enrol/ajax.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * This file processes AJAX enrolment actions and returns JSON
  19  *
  20  * The general idea behind this file is that any errors should throw exceptions
  21  * which will be returned and acted upon by the calling AJAX script.
  22  *
  23  * @package    core_enrol
  24  * @copyright  2010 Sam Hemelryk
  25  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  26  */
  27
  28 define('AJAX_SCRIPT', true);
  29
  30 require('../config.php');
  31 require_once("$CFG->dirroot/enrol/locallib.php");
  32 require_once("$CFG->dirroot/enrol/renderer.php");
  33 require_once("$CFG->dirroot/group/lib.php");
  34
  35 // Must have the sesskey
  36 $id      = required_param('id', PARAM_INT); // course id
  37 $action  = required_param('action', PARAM_ALPHANUMEXT);
  38
  39 $PAGE->set_url(new moodle_url('/enrol/ajax.php', array('id'=>$id, 'action'=>$action)));
  40
  41 $course = $DB->get_record('course', array('id'=>$id), '*', MUST_EXIST);
  42 $context = context_course::instance($course->id, MUST_EXIST);
  43
  44 if ($course->id == SITEID) {
  45     throw new moodle_exception('invalidcourse');
  46 }
  47
  48 require_login($course);
  49 require_capability('moodle/course:enrolreview', $context);
  50 require_sesskey();
  51
  52 echo $OUTPUT->header(); // send headers
  53
  54 $manager = new course_enrolment_manager($PAGE, $course);
  55
  56 $outcome = new stdClass();
  57 $outcome->success = true;
  58 $outcome->response = new stdClass();
  59 $outcome->error = '';
  60
  61 $searchanywhere = get_user_preferences('userselector_searchtype') === USER_SEARCH_CONTAINS;
  62
  63 switch ($action) {
  64     case 'unenrol':
  65         $ue = $DB->get_record('user_enrolments', array('id'=>required_param('ue', PARAM_INT)), '*', MUST_EXIST);
  66         list ($instance, $plugin) = $manager->get_user_enrolment_components($ue);
  67         if (!$instance || !$plugin || !enrol_is_enabled($instance->enrol) || !$plugin->allow_unenrol_user($instance, $ue) || !has_capability("enrol/$instance->enrol:unenrol", $manager->get_context()) || !$manager->unenrol_user($ue)) {
  68             throw new enrol_ajax_exception('unenrolnotpermitted');
  69         }
  70         break;
  71     case 'unassign':
  72         $role = required_param('role', PARAM_INT);
  73         $user = required_param('user', PARAM_INT);
  74         if (!has_capability('moodle/role:assign', $manager->get_context()) || !$manager->unassign_role_from_user($user, $role)) {
  75             throw new enrol_ajax_exception('unassignnotpermitted');
  76         }
  77         break;
  78     case 'assign':
  79         $user = $DB->get_record('user', array('id'=>required_param('user', PARAM_INT)), '*', MUST_EXIST);
  80         $roleid = required_param('roleid', PARAM_INT);
  81         if (!array_key_exists($roleid, $manager->get_assignable_roles())) {
  82             throw new enrol_ajax_exception('invalidrole');
  83         }
  84         if (!has_capability('moodle/role:assign', $manager->get_context()) || !$manager->assign_role_to_user($roleid, $user->id)) {
  85             throw new enrol_ajax_exception('assignnotpermitted');
  86         }
  87         $outcome->response->roleid = $roleid;
  88         break;
  89     case 'getassignable':
  90         $otheruserroles = optional_param('otherusers', false, PARAM_BOOL);
  91         $outcome->response = $manager->get_assignable_roles_for_json($otheruserroles);
  92         break;
  93     case 'searchotherusers':
  94         $search = optional_param('search', '', PARAM_RAW);
  95         $page = optional_param('page', 0, PARAM_INT);
  96         $outcome->response = $manager->search_other_users($search, $searchanywhere, $page);
  97         // TODO Does not support custom user profile fields (MDL-70456).
  98         $extrafields = \core_user\fields::get_identity_fields($context, false);
  99         $useroptions = array();
 100         // User is not enrolled, either link to site profile or do not link at all.
 101         if (has_capability('moodle/user:viewdetails', context_system::instance())) {
 102             $useroptions['courseid'] = SITEID;
 103         } else {
 104             $useroptions['link'] = false;
 105         }
 106         foreach ($outcome->response['users'] as &$user) {
 107             $user->userId = $user->id;
 108             $user->picture = $OUTPUT->user_picture($user, $useroptions);
 109             $user->fullname = fullname($user);
 110             $fieldvalues = array();
 111             foreach ($extrafields as $field) {
 112                 $fieldvalues[] = s($user->{$field});
 113                 unset($user->{$field});
 114             }
 115             $user->extrafields = implode(', ', $fieldvalues);
 116             unset($user->id);
 117         }
 118         // Chrome will display users in the order of the array keys, so we need
 119         // to ensure that the results ordered array keys. Fortunately, the JavaScript
 120         // does not care what the array keys are. It uses user.id where necessary.
 121         $outcome->response['users'] = array_values($outcome->response['users']);
 122         $outcome->success = true;
 123         break;
 124     default:
 125         throw new enrol_ajax_exception('unknowajaxaction');
 126 }
 127
 128 echo json_encode($outcome);
 129 die();