/** * A convenience function to completely load all the capabilities * for the current user. It is called from has_capability() and functions change permissions. * * Call it only _after_ you've setup $USER and called check_enrolment_plugins(); * @see check_enrolment_plugins() * * @private * @return void */ function load_all_capabilities() { global $USER; // roles not installed yet - we are in the middle of installation if (during_initial_install()) { return; } if (!isset($USER->id)) { // this should not happen $USER->id = 0; } unset($USER->access); $USER->access = get_user_accessdata($USER->id); // deduplicate the overrides to minimize session size dedupe_user_access(); // Clear to force a refresh unset($USER->mycourses); // init/reset internal enrol caches - active course enrolments and temp access $USER->enrol = array('enrolled' => array(), 'tempguest' => array()); }
/** * Test whether a user can enrol users into a sub-userset if they have the required capability on the * parent userset. */ public function test_getallowedclusterswithparentpermission() { global $DB; $this->load_csv_data(); // Create role with cap: 'local/elisprogram:class_view'. $testrole = new stdClass(); $testrole->name = 'ELIS Sub-Userset Manager'; $testrole->shortname = '_test_ELIS_3848'; $testrole->description = 'ELIS userset enrol into sub-userser'; $testrole->archetype = ''; $testrole->id = create_role($testrole->name, $testrole->shortname, $testrole->description, $testrole->archetype); // Ensure our new role is assignable to ELIS class contexts. set_role_contextlevels($testrole->id, array(CONTEXT_ELIS_USERSET)); // Ensure the role has our required capability assigned. $syscontext = context_system::instance(); assign_capability('local/elisprogram:userset', CAP_ALLOW, $testrole->id, $syscontext->id, true); assign_capability('local/elisprogram:userset_view', CAP_ALLOW, $testrole->id, $syscontext->id, true); assign_capability('local/elisprogram:userset_create', CAP_ALLOW, $testrole->id, $syscontext->id, true); assign_capability('local/elisprogram:userset_enrol_userset_user', CAP_ALLOW, $testrole->id, $syscontext->id, true); $syscontext->mark_dirty(); // Assign a test user a role within the parent userset. $context = \local_elisprogram\context\userset::instance(1); role_assign($testrole->id, 100, $context->id); // Assign a test user a role within the sub-sub-userset. $ctx2 = \local_elisprogram\context\userset::instance(4); role_assign($testrole->id, 100, $ctx2->id); // Switch to testuser. $USER = $DB->get_record('user', array('id' => 100)); $USER->access = get_user_accessdata($USER->id); load_role_access_by_context($testrole->id, $context, $USER->access); // We need to force the accesslib cache to refresh. $GLOBALS['USER'] = $USER; // Check which of the parent usersets the user has access to based on the sub-userset. $allowed = userset::get_allowed_clusters(2); $this->assertInternalType('array', $allowed); $this->assertEquals(1, count($allowed)); // Check which of the parent usersets the user has access to basdd on the sub-sub-userset. $allowed = userset::get_allowed_clusters(4); $this->assertInternalType('array', $allowed); $this->assertEquals(2, count($allowed)); }
/** * Initialize a new user description object */ protected function inituser() { global $CFG, $DB, $USER; $data = array('idnumber' => '__fcH__TESTID001__', 'username' => '__fcH__testuser1__', 'firstname' => 'Test', 'lastname' => 'User1', 'email' => '*****@*****.**', 'country' => 'us'); $newuser = new user($data); $newuser->save(); $this->tuserid = $newuser->id; $usernew = new stdClass(); $usernew->username = '******'; $usernew->idnumber = '__fcH__testuser__'; $usernew->firstname = 'Test'; $usernew->lastname = 'User'; $usernew->email = '*****@*****.**'; $usernew->confirmed = 1; $usernew->auth = 'manual'; $usernew->mnethostid = $CFG->mnet_localhost_id; $usernew->confirmed = 1; $usernew->timecreated = time(); $usernew->password = hash_internal_user_password('testpassword'); $this->mdluserid = $DB->insert_record('user', $usernew); // Setup the global user to be this new test user we have created. $USER = $DB->get_record('user', array('id' => $this->mdluserid)); $USER->access = get_user_accessdata($USER->id); }
/** * A convenience function to completely load all the capabilities * for the current user. It is called from has_capability() and functions change permissions. * * Call it only _after_ you've setup $USER and called check_enrolment_plugins(); * @see check_enrolment_plugins() * * @private * @return void */ function load_all_capabilities() { global $USER; // roles not installed yet - we are in the middle of installation if (during_initial_install()) { return; } if (!isset($USER->id)) { // this should not happen $USER->id = 0; } unset($USER->access); $USER->access = get_user_accessdata($USER->id); // deduplicate the overrides to minimize session size dedupe_user_access(); // Clear to force a refresh unset($USER->mycourses); unset($USER->enrol); }