admin/roles/check.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Shows the result of has_capability for every capability for a user in a context.
  19  *
  20  * @package    core_role
  21  * @copyright  1999 onwards Martin Dougiamas (http://dougiamas.com)
  22  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23  */
  24
  25 require_once(dirname(__FILE__) . '/../../config.php');
  26
  27 $contextid = required_param('contextid', PARAM_INT);
  28
  29 list($context, $course, $cm) = get_context_info_array($contextid);
  30
  31 $url = new moodle_url('/admin/roles/check.php', array('contextid' => $contextid));
  32
  33 if ($course) {
  34     $isfrontpage = ($course->id == SITEID);
  35 } else {
  36     $isfrontpage = false;
  37     if ($context->contextlevel == CONTEXT_USER) {
  38         $course = $DB->get_record('course', array('id'=>optional_param('courseid', SITEID, PARAM_INT)), '*', MUST_EXIST);
  39         $user = $DB->get_record('user', array('id'=>$context->instanceid), '*', MUST_EXIST);
  40         $url->param('courseid', $course->id);
  41         $url->param('userid', $user->id);
  42     } else {
  43         $course = $SITE;
  44     }
  45 }
  46
  47 // Security first.
  48 require_login($course, false, $cm);
  49 if (!has_any_capability(array('moodle/role:assign', 'moodle/role:safeoverride', 'moodle/role:override', 'moodle/role:manage'), $context)) {
  50     print_error('nopermissions', 'error', '', get_string('checkpermissions', 'core_role'));
  51 }
  52 $PAGE->set_url($url);
  53
  54 if ($context->contextlevel == CONTEXT_USER and $USER->id != $context->instanceid) {
  55     $PAGE->navbar->includesettingsbase = true;
  56     $PAGE->navigation->extend_for_user($user);
  57     $PAGE->set_context(context_course::instance($course->id));
  58 } else {
  59     $PAGE->set_context($context);
  60 }
  61
  62 $PAGE->set_context($context);
  63
  64 $courseid = $course->id;
  65 $contextname = $context->get_context_name();
  66
  67 // Get the user_selector we will need.
  68 // Teachers within a course just get to see the same list of enrolled users.
  69 // Admins (people with moodle/role:manage) can run this report for any user.
  70 $options = array('accesscontext' => $context);
  71 $userselector = new core_role_check_users_selector('reportuser', $options);
  72 $userselector->set_rows(20);
  73
  74 // Work out an appropriate page title.
  75 $title = get_string('checkpermissionsin', 'core_role', $contextname);
  76
  77 $PAGE->set_pagelayout('admin');
  78 $PAGE->set_title($title);
  79
  80 switch ($context->contextlevel) {
  81     case CONTEXT_SYSTEM:
  82         require_once($CFG->libdir.'/adminlib.php');
  83         admin_externalpage_setup('checkpermissions', '', array('contextid' => $contextid));
  84         break;
  85     case CONTEXT_USER:
  86         $fullname = fullname($user, has_capability('moodle/site:viewfullnames', $context));
  87         $PAGE->set_heading($fullname);
  88         $showroles = 1;
  89         break;
  90     case CONTEXT_COURSECAT:
  91         $PAGE->set_heading($SITE->fullname);
  92         break;
  93     case CONTEXT_COURSE:
  94         if ($isfrontpage) {
  95             $PAGE->set_heading(get_string('frontpage', 'admin'));
  96         } else {
  97             $PAGE->set_heading($course->fullname);
  98         }
  99         break;
 100     case CONTEXT_MODULE:
 101         $PAGE->set_heading($context->get_context_name(false));
 102         $PAGE->set_cacheable(false);
 103         break;
 104     case CONTEXT_BLOCK:
 105         $PAGE->set_heading($PAGE->course->fullname);
 106         break;
 107 }
 108
 109 // Get the list of the reported-on user's role assignments - must be after
 110 // the page setup code above, or the language might be wrong.
 111 $reportuser = $userselector->get_selected_user();
 112 if (!is_null($reportuser)) {
 113     $roleassignments = get_user_roles_with_special($context, $reportuser->id);
 114     $rolenames = role_get_names($context);
 115 }
 116
 117 echo $OUTPUT->header();
 118
 119 // Print heading.
 120 echo $OUTPUT->heading($title);
 121
 122 // If a user has been chosen, show all the permissions for this user.
 123 if (!is_null($reportuser)) {
 124     echo $OUTPUT->box_start('generalbox boxaligncenter boxwidthwide');
 125
 126     if (!empty($roleassignments)) {
 127         echo $OUTPUT->heading(get_string('rolesforuser', 'core_role', fullname($reportuser)), 3);
 128         echo html_writer::start_tag('ul');
 129
 130         $systemcontext = context_system::instance();
 131         foreach ($roleassignments as $ra) {
 132             $racontext = context::instance_by_id($ra->contextid);
 133             $link = html_writer::link($racontext->get_url(), $racontext->get_context_name());
 134
 135             $rolename = $rolenames[$ra->roleid]->localname;
 136             if (has_capability('moodle/role:manage', $systemcontext)) {
 137                 $rolename = html_writer::link(new moodle_url('/admin/roles/define.php',
 138                         array('action' => 'view', 'roleid' => $ra->roleid)), $rolename);
 139             }
 140
 141             echo html_writer::tag('li', get_string('roleincontext', 'core_role',
 142                     array('role' => $rolename, 'context' => $link)));
 143         }
 144         echo html_writer::end_tag('ul');
 145     }
 146
 147     echo $OUTPUT->heading(get_string('permissionsforuser', 'core_role', fullname($reportuser)), 3);
 148     $table = new core_role_check_capability_table($context, $reportuser, $contextname);
 149     $table->display();
 150     echo $OUTPUT->box_end();
 151
 152     $selectheading = get_string('selectanotheruser', 'core_role');
 153 } else {
 154     $selectheading = get_string('selectauser', 'core_role');
 155 }
 156
 157 // Show UI for choosing a user to report on.
 158 echo $OUTPUT->box_start('generalbox boxwidthnormal boxaligncenter', 'chooseuser');
 159 echo '<form method="get" action="' . $CFG->wwwroot . '/' . $CFG->admin . '/roles/check.php" >';
 160
 161 // Hidden fields.
 162 echo '<input type="hidden" name="contextid" value="' . $context->id . '" />';
 163 if (!empty($user->id)) {
 164     echo '<input type="hidden" name="userid" value="' . $user->id . '" />';
 165 }
 166 if ($isfrontpage) {
 167     echo '<input type="hidden" name="courseid" value="' . $courseid . '" />';
 168 }
 169
 170 // User selector.
 171 echo $OUTPUT->heading('<label for="reportuser">' . $selectheading . '</label>', 3);
 172 $userselector->display();
 173
 174 // Submit button and the end of the form.
 175 echo '<p id="chooseusersubmit"><input type="submit" value="' . get_string('showthisuserspermissions', 'core_role') . '" /></p>';
 176 echo '</form>';
 177 echo $OUTPUT->box_end();
 178
 179 // Appropriate back link.
 180 if ($context->contextlevel > CONTEXT_USER) {
 181     echo html_writer::start_tag('div', array('class'=>'backlink'));
 182     echo html_writer::tag('a', get_string('backto', '', $contextname), array('href'=>$context->get_url()));
 183     echo html_writer::end_tag('div');
 184 }
 185
 186 echo $OUTPUT->footer();
 187