MDL-67264 core_course: Activity chooser new feature
[moodle.git] / course / loginas.php
CommitLineData
aa6c1ced 1<?php
71298fea 2// Allows a teacher/admin to login as another user (in stealth mode).
f9903ed0 3
3406acde
SH
4require_once('../config.php');
5require_once('lib.php');
f9903ed0 6
9d4f9495
PS
7$id = optional_param('id', SITEID, PARAM_INT); // course id
8$redirect = optional_param('redirect', 0, PARAM_BOOL);
9
10$url = new moodle_url('/course/loginas.php', array('id'=>$id));
11$PAGE->set_url($url);
06236985 12
71298fea 13// Reset user back to their real self if needed, for security reasons you need to log out and log in again.
d79d5ac2 14if (\core\session\manager::is_loggedinas()) {
3406acde 15 require_sesskey();
e884f63a 16 require_logout();
0be6f678 17
9d4f9495
PS
18 // We can not set wanted URL here because the session is closed.
19 redirect(new moodle_url($url, array('redirect'=>1)));
20}
21
22if ($redirect) {
e884f63a
PS
23 if ($id and $id != SITEID) {
24 $SESSION->wantsurl = "$CFG->wwwroot/course/view.php?id=".$id;
3406acde 25 } else {
e884f63a 26 $SESSION->wantsurl = "$CFG->wwwroot/";
65ccdd8c 27 }
e884f63a
PS
28
29 redirect(get_login_url());
3406acde 30}
65ccdd8c 31
71298fea
RT
32// Try log in as this user.
33$userid = required_param('user', PARAM_INT);
55577667 34
3406acde 35require_sesskey();
74df2951 36$course = $DB->get_record('course', array('id'=>$id), '*', MUST_EXIST);
7c242841 37
71298fea 38// User must be logged in.
6c95827f 39
9a5e297b
AA
40$systemcontext = context_system::instance();
41$coursecontext = context_course::instance($course->id);
f6f66b03 42
3406acde 43require_login();
f6f66b03 44
3406acde
SH
45if (has_capability('moodle/user:loginas', $systemcontext)) {
46 if (is_siteadmin($userid)) {
47 print_error('nologinas');
48 }
49 $context = $systemcontext;
50 $PAGE->set_context($context);
51} else {
52 require_login($course);
53 require_capability('moodle/user:loginas', $coursecontext);
54 if (is_siteadmin($userid)) {
55 print_error('nologinas');
56 }
57 if (!is_enrolled($coursecontext, $userid)) {
58 print_error('usernotincourse');
7c242841 59 }
3406acde 60 $context = $coursecontext;
3231c8cb
RT
61
62 // Check if course has SEPARATEGROUPS and user is part of that group.
63 if (groups_get_course_groupmode($course) == SEPARATEGROUPS &&
64 !has_capability('moodle/site:accessallgroups', $context)) {
65 $samegroup = false;
66 if ($groups = groups_get_all_groups($course->id, $USER->id)) {
67 foreach ($groups as $group) {
68 if (groups_is_member($group->id, $userid)) {
69 $samegroup = true;
70 break;
71 }
72 }
73 }
74 if (!$samegroup) {
75 print_error('nologinas');
76 }
77 }
3406acde 78}
7c242841 79
71298fea 80// Login as this user and return to course home page.
d79d5ac2 81\core\session\manager::loginas($userid, $context);
93dda3bf
RW
82// Add a notification to let the logged in as user know that all content will be force cleaned
83// while in this session.
84\core\notification::info(get_string('sessionforceclean', 'core'));
3406acde 85$newfullname = fullname($USER, true);
f9903ed0 86
3406acde
SH
87$strloginas = get_string('loginas');
88$strloggedinas = get_string('loggedinas', '', $newfullname);
aa6c1ced 89
3406acde 90$PAGE->set_title($strloggedinas);
b36781d7 91$PAGE->set_heading($course->fullname);
3406acde
SH
92$PAGE->navbar->add($strloggedinas);
93notice($strloggedinas, "$CFG->wwwroot/course/view.php?id=$course->id");