/**
 * Calculates capability data organised by context for the given roles.
 *
 * @param string $capability The capability to get data for.
 * @param array $roles An array of roles to get data for.
 * @return context[] An array of contexts.
 */
function tool_capability_calculate_role_data($capability, array $roles)
{
    global $DB;
    $systemcontext = context_system::instance();
    $roleids = array_keys($roles);
    // Work out the bits needed for the SQL WHERE clauses.
    $params = array($capability);
    list($sqlroletest, $roleparams) = $DB->get_in_or_equal($roleids);
    $params = array_merge($params, $roleparams);
    $sqlroletest = 'AND roleid ' . $sqlroletest;
    // Get all the role_capabilities rows for this capability - that is, all
    // role definitions, and all role overrides.
    $sql = 'SELECT id, roleid, contextid, permission
              FROM {role_capabilities}
             WHERE capability = ? ' . $sqlroletest;
    $rolecaps = $DB->get_records_sql($sql, $params);
    // In order to display a nice tree of contexts, we need to get all the
    // ancestors of all the contexts in the query we just did.
    $sql = 'SELECT DISTINCT con.path, 1
              FROM {context} con
              JOIN {role_capabilities} rc ON rc.contextid = con.id
             WHERE capability = ? ' . $sqlroletest;
    $relevantpaths = $DB->get_records_sql_menu($sql, $params);
    $requiredcontexts = array($systemcontext->id);
    foreach ($relevantpaths as $path => $notused) {
        $requiredcontexts = array_merge($requiredcontexts, explode('/', trim($path, '/')));
    }
    $requiredcontexts = array_unique($requiredcontexts);
    // Now load those contexts.
    list($sqlcontexttest, $contextparams) = $DB->get_in_or_equal($requiredcontexts);
    $contexts = get_sorted_contexts('ctx.id ' . $sqlcontexttest, $contextparams);
    // Prepare some empty arrays to hold the data we are about to compute.
    foreach ($contexts as $conid => $con) {
        $contexts[$conid]->children = array();
        $contexts[$conid]->rolecapabilities = array();
    }
    // Put the contexts into a tree structure.
    foreach ($contexts as $conid => $con) {
        $context = context::instance_by_id($conid);
        $parentcontext = $context->get_parent_context();
        if ($parentcontext) {
            $contexts[$parentcontext->id]->children[] = $conid;
        }
    }
    // Put the role capabilities into the context tree.
    foreach ($rolecaps as $rolecap) {
        $contexts[$rolecap->contextid]->rolecapabilities[$rolecap->roleid] = $rolecap->permission;
    }
    // Fill in any missing rolecaps for the system context.
    foreach ($roleids as $roleid) {
        if (!isset($contexts[$systemcontext->id]->rolecapabilities[$roleid])) {
            $contexts[$systemcontext->id]->rolecapabilities[$roleid] = CAP_INHERIT;
        }
    }
    return $contexts;
}
示例#2
0
    $PAGE->navbar->includesettingsbase = true;
}
/// Now get the role assignments for this user.
$sql = "SELECT\n        ra.id, ra.userid, ra.contextid, ra.roleid, ra.component, ra.itemid,\n        c.path,\n        r.name AS rolename,\n        COALESCE(rn.name, r.name) AS localname\n    FROM\n        {role_assignments} ra\n        JOIN {context} c ON ra.contextid = c.id\n        JOIN {role} r ON ra.roleid = r.id\n        LEFT JOIN {role_names} rn ON rn.roleid = ra.roleid AND rn.contextid = ra.contextid\n    WHERE\n        ra.userid = ?\n    " . "\n    ORDER BY\n        contextlevel DESC, contextid ASC, r.sortorder ASC";
$roleassignments = $DB->get_records_sql($sql, array($user->id));
/// In order to display a nice tree of contexts, we need to get all the
/// ancestors of all the contexts in the query we just did.
$requiredcontexts = array();
foreach ($roleassignments as $ra) {
    $requiredcontexts = array_merge($requiredcontexts, explode('/', trim($ra->path, '/')));
}
$requiredcontexts = array_unique($requiredcontexts);
/// Now load those contexts.
if ($requiredcontexts) {
    list($sqlcontexttest, $contextparams) = $DB->get_in_or_equal($requiredcontexts);
    $contexts = get_sorted_contexts('ctx.id ' . $sqlcontexttest, $contextparams);
} else {
    $contexts = array();
}
/// Prepare some empty arrays to hold the data we are about to compute.
foreach ($contexts as $conid => $con) {
    $contexts[$conid]->children = array();
    $contexts[$conid]->roleassignments = array();
}
/// Put the contexts into a tree structure.
foreach ($contexts as $conid => $con) {
    $context = context::instance_by_id($conid);
    $parentcontextid = get_parent_contextid($context);
    if ($parentcontextid) {
        $contexts[$parentcontextid]->children[] = $conid;
    }
示例#3
0
 // Get all the role_capabilities rows for this capability - that is, all
 // role definitions, and all role overrides.
 $rolecaps = get_records_sql("\n            SELECT id, roleid, contextid, permission\n            FROM {role_capabilities}\n            WHERE capability = '{$capability}' {$sqlroletest}");
 // In order to display a nice tree of contexts, we need to get all the
 // ancestors of all the contexts in the query we just did.
 $relevantpaths = get_records_sql_menu("\n            SELECT DISTINCT con.path, 1\n            FROM {context} con JOIN {role_capabilities} rc ON rc.contextid = con.id\n            WHERE capability = '{$capability}' {$sqlroletest}");
 $requiredcontexts = array($systemcontext->id);
 if (!empty($relevantpaths)) {
     foreach ($relevantpaths as $path => $notused) {
         $requiredcontexts = array_merge($requiredcontexts, explode('/', trim($path, '/')));
     }
 }
 $requiredcontexts = array_unique($requiredcontexts);
 // Now load those contexts.
 if (count($requiredcontexts) > 0) {
     $contexts = get_sorted_contexts('ctx.id IN (' . implode(',', $requiredcontexts) . ')');
 }
 if (empty($contexts)) {
     $contexts = array();
 }
 // Prepare some empty arrays to hold the data we are about to compute.
 foreach ($contexts as $conid => $con) {
     $contexts[$conid]->children = array();
     $contexts[$conid]->rolecapabilites = array();
 }
 // Put the contexts into a tree structure.
 foreach ($contexts as $conid => $con) {
     $parentcontextid = get_parent_contextid($con);
     if ($parentcontextid) {
         $contexts[$parentcontextid]->children[] = $conid;
     }
示例#4
0
    print_error('nopermissions', 'error', '', get_string('checkpermissions', 'role'));
}
/// Now get the role assignments for this user.
$sql = "SELECT\n        ra.id, ra.userid, ra.contextid, ra.roleid, ra.enrol,\n        c.path,\n        r.name AS rolename,\n        COALESCE(rn.name, r.name) AS localname\n    FROM\n        {role_assignments} ra\n        JOIN {context} c ON ra.contextid = c.id\n        JOIN {role} r ON ra.roleid = r.id\n        LEFT JOIN {role_names} rn ON rn.roleid = ra.roleid AND rn.contextid = ra.contextid\n    WHERE\n        ra.userid = {$user->id}\n    " . "\n    ORDER BY\n        contextlevel DESC, contextid ASC, r.sortorder ASC";
$roleassignments = get_records_sql($sql);
/// In order to display a nice tree of contexts, we need to get all the
/// ancestors of all the contexts in the query we just did.
$requiredcontexts = array();
foreach ($roleassignments as $ra) {
    $requiredcontexts = array_merge($requiredcontexts, explode('/', trim($ra->path, '/')));
}
$requiredcontexts = array_unique($requiredcontexts);
/// Now load those contexts.
if ($requiredcontexts) {
    $in = implode(',', $requiredcontexts);
    $contexts = get_sorted_contexts('ctx.id IN (' . $in . ')');
} else {
    $contexts = array();
}
/// Prepare some empty arrays to hold the data we are about to compute.
foreach ($contexts as $conid => $con) {
    $contexts[$conid]->children = array();
    $contexts[$conid]->roleassignments = array();
}
/// Put the contexts into a tree structure.
foreach ($contexts as $conid => $con) {
    $parentcontextid = get_parent_contextid($con);
    if ($parentcontextid) {
        $contexts[$parentcontextid]->children[] = $conid;
    }
}