1<?php 2// This file is part of Moodle - http://moodle.org/ 3// 4// Moodle is free software: you can redistribute it and/or modify 5// it under the terms of the GNU General Public License as published by 6// the Free Software Foundation, either version 3 of the License, or 7// (at your option) any later version. 8// 9// Moodle is distributed in the hope that it will be useful, 10// but WITHOUT ANY WARRANTY; without even the implied warranty of 11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12// GNU General Public License for more details. 13// 14// You should have received a copy of the GNU General Public License 15// along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17/** 18 * Lets the user edit role definitions. 19 * 20 * Responds to actions: 21 * add - add a new role (allows import, duplicate, archetype) 22 * export - save xml role definition 23 * edit - edit the definition of a role 24 * view - view the definition of a role 25 * 26 * @package core_role 27 * @copyright 1999 onwards Martin Dougiamas (http://dougiamas.com) 28 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 29 */ 30 31require_once(__DIR__ . '/../../config.php'); 32require_once($CFG->libdir.'/adminlib.php'); 33 34$action = required_param('action', PARAM_ALPHA); 35if (!in_array($action, array('add', 'export', 'edit', 'reset', 'view'))) { 36 throw new moodle_exception('invalidaccess'); 37} 38if ($action != 'add') { 39 $roleid = required_param('roleid', PARAM_INT); 40} else { 41 $roleid = 0; 42} 43$resettype = optional_param('resettype', '', PARAM_RAW); 44$return = optional_param('return', 'manage', PARAM_ALPHA); 45 46// Get the base URL for this and related pages into a convenient variable. 47$baseurl = new moodle_url('/admin/roles/define.php', array('action'=>$action, 'roleid'=>$roleid)); 48$manageurl = new moodle_url('/admin/roles/manage.php'); 49if ($return === 'manage') { 50 $returnurl = $manageurl; 51} else { 52 $returnurl = new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$roleid));; 53} 54 55admin_externalpage_setup('defineroles', '', array('action' => $action, 'roleid' => $roleid), 56 new moodle_url('/admin/roles/define.php')); 57 58// Check access permissions. 59$systemcontext = context_system::instance(); 60require_capability('moodle/role:manage', $systemcontext); 61 62// Export role. 63if ($action === 'export') { 64 core_role_preset::send_export_xml($roleid); 65 die; 66} 67 68// Handle the toggle advanced mode button. 69$showadvanced = get_user_preferences('definerole_showadvanced', false); 70if (optional_param('toggleadvanced', false, PARAM_BOOL)) { 71 $showadvanced = !$showadvanced; 72 set_user_preference('definerole_showadvanced', $showadvanced); 73} 74 75// Get some basic data we are going to need. 76$roles = get_all_roles(); 77$rolenames = role_fix_names($roles, $systemcontext, ROLENAME_ORIGINAL); 78$rolescount = count($roles); 79 80if ($action === 'add') { 81 $title = get_string('addinganewrole', 'core_role'); 82} else if ($action == 'view') { 83 $title = get_string('viewingdefinitionofrolex', 'core_role', $rolenames[$roleid]->localname); 84} else if ($action == 'reset') { 85 $title = get_string('resettingrole', 'core_role', $rolenames[$roleid]->localname); 86} else { 87 $title = get_string('editingrolex', 'core_role', $rolenames[$roleid]->localname); 88} 89 90// Decide how to create new role. 91if ($action === 'add' and $resettype !== 'none') { 92 $mform = new core_role_preset_form(null, array('action'=>'add', 'roleid'=>0, 'resettype'=>'0', 'return'=>'manage')); 93 if ($mform->is_cancelled()) { 94 redirect($manageurl); 95 96 } else if ($data = $mform->get_data()) { 97 $resettype = $data->resettype; 98 $options = array( 99 'shortname' => 1, 100 'name' => 1, 101 'description' => 1, 102 'permissions' => 1, 103 'archetype' => 1, 104 'contextlevels' => 1, 105 'allowassign' => 1, 106 'allowoverride' => 1, 107 'allowswitch' => 1, 108 'allowview' => 1); 109 if ($showadvanced) { 110 $definitiontable = new core_role_define_role_table_advanced($systemcontext, 0); 111 } else { 112 $definitiontable = new core_role_define_role_table_basic($systemcontext, 0); 113 } 114 if (is_number($resettype)) { 115 // Duplicate the role. 116 $definitiontable->force_duplicate($resettype, $options); 117 } else { 118 // Must be an archetype. 119 $definitiontable->force_archetype($resettype, $options); 120 } 121 122 if ($xml = $mform->get_file_content('rolepreset')) { 123 $definitiontable->force_preset($xml, $options); 124 } 125 126 } else { 127 echo $OUTPUT->header(); 128 echo $OUTPUT->heading_with_help($title, 'roles', 'core_role'); 129 $mform->display(); 130 echo $OUTPUT->footer(); 131 die; 132 } 133 134} else if ($action === 'reset' and $resettype !== 'none') { 135 if (!$role = $DB->get_record('role', array('id'=>$roleid))) { 136 redirect($manageurl); 137 } 138 $resettype = empty($role->archetype) ? '0' : $role->archetype; 139 $mform = new core_role_preset_form(null, 140 array('action'=>'reset', 'roleid'=>$roleid, 'resettype'=>$resettype , 'permissions'=>1, 'archetype'=>1, 'contextlevels'=>1, 'return'=>$return)); 141 if ($mform->is_cancelled()) { 142 redirect($returnurl); 143 144 } else if ($data = $mform->get_data()) { 145 $resettype = $data->resettype; 146 $options = array( 147 'shortname' => $data->shortname, 148 'name' => $data->name, 149 'description' => $data->description, 150 'permissions' => $data->permissions, 151 'archetype' => $data->archetype, 152 'contextlevels' => $data->contextlevels, 153 'allowassign' => $data->allowassign, 154 'allowoverride' => $data->allowoverride, 155 'allowswitch' => $data->allowswitch, 156 'allowview' => $data->allowview); 157 if ($showadvanced) { 158 $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid); 159 } else { 160 $definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid); 161 } 162 if (is_number($resettype)) { 163 // Duplicate the role. 164 $definitiontable->force_duplicate($resettype, $options); 165 } else { 166 // Must be an archetype. 167 $definitiontable->force_archetype($resettype, $options); 168 } 169 170 if ($xml = $mform->get_file_content('rolepreset')) { 171 $definitiontable->force_preset($xml, $options); 172 } 173 174 } else { 175 echo $OUTPUT->header(); 176 echo $OUTPUT->heading_with_help($title, 'roles', 'core_role'); 177 $mform->display(); 178 echo $OUTPUT->footer(); 179 die; 180 } 181 182} else { 183 // Create the table object. 184 if ($action === 'view') { 185 $definitiontable = new core_role_view_role_definition_table($systemcontext, $roleid); 186 } else if ($showadvanced) { 187 $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid); 188 } else { 189 $definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid); 190 } 191 $definitiontable->read_submitted_permissions(); 192} 193 194// Handle the cancel button. 195if (optional_param('cancel', false, PARAM_BOOL)) { 196 redirect($returnurl); 197} 198 199// Process submission in necessary. 200if (optional_param('savechanges', false, PARAM_BOOL) && confirm_sesskey() && $definitiontable->is_submission_valid()) { 201 $definitiontable->save_changes(); 202 $tableroleid = $definitiontable->get_role_id(); 203 204 if ($action === 'add') { 205 redirect(new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$definitiontable->get_role_id()))); 206 } else { 207 redirect($returnurl); 208 } 209} 210 211// Print the page header and tabs. 212echo $OUTPUT->header(); 213 214$currenttab = 'manage'; 215require('managetabs.php'); 216 217echo $OUTPUT->heading_with_help($title, 'roles', 'core_role'); 218 219// Work out some button labels. 220if ($action === 'add') { 221 $submitlabel = get_string('createthisrole', 'core_role'); 222} else { 223 $submitlabel = get_string('savechanges'); 224} 225 226// On the view page, show some extra controls at the top. 227if ($action === 'view') { 228 echo $OUTPUT->container_start('buttons'); 229 $url = new moodle_url('/admin/roles/define.php', array('action'=>'edit', 'roleid'=>$roleid, 'return'=>'define')); 230 echo $OUTPUT->single_button(new moodle_url($url), get_string('edit')); 231 $url = new moodle_url('/admin/roles/define.php', array('action'=>'reset', 'roleid'=>$roleid, 'return'=>'define')); 232 echo $OUTPUT->single_button(new moodle_url($url), get_string('resetrole', 'core_role')); 233 $url = new moodle_url('/admin/roles/define.php', array('action'=>'export', 'roleid'=>$roleid)); 234 echo $OUTPUT->single_button(new moodle_url($url), get_string('export', 'core_role')); 235 echo $OUTPUT->single_button($manageurl, get_string('listallroles', 'core_role')); 236 echo $OUTPUT->container_end(); 237} 238 239// Start the form. 240echo $OUTPUT->box_start('generalbox'); 241if ($action === 'view') { 242 echo '<div class="mform">'; 243} else { 244 ?> 245<form id="rolesform" class="mform fcontainer" action="<?php p($baseurl->out(false)); ?>" method="post"><div> 246<input type="hidden" name="sesskey" value="<?php p(sesskey()) ?>" /> 247<input type="hidden" name="return" value="<?php p($return); ?>" /> 248<input type="hidden" name="resettype" value="none" /> 249<div class="submitbuttons"> 250 <input type="submit" name="savechanges" class="btn btn-primary" value="<?php p($submitlabel); ?>" /> 251 <input type="submit" name="cancel" class="btn btn-secondary" value="<?php print_string('cancel'); ?>" /> 252</div> 253 <?php 254} 255 256// Print the form controls. 257$definitiontable->display(); 258 259// Close the stuff we left open above. 260if ($action === 'view') { 261 echo '</div>'; 262} else { 263 ?> 264<div class="submitbuttons"> 265 <input type="submit" name="savechanges" class="btn btn-primary" value="<?php p($submitlabel); ?>" /> 266 <input type="submit" name="cancel" class="btn btn-secondary" value="<?php print_string('cancel'); ?>" /> 267</div> 268</div></form> 269<?php 270} 271echo $OUTPUT->box_end(); 272 273// Print a link back to the all roles list. 274echo '<div class="backlink">'; 275echo '<p><a href="' . s($manageurl->out(false)) . '">' . get_string('backtoallroles', 'core_role') . '</a></p>'; 276echo '</div>'; 277 278echo $OUTPUT->footer(); 279