/**
* A convenience function to completely load all the capabilities
* for the current user. It is called from has_capability() and functions change permissions.
*
* Call it only _after_ you've setup $USER and called check_enrolment_plugins();
* @see check_enrolment_plugins()
*
* @private
* @return void
*/
function load_all_capabilities()
{
global $USER;
// roles not installed yet - we are in the middle of installation
if (during_initial_install()) {
return;
}
if (!isset($USER->id)) {
// this should not happen
$USER->id = 0;
}
unset($USER->access);
$USER->access = get_user_accessdata($USER->id);
// deduplicate the overrides to minimize session size
dedupe_user_access();
// Clear to force a refresh
unset($USER->mycourses);
// init/reset internal enrol caches - active course enrolments and temp access
$USER->enrol = array('enrolled' => array(), 'tempguest' => array());
}
/**
* Test whether a user can enrol users into a sub-userset if they have the required capability on the
* parent userset.
*/
public function test_getallowedclusterswithparentpermission()
{
global $DB;
$this->load_csv_data();
// Create role with cap: 'local/elisprogram:class_view'.
$testrole = new stdClass();
$testrole->name = 'ELIS Sub-Userset Manager';
$testrole->shortname = '_test_ELIS_3848';
$testrole->description = 'ELIS userset enrol into sub-userser';
$testrole->archetype = '';
$testrole->id = create_role($testrole->name, $testrole->shortname, $testrole->description, $testrole->archetype);
// Ensure our new role is assignable to ELIS class contexts.
set_role_contextlevels($testrole->id, array(CONTEXT_ELIS_USERSET));
// Ensure the role has our required capability assigned.
$syscontext = context_system::instance();
assign_capability('local/elisprogram:userset', CAP_ALLOW, $testrole->id, $syscontext->id, true);
assign_capability('local/elisprogram:userset_view', CAP_ALLOW, $testrole->id, $syscontext->id, true);
assign_capability('local/elisprogram:userset_create', CAP_ALLOW, $testrole->id, $syscontext->id, true);
assign_capability('local/elisprogram:userset_enrol_userset_user', CAP_ALLOW, $testrole->id, $syscontext->id, true);
$syscontext->mark_dirty();
// Assign a test user a role within the parent userset.
$context = \local_elisprogram\context\userset::instance(1);
role_assign($testrole->id, 100, $context->id);
// Assign a test user a role within the sub-sub-userset.
$ctx2 = \local_elisprogram\context\userset::instance(4);
role_assign($testrole->id, 100, $ctx2->id);
// Switch to testuser.
$USER = $DB->get_record('user', array('id' => 100));
$USER->access = get_user_accessdata($USER->id);
load_role_access_by_context($testrole->id, $context, $USER->access);
// We need to force the accesslib cache to refresh.
$GLOBALS['USER'] = $USER;
// Check which of the parent usersets the user has access to based on the sub-userset.
$allowed = userset::get_allowed_clusters(2);
$this->assertInternalType('array', $allowed);
$this->assertEquals(1, count($allowed));
// Check which of the parent usersets the user has access to basdd on the sub-sub-userset.
$allowed = userset::get_allowed_clusters(4);
$this->assertInternalType('array', $allowed);
$this->assertEquals(2, count($allowed));
}
/**
* Initialize a new user description object
*/
protected function inituser()
{
global $CFG, $DB, $USER;
$data = array('idnumber' => '__fcH__TESTID001__', 'username' => '__fcH__testuser1__', 'firstname' => 'Test', 'lastname' => 'User1', 'email' => '*****@*****.**', 'country' => 'us');
$newuser = new user($data);
$newuser->save();
$this->tuserid = $newuser->id;
$usernew = new stdClass();
$usernew->username = '******';
$usernew->idnumber = '__fcH__testuser__';
$usernew->firstname = 'Test';
$usernew->lastname = 'User';
$usernew->email = '*****@*****.**';
$usernew->confirmed = 1;
$usernew->auth = 'manual';
$usernew->mnethostid = $CFG->mnet_localhost_id;
$usernew->confirmed = 1;
$usernew->timecreated = time();
$usernew->password = hash_internal_user_password('testpassword');
$this->mdluserid = $DB->insert_record('user', $usernew);
// Setup the global user to be this new test user we have created.
$USER = $DB->get_record('user', array('id' => $this->mdluserid));
$USER->access = get_user_accessdata($USER->id);
}
/**
* A convenience function to completely load all the capabilities
* for the current user. It is called from has_capability() and functions change permissions.
*
* Call it only _after_ you've setup $USER and called check_enrolment_plugins();
* @see check_enrolment_plugins()
*
* @private
* @return void
*/
function load_all_capabilities()
{
global $USER;
// roles not installed yet - we are in the middle of installation
if (during_initial_install()) {
return;
}
if (!isset($USER->id)) {
// this should not happen
$USER->id = 0;
}
unset($USER->access);
$USER->access = get_user_accessdata($USER->id);
// deduplicate the overrides to minimize session size
dedupe_user_access();
// Clear to force a refresh
unset($USER->mycourses);
unset($USER->enrol);
}
