$definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid); } } $definitiontable->read_submitted_permissions(); } } // Handle the cancel button. if (optional_param('cancel', false, PARAM_BOOL)) { redirect($returnurl); } // Process submission in necessary. if (optional_param('savechanges', false, PARAM_BOOL) && confirm_sesskey() && $definitiontable->is_submission_valid()) { $definitiontable->save_changes(); $tableroleid = $definitiontable->get_role_id(); // Trigger event. $event = \core\event\role_capabilities_updated::create(array('context' => $systemcontext, 'objectid' => $tableroleid)); $event->set_legacy_logdata(array(SITEID, 'role', $action, 'admin/roles/define.php?action=view&roleid=' . $tableroleid, $definitiontable->get_role_name(), '', $USER->id)); if (!empty($role)) { $event->add_record_snapshot('role', $role); } $event->trigger(); if ($action === 'add') { redirect(new moodle_url('/admin/roles/define.php', array('action' => 'view', 'roleid' => $definitiontable->get_role_id()))); } else { redirect($returnurl); } } // Print the page header and tabs. echo $OUTPUT->header(); $currenttab = 'manage'; require 'managetabs.php';
/** * Test adding of capabilities to roles. */ public function test_assign_capability() { global $DB; $this->resetAfterTest(); $user = $this->getDataGenerator()->create_user(); $syscontext = context_system::instance(); $frontcontext = context_course::instance(SITEID); $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); $this->assertTrue($DB->record_exists('capabilities', array('name' => 'moodle/backup:backupcourse'))); // Any capability assigned to student by default. $this->assertFalse($DB->record_exists('role_capabilities', array('contextid' => $syscontext->id, 'roleid' => $student->id, 'capability' => 'moodle/backup:backupcourse'))); $this->assertFalse($DB->record_exists('role_capabilities', array('contextid' => $frontcontext->id, 'roleid' => $student->id, 'capability' => 'moodle/backup:backupcourse'))); $this->setUser($user); $result = assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $frontcontext->id); $this->assertTrue($result); $permission = $DB->get_record('role_capabilities', array('contextid' => $frontcontext->id, 'roleid' => $student->id, 'capability' => 'moodle/backup:backupcourse')); $this->assertNotEmpty($permission); $this->assertEquals(CAP_ALLOW, $permission->permission); $this->assertEquals($user->id, $permission->modifierid); $this->setUser(0); $result = assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $student->id, $frontcontext->id, false); $this->assertTrue($result); $permission = $DB->get_record('role_capabilities', array('contextid' => $frontcontext->id, 'roleid' => $student->id, 'capability' => 'moodle/backup:backupcourse')); $this->assertNotEmpty($permission); $this->assertEquals(CAP_ALLOW, $permission->permission); $this->assertEquals(3, $permission->modifierid); $result = assign_capability('moodle/backup:backupcourse', CAP_PROHIBIT, $student->id, $frontcontext->id, true); $this->assertTrue($result); $permission = $DB->get_record('role_capabilities', array('contextid' => $frontcontext->id, 'roleid' => $student->id, 'capability' => 'moodle/backup:backupcourse')); $this->assertNotEmpty($permission); $this->assertEquals(CAP_PROHIBIT, $permission->permission); $this->assertEquals(0, $permission->modifierid); $result = assign_capability('moodle/backup:backupcourse', CAP_INHERIT, $student->id, $frontcontext->id); $this->assertTrue($result); $permission = $DB->get_record('role_capabilities', array('contextid' => $frontcontext->id, 'roleid' => $student->id, 'capability' => 'moodle/backup:backupcourse')); $this->assertEmpty($permission); // Test event trigger. $rolecapabilityevent = \core\event\role_capabilities_updated::create(array('context' => $syscontext, 'objectid' => $student->id, 'other' => array('name' => $student->shortname))); $expectedlegacylog = array(SITEID, 'role', 'view', 'admin/roles/define.php?action=view&roleid=' . $student->id, $student->shortname, '', $user->id); $rolecapabilityevent->set_legacy_logdata($expectedlegacylog); $rolecapabilityevent->add_record_snapshot('role', $student); $sink = $this->redirectEvents(); $rolecapabilityevent->trigger(); $events = $sink->get_events(); $sink->close(); $event = array_pop($events); $this->assertInstanceOf('\\core\\event\\role_capabilities_updated', $event); $expectedurl = new moodle_url('/admin/roles/define.php', array('action' => 'view', 'roleid' => $student->id)); $this->assertEquals($expectedurl, $event->get_url()); $this->assertEventLegacyLogData($expectedlegacylog, $event); $this->assertEventContextNotUsed($event); }
} // Make sure this user can override that role. if (empty($overridableroles[$roleid])) { $a = new stdClass(); $a->roleid = $roleid; $a->context = $contextname; print_error('cannotoverriderolehere', '', $context->get_url(), $a); } // If we are actually overriding a role, create the table object, and save changes if appropriate. $overridestable = new core_role_override_permissions_table_advanced($context, $roleid, $safeoverridesonly); $overridestable->read_submitted_permissions(); if (optional_param('savechanges', false, PARAM_BOOL) && confirm_sesskey()) { $overridestable->save_changes(); $rolename = $overridableroles[$roleid]; // Trigger event. $event = \core\event\role_capabilities_updated::create(array('context' => $context, 'objectid' => $roleid, 'courseid' => $courseid)); $event->set_legacy_logdata(array($course->id, 'role', 'override', 'admin/roles/override.php?contextid=' . $context->id . '&roleid=' . $roleid, $rolename, '', $USER->id)); $event->add_record_snapshot('role', $role); $event->trigger(); redirect($returnurl); } // Finally start page output. echo $OUTPUT->header(); echo $OUTPUT->heading_with_help($title, 'overridepermissions', 'core_role'); // Show UI for overriding roles. if (!empty($capabilities)) { echo $OUTPUT->box(get_string('nocapabilitiesincontext', 'core_role'), 'generalbox boxaligncenter'); } else { // Print the capabilities overrideable in this context. echo $OUTPUT->box_start('generalbox capbox'); echo html_writer::start_tag('form', array('id' => 'overrideform', 'action' => $PAGE->url->out(), 'method' => 'post'));