search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'install_master' of https://git.in.moodle.com/amosbot/moodle-install
[moodle.git] / admin / roles / classes / permissions_table.php
blob80e4b2067cea78f8d6b8ac8ac9e9f830a322d738
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * Library code used by the roles administration interfaces.
19 *
20 * @package core_role
21 * @copyright 2009 Petr Skoda {@link http://skodak.org}
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
24
25 defined('MOODLE_INTERNAL') || die();
26
27 /**
28 * Subclass of core_role_capability_table_base for use on the Permissions page.
29 */
30 class core_role_permissions_table extends core_role_capability_table_base {
31 protected $contextname;
32 protected $allowoverrides;
33 protected $allowsafeoverrides;
34 protected $overridableroles;
35 protected $roles;
36 protected $icons = array();
37
38 /**
39 * Constructor.
40 * @param context $context the context this table relates to.
41 * @param string $contextname $context->get_context_name() - to save recomputing.
42 * @param array $allowoverrides
43 * @param array $allowsafeoverrides
44 * @param array $overridableroles
45 */
46 public function __construct($context, $contextname, $allowoverrides, $allowsafeoverrides, $overridableroles) {
47 parent::__construct($context, 'permissions');
48 $this->contextname = $contextname;
49 $this->allowoverrides = $allowoverrides;
50 $this->allowsafeoverrides = $allowsafeoverrides;
51 $this->overridableroles = $overridableroles;
52
53 $roles = get_all_roles($context);
54 $this->roles = role_fix_names(array_reverse($roles, true), $context, ROLENAME_ALIAS, true);
55
56 }
57
58 protected function add_header_cells() {
59 echo '<th>' . get_string('risks', 'core_role') . '</th>';
60 echo '<th>' . get_string('neededroles', 'core_role') . '</th>';
61 echo '<th>' . get_string('prohibitedroles', 'core_role') . '</th>';
62 }
63
64 protected function num_extra_columns() {
65 return 3;
66 }
67
68 protected function add_row_cells($capability) {
69 global $OUTPUT, $PAGE;
70 $renderer = $PAGE->get_renderer('core');
71 $adminurl = new moodle_url("/admin/");
72
73 $context = $this->context;
74 $contextid = $this->context->id;
75 $allowoverrides = $this->allowoverrides;
76 $allowsafeoverrides = $this->allowsafeoverrides;
77 $overridableroles = $this->overridableroles;
78 $roles = $this->roles;
79
80 list($needed, $forbidden) = get_roles_with_cap_in_context($context, $capability->name);
81 $neededroles = array();
82 $forbiddenroles = array();
83 $allowable = $overridableroles;
84 $forbitable = $overridableroles;
85 foreach ($neededroles as $id => $unused) {
86 unset($allowable[$id]);
87 }
88 foreach ($forbidden as $id => $unused) {
89 unset($allowable[$id]);
90 unset($forbitable[$id]);
91 }
92
93 foreach ($roles as $id => $name) {
94 if (isset($needed[$id])) {
95 $templatecontext = array("rolename" => $name, "roleid" => $id, "action" => "prevent", "spanclass" => "allowed",
96 "linkclass" => "preventlink", "adminurl" => $adminurl->out(), "icon" => "", "iconalt" => "");
97 if (isset($overridableroles[$id]) and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) {
98 $templatecontext['icon'] = 't/delete';
99 $templatecontext['iconalt'] = get_string('delete');
100 }
101 $neededroles[$id] = $renderer->render_from_template('core/permissionmanager_role', $templatecontext);
102 }
103 }
104 $neededroles = implode(' ', $neededroles);
105 foreach ($roles as $id => $name) {
106 if (isset($forbidden[$id]) and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) {
107 $templatecontext = array("rolename" => $name, "roleid" => $id, "action" => "unprohibit",
108 "spanclass" => "forbidden", "linkclass" => "unprohibitlink", "adminurl" => $adminurl->out(),
109 "icon" => "", "iconalt" => "");
110 if (isset($overridableroles[$id]) and prohibit_is_removable($id, $context, $capability->name)) {
111 $templatecontext['icon'] = 't/delete';
112 $templatecontext['iconalt'] = get_string('delete');
113 }
114 $forbiddenroles[$id] = $renderer->render_from_template('core/permissionmanager_role', $templatecontext);
115 }
116 }
117 $forbiddenroles = implode(' ', $forbiddenroles);
118
119 if ($allowable and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) {
120 $allowurl = new moodle_url($PAGE->url, array('contextid' => $contextid,
121 'capability' => $capability->name, 'allow' => 1));
122 $allowicon = $OUTPUT->action_icon($allowurl, new pix_icon('t/add', get_string('allow', 'core_role')), null,
123 array('class' => 'allowlink', 'data-action' => 'allow'));
124 $neededroles .= html_writer::div($allowicon, 'allowmore');
125 }
126
127 if ($forbitable and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) {
128 $prohibiturl = new moodle_url($PAGE->url, array('contextid' => $contextid,
129 'capability' => $capability->name, 'prohibit' => 1));
130 $prohibiticon = $OUTPUT->action_icon($prohibiturl, new pix_icon('t/add', get_string('prohibit', 'core_role')), null,
131 array('class' => 'prohibitlink', 'data-action' => 'prohibit'));
132 $forbiddenroles .= html_writer::div($prohibiticon, 'prohibitmore');
133 }
134
135 $risks = $this->get_risks($capability);
136
137 $contents = html_writer::tag('td', $risks, array('class' => 'risks text-nowrap'));
138 $contents .= html_writer::tag('td', $neededroles, array('class' => 'allowedroles'));
139 $contents .= html_writer::tag('td', $forbiddenroles, array('class' => 'forbiddenroles'));
140 return $contents;
141 }
142
143 protected function get_risks($capability) {
144 global $OUTPUT;
145
146 $allrisks = get_all_risks();
147 $risksurl = new moodle_url(get_docs_url(s(get_string('risks', 'core_role'))));
148
149 $return = '';
150
151 foreach ($allrisks as $type => $risk) {
152 if ($risk & (int)$capability->riskbitmask) {
153 if (!isset($this->icons[$type])) {
154 $pixicon = new pix_icon('/i/' . str_replace('risk', 'risk_', $type), get_string($type . 'short', 'admin'));
155 $this->icons[$type] = $OUTPUT->action_icon($risksurl, $pixicon, new popup_action('click', $risksurl));
156 }
157 $return .= $this->icons[$type];
158 }
159 }
160
161 return $return;
162 }
163
164 /**
165 * Add additional attributes to row
166 *
167 * @param stdClass $capability capability that this table row relates to.
168 * @return array key value pairs of attribute names and values.
169 */
170 protected function get_row_attributes($capability) {
171 return array(
172 'data-id' => $capability->id,
173 'data-name' => $capability->name,
174 'data-humanname' => get_capability_string($capability->name),
175 );
176 }
177 }
Read-only mirror of the Moodle CVS