2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * Lets the user edit role definitions.
20 * Responds to actions:
21 * add - add a new role (allows import, duplicate, archetype)
22 * export - save xml role definition
23 * edit - edit the definition of a role
24 * view - view the definition of a role
27 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com)
28 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
31 require_once(__DIR__
. '/../../config.php');
32 require_once($CFG->libdir
.'/adminlib.php');
34 $action = required_param('action', PARAM_ALPHA
);
35 if (!in_array($action, array('add', 'export', 'edit', 'reset', 'view'))) {
36 throw new moodle_exception('invalidaccess');
38 if ($action != 'add') {
39 $roleid = required_param('roleid', PARAM_INT
);
43 $resettype = optional_param('resettype', '', PARAM_RAW
);
44 $return = optional_param('return', 'manage', PARAM_ALPHA
);
46 // Get the base URL for this and related pages into a convenient variable.
47 $baseurl = new moodle_url('/admin/roles/define.php', array('action'=>$action, 'roleid'=>$roleid));
48 $manageurl = new moodle_url('/admin/roles/manage.php');
49 if ($return === 'manage') {
50 $returnurl = $manageurl;
52 $returnurl = new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$roleid));;
55 // Check access permissions.
56 $systemcontext = context_system
::instance();
58 require_capability('moodle/role:manage', $systemcontext);
59 admin_externalpage_setup('defineroles', '', array('action' => $action, 'roleid' => $roleid), new moodle_url('/admin/roles/define.php'));
62 if ($action === 'export') {
63 core_role_preset
::send_export_xml($roleid);
67 // Handle the toggle advanced mode button.
68 $showadvanced = get_user_preferences('definerole_showadvanced', false);
69 if (optional_param('toggleadvanced', false, PARAM_BOOL
)) {
70 $showadvanced = !$showadvanced;
71 set_user_preference('definerole_showadvanced', $showadvanced);
74 // Get some basic data we are going to need.
75 $roles = get_all_roles();
76 $rolenames = role_fix_names($roles, $systemcontext, ROLENAME_ORIGINAL
);
77 $rolescount = count($roles);
79 if ($action === 'add') {
80 $title = get_string('addinganewrole', 'core_role');
81 } else if ($action == 'view') {
82 $title = get_string('viewingdefinitionofrolex', 'core_role', $rolenames[$roleid]->localname
);
83 } else if ($action == 'reset') {
84 $title = get_string('resettingrole', 'core_role', $rolenames[$roleid]->localname
);
86 $title = get_string('editingrolex', 'core_role', $rolenames[$roleid]->localname
);
89 // Decide how to create new role.
90 if ($action === 'add' and $resettype !== 'none') {
91 $mform = new core_role_preset_form(null, array('action'=>'add', 'roleid'=>0, 'resettype'=>'0', 'return'=>'manage'));
92 if ($mform->is_cancelled()) {
95 } else if ($data = $mform->get_data()) {
96 $resettype = $data->resettype
;
103 'contextlevels' => 1,
105 'allowoverride' => 1,
109 $definitiontable = new core_role_define_role_table_advanced($systemcontext, 0);
111 $definitiontable = new core_role_define_role_table_basic($systemcontext, 0);
113 if (is_number($resettype)) {
114 // Duplicate the role.
115 $definitiontable->force_duplicate($resettype, $options);
117 // Must be an archetype.
118 $definitiontable->force_archetype($resettype, $options);
121 if ($xml = $mform->get_file_content('rolepreset')) {
122 $definitiontable->force_preset($xml, $options);
126 echo $OUTPUT->header();
127 echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
129 echo $OUTPUT->footer();
133 } else if ($action === 'reset' and $resettype !== 'none') {
134 if (!$role = $DB->get_record('role', array('id'=>$roleid))) {
135 redirect($manageurl);
137 $resettype = empty($role->archetype
) ?
'0' : $role->archetype
;
138 $mform = new core_role_preset_form(null,
139 array('action'=>'reset', 'roleid'=>$roleid, 'resettype'=>$resettype , 'permissions'=>1, 'archetype'=>1, 'contextlevels'=>1, 'return'=>$return));
140 if ($mform->is_cancelled()) {
141 redirect($returnurl);
143 } else if ($data = $mform->get_data()) {
144 $resettype = $data->resettype
;
146 'shortname' => $data->shortname
,
147 'name' => $data->name
,
148 'description' => $data->description
,
149 'permissions' => $data->permissions
,
150 'archetype' => $data->archetype
,
151 'contextlevels' => $data->contextlevels
,
152 'allowassign' => $data->allowassign
,
153 'allowoverride' => $data->allowoverride
,
154 'allowswitch' => $data->allowswitch
,
155 'allowview' => $data->allowview
);
157 $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid);
159 $definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid);
161 if (is_number($resettype)) {
162 // Duplicate the role.
163 $definitiontable->force_duplicate($resettype, $options);
165 // Must be an archetype.
166 $definitiontable->force_archetype($resettype, $options);
169 if ($xml = $mform->get_file_content('rolepreset')) {
170 $definitiontable->force_preset($xml, $options);
174 echo $OUTPUT->header();
175 echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
177 echo $OUTPUT->footer();
182 // Create the table object.
183 if ($action === 'view') {
184 $definitiontable = new core_role_view_role_definition_table($systemcontext, $roleid);
185 } else if ($showadvanced) {
186 $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid);
188 $definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid);
190 $definitiontable->read_submitted_permissions();
193 // Handle the cancel button.
194 if (optional_param('cancel', false, PARAM_BOOL
)) {
195 redirect($returnurl);
198 // Process submission in necessary.
199 if (optional_param('savechanges', false, PARAM_BOOL
) && confirm_sesskey() && $definitiontable->is_submission_valid()) {
200 $definitiontable->save_changes();
201 $tableroleid = $definitiontable->get_role_id();
203 $event = \core\event\role_capabilities_updated
::create(
205 'context' => $systemcontext,
206 'objectid' => $tableroleid
209 $event->set_legacy_logdata(array(SITEID
, 'role', $action, 'admin/roles/define.php?action=view&roleid=' . $tableroleid,
210 $definitiontable->get_role_name(), '', $USER->id
));
212 $event->add_record_snapshot('role', $role);
216 if ($action === 'add') {
217 redirect(new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$definitiontable->get_role_id())));
219 redirect($returnurl);
223 // Print the page header and tabs.
224 echo $OUTPUT->header();
226 $currenttab = 'manage';
227 require('managetabs.php');
229 echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
231 // Work out some button labels.
232 if ($action === 'add') {
233 $submitlabel = get_string('createthisrole', 'core_role');
235 $submitlabel = get_string('savechanges');
238 // On the view page, show some extra controls at the top.
239 if ($action === 'view') {
240 echo $OUTPUT->container_start('buttons');
241 $url = new moodle_url('/admin/roles/define.php', array('action'=>'edit', 'roleid'=>$roleid, 'return'=>'define'));
242 echo $OUTPUT->single_button(new moodle_url($url), get_string('edit'));
243 $url = new moodle_url('/admin/roles/define.php', array('action'=>'reset', 'roleid'=>$roleid, 'return'=>'define'));
244 echo $OUTPUT->single_button(new moodle_url($url), get_string('resetrole', 'core_role'));
245 $url = new moodle_url('/admin/roles/define.php', array('action'=>'export', 'roleid'=>$roleid));
246 echo $OUTPUT->single_button(new moodle_url($url), get_string('export', 'core_role'));
247 echo $OUTPUT->single_button($manageurl, get_string('listallroles', 'core_role'));
248 echo $OUTPUT->container_end();
252 echo $OUTPUT->box_start('generalbox');
253 if ($action === 'view') {
254 echo '<div class="mform">';
257 <form id
="rolesform" class="mform fcontainer" action
="<?php p($baseurl->out(false)); ?>" method
="post"><div
>
258 <input type
="hidden" name
="sesskey" value
="<?php p(sesskey()) ?>" />
259 <input type
="hidden" name
="return" value
="<?php p($return); ?>" />
260 <input type
="hidden" name
="resettype" value
="none" />
261 <div
class="submitbuttons">
262 <input type
="submit" name
="savechanges" class="btn btn-primary" value
="<?php p($submitlabel); ?>" />
263 <input type
="submit" name
="cancel" class="btn btn-secondary" value
="<?php print_string('cancel'); ?>" />
268 // Print the form controls.
269 $definitiontable->display();
271 // Close the stuff we left open above.
272 if ($action === 'view') {
276 <div
class="submitbuttons">
277 <input type
="submit" name
="savechanges" class="btn btn-primary" value
="<?php p($submitlabel); ?>" />
278 <input type
="submit" name
="cancel" class="btn btn-secondary" value
="<?php print_string('cancel'); ?>" />
283 echo $OUTPUT->box_end();
285 // Print a link back to the all roles list.
286 echo '<div class="backlink">';
287 echo '<p><a href="' . s($manageurl->out(false)) . '">' . get_string('backtoallroles', 'core_role') . '</a></p>';
290 echo $OUTPUT->footer();