MDL-21781 protect cohorts created by external systesm - we can not edit them with...
[moodle.git] / cohort / assign.php
CommitLineData
b980c56e
PS
1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
19 * Cohort related management functions, this file needs to be included manually.
20 *
21 * @package moodlecore
22 * @subpackage cohort
23 * @copyright 2010 Petr Skoda (info@skodak.org)
24 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
25 */
26
b980c56e
PS
27require_once('../config.php');
28require_once($CFG->dirroot.'/cohort/lib.php');
29
30$id = required_param('id', PARAM_INT);
31
32require_login();
33
34$cohort = $DB->get_record('cohort', array('id'=>$id), '*', MUST_EXIST);
35$context = get_context_instance_by_id($cohort->contextid, MUST_EXIST);
36
c7d5ed1c 37require_capability('moodle/cohort:assign', $context);
b980c56e
PS
38
39$PAGE->set_url('/cohort/assign.php', array('id'=>$id));
40$PAGE->set_Context($context);
41
4a0ef03e
PS
42$returnurl = new moodle_url('/cohort/index.php', array('contextid'=>$cohort->contextid));
43
44if (!empty($cohort->component)) {
45 // we can not manually edit cohorts that were created by external systems, sorry
46 redirect($returnurl);
47}
48
c5070d06 49if (optional_param('cancel', false, PARAM_BOOL)) {
4a0ef03e 50 redirect($returnurl);
c5070d06
PS
51}
52
b980c56e
PS
53if ($context->contextlevel == CONTEXT_COURSECAT) {
54 $category = $DB->get_record('course_categories', array('id'=>$context->instanceid), '*', MUST_EXIST);
55 $PAGE->navbar->add($category->name, new moodle_url('/course/index.php', array('categoryedit'=>'1')));
56}
57$PAGE->navbar->add(get_string('cohorts', 'cohort'), new moodle_url('/cohort/', array('contextid'=>$context->id)));
58$PAGE->navbar->add(get_string('assign', 'cohort'));
59
60echo $OUTPUT->header();
61echo $OUTPUT->heading(get_string('assignto', 'cohort', format_string($cohort->name)));
62
c5070d06 63// Get the user_selector we will need.
b980c56e
PS
64$potentialuserselector = new cohort_candidate_selector('addselect', array('cohortid'=>$cohort->id));
65$existinguserselector = new cohort_existing_selector('removeselect', array('cohortid'=>$cohort->id));
66
c5070d06 67// Process incoming user assignments to the cohort
b980c56e 68
c5070d06
PS
69if (optional_param('add', false, PARAM_BOOL) && confirm_sesskey()) {
70 $userstoassign = $potentialuserselector->get_selected_users();
71 if (!empty($userstoassign)) {
b980c56e 72
c5070d06
PS
73 foreach ($userstoassign as $adduser) {
74 // no duplicates please
75 if (!$DB->record_exists('cohort_members', array('cohortid'=>$cohort->id, 'userid'=>$adduser->id))) {
76 cohort_add_member($cohort->id, $adduser->id);
b980c56e
PS
77 }
78 }
79
c5070d06
PS
80 $potentialuserselector->invalidate_selected_users();
81 $existinguserselector->invalidate_selected_users();
82 }
83}
b980c56e 84
c5070d06
PS
85// Process removing user assignments to the cohort
86if (optional_param('remove', false, PARAM_BOOL) && confirm_sesskey()) {
87 $userstoremove = $existinguserselector->get_selected_users();
88 if (!empty($userstoremove)) {
89 foreach ($userstoremove as $removeuser) {
90 cohort_remove_member($cohort->id, $removeuser->id);
b980c56e 91 }
c5070d06
PS
92 $potentialuserselector->invalidate_selected_users();
93 $existinguserselector->invalidate_selected_users();
94 }
95}
b980c56e 96
c5070d06 97// Print the form.
b980c56e
PS
98?>
99<form id="assignform" method="post" action="<?php echo $PAGE->url ?>"><div>
100 <input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
101
102 <table summary="" class="generaltable generalbox boxaligncenter" cellspacing="0">
103 <tr>
104 <td id="existingcell">
105 <p><label for="removeselect"><?php print_string('currentusers', 'cohort'); ?></label></p>
106 <?php $existinguserselector->display() ?>
107 </td>
108 <td id="buttonscell">
109 <div id="addcontrols">
c5070d06 110 <input name="add" id="add" type="submit" value="<?php echo $OUTPUT->larrow().'&nbsp;'.s(get_string('add')); ?>" title="<?php p(get_string('add')); ?>" /><br />
b980c56e
PS
111 </div>
112
113 <div id="removecontrols">
c5070d06 114 <input name="remove" id="remove" type="submit" value="<?php echo s(get_string('remove')).'&nbsp;'.$OUTPUT->rarrow(); ?>" title="<?php p(get_string('remove')); ?>" />
b980c56e
PS
115 </div>
116 </td>
117 <td id="potentialcell">
118 <p><label for="addselect"><?php print_string('potusers', 'cohort'); ?></label></p>
119 <?php $potentialuserselector->display() ?>
120 </td>
121 </tr>
c5070d06
PS
122 <tr><td colspan="3" id='backcell'>
123 <input type="submit" name="cancel" value="<?php p(get_string('backtocohorts', 'cohort')); ?>" />
124 </td></tr>
b980c56e
PS
125 </table>
126</div></form>
127
128<?php
129
b980c56e 130echo $OUTPUT->footer();