search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'MDL-37181_m24' of https://github.com/markn86/moodle into MOODLE_24_STABLE
[moodle.git] / course / rest.php
blob62729038b58f3d343146da718dbf96eb6f921c14
1 <?php
2
3 // This file is part of Moodle - http://moodle.org/
4 //
5 // Moodle is free software: you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License as published by
7 // the Free Software Foundation, either version 3 of the License, or
8 // (at your option) any later version.
9 //
10 // Moodle is distributed in the hope that it will be useful,
11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 // GNU General Public License for more details.
14 //
15 // You should have received a copy of the GNU General Public License
16 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18 /**
19 * Provide interface for topics AJAX course formats
20 *
21 * @copyright 1999 Martin Dougiamas http://dougiamas.com
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 * @package course
24 */
25
26 if (!defined('AJAX_SCRIPT')) {
27 define('AJAX_SCRIPT', true);
28 }
29 require_once(dirname(__FILE__) . '/../config.php');
30 require_once($CFG->dirroot.'/course/lib.php');
31
32 // Initialise ALL the incoming parameters here, up front.
33 $courseid = required_param('courseId', PARAM_INT);
34 $class = required_param('class', PARAM_ALPHA);
35 $field = optional_param('field', '', PARAM_ALPHA);
36 $instanceid = optional_param('instanceId', 0, PARAM_INT);
37 $sectionid = optional_param('sectionId', 0, PARAM_INT);
38 $beforeid = optional_param('beforeId', 0, PARAM_INT);
39 $value = optional_param('value', 0, PARAM_INT);
40 $column = optional_param('column', 0, PARAM_ALPHA);
41 $id = optional_param('id', 0, PARAM_INT);
42 $summary = optional_param('summary', '', PARAM_RAW);
43 $sequence = optional_param('sequence', '', PARAM_SEQUENCE);
44 $visible = optional_param('visible', 0, PARAM_INT);
45 $pageaction = optional_param('action', '', PARAM_ALPHA); // Used to simulate a DELETE command
46 $title = optional_param('title', '', PARAM_TEXT);
47
48 $PAGE->set_url('/course/rest.php', array('courseId'=>$courseid,'class'=>$class));
49
50 //NOTE: when making any changes here please make sure it is using the same access control as course/mod.php !!
51
52 $course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST);
53 // Check user is logged in and set contexts if we are dealing with resource
54 if (in_array($class, array('resource'))) {
55 $cm = get_coursemodule_from_id(null, $id, $course->id, false, MUST_EXIST);
56 require_login($course, false, $cm);
57 $modcontext = context_module::instance($cm->id);
58 } else {
59 require_login($course);
60 }
61 $coursecontext = context_course::instance($course->id);
62 require_sesskey();
63
64 echo $OUTPUT->header(); // send headers
65
66 // OK, now let's process the parameters and do stuff
67 // MDL-10221 the DELETE method is not allowed on some web servers, so we simulate it with the action URL param
68 $requestmethod = $_SERVER['REQUEST_METHOD'];
69 if ($pageaction == 'DELETE') {
70 $requestmethod = 'DELETE';
71 }
72
73 switch($requestmethod) {
74 case 'POST':
75
76 switch ($class) {
77 case 'section':
78
79 if (!$DB->record_exists('course_sections', array('course'=>$course->id, 'section'=>$id))) {
80 throw new moodle_exception('AJAX commands.php: Bad Section ID '.$id);
81 }
82
83 switch ($field) {
84 case 'visible':
85 require_capability('moodle/course:sectionvisibility', $coursecontext);
86 $resourcestotoggle = set_section_visible($course->id, $id, $value);
87 echo json_encode(array('resourcestotoggle' => $resourcestotoggle));
88 break;
89
90 case 'move':
91 require_capability('moodle/course:movesections', $coursecontext);
92 move_section_to($course, $id, $value);
93 // See if format wants to do something about it
94 $response = course_get_format($course)->ajax_section_move();
95 if ($response !== null) {
96 echo json_encode($response);
97 }
98 break;
99 }
100 break;
101
102 case 'resource':
103 switch ($field) {
104 case 'visible':
105 require_capability('moodle/course:activityvisibility', $modcontext);
106 set_coursemodule_visible($cm->id, $value);
107 break;
108
109 case 'groupmode':
110 require_capability('moodle/course:manageactivities', $modcontext);
111 set_coursemodule_groupmode($cm->id, $value);
112 break;
113
114 case 'indent':
115 require_capability('moodle/course:manageactivities', $modcontext);
116 $cm->indent = $value;
117 if ($cm->indent >= 0) {
118 $DB->update_record('course_modules', $cm);
119 rebuild_course_cache($cm->course);
120 }
121 break;
122
123 case 'move':
124 require_capability('moodle/course:manageactivities', $modcontext);
125 if (!$section = $DB->get_record('course_sections', array('course'=>$course->id, 'section'=>$sectionid))) {
126 throw new moodle_exception('AJAX commands.php: Bad section ID '.$sectionid);
127 }
128
129 if ($beforeid > 0){
130 $beforemod = get_coursemodule_from_id('', $beforeid, $course->id);
131 $beforemod = $DB->get_record('course_modules', array('id'=>$beforeid));
132 } else {
133 $beforemod = NULL;
134 }
135
136 moveto_module($cm, $section, $beforemod);
137 echo json_encode(array('visible' => $cm->visible));
138 break;
139 case 'gettitle':
140 require_capability('moodle/course:manageactivities', $modcontext);
141 $cm = get_coursemodule_from_id('', $id, 0, false, MUST_EXIST);
142 $module = new stdClass();
143 $module->id = $cm->instance;
144
145 // Don't pass edit strings through multilang filters - we need the entire string
146 echo json_encode(array('instancename' => $cm->name));
147 break;
148 case 'updatetitle':
149 require_capability('moodle/course:manageactivities', $modcontext);
150 require_once($CFG->libdir . '/gradelib.php');
151 $cm = get_coursemodule_from_id('', $id, 0, false, MUST_EXIST);
152 $module = new stdClass();
153 $module->id = $cm->instance;
154
155 // Escape strings as they would be by mform
156 if (!empty($CFG->formatstringstriptags)) {
157 $module->name = clean_param($title, PARAM_TEXT);
158 } else {
159 $module->name = clean_param($title, PARAM_CLEANHTML);
160 }
161
162 if (!empty($module->name)) {
163 $DB->update_record($cm->modname, $module);
164 rebuild_course_cache($cm->course);
165 } else {
166 $module->name = $cm->name;
167 }
168
169 // Attempt to update the grade item if relevant
170 $grademodule = $DB->get_record($cm->modname, array('id' => $cm->instance));
171 $grademodule->cmidnumber = $cm->idnumber;
172 $grademodule->modname = $cm->modname;
173 grade_update_mod_grades($grademodule);
174
175 // We need to return strings after they've been through filters for multilang
176 $stringoptions = new stdClass;
177 $stringoptions->context = $coursecontext;
178 echo json_encode(array('instancename' => html_entity_decode(format_string($module->name, true, $stringoptions))));
179 break;
180 }
181 break;
182
183 case 'course':
184 switch($field) {
185 case 'marker':
186 require_capability('moodle/course:setcurrentsection', $coursecontext);
187 course_set_marker($course->id, $value);
188 break;
189 }
190 break;
191 }
192 break;
193
194 case 'DELETE':
195 switch ($class) {
196 case 'resource':
197 require_capability('moodle/course:manageactivities', $modcontext);
198 $modlib = "$CFG->dirroot/mod/$cm->modname/lib.php";
199
200 if (file_exists($modlib)) {
201 include_once($modlib);
202 } else {
203 throw new moodle_exception("Ajax rest.php: This module is missing mod/$cm->modname/lib.php");
204 }
205 $deleteinstancefunction = $cm->modname."_delete_instance";
206
207 // Run the module's cleanup funtion.
208 if (!$deleteinstancefunction($cm->instance)) {
209 throw new moodle_exception("Ajax rest.php: Could not delete the $cm->modname $cm->name (instance)");
210 die;
211 }
212
213 // remove all module files in case modules forget to do that
214 $fs = get_file_storage();
215 $fs->delete_area_files($modcontext->id);
216
217 if (!delete_course_module($cm->id)) {
218 throw new moodle_exception("Ajax rest.php: Could not delete the $cm->modname $cm->name (coursemodule)");
219 }
220 // Remove the course_modules entry.
221 if (!delete_mod_from_section($cm->id, $cm->section)) {
222 throw new moodle_exception("Ajax rest.php: Could not delete the $cm->modname $cm->name from section");
223 }
224
225 // Trigger a mod_deleted event with information about this module.
226 $eventdata = new stdClass();
227 $eventdata->modulename = $cm->modname;
228 $eventdata->cmid = $cm->id;
229 $eventdata->courseid = $course->id;
230 $eventdata->userid = $USER->id;
231 events_trigger('mod_deleted', $eventdata);
232
233 add_to_log($courseid, "course", "delete mod",
234 "view.php?id=$courseid",
235 "$cm->modname $cm->instance", $cm->id);
236 break;
237 }
238 break;
239 }
Read-only mirror of the Moodle CVS