public function execute() { global $CFG, $DB; $roleid = $this->arguments[0]; $filearg = $this->arguments[1]; if (substr($filearg, 0, 1) == '/') { // Absolute file. $filename = $filearg; } else { // Relative to current directory. $filename = $this->cwd . DIRECTORY_SEPARATOR . $filearg; } $fh = fopen($filename, 'r'); $roledefinition = fread($fh, filesize($filename)); if ($roledefinition) { $systemcontext = \context_system::instance(); $options = array('shortname' => 1, 'name' => 1, 'description' => 1, 'permissions' => 1, 'archetype' => 1, 'contextlevels' => 1, 'allowassign' => 1, 'allowoverride' => 1, 'allowswitch' => 1, 'permissions' => 1); $definitiontable = new \core_role_define_role_table_advanced($systemcontext, $roleid); // Add all permissions from definition file to $_POST, otherwise, they won't be applied. $info = \core_role_preset::parse_preset($roledefinition); $_POST = $info['permissions']; $definitiontable->read_submitted_permissions(); $definitiontable->force_preset($roledefinition, $options); $definitiontable->save_changes(); } }
public function test_xml() { global $DB; $roles = $DB->get_records('role'); foreach ($roles as $role) { $xml = core_role_preset::get_export_xml($role->id); $this->assertTrue(core_role_preset::is_valid_preset($xml)); $info = core_role_preset::parse_preset($xml); $this->assertSame($role->shortname, $info['shortname']); $this->assertSame($role->name, $info['name']); $this->assertSame($role->description, $info['description']); $this->assertSame($role->archetype, $info['archetype']); $contextlevels = get_role_contextlevels($role->id); $this->assertEquals(array_values($contextlevels), array_values($info['contextlevels'])); foreach (array('assign', 'override', 'switch') as $type) { $records = $DB->get_records('role_allow_' . $type, array('roleid' => $role->id), "allow{$type} ASC"); $allows = array(); foreach ($records as $record) { if ($record->{'allow' . $type} == $role->id) { array_unshift($allows, -1); } $allows[] = $record->{'allow' . $type}; } $this->assertEquals($allows, $info['allow' . $type], "{$type} {$role->shortname} does not match"); } $capabilities = $DB->get_records_sql("SELECT *\n FROM {role_capabilities}\n WHERE contextid = :syscontext AND roleid = :roleid\n ORDER BY capability ASC", array('syscontext' => context_system::instance()->id, 'roleid' => $role->id)); foreach ($capabilities as $cap) { $this->assertEquals($cap->permission, $info['permissions'][$cap->capability]); unset($info['permissions'][$cap->capability]); } // The remainders should be only inherits. foreach ($info['permissions'] as $capability => $permission) { if ($permission == CAP_INHERIT) { continue; } $this->fail('only CAP_INHERIT expected'); } } }
/** * Change the role definition to match given preset. * * @param string $xml * @param array $options array with following keys: * 'name', 'shortname', 'description', 'permissions', 'archetype', * 'contextlevels', 'allowassign', 'allowoverride', 'allowswitch' */ public function force_preset($xml, array $options) { if (!($info = core_role_preset::parse_preset($xml))) { throw new coding_exception('Invalid role preset'); } if ($options['shortname']) { if (isset($info['shortname'])) { $this->role->shortname = $info['shortname']; } } if ($options['name']) { if (isset($info['name'])) { $this->role->name = $info['name']; } } if ($options['description']) { if (isset($info['description'])) { $this->role->description = $info['description']; } } if ($options['archetype']) { if (isset($info['archetype'])) { $this->role->archetype = $info['archetype']; } } if ($options['contextlevels']) { if (isset($info['contextlevels'])) { $this->contextlevels = $info['contextlevels']; } } foreach (array('assign', 'override', 'switch') as $type) { if ($options['allow' . $type]) { if (isset($info['allow' . $type])) { $this->{'allow' . $type} = $info['allow' . $type]; } } } if ($options['permissions']) { foreach ($this->permissions as $k => $v) { // Note: do not set everything else to CAP_INHERIT here // because the xml file might not contain all capabilities. if (isset($info['permissions'][$k])) { $this->permissions[$k] = $info['permissions'][$k]; } } } }