MDL-21781 protect cohorts created by external systesm - we can not edit them with...
[moodle.git] / cohort / edit.php
CommitLineData
b980c56e
PS
1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18
19/**
20 * Cohort related management functions, this file needs to be included manually.
21 *
22 * @package moodlecore
23 * @subpackage cohort
24 * @copyright 2010 Petr Skoda (info@skodak.org)
25 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26 */
27
28require('../config.php');
29require($CFG->dirroot.'/cohort/lib.php');
30require($CFG->dirroot.'/cohort/edit_form.php');
31
32$id = optional_param('id', 0, PARAM_INT);
33$contextid = optional_param('contextid', 0, PARAM_INT);
34$delete = optional_param('delete', 0, PARAM_BOOL);
35$confirm = optional_param('confirm', 0, PARAM_BOOL);
36
37require_login();
38
39$category = null;
40if ($id) {
41 $cohort = $DB->get_record('cohort', array('id'=>$id), '*', MUST_EXIST);
42 $context = get_context_instance_by_id($cohort->contextid, MUST_EXIST);
43} else {
44 $context = get_context_instance_by_id($contextid, MUST_EXIST);
45 if ($context->contextlevel != CONTEXT_COURSECAT and $context->contextlevel != CONTEXT_SYSTEM) {
46 print_error('invalidcontext');
47 }
48 $cohort = new object();
49 $cohort->id = 0;
50 $cohort->contextid = $context->id;
51 $cohort->name = '';
52 $cohort->description = '';
53}
54
c7d5ed1c 55require_capability('moodle/cohort:manage', $context);
b980c56e
PS
56
57$returnurl = new moodle_url('/cohort/index.php', array('contextid'=>$context->id));
58
4a0ef03e
PS
59if (!empty($cohort->component)) {
60 // we can not manually edit cohorts that were created by external systems, sorry
61 redirect($returnurl);
62}
63
b980c56e
PS
64$PAGE->set_context($context);
65$PAGE->set_url('/cohort/edit.php', array('contextid'=>$context->id, 'id'=>$cohort->id));
66$PAGE->set_context($context);
67
b980c56e
PS
68if ($context->contextlevel == CONTEXT_COURSECAT) {
69 $category = $DB->get_record('course_categories', array('id'=>$context->instanceid), '*', MUST_EXIST);
70 $PAGE->navbar->add($category->name, new moodle_url('/course/index.php', array('categoryedit'=>'1')));
71}
72$PAGE->navbar->add(get_string('cohorts', 'cohort'), new moodle_url('/cohort/', array('contextid'=>$context->id)));
73
74if ($delete and $cohort->id) {
75 $PAGE->url->param('delete', 1);
76 if ($confirm and confirm_sesskey()) {
77 cohort_delete_cohort($cohort);
78 redirect($returnurl);
79 }
80 $strheading = get_string('delcohort', 'cohort');
81 $PAGE->navbar->add($strheading);
82 $PAGE->set_title($strheading);
83 echo $OUTPUT->header();
84 echo $OUTPUT->heading($strheading);
85 $yesurl = new moodle_url('/cohort/edit.php', array('id'=>$cohort->id, 'delete'=>1, 'confirm'=>1,'sesskey'=>sesskey()));
86 $message = get_string('delconfirm', 'cohort', format_string($cohort->name));
87 echo $OUTPUT->confirm($message, $yesurl, $returnurl);
88 echo $OUTPUT->footer();
89 die;
90}
91
92$editoroptions = array('maxfiles'=>0, 'context'=>$context);
93if ($cohort->id) {
94 // edit existing
95 $cohort = file_prepare_standard_editor($cohort, 'description', $editoroptions);
96 $strheading = get_string('editcohort', 'cohort');
97
98} else {
99 // add new
100 $cohort = file_prepare_standard_editor($cohort, 'description', $editoroptions);
101 $strheading = get_string('addcohort', 'cohort');
102}
103
104$PAGE->set_title($strheading);
105$PAGE->navbar->add($strheading);
106
9e1065a8 107$editform = new cohort_edit_form(null, array('editoroptions'=>$editoroptions, 'data'=>$cohort));
b980c56e
PS
108
109if ($editform->is_cancelled()) {
110 redirect($returnurl);
111
112} else if ($data = $editform->get_data()) {
113 $data = file_postupdate_standard_editor($data, 'description', $editoroptions, $context);
114
115 if ($data->id) {
116 cohort_update_cohort($data);
117 } else {
118 cohort_add_cohort($data);
119 }
120
9e1065a8
PS
121 // use new context id, it could have been changed
122 redirect(new moodle_url('/cohort/index.php', array('contextid'=>$data->contextid)));
b980c56e
PS
123}
124
125echo $OUTPUT->header();
126echo $OUTPUT->heading($strheading);
127echo $editform->display();
128echo $OUTPUT->footer();
129