1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * Lets the user edit role definitions.
19 *
20 * Responds to actions:
21 *   add       - add a new role (allows import, duplicate, archetype)
22 *   export    - save xml role definition
23 *   edit      - edit the definition of a role
24 *   view      - view the definition of a role
25 *
26 * @package    core_role
27 * @copyright  1999 onwards Martin Dougiamas (http://dougiamas.com)
28 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
29 */
30
31require_once(__DIR__ . '/../../config.php');
32require_once($CFG->libdir.'/adminlib.php');
33
34$action = required_param('action', PARAM_ALPHA);
35if (!in_array($action, array('add', 'export', 'edit', 'reset', 'view'))) {
36    throw new moodle_exception('invalidaccess');
37}
38if ($action != 'add') {
39    $roleid = required_param('roleid', PARAM_INT);
40} else {
41    $roleid = 0;
42}
43$resettype = optional_param('resettype', '', PARAM_RAW);
44$return = optional_param('return', 'manage', PARAM_ALPHA);
45
46// Get the base URL for this and related pages into a convenient variable.
47$baseurl = new moodle_url('/admin/roles/define.php', array('action'=>$action, 'roleid'=>$roleid));
48$manageurl = new moodle_url('/admin/roles/manage.php');
49if ($return === 'manage') {
50    $returnurl = $manageurl;
51} else {
52    $returnurl = new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$roleid));;
53}
54
55admin_externalpage_setup('defineroles', '', array('action' => $action, 'roleid' => $roleid),
56    new moodle_url('/admin/roles/define.php'));
57
58// Check access permissions.
59$systemcontext = context_system::instance();
60require_capability('moodle/role:manage', $systemcontext);
61
62// Export role.
63if ($action === 'export') {
64    core_role_preset::send_export_xml($roleid);
65    die;
66}
67
68// Handle the toggle advanced mode button.
69$showadvanced = get_user_preferences('definerole_showadvanced', false);
70if (optional_param('toggleadvanced', false, PARAM_BOOL)) {
71    $showadvanced = !$showadvanced;
72    set_user_preference('definerole_showadvanced', $showadvanced);
73}
74
75// Get some basic data we are going to need.
76$roles = get_all_roles();
77$rolenames = role_fix_names($roles, $systemcontext, ROLENAME_ORIGINAL);
78$rolescount = count($roles);
79
80if ($action === 'add') {
81    $title = get_string('addinganewrole', 'core_role');
82} else if ($action == 'view') {
83    $title = get_string('viewingdefinitionofrolex', 'core_role', $rolenames[$roleid]->localname);
84} else if ($action == 'reset') {
85    $title = get_string('resettingrole', 'core_role', $rolenames[$roleid]->localname);
86} else {
87    $title = get_string('editingrolex', 'core_role', $rolenames[$roleid]->localname);
88}
89
90// Decide how to create new role.
91if ($action === 'add' and $resettype !== 'none') {
92    $mform = new core_role_preset_form(null, array('action'=>'add', 'roleid'=>0, 'resettype'=>'0', 'return'=>'manage'));
93    if ($mform->is_cancelled()) {
94        redirect($manageurl);
95
96    } else if ($data = $mform->get_data()) {
97        $resettype = $data->resettype;
98        $options = array(
99            'shortname'     => 1,
100            'name'          => 1,
101            'description'   => 1,
102            'permissions'   => 1,
103            'archetype'     => 1,
104            'contextlevels' => 1,
105            'allowassign'   => 1,
106            'allowoverride' => 1,
107            'allowswitch'   => 1,
108            'allowview'   => 1);
109        if ($showadvanced) {
110            $definitiontable = new core_role_define_role_table_advanced($systemcontext, 0);
111        } else {
112            $definitiontable = new core_role_define_role_table_basic($systemcontext, 0);
113        }
114        if (is_number($resettype)) {
115            // Duplicate the role.
116            $definitiontable->force_duplicate($resettype, $options);
117        } else {
118            // Must be an archetype.
119            $definitiontable->force_archetype($resettype, $options);
120        }
121
122        if ($xml = $mform->get_file_content('rolepreset')) {
123            $definitiontable->force_preset($xml, $options);
124        }
125
126    } else {
127        echo $OUTPUT->header();
128        echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
129        $mform->display();
130        echo $OUTPUT->footer();
131        die;
132    }
133
134} else if ($action === 'reset' and $resettype !== 'none') {
135    if (!$role = $DB->get_record('role', array('id'=>$roleid))) {
136        redirect($manageurl);
137    }
138    $resettype = empty($role->archetype) ? '0' : $role->archetype;
139    $mform = new core_role_preset_form(null,
140        array('action'=>'reset', 'roleid'=>$roleid, 'resettype'=>$resettype , 'permissions'=>1, 'archetype'=>1, 'contextlevels'=>1, 'return'=>$return));
141    if ($mform->is_cancelled()) {
142        redirect($returnurl);
143
144    } else if ($data = $mform->get_data()) {
145        $resettype = $data->resettype;
146        $options = array(
147            'shortname'     => $data->shortname,
148            'name'          => $data->name,
149            'description'   => $data->description,
150            'permissions'   => $data->permissions,
151            'archetype'     => $data->archetype,
152            'contextlevels' => $data->contextlevels,
153            'allowassign'   => $data->allowassign,
154            'allowoverride' => $data->allowoverride,
155            'allowswitch'   => $data->allowswitch,
156            'allowview'     => $data->allowview);
157        if ($showadvanced) {
158            $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid);
159        } else {
160            $definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid);
161        }
162        if (is_number($resettype)) {
163            // Duplicate the role.
164            $definitiontable->force_duplicate($resettype, $options);
165        } else {
166            // Must be an archetype.
167            $definitiontable->force_archetype($resettype, $options);
168        }
169
170        if ($xml = $mform->get_file_content('rolepreset')) {
171            $definitiontable->force_preset($xml, $options);
172        }
173
174    } else {
175        echo $OUTPUT->header();
176        echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
177        $mform->display();
178        echo $OUTPUT->footer();
179        die;
180    }
181
182} else {
183    // Create the table object.
184    if ($action === 'view') {
185        $definitiontable = new core_role_view_role_definition_table($systemcontext, $roleid);
186    } else if ($showadvanced) {
187        $definitiontable = new core_role_define_role_table_advanced($systemcontext, $roleid);
188    } else {
189        $definitiontable = new core_role_define_role_table_basic($systemcontext, $roleid);
190    }
191    $definitiontable->read_submitted_permissions();
192}
193
194// Handle the cancel button.
195if (optional_param('cancel', false, PARAM_BOOL)) {
196    redirect($returnurl);
197}
198
199// Process submission in necessary.
200if (optional_param('savechanges', false, PARAM_BOOL) && confirm_sesskey() && $definitiontable->is_submission_valid()) {
201    $definitiontable->save_changes();
202    $tableroleid = $definitiontable->get_role_id();
203
204    if ($action === 'add') {
205        redirect(new moodle_url('/admin/roles/define.php', array('action'=>'view', 'roleid'=>$definitiontable->get_role_id())));
206    } else {
207        redirect($returnurl);
208    }
209}
210
211// Print the page header and tabs.
212echo $OUTPUT->header();
213
214$currenttab = 'manage';
215require('managetabs.php');
216
217echo $OUTPUT->heading_with_help($title, 'roles', 'core_role');
218
219// Work out some button labels.
220if ($action === 'add') {
221    $submitlabel = get_string('createthisrole', 'core_role');
222} else {
223    $submitlabel = get_string('savechanges');
224}
225
226// On the view page, show some extra controls at the top.
227if ($action === 'view') {
228    echo $OUTPUT->container_start('buttons');
229    $url = new moodle_url('/admin/roles/define.php', array('action'=>'edit', 'roleid'=>$roleid, 'return'=>'define'));
230    echo $OUTPUT->single_button(new moodle_url($url), get_string('edit'));
231    $url = new moodle_url('/admin/roles/define.php', array('action'=>'reset', 'roleid'=>$roleid, 'return'=>'define'));
232    echo $OUTPUT->single_button(new moodle_url($url), get_string('resetrole', 'core_role'));
233    $url = new moodle_url('/admin/roles/define.php', array('action'=>'export', 'roleid'=>$roleid));
234    echo $OUTPUT->single_button(new moodle_url($url), get_string('export', 'core_role'));
235    echo $OUTPUT->single_button($manageurl, get_string('listallroles', 'core_role'));
236    echo $OUTPUT->container_end();
237}
238
239// Start the form.
240echo $OUTPUT->box_start('generalbox');
241if ($action === 'view') {
242    echo '<div class="mform">';
243} else {
244    ?>
245<form id="rolesform" class="mform fcontainer" action="<?php p($baseurl->out(false)); ?>" method="post"><div>
246<input type="hidden" name="sesskey" value="<?php p(sesskey()) ?>" />
247<input type="hidden" name="return" value="<?php p($return); ?>" />
248<input type="hidden" name="resettype" value="none" />
249<div class="submitbuttons">
250    <input type="submit" name="savechanges" class="btn btn-primary" value="<?php p($submitlabel); ?>" />
251    <input type="submit" name="cancel" class="btn btn-secondary" value="<?php print_string('cancel'); ?>" />
252</div>
253    <?php
254}
255
256// Print the form controls.
257$definitiontable->display();
258
259// Close the stuff we left open above.
260if ($action === 'view') {
261    echo '</div>';
262} else {
263    ?>
264<div class="submitbuttons">
265    <input type="submit" name="savechanges" class="btn btn-primary" value="<?php p($submitlabel); ?>" />
266    <input type="submit" name="cancel" class="btn btn-secondary" value="<?php print_string('cancel'); ?>" />
267</div>
268</div></form>
269<?php
270}
271echo $OUTPUT->box_end();
272
273// Print a link back to the all roles list.
274echo '<div class="backlink">';
275echo '<p><a href="' . s($manageurl->out(false)) . '">' . get_string('backtoallroles', 'core_role') . '</a></p>';
276echo '</div>';
277
278echo $OUTPUT->footer();
279