| [ Index ] |
PHP Cross Reference of Moodle 1.9.3 [Build 15-Oct-2008] |
[Source view] [Print] [Project Stats]
Public API vs internals -----------------------
| File Size: | 5615 lines (202 kb) |
| Included or required: | 0 times |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
| get_role_context_caps($roleid, $context) X-Ref |
| No description |
| get_role_access($roleid, $accessdata=NULL) X-Ref |
| Gets the accessdata for role "sitewide" (system down to course) return: array |
| get_default_frontpage_role_access($roleid, $accessdata=NULL) X-Ref |
| Gets the accessdata for role "sitewide" (system down to course) return: array |
| get_guest_role() X-Ref |
| Get the default guest role return: object role |
| has_capability($capability, $context, $userid=NULL, $doanything=true) X-Ref |
| This function returns whether the current user has the capability of performing a function For example, we can do has_capability('mod/forum:replypost',$context) in forum param: string $capability - name of the capability (or debugcache or clearcache) param: object $context - a context object (record from context table) param: integer $userid - a userid number, empty if current $USER param: bool $doanything - if false, ignore do anything return: bool |
| has_any_capability($capabilities, $context, $userid=NULL, $doanything=true) X-Ref |
| This function returns whether the current user has any of the capabilities in the $capabilities array. This is a simple wrapper around has_capability for convinience. There are probably tricks that could be done to improve the performance here, for example, check the capabilities that are already cached first. param: array $capabilities - an array of capability names. param: object $context - a context object (record from context table) param: integer $userid - a userid number, empty if current $USER param: bool $doanything - if false, ignore do anything return: bool |
| is_siteadmin($userid) X-Ref |
| Uses 1 DB query to answer whether a user is an admin at the sitelevel. It depends on DB schema >=1.7 but does not depend on the new datastructures in v1.9 (context.path, or $USER->access) Will return true if the userid has any of - moodle/site:config - moodle/legacy:admin - moodle/site:doanything returns: bool $isadmin param: int $userid |
| get_course_from_path($path) X-Ref |
| No description |
| path_inaccessdata($path, $accessdata) X-Ref |
| No description |
| has_capability_in_accessdata($capability, $context, $accessdata, $doanything) X-Ref |
| Walk the accessdata array and return true/false. Deals with prohibits, roleswitching, aggregating capabilities, etc. The main feature of here is being FAST and with no side effects. Notes: Switch Roles exits early ----------------------- cap checks within a switchrole need to exit early in our bottom up processing so they don't "see" that there are real RAs that can do all sorts of things. Switch Role merges with default role ------------------------------------ If you are a teacher in course X, you have at least teacher-in-X + defaultloggedinuser-sitewide. So in the course you'll have techer+defaultloggedinuser. We try to mimic that in switchrole. Local-most role definition and role-assignment wins --------------------------------------------------- So if the local context has said 'allow', it wins over a high-level context that says 'deny'. This is applied when walking rdefs, and RAs. Only at the same context the values are SUM()med. The exception is CAP_PROHIBIT. "Guest default role" exception ------------------------------ See MDL-7513 and $ignoreguest below for details. The rule is that IF we are being asked about moodle/legacy:guest OR moodle/course:view FOR a real, logged-in user AND we reached the top of the path in ra and rdef AND that role has moodle/legacy:guest === 1... THEN we act as if we hadn't seen it. To Do: - Document how it works - Rewrite in ASM :-) |
| aggregate_roles_from_accessdata($context, $accessdata) X-Ref |
| No description |
| require_capability($capability, $context, $userid=NULL, $doanything=true,$errormessage='nopermissions', $stringfile='') X-Ref |
| This is an easy to use function, combining has_capability() with require_course_login(). And will call those where needed. It checks for a capability assertion being true. If it isn't then the page is terminated neatly with a standard error message. If the user is not logged in, or is using 'guest' access or other special "users, it provides a logon prompt. param: string $capability - name of the capability param: object $context - a context object (record from context table) param: integer $userid - a userid number param: bool $doanything - if false, ignore do anything param: string $errorstring - an errorstring param: string $stringfile - which stringfile to get it from |
| get_user_courses_bycap($userid, $cap, $accessdata, $doanything, $sort='c.sortorder ASC', $fields=NULL, $limit=0) X-Ref |
| Get an array of courses (with magic extra bits) where the accessdata and in DB enrolments show that the cap requested is available. The main use is for get_my_courses(). Notes - $fields is an array of fieldnames to ADD so name the fields you really need, which will be added and uniq'd - the course records have $c->context which is a fully valid context object. Saves you a query per course! - the course records have $c->categorypath to make category lookups cheap - current implementation is split in - - if the user has the cap systemwide, stupidly grab *every* course for a capcheck. This eats a TON of bandwidth, specially on large sites with separate DBs... - otherwise, fetch "likely" courses with a wide net that should get us _cheaply_ at least the courses we need, and some we won't - we get courses that... - are in a category where user has the cap - or where use has a role-assignment (any kind) - or where the course has an override on for this cap - walk the courses recordset checking the caps oneach one the checks are all in memory and quite fast (though we could implement a specialised variant of the has_capability_in_accessdata() code to speed it up) param: string $capability - name of the capability param: array $accessdata - accessdata session array param: bool $doanything - if false, ignore do anything param: string $sort - sorting fields - prefix each fieldname with "c." param: array $fields - additional fields you are interested in... param: int $limit - set if you want to limit the number of courses return: array $courses - ordered array of course objects - see notes above |
| get_user_access_sitewide($userid) X-Ref |
| It will return a nested array showing role assignments all relevant role capabilities for the user at site/metacourse/course_category/course levels We do _not_ delve deeper than courses because the number of overrides at the module/block levels is HUGE. [ra] => [/path/] = array(roleid, roleid) [rdef] => [/path/:roleid][capability]=permission [loaded] => array('/path', '/path') param: $userid integer - the id of the user |
| load_subcontext($userid, $context, &$accessdata) X-Ref |
| It add to the access ctrl array the data needed by a user for a given context param: $userid integer - the id of the user param: $context context obj - needs path! param: $accessdata array accessdata array |
| get_role_access_bycontext($roleid, $context, $accessdata=NULL) X-Ref |
| It add to the access ctrl array the data needed by a role for a given context. The data is added in the rdef key. This role-centric function is useful for role_switching and to get an overview of what a role gets under a given context and below... param: $roleid integer - the id of the user param: $context context obj - needs path! param: $accessdata accessdata array |
| load_user_accessdata($userid) X-Ref |
| Load accessdata for a user into the $ACCESS global Used by has_capability() - but feel free to call it if you are about to run a BIG cron run across a bazillion users. |
| compact_rdefs(&$rdefs) X-Ref |
| Use shared copy of role definistions stored in $RDEFS; param: array $rdefs array of role definitions in contexts |
| load_all_capabilities() X-Ref |
| A convenience function to completely load all the capabilities for the current user. This is what gets called from complete_user_login() for example. Call it only _after_ you've setup $USER and called check_enrolment_plugins(); |
| reload_all_capabilities() X-Ref |
| A convenience function to completely reload all the capabilities for the current user when roles have been updated in a relevant context -- but PRESERVING switchroles and loginas. That is - completely transparent to the user. Note: rewrites $USER->access completely. |
| load_temp_role($context, $roleid, $accessdata) X-Ref |
| No description |
| check_enrolment_plugins(&$user) X-Ref |
| Check all the login enrolment information for the given user object by querying the enrolment plugins |
| moodle_install_roles() X-Ref |
| Installs the roles system. This function runs on a fresh install as well as on an upgrade from the old hard-coded student/teacher/admin etc. roles to the new roles system. |
| get_legacy_roles() X-Ref |
| Returns array of all legacy roles. |
| get_legacy_type($roleid) X-Ref |
| No description |
| assign_legacy_capabilities($capability, $legacyperms) X-Ref |
| Assign the defaults found in this capabality definition to roles that have the corresponding legacy capabilities assigned to them. param: $legacyperms - an array in the format (example): return: boolean - success or failure. |
| islegacy($capabilityname) X-Ref |
| Checks to see if a capability is a legacy capability. param: $capabilityname return: boolean |
| create_context($contextlevel, $instanceid) X-Ref |
| Create a new context record for use by all roles-related stuff assumes that the caller has done the homework. param: $level param: $instanceid return: object newly created context |
| get_system_context($cache=true) X-Ref |
| This hacky function is needed because we can not change system context instanceid using normal upgrade routine. |
| delete_context($contextlevel, $instanceid) X-Ref |
| Remove a context record and any dependent entries, removes context from static context cache too param: $level param: $instanceid return: bool properly deleted |
| create_contexts($contextlevel=null, $buildpaths=true, $feedback=false) X-Ref |
| Precreates all contexts including all parents param: int $contextlevel, empty means all param: bool $buildpaths update paths and depths param: bool $feedback show sql feedback return: void |
| cleanup_contexts() X-Ref |
| Remove stale context records return: bool |
| get_context_instance($contextlevel, $instance=0) X-Ref |
| Get the context instance as an object. This function will create the context instance if it does not exist yet. param: integer $level The context level, for example CONTEXT_COURSE, or CONTEXT_MODULE. param: integer $instance The instance id. For $level = CONTEXT_COURSE, this would be $course->id, return: object The context object. |
| get_context_instance_by_id($id) X-Ref |
| Get a context instance as an object, from a given context id. param: mixed $id a context id or array of ids. return: mixed object or array of the context object. |
| get_local_override($roleid, $contextid, $capability) X-Ref |
| Get the local override (if any) for a given capability in a role in a context param: $roleid param: $contextid param: $capability |
| create_role($name, $shortname, $description, $legacy='') X-Ref |
| function that creates a role param: name - role name param: shortname - role short name param: description - role description param: legacy - optional legacy capability return: id or false |
| delete_role($roleid) X-Ref |
| function that deletes a role and cleanups up after it param: roleid - id of role to delete return: success |
| assign_capability($capability, $permission, $roleid, $contextid, $overwrite=false) X-Ref |
| Function to write context specific overrides, or default capabilities. param: module - string name param: capability - string name param: contextid - context id param: roleid - role id param: permission - int 1,-1 or -1000 |
| unassign_capability($capability, $roleid, $contextid=NULL) X-Ref |
| Unassign a capability from a role. param: $roleid - the role id param: $capability - the name of the capability return: boolean - success or failure |
| get_roles_with_capability($capability, $permission=NULL, $context='') X-Ref |
| Get the roles that have a given capability assigned to it. This function does not resolve the actual permission of the capability. It just checks for assignment only. param: $capability - capability name (string) param: $permission - optional, the permission defined for this capability return: array or role objects |
| role_assign($roleid, $userid, $groupid, $contextid, $timestart=0, $timeend=0, $hidden=0, $enrol='manual',$timemodified='') X-Ref |
| This function makes a role-assignment (a role for a user or group in a particular context) param: $roleid - the role of the id param: $userid - userid param: $groupid - group id param: $contextid - id of the context param: $timestart - time this assignment becomes effective param: $timeend - time this assignemnt ceases to be effective return: id - new id of the assigment |
| role_unassign($roleid=0, $userid=0, $groupid=0, $contextid=0, $enrol=NULL) X-Ref |
| Deletes one or more role assignments. You must specify at least one parameter. param: $roleid param: $userid param: $groupid param: $contextid param: $enrol unassign only if enrolment type matches, NULL means anything return: boolean - success or failure |
| enrol_into_course($course, $user, $enrol) X-Ref |
| A convenience function to take care of the common case where you just want to enrol someone using the default role into a course param: object $course param: object $user param: string $enrol - the plugin used to do this enrolment |
| load_capability_def($component) X-Ref |
| Loads the capability definitions for the component (from file). If no capabilities are defined for the component, we simply return an empty array. param: $component - examples: 'moodle', 'mod/forum', 'block/quiz_results' return: array of capabilities |
| get_cached_capabilities($component='moodle') X-Ref |
| Gets the capabilities that have been cached in the database for this component. param: $component - examples: 'moodle', 'mod/forum', 'block/quiz_results' return: array of capabilities |
| get_default_capabilities($legacyrole) X-Ref |
| Returns default capabilities for given legacy role type. param: string legacy role name return: array |
| reset_role_capabilities($roleid) X-Ref |
| Reset role capabilitites to default according to selected legacy capability. If several legacy caps selected, use the first from get_default_capabilities. If no legacy selected, removes all capabilities. param: int @roleid |
| update_capabilities($component='moodle') X-Ref |
| Updates the capabilities table with the component capability definitions. If no parameters are given, the function updates the core moodle capabilities. Note that the absence of the db/access.php capabilities definition file will cause any stored capabilities for the component to be removed from the database. param: $component - examples: 'moodle', 'mod/forum', 'block/quiz_results' return: boolean |
| capabilities_cleanup($component, $newcapdef=NULL) X-Ref |
| Deletes cached capabilities that are no longer needed by the component. Also unassigns these capabilities from any roles that have them. param: $component - examples: 'moodle', 'mod/forum', 'block/quiz_results' param: $newcapdef - array of the new capability definitions that will be return: int - number of deprecated capabilities that have been removed |
| print_context_name($context, $withprefix = true, $short = false) X-Ref |
| prints human readable context identifier. |
| fetch_context_capabilities($context) X-Ref |
| Extracts the relevant capabilities given a contextid. All case based, example an instance of forum context. Will fetch all forum related capabilities, while course contexts Will fetch all capabilities param: object context return: array(); |
| role_context_capabilities($roleid, $context, $cap='') X-Ref |
| This function pulls out all the resolved capabilities (overrides and defaults) of a role used in capability overrides in contexts at a given context. param: obj $context param: int $roleid param: bool self - if set to true, resolve till this level, else stop at immediate parent level return: array |
| get_parent_contexts($context) X-Ref |
| Recursive function which, given a context, find all parent context ids, and return the array in reverse order, i.e. parent first, then grand parent, etc. param: object $context return: array() |
| get_parent_contextid($context) X-Ref |
| Return the id of the parent of this context, or false if there is no parent (only happens if this is the site context.) param: object $context return: integer the id of the parent context. |
| get_child_contexts($context) X-Ref |
| Recursive function which, given a context, find all its children context ids. When called for a course context, it will return the modules and blocks displayed in the course page. For course category contexts it will return categories and courses. It will NOT recurse into courses - if you want to do that, call it on the returned courses. If called on a course context it _will_ populate the cache with the appropriate contexts ;-) param: object $context. return: array of child records |
| get_related_contexts_string($context) X-Ref |
| Gets a string for sql calls, searching for stuff in this context or above param: object $context return: string |
| get_capability_string($capabilityname) X-Ref |
| Returns the human-readable, translated version of the capability. Basically a big switch statement. param: $capabilityname - e.g. mod/choice:readresponses |
| get_component_string($component, $contextlevel) X-Ref |
| This gets the mod/block/course/core etc strings. param: $component param: $contextlevel |
| get_roles_used_in_context($context, $view = false) X-Ref |
| Gets the list of roles assigned to this context and up (parents) param: object $context param: view - set to true when roles are pulled for display only return: array |
| get_user_roles_in_context($userid, $context, $view=true) X-Ref |
| This function is used to print roles column in user profile page. param: int userid param: object context return: string |
| user_can_override($context, $targetroleid) X-Ref |
| Checks if a user can override capabilities of a particular role in this context param: object $context param: int targetroleid - the id of the role you want to override return: boolean |
| user_can_assign($context, $targetroleid) X-Ref |
| Checks if a user can assign users to a particular role in this context param: object $context param: int targetroleid - the id of the role you want to assign users to return: boolean |
| get_all_roles() X-Ref |
| No description |
| get_user_roles($context, $userid=0, $checkparentcontexts=true, $order='c.contextlevel DESC, r.sortorder ASC', $view=false) X-Ref |
| gets all the user roles assigned in this context, or higher contexts this is mainly used when checking if a user can assign a role, or overriding a role i.e. we need to know what this user holds, in order to verify against allow_assign and allow_override tables param: object $context param: int $userid param: view - set to true when roles are pulled for display only return: array |
| allow_override($sroleid, $troleid) X-Ref |
| Creates a record in the allow_override table param: int sroleid - source roleid param: int troleid - target roleid return: int - id or false |
| allow_assign($sroleid, $troleid) X-Ref |
| Creates a record in the allow_assign table param: int sroleid - source roleid param: int troleid - target roleid return: int - id or false |
| get_assignable_roles($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) X-Ref |
| Gets a list of roles that this user can assign in this context param: object $context param: string $field param: int $rolenamedisplay return: array |
| get_assignable_roles_for_switchrole($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) X-Ref |
| Gets a list of roles that this user can assign in this context, for the switchrole menu param: object $context param: string $field param: int $rolenamedisplay return: array |
| get_overridable_roles($context, $field='name', $rolenamedisplay=ROLENAME_ALIAS) X-Ref |
| Gets a list of roles that this user can override or safeoverride in this context param: object $context param: string $field param: int $rolenamedisplay return: array |
| get_default_course_role($course) X-Ref |
| Returns a role object that is the default role for new enrolments in a given course param: object $course return: object $role |
| get_users_by_capability($context, $capability, $fields='', $sort='',$limitfrom='', $limitnum='', $groups='', $exceptions='', $doanything=true,$view=false, $useviewallgroups=false) X-Ref |
| Who has this capability in this context? This can be a very expensive call - use sparingly and keep the results if you are going to need them again soon. Note if $fields is empty this function attempts to get u.* which can get rather large - and has a serious perf impact on some DBs. param: $context - object param: $capability - string capability param: $fields - fields to be pulled param: $sort - the sort order param: $limitfrom - number of records to skip (offset) param: $limitnum - number of records to fetch param: $groups - single group or array of groups - only return param: $exceptions - list of users to exclude param: view - set to true when roles are pulled for display only param: boolean $useviewallgroups if $groups is set the return users who |
| has_capability_from_rarc($ras, $roleperms, $capability, $doanything) X-Ref |
| No description |
| sort_by_roleassignment_authority($users, $context, $roles=array() X-Ref |
| Will re-sort a $users results array (from get_users_by_capability(), usually) based on a sorting policy. This is to support the odd practice of sorting teachers by 'authority', where authority was "lowest id of the role assignment". Will execute 1 database query. Only suitable for small numbers of users, as it uses an u.id IN() clause. Notes about the sorting criteria. As a default, we cannot rely on role.sortorder because then admins/coursecreators will always win. That is why the sane rule "is locality matters most", with sortorder as 2nd consideration. If you want role.sortorder, use the 'sortorder' policy, and name explicitly what roles you want to cover. It's probably a good idea to see what roles have the capabilities you want (array_diff() them against roiles that have 'can-do-anything' to weed out admin-ish roles. Or fetch a list of roles from variables like $CFG->coursemanagers . param: array users Users' array, keyed on userid param: object context param: array roles - ids of the roles to include, optional param: string policy - defaults to locality, more about return: array - sorted copy of the array |
| get_role_users($roleid, $context, $parent=false, $fields='', $sort='u.lastname ASC', $gethidden=true, $group='', $limitfrom='', $limitnum='') X-Ref |
| gets all the users assigned this role in this context or higher param: int roleid (can also be an array of ints!) param: int contextid param: bool parent if true, get list of users assigned in higher context too param: string fields - fields from user (u.) , role assignment (ra) or role (r.) param: string sort - sort from user (u.) , role assignment (ra) or role (r.) param: bool gethidden - whether to fetch hidden enrolments too return: array() |
| count_role_users($roleid, $context, $parent=false) X-Ref |
| Counts all the users assigned this role in this context or higher param: int roleid param: int contextid param: bool parent if true, get list of users assigned in higher context too return: array() |
| get_user_capability_course($capability, $userid=NULL,$doanything=true,$fieldsexceptid='',$orderby='') X-Ref |
| This function gets the list of courses that this user has a particular capability in. It is still not very efficient. param: string $capability Capability in question param: int $userid User ID or null for current user param: bool $doanything True if 'doanything' is permitted (default) param: string $fieldsexceptid Leave blank if you only need 'id' in the course records; param: string $orderby If set, use a comma-separated list of fields from course return: array Array of courses, may have zero entries. Or false if query failed. |
| get_roles_on_exact_context($context) X-Ref |
| No description |
| role_switch($roleid, $context) X-Ref |
| Switches the current user to another role for the current session and only in the given context. The caller *must* check - that this op is allowed - that the requested role can be assigned in this ctx (hint, use get_assignable_roles_for_switchrole()) - that the requested role is NOT $CFG->defaultuserroleid To "unswitch" pass 0 as the roleid. This function *will* modify $USER->access - beware param: integer $roleid param: object $context return: bool |
| get_roles_with_override_on_context($context) X-Ref |
| No description |
| get_capabilities_from_role_on_context($role, $context) X-Ref |
| No description |
| get_roles_with_assignment_on_context($context) X-Ref |
| No description |
| get_users_from_role_on_context($role, $context) X-Ref |
| Find all user assignemnt of users for this role, on this context |
| user_has_role_assignment($userid, $roleid, $contextid=0) X-Ref |
| Simple function returning a boolean true if roles exist, otherwise false |
| role_get_name($role, $coursecontext) X-Ref |
| Get role name or alias if exists and format the text. param: object $role role object param: object $coursecontext return: $string name of role in course context |
| role_fix_names($roleoptions, $context, $rolenamedisplay=ROLENAME_ALIAS) X-Ref |
| Prepare list of roles for display, apply aliases and format text param: array $roleoptions array roleid=>rolename param: object $context return: array of role names |
| component_level_changed($cap, $comp, $contextlevel) X-Ref |
| This function helps admin/roles/manage.php etc to detect if a new line should be printed when we read in a new capability most of the time, if the 2 components are different we should print a new line, (e.g. course system->rss client) but when we are in grade, all reports/import/export capabilites should be together param: string a - component string a param: string b - component string b return: bool - whether 2 component are in different "sections" |
| build_context_path($force=false, $feedback=false) X-Ref |
| Populate context.path and context.depth where missing. param: bool $force force a complete rebuild of the path and depth fields. param: bool $feedback display feedback (during upgrade usually) return: void |
| context_moved($context, $newparent) X-Ref |
| Update the path field of the context and all the dependent subcontexts that follow the move. The most important thing here is to be as DB efficient as possible. This op can have a massive impact in the DB. param: obj current context obj param: obj newparent new parent obj |
| make_context_subobj($rec) X-Ref |
| Turn the ctx* fields in an objectlike record into a context subobject. This allows us to SELECT from major tables JOINing with context at no cost, saving a ton of context lookups... |
| get_dirty_contexts($time) X-Ref |
| Fetch recent dirty contexts to know cheaply whether our $USER->access is stale and needs to be reloaded. Uses cache_flags param: int $time return: array of dirty contexts |
| mark_context_dirty($path) X-Ref |
| Mark a context as dirty (with timestamp) so as to force reloading of the context. param: string $path context path |
| is_contextpath_dirty($pathcontexts, $dirty) X-Ref |
| Will walk the contextpath to answer whether the contextpath is dirty param: array $contexts array of strings param: obj/array dirty contexts from get_dirty_contexts() return: bool |
| switch_roles($first, $second) X-Ref |
| switch role order (used in admin/roles/manage.php) param: int $first id of role to move down param: int $second id of role to move up return: bool success or failure |
| role_cap_duplicate($sourcerole, $targetrole) X-Ref |
| duplicates all the base definitions of a role param: object $sourcerole role to copy from param: int $targetrole id of role to copy to return: void |
| Generated: Wed Jan 14 11:33:29 2009 | Cross-referenced by PHPXref 0.7 |