admin/roles/allowassign.php

   1 <?php
   2 /**
   3  * this page defines what roles can access (grant user that role and override that roles'
   4  * capabilities in different context. For example, we can say that Teachers can only grant
   5  * student role or modify student role's capabilities. Note that you need both the right
   6  * capability moodle/role:assign or moodle/role:manage and this database table roles_deny_grant
   7  * to be able to grant roles. If a user has moodle/role:manage at site level assignment
   8  * then he can modify the roles_allow_assign table via this interface.
   9  */
  10     require_once('../../config.php');
  11     require_once($CFG->libdir.'/adminlib.php');
  12
  13     admin_externalpage_setup('defineroles');
  14
  15
  16     $sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
  17     require_capability('moodle/role:manage', $sitecontext);
  18
  19 /// form processiong here
  20
  21 /// get all roles
  22
  23     $roles = get_all_roles();
  24
  25     if ($grant = data_submitted()) {
  26
  27         foreach ($grant as $grole => $val) {
  28             if ($grole == 'dummy') {
  29                 continue;
  30             }
  31
  32             $string = explode('_', $grole);
  33             $temp[$string[1]][$string[2]] = 1; // if set, means can access
  34         }
  35
  36 // if current assignment is in data_submitted, ignore, else, write deny into db
  37         foreach ($roles as $srole) {
  38             foreach ($roles as $trole) {
  39                 if (isset($temp[$srole->id][$trole->id])) { // if set, need to write to db
  40                     if (!$record = get_record('role_allow_assign', 'roleid', $srole->id, 'allowassign', $trole->id)) {
  41                         allow_assign($srole->id, $trole->id);
  42                     }
  43                 } else { //if set, means can access, attempt to remove it from db
  44                     delete_records('role_allow_assign', 'roleid', $srole->id, 'allowassign', $trole->id);
  45                 }
  46             }
  47         }
  48     }
  49 /// displaying form here
  50
  51     admin_externalpage_print_header();
  52
  53     $currenttab='allowassign';
  54     require_once('managetabs.php');
  55
  56     $table->tablealign = 'center';
  57     $table->cellpadding = 5;
  58     $table->cellspacing = 0;
  59     $table->width = '90%';
  60     $table->align[] = 'right';
  61
  62 /// get all the roles identifier
  63     foreach ($roles as $role) {
  64         $rolesname[] = format_string($role->name);
  65         $roleids[] = $role->id;
  66         $table->align[] = 'center';
  67         $table->wrap[] = 'nowrap';
  68     }
  69
  70     $table->head = array_merge(array(''), $rolesname);
  71
  72     foreach ($roles as $role) {
  73         $beta = get_box_list($role->id, $roleids);
  74         $table->data[] = array_merge(array(format_string($role->name)), $beta);
  75     }
  76
  77     print_simple_box(get_string('configallowassign', 'admin'), 'center');
  78
  79     echo '<form action="allowassign.php" method="post">';
  80     print_table($table);
  81     echo '<div class="buttons"><input type="submit" value="'.get_string('savechanges').'"/>';
  82     echo '<input type="hidden" name="dummy" value="1" />'; // this is needed otherwise we do not know a form has been submitted
  83     echo '</div></form>';
  84
  85     admin_externalpage_print_footer();
  86
  87
  88
  89 function get_box_list($roleid, $arraylist){
  90
  91     foreach ($arraylist as $targetid) {
  92         if (get_record('role_allow_assign', 'roleid', $roleid, 'allowassign', $targetid)) {
  93             $array[] = '<input type="checkbox" name="s_'.$roleid.'_'.$targetid.'" value="1" checked="checked"/>';
  94         } else {
  95             $array[] = '<input type="checkbox" name="s_'.$roleid.'_'.$targetid.'" value="1" />';
  96         }
  97     }
  98     return $array;
  99 }
 100 ?>