$capabilities = null;
}
/// Process incoming role override
if ($data = data_submitted() and $roleid and confirm_sesskey()) {
$allowed_values = array(CAP_INHERIT, CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT);
$localoverrides = get_records_select('role_capabilities', "roleid = {$roleid} AND contextid = {$context->id}", '', 'capability, permission, id');
foreach ($capabilities as $cap) {
if ($cap->locked) {
//user not allowed to change this cap
continue;
}
if (!isset($data->{$cap->name})) {
//cap not specified in form
continue;
}
if (islegacy($data->{$cap->name})) {
continue;
}
$capname = $cap->name;
$value = clean_param($data->{$cap->name}, PARAM_INT);
if (!in_array($value, $allowed_values)) {
continue;
}
if (isset($localoverrides[$capname])) {
// Something exists, so update it
assign_capability($capname, $value, $roleid, $context->id, true);
} else {
// insert a record
if ($value != CAP_INHERIT) {
// Ignore inherits
assign_capability($capname, $value, $roleid, $context->id);
if (!empty($errors)) {
$newrole = new object();
$newrole->name = $name;
$newrole->shortname = $shortname;
$newrole->description = $description;
$newrole->legacytype = $legacytype;
}
$allowed_values = array(CAP_INHERIT, CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT);
$capabilities = fetch_context_capabilities($sitecontext);
// capabilities applicable in this context
foreach ($capabilities as $cap) {
if (!isset($data->{$cap->name})) {
continue;
}
// legacy caps have their own selector
if (islegacy($data->{$cap->name}) === 0) {
continue;
}
$capname = $cap->name;
$value = clean_param($data->{$cap->name}, PARAM_INT);
if (!in_array($value, $allowed_values)) {
continue;
}
if (!empty($errors)) {
$newrole->{$capname} = $value;
continue;
}
// edit default caps
$SQL = "SELECT * FROM {$CFG->prefix}role_capabilities\n WHERE roleid = {$roleid} AND capability = '{$capname}'\n AND contextid = {$sitecontext->id}";
$localoverride = get_record_sql($SQL);
if ($localoverride) {