admin/roles/check.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Shows the result of has_capability for every capability for a user in a context.
  19  *
  20  * @package    core_role
  21  * @copyright  1999 onwards Martin Dougiamas (http://dougiamas.com)
  22  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23  */
  24
  25 require_once(dirname(__FILE__) . '/../../config.php');
  26
  27 $contextid = required_param('contextid', PARAM_INT);
  28
  29 list($context, $course, $cm) = get_context_info_array($contextid);
  30
  31 $url = new moodle_url('/admin/roles/check.php', array('contextid' => $contextid));
  32
  33 if ($course) {
  34     $isfrontpage = ($course->id == SITEID);
  35 } else {
  36     $isfrontpage = false;
  37     if ($context->contextlevel == CONTEXT_USER) {
  38         $course = $DB->get_record('course', array('id'=>optional_param('courseid', SITEID, PARAM_INT)), '*', MUST_EXIST);
  39         $user = $DB->get_record('user', array('id'=>$context->instanceid), '*', MUST_EXIST);
  40         $url->param('courseid', $course->id);
  41         $url->param('userid', $user->id);
  42     } else {
  43         $course = $SITE;
  44     }
  45 }
  46
  47 // Security first.
  48 require_login($course, false, $cm);
  49 if (!has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride', 'moodle/role:override', 'moodle/role:manage'), $context)) {
  50     print_error('nopermissions', 'error', '', get_string('checkpermissions', 'core_role'));
  51 }
  52 $PAGE->set_url($url);
  53
  54 if ($context->contextlevel == CONTEXT_USER and $USER->id != $context->instanceid) {
  55     $PAGE->navigation->extend_for_user($user);
  56     $PAGE->set_context(context_course::instance($course->id));
  57 } else {
  58     $PAGE->set_context($context);
  59 }
  60
  61 $PAGE->set_context($context);
  62
  63 $courseid = $course->id;
  64 $contextname = $context->get_context_name();
  65
  66 // Get the user_selector we will need.
  67 // Teachers within a course just get to see the same list of enrolled users.
  68 // Admins (people with moodle/role:manage) can run this report for any user.
  69 $options = array('accesscontext' => $context);
  70 $userselector = new core_role_check_users_selector('reportuser', $options);
  71 $userselector->set_rows(20);
  72
  73 // Work out an appropriate page title.
  74 $title = get_string('checkpermissionsin', 'core_role', $contextname);
  75
  76 $PAGE->set_pagelayout('admin');
  77 $PAGE->set_title($title);
  78
  79 switch ($context->contextlevel) {
  80     case CONTEXT_SYSTEM:
  81         require_once($CFG->libdir.'/adminlib.php');
  82         admin_externalpage_setup('checkpermissions', '', array('contextid' => $contextid));
  83         break;
  84     case CONTEXT_USER:
  85         $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $context));
  86         $PAGE->set_heading($fullname);
  87         $showroles = 1;
  88         break;
  89     case CONTEXT_COURSECAT:
  90         $PAGE->set_heading($SITE->fullname);
  91         break;
  92     case CONTEXT_COURSE:
  93         if ($isfrontpage) {
  94             $PAGE->set_heading(get_string('frontpage', 'admin'));
  95         } else {
  96             $PAGE->set_heading($course->fullname);
  97         }
  98         break;
  99     case CONTEXT_MODULE:
 100         $PAGE->set_heading($context->get_context_name(false));
 101         $PAGE->set_cacheable(false);
 102         break;
 103     case CONTEXT_BLOCK:
 104         $PAGE->set_heading($PAGE->course->fullname);
 105         break;
 106 }
 107
 108 // Get the list of the reported-on user's role assignments - must be after
 109 // the page setup code above, or the language might be wrong.
 110 $reportuser = $userselector->get_selected_user();
 111 if (!is_null($reportuser)) {
 112     $roleassignments = get_user_roles_with_special($context, $reportuser->id);
 113     $rolenames = role_get_names($context);
 114 }
 115
 116 echo $OUTPUT->header();
 117
 118 // Print heading.
 119 echo $OUTPUT->heading($title);
 120
 121 // If a user has been chosen, show all the permissions for this user.
 122 if (!is_null($reportuser)) {
 123     echo $OUTPUT->box_start('generalbox boxaligncenter boxwidthwide');
 124
 125     if (!empty($roleassignments)) {
 126         echo $OUTPUT->heading(get_string('rolesforuser', 'core_role', fullname($reportuser)), 3);
 127         echo html_writer::start_tag('ul');
 128
 129         $systemcontext = context_system::instance();
 130         foreach ($roleassignments as $ra) {
 131             $racontext = context::instance_by_id($ra->contextid);
 132             $link = html_writer::link($racontext->get_url(), $racontext->get_context_name());
 133
 134             $rolename = $rolenames[$ra->roleid]->localname;
 135             if (has_capability('moodle/role:manage', $systemcontext)) {
 136                 $rolename = html_writer::link(new moodle_url('/admin/roles/define.php',
 137                         array('action' => 'view', 'roleid' => $ra->roleid)), $rolename);
 138             }
 139
 140             echo html_writer::tag('li', get_string('roleincontext', 'core_role',
 141                     array('role' => $rolename, 'context' => $link)));
 142         }
 143         echo html_writer::end_tag('ul');
 144     }
 145
 146     echo $OUTPUT->heading(get_string('permissionsforuser', 'core_role', fullname($reportuser)), 3);
 147     $table = new core_role_check_capability_table($context, $reportuser, $contextname);
 148     $table->display();
 149     echo $OUTPUT->box_end();
 150
 151     $selectheading = get_string('selectanotheruser', 'core_role');
 152 } else {
 153     $selectheading = get_string('selectauser', 'core_role');
 154 }
 155
 156 // Show UI for choosing a user to report on.
 157 echo $OUTPUT->box_start('generalbox boxwidthnormal boxaligncenter', 'chooseuser');
 158 echo '<form method="get" action="' . $CFG->wwwroot . '/' . $CFG->admin . '/roles/check.php" >';
 159
 160 // Hidden fields.
 161 echo '<input type="hidden" name="contextid" value="' . $context->id . '" />';
 162 if (!empty($user->id)) {
 163     echo '<input type="hidden" name="userid" value="' . $user->id . '" />';
 164 }
 165 if ($isfrontpage) {
 166     echo '<input type="hidden" name="courseid" value="' . $courseid . '" />';
 167 }
 168
 169 // User selector.
 170 echo $OUTPUT->heading('<label for="reportuser">' . $selectheading . '</label>', 3);
 171 $userselector->display();
 172
 173 // Submit button and the end of the form.
 174 echo '<p id="chooseusersubmit"><input type="submit" value="' . get_string('showthisuserspermissions', 'core_role') . '" /></p>';
 175 echo '</form>';
 176 echo $OUTPUT->box_end();
 177
 178 // Appropriate back link.
 179 if ($context->contextlevel > CONTEXT_USER) {
 180     echo html_writer::start_tag('div', array('class'=>'backlink'));
 181     echo html_writer::tag('a', get_string('backto', '', $contextname), array('href'=>$context->get_url()));
 182     echo html_writer::end_tag('div');
 183 }
 184
 185 echo $OUTPUT->footer();
 186