/**
* Set SYSTEM role permission assignments for use of TCAPI.
* This includes moodle/webservice:createtoken and local/tcapi:use.
* Affected user role is Authenticated user / user
*/
function local_tcapi_set_role_permission_overrides() {
global $CFG,$DB;
$role = $DB->get_record('role', array('archetype'=>'user'), 'id', MUST_EXIST);
if (isset($role->id)) {
require_once $CFG->dirroot.'/lib/accesslib.php';
role_change_permission($role->id, context_system::instance(), 'moodle/webservice:createtoken', CAP_ALLOW);
role_change_permission($role->id, context_system::instance(), 'webservice/rest:use', CAP_ALLOW);
role_change_permission($role->id, context_system::instance(), 'local/tcapi:use', CAP_ALLOW);
}
}
redirect($PAGE->url);
} else {
$a = (object) array('cap' => get_capability_docs_link($capability) . " ({$capability->name})", 'context' => $contextname);
$message = get_string('roleallowinfo', 'core_role', $a);
}
}
}
if ($prohibit) {
$mform = new core_role_permission_prohibit_form(null, array($context, $capability, $overridableroles));
if ($mform->is_cancelled()) {
redirect($PAGE->url);
} else {
if ($data = $mform->get_data() and !empty($data->roleid)) {
$roleid = $data->roleid;
if (isset($overridableroles[$roleid])) {
role_change_permission($roleid, $context, $capability->name, CAP_PROHIBIT);
}
redirect($PAGE->url);
} else {
$a = (object) array('cap' => get_capability_docs_link($capability) . " ({$capability->name})", 'context' => $contextname);
$message = get_string('roleprohibitinfo', 'core_role', $a);
}
}
}
echo $OUTPUT->header();
echo $OUTPUT->heading($title);
echo $OUTPUT->box($message);
$mform->display();
echo $OUTPUT->footer();
die;
}
/**
* Allows/denies a capability at the specified context
*
* @throws Exception
* @param array $data
* @return void
*/
protected function process_permission_override($data) {
// Will throw an exception if it does not exist.
$context = $this->get_context($data['contextlevel'], $data['reference']);
switch ($data['permission']) {
case get_string('allow', 'role'):
$permission = CAP_ALLOW;
break;
case get_string('prevent', 'role'):
$permission = CAP_PREVENT;
break;
case get_string('prohibit', 'role'):
$permission = CAP_PROHIBIT;
break;
default:
throw new Exception('The \'' . $data['permission'] . '\' permission does not exist');
break;
}
if (is_null(get_capability_info($data['capability']))) {
throw new Exception('The \'' . $data['capability'] . '\' capability does not exist');
}
role_change_permission($data['roleid'], $context, $data['capability'], $permission);
}
public function test_is_user_access_restricted_by_capability()
{
global $DB;
$this->resetAfterTest();
// Create a course and a mod_assign instance.
$course = $this->getDataGenerator()->create_course();
$assign = $this->getDataGenerator()->create_module('assign', array('course' => $course->id));
// Create and enrol a student.
$coursecontext = context_course::instance($course->id);
$studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
$student = $this->getDataGenerator()->create_user();
role_assign($studentrole->id, $student->id, $coursecontext);
$enrolplugin = enrol_get_plugin('manual');
$enrolinstance = $DB->get_record('enrol', array('courseid' => $course->id, 'enrol' => 'manual'));
$enrolplugin->enrol_user($enrolinstance, $student->id);
$this->setUser($student);
// Make sure student can see the module.
$cm = get_fast_modinfo($course->id)->instances['assign'][$assign->id];
$this->assertTrue($cm->uservisible);
$this->assertFalse($cm->is_user_access_restricted_by_capability());
// Prohibit student to view mod_assign for the course.
role_change_permission($studentrole->id, $coursecontext, 'mod/assign:view', CAP_PROHIBIT);
get_fast_modinfo($course->id, 0, true);
$cm = get_fast_modinfo($course->id)->instances['assign'][$assign->id];
$this->assertFalse($cm->uservisible);
$this->assertTrue($cm->is_user_access_restricted_by_capability());
// Restore permission to student to view mod_assign for the course.
role_change_permission($studentrole->id, $coursecontext, 'mod/assign:view', CAP_INHERIT);
get_fast_modinfo($course->id, 0, true);
$cm = get_fast_modinfo($course->id)->instances['assign'][$assign->id];
$this->assertTrue($cm->uservisible);
$this->assertFalse($cm->is_user_access_restricted_by_capability());
// Prohibit student to view mod_assign for the particular module.
role_change_permission($studentrole->id, context_module::instance($cm->id), 'mod/assign:view', CAP_PROHIBIT);
get_fast_modinfo($course->id, 0, true);
$cm = get_fast_modinfo($course->id)->instances['assign'][$assign->id];
$this->assertFalse($cm->uservisible);
$this->assertTrue($cm->is_user_access_restricted_by_capability());
// Check calling get_fast_modinfo() for different user:
$this->setAdminUser();
$cm = get_fast_modinfo($course->id)->instances['assign'][$assign->id];
$this->assertTrue($cm->uservisible);
$this->assertFalse($cm->is_user_access_restricted_by_capability());
$cm = get_fast_modinfo($course->id, $student->id)->instances['assign'][$assign->id];
$this->assertFalse($cm->uservisible);
$this->assertTrue($cm->is_user_access_restricted_by_capability());
}
}
$capability = required_param('capability', PARAM_CAPABILITY);
$roleid = required_param('roleid', PARAM_INT);
$action = required_param('action', PARAM_ALPHA);
$capability = $DB->get_record('capabilities', array('name' => $capability), '*', MUST_EXIST);
if (!isset($overridableroles[$roleid])) {
throw new moodle_exception('invalidarguments');
}
if (!has_capability('moodle/role:override', $context)) {
if (!has_capability('moodle/role:safeoverride', $context) || !is_safe_capability($capability)) {
require_capability('moodle/role:override', $context);
}
}
switch ($action) {
case 'allow':
role_change_permission($roleid, $context, $capability->name, CAP_ALLOW);
break;
case 'prevent':
role_change_permission($roleid, $context, $capability->name, CAP_PREVENT);
break;
case 'prohibit':
role_change_permission($roleid, $context, $capability->name, CAP_PROHIBIT);
break;
case 'unprohibit':
role_change_permission($roleid, $context, $capability->name, CAP_INHERIT);
break;
default:
throw new moodle_exception('invalidarguments');
}
echo json_encode($action);
die;
public function test_cohort_get_all_cohorts()
{
global $DB;
$this->resetAfterTest();
$category1 = $this->getDataGenerator()->create_category();
$category2 = $this->getDataGenerator()->create_category();
$cohort1 = $this->getDataGenerator()->create_cohort(array('contextid' => context_coursecat::instance($category1->id)->id, 'name' => 'aaagrrryyy', 'idnumber' => '', 'description' => ''));
$cohort2 = $this->getDataGenerator()->create_cohort(array('contextid' => context_coursecat::instance($category1->id)->id, 'name' => 'bbb', 'idnumber' => '', 'description' => 'yyybrrr'));
$cohort3 = $this->getDataGenerator()->create_cohort(array('contextid' => context_coursecat::instance($category2->id)->id, 'name' => 'ccc', 'idnumber' => 'xxarrrghyyy', 'description' => 'po_us'));
$cohort4 = $this->getDataGenerator()->create_cohort(array('contextid' => context_system::instance()->id));
// Get list of all cohorts as admin.
$this->setAdminUser();
$result = cohort_get_all_cohorts(0, 100, '');
$this->assertEquals(4, $result['totalcohorts']);
$this->assertEquals(array($cohort1->id => $cohort1, $cohort2->id => $cohort2, $cohort3->id => $cohort3, $cohort4->id => $cohort4), $result['cohorts']);
$this->assertEquals(4, $result['allcohorts']);
$result = cohort_get_all_cohorts(0, 100, 'grrr');
$this->assertEquals(1, $result['totalcohorts']);
$this->assertEquals(array($cohort1->id => $cohort1), $result['cohorts']);
$this->assertEquals(4, $result['allcohorts']);
// Get list of all cohorts as manager who has capability everywhere.
$user = $this->getDataGenerator()->create_user();
$managerrole = $DB->get_record('role', array('shortname' => 'manager'));
role_assign($managerrole->id, $user->id, context_system::instance()->id);
$this->setUser($user);
$result = cohort_get_all_cohorts(0, 100, '');
$this->assertEquals(4, $result['totalcohorts']);
$this->assertEquals(array($cohort1->id => $cohort1, $cohort2->id => $cohort2, $cohort3->id => $cohort3, $cohort4->id => $cohort4), $result['cohorts']);
$this->assertEquals(4, $result['allcohorts']);
$result = cohort_get_all_cohorts(0, 100, 'grrr');
$this->assertEquals(1, $result['totalcohorts']);
$this->assertEquals(array($cohort1->id => $cohort1), $result['cohorts']);
$this->assertEquals(4, $result['allcohorts']);
// Get list of all cohorts as manager who has capability everywhere except category2.
$context2 = context_coursecat::instance($category2->id);
role_change_permission($managerrole->id, $context2, 'moodle/cohort:view', CAP_PROHIBIT);
role_change_permission($managerrole->id, $context2, 'moodle/cohort:manage', CAP_PROHIBIT);
$this->assertFalse(has_any_capability(array('moodle/cohort:view', 'moodle/cohort:manage'), $context2));
$result = cohort_get_all_cohorts(0, 100, '');
$this->assertEquals(3, $result['totalcohorts']);
$this->assertEquals(array($cohort1->id => $cohort1, $cohort2->id => $cohort2, $cohort4->id => $cohort4), $result['cohorts']);
$this->assertEquals(3, $result['allcohorts']);
$result = cohort_get_all_cohorts(0, 100, 'grrr');
$this->assertEquals(1, $result['totalcohorts']);
$this->assertEquals(array($cohort1->id => $cohort1), $result['cohorts']);
$this->assertEquals(3, $result['allcohorts']);
$result = cohort_get_cohorts(context_coursecat::instance($category1->id)->id, 1, 1, 'yyy');
$this->assertEquals(2, $result['totalcohorts']);
$this->assertEquals(array($cohort2->id => $cohort2), $result['cohorts']);
$this->assertEquals(2, $result['allcohorts']);
}
/**
* Test if course creator future capability lookup works.
*/
public function test_guess_if_creator_will_have_course_capability()
{
global $DB, $CFG, $USER;
$this->resetAfterTest();
$category = $this->getDataGenerator()->create_category();
$course = $this->getDataGenerator()->create_course(array('category' => $category->id));
$syscontext = context_system::instance();
$categorycontext = context_coursecat::instance($category->id);
$coursecontext = context_course::instance($course->id);
$studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
$teacherrole = $DB->get_record('role', array('shortname' => 'editingteacher'), '*', MUST_EXIST);
$creatorrole = $DB->get_record('role', array('shortname' => 'coursecreator'), '*', MUST_EXIST);
$managerrole = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
$this->assertEquals($teacherrole->id, $CFG->creatornewroleid);
$creator = $this->getDataGenerator()->create_user();
$manager = $this->getDataGenerator()->create_user();
role_assign($managerrole->id, $manager->id, $categorycontext);
$this->assertFalse(has_capability('moodle/course:view', $categorycontext, $creator));
$this->assertFalse(has_capability('moodle/role:assign', $categorycontext, $creator));
$this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $creator));
$this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $creator));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $creator));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $creator));
$this->assertTrue(has_capability('moodle/role:assign', $categorycontext, $manager));
$this->assertTrue(has_capability('moodle/course:visibility', $categorycontext, $manager));
$this->assertTrue(has_capability('moodle/course:visibility', $coursecontext, $manager));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $manager->id));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $manager->id));
$this->assertEquals(0, $USER->id);
$this->assertFalse(has_capability('moodle/course:view', $categorycontext));
$this->assertFalse(has_capability('moodle/role:assign', $categorycontext));
$this->assertFalse(has_capability('moodle/course:visibility', $categorycontext));
$this->assertFalse(has_capability('moodle/course:visibility', $coursecontext));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext));
$this->setUser($manager);
$this->assertTrue(has_capability('moodle/role:assign', $categorycontext));
$this->assertTrue(has_capability('moodle/course:visibility', $categorycontext));
$this->assertTrue(has_capability('moodle/course:visibility', $coursecontext));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext));
$this->setAdminUser();
$this->assertTrue(has_capability('moodle/role:assign', $categorycontext));
$this->assertTrue(has_capability('moodle/course:visibility', $categorycontext));
$this->assertTrue(has_capability('moodle/course:visibility', $coursecontext));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext));
$this->setUser(0);
role_assign($creatorrole->id, $creator->id, $categorycontext);
$this->assertFalse(has_capability('moodle/role:assign', $categorycontext, $creator));
$this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $creator));
$this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $creator));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $creator));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $creator));
$this->setUser($creator);
$this->assertFalse(has_capability('moodle/role:assign', $categorycontext, null));
$this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, null));
$this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, null));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, null));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, null));
$this->setUser(0);
set_config('creatornewroleid', $studentrole->id);
$this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $creator));
$this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $creator));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $creator));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $creator));
set_config('creatornewroleid', $teacherrole->id);
role_change_permission($managerrole->id, $categorycontext, 'moodle/course:visibility', CAP_PREVENT);
role_assign($creatorrole->id, $manager->id, $categorycontext);
$this->assertTrue(has_capability('moodle/course:view', $categorycontext, $manager));
$this->assertTrue(has_capability('moodle/course:view', $coursecontext, $manager));
$this->assertTrue(has_capability('moodle/role:assign', $categorycontext, $manager));
$this->assertTrue(has_capability('moodle/role:assign', $coursecontext, $manager));
$this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $manager));
$this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $manager));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $manager));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $manager));
role_change_permission($managerrole->id, $categorycontext, 'moodle/course:view', CAP_PREVENT);
$this->assertTrue(has_capability('moodle/role:assign', $categorycontext, $manager));
$this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $manager));
$this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $manager));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $manager));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $manager));
$this->getDataGenerator()->enrol_user($manager->id, $course->id, 0);
$this->assertTrue(has_capability('moodle/role:assign', $categorycontext, $manager));
$this->assertTrue(has_capability('moodle/role:assign', $coursecontext, $manager));
$this->assertTrue(is_enrolled($coursecontext, $manager));
$this->assertFalse(has_capability('moodle/course:visibility', $categorycontext, $manager));
$this->assertFalse(has_capability('moodle/course:visibility', $coursecontext, $manager));
$this->assertTrue(guess_if_creator_will_have_course_capability('moodle/course:visibility', $categorycontext, $manager));
$this->assertFalse(guess_if_creator_will_have_course_capability('moodle/course:visibility', $coursecontext, $manager));
// Test problems.
try {
guess_if_creator_will_have_course_capability('moodle/course:visibility', $syscontext, $creator);
$this->fail('Exception expected when non course/category context passed to guess_if_creator_will_have_course_capability()');
} catch (moodle_exception $e) {
$this->assertInstanceOf('coding_exception', $e);
}
}
/**
* Tests the filter_users() function.
*/
public function test_filter_users()
{
global $CFG, $DB;
require_once $CFG->dirroot . '/course/lib.php';
$this->resetAfterTest();
$CFG->enableavailability = true;
// Create a course with 2 sections and 2 pages and 3 users.
// Availability is set up initially on the 'page/section 2' items.
$generator = $this->getDataGenerator();
$course = $generator->create_course(array('numsections' => 2), array('createsections' => true));
$u1 = $generator->create_user();
$u2 = $generator->create_user();
$u3 = $generator->create_user();
$studentroleid = $DB->get_field('role', 'id', array('shortname' => 'student'), MUST_EXIST);
$allusers = array($u1->id => $u1, $u2->id => $u2, $u3->id => $u3);
$generator->enrol_user($u1->id, $course->id, $studentroleid);
$generator->enrol_user($u2->id, $course->id, $studentroleid);
$generator->enrol_user($u3->id, $course->id, $studentroleid);
// Page 2 allows access to users 2 and 3, while section 2 allows access
// to users 1 and 2.
$pagegen = $generator->get_plugin_generator('mod_page');
$page = $pagegen->create_instance(array('course' => $course));
$page2 = $pagegen->create_instance(array('course' => $course, 'availability' => '{"op":"|","show":true,"c":[{"type":"mock","filter":[' . $u2->id . ',' . $u3->id . ']}]}'));
$modinfo = get_fast_modinfo($course);
$section = $modinfo->get_section_info(1);
$section2 = $modinfo->get_section_info(2);
$DB->set_field('course_sections', 'availability', '{"op":"|","show":true,"c":[{"type":"mock","filter":[' . $u1->id . ',' . $u2->id . ']}]}', array('id' => $section2->id));
moveto_module($modinfo->get_cm($page2->cmid), $section2);
// With no restrictions, returns full list.
$info = new info_module($modinfo->get_cm($page->cmid));
$this->assertEquals(array($u1->id, $u2->id, $u3->id), array_keys($info->filter_user_list($allusers)));
// Set an availability restriction in database for section 1.
// For the section we set it so it doesn't support filters; for the
// module we have a filter.
$DB->set_field('course_sections', 'availability', '{"op":"|","show":true,"c":[{"type":"mock","a":false}]}', array('id' => $section->id));
$DB->set_field('course_modules', 'availability', '{"op":"|","show":true,"c":[{"type":"mock","filter":[' . $u3->id . ']}]}', array('id' => $page->cmid));
rebuild_course_cache($course->id, true);
$modinfo = get_fast_modinfo($course);
// Now it should work (for the module).
$info = new info_module($modinfo->get_cm($page->cmid));
$this->assertEquals(array($u3->id), array_keys($info->filter_user_list($allusers)));
$info = new info_section($modinfo->get_section_info(1));
$this->assertEquals(array($u1->id, $u2->id, $u3->id), array_keys($info->filter_user_list($allusers)));
// With availability disabled, module returns full list too.
$CFG->enableavailability = false;
$info = new info_module($modinfo->get_cm($page->cmid));
$this->assertEquals(array($u1->id, $u2->id, $u3->id), array_keys($info->filter_user_list($allusers)));
// Check the other section...
$CFG->enableavailability = true;
$info = new info_section($modinfo->get_section_info(2));
$this->assertEquals(array($u1->id, $u2->id), array_keys($info->filter_user_list($allusers)));
// And the module in that section - which has combined the section and
// module restrictions.
$info = new info_module($modinfo->get_cm($page2->cmid));
$this->assertEquals(array($u2->id), array_keys($info->filter_user_list($allusers)));
// If the students have viewhiddenactivities, they get past the module
// restriction.
role_change_permission($studentroleid, context_module::instance($page2->cmid), 'moodle/course:viewhiddenactivities', CAP_ALLOW);
$expected = array($u1->id, $u2->id);
$this->assertEquals($expected, array_keys($info->filter_user_list($allusers)));
// If they have viewhiddensections, they also get past the section
// restriction.
role_change_permission($studentroleid, context_course::instance($course->id), 'moodle/course:viewhiddensections', CAP_ALLOW);
$expected = array($u1->id, $u2->id, $u3->id);
$this->assertEquals($expected, array_keys($info->filter_user_list($allusers)));
}
public function test_oublog_get_posts_individual()
{
global $USER, $DB;
$this->resetAfterTest(true);
$this->setAdminUser();
$course = $this->get_new_course();
$stud1 = $this->get_new_user('student', $course->id);
$stud2 = $this->get_new_user('student', $course->id);
// Test 1 - posts using separate individual.
$oublog = $this->get_new_oublog($course->id, array('individual' => OUBLOG_SEPARATE_INDIVIDUAL_BLOGS));
$cm = get_coursemodule_from_id('oublog', $oublog->cmid);
// First make sure we have some posts to use.
$post1stub = $this->get_post_stub($oublog->id);
$post1stub->userid = $stud1->id;
oublog_add_post($post1stub, $cm, $oublog, $course);
$post2stub = $this->get_post_stub($oublog->id);
$post2stub->userid = $stud2->id;
oublog_add_post($post2stub, $cm, $oublog, $course);
// Get a list of the posts.
$context = context_module::instance($cm->id);
// All individuals.
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, 0);
// Same name of records returned that were added?
$this->assertEquals(2, $recordcount);
// Admin see one individual.
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, 0, $stud1->id);
$this->assertEquals(1, $recordcount);
// User see own.
$this->setUser($stud1);
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, 0, $stud1->id);
$this->assertEquals(1, $recordcount);
// User see others?
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, 0, $stud2->id);
// Odd behaviour in oublog_get_posts() + oublog_individual_add_to_sqlwhere() in this case.
// Due to user not being able to see blog the individual filter does not get applied.
$this->assertEquals(2, $recordcount);
// Give user permission to see other individuals.
$role = $DB->get_record('role', array('shortname' => 'student'));
role_change_permission($role->id, $context, 'mod/oublog:viewindividual', CAP_ALLOW);
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, 0, $stud2->id);
$this->assertEquals(1, $recordcount);
// Test 2. posts using visible individual with separate groups.
$this->setAdminUser();
$group1 = $this->get_new_group($course->id);
$group2 = $this->get_new_group($course->id);
$this->get_new_group_member($group1->id, $stud1->id);
$this->get_new_group_member($group2->id, $stud2->id);
$stud3 = $this->get_new_user('student', $course->id);
$this->get_new_group_member($group1->id, $stud3->id);
// New user also in group 1.
$oublog = $this->get_new_oublog($course->id, array('individual' => OUBLOG_VISIBLE_INDIVIDUAL_BLOGS, 'groupmode' => SEPARATEGROUPS));
$cm = get_coursemodule_from_id('oublog', $oublog->cmid);
// First make sure we have some posts to use.
$post1stub = $this->get_post_stub($oublog->id);
$post1stub->userid = $stud1->id;
oublog_add_post($post1stub, $cm, $oublog, $course);
$post2stub = $this->get_post_stub($oublog->id);
$post2stub->userid = $stud2->id;
oublog_add_post($post2stub, $cm, $oublog, $course);
// Get a list of the posts.
$context = context_module::instance($cm->id);
// Admin - group + individual 0.
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, 0, 0);
$this->assertEquals(2, $recordcount);
// Admin - group.
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, $group1->id, 0);
$this->assertEquals(1, $recordcount);
// Admin - individual.
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, $group1->id, $stud1->id);
$this->assertEquals(1, $recordcount);
// User Own group (but not their post).
$this->setUser($stud3);
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, $group1->id, 0);
$this->assertEquals(1, $recordcount);
// User own group and another individual.
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, $group1->id, $stud1->id);
$this->assertEquals(1, $recordcount);
// User other group (Note as don't have access all get returned as no filter applied).
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, $group2->id, 0);
$this->assertEquals(2, $recordcount);
// User other individual (Note as don't have access all get returned as no filter applied).
list($posts, $recordcount) = oublog_get_posts($oublog, $context, 0, $cm, $group2->id, $stud2->id);
$this->assertEquals(2, $recordcount);
}
/**
* This function tests the teacher searching when no course category or course is selected.
*/
public function test_teachersquery_no_filter()
{
global $CFG;
$this->resetAfterTest(true);
require_once $CFG->dirroot . '/report/ncccscensus/lib.php';
$data = $this->createdata_for_teacherfilter();
// Assign role and remove capability.
$coursecontext = context_course::instance($data['course1']->id);
$roles = get_role_names_with_caps_in_context($coursecontext, array('moodle/grade:edit'));
$roleid = 0;
foreach ($roles as $rid => $role) {
$roleid = $rid;
$this->getDataGenerator()->enrol_user($data['user1']->id, $data['course1']->id, $roleid);
break;
}
// Test: one user is returned.
$results = report_ncccscensus_teacher_search('teacher', array(), array());
$this->assertEquals(1, count($results));
$this->assertArrayHasKey('name', $results[0]);
$this->assertArrayHasKey('id', $results[0]);
$this->assertEquals($data['user1']->id, $results[0]['id']);
// Remove the capability from the user's role in the course.
role_change_permission($roleid, $coursecontext, 'moodle/grade:edit', CAP_PREVENT);
// Test: no user is returned
$results = report_ncccscensus_teacher_search('teacher', array(), array());
$this->assertEquals(1, count($results));
$this->assertArrayHasKey('name', $results[0]);
$this->assertArrayNotHasKey('id', $results[0]);
// Test: one of two users are returned.
$this->getDataGenerator()->enrol_user($data['user2']->id, $data['course3']->id, $roleid);
$results = report_ncccscensus_teacher_search('teacher', array(), array());
$this->assertEquals(1, count($results));
$this->assertArrayHasKey('name', $results[0]);
$this->assertArrayHasKey('id', $results[0]);
$this->assertEquals($data['user2']->id, $results[0]['id']);
}
/**
* This file keeps track of upgrades to the wiki module
*
* Sometimes, changes between versions involve
* alterations to database structures and other
* major things that may break installations.
*
* The upgrade function in this file will attempt
* to perform all the necessary actions to upgrade
* your older installation to the current version.
*
* @package mod-wiki-2.0
* @copyrigth 2009 Marc Alier, Jordi Piguillem marc.alier@upc.edu
* @copyrigth 2009 Universitat Politecnica de Catalunya http://www.upc.edu
*
* @author Jordi Piguillem
*
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
*
*/
function xmldb_wiki_upgrade($oldversion)
{
global $CFG, $DB, $OUTPUT;
$dbman = $DB->get_manager();
// Step 0: Add new fields to main wiki table
if ($oldversion < 2010040100) {
require_once dirname(__FILE__) . '/upgradelib.php';
echo $OUTPUT->notification('Adding new fields to wiki table', 'notifysuccess');
wiki_add_wiki_fields();
upgrade_mod_savepoint(true, 2010040100, 'wiki');
}
// Step 1: Rename old tables
if ($oldversion < 2010040101) {
$tables = array('wiki_pages', 'wiki_locks', 'wiki_entries');
echo $OUTPUT->notification('Renaming old wiki module tables', 'notifysuccess');
foreach ($tables as $tablename) {
$table = new xmldb_table($tablename);
if ($dbman->table_exists($table)) {
if ($dbman->table_exists($table)) {
$dbman->rename_table($table, $tablename . '_old');
}
}
}
upgrade_mod_savepoint(true, 2010040101, 'wiki');
}
// Step 2: Creating new tables
if ($oldversion < 2010040102) {
require_once dirname(__FILE__) . '/upgradelib.php';
echo $OUTPUT->notification('Installing new wiki module tables', 'notifysuccess');
wiki_upgrade_install_20_tables();
upgrade_mod_savepoint(true, 2010040102, 'wiki');
}
// Step 3: migrating wiki instances
if ($oldversion < 2010040103) {
upgrade_set_timeout();
// Setting up wiki configuration
$sql = "UPDATE {wiki}\n SET intro = summary,\n firstpagetitle = pagename,\n defaultformat = ?";
$DB->execute($sql, array('html'));
$sql = "UPDATE {wiki}\n SET wikimode = ?\n WHERE wtype = ?";
$DB->execute($sql, array('collaborative', 'group'));
$sql = "UPDATE {wiki}\n SET wikimode = ?\n WHERE wtype != ?";
$DB->execute($sql, array('individual', 'group'));
// Removing edit & create capability to students in old teacher wikis
$studentroles = $DB->get_records('role', array('archetype' => 'student'));
$wikis = $DB->get_records('wiki');
foreach ($wikis as $wiki) {
echo $OUTPUT->notification('Migrating ' . $wiki->wtype . ' type wiki instance: ' . $wiki->name, 'notifysuccess');
if ($wiki->wtype == 'teacher') {
$cm = get_coursemodule_from_instance('wiki', $wiki->id);
$context = get_context_instance(CONTEXT_MODULE, $cm->id);
foreach ($studentroles as $studentrole) {
role_change_permission($studentrole->id, $context, 'mod/wiki:editpage', CAP_PROHIBIT);
role_change_permission($studentrole->id, $context, 'mod/wiki:createpage', CAP_PROHIBIT);
}
}
}
echo $OUTPUT->notification('Migrating old wikis to new wikis', 'notifysuccess');
upgrade_mod_savepoint(true, 2010040103, 'wiki');
}
// Step 4: migrating wiki entries to new subwikis
if ($oldversion < 2010040104) {
/**
* Migrating wiki entries to new subwikis
*/
$sql = "INSERT INTO {wiki_subwikis} (wikiid, groupid, userid)\n SELECT DISTINCT e.wikiid, e.groupid, e.userid\n FROM {wiki_entries_old} e";
echo $OUTPUT->notification('Migrating old entries to new subwikis', 'notifysuccess');
$DB->execute($sql, array());
upgrade_mod_savepoint(true, 2010040104, 'wiki');
}
// Step 5: Migrating pages
if ($oldversion < 2010040105) {
// select all wiki pages
$sql = "SELECT s.id, p.pagename, p.created, p.lastmodified, p.userid, p.hits\n FROM {wiki_pages_old} p\n LEFT OUTER JOIN {wiki_entries_old} e ON e.id = p.wiki\n LEFT OUTER JOIN {wiki_subwikis} s ON s.wikiid = e.wikiid AND s.groupid = e.groupid AND s.userid = e.userid\n WHERE p.version = (SELECT max(po.version)\n FROM {wiki_pages_old} po\n WHERE p.pagename = po.pagename AND p.wiki = po.wiki)";
echo $OUTPUT->notification('Migrating old pages to new pages', 'notifysuccess');
$records = $DB->get_recordset_sql($sql);
foreach ($records as $record) {
$page = new stdclass();
$page->subwikiid = $record->id;
$page->title = $record->pagename;
$page->cachedcontent = '**reparse needed**';
$page->timecreated = $record->created;
$page->timemodified = $record->lastmodified;
$page->userid = $record->userid;
$page->pageviews = $record->hits;
try {
// make sure there is no duplicated records exist
if (!$DB->record_exists('wiki_pages', array('subwikiid' => $record->id, 'userid' => $record->userid, 'title' => $record->pagename))) {
$DB->insert_record('wiki_pages', $page);
}
} catch (dml_exception $e) {
// catch possible insert exception
debugging($e->getMessage());
continue;
}
}
$records->close();
upgrade_mod_savepoint(true, 2010040105, 'wiki');
}
// Step 6: Migrating versions
if ($oldversion < 2010040106) {
require_once dirname(__FILE__) . '/upgradelib.php';
echo $OUTPUT->notification('Migrating old history to new history', 'notifysuccess');
wiki_upgrade_migrate_versions();
upgrade_mod_savepoint(true, 2010040106, 'wiki');
}
// Step 7: refresh cachedcontent and fill wiki links table
if ($oldversion < 2010040107) {
require_once $CFG->dirroot . '/mod/wiki/locallib.php';
upgrade_set_timeout();
$pages = $DB->get_recordset('wiki_pages');
foreach ($pages as $page) {
wiki_refresh_cachedcontent($page);
}
$pages->close();
echo $OUTPUT->notification('Caching content', 'notifysuccess');
upgrade_mod_savepoint(true, 2010040107, 'wiki');
}
// Step 8, migrating files
if ($oldversion < 2010040108) {
$fs = get_file_storage();
$sql = "SELECT files.*, po.meta AS filemeta FROM {wiki_pages_old} po JOIN (\n SELECT DISTINCT po.id, po.pagename, w.id AS wikiid, po.userid,\n eo.id AS entryid, eo.groupid, s.id AS subwiki,\n w.course AS courseid, cm.id AS cmid\n FROM {wiki_pages_old} po\n LEFT OUTER JOIN {wiki_entries_old} eo\n ON eo.id=po.wiki\n LEFT OUTER JOIN {wiki} w\n ON w.id = eo.wikiid\n LEFT OUTER JOIN {wiki_subwikis} s\n ON s.groupid = eo.groupid AND s.wikiid = eo.wikiid AND eo.userid = s.userid\n JOIN {modules} m ON m.name = 'wiki'\n JOIN {course_modules} cm ON (cm.module = m.id AND cm.instance = w.id)\n ) files ON files.id = po.id";
$rs = $DB->get_recordset_sql($sql);
foreach ($rs as $r) {
if (strpos($r->pagename, 'internal://') !== false) {
// Found a file resource!
$pattern = 'internal://';
$matches = array();
$filename = str_replace($pattern, '', $r->pagename);
$orgifilename = $filename = clean_param($filename, PARAM_FILE);
$context = get_context_instance(CONTEXT_MODULE, $r->cmid);
$filemeta = unserialize($r->filemeta);
$filesection = $filemeta['section'];
// When attach a file to wiki page, user can customize the file name instead of original file name
// if user did, old wiki will create two pages, internal://original_pagename and internal://renamed_pagename
// internal://original_pagename record has renamed pagename in meta field
// but all file have this field
// old wiki will rename file names to filter space and special character
if (!empty($filemeta['Content-Location'])) {
$orgifilename = urldecode($filemeta['Content-Location']);
$orgifilename = str_replace(' ', '_', $orgifilename);
}
$thefile = $CFG->dataroot . '/' . $r->courseid . '/moddata/wiki/' . $r->wikiid . '/' . $r->entryid . '/' . $filesection . '/' . $filename;
if (is_file($thefile) && is_readable($thefile)) {
$filerecord = array('contextid' => $context->id, 'component' => 'mod_wiki', 'filearea' => 'attachments', 'itemid' => $r->subwiki, 'filepath' => '/', 'filename' => $orgifilename, 'userid' => $r->userid);
if (!$fs->file_exists($context->id, 'mod_wiki', 'attachments', $r->subwiki, '/', $orgifilename)) {
//echo $OUTPUT->notification('Migrating file '.$orgifilename, 'notifysuccess');
$storedfile = $fs->create_file_from_pathname($filerecord, $thefile);
}
// we have to create another file here to make sure interlinks work
if (!$fs->file_exists($context->id, 'mod_wiki', 'attachments', $r->subwiki, '/', $filename)) {
$filerecord['filename'] = $filename;
//echo $OUTPUT->notification('Migrating file '.$filename, 'notifysuccess');
$storedfile = $fs->create_file_from_pathname($filerecord, $thefile);
}
} else {
echo $OUTPUT->notification("Bad data found: {$r->pagename} <br/> Expected file path: {$thefile} Please fix the bad file path manually.");
}
}
}
$rs->close();
upgrade_mod_savepoint(true, 2010040108, 'wiki');
}
// Step 9: clean wiki table
if ($oldversion < 2010040109) {
$fields = array('summary', 'pagename', 'wtype', 'ewikiprinttitle', 'htmlmode', 'ewikiacceptbinary', 'disablecamelcase', 'setpageflags', 'strippages', 'removepages', 'revertchanges', 'initialcontent');
$table = new xmldb_table('wiki');
foreach ($fields as $fieldname) {
$field = new xmldb_field($fieldname);
if ($dbman->field_exists($table, $field)) {
$dbman->drop_field($table, $field);
}
}
echo $OUTPUT->notification('Cleaning wiki table', 'notifysuccess');
upgrade_mod_savepoint(true, 2010040109, 'wiki');
}
if ($oldversion < 2010080201) {
$sql = "UPDATE {comments}\n SET commentarea = 'wiki_page'\n WHERE commentarea = 'wiki_comment_section'";
$DB->execute($sql);
$sql = "UPDATE {tag_instance}\n SET itemtype = 'wiki_page'\n WHERE itemtype = 'wiki'";
$DB->execute($sql);
echo $OUTPUT->notification('Updating comments and tags', 'notifysuccess');
upgrade_mod_savepoint(true, 2010080201, 'wiki');
}
if ($oldversion < 2010102500) {
// Define key subwikifk (foreign) to be added to wiki_pages
$table = new xmldb_table('wiki_pages');
$key = new xmldb_key('subwikifk', XMLDB_KEY_FOREIGN, array('subwikiid'), 'wiki_subwikis', array('id'));
// Launch add key subwikifk
$dbman->add_key($table, $key);
// Define key subwikifk (foreign) to be added to wiki_links
$table = new xmldb_table('wiki_links');
$key = new xmldb_key('subwikifk', XMLDB_KEY_FOREIGN, array('subwikiid'), 'wiki_subwikis', array('id'));
// Launch add key subwikifk
$dbman->add_key($table, $key);
// wiki savepoint reached
upgrade_mod_savepoint(true, 2010102500, 'wiki');
}
if ($oldversion < 2010102800) {
$sql = "UPDATE {tag_instance}\n SET itemtype = 'wiki_pages'\n WHERE itemtype = 'wiki_page'";
$DB->execute($sql);
echo $OUTPUT->notification('Updating tags itemtype', 'notifysuccess');
upgrade_mod_savepoint(true, 2010102800, 'wiki');
}
if ($oldversion < 2011011000) {
// Fix wiki in the post table after upgrade from 1.9
$table = new xmldb_table('wiki');
// name should default to Wiki
$field = new xmldb_field('name', XMLDB_TYPE_CHAR, 255, null, XMLDB_NOTNULL, null, 'Wiki', 'course');
if ($dbman->field_exists($table, $field)) {
$dbman->change_field_default($table, $field);
}
// timecreated field is missing after 1.9 upgrade
$field = new xmldb_field('timecreated', XMLDB_TYPE_INTEGER, 10, XMLDB_UNSIGNED, XMLDB_NOTNULL, null, 0, 'introformat');
if (!$dbman->field_exists($table, $field)) {
$dbman->add_field($table, $field);
}
// timemodified field is missing after 1.9 upgrade
$field = new xmldb_field('timemodified', XMLDB_TYPE_INTEGER, 10, XMLDB_UNSIGNED, XMLDB_NOTNULL, null, 0, 'timecreated');
if (!$dbman->field_exists($table, $field)) {
$dbman->add_field($table, $field);
}
// scaleid is not there any more
$field = new xmldb_field('scaleid', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, XMLDB_NOTNULL, null, '0', null);
if ($dbman->field_exists($table, $field)) {
$dbman->drop_field($table, $field);
}
upgrade_mod_savepoint(true, 2011011000, 'wiki');
}
// TODO: Will hold the old tables so we will have chance to fix problems
// Will remove old tables once migrating 100% stable
// Step 10: delete old tables
//if ($oldversion < 2011060300) {
//$tables = array('wiki_pages', 'wiki_locks', 'wiki_entries');
//foreach ($tables as $tablename) {
//$table = new xmldb_table($tablename . '_old');
//if ($dbman->table_exists($table)) {
//$dbman->drop_table($table);
//}
//}
//echo $OUTPUT->notification('Droping old tables', 'notifysuccess');
//upgrade_mod_savepoint(true, 2011060300, 'wiki');
//}
return true;
}
/**
* Test the method mod_workshop_portfolio_caller::check_permissions()
*/
public function test_check_permissions_exportownsubmissionassessment()
{
global $DB;
$this->resetAfterTest(true);
$context = context_module::instance($this->cm->id);
$student1 = $this->getDataGenerator()->create_user();
$student2 = $this->getDataGenerator()->create_user();
$roleids = $DB->get_records_menu('role', null, '', 'shortname, id');
$this->getDataGenerator()->enrol_user($student1->id, $this->workshop->course->id, $roleids['student']);
$this->getDataGenerator()->enrol_user($student2->id, $this->workshop->course->id, $roleids['student']);
$workshopgenerator = $this->getDataGenerator()->get_plugin_generator('mod_workshop');
$subid1 = $workshopgenerator->create_submission($this->workshop->id, $student1->id);
$asid1 = $workshopgenerator->create_assessment($subid1, $student2->id);
$this->setUser($student1);
$portfoliocaller = new mod_workshop_portfolio_caller(['id' => $this->workshop->cm->id, 'submissionid' => $subid1]);
role_change_permission($roleids['student'], $context, 'mod/workshop:exportsubmissions', CAP_PREVENT);
$this->assertFalse($portfoliocaller->check_permissions());
role_change_permission($roleids['student'], $context, 'mod/workshop:exportsubmissions', CAP_ALLOW);
$this->assertTrue($portfoliocaller->check_permissions());
}
static function add($modulename, $courseid, $atstart = 0, $ifexists = 0, $moduleparams = null, $section = 0, $visible = 0, $permissionsoverrides = array())
{
global $DB, $CFG;
// Check module type exists
if (!($module = $DB->get_record('modules', array('name' => $modulename), '*'))) {
return array(false, 'Module type not found');
}
// Check course exists
if (!($course = $DB->get_record('course', array('id' => $courseid), '*'))) {
return array(false, 'Course not found');
}
// Check course is correct format
if ($course->format == 'site' || $course->format == 'social' || $course->format == 'scorm') {
return array(false, 'Course is not a weekly or topic type, skipping');
}
// Check user has required permissions to add course module
$requiredcapabilities = array('moodle/course:manageactivities', 'moodle/course:activityvisibility', 'moodle/role:override');
if (!has_all_capabilities($requiredcapabilities, context_course::instance($courseid))) {
return array(false, 'Insufficient permissions to add course module');
}
// Set course module initial data
$newcm = new stdClass();
$newcm->course = $course->id;
$newcm->module = $module->id;
$newcm->modulename = $module->name;
$newcm->section = 0;
$newcm->instance = 0;
$newcm->visible = $visible;
$newcm->groupmode = 0;
// No groups
$newcm->groupingid = 0;
$newcm->groupmembersonly = 0;
$newcm->showdescription = 0;
$newcm->cmidnumber = '';
// Check whether module plugin class exists for selected module otherwise use generic module plugin
$modulepluginclass = 'module_plugin_' . $modulename;
$modulepluginfilename = 'moduleplugins/' . $modulepluginclass . '.php';
if (file_exists($modulepluginfilename)) {
include_once $modulepluginfilename;
$moduleplugin = new $modulepluginclass($moduleparams, $newcm);
} else {
include_once 'moduleplugins/module_plugin_generic.php';
$moduleplugin = new module_plugin_generic($moduleparams, $newcm, $modulename);
$modulepluginclass = 'module_plugin_generic';
}
// Check that module params XML is valid
if (!$modulepluginclass::check_params_xml($moduleparams)) {
return array(false, 'Module parameters not valid');
}
$newcm->name = (string) $moduleparams->title;
$newcm->intro = (string) $moduleparams->description;
$newcm->introformat = 1;
// Check whether module instance with title already exists
$sql = 'SELECT COUNT(*) AS count FROM {course_sections} AS cs JOIN {course_modules} AS cm ON cm.section = cs.id JOIN {modules} AS ms ON ms.id = cm.module JOIN {' . $module->name . '} AS m ON m.id = cm.instance WHERE cs.course = ? AND cs.section = ? AND m.name = ? AND ms.name = ?';
$instances = $DB->get_record_sql($sql, array($course->id, $section, $newcm->name, $module->name));
if ($instances->count > 0) {
if ($ifexists == 0) {
return array(false, 'Already exists, skipping');
} else {
if ($ifexists == 2) {
if (!self::delete($modulename, $course, $newcm->name, $section)) {
return array(false, 'Error removing existing module instance(s), could not replace');
}
}
}
}
// Create course module
if (!($newcm->coursemodule = add_course_module($newcm))) {
return array(false, 'Could not create course module');
}
// Create module instance
$ret = $moduleplugin->create_instance();
if (!$ret[0]) {
return $ret;
}
// Update course_modules DB row to reference new module instance
$DB->set_field('course_modules', 'instance', $newcm->instance, array('id' => $newcm->coursemodule));
// course_modules and course_sections each contain a reference
// to each other, so we have to update one of them twice.
if ($atstart) {
if (!($section = $DB->get_record('course_sections', array('course' => $newcm->course, 'section' => $newcm->section)))) {
// Section doesn't already exist so create it in normal manner
// $sectionid = add_mod_to_section($newcm); JAC change 20160809
// requires course_add_cm_to_section($courseorid, $cmid, $sectionnum, $beforemod = null)
$sectionid = course_add_cm_to_section($newcm->course, $newcm->coursemodule, $newcm->section);
} else {
// Moodle's add_mod_to_section add before functionality is broken so we have to do this here
$section->sequence = trim($section->sequence);
if (empty($section->sequence)) {
$newsequence = "{$newcm->coursemodule}";
} else {
$newsequence = "{$newcm->coursemodule},{$section->sequence}";
}
$DB->set_field("course_sections", "sequence", $newsequence, array("id" => $section->id));
$sectionid = $section->id;
}
} else {
// $sectionid = add_mod_to_section($newcm); JAC change 20160809
$sectionid = course_add_cm_to_section($newcm->course, $newcm->coursemodule, $newcm->section);
}
$DB->set_field('course_modules', 'section', $sectionid, array('id' => $newcm->coursemodule));
// Trigger post create actions
$ret = $moduleplugin->post_create_setup();
if (!$ret[0]) {
self::delete($modulename, $course, $newcm->name, $section);
return array(false, 'Error carrying out post creation setup. Error was: ' . $ret[1]);
}
// If $permissionsoverrides is not empty, override permissions of specified role capabilites
if (count($permissionsoverrides) > 0) {
$modcontext = context_module::instance($newcm->coursemodule);
foreach ($permissionsoverrides as $permissionoverride) {
$permission = $permissionoverride[2] == 'allow' ? CAP_ALLOW : CAP_PREVENT;
role_change_permission($permissionoverride[0], $modcontext, $permissionoverride[1], $permission);
}
}
// Trigger mod_created event with information about this module.
$eventname = 'mod_created';
$eventdata = new stdClass();
$eventdata->modulename = $module->name;
$eventdata->name = $newcm->name;
$eventdata->cmid = $newcm->coursemodule;
$eventdata->courseid = $course->id;
$eventdata->userid = 0;
events_trigger($eventname, $eventdata);
// Rebuild course cache
rebuild_course_cache($course->id);
return array(true, '');
}
/**
* Test access/permissions functions, the can_...() functions in mod_forumng class.
*/
public function test_can_x()
{
global $USER, $DB;
$this->resetAfterTest(true);
$this->setAdminUser();
$adminid = $USER->id;
$generator = $this->getDataGenerator()->get_plugin_generator('mod_forumng');
$course = $this->get_new_course();
$user1 = $this->get_new_user('editingteacher', $course->id);
$role = $DB->get_record('role', array('shortname' => 'editingteacher'));
$group1 = $this->get_new_group($course->id);
$group2 = $this->get_new_group($course->id);
$this->get_new_group_member($group1->id, $user1->id);
$forum1 = $this->get_new_forumng($course->id, array('groupmode' => VISIBLEGROUPS));
$forum2 = $this->get_new_forumng($course->id, array('groupmode' => SEPARATEGROUPS));
// Test can_access_group().
$this->assertTrue($forum1->can_access_group($group1->id, true));
role_change_permission($role->id, $forum1->get_context(), 'moodle/site:accessallgroups', CAP_PREVENT);
role_change_permission($role->id, $forum2->get_context(), 'moodle/site:accessallgroups', CAP_PREVENT);
$this->assertTrue($forum1->can_access_group($group1->id, true, $user1->id));
$this->assertTrue($forum1->can_access_group($group2->id, false, $user1->id));
$this->assertFalse($forum1->can_access_group($group2->id, true, $user1->id));
$this->assertFalse($forum2->can_access_group($group2->id, false, $user1->id));
// Test can_change_subscription() - simple checks, subscriptions tested elsewhere.
$this->assertFalse($forum1->can_change_subscription(1));
// Check guest user.
$this->assertTrue($forum1->can_change_subscription());
$this->assertTrue($forum1->can_change_subscription($user1->id));
$forum3 = $this->get_new_forumng($course->id, array('subscription' => mod_forumng::SUBSCRIPTION_NOT_PERMITTED));
$this->assertFalse($forum3->can_change_subscription());
$forum4 = $this->get_new_forumng($course->id, array('subscription' => mod_forumng::SUBSCRIPTION_FORCED));
$this->assertTrue($forum4->can_change_subscription());
$this->assertFalse($forum4->can_change_subscription(1));
// Check guest user.
// Test can_create_attachments().
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:createattachment', CAP_PREVENT);
$this->assertFalse($forum1->can_create_attachments($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:createattachment', CAP_ALLOW);
$this->assertTrue($forum1->can_create_attachments($user1->id));
// Test can_grade().
$this->assertFalse($forum1->can_grade());
$forum5 = $this->get_new_forumng($course->id, array('grading' => mod_forumng::GRADING_MANUAL));
$this->assertTrue($forum5->can_grade());
// Test can_indicate_moderator().
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:postasmoderator', CAP_PREVENT);
$this->assertFalse($forum1->can_indicate_moderator($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:postasmoderator', CAP_ALLOW);
$this->assertTrue($forum1->can_indicate_moderator($user1->id));
// Test can_mail_now().
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:mailnow', CAP_PREVENT);
$this->assertFalse($forum1->can_mail_now($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:mailnow', CAP_ALLOW);
$this->assertTrue($forum1->can_mail_now($user1->id));
// Test can_manage_discussions().
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:managediscussions', CAP_PREVENT);
$this->assertFalse($forum1->can_manage_discussions($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:managediscussions', CAP_ALLOW);
$this->assertTrue($forum1->can_manage_discussions($user1->id));
// Test can_manage_subscriptions().
$this->assertFalse($forum3->can_manage_subscriptions());
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:managesubscriptions', CAP_PREVENT);
$this->assertFalse($forum1->can_manage_subscriptions($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:managesubscriptions', CAP_ALLOW);
$this->assertTrue($forum1->can_manage_subscriptions($user1->id));
// Test can_mark_read().
$this->assertFalse($forum1->can_mark_read(1));
// Test can_post_anonymously().
$this->assertFalse($forum1->can_post_anonymously());
$forum6 = $this->get_new_forumng($course->id, array('canpostanon' => 1));
role_change_permission($role->id, $forum6->get_context(), 'mod/forumng:postanon', CAP_PREVENT);
$this->assertFalse($forum6->can_post_anonymously($user1->id));
role_change_permission($role->id, $forum6->get_context(), 'mod/forumng:postanon', CAP_ALLOW);
$this->assertTrue($forum6->can_post_anonymously($user1->id));
// Test can_rate().
$this->assertFalse($forum1->can_rate(0));
$basetime = time();
$forum7 = $this->get_new_forumng($course->id, array('ratingscale' => 5, 'ratingfrom' => $basetime - 1, 'ratinguntil' => $basetime + 1));
$this->assertTrue($forum7->can_rate(0));
$this->setUser($user1);
role_change_permission($role->id, $forum7->get_context(), 'mod/forumng:rate', CAP_PREVENT);
$this->assertFalse($forum7->can_rate(0));
role_change_permission($role->id, $forum7->get_context(), 'mod/forumng:rate', CAP_ALLOW);
$this->assertTrue($forum7->can_rate(0));
$this->assertTrue($forum7->can_rate($basetime));
$this->assertFalse($forum7->can_rate($basetime - 1));
$this->assertFalse($forum7->can_rate($basetime + 1));
$this->setAdminUser();
// Test can_set_important().
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:setimportant', CAP_PREVENT);
$this->assertFalse($forum1->can_set_important($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:setimportant', CAP_ALLOW);
$this->assertTrue($forum1->can_set_important($user1->id));
// Test can_start_discussion().
// Check dates.
$forum8 = $this->get_new_forumng($course->id, array('postingfrom' => time() + 1000));
role_change_permission($role->id, $forum8->get_context(), 'mod/forumng:ignorepostlimits', CAP_PREVENT);
$this->assertFalse($forum8->can_start_discussion(-1, $whynot, $user1->id));
$this->assertEmpty($whynot);
$forum9 = $this->get_new_forumng($course->id, array('postinguntil' => time() - 1000, 'maxpostsblock' => 1, 'maxpostsperiod' => 86400));
role_change_permission($role->id, $forum9->get_context(), 'mod/forumng:ignorepostlimits', CAP_PREVENT);
$this->assertFalse($forum9->can_start_discussion(-1, $whynot, $user1->id));
$this->assertEmpty($whynot);
// Check start discussion capability.
$this->assertTrue($forum8->can_start_discussion(-1, $whynot));
role_change_permission($role->id, $forum9->get_context(), 'mod/forumng:ignorepostlimits', CAP_ALLOW);
$this->assertTrue($forum9->can_start_discussion(-1, $whynot, $user1->id));
role_change_permission($role->id, $forum9->get_context(), 'mod/forumng:startdiscussion', CAP_PREVENT);
$this->assertFalse($forum9->can_start_discussion(-1, $whynot, $user1->id));
$this->assertEquals('startdiscussion_nopermission', $whynot);
// Check throttling.
$forum10 = $this->get_new_forumng($course->id, array('maxpostsblock' => 1, 'maxpostsperiod' => 86400));
role_change_permission($role->id, $forum10->get_context(), 'mod/forumng:ignorepostlimits', CAP_PREVENT);
$this->assertTrue($forum10->can_start_discussion(-1, $whynot, $user1->id));
$generator->create_discussion(array('course' => $course, 'forum' => $forum10->get_id(), 'userid' => $user1->id));
$this->assertFalse($forum10->can_start_discussion(-1, $whynot, $user1->id));
// Test can_view_discussions().
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:viewdiscussion', CAP_PREVENT);
$this->assertFalse($forum1->can_view_discussions($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:viewdiscussion', CAP_ALLOW);
$this->assertTrue($forum1->can_view_discussions($user1->id));
// Test can_view_hidden().
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:viewallposts', CAP_PREVENT);
$this->assertFalse($forum1->can_view_hidden($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:viewallposts', CAP_ALLOW);
$this->assertTrue($forum1->can_view_hidden($user1->id));
// Test can_view_subscribers().
$this->assertFalse($forum3->can_view_subscribers());
// Forum with no subscription.
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:viewsubscribers', CAP_PREVENT);
$this->assertFalse($forum1->can_view_subscribers($user1->id));
role_change_permission($role->id, $forum1->get_context(), 'mod/forumng:viewsubscribers', CAP_ALLOW);
$this->assertTrue($forum1->can_view_subscribers($user1->id));
}
public function test_ouwiki_init_individual_wiki_access()
{
global $DB, $USER;
$this->resetAfterTest(true);
$this->setAdminUser();
// Create course, ouwiki, course module, context, groupid, userid.
$user = $this->get_new_user();
$course = $this->get_new_course();
// Enrol user as student on course.
$studentrole = $DB->get_record('role', array('shortname' => 'student'));
$this->getDataGenerator()->enrol_user($user->id, $course->id, $studentrole->id);
// Store admin user id for later use.
$adminuserid = $USER->id;
$this->setUser($user);
// Test invididual wikis.
$ouwiki = $this->get_new_ouwiki($course->id, OUWIKI_SUBWIKIS_INDIVIDUAL);
$cm = get_coursemodule_from_instance('ouwiki', $ouwiki->id);
$this->assertNotEmpty($cm);
$context = context_module::instance($cm->id);
$groupid = 0;
// Add annotation for student role as not allowed by default.
role_change_permission($studentrole->id, $context, 'mod/ouwiki:annotate', CAP_ALLOW);
// Subwiki with 'create'.
$subwiki = ouwiki_get_subwiki($course, $ouwiki, $cm, $context, $groupid, $user->id, true);
$this->check_subwiki($ouwiki, $subwiki, true, $user->id);
// Check admin can access students wiki just created.
$this->setAdminUser();
$subwiki = ouwiki_get_subwiki($course, $ouwiki, $cm, $context, $groupid, $user->id);
$this->check_subwiki($ouwiki, $subwiki, true, $user->id);
// Check student viewing someone else's wiki throws exception (add nothing after this).
$this->setUser($user);
$this->setExpectedException('moodle_exception');
$subwiki = ouwiki_get_subwiki($course, $ouwiki, $cm, $context, $groupid, $adminuserid, true);
$this->fail('Expected exception on access to another users wiki');
// Shouldn't get here.
}
