2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * User roles report list all the users who have been assigned a particular
19 * role in all contexts.
22 * @copyright © 2007 The Open University and others
23 * @author t.j.hunt@open.ac.uk and others
24 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
27 require_once(__DIR__
. '/../../config.php');
30 $userid = required_param('userid', PARAM_INT
);
31 $courseid = required_param('courseid', PARAM_INT
);
33 // Validate them and get the corresponding objects.
34 $user = $DB->get_record('user', array('id' => $userid), '*', MUST_EXIST
);
35 $course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST
);
37 $usercontext = context_user
::instance($user->id
);
38 $coursecontext = context_course
::instance($course->id
);
39 $systemcontext = context_system
::instance();
41 $baseurl = new moodle_url('/admin/roles/usersroles.php', array('userid'=>$userid, 'courseid'=>$courseid));
43 $PAGE->set_url($baseurl);
44 $PAGE->set_pagelayout('admin');
46 // Check login and permissions.
47 if ($course->id
== SITEID
) {
49 $PAGE->set_context($usercontext);
51 require_login($course);
52 $PAGE->set_context($coursecontext);
55 $canview = has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride',
56 'moodle/role:override', 'moodle/role:manage'), $usercontext);
58 print_error('nopermissions', 'error', '', get_string('checkpermissions', 'core_role'));
61 if ($userid != $USER->id
) {
62 // If its not the current user we need to extend the navigation for that user to ensure
63 // their navigation is loaded and this page found upon it.
64 $PAGE->navigation
->extend_for_user($user);
66 if ($course->id
!= $SITE->id ||
$userid != $USER->id
) {
67 // If we're within a course OR if we're viewing another user then we need to include the
68 // settings base on the navigation to ensure that the navbar will contain the users name.
69 $PAGE->navbar
->includesettingsbase
= true;
72 // Now get the role assignments for this user.
73 $sql = "SELECT ra.id, ra.userid, ra.contextid, ra.roleid, ra.component, ra.itemid, c.path
74 FROM {role_assignments} ra
75 JOIN {context} c ON ra.contextid = c.id
76 JOIN {role} r ON ra.roleid = r.id
78 ORDER BY contextlevel DESC, contextid ASC, r.sortorder ASC";
79 $roleassignments = $DB->get_records_sql($sql, array($user->id
));
81 $allroles = role_fix_names(get_all_roles());
83 // In order to display a nice tree of contexts, we need to get all the
84 // ancestors of all the contexts in the query we just did.
85 $requiredcontexts = array();
86 foreach ($roleassignments as $ra) {
87 $requiredcontexts = array_merge($requiredcontexts, explode('/', trim($ra->path
, '/')));
89 $requiredcontexts = array_unique($requiredcontexts);
91 // Now load those contexts.
92 if ($requiredcontexts) {
93 list($sqlcontexttest, $contextparams) = $DB->get_in_or_equal($requiredcontexts);
94 $contexts = get_sorted_contexts('ctx.id ' . $sqlcontexttest, $contextparams);
99 // Prepare some empty arrays to hold the data we are about to compute.
100 foreach ($contexts as $conid => $con) {
101 $contexts[$conid]->children
= array();
102 $contexts[$conid]->roleassignments
= array();
105 // Put the contexts into a tree structure.
106 foreach ($contexts as $conid => $con) {
107 $context = context
::instance_by_id($conid);
108 $parentcontext = $context->get_parent_context();
109 if ($parentcontext) {
110 $contexts[$parentcontext->id
]->children
[] = $conid;
114 // Put the role capabilities into the context tree.
115 foreach ($roleassignments as $ra) {
116 $contexts[$ra->contextid
]->roleassignments
[$ra->roleid
] = $ra;
119 $assignableroles = get_assignable_roles($usercontext, ROLENAME_BOTH
);
120 $overridableroles = get_overridable_roles($usercontext, ROLENAME_BOTH
);
123 $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $coursecontext));
124 $straction = get_string('thisusersroles', 'core_role');
125 $title = get_string('xroleassignments', 'core_role', $fullname);
128 $PAGE->set_title($title);
129 if ($courseid == SITEID
) {
130 $PAGE->set_heading($fullname);
132 $PAGE->set_heading($course->fullname
.': '.$fullname);
134 echo $OUTPUT->header();
135 echo $OUTPUT->heading($title);
136 echo $OUTPUT->box_start('generalbox boxaligncenter boxwidthnormal');
139 if (!$roleassignments) {
140 echo '<p>', get_string('noroleassignments', 'core_role'), '</p>';
142 print_report_tree($systemcontext->id
, $contexts, $systemcontext, $fullname, $allroles);
146 echo $OUTPUT->box_end();
147 echo $OUTPUT->footer();
149 function print_report_tree($contextid, $contexts, $systemcontext, $fullname, $allroles) {
150 global $CFG, $OUTPUT;
152 // Only compute lang strings, etc once.
153 static $stredit = null, $strcheckpermissions, $globalroleassigner, $assignurl, $checkurl;
154 if (is_null($stredit)) {
155 $stredit = get_string('edit');
156 $strcheckpermissions = get_string('checkpermissions', 'core_role');
157 $globalroleassigner = has_capability('moodle/role:assign', $systemcontext);
158 $assignurl = $CFG->wwwroot
. '/' . $CFG->admin
. '/roles/assign.php';
159 $checkurl = $CFG->wwwroot
. '/' . $CFG->admin
. '/roles/check.php';
162 // Pull the current context into an array for convenience.
163 $context = context
::instance_by_id($contextid);
165 // Print the context name.
166 echo $OUTPUT->heading(html_writer
::link($context->get_url(), $context->get_context_name()),
169 // If there are any role assignments here, print them.
170 foreach ($contexts[$contextid]->roleassignments
as $ra) {
171 $role = $allroles[$ra->roleid
];
173 $value = $ra->contextid
. ',' . $ra->roleid
;
174 $inputid = 'unassign' . $value;
177 echo $role->localname
;
178 if (has_capability('moodle/role:assign', $context)) {
179 $raurl = $assignurl . '?contextid=' . $ra->contextid
. '&roleid=' .
180 $ra->roleid
. '&removeselect[]=' . $ra->userid
;
181 $churl = $checkurl . '?contextid=' . $ra->contextid
. '&reportuser=' . $ra->userid
;
182 if ($context->contextlevel
== CONTEXT_USER
) {
183 $raurl .= '&userid=' . $context->instanceid
;
184 $churl .= '&userid=' . $context->instanceid
;
187 $a->fullname
= $fullname;
188 $a->contextlevel
= $context->get_level_name();
189 if ($context->contextlevel
== CONTEXT_SYSTEM
) {
190 $strgoto = get_string('gotoassignsystemroles', 'core_role');
191 $strcheck = get_string('checksystempermissionsfor', 'core_role', $a);
193 $strgoto = get_string('gotoassignroles', 'core_role', $a);
194 $strcheck = get_string('checkuserspermissionshere', 'core_role', $a);
196 echo ' <a title="' . $strgoto . '" href="' . $raurl . '">' . $OUTPUT->pix_icon('t/edit', $stredit) . '</a> ';
197 echo ' <a title="' . $strcheck . '" href="' . $churl . '">' . $OUTPUT->pix_icon('t/preview', $strcheckpermissions) . '</a> ';
202 // If there are any child contexts, print them recursively.
203 if (!empty($contexts[$contextid]->children
)) {
205 foreach ($contexts[$contextid]->children
as $childcontextid) {
207 print_report_tree($childcontextid, $contexts, $systemcontext, $fullname, $allroles);
