/**
* Registers a new active object (or renew an existing authorisation) with this controller.
* @param string $uuid The UUID of the object to be registered
* @param string $name Name of the object to be registered
* @param SloodleUser $user The user who is authorising the object
* @param string $password The password for the object
* @param string $type Type identifier of the object to be registered
* @param int $timestamp The timestamp of the object's registration, or null to use the current time.
* @return int|bool The new authorisation ID if successful, or false if not
*/
function register_object($uuid, $name, $user, $password, $type = '', $timestamp = null)
{
// Use the current timestamp if necessary
if ($timestamp == null) {
$timestamp = time();
}
// Extract the user ID, if available
$userid = 0;
if ($user->is_user_loaded()) {
$userid = $user->get_user_id();
}
// Check to see if an entry already exists for this object
$entry = get_record('sloodle_active_object', 'uuid', $uuid);
if (!$entry) {
// Create a new entry
$entry = new stdClass();
$entry->controllerid = $this->cm->id;
$entry->uuid = $uuid;
$entry->name = $name;
$entry->userid = $userid;
$entry->password = $password;
$entry->type = $type;
$entry->timeupdated = $timestamp;
// Attempt to insert the entry
$entry->id = insert_record('sloodle_active_object', $entry);
if (!$entry->id) {
return false;
}
} else {
// Update the existing entry
$entry->controllerid = $this->cm->id;
$entry->name = $name;
$entry->userid = $userid;
$entry->password = $password;
$entry->type = $type;
$entry->timeupdated = $timestamp;
// Attempt to update the database
if (!update_record('sloodle_active_object', $entry)) {
return false;
}
}
return $entry->id;
}
/**
* Add a new submission (or replace an existing one).
* Ignores all submission checks, such as permissions and time.
* @param SloodleUser $user The user making the submission
* @param string $obj_name Name of the object being submitted
* @param int $num_prims Number of prims in the object being submitted
* @param string $primdrop_name Name of the PrimDrop being submitted to
* @param string $primdrop_uuid UUID of the PrimDrop being submitted to
* @param string $primdrop_region Region of the PrimDrop being submitted to
* @param string $primdrop_pos Position vector (<x,y,z>) of the PrimDrop being submitted to
* @return bool True if successful, or false otherwise
*/
function submit($user, $obj_name, $num_prims, $primdrop_name, $primdrop_uuid, $primdrop_region, $primdrop_pos)
{
// Make sure the user is loaded
if (!$user->is_user_loaded()) {
return false;
}
// Construct a submission object
$sloodle_submission = new assignment_sloodleobject_submission();
$sloodle_submission->obj_name = $obj_name;
$sloodle_submission->num_prims = $num_prims;
$sloodle_submission->primdrop_name = $primdrop_name;
$sloodle_submission->primdrop_uuid = $primdrop_uuid;
$sloodle_submission->primdrop_region = $primdrop_region;
$sloodle_submission->primdrop_pos = $primdrop_pos;
// Update the submission
return $this->assignment->update_submission($user->get_user_id(), $sloodle_submission);
}
/**
* Validates the user account and enrolment (ensures there is an avatar linked to a VLE account, and that the VLE account is enrolled in the current course).
* Attempts auto-registration/enrolment if that is allowed and required, and logs-in the user.
* Server access level is checked if it is specified in the request parameters.
* If the request indicates that it relates to an object, then the validation fails.
* Note: if you only require to ensure that an avatar is registered, then use {@link validate_avatar()}.
* @param bool $require If true, the script will be terminated with an error message if validation fails
* @param bool $suppress_autoreg If true, auto-registration will be completely suppressed for this function call
* @param bool $suppress_autoenrol If true, auto-enrolment will be completely suppressed for this function call
* @return bool Returns true if validation and/or autoregistration were successful. Returns false on failure (unless $require was true).
* @see SloodleSession::validate_avatar()
*/
function validate_user($require = true, $suppress_autoreg = false, $suppress_autoenrol = false)
{
// Is it an object request?
if ($this->request->is_object_request()) {
if ($require) {
$this->response->quick_output(-301, 'USER_AUTH', 'Cannot validate object as user.', false);
exit;
}
return false;
}
// Was a server access level specified in the request?
$sal = $this->request->get_server_access_level(false);
if ($sal != null) {
// Check what level was specified
$sal = (int) $sal;
$allowed = false;
$reason = 'Unknown.';
switch ($sal) {
case SLOODLE_SERVER_ACCESS_LEVEL_PUBLIC:
// Always allowed
$allowed = true;
break;
case SLOODLE_SERVER_ACCESS_LEVEL_COURSE:
// Is a course already loaded?
if (!$this->course->is_loaded()) {
$reason = 'No course loaded.';
break;
}
// Was a user account already fully loaded?
if ($this->user->is_avatar_linked()) {
// Is the user enrolled on the current course?
if ($this->user->is_enrolled($this->course->get_course_id())) {
$allowed = true;
} else {
$reason = 'User not enrolled in course.';
}
} else {
$reason = 'User not registered on site.';
}
break;
case SLOODLE_SERVER_ACCESS_LEVEL_SITE:
// Was a user account already fully loaded?
if ($this->user->is_avatar_linked()) {
$allowed = true;
} else {
$reason = 'User not registered on site.';
}
break;
case SLOODLE_SERVER_ACCESS_LEVEL_STAFF:
// Is a course already loaded?
if (!$this->course->is_loaded()) {
$reason = 'No course loaded.';
break;
}
// Was a user account already fully loaded?
if ($this->user->is_avatar_linked()) {
// Is the user staff on the current course?
if ($this->user->is_staff($this->course->get_course_id())) {
$allowed = true;
} else {
$reason = 'User not staff in course.';
}
} else {
$reason = 'User not registered on site.';
}
break;
default:
// Unknown access level
$reason = 'Access level not recognised';
break;
}
// Was the user blocked by access level?
if (!$allowed) {
if ($require) {
$this->response->quick_output(-331, 'USER_AUTH', $reason, false);
exit;
}
return false;
}
}
// REGISTRATION //
// Make sure a the course is loaded
if (!$this->course->is_loaded()) {
if ($require) {
$this->response->quick_output(-511, 'COURSE', 'Cannot validate user - no course data loaded.', false);
exit;
}
return false;
}
// Is the user already loaded?
if (!$this->user->is_avatar_linked()) {
// If an avatar is loaded, but the user isn't, then we probably have a deleted Moodle user
if ($this->user->is_avatar_loaded() == true && $this->user->is_user_loaded() == false) {
$this->response->quick_output(-301, 'USER_AUTH', 'Avatar linked to deleted user account', false);
exit;
}
// Make sure avatar details were provided
$uuid = $this->request->get_avatar_uuid(false);
$avname = $this->request->get_avatar_name(false);
// Is validation required?
if ($require) {
// Check the UUID
if (empty($uuid)) {
$this->response->quick_output(-311, 'USER_AUTH', 'User UUID required', false);
exit;
}
// Check the name
if (empty($avname)) {
$this->response->quick_output(-311, 'USER_AUTH', 'Avatar name required', false);
exit;
}
} else {
if (empty($uuid) || empty($avname)) {
// If there was a problem, just stop
return false;
}
}
// Ensure autoreg is not suppressed, and that it is permitted on that course and on the site
if ($suppress_autoreg == true || $this->course->check_autoreg() == false) {
if ($require) {
$this->response->quick_output(-321, 'USER_AUTH', 'User not registered, and auto-registration of users was not permitted', false);
exit;
}
return false;
}
// It is important that we also check auto-enrolment here.
// If that is not enabled, but the call here requires it, then there is no point registering the user.
if ($suppress_autoenrol == true || $this->course->check_autoenrol() == false) {
if ($require) {
$this->response->quick_output(-421, 'USER_ENROL', 'User not enrolled, and auto-enrolment of users was not permitted', false);
exit;
}
return false;
}
// Is there an avatar loaded?
if (!$this->user->is_avatar_loaded()) {
// Add the avatar details, linked to imaginary user 0
if (!$this->user->add_linked_avatar(0, $uuid, $avname)) {
if ($require) {
$this->response->quick_output(-322, 'USER_AUTH', 'Failed to add new avatar', false);
exit;
}
return false;
}
}
// If we reached here then we definitely have an avatar
// Create a matching Moodle user
$password = $this->user->autoregister_avatar_user();
if ($password === FALSE) {
if ($require) {
$this->response->quick_output(-322, 'USER_AUTH', 'Failed to register new user account', false);
exit;
}
return false;
}
// Add a side effect code to our response data
$this->response->add_side_effect(322);
// The user needs to be notified of their new username/password
if (isset($_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'])) {
sloodle_login_notification($_SERVER['HTTP_X_SECONDLIFE_OBJECT_KEY'], $uuid, $this->user->get_username(), $password);
}
}
// ENROLMENT //
// Is the user already enrolled on the course?
if (!$this->user->is_enrolled($this->course->get_course_id())) {
// Ensure auto-enrolment is not suppressed, and that it is permitted on that course and on the site
if ($suppress_autoenrol == true || $this->course->check_autoenrol() == false) {
if ($require) {
$this->response->quick_output(-421, 'USER_ENROL', 'Auto-enrolment of users was not permitted', false);
exit;
}
return false;
}
// Attempt to enrol the user
if (!$this->user->enrol()) {
if ($require) {
$this->response->quick_output(-422, 'USER_ENROL', 'Auto-enrolment failed', false);
exit;
}
return false;
}
// Add a side effect code to our response data
$this->response->add_side_effect(422);
}
// Make sure the user is logged-in
return $this->user->login();
}
