MDL-69093 enrol_manual: added check for allowed roles a user can assign
[moodle.git] / enrol / manual / ajax.php
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
17 /**
18  * This file processes AJAX enrolment actions and returns JSON for the manual enrolments plugin
19  *
20  * The general idea behind this file is that any errors should throw exceptions
21  * which will be returned and acted upon by the calling AJAX script.
22  *
23  * @package    enrol_manual
24  * @copyright  2010 Sam Hemelryk
25  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26  */
28 define('AJAX_SCRIPT', true);
30 require('../../config.php');
31 require_once($CFG->dirroot.'/enrol/locallib.php');
32 require_once($CFG->dirroot.'/group/lib.php');
33 require_once($CFG->dirroot.'/enrol/manual/locallib.php');
34 require_once($CFG->dirroot.'/cohort/lib.php');
35 require_once($CFG->dirroot . '/enrol/manual/classes/enrol_users_form.php');
37 $id      = required_param('id', PARAM_INT); // Course id.
38 $action  = required_param('action', PARAM_ALPHANUMEXT);
40 $PAGE->set_url(new moodle_url('/enrol/ajax.php', array('id'=>$id, 'action'=>$action)));
42 $course = $DB->get_record('course', array('id'=>$id), '*', MUST_EXIST);
43 $context = context_course::instance($course->id, MUST_EXIST);
45 if ($course->id == SITEID) {
46     throw new moodle_exception('invalidcourse');
47 }
49 require_login($course);
50 require_capability('moodle/course:enrolreview', $context);
51 require_sesskey();
53 echo $OUTPUT->header(); // Send headers.
55 $manager = new course_enrolment_manager($PAGE, $course);
57 $outcome = new stdClass();
58 $outcome->success = true;
59 $outcome->response = new stdClass();
60 $outcome->error = '';
61 $outcome->count = 0;
63 $searchanywhere = get_user_preferences('userselector_searchanywhere', false);
65 switch ($action) {
66     case 'enrol':
67         $enrolid = required_param('enrolid', PARAM_INT);
68         $cohorts = $users = [];
70         $userids = optional_param_array('userlist', [], PARAM_SEQUENCE);
71         $userid = optional_param('userid', 0, PARAM_INT);
72         if ($userid) {
73             $userids[] = $userid;
74         }
75         if ($userids) {
76             foreach ($userids as $userid) {
77                 $users[] = $DB->get_record('user', array('id' => $userid), '*', MUST_EXIST);
78             }
79         }
80         $cohortids = optional_param_array('cohortlist', [], PARAM_SEQUENCE);
81         $cohortid = optional_param('cohortid', 0, PARAM_INT);
82         if ($cohortid) {
83             $cohortids[] = $cohortid;
84         }
85         if ($cohortids) {
86             foreach ($cohortids as $cohortid) {
87                 $cohort = $DB->get_record('cohort', array('id' => $cohortid), '*', MUST_EXIST);
88                 if (!cohort_can_view_cohort($cohort, $context)) {
89                     throw new enrol_ajax_exception('invalidenrolinstance'); // TODO error text!
90                 }
91                 $cohorts[] = $cohort;
92             }
93         }
95         $roleid = optional_param('roletoassign', null, PARAM_INT);
96         $duration = optional_param('duration', 0, PARAM_INT);
97         $startdate = optional_param('startdate', 0, PARAM_INT);
98         $recovergrades = optional_param('recovergrades', 0, PARAM_INT);
99         $timeend = optional_param_array('timeend', [], PARAM_INT);
101         if (empty($roleid)) {
102             $roleid = null;
103         } else {
104             if (!has_capability('moodle/role:assign', $context)) {
105                 throw new enrol_ajax_exception('assignnotpermitted');
106             }
107             if (!array_key_exists($roleid, get_assignable_roles($context, ROLENAME_ALIAS, false))) {
108                 throw new enrol_ajax_exception('invalidrole');
109             }
110         }
112         if (empty($startdate)) {
113             if (!$startdate = get_config('enrol_manual', 'enrolstart')) {
114                 // Default to now if there is no system setting.
115                 $startdate = 4;
116             }
117         }
119         switch($startdate) {
120             case 2:
121                 $timestart = $course->startdate;
122                 break;
123             case 4:
124                 // We mimic get_enrolled_sql round(time(), -2) but always floor as we want users to always access their
125                 // courses once they are enrolled.
126                 $timestart = intval(substr(time(), 0, 8) . '00') - 1;
127                 break;
128             case 3:
129             default:
130                 $today = time();
131                 $today = make_timestamp(date('Y', $today), date('m', $today), date('d', $today), 0, 0, 0);
132                 $timestart = $today;
133                 break;
134         }
135         if ($timeend) {
136             $timeend = make_timestamp($timeend['year'], $timeend['month'], $timeend['day'], $timeend['hour'], $timeend['minute']);
137         } else if ($duration <= 0) {
138             $timeend = 0;
139         } else {
140             $timeend = $timestart + $duration;
141         }
143         $mform = new enrol_manual_enrol_users_form(null, (object)["context" => $context]);
144         $userenroldata = [
145                 'startdate' => $timestart,
146                 'timeend' => $timeend,
147         ];
148         $mform->set_data($userenroldata);
149         $validationerrors = $mform->validation($userenroldata, null);
150         if (!empty($validationerrors)) {
151             throw new enrol_ajax_exception('invalidenrolduration');
152         }
154         $instances = $manager->get_enrolment_instances();
155         $plugins = $manager->get_enrolment_plugins(true); // Do not allow actions on disabled plugins.
156         if (!array_key_exists($enrolid, $instances)) {
157             throw new enrol_ajax_exception('invalidenrolinstance');
158         }
159         $instance = $instances[$enrolid];
160         if (!isset($plugins[$instance->enrol])) {
161             throw new enrol_ajax_exception('enrolnotpermitted');
162         }
163         $plugin = $plugins[$instance->enrol];
164         if ($plugin->allow_enrol($instance) && has_capability('enrol/'.$plugin->get_name().':enrol', $context)) {
165             foreach ($users as $user) {
166                 $plugin->enrol_user($instance, $user->id, $roleid, $timestart, $timeend, null, $recovergrades);
167             }
168             $outcome->count += count($users);
169             foreach ($cohorts as $cohort) {
170                 $totalenrolledusers = $plugin->enrol_cohort($instance, $cohort->id, $roleid, $timestart, $timeend, null, $recovergrades);
171                 $outcome->count += $totalenrolledusers;
172             }
173         } else {
174             throw new enrol_ajax_exception('enrolnotpermitted');
175         }
176         $outcome->success = true;
177         break;
179     default:
180         throw new enrol_ajax_exception('unknowajaxaction');
183 echo json_encode($outcome);