/** * Determines whether the current user is allowed to enrol users into the provided curriculum * * @param int $curriculumid The id of the curriculum we are checking permissions on * * @return boolean Whether the user is allowed to enrol users into the curriculum * */ static function can_enrol_into_curriculum($curriculumid) { global $USER; //check the standard capability if (curriculumpage::_has_capability('block/curr_admin:curriculum:enrol', $curriculumid)) { return true; } //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:curriculum:enrol_cluster_user', $USER->id); //get the clusters and check the context against them $clusters = clustercurriculum::get_clusters($curriculumid); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { return true; } } } return false; }
/** * Determines whether the current user is allowed to enrol users into the provided curriculum * * @param int $curriculumid The id of the curriculum we are checking permissions on * * @return boolean Whether the user is allowed to enrol users into the curriculum * */ static function can_enrol_into_curriculum($curriculumid) { global $USER; //check the standard capability // TODO: Ugly, this needs to be overhauled $cpage = new curriculumpage(); if ($cpage->_has_capability('local/elisprogram:program_enrol', $curriculumid)) { return true; } //get the context for the "indirect" capability $context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:program_enrol_userset_user', $USER->id); //get the clusters and check the context against them $clusters = clustercurriculum::get_clusters($curriculumid); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { return true; } } } return false; }
/** * Unassign the user from the program. * @param array $elements An array of elements to perform the action on. * @param bool $bulkaction Whether this is a bulk-action or not. * @return array An array to format as JSON and return to the Javascript. */ protected function _respond_to_js(array $elements, $bulkaction) { global $DB; $pgmid = required_param('id', PARAM_INT); // Permissions. $cpage = new curriculumpage(); if ($cpage->_has_capability('local/elisprogram:program_view', $pgmid) !== true) { return array('result' => 'fail', 'msg' => get_string('not_permitted', 'local_elisprogram')); } foreach ($elements as $userid => $label) { if ($this->can_unassign($pgmid, $userid) === true) { $assignrec = $DB->get_record(curriculumstudent::TABLE, array('userid' => $userid, 'curriculumid' => $pgmid)); if (!empty($assignrec)) { $curstu = new curriculumstudent($assignrec); $curstu->delete(); } } } return array('result' => 'success', 'msg' => 'Success'); }
/** * Transforms each result. * @param array $row An array for a single result. * @return array The transformed result. */ protected function results_row_transform(array $row) { $row = parent::results_row_transform($row); // Whether the user can unassign from the program at all. static $canunassignany = null; // Whether the user can unassin any user from the program. static $canunassignall = null; // If not already set, determine whether the user can do any unassigning. if ($canunassignany === null) { $canunassignany = curriculumpage::can_enrol_into_curriculum($this->programid); } // If not already set, determine whether the user can unassign anyone - but only if $canunassignany is true. if ($canunassignany === true && $canunassignall === null) { $cpage = new curriculumpage(); if ($cpage->_has_capability('local/elisprogram:program_enrol', $this->programid)) { $canunassignall = true; } } // Set the 'canunassign' parameter for use in javascript. if ($canunassignall === true) { $row['canunassign'] = '1'; } else { if ($canunassignany === true) { $row['canunassign'] = curriculumstudent::can_manage_assoc($row['element_id'], $this->programid) === true ? '1' : '0'; } else { $row['canunassign'] = '0'; } } return $row; }
function can_do_default() { $id = $this->required_param('id', PARAM_INT); if (curriculumpage::_has_capability('block/curr_admin:curriculum:view', $id)) { //allow viewing but not managing associations return true; } return curriculumpage::_has_capability('block/curr_admin:associate', $id); }
function can_do_default() { $id = $this->required_param('id', PARAM_INT); return curriculumpage::_has_capability('block/curr_admin:curriculum:edit', $id); }
/** * Determines whether the current user is allowed to create, edit, and delete associations * between a user and a curriculum * * @param int $userid The id of the user being associated to the curricula * @param int $curid The id of the curricula we are associating the user to * * @return boolean True if the current user has the required permissions, otherwise false */ public static function can_manage_assoc($userid, $curid) { global $USER; if (!curriculumpage::can_enrol_into_curriculum($curid)) { //the users who satisfty this condition are a superset of those who can manage associations return false; } else { if (curriculumpage::_has_capability('block/curr_admin:curriculum:enrol', $curid)) { //current user has the direct capability return true; } } //get the context for the "indirect" capability $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:curriculum:enrol_cluster_user', $USER->id); $allowed_clusters = array(); //get the clusters and check the context against them $clusters = clustercurriculum::get_clusters($curid); $allowed_clusters = $context->get_allowed_instances($clusters, 'cluster', 'id'); //query to get users associated to at least one enabling cluster $cluster_select = ''; if (empty($allowed_clusters)) { $cluster_select = '0=1'; } else { $cluster_select = 'clusterid IN (' . implode(',', $allowed_clusters) . ')'; } $select = "userid = {$userid} AND {$cluster_select}"; //user just needs to be in one of the possible clusters if (record_exists_select(CLSTUSERTABLE, $select)) { return true; } return false; }
/** * Determines whether the current user is allowed to create, edit, and delete associations * between a user and a curriculum * * @param int $userid The id of the user being associated to the curricula * @param int $curid The id of the curricula we are associating the user to * * @return boolean True if the current user has the required permissions, otherwise false */ public static function can_manage_assoc($userid, $curid) { global $USER, $DB; // TODO: Ugly, this needs to be overhauled $cpage = new curriculumpage(); if (!curriculumpage::can_enrol_into_curriculum($curid)) { //the users who satisfty this condition are a superset of those who can manage associations return false; } else { if ($cpage->_has_capability('local/elisprogram:program_enrol', $curid)) { //current user has the direct capability return true; } } //get the context for the "indirect" capability $context = pm_context_set::for_user_with_capability('cluster', 'local/elisprogram:program_enrol_userset_user', $USER->id); $allowedclusters = array(); // Get the clusters and check the context against them. $clusters = clustercurriculum::get_clusters($curid); $allowedclusters = $context->get_allowed_instances($clusters, 'cluster', 'clusterid'); // Query to get users associated to at least one enabling cluster. $clusterselect = ''; if (empty($allowedclusters)) { $clusterselect = '0=1'; } else { $clusterselect = 'clusterid IN (' . implode(',', $allowedclusters) . ')'; } $select = "userid = {$userid} AND {$clusterselect}"; //user just needs to be in one of the possible clusters if ($DB->record_exists_select(clusterassignment::TABLE, $select)) { return true; } return false; }
/** * Specifies whether the current user can edit corequisites * * @return boolean true if allowed, otherwise false */ function can_do_coreqedit() { $id = $this->required_param('id', PARAM_INT); return curriculumpage::_has_capability('block/curr_admin:associate', $id); }
/** * Whether the user has access to see the main page (assigned list) * @return bool Whether the user has access. */ public function can_do_default() { $id = $this->required_param('id'); $cpage = new curriculumpage(); return $cpage->_has_capability('local/elisprogram:program_view', $id); }
function __construct(&$items, $columns, $pageurl, $decorators = array()) { global $CURMAN, $USER; parent::__construct($items, $columns, $pageurl, $decorators); $id = required_param('id', PARAM_INT); if (!curriculumpage::_has_capability('block/curr_admin:curriculum:enrol', $id)) { $context = cm_context_set::for_user_with_capability('cluster', 'block/curr_admin:curriculum:enrol_cluster_user', $USER->id); $allowed_clusters = array(); //get the clusters assigned to this curriculum $clusters = clustercurriculum::get_clusters($id); if (!empty($clusters)) { foreach ($clusters as $cluster) { if ($context->context_allowed($cluster->clusterid, 'cluster')) { $allowed_clusters[] = $cluster->id; } } } $this->allowed_clusters = $allowed_clusters; } }