function can_do_edit() { // the user must have 'block/curr_admin:associate' permissions on both // ends $association_id = $this->required_param('association_id', PARAM_INT); $record = new trackassignmentclass($association_id); $trackid = $record->trackid; $classid = $record->classid; return trackpage::_has_capability('block/curr_admin:associate', $trackid) && cmclasspage::_has_capability('block/curr_admin:associate', $classid); }
/** * Determines whether the current user is allowed to enrol users into the provided track * * @param int $trackid The id of the track we are checking permissions on * * @return boolean Whether the user is allowed to enrol users into the curriculum * */ static function can_enrol_into_track($trackid) { global $USER; //check the standard capability if (trackpage::_has_capability('block/curr_admin:track:enrol', $trackid)) { return true; } //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:track:enrol_cluster_user', $USER->id); //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { return true; } } } return false; }
/** * Determines whether the current user is allowed to enrol users into the provided track * * @param int $trackid The id of the track we are checking permissions on * * @return boolean Whether the user is allowed to enrol users into the curriculum * */ public static function can_enrol_into_track($trackid) { global $USER; //check the standard capability // TODO: Ugly, this needs to be overhauled $tpage = new trackpage(); if ($tpage->_has_capability('local/elisprogram:track_enrol', $trackid)) { return true; } //get the context for the "indirect" capability $context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:track_enrol_userset_user', $USER->id); //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { return true; } } } return false; }
function can_do_default() { $id = $this->required_param('id', PARAM_INT); return trackpage::_has_capability('block/curr_admin:track:view', $id); }
/** * Obtain the count of users who can be assigned to the provided track * * @param int $trackid The record id of the track we are currently assigning to * @param string $namesearch A substring of users' fullnames to search by * @param string $alpha The first letter of users' fullnames to search by * * @return array The total count of appropriate users */ public static function count_available_users($trackid, $namesearch = '', $alpha = '') { global $CFG, $DB, $USER; require_once elispm::file('trackpage.class.php'); require_once elispm::lib('data/clusterassignment.class.php'); $FULLNAME = $DB->sql_concat('usr.firstname', "' '", 'usr.lastname'); $select = 'SELECT COUNT(*) '; $sql = 'FROM {' . user::TABLE . '} usr ' . 'LEFT OUTER JOIN {' . usertrack::TABLE . '} ut ON ut.userid = usr.id AND ut.trackid = :trackid ' . 'WHERE ut.userid IS NULL '; $params = array('trackid' => $trackid); if ($namesearch != '') { $NAMELIKE = $DB->sql_like($FULLNAME, ':namesearch', false); $namesearch = trim($namesearch); $sql .= 'AND ' . $NAMELIKE . ' '; $params['namesearch'] = "%{$namesearch}%"; } if ($alpha != '') { //todo: determine if this should actually be using last name? $ALPHA_LIKE = $DB->sql_like($FULLNAME, ':lastname', false); $sql .= 'AND ' . $ALPHA_LIKE . ' '; $params['lastname'] = "{$alpha}%"; } if (empty(elis::$config->local_elisprogram->legacy_show_inactive_users)) { $sql .= 'AND usr.inactive = 0 '; } // TODO: Ugly, this needs to be overhauled $tpage = new trackpage(); if (!$tpage->_has_capability('local/elisprogram:track_enrol', $trackid)) { //perform SQL filtering for the more "conditional" capability //get the context for the "indirect" capability $context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:track_enrol_userset_user', $USER->id); //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); $allowed_clusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); if (empty($allowed_clusters)) { $sql .= 'AND 0=1 '; } else { $cluster_filter = implode(',', $allowed_clusters); $sql .= "AND usr.id IN (\n SELECT userid FROM {" . clusterassignment::TABLE . "}\n WHERE clusterid IN (:clusterfilter)) "; $params['clusterfilter'] = $cluster_filter; } } return $DB->count_records_sql($select . $sql, $params); }
function can_do_default() { $id = $this->required_param('id', PARAM_INT); if (trackpage::_has_capability('block/curr_admin:track:view', $id)) { //allow viewing but not managing associations return true; } return trackpage::_has_capability('block/curr_admin:associate', $id); }
/** * Unassign the users from the track. * * @param array $elements An array of user informatio to unassign from the track. * @param bool $bulkaction Whether this is a bulk-action or not. * @return array An array to format as JSON and return to the Javascript. */ protected function _respond_to_js(array $elements, $bulkaction) { global $DB; $trackid = required_param('id', PARAM_INT); // Permissions. $tpage = new trackpage(); if ($tpage->_has_capability('local/elisprogram:track_view', $trackid) !== true) { return array('result' => 'fail', 'msg' => get_string('not_permitted', 'local_elisprogram')); } foreach ($elements as $userid => $label) { if ($this->can_unassign($trackid, $userid) === true) { $assignrec = $DB->get_record(usertrack::TABLE, array('userid' => $userid, 'trackid' => $trackid)); $usertrack = new usertrack($assignrec); $usertrack->delete(); } } return array('result' => 'success', 'msg' => 'Success'); }
/** * Determines whether the current user is allowed to create, edit, and delete associations * between a user and a track * * @param int $userid The id of the user being associated to the track * @param int $trackid The id of the track we are associating the user to * * @return boolean True if the current user has the required permissions, otherwise false */ public static function can_manage_assoc($userid, $trackid) { global $USER; //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:track:enrol_cluster_user', $USER->id); $allowed_clusters = array(); if (!trackpage::can_enrol_into_track($trackid)) { //the users who satisfty this condition are a superset of those who can manage associations return false; } else { if (trackpage::_has_capability('block/curr_admin:track:enrol', $trackid)) { //current user has the direct capability return true; } } //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); $allowed_clusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); //query to get users associated to at least one enabling cluster $cluster_select = ''; if (empty($allowed_clusters)) { $cluster_select = '0=1'; } else { $cluster_select = 'clusterid IN (' . implode(',', $allowed_clusters) . ')'; } $select = "userid = {$userid} AND {$cluster_select}"; //user just needs to be in one of the possible clusters if (record_exists_select(CLSTUSERTABLE, $select)) { return true; } return false; }
} // find all users not enrolled in the track $FULLNAME = sql_concat('usr.firstname', "' '", 'usr.lastname'); $LIKE = $CURMAN->db->sql_compare(); $select = 'SELECT usr.*, ' . $FULLNAME . ' AS name, usr.lastname AS lastname '; $sql = 'FROM ' . $CURMAN->db->prefix_table(USRTABLE) . ' usr ' . 'LEFT OUTER JOIN ' . $CURMAN->db->prefix_table(USRTRKTABLE) . ' ut ON ut.userid = usr.id AND ut.trackid = ' . $trackid . ' ' . 'WHERE ut.userid IS NULL '; if (empty($CURMAN->config->legacy_show_inactive_users)) { $sql .= 'AND usr.inactive = 0 '; } if ($alpha) { $sql .= 'AND ' . $FULLNAME . ' ' . $LIKE . ' \'' . $alpha . '%\' '; } if ($namesearch) { $sql .= 'AND ' . $FULLNAME . ' ' . $LIKE . ' \'%' . $namesearch . '%\' '; } if (!trackpage::_has_capability('block/curr_admin:track:enrol', $trackid)) { //perform SQL filtering for the more "conditional" capability //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:track:enrol_cluster_user', $USER->id); //get the clusters and check the context against them $clusters = clustertrack::get_clusters($trackid); $allowed_clusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); if (empty($allowed_clusters)) { $sql .= 'AND 0=1'; } else { $cluster_filter = implode(',', $allowed_clusters); $sql .= "AND usr.id IN (\n SELECT userid FROM " . $CURMAN->db->prefix_table(CLSTUSERTABLE) . "\n WHERE clusterid IN ({$cluster_filter}))"; } } // get the total number of matching users $count = $CURMAN->db->count_records_sql('SELECT COUNT(usr.id) ' . $sql);