admin/roles/check.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Shows the result of has_capability for every capability for a user in a context.
  19  *
  20  * @package    core_role
  21  * @copyright  1999 onwards Martin Dougiamas (http://dougiamas.com)
  22  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23  */
  24
  25 require_once(__DIR__ . '/../../config.php');
  26
  27 $contextid = required_param('contextid', PARAM_INT);
  28 $returnurl  = optional_param('returnurl', null, PARAM_LOCALURL);
  29
  30 list($context, $course, $cm) = get_context_info_array($contextid);
  31
  32 $url = new moodle_url('/admin/roles/check.php', array('contextid' => $contextid));
  33
  34 if ($course) {
  35     $isfrontpage = ($course->id == SITEID);
  36 } else {
  37     $isfrontpage = false;
  38     if ($context->contextlevel == CONTEXT_USER) {
  39         $course = $DB->get_record('course', array('id'=>optional_param('courseid', SITEID, PARAM_INT)), '*', MUST_EXIST);
  40         $user = $DB->get_record('user', array('id'=>$context->instanceid), '*', MUST_EXIST);
  41         $url->param('courseid', $course->id);
  42         $url->param('userid', $user->id);
  43     } else {
  44         $course = $SITE;
  45     }
  46 }
  47
  48 // Security first.
  49 require_login($course, false, $cm);
  50 if (!has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride', 'moodle/role:override', 'moodle/role:manage'), $context)) {
  51     print_error('nopermissions', 'error', '', get_string('checkpermissions', 'core_role'));
  52 }
  53
  54 navigation_node::override_active_url($url);
  55 $pageurl = new moodle_url($url);
  56 if ($returnurl) {
  57     $pageurl->param('returnurl', $returnurl);
  58 }
  59 $PAGE->set_url($pageurl);
  60
  61 if ($context->contextlevel == CONTEXT_USER and $USER->id != $context->instanceid) {
  62     $PAGE->navbar->includesettingsbase = true;
  63     $PAGE->navigation->extend_for_user($user);
  64     $PAGE->set_context(context_course::instance($course->id));
  65 } else {
  66     $PAGE->set_context($context);
  67 }
  68
  69 $PAGE->set_context($context);
  70
  71 $courseid = $course->id;
  72 $contextname = $context->get_context_name();
  73
  74 // Get the user_selector we will need.
  75 // Teachers within a course just get to see the same list of enrolled users.
  76 // Admins (people with moodle/role:manage) can run this report for any user.
  77 $options = array('accesscontext' => $context);
  78 $userselector = new core_role_check_users_selector('reportuser', $options);
  79 $userselector->set_rows(20);
  80
  81 // Work out an appropriate page title.
  82 $title = get_string('checkpermissionsin', 'core_role', $contextname);
  83
  84 $PAGE->set_pagelayout('admin');
  85 if ($context->contextlevel == CONTEXT_BLOCK) {
  86     // Do not show blocks when changing block's settings, it is confusing.
  87     $PAGE->blocks->show_only_fake_blocks(true);
  88 }
  89 $PAGE->set_title($title);
  90
  91 switch ($context->contextlevel) {
  92     case CONTEXT_SYSTEM:
  93         require_once($CFG->libdir.'/adminlib.php');
  94         admin_externalpage_setup('checkpermissions', '', array('contextid' => $contextid));
  95         break;
  96     case CONTEXT_USER:
  97         $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $context));
  98         $PAGE->set_heading($fullname);
  99         $showroles = 1;
 100         break;
 101     case CONTEXT_COURSECAT:
 102         $PAGE->set_heading($SITE->fullname);
 103         break;
 104     case CONTEXT_COURSE:
 105         if ($isfrontpage) {
 106             $PAGE->set_heading(get_string('frontpage', 'admin'));
 107         } else {
 108             $PAGE->set_heading($course->fullname);
 109         }
 110         break;
 111     case CONTEXT_MODULE:
 112         $PAGE->set_heading($context->get_context_name(false));
 113         $PAGE->set_cacheable(false);
 114         break;
 115     case CONTEXT_BLOCK:
 116         $PAGE->set_heading($PAGE->course->fullname);
 117         break;
 118 }
 119
 120 // Get the list of the reported-on user's role assignments - must be after
 121 // the page setup code above, or the language might be wrong.
 122 $reportuser = $userselector->get_selected_user();
 123 if (!is_null($reportuser)) {
 124     $roleassignments = get_user_roles_with_special($context, $reportuser->id);
 125     $rolenames = role_get_names($context);
 126 }
 127
 128 echo $OUTPUT->header();
 129
 130 // Print heading.
 131 echo $OUTPUT->heading($title);
 132
 133 // If a user has been chosen, show all the permissions for this user.
 134 if (!is_null($reportuser)) {
 135     echo $OUTPUT->box_start('generalbox boxaligncenter boxwidthwide');
 136
 137     if (!empty($roleassignments)) {
 138         echo $OUTPUT->heading(get_string('rolesforuser', 'core_role', fullname($reportuser)), 3);
 139         echo html_writer::start_tag('ul');
 140
 141         $systemcontext = context_system::instance();
 142         foreach ($roleassignments as $ra) {
 143             $racontext = context::instance_by_id($ra->contextid);
 144             $link = html_writer::link($racontext->get_url(), $racontext->get_context_name());
 145
 146             $rolename = $rolenames[$ra->roleid]->localname;
 147             if (has_capability('moodle/role:manage', $systemcontext)) {
 148                 $rolename = html_writer::link(new moodle_url('/admin/roles/define.php',
 149                         array('action' => 'view', 'roleid' => $ra->roleid)), $rolename);
 150             }
 151
 152             echo html_writer::tag('li', get_string('roleincontext', 'core_role',
 153                     array('role' => $rolename, 'context' => $link)));
 154         }
 155         echo html_writer::end_tag('ul');
 156     }
 157
 158     echo $OUTPUT->heading(get_string('permissionsforuser', 'core_role', fullname($reportuser)), 3);
 159     $table = new core_role_check_capability_table($context, $reportuser, $contextname);
 160     $table->display();
 161     echo $OUTPUT->box_end();
 162
 163     $selectheading = get_string('selectanotheruser', 'core_role');
 164 } else {
 165     $selectheading = get_string('selectauser', 'core_role');
 166 }
 167
 168 // Show UI for choosing a user to report on.
 169 echo $OUTPUT->box_start('generalbox boxwidthnormal boxaligncenter', 'chooseuser');
 170 echo '<form method="post" action="' . $PAGE->url . '" >';
 171
 172 // User selector.
 173 echo $OUTPUT->heading('<label for="reportuser">' . $selectheading . '</label>', 3);
 174 $userselector->display();
 175
 176 // Submit button and the end of the form.
 177 echo '<p id="chooseusersubmit"><input type="submit" value="' . get_string('showthisuserspermissions', 'core_role') . '" ' .
 178      'class="btn btn-primary"/></p>';
 179 echo '</form>';
 180 echo $OUTPUT->box_end();
 181
 182 // Appropriate back link.
 183 if ($context->contextlevel > CONTEXT_USER) {
 184     echo html_writer::start_tag('div', array('class'=>'backlink'));
 185     if ($returnurl) {
 186         $backurl = new moodle_url($returnurl);
 187     } else {
 188         $backurl = $context->get_url();
 189     }
 190     echo html_writer::link($backurl, get_string('backto', '', $contextname));
 191     echo html_writer::end_tag('div');
 192 }
 193
 194 echo $OUTPUT->footer();
 195