/**
* Form for editing HTML block instances.
*
* @copyright 2010 Petr Skoda (http://skodak.org)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @package block_html
* @category files
* @param stdClass $course course object
* @param stdClass $birecord_or_cm block instance record
* @param stdClass $context context object
* @param string $filearea file area
* @param array $args extra arguments
* @param bool $forcedownload whether or not force download
* @param array $options additional options affecting the file serving
* @return bool
*/
function block_html_pluginfile($course, $birecord_or_cm, $context, $filearea, $args, $forcedownload, array $options = array())
{
global $SCRIPT;
if ($context->contextlevel != CONTEXT_BLOCK) {
send_file_not_found();
}
require_course_login($course);
if ($filearea !== 'content') {
send_file_not_found();
}
$fs = get_file_storage();
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'block_html', 'content', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
if ($parentcontext = get_context_instance_by_id($birecord_or_cm->parentcontextid)) {
if ($parentcontext->contextlevel == CONTEXT_USER) {
// force download on all personal pages including /my/
//because we do not have reliable way to find out from where this is used
$forcedownload = true;
}
} else {
// weird, there should be parent context, better force dowload then
$forcedownload = true;
}
session_get_instance()->write_close();
send_stored_file($file, 60 * 60, 0, $forcedownload, $options);
}
function dbtransfer_transfer_database($sourcedb, $targetdb, $feedback = null)
{
@set_time_limit(0);
session_get_instance()->write_close();
// release session
$var = new database_mover($sourcedb, $targetdb, true, $feedback);
$var->export_database(null);
}
/**
* Initiate database transfer.
* @param moodle_database $sourcedb
* @param moodle_database $targetdb
* @param progress_trace $feedback
* @return void
*/
function tool_dbtransfer_transfer_database(moodle_database $sourcedb, moodle_database $targetdb, progress_trace $feedback = null)
{
@set_time_limit(0);
session_get_instance()->write_close();
// Release session.
$var = new database_mover($sourcedb, $targetdb, true, $feedback);
$var->export_database(null);
tool_dbtransfer_rebuild_target_log_actions($targetdb, $feedback);
}
/**
* Form for editing HTML block instances.
*
* @copyright 2010 Petr Skoda (http://skodak.org)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @package block_html
* @category files
* @param stdClass $course course object
* @param stdClass $birecord_or_cm block instance record
* @param stdClass $context context object
* @param string $filearea file area
* @param array $args extra arguments
* @param bool $forcedownload whether or not force download
* @param array $options additional options affecting the file serving
* @return bool
* @todo MDL-36050 improve capability check on stick blocks, so we can check user capability before sending images.
*/
function block_html_pluginfile($course, $birecord_or_cm, $context, $filearea, $args, $forcedownload, array $options = array())
{
global $DB, $CFG, $USER;
if ($context->contextlevel != CONTEXT_BLOCK) {
send_file_not_found();
}
// If block is in course context, then check if user has capability to access course.
if ($context->get_course_context(false)) {
require_course_login($course);
} else {
if ($CFG->forcelogin) {
require_login();
} else {
// Get parent context and see if user have proper permission.
$parentcontext = $context->get_parent_context();
if ($parentcontext->contextlevel === CONTEXT_COURSECAT) {
// Check if category is visible and user can view this category.
$category = $DB->get_record('course_categories', array('id' => $parentcontext->instanceid), '*', MUST_EXIST);
if (!$category->visible) {
require_capability('moodle/category:viewhiddencategories', $parentcontext);
}
} else {
if ($parentcontext->contextlevel === CONTEXT_USER && $parentcontext->instanceid != $USER->id) {
// The block is in the context of a user, it is only visible to the user who it belongs to.
send_file_not_found();
}
}
// At this point there is no way to check SYSTEM context, so ignoring it.
}
}
if ($filearea !== 'content') {
send_file_not_found();
}
$fs = get_file_storage();
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'block_html', 'content', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
if ($parentcontext = context::instance_by_id($birecord_or_cm->parentcontextid, IGNORE_MISSING)) {
if ($parentcontext->contextlevel == CONTEXT_USER) {
// force download on all personal pages including /my/
//because we do not have reliable way to find out from where this is used
$forcedownload = true;
}
} else {
// weird, there should be parent context, better force dowload then
$forcedownload = true;
}
session_get_instance()->write_close();
send_stored_file($file, 60 * 60, 0, $forcedownload, $options);
}
/**
* Files support.
*
* Exits if the required permissions are not satisfied.
*
* @param stdClass $course course object
* @param stdClass $cm
* @param stdClass $context context object
* @param string $filearea file area
* @param array $args extra arguments
* @param bool $forcedownload whether or not force download
* @param array $options additional options affecting the file serving
* @return void The file is sent along with it's headers
*/
function tool_generator_pluginfile($course, $cm, $context, $filearea, $args, $forcedownload, array $options = array())
{
// Only for admins or CLI.
if (!defined('CLI_SCRIPT') && !is_siteadmin()) {
die;
}
if ($context->contextlevel != CONTEXT_SYSTEM) {
send_file_not_found();
}
$fs = get_file_storage();
$file = $fs->get_file($context->id, 'tool_generator', $filearea, $args[0], '/', $args[1]);
// Send the file, always forcing download, we don't want options.
session_get_instance()->write_close();
send_stored_file($file, 0, 0, true);
}
function block_course_profile_pluginfile($course, $birecord_or_cm, $context, $filearea, $args, $forcedownload, array $options = array())
{
global $SCRIPT;
if ($context->contextlevel != CONTEXT_COURSE) {
send_file_not_found();
}
if ($filearea !== 'courseicon') {
send_file_not_found();
}
$fs = get_file_storage();
$file = $fs->get_file($context->id, 'block_course_profile', 'courseicon', 0, '/', $course->id);
if (!$file or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
send_stored_file($file, 60 * 60, 0, false, $options);
}
/**
* Serves rolesexport xml files.
*
* @param object $course
* @param object $cm
* @param object $context
* @param string $filearea
* @param array $args
* @param bool $forcedownload
* @return bool false if file not found, does not return if found - just send the file
*/
function report_rolesmigration_pluginfile($course, $cm, $context, $filearea, $args, $forcedownload)
{
global $USER;
//require_capability('mod/assignment:view', $this->context);
$fullpath = "/{$context->id}/report_rolesmigration/{$filearea}/" . implode('/', $args);
$fs = get_file_storage();
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
if ($USER->id != $file->get_userid() && !has_capability('moodle/role:manage', $context)) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
if (!send_stored_file($file, 60 * 60, 0, true)) {
send_file_not_found();
}
}
function local_note_pluginfile($course, $birecord_or_cm, $context, $filearea, $args, $forcedownload, array $options = array())
{
global $DB, $CFG;
if ($context->contextlevel != CONTEXT_SYSTEM) {
send_file_not_found();
}
// If block is in course context, then check if user has capability to access course.
if ($context->get_course_context(false)) {
//require_course_login($course);
} else {
if ($CFG->forcelogin) {
//require_login();
} else {
// Get parent context and see if user have proper permission.
$parentcontext = $context->get_parent_context();
if ($parentcontext->contextlevel === CONTEXT_COURSECAT) {
// Check if category is visible and user can view this category.
$category = $DB->get_record('course_categories', array('id' => $parentcontext->instanceid), '*', MUST_EXIST);
if (!$category->visible) {
require_capability('moodle/category:viewhiddencategories', $parentcontext);
}
}
// At this point there is no way to check SYSTEM or USER context, so ignoring it.
}
}
if ($filearea !== 'content') {
send_file_not_found();
}
$fs = get_file_storage();
$filename = array_pop($args);
//$filepath = $args ? '/'.implode('/', $args).'/' : '/';
$filepath = '/';
$itemid = $args['0'];
//added by nihar -to get the item id
if (!($file = $fs->get_file($context->id, 'local_note', 'content', $itemid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
send_stored_file($file, 60 * 60, 0, $forcedownload, $options);
}
/**
* Unlock the session and allow the regrading process to run in the background.
*/
protected function unlock_session() {
session_get_instance()->write_close();
ignore_user_abort(true);
}
/**
* Handles the sending of file data to the user's browser, including support for
* byteranges etc.
*
* @global object
* @global object
* @global object
* @param object $stored_file local file object
* @param int $lifetime Number of seconds before the file should expire from caches (default 24 hours)
* @param int $filter 0 (default)=no filtering, 1=all files, 2=html files only
* @param bool $forcedownload If true (default false), forces download of file rather than view in browser/plugin
* @param string $filename Override filename
* @param bool $dontdie - return control to caller afterwards. this is not recommended and only used for cleanup tasks.
* if this is passed as true, ignore_user_abort is called. if you don't want your processing to continue on cancel,
* you must detect this case when control is returned using connection_aborted. Please not that session is closed
* and should not be reopened.
* @return void no return or void, script execution stopped unless $dontdie is true
*/
function send_stored_file($stored_file, $lifetime = 86400, $filter = 0, $forcedownload = false, $filename = null, $dontdie = false)
{
global $CFG, $COURSE, $SESSION;
if (!$stored_file or $stored_file->is_directory()) {
// nothing to serve
if ($dontdie) {
return;
}
die;
}
if ($dontdie) {
ignore_user_abort(true);
}
session_get_instance()->write_close();
// unlock session during fileserving
// Use given MIME type if specified, otherwise guess it using mimeinfo.
// IE, Konqueror and Opera open html file directly in browser from web even when directed to save it to disk :-O
// only Firefox saves all files locally before opening when content-disposition: attachment stated
$filename = is_null($filename) ? $stored_file->get_filename() : $filename;
$isFF = check_browser_version('Firefox', '1.5');
// only FF > 1.5 properly tested
$mimetype = ($forcedownload and !$isFF) ? 'application/x-forcedownload' : ($stored_file->get_mimetype() ? $stored_file->get_mimetype() : mimeinfo('type', $filename));
$lastmodified = $stored_file->get_timemodified();
$filesize = $stored_file->get_filesize();
//try to disable automatic sid rewrite in cookieless mode
@ini_set("session.use_trans_sid", "false");
if ($lifetime > 0 && !empty($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
// get unixtime of request header; clip extra junk off first
$since = strtotime(preg_replace('/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"]));
if ($since && $since >= $lastmodified) {
header('HTTP/1.1 304 Not Modified');
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + $lifetime) . ' GMT');
header('Cache-Control: max-age=' . $lifetime);
header('Content-Type: ' . $mimetype);
if ($dontdie) {
return;
}
die;
}
}
//do not put '@' before the next header to detect incorrect moodle configurations,
//error should be better than "weird" empty lines for admins/users
//TODO: should we remove all those @ before the header()? Are all of the values supported on all servers?
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $lastmodified) . ' GMT');
// if user is using IE, urlencode the filename so that multibyte file name will show up correctly on popup
if (check_browser_version('MSIE')) {
$filename = rawurlencode($filename);
}
if ($forcedownload) {
header('Content-Disposition: attachment; filename="' . $filename . '"');
} else {
header('Content-Disposition: inline; filename="' . $filename . '"');
}
if ($lifetime > 0) {
header('Cache-Control: max-age=' . $lifetime);
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + $lifetime) . ' GMT');
header('Pragma: ');
if (empty($CFG->disablebyteserving) && $mimetype != 'text/plain' && $mimetype != 'text/html') {
header('Accept-Ranges: bytes');
if (!empty($_SERVER['HTTP_RANGE']) && strpos($_SERVER['HTTP_RANGE'], 'bytes=') !== FALSE) {
// byteserving stuff - for acrobat reader and download accelerators
// see: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35
// inspired by: http://www.coneural.org/florian/papers/04_byteserving.php
$ranges = false;
if (preg_match_all('/(\\d*)-(\\d*)/', $_SERVER['HTTP_RANGE'], $ranges, PREG_SET_ORDER)) {
foreach ($ranges as $key => $value) {
if ($ranges[$key][1] == '') {
//suffix case
$ranges[$key][1] = $filesize - $ranges[$key][2];
$ranges[$key][2] = $filesize - 1;
} else {
if ($ranges[$key][2] == '' || $ranges[$key][2] > $filesize - 1) {
//fix range length
$ranges[$key][2] = $filesize - 1;
}
}
if ($ranges[$key][2] != '' && $ranges[$key][2] < $ranges[$key][1]) {
//invalid byte-range ==> ignore header
$ranges = false;
break;
}
//prepare multipart header
$ranges[$key][0] = "\r\n--" . BYTESERVING_BOUNDARY . "\r\nContent-Type: {$mimetype}\r\n";
$ranges[$key][0] .= "Content-Range: bytes {$ranges[$key][1]}-{$ranges[$key][2]}/{$filesize}\r\n\r\n";
}
} else {
$ranges = false;
}
if ($ranges) {
byteserving_send_file($stored_file->get_content_file_handle(), $mimetype, $ranges, $filesize);
}
}
} else {
/// Do not byteserve (disabled, strings, text and html files).
header('Accept-Ranges: none');
}
} else {
// Do not cache files in proxies and browsers
if (strpos($CFG->wwwroot, 'https://') === 0) {
//https sites - watch out for IE! KB812935 and KB316431
header('Cache-Control: max-age=10');
header('Expires: ' . gmdate('D, d M Y H:i:s', 0) . ' GMT');
header('Pragma: ');
} else {
//normal http - prevent caching at all cost
header('Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0');
header('Expires: ' . gmdate('D, d M Y H:i:s', 0) . ' GMT');
header('Pragma: no-cache');
}
header('Accept-Ranges: none');
// Do not allow byteserving when caching disabled
}
if (empty($filter)) {
$filtered = false;
if ($mimetype == 'text/html' && !empty($CFG->usesid)) {
//cookieless mode - rewrite links
header('Content-Type: text/html');
$text = $stored_file->get_content();
$text = sid_ob_rewrite($text);
$filesize = strlen($text);
$filtered = true;
} else {
if ($mimetype == 'text/plain') {
header('Content-Type: Text/plain; charset=utf-8');
//add encoding
} else {
header('Content-Type: ' . $mimetype);
}
}
header('Content-Length: ' . $filesize);
//flush the buffers - save memory and disable sid rewrite
//this also disables zlib compression
prepare_file_content_sending();
// send the contents
if ($filtered) {
echo $text;
} else {
$stored_file->readfile();
}
} else {
// Try to put the file through filters
if ($mimetype == 'text/html') {
$options = new stdClass();
$options->noclean = true;
$options->nocache = true;
// temporary workaround for MDL-5136
$text = $stored_file->get_content();
$text = file_modify_html_header($text);
$output = format_text($text, FORMAT_HTML, $options, $COURSE->id);
if (!empty($CFG->usesid)) {
//cookieless mode - rewrite links
$output = sid_ob_rewrite($output);
}
header('Content-Length: ' . strlen($output));
header('Content-Type: text/html');
//flush the buffers - save memory and disable sid rewrite
//this also disables zlib compression
prepare_file_content_sending();
// send the contents
echo $output;
} else {
if ($mimetype == 'text/plain' and $filter == 1) {
// only filter text if filter all files is selected
$options = new stdClass();
$options->newlines = false;
$options->noclean = true;
$text = $stored_file->get_content();
$output = '<pre>' . format_text($text, FORMAT_MOODLE, $options, $COURSE->id) . '</pre>';
if (!empty($CFG->usesid)) {
//cookieless mode - rewrite links
$output = sid_ob_rewrite($output);
}
header('Content-Length: ' . strlen($output));
header('Content-Type: text/html; charset=utf-8');
//add encoding
//flush the buffers - save memory and disable sid rewrite
//this also disables zlib compression
prepare_file_content_sending();
// send the contents
echo $output;
} else {
// Just send it out raw
header('Content-Length: ' . $filesize);
header('Content-Type: ' . $mimetype);
//flush the buffers - save memory and disable sid rewrite
//this also disables zlib compression
prepare_file_content_sending();
// send the contents
$stored_file->readfile();
}
}
}
if ($dontdie) {
return;
}
die;
//no more chars to output!!!
}
public function __authenticate($username, $password, $serviceshortname)
{
global $CFG, $DB;
//echo $OUTPUT->header();
if (!$CFG->enablewebservices) {
throw new moodle_exception('enablewsdescription', 'webservice');
}
$username = trim(textlib::strtolower($username));
if (is_restored_user($username)) {
throw new moodle_exception('restoredaccountresetpassword', 'webservice');
}
$user = authenticate_user_login($username, $password);
if (!empty($user)) {
//Non admin can not authenticate if maintenance mode
$hassiteconfig = has_capability('moodle/site:config', context_system::instance(), $user);
if (!empty($CFG->maintenance_enabled) and !$hassiteconfig) {
throw new moodle_exception('sitemaintenance', 'admin');
}
if (isguestuser($user)) {
throw new moodle_exception('noguest');
}
if (empty($user->confirmed)) {
throw new moodle_exception('usernotconfirmed', 'moodle', '', $user->username);
}
// check credential expiry
$userauth = get_auth_plugin($user->auth);
if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) {
$days2expire = $userauth->password_expire($user->username);
if (intval($days2expire) < 0) {
throw new moodle_exception('passwordisexpired', 'webservice');
}
}
// let enrol plugins deal with new enrolments if necessary
enrol_check_plugins($user);
// setup user session to check capability
session_set_user($user);
//check if the service exists and is enabled
$service = $DB->get_record('external_services', array('shortname' => $serviceshortname, 'enabled' => 1));
if (empty($service)) {
// will throw exception if no token found
throw new moodle_exception('servicenotavailable', 'webservice');
}
//check if there is any required system capability
if ($service->requiredcapability and !has_capability($service->requiredcapability, context_system::instance(), $user)) {
throw new moodle_exception('missingrequiredcapability', 'webservice', '', $service->requiredcapability);
}
//specific checks related to user restricted service
if ($service->restrictedusers) {
$authoriseduser = $DB->get_record('external_services_users', array('externalserviceid' => $service->id, 'userid' => $user->id));
if (empty($authoriseduser)) {
throw new moodle_exception('usernotallowed', 'webservice', '', $serviceshortname);
}
if (!empty($authoriseduser->validuntil) and $authoriseduser->validuntil < time()) {
throw new moodle_exception('invalidtimedtoken', 'webservice');
}
if (!empty($authoriseduser->iprestriction) and !address_in_subnet(getremoteaddr(), $authoriseduser->iprestriction)) {
throw new moodle_exception('invalidiptoken', 'webservice');
}
}
//Check if a token has already been created for this user and this service
//Note: this could be an admin created or an user created token.
// It does not really matter we take the first one that is valid.
$tokenssql = "SELECT t.id, t.sid, t.token, t.validuntil, t.iprestriction\n FROM {external_tokens} t\n WHERE t.userid = ? AND t.externalserviceid = ? AND t.tokentype = ?\n ORDER BY t.timecreated ASC";
$tokens = $DB->get_records_sql($tokenssql, array($user->id, $service->id, EXTERNAL_TOKEN_PERMANENT));
//A bit of sanity checks
foreach ($tokens as $key => $token) {
/// Checks related to a specific token. (script execution continue)
$unsettoken = false;
//if sid is set then there must be a valid associated session no matter the token type
if (!empty($token->sid)) {
$session = session_get_instance();
if (!$session->session_exists($token->sid)) {
//this token will never be valid anymore, delete it
$DB->delete_records('external_tokens', array('sid' => $token->sid));
$unsettoken = true;
}
}
//remove token if no valid anymore
//Also delete this wrong token (similar logic to the web service servers
// /webservice/lib.php/webservice_server::authenticate_by_token())
if (!empty($token->validuntil) and $token->validuntil < time()) {
$DB->delete_records('external_tokens', array('token' => $token->token, 'tokentype' => EXTERNAL_TOKEN_PERMANENT));
$unsettoken = true;
}
// remove token if its ip not in whitelist
if (isset($token->iprestriction) and !address_in_subnet(getremoteaddr(), $token->iprestriction)) {
$unsettoken = true;
}
if ($unsettoken) {
unset($tokens[$key]);
}
}
// if some valid tokens exist then use the most recent
if (count($tokens) > 0) {
$token = array_pop($tokens);
} else {
if ($serviceshortname == MOODLE_OFFICIAL_MOBILE_SERVICE and has_capability('moodle/webservice:createmobiletoken', get_system_context()) or !is_siteadmin($user) && has_capability('moodle/webservice:createtoken', get_system_context())) {
// if service doesn't exist, dml will throw exception
$service_record = $DB->get_record('external_services', array('shortname' => $serviceshortname, 'enabled' => 1), '*', MUST_EXIST);
// create a new token
$token = new stdClass();
$token->token = md5(uniqid(rand(), 1));
$token->userid = $user->id;
$token->tokentype = EXTERNAL_TOKEN_PERMANENT;
$token->contextid = context_system::instance()->id;
$token->creatorid = $user->id;
$token->timecreated = time();
$token->externalserviceid = $service_record->id;
$tokenid = $DB->insert_record('external_tokens', $token);
add_to_log(SITEID, 'webservice', 'automatically create user token', '', 'User ID: ' . $user->id);
$token->id = $tokenid;
} else {
throw new moodle_exception('cannotcreatetoken', 'webservice', '', $serviceshortname);
}
}
// log token access
$DB->set_field('external_tokens', 'lastaccess', time(), array('id' => $token->id));
add_to_log(SITEID, 'webservice', 'sending requested user token', '', 'User ID: ' . $user->id);
$usertoken = new stdClass();
$usertoken->token = $token->token;
//complete login process by activating session.
// To restrict the admin user to login into application
if (is_siteadmin($user)) {
$heIsAdmin = new stdClass();
$heIsAdmin->error = 'admin_user';
echo json_encode($heIsAdmin);
die;
}
Login::__app_complete_user_login($user);
$forcePasswordChangesql = "SELECT up.userid\n FROM {user_preferences} up\n WHERE up.userid = ? AND up.name = ? AND up.value = ?";
$forcePasswordChange = $DB->get_records_sql($forcePasswordChangesql, array($user->id, 'auth_forcepasswordchange', 1));
//User Update Profile starts here
$admins = get_admins();
$currentAdmin = end($admins);
$admintokensql = "SELECT et.token\n FROM {external_tokens} et\n WHERE et.userid = ?";
$currrentAdminToken = $DB->get_records_sql($admintokensql, array($currentAdmin->id), 0, 1);
$unique_key = substr(md5(mt_rand(0, 1000000)), 0, 7);
$keys = array_keys($currrentAdminToken);
$appuser = new stdClass();
$user->token = $token->token;
$user->forcePasswordChange = !empty($forcePasswordChange) ? true : false;
$user->updateProfile = substr($unique_key, 0, 3) . $keys[0] . substr($unique_key, 3, 7);
//Get User role
$rolesql = "SELECT id\n FROM {role} \n WHERE shortname = ?";
$roleid = array_values($DB->get_records_sql($rolesql, array('reportuser')));
$reportuser = array_values($DB->get_records_sql("SELECT id FROM {role_assignments} WHERE roleid=" . $roleid[0]->id . " AND userid=" . $user->id . ""));
if ($reportuser[0]->id != '') {
$user->role = 'reportuser';
} else {
$user->role = '';
}
//User Update Profile ends here
unset($user->password);
$appuser->USER = $user;
$user->country_value = $user->country;
$user->country = get_string($user->country, 'countries');
echo json_encode($appuser);
} else {
throw new moodle_exception('usernamenotfound', 'moodle');
}
}
public function send_file($filearea, $args)
{
global $USER;
require_capability('mod/assignment:view', $this->context);
$fullpath = "/{$this->context->id}/mod_assignment/{$filearea}/" . implode('/', $args);
$fs = get_file_storage();
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
if ($USER->id != $file->get_userid() && !has_capability('mod/assignment:grade', $this->context)) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, true);
}
/**
* This function just makes sure a user is logged out.
*
* @global object
*/
function require_logout()
{
global $USER;
$params = $USER;
if (isloggedin()) {
add_to_log(SITEID, "user", "logout", "view.php?id={$USER->id}&course=" . SITEID, $USER->id, 0, $USER->id);
$authsequence = get_enabled_auth_plugins();
// auths, in sequence
foreach ($authsequence as $authname) {
$authplugin = get_auth_plugin($authname);
$authplugin->prelogout_hook();
}
}
events_trigger('user_logout', $params);
session_get_instance()->terminate_current();
unset($params);
}
session_get_instance()->write_close();
send_stored_file($file, 60*60, 0, $forcedownload);
} else if ($filearea === 'automated' and $context->contextlevel == CONTEXT_COURSE) {
// Backup files that were generated by the automated backup systems.
require_login($course);
require_capability('moodle/site:config', $context);
$filename = array_pop($args);
$filepath = $args ? '/'.implode('/', $args).'/' : '/';
if (!$file = $fs->get_file($context->id, 'backup', 'automated', 0, $filepath, $filename) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close(); // unlock session during fileserving
send_stored_file($file, 0, 0, $forcedownload);
} else {
send_file_not_found();
}
// ========================================================================================================================
} else if ($component === 'question') {
require_once($CFG->libdir . '/questionlib.php');
question_pluginfile($course, $context, 'question', $filearea, $args, $forcedownload);
send_file_not_found();
// ========================================================================================================================
} else if (strpos($component, 'mod_') === 0) {
$modname = substr($component, 4);
/**
* A small functional test of accesslib functions and classes.
*/
public function test_everything_in_accesslib()
{
global $USER, $SITE, $CFG, $DB, $ACCESSLIB_PRIVATE;
// First of all finalize the session, we must not carry over any of this mess to the next page via SESSION!!!
session_get_instance()->write_close();
// hack - this is going to take very long time
set_time_limit(3600);
// Get rid of current user that would not work anyway,
// do NOT even think about using $this->switch_global_user_id()!
if (!isset($this->accesslibprevuser)) {
$this->accesslibprevuser = clone $USER;
$USER = new stdClass();
$USER->id = 0;
}
// Backup $SITE global
if (!isset($this->accesslibprevsite)) {
$this->accesslibprevsite = $SITE;
}
// Switch DB, if it somehow fails or you specified wrong unittest prefix it will nuke real data, you have been warned!
$this->switch_to_test_db();
// Let's switch the CFG
$prevcfg = clone $CFG;
$this->switch_to_test_cfg();
$CFG->config_php_settings = $prevcfg->config_php_settings;
$CFG->noemailever = true;
$CFG->admin = $prevcfg->admin;
$CFG->lang = 'en';
$CFG->tempdir = $prevcfg->tempdir;
$CFG->cachedir = $prevcfg->cachedir;
$CFG->directorypermissions = $prevcfg->directorypermissions;
$CFG->filepermissions = $prevcfg->filepermissions;
// Reset all caches
accesslib_clear_all_caches_for_unit_testing();
// Add some core tables - this is known to break constantly because we keep adding dependencies...
$tablenames = array('config', 'config_plugins', 'modules', 'course', 'course_modules', 'course_sections', 'course_categories', 'mnet_host', 'mnet_application', 'capabilities', 'context', 'context_temp', 'role', 'role_capabilities', 'role_allow_switch', 'license', 'my_pages', 'block', 'block_instances', 'block_positions', 'role_allow_assign', 'role_allow_override', 'role_assignments', 'role_context_levels', 'enrol', 'user_enrolments', 'filter_active', 'filter_config', 'comments', 'user', 'groups_members', 'cache_flags', 'events_handlers', 'user_lastaccess', 'rating', 'files', 'role_names', 'user_preferences');
$this->create_test_tables($tablenames, 'lib');
// Create all core default records and default settings
require_once "{$CFG->libdir}/db/install.php";
xmldb_main_install();
// installs the capabilities too
// Fake mod_page install
$tablenames = array('page');
$this->create_test_tables($tablenames, 'mod/page');
$module = new stdClass();
require $CFG->dirroot . '/mod/page/version.php';
$module->name = 'page';
$pagemoduleid = $DB->insert_record('modules', $module);
update_capabilities('mod_page');
// Fake block_online_users install
$plugin = new stdClass();
$plugin->version = NULL;
$plugin->cron = 0;
include $CFG->dirroot . '/blocks/online_users/version.php';
$plugin->name = 'online_users';
$onlineusersblockid = $DB->insert_record('block', $plugin);
update_capabilities('block_online_users');
// Finish roles setup
set_config('defaultfrontpageroleid', $DB->get_field('role', 'id', array('archetype' => 'frontpage')));
set_config('defaultuserroleid', $DB->get_field('role', 'id', array('archetype' => 'user')));
set_config('notloggedinroleid', $DB->get_field('role', 'id', array('archetype' => 'guest')));
set_config('rolesactive', 1);
// Init manual enrol
set_config('status', ENROL_INSTANCE_ENABLED, 'enrol_manual');
set_config('defaultperiod', 0, 'enrol_manual');
$manualenrol = enrol_get_plugin('manual');
// Fill the site with some real data
$testcategories = array();
$testcourses = array();
$testpages = array();
$testblocks = array();
$allroles = $DB->get_records_menu('role', array(), 'id', 'archetype, id');
$systemcontext = context_system::instance();
$frontpagecontext = context_course::instance(SITEID);
// Add block to system context
$bi = new stdClass();
$bi->blockname = 'online_users';
$bi->parentcontextid = $systemcontext->id;
$bi->showinsubcontexts = 1;
$bi->pagetypepattern = '';
$bi->subpagepattern = '';
$bi->defaultregion = '';
$bi->defaultweight = 0;
$bi->configdata = '';
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
$testblocks[] = $biid;
// Some users
$testusers = array();
for ($i = 0; $i < 20; $i++) {
$user = new stdClass();
$user->auth = 'manual';
$user->firstname = 'user' . $i;
$user->lastname = 'user' . $i;
$user->username = '******' . $i;
$user->password = '******';
$user->email = "user{$i}@example.com";
$user->confirmed = 1;
$user->mnethostid = $CFG->mnet_localhost_id;
$user->lang = $CFG->lang;
$user->maildisplay = 1;
$user->timemodified = time();
$user->deleted = 0;
$user->lastip = '0.0.0.0';
$userid = $DB->insert_record('user', $user);
$testusers[$i] = $userid;
$usercontext = context_user::instance($userid);
// Add block to user profile
$bi->parentcontextid = $usercontext->id;
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
$testblocks[] = $biid;
}
// Deleted user - should be ignored everywhere, can not have context
$user = new stdClass();
$user->auth = 'manual';
$user->firstname = '';
$user->lastname = '';
$user->username = '******';
$user->password = '';
$user->email = '';
$user->confirmed = 1;
$user->mnethostid = $CFG->mnet_localhost_id;
$user->lang = $CFG->lang;
$user->maildisplay = 1;
$user->timemodified = time();
$user->deleted = 1;
$user->lastip = '0.0.0.0';
$DB->insert_record('user', $user);
unset($user);
// Add block to frontpage
$bi->parentcontextid = $frontpagecontext->id;
$biid = $DB->insert_record('block_instances', $bi);
$frontpageblockcontext = context_block::instance($biid);
$testblocks[] = $biid;
// Add a resource to frontpage
$page = new stdClass();
$page->course = $SITE->id;
$page->intro = '...';
$page->introformat = FORMAT_HTML;
$page->content = '...';
$page->contentformat = FORMAT_HTML;
$pageid = $DB->insert_record('page', $page);
$testpages[] = $pageid;
$cm = new stdClass();
$cm->course = $SITE->id;
$cm->module = $pagemoduleid;
$cm->section = 1;
$cm->instance = $pageid;
$cmid = $DB->insert_record('course_modules', $cm);
$frontpagepagecontext = context_module::instance($cmid);
// Add block to frontpage resource
$bi->parentcontextid = $frontpagepagecontext->id;
$biid = $DB->insert_record('block_instances', $bi);
$frontpagepageblockcontext = context_block::instance($biid);
$testblocks[] = $biid;
// Some nested course categories with courses
require_once "{$CFG->dirroot}/course/lib.php";
$path = '';
$parentcat = 0;
for ($i = 0; $i < 5; $i++) {
$cat = new stdClass();
$cat->name = 'category' . $i;
$cat->parent = $parentcat;
$cat->depth = $i + 1;
$cat->sortorder = MAX_COURSES_IN_CATEGORY * ($i + 2);
$cat->timemodified = time();
$catid = $DB->insert_record('course_categories', $cat);
$path = $path . '/' . $catid;
$DB->set_field('course_categories', 'path', $path, array('id' => $catid));
$parentcat = $catid;
$testcategories[] = $catid;
$catcontext = context_coursecat::instance($catid);
if ($i >= 4) {
continue;
}
// Add resource to each category
$bi->parentcontextid = $catcontext->id;
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
// Add a few courses to each category
for ($j = 0; $j < 6; $j++) {
$course = new stdClass();
$course->fullname = 'course' . $j;
$course->shortname = 'c' . $j;
$course->summary = 'bah bah bah';
$course->newsitems = 0;
$course->numsections = 1;
$course->category = $catid;
$course->format = 'topics';
$course->timecreated = time();
$course->visible = 1;
$course->timemodified = $course->timecreated;
$courseid = $DB->insert_record('course', $course);
$section = new stdClass();
$section->course = $courseid;
$section->section = 0;
$section->summaryformat = FORMAT_HTML;
$DB->insert_record('course_sections', $section);
$section->section = 1;
$DB->insert_record('course_sections', $section);
$testcourses[] = $courseid;
$coursecontext = context_course::instance($courseid);
if ($j >= 5) {
continue;
}
// Add manual enrol instance
$manualenrol->add_default_instance($DB->get_record('course', array('id' => $courseid)));
// Add block to each course
$bi->parentcontextid = $coursecontext->id;
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
$testblocks[] = $biid;
// Add a resource to each course
$page->course = $courseid;
$pageid = $DB->insert_record('page', $page);
$testpages[] = $pageid;
$cm->course = $courseid;
$cm->instance = $pageid;
$cm->id = $DB->insert_record('course_modules', $cm);
$modcontext = context_module::instance($cm->id);
// Add block to each module
$bi->parentcontextid = $modcontext->id;
$biid = $DB->insert_record('block_instances', $bi);
context_block::instance($biid);
$testblocks[] = $biid;
}
}
// Make sure all contexts were created properly
$count = 1;
//system
$count += $DB->count_records('user', array('deleted' => 0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEqual($DB->count_records('context'), $count);
$this->assertEqual($DB->count_records('context', array('depth' => 0)), 0);
$this->assertEqual($DB->count_records('context', array('path' => NULL)), 0);
// ====== context_helper::get_level_name() ================================
$levels = context_helper::get_all_levels();
foreach ($levels as $level => $classname) {
$name = context_helper::get_level_name($level);
$this->assertFalse(empty($name));
}
// ======= context::instance_by_id(), context_xxx::instance();
$context = context::instance_by_id($frontpagecontext->id);
$this->assertidentical($context->contextlevel, CONTEXT_COURSE);
$this->assertFalse(context::instance_by_id(-1, IGNORE_MISSING));
try {
context::instance_by_id(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$this->assertTrue(context_system::instance() instanceof context_system);
$this->assertTrue(context_coursecat::instance($testcategories[0]) instanceof context_coursecat);
$this->assertTrue(context_course::instance($testcourses[0]) instanceof context_course);
$this->assertTrue(context_module::instance($testpages[0]) instanceof context_module);
$this->assertTrue(context_block::instance($testblocks[0]) instanceof context_block);
$this->assertFalse(context_coursecat::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_course::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_module::instance(-1, IGNORE_MISSING));
$this->assertFalse(context_block::instance(-1, IGNORE_MISSING));
try {
context_coursecat::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_course::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_module::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
try {
context_block::instance(-1);
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
// ======= $context->get_url(), $context->get_context_name(), $context->get_capabilities() =========
$testcontexts = array();
$testcontexts[CONTEXT_SYSTEM] = context_system::instance();
$testcontexts[CONTEXT_COURSECAT] = context_coursecat::instance($testcategories[0]);
$testcontexts[CONTEXT_COURSE] = context_course::instance($testcourses[0]);
$testcontexts[CONTEXT_MODULE] = context_module::instance($testpages[0]);
$testcontexts[CONTEXT_BLOCK] = context_block::instance($testblocks[0]);
foreach ($testcontexts as $context) {
$name = $context->get_context_name(true, true);
$this->assertFalse(empty($name));
$this->assertTrue($context->get_url() instanceof moodle_url);
$caps = $context->get_capabilities();
$this->assertTrue(is_array($caps));
foreach ($caps as $cap) {
$cap = (array) $cap;
$this->assertIdentical(array_keys($cap), array('id', 'name', 'captype', 'contextlevel', 'component', 'riskbitmask'));
}
}
unset($testcontexts);
// ===== $context->get_course_context() =========================================
$this->assertFalse($systemcontext->get_course_context(false));
try {
$systemcontext->get_course_context();
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$context = context_coursecat::instance($testcategories[0]);
$this->assertFalse($context->get_course_context(false));
try {
$context->get_course_context();
$this->fail('exception expected');
} catch (Exception $e) {
$this->assertTrue(true);
}
$this->assertIdentical($frontpagecontext->get_course_context(true), $frontpagecontext);
$this->assertIdentical($frontpagepagecontext->get_course_context(true), $frontpagecontext);
$this->assertIdentical($frontpagepageblockcontext->get_course_context(true), $frontpagecontext);
// ======= $context->get_parent_context(), $context->get_parent_contexts(), $context->get_parent_context_ids() =======
$userid = reset($testusers);
$usercontext = context_user::instance($userid);
$this->assertIdentical($usercontext->get_parent_context(), $systemcontext);
$this->assertIdentical($usercontext->get_parent_contexts(), array($systemcontext->id => $systemcontext));
$this->assertIdentical($usercontext->get_parent_contexts(true), array($usercontext->id => $usercontext, $systemcontext->id => $systemcontext));
$this->assertIdentical($systemcontext->get_parent_contexts(), array());
$this->assertIdentical($systemcontext->get_parent_contexts(true), array($systemcontext->id => $systemcontext));
$this->assertIdentical($systemcontext->get_parent_context_ids(), array());
$this->assertIdentical($systemcontext->get_parent_context_ids(true), array($systemcontext->id));
$this->assertIdentical($frontpagecontext->get_parent_context(), $systemcontext);
$this->assertIdentical($frontpagecontext->get_parent_contexts(), array($systemcontext->id => $systemcontext));
$this->assertIdentical($frontpagecontext->get_parent_contexts(true), array($frontpagecontext->id => $frontpagecontext, $systemcontext->id => $systemcontext));
$this->assertIdentical($frontpagecontext->get_parent_context_ids(), array($systemcontext->id));
$this->assertEqual($frontpagecontext->get_parent_context_ids(true), array($frontpagecontext->id, $systemcontext->id));
$this->assertIdentical($systemcontext->get_parent_context(), false);
$frontpagecontext = context_course::instance($SITE->id);
$parent = $systemcontext;
foreach ($testcategories as $catid) {
$catcontext = context_coursecat::instance($catid);
$this->assertIdentical($catcontext->get_parent_context(), $parent);
$parent = $catcontext;
}
$this->assertIdentical($frontpagepagecontext->get_parent_context(), $frontpagecontext);
$this->assertIdentical($frontpageblockcontext->get_parent_context(), $frontpagecontext);
$this->assertIdentical($frontpagepageblockcontext->get_parent_context(), $frontpagepagecontext);
// ====== $context->get_child_contexts() ================================
$children = $systemcontext->get_child_contexts();
$this->assertEqual(count($children) + 1, $DB->count_records('context'));
$context = context_coursecat::instance($testcategories[3]);
$children = $context->get_child_contexts();
$countcats = 0;
$countcourses = 0;
$countblocks = 0;
foreach ($children as $child) {
if ($child->contextlevel == CONTEXT_COURSECAT) {
$countcats++;
}
if ($child->contextlevel == CONTEXT_COURSE) {
$countcourses++;
}
if ($child->contextlevel == CONTEXT_BLOCK) {
$countblocks++;
}
}
$this->assertEqual(count($children), 8);
$this->assertEqual($countcats, 1);
$this->assertEqual($countcourses, 6);
$this->assertEqual($countblocks, 1);
$context = context_course::instance($testcourses[2]);
$children = $context->get_child_contexts();
$this->assertEqual(count($children), 3);
$context = context_module::instance($testpages[3]);
$children = $context->get_child_contexts();
$this->assertEqual(count($children), 1);
$context = context_block::instance($testblocks[1]);
$children = $context->get_child_contexts();
$this->assertEqual(count($children), 0);
unset($children);
unset($countcats);
unset($countcourses);
unset($countblocks);
// ======= context_helper::reset_caches() ============================
context_helper::reset_caches();
$this->assertEqual(context_inspection::test_context_cache_size(), 0);
context_course::instance($SITE->id);
$this->assertEqual(context_inspection::test_context_cache_size(), 1);
// ======= context preloading ========================================
context_helper::reset_caches();
$sql = "SELECT " . context_helper::get_preload_record_columns_sql('c') . "\n FROM {context} c\n WHERE c.contextlevel <> " . CONTEXT_SYSTEM;
$records = $DB->get_records_sql($sql);
$firstrecord = reset($records);
$columns = context_helper::get_preload_record_columns('c');
$firstrecord = (array) $firstrecord;
$this->assertIdentical(array_keys($firstrecord), array_values($columns));
context_helper::reset_caches();
foreach ($records as $record) {
context_helper::preload_from_record($record);
$this->assertIdentical($record, new stdClass());
}
$this->assertEqual(context_inspection::test_context_cache_size(), count($records));
unset($records);
unset($columns);
context_helper::reset_caches();
context_helper::preload_course($SITE->id);
$this->assertEqual(context_inspection::test_context_cache_size(), 4);
// ====== assign_capability(), unassign_capability() ====================
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertFalse($rc);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $allroles['teacher'], $frontpagecontext->id);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertEqual($rc->permission, CAP_ALLOW);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $allroles['teacher'], $frontpagecontext->id);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertEqual($rc->permission, CAP_ALLOW);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $allroles['teacher'], $frontpagecontext, true);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertEqual($rc->permission, CAP_PREVENT);
assign_capability('moodle/site:accessallgroups', CAP_INHERIT, $allroles['teacher'], $frontpagecontext);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertFalse($rc);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $allroles['teacher'], $frontpagecontext);
unassign_capability('moodle/site:accessallgroups', $allroles['teacher'], $frontpagecontext, true);
$rc = $DB->get_record('role_capabilities', array('contextid' => $frontpagecontext->id, 'roleid' => $allroles['teacher'], 'capability' => 'moodle/site:accessallgroups'));
$this->assertFalse($rc);
unassign_capability('moodle/site:accessallgroups', $allroles['teacher'], $frontpagecontext->id, true);
unset($rc);
accesslib_clear_all_caches(false);
// must be done after assign_capability()
// ======= role_assign(), role_unassign(), role_unassign_all() ==============
$context = context_course::instance($testcourses[1]);
$this->assertEqual($DB->count_records('role_assignments', array('contextid' => $context->id)), 0);
role_assign($allroles['teacher'], $testusers[1], $context->id);
role_assign($allroles['teacher'], $testusers[2], $context->id);
role_assign($allroles['manager'], $testusers[1], $context->id);
$this->assertEqual($DB->count_records('role_assignments', array('contextid' => $context->id)), 3);
role_unassign($allroles['teacher'], $testusers[1], $context->id);
$this->assertEqual($DB->count_records('role_assignments', array('contextid' => $context->id)), 2);
role_unassign_all(array('contextid' => $context->id));
$this->assertEqual($DB->count_records('role_assignments', array('contextid' => $context->id)), 0);
unset($context);
accesslib_clear_all_caches(false);
// just in case
// ====== has_capability(), get_users_by_capability(), role_switch(), reload_all_capabilities() and friends ========================
$adminid = get_admin()->id;
$guestid = $CFG->siteguest;
// Enrol some users into some courses
$course1 = $DB->get_record('course', array('id' => $testcourses[22]), '*', MUST_EXIST);
$course2 = $DB->get_record('course', array('id' => $testcourses[7]), '*', MUST_EXIST);
$cms = $DB->get_records('course_modules', array('course' => $course1->id), 'id');
$cm1 = reset($cms);
$blocks = $DB->get_records('block_instances', array('parentcontextid' => context_module::instance($cm1->id)->id), 'id');
$block1 = reset($blocks);
$instance1 = $DB->get_record('enrol', array('enrol' => 'manual', 'courseid' => $course1->id));
$instance2 = $DB->get_record('enrol', array('enrol' => 'manual', 'courseid' => $course2->id));
for ($i = 0; $i < 9; $i++) {
$manualenrol->enrol_user($instance1, $testusers[$i], $allroles['student']);
}
$manualenrol->enrol_user($instance1, $testusers[8], $allroles['teacher']);
$manualenrol->enrol_user($instance1, $testusers[9], $allroles['editingteacher']);
for ($i = 10; $i < 15; $i++) {
$manualenrol->enrol_user($instance2, $testusers[$i], $allroles['student']);
}
$manualenrol->enrol_user($instance2, $testusers[15], $allroles['editingteacher']);
// Add tons of role assignments - the more the better
role_assign($allroles['coursecreator'], $testusers[11], context_coursecat::instance($testcategories[2]));
role_assign($allroles['manager'], $testusers[12], context_coursecat::instance($testcategories[1]));
role_assign($allroles['student'], $testusers[9], context_module::instance($cm1->id));
role_assign($allroles['teacher'], $testusers[8], context_module::instance($cm1->id));
role_assign($allroles['guest'], $testusers[13], context_course::instance($course1->id));
role_assign($allroles['teacher'], $testusers[7], context_block::instance($block1->id));
role_assign($allroles['manager'], $testusers[9], context_block::instance($block1->id));
role_assign($allroles['editingteacher'], $testusers[9], context_course::instance($course1->id));
role_assign($allroles['teacher'], $adminid, context_course::instance($course1->id));
role_assign($allroles['editingteacher'], $adminid, context_block::instance($block1->id));
// Add tons of overrides - the more the better
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultuserroleid, $frontpageblockcontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpageblockcontext, true);
assign_capability('moodle/block:view', CAP_PROHIBIT, $allroles['guest'], $frontpageblockcontext, true);
assign_capability('block/online_users:viewlist', CAP_PREVENT, $allroles['user'], $frontpageblockcontext, true);
assign_capability('block/online_users:viewlist', CAP_PREVENT, $allroles['student'], $frontpageblockcontext, true);
assign_capability('moodle/site:accessallgroups', CAP_PREVENT, $CFG->defaultuserroleid, $frontpagepagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpagepagecontext, true);
assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $frontpagepagecontext, true);
assign_capability('mod/page:view', CAP_ALLOW, $allroles['user'], $frontpagepagecontext, true);
assign_capability('moodle/page:view', CAP_ALLOW, $allroles['student'], $frontpagepagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultuserroleid, $frontpagecontext, true);
assign_capability('moodle/site:accessallgroups', CAP_ALLOW, $CFG->defaultfrontpageroleid, $frontpagecontext, true);
assign_capability('mod/page:view', CAP_ALLOW, $allroles['guest'], $frontpagecontext, true);
assign_capability('mod/page:view', CAP_PROHIBIT, $allroles['user'], $frontpagecontext, true);
assign_capability('mod/page:view', CAP_PREVENT, $allroles['guest'], $systemcontext, true);
accesslib_clear_all_caches(false);
// must be done after assign_capability()
// Extra tests for guests and not-logged-in users because they can not be verified by cross checking
// with get_users_by_capability() where they are ignored
$this->assertFalse(has_capability('moodle/block:view', $frontpageblockcontext, $guestid));
$this->assertFalse(has_capability('mod/page:view', $frontpagepagecontext, $guestid));
$this->assertTrue(has_capability('mod/page:view', $frontpagecontext, $guestid));
$this->assertFalse(has_capability('mod/page:view', $systemcontext, $guestid));
$this->assertFalse(has_capability('moodle/block:view', $frontpageblockcontext, 0));
$this->assertFalse(has_capability('mod/page:view', $frontpagepagecontext, 0));
$this->assertTrue(has_capability('mod/page:view', $frontpagecontext, 0));
$this->assertFalse(has_capability('mod/page:view', $systemcontext, 0));
$this->assertFalse(has_capability('moodle/course:create', $systemcontext, $testusers[11]));
$this->assertTrue(has_capability('moodle/course:create', context_coursecat::instance($testcategories[2]), $testusers[11]));
$this->assertFalse(has_capability('moodle/course:create', context_course::instance($testcourses[1]), $testusers[11]));
$this->assertTrue(has_capability('moodle/course:create', context_course::instance($testcourses[19]), $testusers[11]));
$this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[1]), $testusers[9]));
$this->assertFalse(has_capability('moodle/course:update', context_course::instance($testcourses[19]), $testusers[9]));
$this->assertFalse(has_capability('moodle/course:update', $systemcontext, $testusers[9]));
// Test the list of enrolled users
$coursecontext = context_course::instance($course1->id);
$enrolled = get_enrolled_users($coursecontext);
$this->assertEqual(count($enrolled), 10);
for ($i = 0; $i < 10; $i++) {
$this->assertTrue(isset($enrolled[$testusers[$i]]));
}
$enrolled = get_enrolled_users($coursecontext, 'moodle/course:update');
$this->assertEqual(count($enrolled), 1);
$this->assertTrue(isset($enrolled[$testusers[9]]));
unset($enrolled);
// role switching
$userid = $testusers[9];
$USER = $DB->get_record('user', array('id' => $userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
$this->assertFalse(is_role_switched($course1->id));
role_switch($allroles['student'], $coursecontext);
$this->assertTrue(is_role_switched($course1->id));
$this->assertEqual($USER->access['rsw'][$coursecontext->path], $allroles['student']);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
role_switch(0, $coursecontext);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
$userid = $adminid;
$USER = $DB->get_record('user', array('id' => $userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$blockcontext = context_block::instance($block1->id);
$this->assertTrue(has_capability('moodle/course:update', $blockcontext));
role_switch($allroles['student'], $coursecontext);
$this->assertEqual($USER->access['rsw'][$coursecontext->path], $allroles['student']);
$this->assertFalse(has_capability('moodle/course:update', $blockcontext));
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $blockcontext));
load_all_capabilities();
$this->assertTrue(has_capability('moodle/course:update', $blockcontext));
// temp course role for enrol
$DB->delete_records('cache_flags', array());
// this prevents problem with dirty contexts immediately resetting the temp role - this is a known problem...
$userid = $testusers[5];
$roleid = $allroles['editingteacher'];
$USER = $DB->get_record('user', array('id' => $userid));
load_all_capabilities();
$coursecontext = context_course::instance($course1->id);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext));
$this->assertFalse(isset($USER->access['ra'][$coursecontext->path][$roleid]));
load_temp_course_role($coursecontext, $roleid);
$this->assertEqual($USER->access['ra'][$coursecontext->path][$roleid], $roleid);
$this->assertTrue(has_capability('moodle/course:update', $coursecontext));
remove_temp_course_roles($coursecontext);
$this->assertFalse(has_capability('moodle/course:update', $coursecontext, $userid));
load_temp_course_role($coursecontext, $roleid);
reload_all_capabilities();
$this->assertFalse(has_capability('moodle/course:update', $coursecontext, $userid));
$USER = new stdClass();
$USER->id = 0;
// Now cross check has_capability() with get_users_by_capability(), each using different code paths,
// they have to be kept in sync, usually only one of them breaks, so we know when something is wrong,
// at the same time validate extra restrictions (guest read only no risks, admin exception, non existent and deleted users)
$contexts = $DB->get_records('context', array(), 'id');
$contexts = array_values($contexts);
$capabilities = $DB->get_records('capabilities', array(), 'id');
$capabilities = array_values($capabilities);
$roles = array($allroles['guest'], $allroles['user'], $allroles['teacher'], $allroles['editingteacher'], $allroles['coursecreator'], $allroles['manager']);
// Random time!
srand(666);
foreach ($testusers as $userid) {
// no guest or deleted
// each user gets 0-20 random roles
$rcount = rand(0, 10);
for ($j = 0; $j < $rcount; $j++) {
$roleid = $roles[rand(0, count($roles) - 1)];
$contextid = $contexts[rand(0, count($contexts) - 1)]->id;
role_assign($roleid, $userid, $contextid);
}
}
$permissions = array(CAP_ALLOW, CAP_PREVENT, CAP_INHERIT, CAP_PREVENT);
for ($j = 0; $j < 10000; $j++) {
$roleid = $roles[rand(0, count($roles) - 1)];
$contextid = $contexts[rand(0, count($contexts) - 1)]->id;
$permission = $permissions[rand(0, count($permissions) - 1)];
$capname = $capabilities[rand(0, count($capabilities) - 1)]->name;
assign_capability($capname, $permission, $roleid, $contextid, true);
}
unset($permissions);
unset($roles);
unset($contexts);
unset($users);
unset($capabilities);
accesslib_clear_all_caches(false);
// must be done after assign_capability()
// Test time - let's set up some real user, just in case the logic for USER affects the others...
$USER = $DB->get_record('user', array('id' => $testusers[3]));
load_all_capabilities();
$contexts = $DB->get_records('context', array(), 'id');
$users = $DB->get_records('user', array(), 'id', 'id');
$capabilities = $DB->get_records('capabilities', array(), 'id');
$users[0] = null;
// not-logged-in user
$users[-1] = null;
// non-existent user
foreach ($contexts as $crecord) {
$context = context::instance_by_id($crecord->id);
if ($coursecontext = $context->get_course_context(false)) {
$enrolled = get_enrolled_users($context);
} else {
$enrolled = array();
}
foreach ($capabilities as $cap) {
$allowed = get_users_by_capability($context, $cap->name, 'u.id, u.username');
if ($enrolled) {
$enrolledwithcap = get_enrolled_users($context, $cap->name);
} else {
$enrolledwithcap = array();
}
foreach ($users as $userid => $unused) {
if ($userid == 0 or isguestuser($userid)) {
if ($userid == 0) {
$CFG->forcelogin = true;
$this->assertFalse(has_capability($cap->name, $context, $userid));
unset($CFG->forcelogin);
}
if ($cap->captype === 'write' or $cap->riskbitmask & (RISK_XSS | RISK_CONFIG | RISK_DATALOSS)) {
$this->assertFalse(has_capability($cap->name, $context, $userid));
}
$this->assertFalse(isset($allowed[$userid]));
} else {
if (is_siteadmin($userid)) {
$this->assertTrue(has_capability($cap->name, $context, $userid, true));
}
$hascap = has_capability($cap->name, $context, $userid, false);
$this->assertIdentical($hascap, isset($allowed[$userid]), "Capability result mismatch user:{$userid}, context:{$context->id}, {$cap->name}, hascap: " . (int) $hascap . " ");
if (isset($enrolled[$userid])) {
$this->assertIdentical(isset($allowed[$userid]), isset($enrolledwithcap[$userid]), "Enrolment with capability result mismatch user:{$userid}, context:{$context->id}, {$cap->name}, hascap: " . (int) $hascap . " ");
}
}
}
}
}
// Back to nobody
$USER = new stdClass();
$USER->id = 0;
unset($contexts);
unset($users);
unset($capabilities);
// Now let's do all the remaining tests that break our carefully prepared fake site
// ======= $context->mark_dirty() =======================================
$DB->delete_records('cache_flags', array());
accesslib_clear_all_caches(false);
$systemcontext->mark_dirty();
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$systemcontext->path]));
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$systemcontext->path]));
// ======= $context->reload_if_dirty(); =================================
$DB->delete_records('cache_flags', array());
accesslib_clear_all_caches(false);
load_all_capabilities();
$context = context_course::instance($testcourses[2]);
$page = $DB->get_record('page', array('course' => $testcourses[2]));
$pagecontext = context_module::instance($page->id);
$context->mark_dirty();
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$context->path]));
$USER->access['test'] = true;
$context->reload_if_dirty();
$this->assertFalse(isset($USER->access['test']));
$context->mark_dirty();
$this->assertTrue(isset($ACCESSLIB_PRIVATE->dirtycontexts[$context->path]));
$USER->access['test'] = true;
$pagecontext->reload_if_dirty();
$this->assertFalse(isset($USER->access['test']));
// ======= context_helper::build_all_paths() ============================
$oldcontexts = $DB->get_records('context', array(), 'id');
$DB->set_field_select('context', 'path', NULL, "contextlevel <> " . CONTEXT_SYSTEM);
$DB->set_field_select('context', 'depth', 0, "contextlevel <> " . CONTEXT_SYSTEM);
context_helper::build_all_paths();
$newcontexts = $DB->get_records('context', array(), 'id');
$this->assertIdentical($oldcontexts, $newcontexts);
unset($oldcontexts);
unset($newcontexts);
// ======= $context->reset_paths() ======================================
$context = context_course::instance($testcourses[2]);
$children = $context->get_child_contexts();
$context->reset_paths(false);
$this->assertIdentical($DB->get_field('context', 'path', array('id' => $context->id)), NULL);
$this->assertEqual($DB->get_field('context', 'depth', array('id' => $context->id)), 0);
foreach ($children as $child) {
$this->assertIdentical($DB->get_field('context', 'path', array('id' => $child->id)), NULL);
$this->assertEqual($DB->get_field('context', 'depth', array('id' => $child->id)), 0);
}
$this->assertEqual(count($children) + 1, $DB->count_records('context', array('depth' => 0)));
$this->assertEqual(count($children) + 1, $DB->count_records('context', array('path' => NULL)));
$context = context_course::instance($testcourses[2]);
$context->reset_paths(true);
$context = context_course::instance($testcourses[2]);
$this->assertEqual($DB->get_field('context', 'path', array('id' => $context->id)), $context->path);
$this->assertEqual($DB->get_field('context', 'depth', array('id' => $context->id)), $context->depth);
$this->assertEqual(0, $DB->count_records('context', array('depth' => 0)));
$this->assertEqual(0, $DB->count_records('context', array('path' => NULL)));
// ====== $context->update_moved(); ======================================
accesslib_clear_all_caches(false);
$DB->delete_records('cache_flags', array());
$course = $DB->get_record('course', array('id' => $testcourses[0]));
$context = context_course::instance($course->id);
$oldpath = $context->path;
$miscid = $DB->get_field_sql("SELECT MIN(id) FROM {course_categories}");
$categorycontext = context_coursecat::instance($miscid);
$course->category = $miscid;
$DB->update_record('course', $course);
$context->update_moved($categorycontext);
$context = context_course::instance($course->id);
$this->assertIdentical($context->get_parent_context(), $categorycontext);
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$oldpath]));
$this->assertTrue(isset($dirty[$context->path]));
// ====== $context->delete_content() =====================================
context_helper::reset_caches();
$context = context_module::instance($testpages[3]);
$this->assertTrue($DB->record_exists('context', array('id' => $context->id)));
$this->assertEqual(1, $DB->count_records('block_instances', array('parentcontextid' => $context->id)));
$context->delete_content();
$this->assertTrue($DB->record_exists('context', array('id' => $context->id)));
$this->assertEqual(0, $DB->count_records('block_instances', array('parentcontextid' => $context->id)));
// ====== $context->delete() =============================
context_helper::reset_caches();
$context = context_module::instance($testpages[4]);
$this->assertTrue($DB->record_exists('context', array('id' => $context->id)));
$this->assertEqual(1, $DB->count_records('block_instances', array('parentcontextid' => $context->id)));
$bi = $DB->get_record('block_instances', array('parentcontextid' => $context->id));
$bicontext = context_block::instance($bi->id);
$DB->delete_records('cache_flags', array());
$context->delete();
// should delete also linked blocks
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$context->path]));
$this->assertFalse($DB->record_exists('context', array('id' => $context->id)));
$this->assertFalse($DB->record_exists('context', array('id' => $bicontext->id)));
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_MODULE, 'instanceid' => $testpages[4])));
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_BLOCK, 'instanceid' => $bi->id)));
$this->assertEqual(0, $DB->count_records('block_instances', array('parentcontextid' => $context->id)));
context_module::instance($testpages[4]);
// ====== context_helper::delete_instance() =============================
context_helper::reset_caches();
$lastcourse = array_pop($testcourses);
$this->assertTrue($DB->record_exists('context', array('contextlevel' => CONTEXT_COURSE, 'instanceid' => $lastcourse)));
$coursecontext = context_course::instance($lastcourse);
$this->assertEqual(context_inspection::test_context_cache_size(), 1);
$this->assertFalse($coursecontext->instanceid == CONTEXT_COURSE);
$DB->delete_records('cache_flags', array());
context_helper::delete_instance(CONTEXT_COURSE, $lastcourse);
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$coursecontext->path]));
$this->assertEqual(context_inspection::test_context_cache_size(), 0);
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_COURSE, 'instanceid' => $lastcourse)));
context_course::instance($lastcourse);
// ======= context_helper::create_instances() ==========================
$prevcount = $DB->count_records('context');
$DB->delete_records('context', array('contextlevel' => CONTEXT_BLOCK));
context_helper::create_instances(null, true);
$this->assertIdentical($DB->count_records('context'), $prevcount);
$this->assertEqual($DB->count_records('context', array('depth' => 0)), 0);
$this->assertEqual($DB->count_records('context', array('path' => NULL)), 0);
$DB->delete_records('context', array('contextlevel' => CONTEXT_BLOCK));
$DB->delete_records('block_instances', array());
$prevcount = $DB->count_records('context');
$DB->delete_records_select('context', 'contextlevel <> ' . CONTEXT_SYSTEM);
context_helper::create_instances(null, true);
$this->assertIdentical($DB->count_records('context'), $prevcount);
$this->assertEqual($DB->count_records('context', array('depth' => 0)), 0);
$this->assertEqual($DB->count_records('context', array('path' => NULL)), 0);
// ======= context_helper::cleanup_instances() ==========================
$lastcourse = $DB->get_field_sql("SELECT MAX(id) FROM {course}");
$DB->delete_records('course', array('id' => $lastcourse));
$lastcategory = $DB->get_field_sql("SELECT MAX(id) FROM {course_categories}");
$DB->delete_records('course_categories', array('id' => $lastcategory));
$lastuser = $DB->get_field_sql("SELECT MAX(id) FROM {user} WHERE deleted=0");
$DB->delete_records('user', array('id' => $lastuser));
$DB->delete_records('block_instances', array('parentcontextid' => $frontpagepagecontext->id));
$DB->delete_records('course_modules', array('id' => $frontpagepagecontext->instanceid));
context_helper::cleanup_instances();
$count = 1;
//system
$count += $DB->count_records('user', array('deleted' => 0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEqual($DB->count_records('context'), $count);
// ======= context cache size restrictions ==============================
$testusers = array();
for ($i = 0; $i < CONTEXT_CACHE_MAX_SIZE + 100; $i++) {
$user = new stdClass();
$user->auth = 'manual';
$user->firstname = 'xuser' . $i;
$user->lastname = 'xuser' . $i;
$user->username = '******' . $i;
$user->password = '******';
$user->email = "xuser{$i}@example.com";
$user->confirmed = 1;
$user->mnethostid = $CFG->mnet_localhost_id;
$user->lang = $CFG->lang;
$user->maildisplay = 1;
$user->timemodified = time();
$user->lastip = '0.0.0.0';
$userid = $DB->insert_record('user', $user);
$testusers[$i] = $userid;
}
context_helper::create_instances(null, true);
context_helper::reset_caches();
for ($i = 0; $i < CONTEXT_CACHE_MAX_SIZE + 100; $i++) {
context_user::instance($testusers[$i]);
if ($i == CONTEXT_CACHE_MAX_SIZE - 1) {
$this->assertEqual(context_inspection::test_context_cache_size(), CONTEXT_CACHE_MAX_SIZE);
} else {
if ($i == CONTEXT_CACHE_MAX_SIZE) {
// once the limit is reached roughly 1/3 of records should be removed from cache
$this->assertEqual(context_inspection::test_context_cache_size(), (int) (CONTEXT_CACHE_MAX_SIZE * (2 / 3) + 102));
}
}
}
// We keep the first 100 cached
$prevsize = context_inspection::test_context_cache_size();
for ($i = 0; $i < 100; $i++) {
context_user::instance($testusers[$i]);
$this->assertEqual(context_inspection::test_context_cache_size(), $prevsize);
}
context_user::instance($testusers[102]);
$this->assertEqual(context_inspection::test_context_cache_size(), $prevsize + 1);
unset($testusers);
// =================================================================
// ======= basic test of legacy functions ==========================
// =================================================================
// note: watch out, the fake site might be pretty borked already
$this->assertIdentical(get_system_context(), context_system::instance());
foreach ($DB->get_records('context') as $contextid => $record) {
$context = context::instance_by_id($contextid);
$this->assertIdentical(get_context_instance_by_id($contextid), $context);
$this->assertIdentical(get_context_instance($record->contextlevel, $record->instanceid), $context);
$this->assertIdentical(get_parent_contexts($context), $context->get_parent_context_ids());
if ($context->id == SYSCONTEXTID) {
$this->assertIdentical(get_parent_contextid($context), false);
} else {
$this->assertIdentical(get_parent_contextid($context), $context->get_parent_context()->id);
}
}
$children = get_child_contexts($systemcontext);
$this->assertEqual(count($children), $DB->count_records('context') - 1);
unset($children);
$DB->delete_records('context', array('contextlevel' => CONTEXT_BLOCK));
create_contexts();
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_BLOCK)));
$DB->set_field('context', 'depth', 0, array('contextlevel' => CONTEXT_BLOCK));
build_context_path();
$this->assertFalse($DB->record_exists('context', array('depth' => 0)));
$lastcourse = $DB->get_field_sql("SELECT MAX(id) FROM {course}");
$DB->delete_records('course', array('id' => $lastcourse));
$lastcategory = $DB->get_field_sql("SELECT MAX(id) FROM {course_categories}");
$DB->delete_records('course_categories', array('id' => $lastcategory));
$lastuser = $DB->get_field_sql("SELECT MAX(id) FROM {user} WHERE deleted=0");
$DB->delete_records('user', array('id' => $lastuser));
$DB->delete_records('block_instances', array('parentcontextid' => $frontpagepagecontext->id));
$DB->delete_records('course_modules', array('id' => $frontpagepagecontext->instanceid));
cleanup_contexts();
$count = 1;
//system
$count += $DB->count_records('user', array('deleted' => 0));
$count += $DB->count_records('course_categories');
$count += $DB->count_records('course');
$count += $DB->count_records('course_modules');
$count += $DB->count_records('block_instances');
$this->assertEqual($DB->count_records('context'), $count);
context_helper::reset_caches();
preload_course_contexts($SITE->id);
$this->assertEqual(context_inspection::test_context_cache_size(), 1);
context_helper::reset_caches();
list($select, $join) = context_instance_preload_sql('c.id', CONTEXT_COURSECAT, 'ctx');
$sql = "SELECT c.id {$select} FROM {course_categories} c {$join}";
$records = $DB->get_records_sql($sql);
foreach ($records as $record) {
context_instance_preload($record);
$record = (array) $record;
$this->assertEqual(1, count($record));
// only id left
}
$this->assertEqual(count($records), context_inspection::test_context_cache_size());
accesslib_clear_all_caches(true);
$DB->delete_records('cache_flags', array());
mark_context_dirty($systemcontext->path);
$dirty = get_cache_flags('accesslib/dirtycontexts', time() - 2);
$this->assertTrue(isset($dirty[$systemcontext->path]));
accesslib_clear_all_caches(false);
$DB->delete_records('cache_flags', array());
$course = $DB->get_record('course', array('id' => $testcourses[2]));
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$oldpath = $context->path;
$miscid = $DB->get_field_sql("SELECT MIN(id) FROM {course_categories}");
$categorycontext = context_coursecat::instance($miscid);
$course->category = $miscid;
$DB->update_record('course', $course);
context_moved($context, $categorycontext);
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$this->assertIdentical($context->get_parent_context(), $categorycontext);
$this->assertTrue($DB->record_exists('context', array('contextlevel' => CONTEXT_COURSE, 'instanceid' => $testcourses[2])));
delete_context(CONTEXT_COURSE, $testcourses[2]);
$this->assertFalse($DB->record_exists('context', array('contextlevel' => CONTEXT_COURSE, 'instanceid' => $testcourses[2])));
$name = get_contextlevel_name(CONTEXT_COURSE);
$this->assertFalse(empty($name));
$context = get_context_instance(CONTEXT_COURSE, $testcourses[2]);
$name = print_context_name($context);
$this->assertFalse(empty($name));
$url = get_context_url($coursecontext);
$this->assertFalse($url instanceof modole_url);
$page = $DB->get_record('page', array('id' => $testpages[7]));
$context = get_context_instance(CONTEXT_MODULE, $page->id);
$coursecontext = get_course_context($context);
$this->assertEqual($coursecontext->contextlevel, CONTEXT_COURSE);
$this->assertEqual(get_courseid_from_context($context), $page->course);
$caps = fetch_context_capabilities($systemcontext);
$this->assertTrue(is_array($caps));
unset($caps);
}
/**
* Close database connection and release all resources
* and memory (especially circular memory references).
* Do NOT use connect() again, create a new instance if needed.
*/
public function dispose()
{
if ($this->used_for_db_sessions) {
// this is needed because we need to save session to db before closing it
session_get_instance()->write_close();
$this->used_for_db_sessions = false;
}
if ($this->database_manager) {
$this->database_manager->dispose();
$this->database_manager = null;
}
$this->columns = array();
$this->tables = null;
}
/**
* Close database connection and release all resources
* and memory (especially circular memory references).
* Do NOT use connect() again, create a new instance if needed.
*/
public function dispose()
{
if ($this->intransaction) {
// unfortunately we can not access global $CFG any more and can not print debug
error_log('Active database transaction detected when disposing database!');
}
if ($this->used_for_db_sessions) {
// this is needed because we need to save session to db before closing it
session_get_instance()->write_close();
$this->used_for_db_sessions = false;
}
if ($this->database_manager) {
$this->database_manager->dispose();
$this->database_manager = null;
}
$this->columns = array();
$this->tables = null;
}
if (!defined('NO_MOODLE_COOKIES')) {
if (empty($CFG->version) or $CFG->version < 2009011900) {
// no session before sessions table gets created
define('NO_MOODLE_COOKIES', true);
} else {
if (CLI_SCRIPT) {
// CLI scripts can not have session
define('NO_MOODLE_COOKIES', true);
} else {
define('NO_MOODLE_COOKIES', false);
}
}
}
}
// start session and prepare global $SESSION, $USER
session_get_instance();
$SESSION =& $_SESSION['SESSION'];
$USER =& $_SESSION['USER'];
// initialise ME's
// This must presently come AFTER $USER has been set up.
initialise_fullme();
// Late profiling, only happening if early one wasn't started
if (!empty($CFG->profilingenabled)) {
require_once $CFG->libdir . '/xhprof/xhprof_moodle.php';
if (profiling_start()) {
register_shutdown_function('profiling_stop');
}
}
// Process theme change in the URL.
if (!empty($CFG->allowthemechangeonurl) and !empty($_GET['theme'])) {
// we have to use _GET directly because we do not want this to interfere with _POST
// used during installation and upgrades
if (!$version or !$release) {
print_error('withoutversion', 'debug');
// without version, stop
}
// Turn off xmlstrictheaders during upgrade.
$origxmlstrictheaders = !empty($CFG->xmlstrictheaders);
$CFG->xmlstrictheaders = false;
if (!core_tables_exist()) {
$PAGE->set_pagelayout('maintenance');
$PAGE->set_popup_notification_allowed(false);
// fake some settings
$CFG->docroot = 'http://docs.moodle.org';
$strinstallation = get_string('installation', 'install');
// remove current session content completely
session_get_instance()->terminate_current();
if (empty($agreelicense)) {
$strlicense = get_string('license');
$PAGE->navbar->add($strlicense);
$PAGE->set_title($strinstallation . ' - Moodle ' . $CFG->target_release);
$PAGE->set_heading($strinstallation);
$PAGE->set_cacheable(false);
$output = $PAGE->get_renderer('core', 'admin');
echo $output->install_licence_page();
die;
}
if (empty($confirmrelease)) {
require_once $CFG->libdir . '/environmentlib.php';
list($envstatus, $environment_results) = check_moodle_environment(normalize_version($release), ENV_SELECT_RELEASE);
$strcurrentrelease = get_string('currentrelease');
$PAGE->navbar->add($strcurrentrelease);
/**
* Packages the entire flavour and returns it
* @todo Add a checksum
*/
public function packaging_execute()
{
global $USER, $CFG;
$errorredirect = $this->url . '?sesskey=' . sesskey();
// Getting selected data
$selectedingredients = $this->get_ingredients_from_form();
if (!$selectedingredients) {
redirect($errorredirect, get_string('nothingselected', 'local_flavours'), 2);
}
// Flavour data
$form = new flavours_packaging_form($this->url);
if (!($data = $form->get_data())) {
print_error('errorpackaging', 'local_flavours');
}
// Starting <xml>
$xmloutput = new memory_xml_output();
$xmltransformer = new flavours_xml_transformer();
$xmlwriter = new flavours_xml_writer($xmloutput, $xmltransformer);
$xmlwriter->start();
$xmlwriter->begin_tag('flavour');
$xmlwriter->full_tag('name', $data->name);
$xmlwriter->full_tag('description', $data->description);
$xmlwriter->full_tag('author', $data->author);
$xmlwriter->full_tag('timecreated', time());
$xmlwriter->full_tag('sourceurl', $CFG->wwwroot);
$xmlwriter->full_tag('sourcemoodlerelease', $CFG->release);
$xmlwriter->full_tag('sourcemoodleversion', $CFG->version);
// Random code to store the flavour data
$hash = sha1('flavour_' . $USER->id . '_' . time());
$flavourpath = $this->flavourstmpfolder . '/' . $hash;
if (file_exists($flavourpath) || !mkdir($flavourpath, $CFG->directorypermissions)) {
print_error('errorpackaging', 'local_flavours');
}
// Adding the selected ingredients data
$xmlwriter->begin_tag('ingredient');
foreach ($selectedingredients as $ingredienttype => $ingredientsdata) {
// instance_ingredient_type gets a new flavours_ingredient_* object
$type = $this->instance_ingredient_type($ingredienttype);
$xmlwriter->begin_tag($type->id);
// It executes the ingredient type specific actions to package
$type->package_ingredients($xmlwriter, $flavourpath, $ingredientsdata);
$xmlwriter->end_tag($type->id);
}
$xmlwriter->end_tag('ingredient');
// Finishing flavour index
$xmlwriter->end_tag('flavour');
$xmlwriter->stop();
$flavourxml = $xmloutput->get_allcontents();
// Creating the .xml with the flavour info
$xmlfilepath = $flavourpath . '/flavour.xml';
if (!($xmlfh = fopen($xmlfilepath, 'w'))) {
print_error('errorpackaging', 'local_flavours');
}
fwrite($xmlfh, $flavourxml);
fclose($xmlfh);
// Flavour contents compression
$packer = new zip_packer();
$zipfilepath = $this->flavourstmpfolder . '/' . $hash . '/flavour_' . date('Y-m-d') . '.zip';
if (!$packer->archive_to_pathname(array('flavour' => $flavourpath), $zipfilepath)) {
print_error('errorpackaging', 'local_flavours');
}
session_get_instance()->write_close();
send_file($zipfilepath, basename($zipfilepath));
// To avoid the html headers and all the print* stuff
die;
}
function RWSLOMUser()
{
global $USER;
global $CFG;
global $DB;
global $RWSECAS;
if (!$RWSECAS) {
require_logout();
RWSSStat("1001");
}
if (respondusws_floatcompare($CFG->version, 2010122500, 2) >= 0) {
if (isloggedin()) {
$r_aus = get_enabled_auth_plugins();
foreach ($r_aus as $r_aun) {
$r_aup = get_auth_plugin($r_aun);
if (strcasecmp($r_aup->authtype, RWSCAS) == 0) {
$r_csp = $r_aup;
RWSPLOCas($r_csp);
} else {
$r_aup->prelogout_hook();
}
}
}
if (respondusws_floatcompare($CFG->version, 2014051200, 2) >= 0) {
$r_ssi = session_id();
$r_evt = \core\event\user_loggedout::create(array('userid' => $USER->id, 'objectid' => $USER->id, 'other' => array('sessionid' => $r_ssi)));
if ($r_ses = $DB->get_record('sessions', array('sid' => $r_ssi))) {
$r_evt->add_record_snapshot('sessions', $r_ses);
}
\core\session\manager::terminate_current();
$r_evt->trigger();
} else {
$r_prms = $USER;
events_trigger('user_logout', $r_prms);
if (respondusws_floatcompare($CFG->version, 2013111800, 2) >= 0) {
\core\session\manager::terminate_current();
} else {
session_get_instance()->terminate_current();
}
unset($r_prms);
}
} else {
RWSSErr("2006,{$CFG->version},2010122500");
}
RWSSStat("1001");
}
/**
* Authenticate by token type
*
* @param $tokentype string tokentype constant
* @return $user object
*/
protected function authenticate_by_token($tokentype)
{
global $WEBSERVICE_INSTITUTION;
if ($tokentype == EXTERNAL_TOKEN_PERMANENT || $tokentype == EXTERNAL_TOKEN_USER) {
$token = get_record('external_tokens', 'token', $this->token);
// trap personal tokens with no valid until time set
if ($token && $token->tokentype == EXTERNAL_TOKEN_USER && $token->validuntil == 0 && strtotime($token->ctime) - time() > EXTERNAL_TOKEN_USER_EXPIRES) {
delete_records('external_tokens', 'token', $this->token);
throw new WebserviceAccessException(get_string('invalidtimedtoken', 'auth.webservice'));
}
} else {
$token = get_record('external_tokens', 'token', $this->token, 'tokentype', $tokentype);
}
if (!$token) {
// log failed login attempts
throw new WebserviceAccessException(get_string('invalidtoken', 'auth.webservice'));
}
// tidy up the uath method - this could be user token or session token
if ($token->tokentype != EXTERNAL_TOKEN_PERMANENT) {
$this->auth = 'OTHER';
}
/**
* check the valid until date
*/
if ($token->validuntil and $token->validuntil < time()) {
delete_records('external_tokens', 'token', $this->token, 'tokentype', $tokentype);
throw new WebserviceAccessException(get_string('invalidtimedtoken', 'auth.webservice'));
}
//assumes that if sid is set then there must be a valid associated session no matter the token type
if ($token->sid) {
$session = session_get_instance();
if (!$session->session_exists($token->sid)) {
delete_records('external_tokens', 'sid', $token->sid);
throw new WebserviceAccessException(get_string('invalidtokensession', 'auth.webservice'));
}
}
if ($token->iprestriction and !address_in_subnet(getremoteaddr(), $token->iprestriction)) {
throw new WebserviceAccessException(get_string('invalidiptoken', 'auth.webservice'));
}
$this->restricted_serviceid = $token->externalserviceid;
$user = get_record('usr', 'id', $token->userid, 'deleted', 0);
// log token access
set_field('external_tokens', 'mtime', db_format_timestamp(time()), 'id', $token->id);
// set the global for the web service users defined institution
$WEBSERVICE_INSTITUTION = $token->institution;
return $user;
}
function format_slides_pluginfile($course, $cm, $context, $filearea, $args, $forcedownload){
$filename = array_pop($args);
// TODO: check filepath
$filepath = $args ? '/'.implode('/', $args).'/' : '/';
$fs = get_file_storage();
//echo $context->id . 'format_slides ' . $filearea . " " . $args[0] . " " . $filepath . " " . $filename . "<br/>";
if (!$file = $fs->get_file($context->id, 'format_slides', $filearea, $args[0], "/", $filename)) {
send_file_not_found();
}
session_get_instance()->write_close();
send_stored_file($file, 60*60, 0, $forcedownload);
exit;
}
require_login(0, true, null, false);
}
}
}
$context = context_course::instance($course->id);
$fs = get_file_storage();
$fullpath = "/{$context->id}/course/legacy/0/{$relativepath}";
if (!($file = $fs->get_file_by_hash(sha1($fullpath)))) {
if (strrpos($fullpath, '/') !== strlen($fullpath) - 1) {
$fullpath .= '/';
}
if (!($file = $fs->get_file_by_hash(sha1($fullpath . '/.')))) {
send_file_not_found();
}
}
// do not serve dirs
if ($file->get_filename() == '.') {
if (!($file = $fs->get_file_by_hash(sha1($fullpath . 'index.html')))) {
if (!($file = $fs->get_file_by_hash(sha1($fullpath . 'index.htm')))) {
if (!($file = $fs->get_file_by_hash(sha1($fullpath . 'Default.htm')))) {
send_file_not_found();
}
}
}
}
// ========================================
// finally send the file
// ========================================
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, $lifetime, $CFG->filteruploadedfiles, $forcedownload);
/**
* This function delegates file serving to individual plugins
*
* @param string $relativepath
* @param bool $forcedownload
* @param null|string $preview the preview mode, defaults to serving the original file
* @todo MDL-31088 file serving improments
*/
function file_pluginfile($relativepath, $forcedownload, $preview = null)
{
global $DB, $CFG, $USER;
// relative path must start with '/'
if (!$relativepath) {
print_error('invalidargorconf');
} else {
if ($relativepath[0] != '/') {
print_error('pathdoesnotstartslash');
}
}
// extract relative path components
$args = explode('/', ltrim($relativepath, '/'));
if (count($args) < 3) {
// always at least context, component and filearea
print_error('invalidarguments');
}
$contextid = (int) array_shift($args);
$component = clean_param(array_shift($args), PARAM_COMPONENT);
$filearea = clean_param(array_shift($args), PARAM_AREA);
list($context, $course, $cm) = get_context_info_array($contextid);
$fs = get_file_storage();
// ========================================================================================================================
if ($component === 'blog') {
// Blog file serving
if ($context->contextlevel != CONTEXT_SYSTEM) {
send_file_not_found();
}
if ($filearea !== 'attachment' and $filearea !== 'post') {
send_file_not_found();
}
if (empty($CFG->enableblogs)) {
print_error('siteblogdisable', 'blog');
}
$entryid = (int) array_shift($args);
if (!($entry = $DB->get_record('post', array('module' => 'blog', 'id' => $entryid)))) {
send_file_not_found();
}
if ($CFG->bloglevel < BLOG_GLOBAL_LEVEL) {
require_login();
if (isguestuser()) {
print_error('noguest');
}
if ($CFG->bloglevel == BLOG_USER_LEVEL) {
if ($USER->id != $entry->userid) {
send_file_not_found();
}
}
}
if ($entry->publishstate === 'public') {
if ($CFG->forcelogin) {
require_login();
}
} else {
if ($entry->publishstate === 'site') {
require_login();
//ok
} else {
if ($entry->publishstate === 'draft') {
require_login();
if ($USER->id != $entry->userid) {
send_file_not_found();
}
}
}
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, $entryid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
send_stored_file($file, 10 * 60, 0, true, array('preview' => $preview));
// download MUST be forced - security!
// ========================================================================================================================
} else {
if ($component === 'grade') {
if (($filearea === 'outcome' or $filearea === 'scale') and $context->contextlevel == CONTEXT_SYSTEM) {
// Global gradebook files
if ($CFG->forcelogin) {
require_login();
}
$fullpath = "/{$context->id}/{$component}/{$filearea}/" . implode('/', $args);
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'feedback' and $context->contextlevel == CONTEXT_COURSE) {
//TODO: nobody implemented this yet in grade edit form!!
send_file_not_found();
if ($CFG->forcelogin || $course->id != SITEID) {
require_login($course);
}
$fullpath = "/{$context->id}/{$component}/{$filearea}/" . implode('/', $args);
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
}
// ========================================================================================================================
} else {
if ($component === 'tag') {
if ($filearea === 'description' and $context->contextlevel == CONTEXT_SYSTEM) {
// All tag descriptions are going to be public but we still need to respect forcelogin
if ($CFG->forcelogin) {
require_login();
}
$fullpath = "/{$context->id}/tag/description/" . implode('/', $args);
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, true, array('preview' => $preview));
} else {
send_file_not_found();
}
// ========================================================================================================================
} else {
if ($component === 'calendar') {
if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_SYSTEM) {
// All events here are public the one requirement is that we respect forcelogin
if ($CFG->forcelogin) {
require_login();
}
// Get the event if from the args array
$eventid = array_shift($args);
// Load the event from the database
if (!($event = $DB->get_record('event', array('id' => (int) $eventid, 'eventtype' => 'site')))) {
send_file_not_found();
}
// Check that we got an event and that it's userid is that of the user
// Get the file and serve if successful
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_USER) {
// Must be logged in, if they are not then they obviously can't be this user
require_login();
// Don't want guests here, potentially saves a DB call
if (isguestuser()) {
send_file_not_found();
}
// Get the event if from the args array
$eventid = array_shift($args);
// Load the event from the database - user id must match
if (!($event = $DB->get_record('event', array('id' => (int) $eventid, 'userid' => $USER->id, 'eventtype' => 'user')))) {
send_file_not_found();
}
// Get the file and serve if successful
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'event_description' and $context->contextlevel == CONTEXT_COURSE) {
// Respect forcelogin and require login unless this is the site.... it probably
// should NEVER be the site
if ($CFG->forcelogin || $course->id != SITEID) {
require_login($course);
}
// Must be able to at least view the course
if (!is_enrolled($context) and !is_viewing($context)) {
//TODO: hmm, do we really want to block guests here?
send_file_not_found();
}
// Get the event id
$eventid = array_shift($args);
// Load the event from the database we need to check whether it is
// a) valid course event
// b) a group event
// Group events use the course context (there is no group context)
if (!($event = $DB->get_record('event', array('id' => (int) $eventid, 'courseid' => $course->id)))) {
send_file_not_found();
}
// If its a group event require either membership of view all groups capability
if ($event->eventtype === 'group') {
if (!has_capability('moodle/site:accessallgroups', $context) && !groups_is_member($event->groupid, $USER->id)) {
send_file_not_found();
}
} else {
if ($event->eventtype === 'course') {
//ok
} else {
// some other type
send_file_not_found();
}
}
// If we get this far we can serve the file
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, $eventid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
}
}
// ========================================================================================================================
} else {
if ($component === 'user') {
if ($filearea === 'icon' and $context->contextlevel == CONTEXT_USER) {
if (count($args) == 1) {
$themename = theme_config::DEFAULT_THEME;
$filename = array_shift($args);
} else {
$themename = array_shift($args);
$filename = array_shift($args);
}
// fix file name automatically
if ($filename !== 'f1' and $filename !== 'f2' and $filename !== 'f3') {
$filename = 'f1';
}
if ((!empty($CFG->forcelogin) and !isloggedin()) || !empty($CFG->forceloginforprofileimage) && (!isloggedin() || isguestuser())) {
// protect images if login required and not logged in;
// also if login is required for profile images and is not logged in or guest
// do not use require_login() because it is expensive and not suitable here anyway
$theme = theme_config::load($themename);
redirect($theme->pix_url('u/' . $filename, 'moodle'));
// intentionally not cached
}
if (!($file = $fs->get_file($context->id, 'user', 'icon', 0, '/', $filename . '.png'))) {
if (!($file = $fs->get_file($context->id, 'user', 'icon', 0, '/', $filename . '.jpg'))) {
if ($filename === 'f3') {
// f3 512x512px was introduced in 2.3, there might be only the smaller version.
if (!($file = $fs->get_file($context->id, 'user', 'icon', 0, '/', 'f1.png'))) {
$file = $fs->get_file($context->id, 'user', 'icon', 0, '/', 'f1.jpg');
}
}
}
}
if (!$file) {
// bad reference - try to prevent future retries as hard as possible!
if ($user = $DB->get_record('user', array('id' => $context->instanceid), 'id, picture')) {
if ($user->picture > 0) {
$DB->set_field('user', 'picture', 0, array('id' => $user->id));
}
}
// no redirect here because it is not cached
$theme = theme_config::load($themename);
$imagefile = $theme->resolve_image_location('u/' . $filename, 'moodle');
send_file($imagefile, basename($imagefile), 60 * 60 * 24 * 14);
}
send_stored_file($file, 60 * 60 * 24 * 365, 0, false, array('preview' => $preview));
// enable long caching, there are many images on each page
} else {
if ($filearea === 'private' and $context->contextlevel == CONTEXT_USER) {
require_login();
if (isguestuser()) {
send_file_not_found();
}
if ($USER->id !== $context->instanceid) {
send_file_not_found();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 0, 0, true, array('preview' => $preview));
// must force download - security!
} else {
if ($filearea === 'profile' and $context->contextlevel == CONTEXT_USER) {
if ($CFG->forcelogin) {
require_login();
}
$userid = $context->instanceid;
if ($USER->id == $userid) {
// always can access own
} else {
if (!empty($CFG->forceloginforprofiles)) {
require_login();
if (isguestuser()) {
send_file_not_found();
}
// we allow access to site profile of all course contacts (usually teachers)
if (!has_coursecontact_role($userid) && !has_capability('moodle/user:viewdetails', $context)) {
send_file_not_found();
}
$canview = false;
if (has_capability('moodle/user:viewdetails', $context)) {
$canview = true;
} else {
$courses = enrol_get_my_courses();
}
while (!$canview && count($courses) > 0) {
$course = array_shift($courses);
if (has_capability('moodle/user:viewdetails', context_course::instance($course->id))) {
$canview = true;
}
}
}
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, $component, $filearea, 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 0, 0, true, array('preview' => $preview));
// must force download - security!
} else {
if ($filearea === 'profile' and $context->contextlevel == CONTEXT_COURSE) {
$userid = (int) array_shift($args);
$usercontext = context_user::instance($userid);
if ($CFG->forcelogin) {
require_login();
}
if (!empty($CFG->forceloginforprofiles)) {
require_login();
if (isguestuser()) {
print_error('noguest');
}
//TODO: review this logic of user profile access prevention
if (!has_coursecontact_role($userid) and !has_capability('moodle/user:viewdetails', $usercontext)) {
print_error('usernotavailable');
}
if (!has_capability('moodle/user:viewdetails', $context) && !has_capability('moodle/user:viewdetails', $usercontext)) {
print_error('cannotviewprofile');
}
if (!is_enrolled($context, $userid)) {
print_error('notenrolledprofile');
}
if (groups_get_course_groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context)) {
print_error('groupnotamember');
}
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($usercontext->id, 'user', 'profile', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 0, 0, true, array('preview' => $preview));
// must force download - security!
} else {
if ($filearea === 'backup' and $context->contextlevel == CONTEXT_USER) {
require_login();
if (isguestuser()) {
send_file_not_found();
}
$userid = $context->instanceid;
if ($USER->id != $userid) {
send_file_not_found();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'user', 'backup', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 0, 0, true, array('preview' => $preview));
// must force download - security!
} else {
send_file_not_found();
}
}
}
}
}
// ========================================================================================================================
} else {
if ($component === 'coursecat') {
if ($context->contextlevel != CONTEXT_COURSECAT) {
send_file_not_found();
}
if ($filearea === 'description') {
if ($CFG->forcelogin) {
// no login necessary - unless login forced everywhere
require_login();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'coursecat', 'description', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
// ========================================================================================================================
} else {
if ($component === 'course') {
if ($context->contextlevel != CONTEXT_COURSE) {
send_file_not_found();
}
if ($filearea === 'summary') {
if ($CFG->forcelogin) {
require_login();
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'course', 'summary', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'section') {
if ($CFG->forcelogin) {
require_login($course);
} else {
if ($course->id != SITEID) {
require_login($course);
}
}
$sectionid = (int) array_shift($args);
if (!($section = $DB->get_record('course_sections', array('id' => $sectionid, 'course' => $course->id)))) {
send_file_not_found();
}
if ($course->numsections < $section->section) {
if (!has_capability('moodle/course:update', $context)) {
// block access to unavailable sections if can not edit course
send_file_not_found();
}
}
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'course', 'section', $sectionid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
}
} else {
if ($component === 'group') {
if ($context->contextlevel != CONTEXT_COURSE) {
send_file_not_found();
}
require_course_login($course, true, null, false);
$groupid = (int) array_shift($args);
$group = $DB->get_record('groups', array('id' => $groupid, 'courseid' => $course->id), '*', MUST_EXIST);
if ($course->groupmodeforce and $course->groupmode == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $context) and !groups_is_member($group->id, $USER->id)) {
// do not allow access to separate group info if not member or teacher
send_file_not_found();
}
if ($filearea === 'description') {
require_login($course);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'group', 'description', $group->id, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'icon') {
$filename = array_pop($args);
if ($filename !== 'f1' and $filename !== 'f2') {
send_file_not_found();
}
if (!($file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename . '.png'))) {
if (!($file = $fs->get_file($context->id, 'group', 'icon', $group->id, '/', $filename . '.jpg'))) {
send_file_not_found();
}
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, false, array('preview' => $preview));
} else {
send_file_not_found();
}
}
} else {
if ($component === 'grouping') {
if ($context->contextlevel != CONTEXT_COURSE) {
send_file_not_found();
}
require_login($course);
$groupingid = (int) array_shift($args);
// note: everybody has access to grouping desc images for now
if ($filearea === 'description') {
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'grouping', 'description', $groupingid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
// ========================================================================================================================
} else {
if ($component === 'backup') {
if ($filearea === 'course' and $context->contextlevel == CONTEXT_COURSE) {
require_login($course);
require_capability('moodle/backup:downloadfile', $context);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'backup', 'course', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 0, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'section' and $context->contextlevel == CONTEXT_COURSE) {
require_login($course);
require_capability('moodle/backup:downloadfile', $context);
$sectionid = (int) array_shift($args);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'backup', 'section', $sectionid, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'activity' and $context->contextlevel == CONTEXT_MODULE) {
require_login($course, false, $cm);
require_capability('moodle/backup:downloadfile', $context);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'backup', 'activity', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
} else {
if ($filearea === 'automated' and $context->contextlevel == CONTEXT_COURSE) {
// Backup files that were generated by the automated backup systems.
require_login($course);
require_capability('moodle/site:config', $context);
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'backup', 'automated', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 0, 0, $forcedownload, array('preview' => $preview));
} else {
send_file_not_found();
}
}
}
}
// ========================================================================================================================
} else {
if ($component === 'question') {
require_once $CFG->libdir . '/questionlib.php';
question_pluginfile($course, $context, 'question', $filearea, $args, $forcedownload);
send_file_not_found();
// ========================================================================================================================
} else {
if ($component === 'grading') {
if ($filearea === 'description') {
// files embedded into the form definition description
if ($context->contextlevel == CONTEXT_SYSTEM) {
require_login();
} else {
if ($context->contextlevel >= CONTEXT_COURSE) {
require_login($course, false, $cm);
} else {
send_file_not_found();
}
}
$formid = (int) array_shift($args);
$sql = "SELECT ga.id\n FROM {grading_areas} ga\n JOIN {grading_definitions} gd ON (gd.areaid = ga.id)\n WHERE gd.id = ? AND ga.contextid = ?";
$areaid = $DB->get_field_sql($sql, array($formid, $context->id), IGNORE_MISSING);
if (!$areaid) {
send_file_not_found();
}
$fullpath = "/{$context->id}/{$component}/{$filearea}/{$formid}/" . implode('/', $args);
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
send_file_not_found();
}
session_get_instance()->write_close();
// unlock session during fileserving
send_stored_file($file, 60 * 60, 0, $forcedownload, array('preview' => $preview));
}
// ========================================================================================================================
} else {
if (strpos($component, 'mod_') === 0) {
$modname = substr($component, 4);
if (!file_exists("{$CFG->dirroot}/mod/{$modname}/lib.php")) {
send_file_not_found();
}
require_once "{$CFG->dirroot}/mod/{$modname}/lib.php";
if ($context->contextlevel == CONTEXT_MODULE) {
if ($cm->modname !== $modname) {
// somebody tries to gain illegal access, cm type must match the component!
send_file_not_found();
}
}
if ($filearea === 'intro') {
if (!plugin_supports('mod', $modname, FEATURE_MOD_INTRO, true)) {
send_file_not_found();
}
require_course_login($course, true, $cm);
// all users may access it
$filename = array_pop($args);
$filepath = $args ? '/' . implode('/', $args) . '/' : '/';
if (!($file = $fs->get_file($context->id, 'mod_' . $modname, 'intro', 0, $filepath, $filename)) or $file->is_directory()) {
send_file_not_found();
}
$lifetime = isset($CFG->filelifetime) ? $CFG->filelifetime : 86400;
// finally send the file
send_stored_file($file, $lifetime, 0, false, array('preview' => $preview));
}
$filefunction = $component . '_pluginfile';
$filefunctionold = $modname . '_pluginfile';
if (function_exists($filefunction)) {
// if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
$filefunction($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
} else {
if (function_exists($filefunctionold)) {
// if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
$filefunctionold($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
}
}
send_file_not_found();
// ========================================================================================================================
} else {
if (strpos($component, 'block_') === 0) {
$blockname = substr($component, 6);
// note: no more class methods in blocks please, that is ....
if (!file_exists("{$CFG->dirroot}/blocks/{$blockname}/lib.php")) {
send_file_not_found();
}
require_once "{$CFG->dirroot}/blocks/{$blockname}/lib.php";
if ($context->contextlevel == CONTEXT_BLOCK) {
$birecord = $DB->get_record('block_instances', array('id' => $context->instanceid), '*', MUST_EXIST);
if ($birecord->blockname !== $blockname) {
// somebody tries to gain illegal access, cm type must match the component!
send_file_not_found();
}
$bprecord = $DB->get_record('block_positions', array('blockinstanceid' => $context->instanceid), 'visible');
// User can't access file, if block is hidden or doesn't have block:view capability
if ($bprecord && !$bprecord->visible || !has_capability('moodle/block:view', $context)) {
send_file_not_found();
}
} else {
$birecord = null;
}
$filefunction = $component . '_pluginfile';
if (function_exists($filefunction)) {
// if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
$filefunction($course, $birecord, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
}
send_file_not_found();
// ========================================================================================================================
} else {
if (strpos($component, '_') === false) {
// all core subsystems have to be specified above, no more guessing here!
send_file_not_found();
} else {
// try to serve general plugin file in arbitrary context
$dir = get_component_directory($component);
if (!file_exists("{$dir}/lib.php")) {
send_file_not_found();
}
include_once "{$dir}/lib.php";
$filefunction = $component . '_pluginfile';
if (function_exists($filefunction)) {
// if the function exists, it must send the file and terminate. Whatever it returns leads to "not found"
$filefunction($course, $cm, $context, $filearea, $args, $forcedownload, array('preview' => $preview));
}
send_file_not_found();
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
/**
* Redirects the user to another page, after printing a notice
*
* This function calls the OUTPUT redirect method, echo's the output
* and then dies to ensure nothing else happens.
*
* <strong>Good practice:</strong> You should call this method before starting page
* output by using any of the OUTPUT methods.
*
* @param moodle_url|string $url A moodle_url to redirect to. Strings are not to be trusted!
* @param string $message The message to display to the user
* @param int $delay The delay before redirecting
* @return void - does not return!
*/
function redirect($url, $message = '', $delay = -1)
{
global $OUTPUT, $PAGE, $SESSION, $CFG;
if (CLI_SCRIPT or AJAX_SCRIPT) {
// this is wrong - developers should not use redirect in these scripts,
// but it should not be very likely
throw new moodle_exception('redirecterrordetected', 'error');
}
// prevent debug errors - make sure context is properly initialised
if ($PAGE) {
$PAGE->set_context(null);
}
if ($url instanceof moodle_url) {
$url = $url->out(false);
}
if (!empty($CFG->usesid) && !isset($_COOKIE[session_name()])) {
$url = $SESSION->sid_process_url($url);
}
$debugdisableredirect = false;
do {
if (defined('DEBUGGING_PRINTED')) {
// some debugging already printed, no need to look more
$debugdisableredirect = true;
break;
}
if (empty($CFG->debugdisplay) or empty($CFG->debug)) {
// no errors should be displayed
break;
}
if (!function_exists('error_get_last') or !($lasterror = error_get_last())) {
break;
}
if (!($lasterror['type'] & $CFG->debug)) {
//last error not interesting
break;
}
// watch out here, @hidden() errors are returned from error_get_last() too
if (headers_sent()) {
//we already started printing something - that means errors likely printed
$debugdisableredirect = true;
break;
}
if (ob_get_level() and ob_get_contents()) {
// there is something waiting to be printed, hopefully it is the errors,
// but it might be some error hidden by @ too - such as the timezone mess from setup.php
$debugdisableredirect = true;
break;
}
} while (false);
if (!empty($message)) {
if ($delay === -1 || !is_numeric($delay)) {
$delay = 3;
}
$message = clean_text($message);
} else {
$message = get_string('pageshouldredirect');
$delay = 0;
// We are going to try to use a HTTP redirect, so we need a full URL.
if (!preg_match('|^[a-z]+:|', $url)) {
// Get host name http://www.wherever.com
$hostpart = preg_replace('|^(.*?[^:/])/.*$|', '$1', $CFG->wwwroot);
if (preg_match('|^/|', $url)) {
// URLs beginning with / are relative to web server root so we just add them in
$url = $hostpart . $url;
} else {
// URLs not beginning with / are relative to path of current script, so add that on.
$url = $hostpart . preg_replace('|\\?.*$|', '', me()) . '/../' . $url;
}
// Replace all ..s
while (true) {
$newurl = preg_replace('|/(?!\\.\\.)[^/]*/\\.\\./|', '/', $url);
if ($newurl == $url) {
break;
}
$url = $newurl;
}
}
}
if (defined('MDL_PERF') || (!empty($CFG->perfdebug) and $CFG->perfdebug > 7)) {
if (defined('MDL_PERFTOLOG') && !function_exists('register_shutdown_function')) {
$perf = get_performance_info();
error_log("PERF: " . $perf['txt']);
}
}
$encodedurl = preg_replace("/\\&(?![a-zA-Z0-9#]{1,8};)/", "&", $url);
$encodedurl = preg_replace('/^.*href="([^"]*)".*$/', "\\1", clean_text('<a href="' . $encodedurl . '" />'));
if ($delay == 0 && !$debugdisableredirect && !headers_sent()) {
// workaround for IIS bug http://support.microsoft.com/kb/q176113/
if (session_id()) {
session_get_instance()->write_close();
}
//302 might not work for POST requests, 303 is ignored by obsolete clients.
@header($_SERVER['SERVER_PROTOCOL'] . ' 303 See Other');
@header('Location: ' . $url);
echo bootstrap_renderer::plain_redirect_message($encodedurl);
exit;
}
// Include a redirect message, even with a HTTP redirect, because that is recommended practice.
$PAGE->set_pagelayout('redirect');
// No header and footer needed
$CFG->docroot = false;
// to prevent the link to moodle docs from being displayed on redirect page.
echo $OUTPUT->redirect_message($encodedurl, $message, $delay, $debugdisableredirect);
exit;
}
protected function authenticate_by_token($tokentype)
{
global $DB;
if (!($token = $DB->get_record('external_tokens', array('token' => $this->token, 'tokentype' => $tokentype)))) {
// log failed login attempts
add_to_log(SITEID, 'webservice', get_string('tokenauthlog', 'webservice'), '', get_string('failedtolog', 'webservice') . ": " . $this->token . " - " . getremoteaddr(), 0);
throw new webservice_access_exception(get_string('invalidtoken', 'webservice'));
}
if ($token->validuntil and $token->validuntil < time()) {
$DB->delete_records('external_tokens', array('token' => $this->token, 'tokentype' => $tokentype));
throw new webservice_access_exception(get_string('invalidtimedtoken', 'webservice'));
}
if ($token->sid) {
//assumes that if sid is set then there must be a valid associated session no matter the token type
$session = session_get_instance();
if (!$session->session_exists($token->sid)) {
$DB->delete_records('external_tokens', array('sid' => $token->sid));
throw new webservice_access_exception(get_string('invalidtokensession', 'webservice'));
}
}
if ($token->iprestriction and !address_in_subnet(getremoteaddr(), $token->iprestriction)) {
add_to_log(SITEID, 'webservice', get_string('tokenauthlog', 'webservice'), '', get_string('failedtolog', 'webservice') . ": " . getremoteaddr(), 0);
throw new webservice_access_exception(get_string('invalidiptoken', 'webservice'));
}
$this->restricted_context = get_context_instance_by_id($token->contextid);
$this->restricted_serviceid = $token->externalserviceid;
$user = $DB->get_record('user', array('id' => $token->userid, 'deleted' => 0), '*', MUST_EXIST);
// log token access
$DB->set_field('external_tokens', 'lastaccess', time(), array('id' => $token->id));
return $user;
}
/**
* Check whether a major upgrade is needed. That is defined as an upgrade that
* changes something really fundamental in the database, so nothing can possibly
* work until the database has been updated, and that is defined by the hard-coded
* version number in this function.
*/
function redirect_if_major_upgrade_required()
{
global $CFG;
$lastmajordbchanges = 2012110201;
if (empty($CFG->version) or (int) $CFG->version < $lastmajordbchanges or during_initial_install() or !empty($CFG->adminsetuppending)) {
try {
@session_get_instance()->terminate_current();
} catch (Exception $e) {
// Ignore any errors, redirect to upgrade anyway.
}
$url = $CFG->wwwroot . '/' . $CFG->admin . '/index.php';
@header($_SERVER['SERVER_PROTOCOL'] . ' 303 See Other');
@header('Location: ' . $url);
echo bootstrap_renderer::plain_redirect_message(htmlspecialchars($url));
exit;
}
}
/**
* Closes the database connection and releases all resources
* and memory (especially circular memory references).
* Do NOT use connect() again, create a new instance if needed.
* @return void
*/
public function dispose()
{
if ($this->transactions) {
// this should not happen, it usually indicates wrong catching of exceptions,
// because all transactions should be finished manually or in default exception handler.
// unfortunately we can not access global $CFG any more and can not print debug,
// the diagnostic info should be printed in footer instead
$lowesttransaction = end($this->transactions);
$backtrace = $lowesttransaction->get_backtrace();
if (defined('PHPUNIT_TEST') and PHPUNIT_TEST) {
//no need to log sudden exits in our PHPUnit test cases
} else {
error_log('Potential coding error - active database transaction detected when disposing database:' . "\n" . format_backtrace($backtrace, true));
}
$this->force_transaction_rollback();
}
if ($this->used_for_db_sessions) {
// this is needed because we need to save session to db before closing it
session_get_instance()->write_close();
$this->used_for_db_sessions = false;
}
if ($this->temptables) {
$this->temptables->dispose();
$this->temptables = null;
}
if ($this->database_manager) {
$this->database_manager->dispose();
$this->database_manager = null;
}
$this->columns = array();
$this->tables = null;
}