/**
* Lookup the avatar/real name associations for everybody in the current course.
* NOTE: fails if a course is not loaded in the current {@link SloodleSession}
* @return array|bool An associative array of avatar names to (full) real names if successful, or false if a course is not available
*/
function find_real_names_course()
{
// Make sure we have a course loaded
if (!isset($this->_session)) {
return false;
}
if (!$this->_session->course->is_loaded()) {
return false;
}
$user = new SloodleUser($this->_session);
// Get a list of users of the course
$courseusers = get_course_users($this->_session->course->get_course_id());
if (!is_array($courseusers)) {
$courseusers = array();
}
// Go through each user
$output = array();
foreach ($courseusers as $u) {
// Attempt to fetch the avatar data for this Moodle user
$user->load_user($u->id);
if (!$user->load_linked_avatar()) {
continue;
}
// Store the name association
$output[$user->get_avatar_name()] = $u->firstname . ' ' . $u->lastname;
}
return $output;
}
/**
* Add a new submission (or replace an existing one).
* Ignores all submission checks, such as permissions and time.
* @param SloodleUser $user The user making the submission
* @param string $obj_name Name of the object being submitted
* @param int $num_prims Number of prims in the object being submitted
* @param string $primdrop_name Name of the PrimDrop being submitted to
* @param string $primdrop_uuid UUID of the PrimDrop being submitted to
* @param string $primdrop_region Region of the PrimDrop being submitted to
* @param string $primdrop_pos Position vector (<x,y,z>) of the PrimDrop being submitted to
* @return bool True if successful, or false otherwise
*/
function submit($user, $obj_name, $num_prims, $primdrop_name, $primdrop_uuid, $primdrop_region, $primdrop_pos)
{
// Make sure the user is loaded
if (!$user->is_user_loaded()) {
return false;
}
// Construct a submission object
$sloodle_submission = new assignment_sloodleobject_submission();
$sloodle_submission->obj_name = $obj_name;
$sloodle_submission->num_prims = $num_prims;
$sloodle_submission->primdrop_name = $primdrop_name;
$sloodle_submission->primdrop_uuid = $primdrop_uuid;
$sloodle_submission->primdrop_region = $primdrop_region;
$sloodle_submission->primdrop_pos = $primdrop_pos;
// Update the submission
return $this->assignment->update_submission($user->get_user_id(), $sloodle_submission);
}
/**
* Validates the user account and enrolment (ensures there is an avatar linked to a VLE account, and that the VLE account is enrolled in the current course).
* Attempts auto-registration/enrolment if that is allowed and required, and logs-in the user.
* Server access level is checked if it is specified in the request parameters.
* If the request indicates that it relates to an object, then the validation fails.
* Note: if you only require to ensure that an avatar is registered, then use {@link validate_avatar()}.
* @param bool $require If true, the script will be terminated with an error message if validation fails
* @param bool $suppress_autoreg If true, auto-registration will be completely suppressed for this function call
* @param bool $suppress_autoenrol If true, auto-enrolment will be completely suppressed for this function call
* @return bool Returns true if validation and/or autoregistration were successful. Returns false on failure (unless $require was true).
* @see SloodleSession::validate_avatar()
*/
function validate_user($require = true, $suppress_autoreg = false, $suppress_autoenrol = false)
{
// Is it an object request?
if ($this->request->is_object_request()) {
if ($require) {
$this->response->quick_output(-301, 'USER_AUTH', 'Cannot validate object as user.', false);
exit;
}
return false;
}
// Was a server access level specified in the request?
$sal = $this->request->get_server_access_level(false);
if ($sal != null) {
// Check what level was specified
$sal = (int) $sal;
$allowed = false;
$reason = 'Unknown.';
switch ($sal) {
case SLOODLE_SERVER_ACCESS_LEVEL_PUBLIC:
// Always allowed
$allowed = true;
break;
case SLOODLE_SERVER_ACCESS_LEVEL_COURSE:
// Is a course already loaded?
if (!$this->course->is_loaded()) {
$reason = 'No course loaded.';
break;
}
// Was a user account already fully loaded?
if ($this->user->is_avatar_linked()) {
// Is the user enrolled on the current course?
if ($this->user->is_enrolled($this->course->get_course_id())) {
$allowed = true;
} else {
$reason = 'User not enrolled in course.';
}
} else {
$reason = 'User not registered on site.';
}
break;
case SLOODLE_SERVER_ACCESS_LEVEL_SITE:
// Was a user account already fully loaded?
if ($this->user->is_avatar_linked()) {
$allowed = true;
} else {
$reason = 'User not registered on site.';
}
break;
case SLOODLE_SERVER_ACCESS_LEVEL_STAFF:
// Is a course already loaded?
if (!$this->course->is_loaded()) {
$reason = 'No course loaded.';
break;
}
// Was a user account already fully loaded?
if ($this->user->is_avatar_linked()) {
// Is the user staff on the current course?
if ($this->user->is_staff($this->course->get_course_id())) {
$allowed = true;
} else {
$reason = 'User not staff in course.';
}
} else {
$reason = 'User not registered on site.';
}
break;
default:
// Unknown access level
$reason = 'Access level not recognised';
break;
}
// Was the user blocked by access level?
if (!$allowed) {
if ($require) {
$this->response->quick_output(-331, 'USER_AUTH', $reason, false);
exit;
}
return false;
}
}
// REGISTRATION //
// Make sure a the course is loaded
if (!$this->course->is_loaded()) {
if ($require) {
$this->response->quick_output(-511, 'COURSE', 'Cannot validate user - no course data loaded.', false);
exit;
}
return false;
}
// Is the user already loaded?
if (!$this->user->is_avatar_linked()) {
// If an avatar is loaded, but the user isn't, then we probably have a deleted Moodle user
if ($this->user->is_avatar_loaded() == true && $this->user->is_user_loaded() == false) {
$this->response->quick_output(-301, 'USER_AUTH', 'Avatar linked to deleted user account', false);
exit;
}
// Make sure avatar details were provided
$uuid = $this->request->get_avatar_uuid(false);
$avname = $this->request->get_avatar_name(false);
// Is validation required?
if ($require) {
// Check the UUID
if (empty($uuid)) {
$this->response->quick_output(-311, 'USER_AUTH', 'User UUID required', false);
exit;
}
// Check the name
if (empty($avname)) {
$this->response->quick_output(-311, 'USER_AUTH', 'Avatar name required', false);
exit;
}
} else {
if (empty($uuid) || empty($avname)) {
// If there was a problem, just stop
return false;
}
}
// Ensure autoreg is not suppressed, and that it is permitted on that course and on the site
if ($suppress_autoreg == true || $this->course->check_autoreg() == false) {
if ($require) {
$this->response->quick_output(-321, 'USER_AUTH', 'User not registered, and auto-registration of users was not permitted', false);
exit;
}
return false;
}
// It is important that we also check auto-enrolment here.
// If that is not enabled, but the call here requires it, then there is no point registering the user.
if ($suppress_autoenrol == true || $this->course->check_autoenrol() == false) {
if ($require) {
$this->response->quick_output(-421, 'USER_ENROL', 'User not enrolled, and auto-enrolment of users was not permitted', false);
exit;
}
return false;
}
// Is there an avatar loaded?
if (!$this->user->is_avatar_loaded()) {
// Add the avatar details, linked to imaginary user 0
if (!$this->user->add_linked_avatar(0, $uuid, $avname)) {
if ($require) {
$this->response->quick_output(-322, 'USER_AUTH', 'Failed to add new avatar', false);
exit;
}
return false;
}
}
// If we reached here then we definitely have an avatar
// Create a matching Moodle user
$password = $this->user->autoregister_avatar_user();
if ($password === FALSE) {
if ($require) {
$this->response->quick_output(-322, 'USER_AUTH', 'Failed to register new user account', false);
exit;
}
return false;
}
// Add a side effect code to our response data
$this->response->add_side_effect(322);
// The user needs to be notified of their new username/password
if (isset($_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'])) {
sloodle_login_notification($_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'], $uuid, $this->user->get_username(), $password);
}
}
// ENROLMENT //
// Is the user already enrolled on the course?
if (!$this->user->is_enrolled($this->course->get_course_id())) {
// Ensure auto-enrolment is not suppressed, and that it is permitted on that course and on the site
if ($suppress_autoenrol == true || $this->course->check_autoenrol() == false) {
if ($require) {
$this->response->quick_output(-421, 'USER_ENROL', 'Auto-enrolment of users was not permitted', false);
exit;
}
return false;
}
// Attempt to enrol the user
if (!$this->user->enrol()) {
if ($require) {
$this->response->quick_output(-422, 'USER_ENROL', 'Auto-enrolment failed', false);
exit;
}
return false;
}
// Add a side effect code to our response data
$this->response->add_side_effect(422);
}
// Make sure the user is logged-in
return $this->user->login();
}
/**
* Authorises an otherwise unauthorised active object against the given user and the current controller.
* (NOTE: the object must previously have been registered using {@link register_object()}).
* <b>Must not be called statically.</b>
* @param string $uuid The UUID of the object being updated
* @param SloodleUser $user The user to authorise the object against
* @param string $type (Optional). Specifies the type to store for this object. Ignored if null.
* @return bool True if successful, or false if not
*/
function authorise_object($uuid, $user, $type = null)
{
// Attempt to find an unauthorised entry for the object
$entry = get_record('sloodle_active_object', 'uuid', $uuid);
if (!$entry) {
return false;
}
// Update the controller, user and time
$entry->controllerid = $this->get_id();
$entry->userid = $user->get_user_id();
if (!empty($type)) {
$entry->type = $type;
}
$entry->timeupdated = time();
if (!update_record('sloodle_active_object', $entry)) {
return false;
}
return true;
}
/**
* Deletes any loginzone allocations for the given user
* If there are multiple for the same user (which there should never be) it will delete them all.
* @param SloodleUser $user The user whose allocation is to be deleted
* @return void
*/
function delete_loginzone_allocation($user)
{
delete_records('sloodle_loginzone_allocation', 'userid', $user->get_user_id());
}
