search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Automatic installer.php lang files by installer_builder (20070726)
[moodle-linuxchix.git] / admin / roles / manage.php
blob09f647fef772e174498ffecd2d20c6fc4d50a6a6
1 <?php //$Id$
2
3 require_once('../../config.php');
4
5 require_once($CFG->libdir.'/adminlib.php');
6
7 admin_externalpage_setup('defineroles');
8
9 $roleid = optional_param('roleid', 0, PARAM_INT); // if set, we are editing a role
10 $name = optional_param('name', '', PARAM_MULTILANG); // new role name
11 $shortname = optional_param('shortname', '', PARAM_RAW); // new role shortname, special cleaning before storage
12 $description = optional_param('description', '', PARAM_CLEAN); // new role desc
13 $action = optional_param('action', '', PARAM_ALPHA);
14 $confirm = optional_param('confirm', 0, PARAM_BOOL);
15 $cancel = optional_param('cancel', 0, PARAM_BOOL);
16
17 $sitecontext = get_context_instance(CONTEXT_SYSTEM);
18
19 require_capability('moodle/role:manage', $sitecontext);
20
21 if ($cancel) {
22 redirect('manage.php');
23 }
24
25 $errors = array();
26 $newrole = false;
27
28 $roles = get_all_roles();
29 $rolescount = count($roles);
30
31 /// fix sort order if needed
32 $rolesort = array();
33 $i = 0;
34 foreach ($roles as $rolex) {
35 $rolesort[$i] = $rolex->id;
36 if ($rolex->sortorder != $i) {
37 $r = new object();
38 $r->id = $rolex->id;
39 $r->sortorder = $i;
40 update_record('role', $r);
41 $roles[$rolex->id]->sortorder = $i;
42 }
43 $i++;
44 }
45
46 // do not delete these default system roles
47 $defaultroles = array();
48 $defaultroles[] = $CFG->notloggedinroleid;
49 $defaultroles[] = $CFG->guestroleid;
50 $defaultroles[] = $CFG->defaultuserroleid;
51 $defaultroles[] = $CFG->defaultcourseroleid;
52
53 /// form processing, editing a role, adding a role, deleting a role etc.
54 switch ($action) {
55 case 'add':
56 if ($data = data_submitted() and confirm_sesskey()) {
57
58 $shortname = moodle_strtolower(clean_param(clean_filename($shortname), PARAM_SAFEDIR)); // only lowercase safe ASCII characters
59 $legacytype = required_param('legacytype', PARAM_RAW);
60
61 $legacyroles = get_legacy_roles();
62 if (!array_key_exists($legacytype, $legacyroles)) {
63 $legacytype = '';
64 }
65
66 if (empty($name)) {
67 $errors['name'] = get_string('errorbadrolename', 'role');
68 } else if (count_records('role', 'name', $name)) {
69 $errors['name'] = get_string('errorexistsrolename', 'role');
70 }
71
72 if (empty($shortname)) {
73 $errors['shortname'] = get_string('errorbadroleshortname', 'role');
74 } else if (count_records('role', 'shortname', $shortname)) {
75 $errors['shortname'] = get_string('errorexistsroleshortname', 'role');
76 }
77
78 if (empty($errors)) {
79 $newroleid = create_role($name, $shortname, $description);
80
81 // set proper legacy type
82 if (!empty($legacytype)) {
83 assign_capability($legacyroles[$legacytype], CAP_ALLOW, $newroleid, $sitecontext->id);
84 }
85
86 } else {
87 $newrole = new object();
88 $newrole->name = $name;
89 $newrole->shortname = $shortname;
90 $newrole->description = $description;
91 $newrole->legacytype = $legacytype;
92 }
93
94 $allowed_values = array(CAP_INHERIT, CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT);
95 $capabilities = fetch_context_capabilities($sitecontext); // capabilities applicable in this context
96
97 foreach ($capabilities as $cap) {
98 if (!isset($data->{$cap->name})) {
99 continue;
100 }
101
102 // legacy caps have their own selector
103 if (islegacy($data->{$cap->name})) {
104 continue;
105 }
106
107 $capname = $cap->name;
108 $value = clean_param($data->{$cap->name}, PARAM_INT);
109 if (!in_array($value, $allowed_values)) {
110 continue;
111 }
112
113 if (empty($errors)) {
114 assign_capability($capname, $value, $newroleid, $sitecontext->id);
115 } else {
116 $newrole->$capname = $value;
117 }
118 }
119
120 if (empty($errors)) {
121 redirect('manage.php');
122 }
123 }
124 break;
125
126 case 'edit':
127 if ($data = data_submitted() and confirm_sesskey()) {
128
129 $shortname = moodle_strtolower(clean_param(clean_filename($shortname), PARAM_SAFEDIR)); // only lowercase safe ASCII characters
130 $legacytype = required_param('legacytype', PARAM_RAW);
131
132 $legacyroles = get_legacy_roles();
133 if (!array_key_exists($legacytype, $legacyroles)) {
134 $legacytype = '';
135 }
136
137 if (empty($name)) {
138 $errors['name'] = get_string('errorbadrolename', 'role');
139 } else if ($rs = get_records('role', 'name', $name)) {
140 unset($rs[$roleid]);
141 if (!empty($rs)) {
142 $errors['name'] = get_string('errorexistsrolename', 'role');
143 }
144 }
145
146 if (empty($shortname)) {
147 $errors['shortname'] = get_string('errorbadroleshortname', 'role');
148 } else if ($rs = get_records('role', 'shortname', $shortname)) {
149 unset($rs[$roleid]);
150 if (!empty($rs)) {
151 $errors['shortname'] = get_string('errorexistsroleshortname', 'role');
152 }
153 }
154 if (!empty($errors)) {
155 $newrole = new object();
156 $newrole->name = $name;
157 $newrole->shortname = $shortname;
158 $newrole->description = $description;
159 $newrole->legacytype = $legacytype;
160 }
161
162 $allowed_values = array(CAP_INHERIT, CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT);
163 $capabilities = fetch_context_capabilities($sitecontext); // capabilities applicable in this context
164
165 foreach ($capabilities as $cap) {
166 if (!isset($data->{$cap->name})) {
167 continue;
168 }
169
170 // legacy caps have their own selector
171 if (islegacy($data->{$cap->name}) === 0 ) {
172 continue;
173 }
174
175 $capname = $cap->name;
176 $value = clean_param($data->{$cap->name}, PARAM_INT);
177 if (!in_array($value, $allowed_values)) {
178 continue;
179 }
180
181 if (!empty($errors)) {
182 $newrole->$capname = $value;
183 continue;
184 }
185
186 // edit default caps
187 $SQL = "SELECT * FROM {$CFG->prefix}role_capabilities
188 WHERE roleid = $roleid AND capability = '$capname'
189 AND contextid = $sitecontext->id";
190
191 $localoverride = get_record_sql($SQL);
192
193 if ($localoverride) { // update current overrides
194 if ($value == CAP_INHERIT) { // inherit = delete
195 unassign_capability($capname, $roleid, $sitecontext->id);
196
197 } else {
198 $localoverride->permission = $value;
199 $localoverride->timemodified = time();
200 $localoverride->modifierid = $USER->id;
201 update_record('role_capabilities', $localoverride);
202 }
203 } else { // insert a record
204 if ($value != CAP_INHERIT) {
205 assign_capability($capname, $value, $roleid, $sitecontext->id);
206 }
207 }
208
209 }
210
211 if (empty($errors)) {
212 // update normal role settings
213 $role->id = $roleid;
214 $role->name = $name;
215 $role->shortname = $shortname;
216 $role->description = $description;
217
218 if (!update_record('role', $role)) {
219 error('Could not update role!');
220 }
221
222 // set proper legacy type
223 foreach($legacyroles as $ltype=>$lcap) {
224 if ($ltype == $legacytype) {
225 assign_capability($lcap, CAP_ALLOW, $roleid, $sitecontext->id);
226 } else {
227 unassign_capability($lcap, $roleid);
228 }
229 }
230
231 redirect('manage.php');
232 }
233 }
234 break;
235
236 case 'delete':
237 if (in_array($roleid, $defaultroles)) {
238 error('This role is used as one of the default system roles, it can not be deleted');
239 }
240 if ($confirm and data_submitted() and confirm_sesskey()) {
241 if (!delete_role($roleid)) {
242 error('Could not delete role with ID '.$roleid);
243 }
244
245 } else if (confirm_sesskey()){
246 // show confirmation
247 admin_externalpage_print_header();
248 $optionsyes = array('action'=>'delete', 'roleid'=>$roleid, 'sesskey'=>sesskey(), 'confirm'=>1);
249 $a = new object();
250 $a->id = $roleid;
251 $a->name = $roles[$roleid]->name;
252 $a->shortname = $roles[$roleid]->shortname;
253 $a->count = (int)count_records('role_assignments', 'roleid', $roleid);
254 notice_yesno(get_string('deleterolesure', 'role', $a), 'manage.php', 'manage.php', $optionsyes, NULL, 'post', 'get');
255 admin_externalpage_print_footer();
256 die;
257 }
258
259 redirect('manage.php');
260 break;
261
262 case 'moveup':
263 if (array_key_exists($roleid, $roles) and confirm_sesskey()) {
264 $role = $roles[$roleid];
265 if ($role->sortorder > 0) {
266 $above = $roles[$rolesort[$role->sortorder - 1]];
267
268 if (!switch_roles($role, $above)) {
269 error("Cannot move role with ID $roleid");
270 }
271 }
272 }
273
274 redirect('manage.php');
275 break;
276
277 case 'movedown':
278 if (array_key_exists($roleid, $roles) and confirm_sesskey()) {
279 $role = $roles[$roleid];
280 if ($role->sortorder + 1 < $rolescount) {
281 $below = $roles[$rolesort[$role->sortorder + 1]];
282
283 if (!switch_roles($role, $below)) {
284 error("Cannot move role with ID $roleid");
285 }
286 }
287 }
288
289 redirect('manage.php');
290 break;
291
292 case 'duplicate':
293 if (!array_key_exists($roleid, $roles)) {
294 redirect('manage.php');
295 }
296
297 if ($confirm and data_submitted() and confirm_sesskey()) {
298 //ok - lets duplicate!
299 } else {
300 // show confirmation
301 admin_externalpage_print_header();
302 $optionsyes = array('action'=>'duplicate', 'roleid'=>$roleid, 'sesskey'=>sesskey(), 'confirm'=>1);
303 $optionsno = array('action'=>'view', 'roleid'=>$roleid);
304 $a = new object();
305 $a->id = $roleid;
306 $a->name = $roles[$roleid]->name;
307 $a->shortname = $roles[$roleid]->shortname;
308 notice_yesno(get_string('duplicaterolesure', 'role', $a), 'manage.php', 'manage.php', $optionsyes, $optionsno, 'post', 'get');
309 admin_externalpage_print_footer();
310 die;
311 }
312
313 // duplicate current role
314 $sourcerole = get_record('role','id',$roleid);
315
316 $fullname = $sourcerole->name;
317 $shortname = $sourcerole->shortname;
318 $currentfullname = "";
319 $currentshortname = "";
320 $counter = 0;
321
322 // find a name for the duplicated role
323 do {
324 if ($counter) {
325 $suffixfull = " ".get_string("copyasnoun")." ".$counter;
326 $suffixshort = "_".$counter;
327 } else {
328 $suffixfull = "";
329 $suffixshort = "";
330 }
331 $currentfullname = $fullname.$suffixfull;
332 // Limit the size of shortname - database column accepts <= 15 chars
333 $currentshortname = substr($shortname, 0, 15 - strlen($suffixshort)).$suffixshort;
334 $coursefull = get_record("role","name",addslashes($currentfullname));
335 $courseshort = get_record("role","shortname",addslashes($currentshortname));
336 $counter++;
337 } while ($coursefull || $courseshort);
338
339 $description = 'duplicate of '.$fullname;
340 if ($newrole = create_role($currentfullname, $currentshortname, $description)) {
341 // dupilcate all the capabilities
342 role_cap_duplicate($sourcerole, $newrole);
343 }
344 redirect('manage.php');
345 break;
346
347 case 'reset':
348 if (!array_key_exists($roleid, $roles)) {
349 redirect('manage.php');
350 }
351
352 if ($confirm and data_submitted() and confirm_sesskey()) {
353 reset_role_capabilities($roleid);
354 redirect('manage.php?action=view&amp;roleid='.$roleid);
355
356 } else {
357 // show confirmation
358 admin_externalpage_print_header();
359 $optionsyes = array('action'=>'reset', 'roleid'=>$roleid, 'sesskey'=>sesskey(), 'confirm'=>1);
360 $optionsno = array('action'=>'view', 'roleid'=>$roleid);
361 $a = new object();
362 $a->id = $roleid;
363 $a->name = $roles[$roleid]->name;
364 $a->shortname = $roles[$roleid]->shortname;
365 $a->legacytype = get_legacy_type($roleid);
366 if (empty($a->legacytype)) {
367 $warning = get_string('resetrolesurenolegacy', 'role', $a);
368 } else {
369 $warning = get_string('resetrolesure', 'role', $a);
370 }
371 notice_yesno($warning, 'manage.php', 'manage.php', $optionsyes, $optionsno, 'post', 'get');
372 admin_externalpage_print_footer();
373 die;
374 }
375
376 break;
377
378 default:
379 break;
380 }
381
382 /// print UI now
383
384 admin_externalpage_print_header();
385
386 $currenttab = 'manage';
387 include_once('managetabs.php');
388
389 if (($roleid and ($action == 'view' or $action == 'edit')) or $action == 'add') { // view or edit role details
390
391 if ($action == 'add') {
392 $roleid = 0;
393 if (empty($errors) or empty($newrole)) {
394 $role = new object();
395 $role->name = '';
396 $role->shortname = '';
397 $role->description = '';
398 $role->legacytype = '';
399 } else {
400 $role = stripslashes_safe($newrole);
401 }
402 } else if ($action == 'edit' and !empty($errors) and !empty($newrole)) {
403 $role = stripslashes_safe($newrole);
404 } else {
405 if(!$role = get_record('role', 'id', $roleid)) {
406 error('Incorrect role ID!');
407 }
408 $role->legacytype = get_legacy_type($role->id);
409 }
410
411 foreach ($roles as $rolex) {
412 $roleoptions[$rolex->id] = strip_tags(format_string($rolex->name));
413 }
414
415 // this is the array holding capabilities of this role sorted till this context
416 $r_caps = role_context_capabilities($roleid, $sitecontext);
417
418 // this is the available capabilities assignable in this context
419 $capabilities = fetch_context_capabilities($sitecontext);
420
421 $usehtmleditor = can_use_html_editor();
422
423 switch ($action) {
424 case 'add':
425 print_heading_with_help(get_string('addrole', 'role'), 'roles');
426 break;
427 case 'view':
428 print_heading_with_help(get_string('viewrole', 'role'), 'roles');
429 break;
430 case 'edit':
431 print_heading_with_help(get_string('editrole', 'role'), 'roles');
432 break;
433 }
434
435 echo '<div class="selector">';
436 if ($action == 'view') {
437 popup_form('manage.php?action=view&amp;roleid=', $roleoptions, 'switchrole', $roleid, '', '', '',
438 false, 'self', get_string('selectrole', 'role'));
439
440 echo '<div class="buttons">';
441
442 $legacytype = get_legacy_type($roleid);
443 $options = array();
444 $options['roleid'] = $roleid;
445 $options['action'] = 'edit';
446 print_single_button('manage.php', $options, get_string('edit'));
447 $options['action'] = 'reset';
448 if (empty($legacytype)) {
449 print_single_button('manage.php', $options, get_string('resetrolenolegacy', 'role'));
450 } else {
451 print_single_button('manage.php', $options, get_string('resetrole', 'role'));
452 }
453 $options['action'] = 'duplicate';
454 print_single_button('manage.php', $options, get_string('duplicaterole', 'role'));
455 print_single_button('manage.php', null, get_string('listallroles', 'role'));
456 echo '</div>';
457 }
458 echo '</div>';
459
460 $lang = str_replace('_utf8', '', current_language());
461
462 print_simple_box_start('center');
463 include_once('manage.html');
464 print_simple_box_end();
465
466 if ($usehtmleditor) {
467 use_html_editor('description');
468 }
469
470 } else {
471
472 print_heading_with_help(get_string('roles', 'role'), 'roles');
473
474 $table = new object;
475
476 $table->tablealign = 'center';
477 $table->align = array('right', 'left', 'left', 'left');
478 $table->wrap = array('nowrap', '', 'nowrap','nowrap');
479 $table->cellpadding = 5;
480 $table->cellspacing = 0;
481 $table->width = '90%';
482 $table->data = array();
483
484 $table->head = array(get_string('name'),
485 get_string('description'),
486 get_string('shortname'),
487 get_string('edit'));
488
489 /*************************
490 * List all current roles *
491 **************************/
492
493 foreach ($roles as $role) {
494
495 $stredit = get_string('edit');
496 $strdelete = get_string('delete');
497 $strmoveup = get_string('moveup');
498 $strmovedown = get_string('movedown');
499
500 $row = array();
501 $row[0] = '<a href="manage.php?roleid='.$role->id.'&amp;action=view">'.format_string($role->name).'</a>';
502 $row[1] = format_text($role->description, FORMAT_HTML);
503 $row[2] = s($role->shortname);
504 $row[3] = '<a title="'.$stredit.'" href="manage.php?action=edit&amp;roleid='.$role->id.'">'.
505 '<img src="'.$CFG->pixpath.'/t/edit.gif" class="iconsmall" alt="'.$stredit.'" /></a> ';
506 if (in_array($role->id, $defaultroles)) {
507 $row[3] .= '<img src="'.$CFG->wwwroot.'/pix/spacer.gif" class="iconsmall" alt="" /> ';
508 } else {
509 $row[3] .= '<a title="'.$strdelete.'" href="manage.php?action=delete&amp;roleid='.$role->id.'&amp;sesskey='.sesskey().'">'.
510 '<img src="'.$CFG->pixpath.'/t/delete.gif" class="iconsmall" alt="'.$strdelete.'" /></a> ';
511 }
512 if ($role->sortorder != 0) {
513 $row[3] .= '<a title="'.$strmoveup.'" href="manage.php?action=moveup&amp;roleid='.$role->id.'&amp;sesskey='.sesskey().'">'.
514 '<img src="'.$CFG->pixpath.'/t/up.gif" class="iconsmall" alt="'.$strmoveup.'" /></a> ';
515 } else {
516 $row[3] .= '<img src="'.$CFG->wwwroot.'/pix/spacer.gif" class="iconsmall" alt="" /> ';
517 }
518 if ($role->sortorder+1 < $rolescount) {
519 $row[3] .= '<a title="'.$strmovedown.'" href="manage.php?action=movedown&amp;roleid='.$role->id.'&amp;sesskey='.sesskey().'">'.
520 '<img src="'.$CFG->pixpath.'/t/down.gif" class="iconsmall" alt="'.$strmovedown.'" /></a> ';
521 } else {
522 $row[3] .= '<img src="'.$CFG->wwwroot.'/pix/spacer.gif" class="iconsmall" alt="" /> ';
523 }
524
525 $table->data[] = $row;
526
527 }
528 print_table($table);
529
530 $options = new object();
531 $options->action = 'add';
532 echo '<div class="buttons">';
533 print_single_button('manage.php', $options, get_string('addrole', 'role'), 'get');
534 echo '</div>';
535 }
536
537 admin_externalpage_print_footer();
538 die;
539
540
541 /// ================ some internal functions ====================////
542
543 function switch_roles($first, $second) {
544 $status = true;
545 //first find temorary sortorder number
546 $tempsort = count_records('role') + 3;
547 while (get_record('role','sortorder', $tempsort)) {
548 $tempsort += 3;
549 }
550
551 $r1 = new object();
552 $r1->id = $first->id;
553 $r1->sortorder = $tempsort;
554 $r2 = new object();
555 $r2->id = $second->id;
556 $r2->sortorder = $first->sortorder;
557
558 if (!update_record('role', $r1)) {
559 debugging("Can not update role with ID $r1->id!");
560 $status = false;
561 }
562
563 if (!update_record('role', $r2)) {
564 debugging("Can not update role with ID $r2->id!");
565 $status = false;
566 }
567
568 $r1->sortorder = $second->sortorder;
569 if (!update_record('role', $r1)) {
570 debugging("Can not update role with ID $r1->id!");
571 $status = false;
572 }
573
574 return $status;
575 }
576
577 // duplicates all the base definitions of a role
578 function role_cap_duplicate($sourcerole, $targetrole) {
579 global $CFG;
580 $systemcontext = get_context_instance(CONTEXT_SYSTEM);
581 $caps = get_records_sql("SELECT * FROM {$CFG->prefix}role_capabilities
582 WHERE roleid = $sourcerole->id
583 AND contextid = $systemcontext->id");
584 // adding capabilities
585 foreach ($caps as $cap) {
586 unset($cap->id);
587 $cap->roleid = $targetrole;
588 insert_record('role_capabilities', $cap);
589 }
590 }
591 ?>
Moodle Repo, with LinuxChix modifications