admin/roles/define.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Lets the user edit role definitions.
  19  *
  20  * Responds to actions:
  21  *   add       - add a new role (allows import, duplicate, archetype)
  22  *   export    - save xml role definition
  23  *   edit      - edit the definition of a role
  24  *   view      - view the definition of a role
  25  *
  26  * @package    core_role
  27  * @copyright  1999 onwards Martin Dougiamas (http://dougiamas.com)
  28  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  29  */
  30
  31 require_once(__DIR__ . '/../../config.php');
  32 require_once($CFG->libdir.'/adminlib.php');
  33
  34 $action = required_param('action', PARAM_ALPHA);
  35 if (!in_array($action, array('add', 'export', 'edit', 'reset', 'view'))) {
  36     throw new moodle_exception('invalidaccess');
  37 }
  38 if ($action != 'add') {
  39     $roleid = required_param('roleid', PARAM_INT);
  40 } else {
  41     $roleid = 0;
  42 }
  43 $resettype = optional_param('resettype', '', PARAM_RAW);
  44 $return = optional_param('return', 'manage', PARAM_ALPHA);
  45
  46 // Get the base URL for this and related pages into a convenient variable.
  47 $baseurl = new moodle_url('/admin/roles/define.php', array('action'=>$action, 'roleid'=>$roleid));
  48 $manageurl = new moodle_url('/admin/roles/manage.php');
  49 if ($return === 'manage') {
  50     $returnurl = $manageurl;
  51 } else {
  52     $returnurl = new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$roleid));;
  53 }
  54
  55 // Check access permissions.
  56 $systemcontext = context_system::instance();
  57 require_login();
  58 require_capability('moodle/role:manage', $systemcontext);
  59 admin_externalpage_setup('defineroles', '', array('action' => $action, 'roleid' => $roleid), new moodle_url('/admin/roles/define.php'));
  60
  61 // Export role.
  62 if ($action === 'export') {
  63     core_role_preset::send_export_xml($roleid);
  64     die;
  65 }
  66
  67 // Handle the toggle advanced mode button.
  68 $showadvanced = get_user_preferences('definerole_showadvanced', false);
  69 if (optional_param('toggleadvanced', false, PARAM_BOOL)) {
  70     $showadvanced = !$showadvanced;
  71     set_user_preference('definerole_showadvanced', $showadvanced);
  72 }
  73
  74 // Get some basic data we are going to need.
  75 $roles = get_all_roles();
  76 $rolenames = role_fix_names($roles, $systemcontext, ROLENAME_ORIGINAL);
  77 $rolescount = count($roles);
  78
  79 if ($action === 'add') {
  80     $title = get_string('addinganewrole', 'core_role');
  81 } else if ($action == 'view') {
  82     $title = get_string('viewingdefinitionofrolex', 'core_role', $rolenames[$roleid]->localname);
  83 } else if ($action == 'reset') {
  84     $title = get_string('resettingrole', 'core_role', $rolenames[$roleid]->localname);
  85 } else {
  86     $title = get_string('editingrolex', 'core_role', $rolenames[$roleid]->localname);
  87 }
  88
  89 // Decide how to create new role.
  90 if ($action === 'add' and $resettype !== 'none') {
  91     $mform = new core_role_preset_form(null, array('action'=>'add', 'roleid'=>0, 'resettype'=>'0', 'return'=>'manage'));
  92     if ($mform->is_cancelled()) {
  93         redirect($manageurl);
  94
  95     } else if ($data = $mform->get_data()) {
  96         $resettype = $data->resettype;
  97         $options = array(
  98             'shortname'     => 1,
  99             'name'          => 1,
 100             'description'   => 1,
 101             'permissions'   => 1,
 102             'archetype'     => 1,
 103             'contextlevels' => 1,
 104             'allowassign'   => 1,
 105             'allowoverride' => 1,
 106             'allowswitch'   => 1,
 107             'allowview'   => 1);
 108         if ($showadvanced) {
 109             $definitiontable = new core_role_define_role_table_advanced($systemcontext, 0);
 110         } else {
 111             $definitiontable = new core_role_define_role_table_basic($systemcontext, 0);
 112         }
 113         if (is_number($resettype)) {
 114             // Duplicate the role.
 115             $definitiontable->force_duplicate($resettype, $options);
 116         } else {
 117             // Must be an archetype.
 118             $definitiontable->force_archetype($resettype, $options);
 119         }
 120
 121         if ($xml = $mform->get_file_content('rolepreset')) {
 122             $definitiontable->force_preset($xml, $options);
 123         }
 124
 125     } else {
 126         echo $OUTPUT->header();
 127         echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
 128         $mform->display();
 129         echo $OUTPUT->footer();
 130         die;
 131     }
 132
 133 } else if ($action === 'reset' and $resettype !== 'none') {
 134     if (!$role = $DB->get_record('role', array('id'=>$roleid))) {
 135         redirect($manageurl);
 136     }
 137     $resettype = empty($role->archetype) ? '0' : $role->archetype;
 138     $mform = new core_role_preset_form(null,
 139         array('action'=>'reset', 'roleid'=>$roleid, 'resettype'=>$resettype , 'permissions'=>1, 'archetype'=>1, 'contextlevels'=>1, 'return'=>$return));
 140     if ($mform->is_cancelled()) {
 141         redirect($returnurl);
 142
 143     } else if ($data = $mform->get_data()) {
 144         $resettype = $data->resettype;
 145         $options = array(
 146             'shortname'     => $data->shortname,
 147             'name'          => $data->name,
 148             'description'   => $data->description,
 149             'permissions'   => $data->permissions,
 150             'archetype'     => $data->archetype,
 151             'contextlevels' => $data->contextlevels,
 152             'allowassign'   => $data->allowassign,
 153             'allowoverride' => $data->allowoverride,
 154             'allowswitch'   => $data->allowswitch,
 155             'allowview'     => $data->allowview);
 156         if ($showadvanced) {
 157             $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid);
 158         } else {
 159             $definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid);
 160         }
 161         if (is_number($resettype)) {
 162             // Duplicate the role.
 163             $definitiontable->force_duplicate($resettype, $options);
 164         } else {
 165             // Must be an archetype.
 166             $definitiontable->force_archetype($resettype, $options);
 167         }
 168
 169         if ($xml = $mform->get_file_content('rolepreset')) {
 170             $definitiontable->force_preset($xml, $options);
 171         }
 172
 173     } else {
 174         echo $OUTPUT->header();
 175         echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
 176         $mform->display();
 177         echo $OUTPUT->footer();
 178         die;
 179     }
 180
 181 } else {
 182     // Create the table object.
 183     if ($action === 'view') {
 184         $definitiontable = new core_role_view_role_definition_table($systemcontext, $roleid);
 185     } else if ($showadvanced) {
 186         $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid);
 187     } else {
 188         $definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid);
 189     }
 190     $definitiontable->read_submitted_permissions();
 191 }
 192
 193 // Handle the cancel button.
 194 if (optional_param('cancel', false, PARAM_BOOL)) {
 195     redirect($returnurl);
 196 }
 197
 198 // Process submission in necessary.
 199 if (optional_param('savechanges', false, PARAM_BOOL) && confirm_sesskey() && $definitiontable->is_submission_valid()) {
 200     $definitiontable->save_changes();
 201     $tableroleid = $definitiontable->get_role_id();
 202     // Trigger event.
 203     $event = \core\event\role_capabilities_updated::create(
 204         array(
 205             'context' => $systemcontext,
 206             'objectid' => $tableroleid
 207         )
 208     );
 209     $event->set_legacy_logdata(array(SITEID, 'role', $action, 'admin/roles/define.php?action=view&roleid=' . $tableroleid,
 210         $definitiontable->get_role_name(), '', $USER->id));
 211     if (!empty($role)) {
 212         $event->add_record_snapshot('role', $role);
 213     }
 214     $event->trigger();
 215
 216     if ($action === 'add') {
 217         redirect(new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$definitiontable->get_role_id())));
 218     } else {
 219         redirect($returnurl);
 220     }
 221 }
 222
 223 // Print the page header and tabs.
 224 echo $OUTPUT->header();
 225
 226 $currenttab = 'manage';
 227 require('managetabs.php');
 228
 229 echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
 230
 231 // Work out some button labels.
 232 if ($action === 'add') {
 233     $submitlabel = get_string('createthisrole', 'core_role');
 234 } else {
 235     $submitlabel = get_string('savechanges');
 236 }
 237
 238 // On the view page, show some extra controls at the top.
 239 if ($action === 'view') {
 240     echo $OUTPUT->container_start('buttons');
 241     $url = new moodle_url('/admin/roles/define.php', array('action'=>'edit', 'roleid'=>$roleid, 'return'=>'define'));
 242     echo $OUTPUT->single_button(new moodle_url($url), get_string('edit'));
 243     $url = new moodle_url('/admin/roles/define.php', array('action'=>'reset', 'roleid'=>$roleid, 'return'=>'define'));
 244     echo $OUTPUT->single_button(new moodle_url($url), get_string('resetrole', 'core_role'));
 245     $url = new moodle_url('/admin/roles/define.php', array('action'=>'export', 'roleid'=>$roleid));
 246     echo $OUTPUT->single_button(new moodle_url($url), get_string('export', 'core_role'));
 247     echo $OUTPUT->single_button($manageurl, get_string('listallroles', 'core_role'));
 248     echo $OUTPUT->container_end();
 249 }
 250
 251 // Start the form.
 252 echo $OUTPUT->box_start('generalbox');
 253 if ($action === 'view') {
 254     echo '<div class="mform">';
 255 } else {
 256     ?>
 257 <form id="rolesform" class="mform fcontainer" action="<?php p($baseurl->out(false)); ?>" method="post"><div>
 258 <input type="hidden" name="sesskey" value="<?php p(sesskey()) ?>" />
 259 <input type="hidden" name="return" value="<?php p($return); ?>" />
 260 <input type="hidden" name="resettype" value="none" />
 261 <div class="submitbuttons">
 262     <input type="submit" name="savechanges" class="btn btn-primary" value="<?php p($submitlabel); ?>" />
 263     <input type="submit" name="cancel" class="btn btn-secondary" value="<?php print_string('cancel'); ?>" />
 264 </div>
 265     <?php
 266 }
 267
 268 // Print the form controls.
 269 $definitiontable->display();
 270
 271 // Close the stuff we left open above.
 272 if ($action === 'view') {
 273     echo '</div>';
 274 } else {
 275     ?>
 276 <div class="submitbuttons">
 277     <input type="submit" name="savechanges" class="btn btn-primary" value="<?php p($submitlabel); ?>" />
 278     <input type="submit" name="cancel" class="btn btn-secondary" value="<?php print_string('cancel'); ?>" />
 279 </div>
 280 </div></form>
 281 <?php
 282 }
 283 echo $OUTPUT->box_end();
 284
 285 // Print a link back to the all roles list.
 286 echo '<div class="backlink">';
 287 echo '<p><a href="' . s($manageurl->out(false)) . '">' . get_string('backtoallroles', 'core_role') . '</a></p>';
 288 echo '</div>';
 289
 290 echo $OUTPUT->footer();