MDL-37082 core_course: create new course_delete_module function that handles the...
[moodle.git] / course / rest.php
CommitLineData
d9cb06dc 1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
19 * Provide interface for topics AJAX course formats
20 *
21 * @copyright 1999 Martin Dougiamas http://dougiamas.com
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 * @package course
24 */
b2054038 25
ff92b711
RK
26if (!defined('AJAX_SCRIPT')) {
27 define('AJAX_SCRIPT', true);
28}
29require_once(dirname(__FILE__) . '/../config.php');
b2054038 30require_once($CFG->dirroot.'/course/lib.php');
b2054038 31
29ca8b88 32// Initialise ALL the incoming parameters here, up front.
33$courseid = required_param('courseId', PARAM_INT);
34$class = required_param('class', PARAM_ALPHA);
b2054038 35$field = optional_param('field', '', PARAM_ALPHA);
36$instanceid = optional_param('instanceId', 0, PARAM_INT);
37$sectionid = optional_param('sectionId', 0, PARAM_INT);
38$beforeid = optional_param('beforeId', 0, PARAM_INT);
39$value = optional_param('value', 0, PARAM_INT);
40$column = optional_param('column', 0, PARAM_ALPHA);
41$id = optional_param('id', 0, PARAM_INT);
42$summary = optional_param('summary', '', PARAM_RAW);
43$sequence = optional_param('sequence', '', PARAM_SEQUENCE);
44$visible = optional_param('visible', 0, PARAM_INT);
49c4d8ca 45$pageaction = optional_param('action', '', PARAM_ALPHA); // Used to simulate a DELETE command
7a9a07d2 46$title = optional_param('title', '', PARAM_TEXT);
b2054038 47
51fc46a3 48$PAGE->set_url('/course/rest.php', array('courseId'=>$courseid,'class'=>$class));
b2054038 49
af189935
PS
50//NOTE: when making any changes here please make sure it is using the same access control as course/mod.php !!
51
ff92b711
RK
52$course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST);
53// Check user is logged in and set contexts if we are dealing with resource
54if (in_array($class, array('resource'))) {
55 $cm = get_coursemodule_from_id(null, $id, $course->id, false, MUST_EXIST);
56 require_login($course, false, $cm);
9a5e297b 57 $modcontext = context_module::instance($cm->id);
ff92b711
RK
58} else {
59 require_login($course);
ff92b711 60}
9a5e297b 61$coursecontext = context_course::instance($course->id);
92942376
PS
62require_sesskey();
63
ff92b711
RK
64echo $OUTPUT->header(); // send headers
65
29ca8b88 66// OK, now let's process the parameters and do stuff
49c4d8ca 67// MDL-10221 the DELETE method is not allowed on some web servers, so we simulate it with the action URL param
68$requestmethod = $_SERVER['REQUEST_METHOD'];
69if ($pageaction == 'DELETE') {
70 $requestmethod = 'DELETE';
71}
72
73switch($requestmethod) {
b2054038 74 case 'POST':
29ca8b88 75
b2054038 76 switch ($class) {
b2054038 77 case 'section':
3440ec12 78
6bb08163 79 if (!$DB->record_exists('course_sections', array('course'=>$course->id, 'section'=>$id))) {
ff92b711 80 throw new moodle_exception('AJAX commands.php: Bad Section ID '.$id);
b2054038 81 }
3440ec12 82
b2054038 83 switch ($field) {
84 case 'visible':
643b1de8 85 require_capability('moodle/course:sectionvisibility', $coursecontext);
ebaa29d1
ARN
86 $resourcestotoggle = set_section_visible($course->id, $id, $value);
87 echo json_encode(array('resourcestotoggle' => $resourcestotoggle));
b2054038 88 break;
89
90 case 'move':
ad778c84 91 require_capability('moodle/course:movesections', $coursecontext);
3440ec12 92 move_section_to($course, $id, $value);
9f3015ec 93 // See if format wants to do something about it
ee7084e9
MG
94 $response = course_get_format($course)->ajax_section_move();
95 if ($response !== null) {
96 echo json_encode($response);
9f3015ec 97 }
b2054038 98 break;
99 }
100 break;
101
102 case 'resource':
b2054038 103 switch ($field) {
104 case 'visible':
af189935 105 require_capability('moodle/course:activityvisibility', $modcontext);
cd9224ab 106 set_coursemodule_visible($cm->id, $value);
b2054038 107 break;
108
109 case 'groupmode':
af189935 110 require_capability('moodle/course:manageactivities', $modcontext);
cd9224ab 111 set_coursemodule_groupmode($cm->id, $value);
b2054038 112 break;
113
ebaa29d1 114 case 'indent':
af189935 115 require_capability('moodle/course:manageactivities', $modcontext);
ebaa29d1
ARN
116 $cm->indent = $value;
117 if ($cm->indent >= 0) {
cd9224ab 118 $DB->update_record('course_modules', $cm);
38b19bbc 119 rebuild_course_cache($cm->course);
607c1bc1 120 }
121 break;
607c1bc1 122
b2054038 123 case 'move':
af189935 124 require_capability('moodle/course:manageactivities', $modcontext);
6bb08163 125 if (!$section = $DB->get_record('course_sections', array('course'=>$course->id, 'section'=>$sectionid))) {
ff92b711 126 throw new moodle_exception('AJAX commands.php: Bad section ID '.$sectionid);
b2054038 127 }
3440ec12 128
b2054038 129 if ($beforeid > 0){
cd9224ab 130 $beforemod = get_coursemodule_from_id('', $beforeid, $course->id);
6bb08163 131 $beforemod = $DB->get_record('course_modules', array('id'=>$beforeid));
b2054038 132 } else {
133 $beforemod = NULL;
134 }
135
cd9224ab 136 moveto_module($cm, $section, $beforemod);
b2054038 137 break;
7a9a07d2
ARN
138 case 'gettitle':
139 require_capability('moodle/course:manageactivities', $modcontext);
140 $cm = get_coursemodule_from_id('', $id, 0, false, MUST_EXIST);
141 $module = new stdClass();
142 $module->id = $cm->instance;
143
144 // Don't pass edit strings through multilang filters - we need the entire string
145 echo json_encode(array('instancename' => $cm->name));
146 break;
147 case 'updatetitle':
148 require_capability('moodle/course:manageactivities', $modcontext);
a71d9a94 149 require_once($CFG->libdir . '/gradelib.php');
7a9a07d2
ARN
150 $cm = get_coursemodule_from_id('', $id, 0, false, MUST_EXIST);
151 $module = new stdClass();
152 $module->id = $cm->instance;
153
154 // Escape strings as they would be by mform
155 if (!empty($CFG->formatstringstriptags)) {
156 $module->name = clean_param($title, PARAM_TEXT);
157 } else {
158 $module->name = clean_param($title, PARAM_CLEANHTML);
159 }
160
161 if (!empty($module->name)) {
162 $DB->update_record($cm->modname, $module);
38b19bbc 163 rebuild_course_cache($cm->course);
7a9a07d2
ARN
164 } else {
165 $module->name = $cm->name;
166 }
167
a71d9a94
ARN
168 // Attempt to update the grade item if relevant
169 $grademodule = $DB->get_record($cm->modname, array('id' => $cm->instance));
170 $grademodule->cmidnumber = $cm->idnumber;
171 $grademodule->modname = $cm->modname;
172 grade_update_mod_grades($grademodule);
173
7a9a07d2
ARN
174 // We need to return strings after they've been through filters for multilang
175 $stringoptions = new stdClass;
176 $stringoptions->context = $coursecontext;
e275e8c3 177 echo json_encode(array('instancename' => html_entity_decode(format_string($module->name, true, $stringoptions))));
7a9a07d2 178 break;
b2054038 179 }
180 break;
3440ec12 181
182 case 'course':
b2054038 183 switch($field) {
184 case 'marker':
643b1de8 185 require_capability('moodle/course:setcurrentsection', $coursecontext);
93d46f48 186 course_set_marker($course->id, $value);
b2054038 187 break;
188 }
189 break;
190 }
191 break;
192
193 case 'DELETE':
194 switch ($class) {
b2054038 195 case 'resource':
af189935 196 require_capability('moodle/course:manageactivities', $modcontext);
a347aee3 197 course_delete_module($cm->id);
b2054038 198 break;
199 }
200 break;
201}