1 | <?php |
---|
2 | // This file is part of Moodle - http://moodle.org/ |
---|
3 | // |
---|
4 | // Moodle is free software: you can redistribute it and/or modify |
---|
5 | // it under the terms of the GNU General Public License as published by |
---|
6 | // the Free Software Foundation, either version 3 of the License, or |
---|
7 | // (at your option) any later version. |
---|
8 | // |
---|
9 | // Moodle is distributed in the hope that it will be useful, |
---|
10 | // but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
11 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
12 | // GNU General Public License for more details. |
---|
13 | // |
---|
14 | // You should have received a copy of the GNU General Public License |
---|
15 | // along with Moodle. If not, see <http://www.gnu.org/licenses/>. |
---|
16 | |
---|
17 | /** |
---|
18 | * New role XML processing. |
---|
19 | * |
---|
20 | * @package core_role |
---|
21 | * @copyright 2013 Petr Skoda {@link http://skodak.org} |
---|
22 | * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later |
---|
23 | */ |
---|
24 | |
---|
25 | defined('MOODLE_INTERNAL') || die(); |
---|
26 | |
---|
27 | /** |
---|
28 | * XML role file manipulation class. |
---|
29 | * |
---|
30 | * @package core_role |
---|
31 | * @copyright 2013 Petr Skoda {@link http://skodak.org} |
---|
32 | * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later |
---|
33 | */ |
---|
34 | class core_role_preset { |
---|
35 | |
---|
36 | /** |
---|
37 | * Send role export xml file to browser. |
---|
38 | * |
---|
39 | * @param int $roleid |
---|
40 | * @return void does not return, send the file to output |
---|
41 | */ |
---|
42 | public static function send_export_xml($roleid) { |
---|
43 | global $CFG, $DB; |
---|
44 | require_once($CFG->libdir . '/filelib.php'); |
---|
45 | |
---|
46 | $role = $DB->get_record('role', array('id'=>$roleid), '*', MUST_EXIST); |
---|
47 | |
---|
48 | if ($role->shortname) { |
---|
49 | $filename = $role->shortname.'.xml'; |
---|
50 | } else { |
---|
51 | $filename = 'role.xml'; |
---|
52 | } |
---|
53 | $xml = self::get_export_xml($roleid); |
---|
54 | send_file($xml, $filename, 0, false, true, true); |
---|
55 | die(); |
---|
56 | } |
---|
57 | |
---|
58 | /** |
---|
59 | * Generate role export xml file. |
---|
60 | * |
---|
61 | * @param $roleid |
---|
62 | * @return string |
---|
63 | */ |
---|
64 | public static function get_export_xml($roleid) { |
---|
65 | global $DB; |
---|
66 | |
---|
67 | $role = $DB->get_record('role', array('id'=>$roleid), '*', MUST_EXIST); |
---|
68 | |
---|
69 | $dom = new DOMDocument('1.0', 'UTF-8'); |
---|
70 | $top = $dom->createElement('role'); |
---|
71 | $dom->appendChild($top); |
---|
72 | |
---|
73 | $top->appendChild($dom->createElement('shortname', $role->shortname)); |
---|
74 | $top->appendChild($dom->createElement('name', $role->name)); |
---|
75 | $top->appendChild($dom->createElement('description', $role->description)); |
---|
76 | $top->appendChild($dom->createElement('archetype', $role->archetype)); |
---|
77 | |
---|
78 | $contextlevels = $dom->createElement('contextlevels'); |
---|
79 | $top->appendChild($contextlevels); |
---|
80 | foreach (get_role_contextlevels($roleid) as $level) { |
---|
81 | $name = context_helper::get_class_for_level($level); |
---|
82 | $name = preg_replace('/^context_/', '', $name); |
---|
83 | $contextlevels->appendChild($dom->createElement('level', $name)); |
---|
84 | } |
---|
85 | |
---|
86 | foreach (array('assign', 'override', 'switch') as $type) { |
---|
87 | $allows = $dom->createElement('allow'.$type); |
---|
88 | $top->appendChild($allows); |
---|
89 | $records = $DB->get_records('role_allow_'.$type, array('roleid'=>$roleid), "allow$type ASC"); |
---|
90 | foreach ($records as $record) { |
---|
91 | if (!$ar = $DB->get_record('role', array('id'=>$record->{'allow'.$type}))) { |
---|
92 | continue; |
---|
93 | } |
---|
94 | $allows->appendChild($dom->createElement('shortname', $ar->shortname)); |
---|
95 | } |
---|
96 | } |
---|
97 | |
---|
98 | $permissions = $dom->createElement('permissions'); |
---|
99 | $top->appendChild($permissions); |
---|
100 | |
---|
101 | $capabilities = $DB->get_records_sql_menu( |
---|
102 | "SELECT capability, permission |
---|
103 | FROM {role_capabilities} |
---|
104 | WHERE contextid = :syscontext AND roleid = :roleid |
---|
105 | ORDER BY capability ASC", |
---|
106 | array('syscontext'=>context_system::instance()->id, 'roleid'=>$roleid)); |
---|
107 | |
---|
108 | $allcapabilities = $DB->get_records('capabilities', array(), 'name ASC'); |
---|
109 | foreach ($allcapabilities as $cap) { |
---|
110 | if (!isset($capabilities[$cap->name])) { |
---|
111 | $permissions->appendChild($dom->createElement('inherit', $cap->name)); |
---|
112 | } |
---|
113 | } |
---|
114 | |
---|
115 | foreach ($capabilities as $capability => $permission) { |
---|
116 | if ($permission == CAP_ALLOW) { |
---|
117 | $permissions->appendChild($dom->createElement('allow', $capability)); |
---|
118 | } |
---|
119 | } |
---|
120 | foreach ($capabilities as $capability => $permission) { |
---|
121 | if ($permission == CAP_PREVENT) { |
---|
122 | $permissions->appendChild($dom->createElement('prevent', $capability)); |
---|
123 | } |
---|
124 | } |
---|
125 | foreach ($capabilities as $capability => $permission) { |
---|
126 | if ($permission == CAP_PROHIBIT) { |
---|
127 | $permissions->appendChild($dom->createElement('prohibit', $capability)); |
---|
128 | } |
---|
129 | } |
---|
130 | |
---|
131 | return $dom->saveXML(); |
---|
132 | } |
---|
133 | |
---|
134 | /** |
---|
135 | * Is this XML valid role preset? |
---|
136 | * |
---|
137 | * @param string $xml |
---|
138 | * @return bool |
---|
139 | */ |
---|
140 | public static function is_valid_preset($xml) { |
---|
141 | $dom = new DOMDocument(); |
---|
142 | if (!$dom->loadXML($xml)) { |
---|
143 | return false; |
---|
144 | } else { |
---|
145 | $val = @$dom->schemaValidate(__DIR__.'/../role_schema.xml'); |
---|
146 | if (!$val) { |
---|
147 | return false; |
---|
148 | } |
---|
149 | } |
---|
150 | return true; |
---|
151 | } |
---|
152 | |
---|
153 | /** |
---|
154 | * Parse role preset xml file. |
---|
155 | * |
---|
156 | * @param string $xml |
---|
157 | * @return array role info, null on error |
---|
158 | */ |
---|
159 | public static function parse_preset($xml) { |
---|
160 | global $DB; |
---|
161 | |
---|
162 | $info = array(); |
---|
163 | |
---|
164 | if (!self::is_valid_preset($xml)) { |
---|
165 | return null; |
---|
166 | } |
---|
167 | |
---|
168 | $dom = new DOMDocument(); |
---|
169 | $dom->loadXML($xml); |
---|
170 | |
---|
171 | $info['shortname'] = self::get_node_value($dom, '/role/shortname'); |
---|
172 | if (isset($info['shortname'])) { |
---|
173 | $info['shortname'] = strtolower(clean_param($info['shortname'], PARAM_ALPHANUMEXT)); |
---|
174 | } |
---|
175 | |
---|
176 | $info['name'] = self::get_node_value($dom, '/role/name'); |
---|
177 | if (isset($value)) { |
---|
178 | $info['name'] = clean_param($info['name'], PARAM_TEXT); |
---|
179 | } |
---|
180 | |
---|
181 | $info['description'] = self::get_node_value($dom, '/role/description'); |
---|
182 | if (isset($value)) { |
---|
183 | $info['description'] = clean_param($info['description'], PARAM_CLEANHTML); |
---|
184 | } |
---|
185 | |
---|
186 | $info['archetype'] = self::get_node_value($dom, '/role/archetype'); |
---|
187 | if (isset($value)) { |
---|
188 | $archetypes = get_role_archetypes(); |
---|
189 | if (!isset($archetypes[$info['archetype']])) { |
---|
190 | $info['archetype'] = null; |
---|
191 | } |
---|
192 | } |
---|
193 | |
---|
194 | $values = self::get_node_children_values($dom, '/role/contextlevels', 'level'); |
---|
195 | if (isset($values)) { |
---|
196 | $info['contextlevels'] = array(); |
---|
197 | $levelmap = array_flip(context_helper::get_all_levels()); |
---|
198 | foreach ($values as $value) { |
---|
199 | $level = 'context_'.$value; |
---|
200 | if (isset($levelmap[$level])) { |
---|
201 | $cl = $levelmap[$level]; |
---|
202 | $info['contextlevels'][$cl] = $cl; |
---|
203 | } |
---|
204 | } |
---|
205 | } |
---|
206 | |
---|
207 | foreach (array('assign', 'override', 'switch') as $type) { |
---|
208 | $values = self::get_node_children_values($dom, '/role/allow'.$type, 'shortname'); |
---|
209 | if (!isset($values)) { |
---|
210 | $info['allow'.$type] = null; |
---|
211 | continue; |
---|
212 | } |
---|
213 | $info['allow'.$type] = array(); |
---|
214 | foreach ($values as $value) { |
---|
215 | if ($value === $info['shortname']) { |
---|
216 | array_unshift($info['allow'.$type], -1); // Means self. |
---|
217 | } |
---|
218 | if ($role = $DB->get_record('role', array('shortname'=>$value))) { |
---|
219 | $info['allow'.$type][] = $role->id; |
---|
220 | continue; |
---|
221 | } |
---|
222 | } |
---|
223 | } |
---|
224 | |
---|
225 | $info['permissions'] = array(); |
---|
226 | $values = self::get_node_children_values($dom, '/role/permissions', 'inherit'); |
---|
227 | if (isset($values)) { |
---|
228 | foreach ($values as $value) { |
---|
229 | if ($value = clean_param($value, PARAM_CAPABILITY)) { |
---|
230 | $info['permissions'][$value] = CAP_INHERIT; |
---|
231 | } |
---|
232 | } |
---|
233 | } |
---|
234 | $values = self::get_node_children_values($dom, '/role/permissions', 'allow'); |
---|
235 | if (isset($values)) { |
---|
236 | foreach ($values as $value) { |
---|
237 | if ($value = clean_param($value, PARAM_CAPABILITY)) { |
---|
238 | $info['permissions'][$value] = CAP_ALLOW; |
---|
239 | } |
---|
240 | } |
---|
241 | } |
---|
242 | $values = self::get_node_children_values($dom, '/role/permissions', 'prevent'); |
---|
243 | if (isset($values)) { |
---|
244 | foreach ($values as $value) { |
---|
245 | if ($value = clean_param($value, PARAM_CAPABILITY)) { |
---|
246 | $info['permissions'][$value] = CAP_PREVENT; |
---|
247 | } |
---|
248 | } |
---|
249 | } |
---|
250 | $values = self::get_node_children_values($dom, '/role/permissions', 'prohibit'); |
---|
251 | if (isset($values)) { |
---|
252 | foreach ($values as $value) { |
---|
253 | if ($value = clean_param($value, PARAM_CAPABILITY)) { |
---|
254 | $info['permissions'][$value] = CAP_PROHIBIT; |
---|
255 | } |
---|
256 | } |
---|
257 | } |
---|
258 | |
---|
259 | return $info; |
---|
260 | } |
---|
261 | |
---|
262 | protected static function get_node(DOMDocument $dom, $path) { |
---|
263 | $parts = explode('/', $path); |
---|
264 | $elname = end($parts); |
---|
265 | |
---|
266 | $nodes = $dom->getElementsByTagName($elname); |
---|
267 | |
---|
268 | if ($nodes->length == 0) { |
---|
269 | return null; |
---|
270 | } |
---|
271 | |
---|
272 | foreach ($nodes as $node) { |
---|
273 | if ($node->getNodePath() === $path) { |
---|
274 | return $node; |
---|
275 | } |
---|
276 | } |
---|
277 | |
---|
278 | return null; |
---|
279 | } |
---|
280 | |
---|
281 | protected static function get_node_value(DOMDocument $dom, $path) { |
---|
282 | if (!$node = self::get_node($dom, $path)) { |
---|
283 | return null; |
---|
284 | } |
---|
285 | return $node->nodeValue; |
---|
286 | } |
---|
287 | |
---|
288 | protected static function get_node_children(DOMDocument $dom, $path, $tagname) { |
---|
289 | if (!$node = self::get_node($dom, $path)) { |
---|
290 | return null; |
---|
291 | } |
---|
292 | |
---|
293 | $return = array(); |
---|
294 | foreach ($node->childNodes as $child) { |
---|
295 | if ($child->nodeName === $tagname) { |
---|
296 | $return[] = $child; |
---|
297 | } |
---|
298 | } |
---|
299 | return $return; |
---|
300 | } |
---|
301 | |
---|
302 | protected static function get_node_children_values(DOMDocument $dom, $path, $tagname) { |
---|
303 | $children = self::get_node_children($dom, $path, $tagname); |
---|
304 | |
---|
305 | if ($children === null) { |
---|
306 | return null; |
---|
307 | } |
---|
308 | $return = array(); |
---|
309 | foreach ($children as $child) { |
---|
310 | $return[] = $child->nodeValue; |
---|
311 | } |
---|
312 | return $return; |
---|
313 | } |
---|
314 | } |
---|