2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * Wrapper script redirecting user operations to correct destination.
20 * @copyright 1999 Martin Dougiamas http://dougiamas.com
21 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 require_once("../config.php");
26 require_once($CFG->dirroot
. '/course/lib.php');
28 $formaction = required_param('formaction', PARAM_LOCALURL
);
29 $id = required_param('id', PARAM_INT
);
31 $PAGE->set_url('/user/action_redir.php', array('formaction' => $formaction, 'id' => $id));
32 list($formaction) = explode('?', $formaction, 2);
34 // This page now only handles the bulk enrolment change actions, other actions are done with ajax.
35 $actions = array('bulkchange.php');
37 if (array_search($formaction, $actions) === false) {
38 throw new \
moodle_exception('unknownuseraction');
41 if (!confirm_sesskey()) {
42 throw new \
moodle_exception('confirmsesskeybad');
45 if ($formaction == 'bulkchange.php') {
46 // Backwards compatibility for enrolment plugins bulk change functionality.
47 // This awful code is adapting from the participant page with it's param names and values
48 // to the values expected by the bulk enrolment changes forms.
49 $formaction = required_param('formaction', PARAM_URL
);
50 require_once($CFG->dirroot
. '/enrol/locallib.php');
52 $url = new moodle_url($formaction);
53 // Get the enrolment plugin type and bulk action from the url.
54 $plugin = $url->param('plugin');
55 $operationname = $url->param('operation');
56 $dataformat = $url->param('dataformat');
58 $course = $DB->get_record('course', array('id' => $id), '*', MUST_EXIST
);
59 $context = context_course
::instance($id);
60 $PAGE->set_context($context);
62 $userids = optional_param_array('userid', array(), PARAM_INT
);
63 $default = new moodle_url('/user/index.php', ['id' => $course->id
]);
64 $returnurl = new moodle_url(optional_param('returnto', $default, PARAM_LOCALURL
));
66 if (empty($userids)) {
67 $userids = optional_param_array('bulkuser', array(), PARAM_INT
);
69 if (empty($userids)) {
70 // The first time list hack.
71 if (empty($userids) and $post = data_submitted()) {
72 foreach ($post as $k => $v) {
73 if (preg_match('/^user(\d+)$/', $k, $m)) {
80 if (empty($plugin) AND $operationname == 'download_participants') {
82 $pagecontext = ($course->id
== SITEID
) ? context_system
::instance() : $context;
83 if (course_can_view_participants($pagecontext)) {
84 $plugins = core_plugin_manager
::instance()->get_plugins_of_type('dataformat');
85 if (isset($plugins[$dataformat])) {
86 if ($plugins[$dataformat]->is_enabled()) {
87 if (empty($userids)) {
88 redirect($returnurl, get_string('noselectedusers', 'bulkusers'));
92 'firstname' => get_string('firstname'),
93 'lastname' => get_string('lastname'),
96 // Get the list of fields we have to hide.
98 if (!has_capability('moodle/course:viewhiddenuserfields', $context)) {
99 $hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields
));
102 // Retrieve all identity fields required for users.
103 $userfieldsapi = \core_user\fields
::for_identity($context);
104 $userfields = $userfieldsapi->get_sql('u', true);
106 $identityfields = array_keys($userfields->mappings
);
107 foreach ($identityfields as $field) {
108 $columnnames[$field] = \core_user\fields
::get_display_name($field);
111 // Ensure users are enrolled in this course context, further limiting them by selected userids.
112 [$enrolledsql, $enrolledparams] = get_enrolled_sql($context);
113 [$useridsql, $useridparams] = $DB->get_in_or_equal($userids, SQL_PARAMS_NAMED
, 'userid');
114 [$userordersql, $userorderparams] = users_order_by_sql('u', null, $context);
116 $params = array_merge($userfields->params
, $enrolledparams, $useridparams, $userorderparams);
118 // If user can only view their own groups then they can only export users from those groups too.
119 $groupmode = groups_get_course_groupmode($course);
120 if ($groupmode == SEPARATEGROUPS
&& !has_capability('moodle/site:accessallgroups', $context)) {
121 $groups = groups_get_all_groups($course->id
, $USER->id
, 0, 'g.id');
122 $groupids = array_column($groups, 'id');
124 [$groupmembersql, $groupmemberparams] = groups_get_members_ids_sql($groupids, $context);
125 $params = array_merge($params, $groupmemberparams);
127 $groupmemberjoin = "JOIN ({$groupmembersql}) jg ON jg.id = u.id";
129 $groupmemberjoin = '';
132 // Add column for groups if the user can view them.
133 if (!isset($hiddenfields['groups'])) {
134 $columnnames['groupnames'] = get_string('groups');
135 $userfields->selects
.= ', gcn.groupnames';
137 [$groupconcatnamesql, $groupconcatnameparams] = groups_get_names_concat_sql($course->id
);
138 $groupconcatjoin = "LEFT JOIN ({$groupconcatnamesql}) gcn ON gcn.userid = u.id";
139 $params = array_merge($params, $groupconcatnameparams);
141 $groupconcatjoin = '';
144 $sql = "SELECT u.firstname, u.lastname {$userfields->selects}
147 JOIN ({$enrolledsql}) je ON je.id = u.id
150 WHERE u.id {$useridsql}
151 ORDER BY {$userordersql}";
153 $rs = $DB->get_recordset_sql($sql, $params);
155 // Provide callback to pre-process all records ensuring user identity fields are escaped if HTML supported.
156 \core\dataformat
::download_data(
157 'courseid_' . $course->id
. '_participants',
161 function(stdClass
$record, bool $supportshtml) use ($identityfields): stdClass
{
163 foreach ($identityfields as $identityfield) {
164 $record->{$identityfield} = s($record->{$identityfield});
176 $instances = enrol_get_instances($course->id
, false);
178 foreach ($instances as $oneinstance) {
179 if ($oneinstance->enrol
== $plugin) {
180 $instance = $oneinstance;
185 throw new \
moodle_exception('errorwithbulkoperation', 'enrol');
188 $manager = new course_enrolment_manager($PAGE, $course, $instance->id
);
189 $plugins = $manager->get_enrolment_plugins();
191 if (!isset($plugins[$plugin])) {
192 throw new \
moodle_exception('errorwithbulkoperation', 'enrol');
195 $plugin = $plugins[$plugin];
197 $operations = $plugin->get_bulk_operations($manager);
199 if (!isset($operations[$operationname])) {
200 throw new \
moodle_exception('errorwithbulkoperation', 'enrol');
202 $operation = $operations[$operationname];
204 if (empty($userids)) {
205 redirect($returnurl, get_string('noselectedusers', 'bulkusers'));
208 $users = $manager->get_users_enrolments($userids);
210 $removed = array_diff($userids, array_keys($users));
211 if (!empty($removed)) {
212 // This manager does not filter by enrolment method - so we can get the removed users details.
213 $removedmanager = new course_enrolment_manager($PAGE, $course);
214 $removedusers = $removedmanager->get_users_enrolments($removed);
216 foreach ($removedusers as $removeduser) {
217 $msg = get_string('userremovedfromselectiona', 'enrol', fullname($removeduser));
218 \core\notification
::warning($msg);
222 // We may have users from any kind of enrolment, we need to filter for the enrolment plugin matching the bulk action.
223 $matchesplugin = function($user) use ($plugin) {
224 foreach ($user->enrolments
as $enrolment) {
225 if ($enrolment->enrolmentplugin
->get_name() == $plugin->get_name()) {
231 $filteredusers = array_filter($users, $matchesplugin);
233 if (empty($filteredusers)) {
234 redirect($returnurl, get_string('noselectedusers', 'bulkusers'));
237 $users = $filteredusers;
239 // Get the form for the bulk operation.
240 $mform = $operation->get_form($PAGE->url
, array('users' => $users));
241 // If the mform is false then attempt an immediate process. This may be an immediate action that
242 // doesn't require user input OR confirmation.... who know what but maybe one day.
243 if ($mform === false) {
244 if ($operation->process($manager, $users, new stdClass
)) {
245 redirect($returnurl);
247 throw new \
moodle_exception('errorwithbulkoperation', 'enrol');
250 // Check if the bulk operation has been cancelled.
251 if ($mform->is_cancelled()) {
252 redirect($returnurl);
254 if ($mform->is_submitted() && $mform->is_validated() && confirm_sesskey()) {
255 if ($operation->process($manager, $users, $mform->get_data())) {
256 redirect($returnurl);
260 $pagetitle = get_string('bulkuseroperation', 'enrol');
262 $PAGE->set_title($pagetitle);
263 $PAGE->set_heading($pagetitle);
264 echo $OUTPUT->header();
265 echo $OUTPUT->heading($operation->get_title());
267 echo $OUTPUT->footer();
271 throw new coding_exception('invalidaction');