/** * Get accessdata for a given user. * * @private * @param int $userid * @param bool $preloadonly true means do not return access array * @return array accessdata */ function get_user_accessdata($userid, $preloadonly = false) { global $CFG, $ACCESSLIB_PRIVATE, $USER; if (!empty($USER->acces['rdef']) and empty($ACCESSLIB_PRIVATE->rolepermissions)) { // share rdef from USER session with rolepermissions cache in order to conserve memory foreach ($USER->acces['rdef'] as $k => $v) { $ACCESSLIB_PRIVATE->rolepermissions[$k] =& $USER->acces['rdef'][$k]; } $ACCESSLIB_PRIVATE->accessdatabyuser[$USER->id] = $USER->acces; } if (!isset($ACCESSLIB_PRIVATE->accessdatabyuser[$userid])) { if (empty($userid)) { if (!empty($CFG->notloggedinroleid)) { $accessdata = get_role_access($CFG->notloggedinroleid); } else { // weird return get_empty_accessdata(); } } else { if (isguestuser($userid)) { if ($guestrole = get_guest_role()) { $accessdata = get_role_access($guestrole->id); } else { //weird return get_empty_accessdata(); } } else { $accessdata = get_user_access_sitewide($userid); // includes default role and frontpage role } } $ACCESSLIB_PRIVATE->accessdatabyuser[$userid] = $accessdata; } if ($preloadonly) { return; } else { return $ACCESSLIB_PRIVATE->accessdatabyuser[$userid]; } }
/** * Test getting of role access */ public function test_get_role_access() { global $DB; $roles = $DB->get_records('role'); foreach ($roles as $role) { $access = get_role_access($role->id); $this->assertTrue(is_array($access)); $this->assertTrue(is_array($access['ra'])); $this->assertTrue(is_array($access['rdef'])); $this->assertTrue(isset($access['rdef_count'])); $this->assertTrue(is_array($access['loaded'])); $this->assertTrue(isset($access['time'])); $this->assertTrue(is_array($access['rsw'])); } // Note: the data is validated in the functional permission evaluation test at the end of this testcase. }
/** * A convenience function to completely load all the capabilities * for the current user. This is what gets called from complete_user_login() * for example. Call it only _after_ you've setup $USER and called * check_enrolment_plugins(); * */ function load_all_capabilities() { global $USER, $CFG, $ACCESSLIB_PRIVATE; // roles not installed yet - we are in the middle of installation if (empty($CFG->rolesactive)) { return; } $base = '/' . SYSCONTEXTID; if (isguestuser()) { $guest = get_guest_role(); // Load the rdefs $USER->access = get_role_access($guest->id); // Put the ghost enrolment in place... $USER->access['ra'][$base] = array($guest->id); } else { if (isloggedin()) { $accessdata = get_user_access_sitewide($USER->id); // // provide "default role" & set 'dr' // if (!empty($CFG->defaultuserroleid)) { $accessdata = get_role_access($CFG->defaultuserroleid, $accessdata); if (!isset($accessdata['ra'][$base])) { $accessdata['ra'][$base] = array($CFG->defaultuserroleid); } else { array_push($accessdata['ra'][$base], $CFG->defaultuserroleid); } $accessdata['dr'] = $CFG->defaultuserroleid; } $frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID); // // provide "default frontpage role" // if (!empty($CFG->defaultfrontpageroleid)) { $base = '/' . SYSCONTEXTID . '/' . $frontpagecontext->id; $accessdata = get_default_frontpage_role_access($CFG->defaultfrontpageroleid, $accessdata); if (!isset($accessdata['ra'][$base])) { $accessdata['ra'][$base] = array($CFG->defaultfrontpageroleid); } else { array_push($accessdata['ra'][$base], $CFG->defaultfrontpageroleid); } } $USER->access = $accessdata; } else { if (!empty($CFG->notloggedinroleid)) { $USER->access = get_role_access($CFG->notloggedinroleid); $USER->access['ra'][$base] = array($CFG->notloggedinroleid); } } } // Timestamp to read dirty context timestamps later $USER->access['time'] = time(); $ACCESSLIB_PRIVATE->dirtycontexts = array(); // Clear to force a refresh unset($USER->mycourses); }
// This duplicates code in load_all_capabilities and has_capability. $systempath = '/' . SYSCONTEXTID; if ($userid == 0) { if (!empty($CFG->notloggedinroleid)) { $accessdata = get_role_access($CFG->notloggedinroleid); $accessdata['ra'][$systempath] = array($CFG->notloggedinroleid); } else { $accessdata = array(); $accessdata['ra'] = array(); $accessdata['rdef'] = array(); $accessdata['loaded'] = array(); } } else { if (isguestuser($user)) { $guestrole = get_guest_role(); $accessdata = get_role_access($guestrole->id); $accessdata['ra'][$systempath] = array($guestrole->id); } else { load_user_accessdata($userid); $accessdata = $ACCESS[$userid]; } } if ($context->contextlevel > CONTEXT_COURSE && !path_inaccessdata($context->path, $accessdata)) { load_subcontext($userid, $context, $accessdata); } // Load the roles we need. $roleids = array(); foreach ($accessdata['ra'] as $roleassignments) { $roleids = array_merge($roleassignments, $roleids); } $roles = get_records_list('role', 'id', $roleids);
/** * A convenience function to completely load all the capabilities * for the current user. This is what gets called from complete_user_login() * for example. Call it only _after_ you've setup $USER and called * check_enrolment_plugins(); * @see check_enrolment_plugins() * * @return void */ function load_all_capabilities() { global $CFG, $ACCESSLIB_PRIVATE; //NOTE: we can not use $USER here because it may no be linked to $_SESSION['USER'] yet! // roles not installed yet - we are in the middle of installation if (during_initial_install()) { return; } $base = '/' . SYSCONTEXTID; if (isguestuser($_SESSION['USER'])) { $guest = get_guest_role(); // Load the rdefs $_SESSION['USER']->access = get_role_access($guest->id); // Put the ghost enrolment in place... $_SESSION['USER']->access['ra'][$base] = array($guest->id => $guest->id); } else { if (!empty($_SESSION['USER']->id)) { // can not use isloggedin() yet $accessdata = get_user_access_sitewide($_SESSION['USER']->id); // // provide "default role" & set 'dr' // if (!empty($CFG->defaultuserroleid)) { $accessdata = get_role_access($CFG->defaultuserroleid, $accessdata); if (!isset($accessdata['ra'][$base])) { $accessdata['ra'][$base] = array(); } $accessdata['ra'][$base][$CFG->defaultuserroleid] = $CFG->defaultuserroleid; $accessdata['dr'] = $CFG->defaultuserroleid; } $frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID); // // provide "default frontpage role" // if (!empty($CFG->defaultfrontpageroleid)) { $base = '/' . SYSCONTEXTID . '/' . $frontpagecontext->id; $accessdata = get_default_frontpage_role_access($CFG->defaultfrontpageroleid, $accessdata); if (!isset($accessdata['ra'][$base])) { $accessdata['ra'][$base] = array(); } $accessdata['ra'][$base][$CFG->defaultfrontpageroleid] = $CFG->defaultfrontpageroleid; } $_SESSION['USER']->access = $accessdata; } else { if (!empty($CFG->notloggedinroleid)) { $_SESSION['USER']->access = get_role_access($CFG->notloggedinroleid); $_SESSION['USER']->access['ra'][$base] = array($CFG->notloggedinroleid => $CFG->notloggedinroleid); } } } // Timestamp to read dirty context timestamps later $_SESSION['USER']->access['time'] = time(); $ACCESSLIB_PRIVATE->dirtycontexts = array(); // Clear to force a refresh unset($_SESSION['USER']->mycourses); }
/** * A convenience function to completely load all the capabilities * for the current user. This is what gets called from login, for example. */ function load_all_capabilities() { global $USER, $CFG; $base = '/' . SYSCONTEXTID; if (isguestuser()) { $guest = get_guest_role(); // Load the rdefs $USER->access = get_role_access($guest->id); // Put the ghost enrolment in place... $USER->access['ra'][$base] = array($guest->id); } else { if (isloggedin()) { check_enrolment_plugins($USER); $accessdata = get_user_access_sitewide($USER->id); // // provide "default role" & set 'dr' // if (!empty($CFG->defaultuserroleid)) { $accessdata = get_role_access($CFG->defaultuserroleid, $accessdata); if (!isset($accessdata['ra'][$base])) { $accessdata['ra'][$base] = array($CFG->defaultuserroleid); } else { array_push($accessdata['ra'][$base], $CFG->defaultuserroleid); } $accessdata['dr'] = $CFG->defaultuserroleid; } $frontpagecontext = get_context_instance(CONTEXT_COURSE, SITEID); // // provide "default frontpage role" // if (!empty($CFG->defaultfrontpageroleid)) { $base = '/' . SYSCONTEXTID . '/' . $frontpagecontext->id; $accessdata = get_default_frontpage_role_access($CFG->defaultfrontpageroleid, $accessdata); if (!isset($accessdata['ra'][$base])) { $accessdata['ra'][$base] = array($CFG->defaultfrontpageroleid); } else { array_push($accessdata['ra'][$base], $CFG->defaultfrontpageroleid); } } $USER->access = $accessdata; } else { if (!empty($CFG->notloggedinroleid)) { $USER->access = get_role_access($CFG->notloggedinroleid); $USER->access['ra'][$base] = array($CFG->notloggedinroleid); } } } // Timestamp to read // dirty context timestamps $USER->access['time'] = time(); // Clear to force a refresh unset($USER->mycourses); }