/** * Registers a new active object (or renew an existing authorisation) with this controller. * @param string $uuid The UUID of the object to be registered * @param string $name Name of the object to be registered * @param SloodleUser $user The user who is authorising the object * @param string $password The password for the object * @param string $type Type identifier of the object to be registered * @param int $timestamp The timestamp of the object's registration, or null to use the current time. * @return int|bool The new authorisation ID if successful, or false if not */ function register_object($uuid, $name, $user, $password, $type = '', $timestamp = null) { // Use the current timestamp if necessary if ($timestamp == null) { $timestamp = time(); } // Extract the user ID, if available $userid = 0; if ($user->is_user_loaded()) { $userid = $user->get_user_id(); } // Check to see if an entry already exists for this object $entry = get_record('sloodle_active_object', 'uuid', $uuid); if (!$entry) { // Create a new entry $entry = new stdClass(); $entry->controllerid = $this->cm->id; $entry->uuid = $uuid; $entry->name = $name; $entry->userid = $userid; $entry->password = $password; $entry->type = $type; $entry->timeupdated = $timestamp; // Attempt to insert the entry $entry->id = insert_record('sloodle_active_object', $entry); if (!$entry->id) { return false; } } else { // Update the existing entry $entry->controllerid = $this->cm->id; $entry->name = $name; $entry->userid = $userid; $entry->password = $password; $entry->type = $type; $entry->timeupdated = $timestamp; // Attempt to update the database if (!update_record('sloodle_active_object', $entry)) { return false; } } return $entry->id; }
/** * Add a new submission (or replace an existing one). * Ignores all submission checks, such as permissions and time. * @param SloodleUser $user The user making the submission * @param string $obj_name Name of the object being submitted * @param int $num_prims Number of prims in the object being submitted * @param string $primdrop_name Name of the PrimDrop being submitted to * @param string $primdrop_uuid UUID of the PrimDrop being submitted to * @param string $primdrop_region Region of the PrimDrop being submitted to * @param string $primdrop_pos Position vector (<x,y,z>) of the PrimDrop being submitted to * @return bool True if successful, or false otherwise */ function submit($user, $obj_name, $num_prims, $primdrop_name, $primdrop_uuid, $primdrop_region, $primdrop_pos) { // Make sure the user is loaded if (!$user->is_user_loaded()) { return false; } // Construct a submission object $sloodle_submission = new assignment_sloodleobject_submission(); $sloodle_submission->obj_name = $obj_name; $sloodle_submission->num_prims = $num_prims; $sloodle_submission->primdrop_name = $primdrop_name; $sloodle_submission->primdrop_uuid = $primdrop_uuid; $sloodle_submission->primdrop_region = $primdrop_region; $sloodle_submission->primdrop_pos = $primdrop_pos; // Update the submission return $this->assignment->update_submission($user->get_user_id(), $sloodle_submission); }
/** * Validates the user account and enrolment (ensures there is an avatar linked to a VLE account, and that the VLE account is enrolled in the current course). * Attempts auto-registration/enrolment if that is allowed and required, and logs-in the user. * Server access level is checked if it is specified in the request parameters. * If the request indicates that it relates to an object, then the validation fails. * Note: if you only require to ensure that an avatar is registered, then use {@link validate_avatar()}. * @param bool $require If true, the script will be terminated with an error message if validation fails * @param bool $suppress_autoreg If true, auto-registration will be completely suppressed for this function call * @param bool $suppress_autoenrol If true, auto-enrolment will be completely suppressed for this function call * @return bool Returns true if validation and/or autoregistration were successful. Returns false on failure (unless $require was true). * @see SloodleSession::validate_avatar() */ function validate_user($require = true, $suppress_autoreg = false, $suppress_autoenrol = false) { // Is it an object request? if ($this->request->is_object_request()) { if ($require) { $this->response->quick_output(-301, 'USER_AUTH', 'Cannot validate object as user.', false); exit; } return false; } // Was a server access level specified in the request? $sal = $this->request->get_server_access_level(false); if ($sal != null) { // Check what level was specified $sal = (int) $sal; $allowed = false; $reason = 'Unknown.'; switch ($sal) { case SLOODLE_SERVER_ACCESS_LEVEL_PUBLIC: // Always allowed $allowed = true; break; case SLOODLE_SERVER_ACCESS_LEVEL_COURSE: // Is a course already loaded? if (!$this->course->is_loaded()) { $reason = 'No course loaded.'; break; } // Was a user account already fully loaded? if ($this->user->is_avatar_linked()) { // Is the user enrolled on the current course? if ($this->user->is_enrolled($this->course->get_course_id())) { $allowed = true; } else { $reason = 'User not enrolled in course.'; } } else { $reason = 'User not registered on site.'; } break; case SLOODLE_SERVER_ACCESS_LEVEL_SITE: // Was a user account already fully loaded? if ($this->user->is_avatar_linked()) { $allowed = true; } else { $reason = 'User not registered on site.'; } break; case SLOODLE_SERVER_ACCESS_LEVEL_STAFF: // Is a course already loaded? if (!$this->course->is_loaded()) { $reason = 'No course loaded.'; break; } // Was a user account already fully loaded? if ($this->user->is_avatar_linked()) { // Is the user staff on the current course? if ($this->user->is_staff($this->course->get_course_id())) { $allowed = true; } else { $reason = 'User not staff in course.'; } } else { $reason = 'User not registered on site.'; } break; default: // Unknown access level $reason = 'Access level not recognised'; break; } // Was the user blocked by access level? if (!$allowed) { if ($require) { $this->response->quick_output(-331, 'USER_AUTH', $reason, false); exit; } return false; } } // REGISTRATION // // Make sure a the course is loaded if (!$this->course->is_loaded()) { if ($require) { $this->response->quick_output(-511, 'COURSE', 'Cannot validate user - no course data loaded.', false); exit; } return false; } // Is the user already loaded? if (!$this->user->is_avatar_linked()) { // If an avatar is loaded, but the user isn't, then we probably have a deleted Moodle user if ($this->user->is_avatar_loaded() == true && $this->user->is_user_loaded() == false) { $this->response->quick_output(-301, 'USER_AUTH', 'Avatar linked to deleted user account', false); exit; } // Make sure avatar details were provided $uuid = $this->request->get_avatar_uuid(false); $avname = $this->request->get_avatar_name(false); // Is validation required? if ($require) { // Check the UUID if (empty($uuid)) { $this->response->quick_output(-311, 'USER_AUTH', 'User UUID required', false); exit; } // Check the name if (empty($avname)) { $this->response->quick_output(-311, 'USER_AUTH', 'Avatar name required', false); exit; } } else { if (empty($uuid) || empty($avname)) { // If there was a problem, just stop return false; } } // Ensure autoreg is not suppressed, and that it is permitted on that course and on the site if ($suppress_autoreg == true || $this->course->check_autoreg() == false) { if ($require) { $this->response->quick_output(-321, 'USER_AUTH', 'User not registered, and auto-registration of users was not permitted', false); exit; } return false; } // It is important that we also check auto-enrolment here. // If that is not enabled, but the call here requires it, then there is no point registering the user. if ($suppress_autoenrol == true || $this->course->check_autoenrol() == false) { if ($require) { $this->response->quick_output(-421, 'USER_ENROL', 'User not enrolled, and auto-enrolment of users was not permitted', false); exit; } return false; } // Is there an avatar loaded? if (!$this->user->is_avatar_loaded()) { // Add the avatar details, linked to imaginary user 0 if (!$this->user->add_linked_avatar(0, $uuid, $avname)) { if ($require) { $this->response->quick_output(-322, 'USER_AUTH', 'Failed to add new avatar', false); exit; } return false; } } // If we reached here then we definitely have an avatar // Create a matching Moodle user $password = $this->user->autoregister_avatar_user(); if ($password === FALSE) { if ($require) { $this->response->quick_output(-322, 'USER_AUTH', 'Failed to register new user account', false); exit; } return false; } // Add a side effect code to our response data $this->response->add_side_effect(322); // The user needs to be notified of their new username/password if (isset($_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'])) { sloodle_login_notification($_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'], $uuid, $this->user->get_username(), $password); } } // ENROLMENT // // Is the user already enrolled on the course? if (!$this->user->is_enrolled($this->course->get_course_id())) { // Ensure auto-enrolment is not suppressed, and that it is permitted on that course and on the site if ($suppress_autoenrol == true || $this->course->check_autoenrol() == false) { if ($require) { $this->response->quick_output(-421, 'USER_ENROL', 'Auto-enrolment of users was not permitted', false); exit; } return false; } // Attempt to enrol the user if (!$this->user->enrol()) { if ($require) { $this->response->quick_output(-422, 'USER_ENROL', 'Auto-enrolment failed', false); exit; } return false; } // Add a side effect code to our response data $this->response->add_side_effect(422); } // Make sure the user is logged-in return $this->user->login(); }