function get_records($filter) { global $CURMAN, $USER; $id = $this->required_param('id', PARAM_INT); $sort = $this->optional_param('sort', 'name', PARAM_ALPHA); $dir = $this->optional_param('dir', 'ASC', PARAM_ALPHA); $pagenum = $this->optional_param('page', 0, PARAM_INT); $FULLNAME = sql_concat('usr.firstname', "' '", 'usr.lastname'); $sql = " FROM {$CURMAN->db->prefix_table(USRTABLE)} usr\n LEFT OUTER JOIN {$CURMAN->db->prefix_table(CLSTASSTABLE)} ca ON ca.userid = usr.id AND ca.clusterid = {$id} AND ca.plugin = 'manual'\n WHERE ca.userid IS NULL"; $extrasql = $filter->get_sql_filter(); if ($extrasql) { $sql .= " AND {$extrasql}"; } if (!clusterpage::_has_capability('block/curr_admin:cluster:enrol')) { //perform SQL filtering for the more "conditional" capability //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:cluster:enrol_cluster_user', $USER->id); $allowed_clusters = cluster::get_allowed_clusters($id); if (empty($allowed_clusters)) { $sql .= ' AND 0=1'; } else { $cluster_filter = implode(',', $allowed_clusters); $sql .= " AND usr.id IN (\n SELECT userid FROM " . $CURMAN->db->prefix_table(CLSTUSERTABLE) . "\n WHERE clusterid IN ({$cluster_filter}))"; } } $count = $CURMAN->db->count_records_sql('SELECT COUNT(usr.id) ' . $sql); if ($sort) { if ($sort == 'name') { $sort = 'lastname'; } $sql .= " ORDER BY {$sort} {$dir}"; } $users = $CURMAN->db->get_records_sql("SELECT usr.*, {$FULLNAME} AS name" . $sql, $pagenum * 30, 30); return array($users, $count); }
/** * Determines whether the current user is allowed to create, edit, and delete associations * between a user and a cluster * * @param int $userid The id of the user being associated to the cluster * @param int $clustid The id of the cluster we are associating the user to * * @return boolean True if the current user has the required permissions, otherwise false */ public static function can_manage_assoc($userid, $clustid) { global $USER; $allowed_clusters = array(); if (!clusterpage::can_enrol_into_cluster($clustid)) { //the users who satisfty this condition are a superset of those who can manage associations return false; } else { if (clusterpage::_has_capability('block/curr_admin:cluster:enrol', $clustid)) { //current user has the direct capability return true; } } $allowed_clusters = cluster::get_allowed_clusters($clustid); //query to get users associated to at least one enabling cluster $cluster_select = ''; if (empty($allowed_clusters)) { $cluster_select = '0=1'; } else { $cluster_select = 'clusterid IN (' . implode(',', $allowed_clusters) . ')'; } $select = "userid = {$userid} AND {$cluster_select}"; //user just needs to be in one of the possible clusters if (record_exists_select(CLSTUSERTABLE, $select)) { return true; } return false; }