL break future
* versions.
*
* @param stdClass $course record
* @param stdClass|int|null $user user record or id, current user if null
* @param string $withcapability Check for this capability as well.
* @param bool $onlyactive consider only active enrolments in enabled plugins and time restrictions
* @return boolean Returns true if the user is able to access the course
*/
function can_access_course(stdClass $course, $user = null, $withcapability = '', $onlyactive = false)
{
global $DB, $USER;
// this function originally accepted $coursecontext parameter
if ($course instanceof context) {
if ($course instanceof context_course) {
debugging('deprecated context parameter, please use $course record');
$coursecontext = $course;
$course = $DB->get_record('course', array('id' => $coursecontext->instanceid));
} else {
debugging('Invalid context parameter, please use $course record');
return false;
}
} else {
$coursecontext = context_course::instance($course->id);
}
if (!isset($USER->id)) {
// should never happen
$USER->id = 0;
}
// make sure there is a user specified
if ($user === null) {
$userid = $USER->id;
} else {
$userid = is_object($user) ? $user->id : $user;
}
unset($user);
if ($withcapability and !has_capability($withcapability, $coursecontext, $userid)) {
return false;
}
if ($userid == $USER->id) {
if (!empty($USER->access['rsw'][$coursecontext->path])) {
// the fact that somebody switched role means they can access the course no matter to what role they switched
return true;
}
}
if (!$course->visible and !has_capability('moodle/course:viewhiddencourses', $coursecontext, $userid)) {
return false;
}
if (is_viewing($coursecontext, $userid)) {
return true;
}
if ($userid != $USER->id) {
// for performance reasons we do not verify temporary guest access for other users, sorry...
return is_enrolled($coursecontext, $userid, '', $onlyactive);
}
// === from here we deal only with $USER ===
// verify our caches
if (!isset($USER->enrol)) {
/**
* These flags within the $USER object should NEVER be used outside of this
* function can_access_course and the function require_login.
* Doing so WILL break future versions!!!!
*/
$USER->enrol = array();
$USER->enrol['enrolled'] = array();
$USER->enrol['tempguest'] = array();
}
if (isset($USER->enrol['enrolled'][$course->id])) {
if ($USER->enrol['enrolled'][$course->id] == 0) {
return true;
} else {
if ($USER->enrol['enrolled'][$course->id] > time()) {
return true;
}
}
}
if (isset($USER->enrol['tempguest'][$course->id])) {
if ($USER->enrol['tempguest'][$course->id] == 0) {
return true;
} else {
if ($USER->enrol['tempguest'][$course->id] > time()) {
return true;
}
}
}
if (is_enrolled($coursecontext, $USER, '', true)) {
// active participants may always access
// TODO: refactor this into some new function
$now = time();
$sql = "SELECT MAX(ue.timeend)\n FROM {user_enrolments} ue\n JOIN {enrol} e ON (e.id = ue.enrolid AND e.courseid = :courseid)\n JOIN {user} u ON u.id = ue.userid\n WHERE ue.userid = :userid AND ue.status = :active AND e.status = :enabled AND u.deleted = 0\n AND ue.timestart < :now1 AND (ue.timeend = 0 OR ue.timeend > :now2)";
$params = array('enabled' => ENROL_INSTANCE_ENABLED, 'active' => ENROL_USER_ACTIVE, 'userid' => $USER->id, 'courseid' => $coursecontext->instanceid, 'now1' => $now, 'now2' => $now);
$until = $DB->get_field_sql($sql, $params);
if (!$until or $until > time() + ENROL_REQUIRE_LOGIN_CACHE_PERIOD) {
$until = time() + ENROL_REQUIRE_LOGIN_CACHE_PERIOD;
}
$USER->enrol['enrolled'][$course->id] = $until;
// remove traces of previous temp guest access
remove_temp_course_roles($coursecontext);
return true;
}
unset($USER->enrol['enrolled'][$course->id]);
// if not enrolled try to gain temporary guest access
$instances = $DB->get_records('enrol', array('courseid' => $course->id, 'status' => ENROL_INSTANCE_ENABLED), 'sortorder, id ASC');
$enrols = enrol_get_plugins(true);
foreach ($instances as $instance) {
if (!isset($enrols[$instance->enrol])) {
continue;
}
// Get a duration for the guestaccess, a timestamp in the future or false.
$until = $enrols[$instance->enrol]->try_guestaccess($instance);
if ($until !== false) {
$USER->enrol['tempguest'][$course->id] = $until;
return true;
}
}
unset($USER->enrol['tempguest'][$course->id]);
return false;
}
/**
* Enrol user into course via enrol instance. Modified from enrollib due to check where $instance->enrol has to match the plugin name.
*
* @param stdClass $instance
* @param int $userid
* @param int $roleid optional role id
* @param int $timestart 0 means unknown
* @param int $timeend 0 means forever
* @param int $status default to ENROL_USER_ACTIVE for new enrolments, no change by default in updates
* @param bool $recovergrades restore grade history
* @return void
*/
public function enrol_user(stdClass $instance, $userid, $roleid = null, $timestart = 0, $timeend = 0, $status = null, $recovergrades = null)
{
global $DB, $USER, $CFG;
// CFG necessary!!!
if ($instance->courseid == SITEID) {
throw new coding_exception('invalid attempt to enrol into frontpage course!');
}
$name = "self";
// Have to force the name to return as 'self' in order to pass the check three lines down.
$courseid = $instance->courseid;
if ($instance->enrol !== $name) {
throw new coding_exception('invalid enrol instance!');
}
$context = context_course::instance($instance->courseid, MUST_EXIST);
if (!isset($recovergrades)) {
$recovergrades = $CFG->recovergradesdefault;
}
$inserted = false;
$updated = false;
if ($ue = $DB->get_record('user_enrolments', array('enrolid' => $instance->id, 'userid' => $userid))) {
//only update if timestart or timeend or status are different.
if ($ue->timestart != $timestart or $ue->timeend != $timeend or !is_null($status) and $ue->status != $status) {
$this->update_user_enrol($instance, $userid, $status, $timestart, $timeend);
}
} else {
$ue = new stdClass();
$ue->enrolid = $instance->id;
$ue->status = is_null($status) ? ENROL_USER_ACTIVE : $status;
$ue->userid = $userid;
$ue->timestart = $timestart;
$ue->timeend = $timeend;
$ue->modifierid = $USER->id;
$ue->timecreated = time();
$ue->timemodified = $ue->timecreated;
$ue->id = $DB->insert_record('user_enrolments', $ue);
$inserted = true;
}
if ($inserted) {
// Trigger event.
$event = \core\event\user_enrolment_created::create(array('objectid' => $ue->id, 'courseid' => $courseid, 'context' => $context, 'relateduserid' => $ue->userid, 'other' => array('enrol' => $name)));
$event->trigger();
}
if ($roleid) {
// this must be done after the enrolment event so that the role_assigned event is triggered afterwards
if ($this->roles_protected()) {
role_assign($roleid, $userid, $context->id, '');
} else {
role_assign($roleid, $userid, $context->id, '');
}
}
// Recover old grades if present.
if ($recovergrades) {
require_once "{$CFG->libdir}/gradelib.php";
grade_recover_history_grades($userid, $courseid);
}
// reset current user enrolment caching
if ($userid == $USER->id) {
if (isset($USER->enrol['enrolled'][$courseid])) {
unset($USER->enrol['enrolled'][$courseid]);
}
if (isset($USER->enrol['tempguest'][$courseid])) {
unset($USER->enrol['tempguest'][$courseid]);
remove_temp_course_roles($context);
}
}
}
