2 // Allows a teacher/admin to login as another user (in stealth mode).
4 require_once('../config.php');
5 require_once('lib.php');
7 $id = optional_param('id', SITEID
, PARAM_INT
); // course id
8 $redirect = optional_param('redirect', 0, PARAM_BOOL
);
10 $url = new moodle_url('/course/loginas.php', array('id'=>$id));
13 // Reset user back to their real self if needed, for security reasons you need to log out and log in again.
14 if (\core\session\manager
::is_loggedinas()) {
18 // We can not set wanted URL here because the session is closed.
19 redirect(new moodle_url($url, array('redirect'=>1)));
23 if ($id and $id != SITEID
) {
24 $SESSION->wantsurl
= "$CFG->wwwroot/course/view.php?id=".$id;
26 $SESSION->wantsurl
= "$CFG->wwwroot/";
29 redirect(get_login_url());
32 // Try log in as this user.
33 $userid = required_param('user', PARAM_INT
);
36 $course = $DB->get_record('course', array('id'=>$id), '*', MUST_EXIST
);
38 // User must be logged in.
40 $systemcontext = context_system
::instance();
41 $coursecontext = context_course
::instance($course->id
);
45 if (has_capability('moodle/user:loginas', $systemcontext)) {
46 if (is_siteadmin($userid)) {
47 print_error('nologinas');
49 $context = $systemcontext;
50 $PAGE->set_context($context);
52 require_login($course);
53 require_capability('moodle/user:loginas', $coursecontext);
54 if (is_siteadmin($userid)) {
55 print_error('nologinas');
57 if (!is_enrolled($coursecontext, $userid)) {
58 print_error('usernotincourse');
60 $context = $coursecontext;
62 // Check if course has SEPARATEGROUPS and user is part of that group.
63 if (groups_get_course_groupmode($course) == SEPARATEGROUPS
&&
64 !has_capability('moodle/site:accessallgroups', $context)) {
66 if ($groups = groups_get_all_groups($course->id
, $USER->id
)) {
67 foreach ($groups as $group) {
68 if (groups_is_member($group->id
, $userid)) {
75 print_error('nologinas');
80 // Login as this user and return to course home page.
81 \core\session\manager
::loginas($userid, $context);
82 // Add a notification to let the logged in as user know that all content will be force cleaned
83 // while in this session.
84 \core\notification
::info(get_string('sessionforceclean', 'core'));
85 $newfullname = fullname($USER, true);
87 $strloginas = get_string('loginas');
88 $strloggedinas = get_string('loggedinas', '', $newfullname);
90 $PAGE->set_title($strloggedinas);
91 $PAGE->set_heading($course->fullname
);
92 $PAGE->navbar
->add($strloggedinas);
93 notice($strloggedinas, "$CFG->wwwroot/course/view.php?id=$course->id");