1 | <?php |
---|
2 | // This file is part of Moodle - http://moodle.org/ |
---|
3 | // |
---|
4 | // Moodle is free software: you can redistribute it and/or modify |
---|
5 | // it under the terms of the GNU General Public License as published by |
---|
6 | // the Free Software Foundation, either version 3 of the License, or |
---|
7 | // (at your option) any later version. |
---|
8 | // |
---|
9 | // Moodle is distributed in the hope that it will be useful, |
---|
10 | // but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
11 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
12 | // GNU General Public License for more details. |
---|
13 | // |
---|
14 | // You should have received a copy of the GNU General Public License |
---|
15 | // along with Moodle. If not, see <http://www.gnu.org/licenses/>. |
---|
16 | |
---|
17 | /** |
---|
18 | * Library code used by the roles administration interfaces. |
---|
19 | * |
---|
20 | * @package core_role |
---|
21 | * @copyright 2009 Petr Skoda {@link http://skodak.org} |
---|
22 | * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later |
---|
23 | */ |
---|
24 | |
---|
25 | defined('MOODLE_INTERNAL') || die(); |
---|
26 | |
---|
27 | /** |
---|
28 | * Subclass of core_role_capability_table_base for use on the Permissions page. |
---|
29 | */ |
---|
30 | class core_role_permissions_table extends core_role_capability_table_base { |
---|
31 | protected $contextname; |
---|
32 | protected $allowoverrides; |
---|
33 | protected $allowsafeoverrides; |
---|
34 | protected $overridableroles; |
---|
35 | protected $roles; |
---|
36 | protected $icons = array(); |
---|
37 | |
---|
38 | /** |
---|
39 | * Constructor. |
---|
40 | * @param context $context the context this table relates to. |
---|
41 | * @param string $contextname $context->get_context_name() - to save recomputing. |
---|
42 | * @param array $allowoverrides |
---|
43 | * @param array $allowsafeoverrides |
---|
44 | * @param array $overridableroles |
---|
45 | */ |
---|
46 | public function __construct($context, $contextname, $allowoverrides, $allowsafeoverrides, $overridableroles) { |
---|
47 | parent::__construct($context, 'permissions'); |
---|
48 | $this->contextname = $contextname; |
---|
49 | $this->allowoverrides = $allowoverrides; |
---|
50 | $this->allowsafeoverrides = $allowsafeoverrides; |
---|
51 | $this->overridableroles = $overridableroles; |
---|
52 | |
---|
53 | $roles = get_all_roles($context); |
---|
54 | $this->roles = role_fix_names(array_reverse($roles, true), $context, ROLENAME_ALIAS, true); |
---|
55 | |
---|
56 | } |
---|
57 | |
---|
58 | protected function add_header_cells() { |
---|
59 | echo '<th>' . get_string('risks', 'core_role') . '</th>'; |
---|
60 | echo '<th>' . get_string('neededroles', 'core_role') . '</th>'; |
---|
61 | echo '<th>' . get_string('prohibitedroles', 'core_role') . '</th>'; |
---|
62 | } |
---|
63 | |
---|
64 | protected function num_extra_columns() { |
---|
65 | return 3; |
---|
66 | } |
---|
67 | |
---|
68 | protected function add_row_cells($capability) { |
---|
69 | global $OUTPUT, $PAGE; |
---|
70 | |
---|
71 | $context = $this->context; |
---|
72 | $contextid = $this->context->id; |
---|
73 | $allowoverrides = $this->allowoverrides; |
---|
74 | $allowsafeoverrides = $this->allowsafeoverrides; |
---|
75 | $overridableroles = $this->overridableroles; |
---|
76 | $roles = $this->roles; |
---|
77 | |
---|
78 | |
---|
79 | list($needed, $forbidden) = get_roles_with_cap_in_context($context, $capability->name); |
---|
80 | $neededroles = array(); |
---|
81 | $forbiddenroles = array(); |
---|
82 | $allowable = $overridableroles; |
---|
83 | $forbitable = $overridableroles; |
---|
84 | foreach ($neededroles as $id => $unused) { |
---|
85 | unset($allowable[$id]); |
---|
86 | } |
---|
87 | foreach ($forbidden as $id => $unused) { |
---|
88 | unset($allowable[$id]); |
---|
89 | unset($forbitable[$id]); |
---|
90 | } |
---|
91 | |
---|
92 | foreach ($roles as $id => $name) { |
---|
93 | if (isset($needed[$id])) { |
---|
94 | $neededroles[$id] = $roles[$id]; |
---|
95 | if (isset($overridableroles[$id]) and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) { |
---|
96 | $preventurl = new moodle_url($PAGE->url, array('contextid'=>$contextid, 'roleid'=>$id, 'capability'=>$capability->name, 'prevent'=>1)); |
---|
97 | $neededroles[$id] .= $OUTPUT->action_icon($preventurl, new pix_icon('t/delete', get_string('prevent', 'core_role'))); |
---|
98 | } |
---|
99 | } |
---|
100 | } |
---|
101 | $neededroles = implode(', ', $neededroles); |
---|
102 | foreach ($roles as $id => $name) { |
---|
103 | if (isset($forbidden[$id]) and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) { |
---|
104 | $forbiddenroles[$id] = $roles[$id]; |
---|
105 | if (isset($overridableroles[$id]) and prohibit_is_removable($id, $context, $capability->name)) { |
---|
106 | $unprohibiturl = new moodle_url($PAGE->url, array('contextid'=>$contextid, 'roleid'=>$id, 'capability'=>$capability->name, 'unprohibit'=>1)); |
---|
107 | $forbiddenroles[$id] .= $OUTPUT->action_icon($unprohibiturl, new pix_icon('t/delete', get_string('delete'))); |
---|
108 | } |
---|
109 | } |
---|
110 | } |
---|
111 | $forbiddenroles = implode(', ', $forbiddenroles); |
---|
112 | |
---|
113 | if ($allowable and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) { |
---|
114 | $allowurl = new moodle_url($PAGE->url, array('contextid'=>$contextid, 'capability'=>$capability->name, 'allow'=>1)); |
---|
115 | $neededroles .= '<div class="allowmore">'.$OUTPUT->action_icon($allowurl, new pix_icon('t/add', get_string('allow', 'core_role'))).'</div>'; |
---|
116 | } |
---|
117 | |
---|
118 | if ($forbitable and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) { |
---|
119 | $prohibiturl = new moodle_url($PAGE->url, array('contextid'=>$contextid, 'capability'=>$capability->name, 'prohibit'=>1)); |
---|
120 | $forbiddenroles .= '<div class="prohibitmore">'.$OUTPUT->action_icon($prohibiturl, new pix_icon('t/add', get_string('prohibit', 'core_role'))).'</div>'; |
---|
121 | } |
---|
122 | |
---|
123 | $risks = $this->get_risks($capability); |
---|
124 | |
---|
125 | echo '<td>' . $risks . '</td>'; |
---|
126 | echo '<td>' . $neededroles . '</td>'; |
---|
127 | echo '<td>' . $forbiddenroles . '</td>'; |
---|
128 | } |
---|
129 | |
---|
130 | protected function get_risks($capability) { |
---|
131 | global $OUTPUT; |
---|
132 | |
---|
133 | $allrisks = get_all_risks(); |
---|
134 | $risksurl = new moodle_url(get_docs_url(s(get_string('risks', 'core_role')))); |
---|
135 | |
---|
136 | $return = ''; |
---|
137 | |
---|
138 | foreach ($allrisks as $type => $risk) { |
---|
139 | if ($risk & (int)$capability->riskbitmask) { |
---|
140 | if (!isset($this->icons[$type])) { |
---|
141 | $pixicon = new pix_icon('/i/' . str_replace('risk', 'risk_', $type), get_string($type . 'short', 'admin')); |
---|
142 | $this->icons[$type] = $OUTPUT->action_icon($risksurl, $pixicon, new popup_action('click', $risksurl)); |
---|
143 | } |
---|
144 | $return .= $this->icons[$type]; |
---|
145 | } |
---|
146 | } |
---|
147 | |
---|
148 | return $return; |
---|
149 | } |
---|
150 | } |
---|