3 * this page defines what roles can access (grant user that role and override that roles'
4 * capabilities in different context. For example, we can say that Teachers can only grant
5 * student role or modify student role's capabilities. Note that you need both the right
6 * capability moodle/role:assign or moodle/role:manage and this database table roles_deny_grant
7 * to be able to grant roles. If a user has moodle/role:manage at site level assignment
8 * then he can modify the roles_allow_assign table via this interface.
10 require_once('../../config.php');
11 require_once($CFG->libdir
.'/adminlib.php');
13 admin_externalpage_setup('defineroles');
16 $sitecontext = get_context_instance(CONTEXT_SYSTEM
);
17 require_capability('moodle/role:manage', $sitecontext);
19 /// form processiong here
23 $roles = get_all_roles();
25 if ($grant = data_submitted()) {
27 foreach ($grant as $grole => $val) {
28 if ($grole == 'dummy') {
32 $string = explode('_', $grole);
33 $temp[$string[1]][$string[2]] = 1; // if set, means can access
36 // if current assignment is in data_submitted, ignore, else, write deny into db
37 foreach ($roles as $srole) {
38 foreach ($roles as $trole) {
39 if (isset($temp[$srole->id
][$trole->id
])) { // if set, need to write to db
40 if (!$record = get_record('role_allow_assign', 'roleid', $srole->id
, 'allowassign', $trole->id
)) {
41 allow_assign($srole->id
, $trole->id
);
43 } else { //if set, means can access, attempt to remove it from db
44 delete_records('role_allow_assign', 'roleid', $srole->id
, 'allowassign', $trole->id
);
48 // updated allowassigns sitewide...
49 mark_context_dirty($sitecontext->path
);
51 /// displaying form here
53 admin_externalpage_print_header();
55 $currenttab='allowassign';
56 require_once('managetabs.php');
58 $table->tablealign
= 'center';
59 $table->cellpadding
= 5;
60 $table->cellspacing
= 0;
61 $table->width
= '90%';
62 $table->align
[] = 'right';
64 /// get all the roles identifier
65 foreach ($roles as $role) {
66 $rolesname[] = format_string($role->name
);
67 $roleids[] = $role->id
;
68 $table->align
[] = 'center';
69 $table->wrap
[] = 'nowrap';
72 $table->head
= array_merge(array(''), $rolesname);
74 foreach ($roles as $role) {
75 $beta = get_box_list($role->id
, $roleids);
76 $table->data
[] = array_merge(array(format_string($role->name
)), $beta);
79 print_simple_box(get_string('configallowassign', 'admin'), 'center');
81 echo '<form action="allowassign.php" method="post">';
83 echo '<div class="buttons"><input type="submit" value="'.get_string('savechanges').'"/>';
84 echo '<input type="hidden" name="dummy" value="1" />'; // this is needed otherwise we do not know a form has been submitted
87 admin_externalpage_print_footer();
91 function get_box_list($roleid, $arraylist){
93 foreach ($arraylist as $targetid) {
94 if (get_record('role_allow_assign', 'roleid', $roleid, 'allowassign', $targetid)) {
95 $array[] = '<input type="checkbox" name="s_'.$roleid.'_'.$targetid.'" value="1" checked="checked"/>';
97 $array[] = '<input type="checkbox" name="s_'.$roleid.'_'.$targetid.'" value="1" />';