Merge branch 'MDL-38763-master-amd' of git://github.com/mastnym/moodle
authorDan Poltawski <dan@moodle.com>
Tue, 1 Sep 2015 11:17:05 +0000 (12:17 +0100)
committerDan Poltawski <dan@moodle.com>
Tue, 1 Sep 2015 11:17:05 +0000 (12:17 +0100)
admin/roles/ajax.php [new file with mode: 0644]
admin/roles/classes/capability_table_base.php
admin/roles/classes/capability_table_with_risks.php
admin/roles/classes/check_capability_table.php
admin/roles/classes/permissions_table.php
admin/roles/permissions.php
lang/en/role.php
lib/amd/build/permissionmanager.min.js [new file with mode: 0644]
lib/amd/src/permissionmanager.js [new file with mode: 0644]
lib/templates/permissionmanager_panelcontent.mustache [new file with mode: 0644]
lib/templates/permissionmanager_role.mustache [new file with mode: 0644]

diff --git a/admin/roles/ajax.php b/admin/roles/ajax.php
new file mode 100644 (file)
index 0000000..717b8f2
--- /dev/null
@@ -0,0 +1,81 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * This file processes AJAX requests and returns JSON
+ *
+ * This is a server part of yui permissions manager module
+ *
+ * @package core_role
+ * @copyright 2015 Martin Mastny
+ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+define('AJAX_SCRIPT', true);
+
+require(__DIR__ . '/../../config.php');
+
+$contextid = required_param('contextid', PARAM_INT);
+$getroles = optional_param('getroles', 0, PARAM_BOOL);
+
+list($context, $course, $cm) = get_context_info_array($contextid);
+
+require_login($course, false, $cm);
+require_capability('moodle/role:review', $context);
+require_sesskey();
+
+list($overridableroles, $overridecounts, $nameswithcounts) = get_overridable_roles($context,
+        ROLENAME_BOTH, true);
+
+if ($getroles) {
+    echo json_encode($overridableroles);
+    die();
+}
+
+$capability = required_param('capability', PARAM_CAPABILITY);
+$roleid = required_param('roleid', PARAM_INT);
+$action = required_param('action', PARAM_ALPHA);
+
+$capability = $DB->get_record('capabilities', array('name' => $capability), '*', MUST_EXIST);
+
+if (!isset($overridableroles[$roleid])) {
+    throw new moodle_exception('invalidarguments');
+}
+
+if (!has_capability('moodle/role:override', $context)) {
+    if (!has_capability('moodle/role:safeoverride', $context) || !is_safe_capability($capability)) {
+        require_capability('moodle/role:override', $context);
+    }
+}
+
+switch ($action) {
+    case 'allow':
+        role_change_permission($roleid, $context, $capability->name, CAP_ALLOW);
+        break;
+    case 'prevent':
+        role_change_permission($roleid, $context, $capability->name, CAP_PREVENT);
+        break;
+    case 'prohibit':
+        role_change_permission($roleid, $context, $capability->name, CAP_PROHIBIT);
+        break;
+    case 'unprohibit':
+        role_change_permission($roleid, $context, $capability->name, CAP_INHERIT);
+        break;
+    default:
+        throw new moodle_exception('invalidarguments');
+}
+
+echo json_encode($action);
+die();
\ No newline at end of file
index b46c137..2765659 100644 (file)
@@ -106,18 +106,22 @@ abstract class core_role_capability_table_base {
             $component = $capability->component;
 
             // Start the row.
-            echo '<tr class="' . implode(' ', array_unique(array_merge(array('rolecap'),
-                    $this->get_row_classes($capability)))) . '">';
+            $rowattributes = $this->get_row_attributes($capability);
+            // Handle class attributes same as other.
+            $rowclasses = array_unique(array_merge(array('rolecap'), $this->get_row_classes($capability)));
+            if (array_key_exists('class', $rowattributes)) {
+                $rowclasses = array_unique(array_merge($rowclasses, array($rowattributes['class'])));
+            }
+            $rowattributes['class']  = implode(' ', $rowclasses);
 
             // Table cell for the capability name.
-            echo '<th scope="row" class="name"><span class="cap-desc">' . get_capability_docs_link($capability) .
+            $contents = '<th scope="row" class="name"><span class="cap-desc">' . get_capability_docs_link($capability) .
                 '<span class="cap-name">' . $capability->name . '</span></span></th>';
 
             // Add the cells specific to this table.
-            $this->add_row_cells($capability);
+            $contents .= $this->add_row_cells($capability);
 
-            // End the row.
-            echo "</tr>\n";
+            echo html_writer::tag('tr', $contents, $rowattributes);
         }
 
         // End of the table.
@@ -167,6 +171,17 @@ abstract class core_role_capability_table_base {
         return array();
     }
 
+    /**
+     * For subclasses to override. Additional attributes to be added to
+     * each table row for the capability
+     *
+     * @param stdClass $capability the capability this row relates to.
+     * @return array attribute names and their values.
+     */
+    protected function get_row_attributes($capability) {
+        return array();
+    }
+
     /**
      * For subclasses to override. Output the data cells for this capability. The
      * capability name cell will already have been output.
@@ -174,6 +189,7 @@ abstract class core_role_capability_table_base {
      * You can rely on get_row_classes always being called before add_row_cells.
      *
      * @param stdClass $capability the capability this row relates to.
+     * @return string html of row cells
      */
     protected abstract function add_row_cells($capability);
 }
index 5fd57dd..b0480b0 100644 (file)
@@ -165,13 +165,15 @@ abstract class core_role_capability_table_with_risks extends core_role_capabilit
     protected function add_row_cells($capability) {
         $this->add_permission_cells($capability);
         // One cell for each possible risk.
+        $cells = '';
         foreach ($this->allrisks as $riskname => $risk) {
-            echo '<td class="risk ' . str_replace('risk', '', $riskname) . '">';
+            $cells .= '<td class="risk ' . str_replace('risk', '', $riskname) . '">';
             if ($risk & (int)$capability->riskbitmask) {
-                echo $this->get_risk_icon($riskname);
+                $cells .= $this->get_risk_icon($riskname);
             }
-            echo '</td>';
+            $cells .= '</td>';
         }
+        return $cells;
     }
 
     /**
index 20f9370..b716ae5 100644 (file)
@@ -79,6 +79,6 @@ class core_role_check_capability_table extends core_role_capability_table_base {
         $a->fullname = $this->fullname;
         $a->capability = $capability->name;
         $a->context = $this->contextname;
-        echo '<td>' . $result . '</td>';
+        return '<td>' . $result . '</td>';
     }
 }
index aa9a2f4..9f339d8 100644 (file)
@@ -67,6 +67,8 @@ class core_role_permissions_table extends core_role_capability_table_base {
 
     protected function add_row_cells($capability) {
         global $OUTPUT, $PAGE;
+        $renderer = $PAGE->get_renderer('core');
+        $adminurl = new moodle_url("/admin/");
 
         $context = $this->context;
         $contextid = $this->context->id;
@@ -75,7 +77,6 @@ class core_role_permissions_table extends core_role_capability_table_base {
         $overridableroles = $this->overridableroles;
         $roles = $this->roles;
 
-
         list($needed, $forbidden) = get_roles_with_cap_in_context($context, $capability->name);
         $neededroles    = array();
         $forbiddenroles = array();
@@ -91,40 +92,50 @@ class core_role_permissions_table extends core_role_capability_table_base {
 
         foreach ($roles as $id => $name) {
             if (isset($needed[$id])) {
-                $neededroles[$id] = $roles[$id];
+                $templatecontext = array("rolename" => $name, "roleid" => $id, "action" => "prevent", "spanclass" => "allowed",
+                                  "linkclass" => "preventlink", "adminurl" => $adminurl->out(), "imageurl" => "");
                 if (isset($overridableroles[$id]) and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) {
-                    $preventurl = new moodle_url($PAGE->url, array('contextid'=>$contextid, 'roleid'=>$id, 'capability'=>$capability->name, 'prevent'=>1));
-                    $neededroles[$id] .= $OUTPUT->action_icon($preventurl, new pix_icon('t/delete', get_string('prevent', 'core_role')));
+                    $templatecontext['imageurl'] = $renderer->pix_url('t/delete');
                 }
+                $neededroles[$id] = $renderer->render_from_template('core/permissionmanager_role', $templatecontext);
             }
         }
-        $neededroles = implode(', ', $neededroles);
+        $neededroles = implode(' ', $neededroles);
         foreach ($roles as $id => $name) {
             if (isset($forbidden[$id])  and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) {
-                $forbiddenroles[$id] = $roles[$id];
+                $templatecontext = array("rolename" => $name, "roleid" => $id, "action" => "unprohibit",
+                                "spanclass" => "forbidden", "linkclass" => "unprohibitlink", "adminurl" => $adminurl->out(),
+                                "imageurl" => "");
                 if (isset($overridableroles[$id]) and prohibit_is_removable($id, $context, $capability->name)) {
-                    $unprohibiturl = new moodle_url($PAGE->url, array('contextid'=>$contextid, 'roleid'=>$id, 'capability'=>$capability->name, 'unprohibit'=>1));
-                    $forbiddenroles[$id] .= $OUTPUT->action_icon($unprohibiturl, new pix_icon('t/delete', get_string('delete')));
+                    $templatecontext['imageurl'] = $renderer->pix_url('t/delete');
                 }
+                $forbiddenroles[$id] = $renderer->render_from_template('core/permissionmanager_role', $templatecontext);
             }
         }
-        $forbiddenroles = implode(', ', $forbiddenroles);
+        $forbiddenroles = implode(' ', $forbiddenroles);
 
         if ($allowable and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) {
-            $allowurl = new moodle_url($PAGE->url, array('contextid'=>$contextid, 'capability'=>$capability->name, 'allow'=>1));
-            $neededroles .= '<div class="allowmore">'.$OUTPUT->action_icon($allowurl, new pix_icon('t/add', get_string('allow', 'core_role'))).'</div>';
+            $allowurl = new moodle_url($PAGE->url, array('contextid' => $contextid,
+                                       'capability' => $capability->name, 'allow' => 1));
+            $allowicon = $OUTPUT->action_icon($allowurl, new pix_icon('t/add', get_string('allow', 'core_role')), null,
+                                            array('class' => 'allowlink', 'data-action' => 'allow'));
+            $neededroles .= html_writer::div($allowicon, 'allowmore');
         }
 
         if ($forbitable and ($allowoverrides or ($allowsafeoverrides and is_safe_capability($capability)))) {
-            $prohibiturl = new moodle_url($PAGE->url, array('contextid'=>$contextid, 'capability'=>$capability->name, 'prohibit'=>1));
-            $forbiddenroles .= '<div class="prohibitmore">'.$OUTPUT->action_icon($prohibiturl, new pix_icon('t/add', get_string('prohibit', 'core_role'))).'</div>';
+            $prohibiturl = new moodle_url($PAGE->url, array('contextid' => $contextid,
+                                          'capability' => $capability->name, 'prohibit' => 1));
+            $prohibiticon = $OUTPUT->action_icon($prohibiturl, new pix_icon('t/add', get_string('prohibit', 'core_role')), null,
+                                                array('class' => 'prohibitlink', 'data-action' => 'prohibit'));
+            $forbiddenroles .= html_writer::div($prohibiticon, 'prohibitmore');
         }
 
         $risks = $this->get_risks($capability);
 
-        echo '<td>' . $risks . '</td>';
-        echo '<td>' . $neededroles . '</td>';
-        echo '<td>' . $forbiddenroles . '</td>';
+        $contents = html_writer::tag('td', $risks, array('class' => 'risks'));
+        $contents .= html_writer::tag('td', $neededroles, array('class' => 'allowedroles'));
+        $contents .= html_writer::tag('td', $forbiddenroles, array('class' => 'forbiddenroles'));
+        return $contents;
     }
 
     protected function get_risks($capability) {
@@ -147,4 +158,18 @@ class core_role_permissions_table extends core_role_capability_table_base {
 
         return $return;
     }
+
+    /**
+     * Add additional attributes to row
+     *
+     * @param stdClass $capability capability that this table row relates to.
+     * @return array key value pairs of attribute names and values.
+     */
+    protected function get_row_attributes($capability) {
+        return array(
+                'data-id' => $capability->id,
+                'data-name' => $capability->name,
+                'data-humanname' => get_capability_string($capability->name),
+        );
+    }
 }
index 841732d..c83f819 100644 (file)
@@ -195,6 +195,15 @@ if ($capability && ($allowoverrides || ($allowsafeoverrides && is_safe_capabilit
 echo $OUTPUT->header();
 echo $OUTPUT->heading($title);
 
+$adminurl = new moodle_url('/admin/');
+$arguments = array('contextid' => $contextid,
+                'contextname' => $contextname,
+                'adminurl' => $adminurl->out());
+$PAGE->requires->strings_for_js(
+                                array('roleprohibitinfo', 'roleprohibitheader', 'roleallowinfo', 'roleallowheader',
+                                    'confirmunassigntitle', 'confirmroleunprohibit', 'confirmroleprevent', 'confirmunassignyes',
+                                    'confirmunassignno'), 'core_role');
+$PAGE->requires->js_call_amd('core/permissionmanager', 'initialize', array($arguments));
 $table = new core_role_permissions_table($context, $contextname, $allowoverrides, $allowsafeoverrides, $overridableroles);
 echo $OUTPUT->box_start('generalbox capbox');
 // Print link to advanced override page.
index 5c1eebd..544229a 100644 (file)
@@ -112,8 +112,8 @@ $string['community:add'] = 'Use the community block to search hubs and find cour
 $string['community:download'] = 'Download a course from the community block';
 $string['confirmaddadmin'] = 'Do you really want to add user <strong>{$a}</strong> as new site administrator?';
 $string['confirmdeladmin'] = 'Do you really want to remove user <strong>{$a}</strong> from the list of site administrators?';
-$string['confirmroleprevent'] = 'Do you really want to remove <strong>{$a->role}</strong> from the list of allowed roles for capability {$a->cap} in context {$a->context}?';
-$string['confirmroleunprohibit'] = 'Do you really want to remove <strong>{$a->role}</strong> from the list of prohibited roles for capability {$a->cap} in context {$a->context}?';
+$string['confirmroleprevent'] = 'Do you really want to remove <strong>"{$a->role}"</strong> from the list of allowed roles for capability "{$a->cap}" in context "{$a->context}"?';
+$string['confirmroleunprohibit'] = 'Do you really want to remove <strong>"{$a->role}"</strong> from the list of prohibited roles for capability "{$a->cap}" in context "{$a->context}"?';
 $string['confirmunassign'] = 'Are you sure you wish to remove this role from this user?';
 $string['confirmunassigntitle'] = 'Confirm role change';
 $string['confirmunassignyes'] = 'Remove';
@@ -321,7 +321,7 @@ $string['restore:userinfo'] = 'Restore user data';
 $string['restore:viewautomatedfilearea'] = 'Restore courses from automated backups';
 $string['risks'] = 'Risks';
 $string['roleallowheader'] = 'Allow role:';
-$string['roleallowinfo'] = 'Select a role to be added to the list of allowed roles in context {$a->context}, capability {$a->cap}:';
+$string['roleallowinfo'] = 'Select a role to be added to the list of allowed roles in context "{$a->context}", capability "{$a->cap}":';
 $string['role:assign'] = 'Assign roles to users';
 $string['roleassignments'] = 'Role assignments';
 $string['roledefinitions'] = 'Role definitions';
@@ -331,7 +331,7 @@ $string['role:manage'] = 'Create and manage roles';
 $string['role:override'] = 'Override permissions for others';
 $string['role:review'] = 'Review permissions for others';
 $string['roleprohibitheader'] = 'Prohibit role';
-$string['roleprohibitinfo'] = 'Select a role to be added to the list of prohibited roles in context {$a->context}, capability {$a->cap}:';
+$string['roleprohibitinfo'] = 'Select a role to be added to the list of prohibited roles in context "{$a->context}", capability "{$a->cap}":';
 $string['rolerisks'] = 'Role risks';
 $string['roles'] = 'Roles';
 $string['roles_help'] = 'A role is a collection of permissions defined for the whole system that you can assign to specific users in specific contexts.';
diff --git a/lib/amd/build/permissionmanager.min.js b/lib/amd/build/permissionmanager.min.js
new file mode 100644 (file)
index 0000000..9f49f4a
Binary files /dev/null and b/lib/amd/build/permissionmanager.min.js differ
diff --git a/lib/amd/src/permissionmanager.js b/lib/amd/src/permissionmanager.js
new file mode 100644 (file)
index 0000000..267f6cb
--- /dev/null
@@ -0,0 +1,260 @@
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+/*
+ * @package    core
+ * @class      permissionmanager
+ * @copyright  2015 Martin Mastny <mastnym@vscht.cz>
+ * @since      3.0
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+
+ /**
+  * @module admin/permissionmanager
+  */
+define(['jquery', 'core/config','core/notification', 'core/templates'], function($, config, notification, templates) {
+
+     /**
+      * Used CSS selectors
+      * @access private
+      */
+    var SELECTORS = {
+        ADDROLE: 'a.allowlink, a.prohibitlink',
+        REMOVEROLE: 'a.preventlink, a.unprohibitlink',
+        UNPROHIBIT: 'a.unprohibitlink'
+        };
+    var rolesloadedevent = $.Event('rolesloaded');
+    var contextid;
+    var contextname;
+    var adminurl;
+    var overideableroles;
+    var panel = null;
+
+    /**
+     * Load all possible roles, which could be assigned from server
+     *
+     * @access private
+     * @method loadOverideableRoles
+     */
+    var loadOverideableRoles = function() {
+        var params = {
+            contextid: contextid,
+            getroles: 1,
+            sesskey: config.sesskey
+        };
+
+        $.post(adminurl + 'roles/ajax.php', params, function() {})
+            .done(function(data) {
+              try {
+                  overideableroles = data;
+                  loadOverideableRoles = function() {
+                      $('body').trigger(rolesloadedevent);
+                  };
+                  loadOverideableRoles();
+              }
+              catch(err) {
+                  notification.exception(err);
+              }
+            })
+            .fail(function(jqXHR, status, error) {
+                notification.exception(error);
+            });
+    };
+
+    /**
+     * Perform the UI changes after server change
+     *
+     * @access private
+     * @method changePermissions
+     * @param {jquery node} row
+     * @param {int} roleid
+     * @param {string} action
+     */
+    var changePermissions = function(row, roleid, action) {
+        var params = {
+            contextid: contextid,
+            roleid: roleid,
+            sesskey: M.cfg.sesskey,
+            action: action,
+            capability: row.data('name')
+        };
+        $.post(adminurl + 'roles/ajax.php', params, function() {})
+        .done(function(data) {
+            var action = data;
+            try {
+                var templatedata = {rolename: overideableroles[roleid],
+                                    roleid: roleid,
+                                    adminurl: adminurl,
+                                    imageurl: M.util.image_url('t/delete', 'moodle')
+                                    };
+                switch (action) {
+                    case 'allow':
+                        templatedata.spanclass = 'allowed';
+                        templatedata.linkclass = 'preventlink';
+                        templatedata.action = 'prevent';
+                        break;
+                    case 'prohibit':
+                        templatedata.spanclass = 'forbidden';
+                        templatedata.linkclass = 'unprohibitlink';
+                        templatedata.action = 'unprohibit';
+                        break;
+                    case 'prevent':
+                        row.find('a[data-role-id="' + roleid + '"]').first().closest('.allowed').remove();
+                        return;
+                    case 'unprohibit':
+                        row.find('a[data-role-id="' + roleid + '"]').first().closest('.forbidden').remove();
+                        return;
+                    default:
+                        return;
+                }
+                templates.render('core/permissionmanager_role',templatedata)
+                .done(function (content) {
+                    if (action == 'allow'){
+                        $(content).insertBefore(row.find('.allowmore:first'));
+                    }else if (action == 'prohibit'){
+                        $(content).insertBefore(row.find('.prohibitmore:first'));
+                        // Remove allowed link
+                        var allowedLink = row.find('.allowedroles').first().find('a[data-role-id="' + roleid + '"]');
+                        if (allowedLink) {
+                            allowedLink.first().closest('.allowed').remove();
+                        }
+                    }
+                    panel.hide();
+                })
+                .fail(notification.exception);
+            }
+            catch(err) {
+                notification.exception(err);
+            }
+        })
+        .fail(function(jqXHR, status, error) {
+            notification.exception(error);
+        });
+    };
+
+    /**
+     * Prompts user for selecting a role which is permitted
+     *
+     * @access private
+     * @method handleAddRole
+     * @param {event} e
+     */
+    var handleAddRole = function(e){
+        e.preventDefault();
+
+        $('body').one('rolesloaded', function() {
+            var link = $(e.currentTarget);
+            var action = link.data('action');
+            var row = link.closest('tr.rolecap');
+            var confirmationDetails = {
+                cap: row.data('humanname'),
+                context: contextname
+            };
+            var message = M.util.get_string('role' + action + 'info', 'core_role', confirmationDetails);
+            if (panel === null){
+                panel = new M.core.dialogue ({
+                    draggable: true,
+                    modal: true,
+                    closeButton: true,
+                    width: '450px'
+                });
+            }
+            panel.set('headerContent', M.util.get_string('role' + action + 'header', 'core_role'));
+
+            var i, existingrolelinks;
+
+            var roles = [];
+            switch (action){
+                case 'allow':
+                    existingrolelinks = row.find(SELECTORS.REMOVEROLE);
+                    break;
+                case 'prohibit':
+                    existingrolelinks = row.find(SELECTORS.UNPROHIBIT);
+                    break;
+            }
+            for (i in overideableroles) {
+                var disabled = '';
+                var disable = existingrolelinks.filter("[data-role-id='" + i + "']").length;
+                if (disable){
+                    disabled = 'disabled';
+                }
+                var roledetails = {roleid:i, rolename: overideableroles[i], disabled:disabled};
+                roles.push(roledetails);
+            }
+
+            templates.render('core/permissionmanager_panelcontent',{message:message, roles:roles})
+            .done(function (content) {
+                panel.set('bodyContent', content);
+                panel.show();
+                $('div.role_buttons').delegate('input', 'click',function(e){
+                    var roleid = $(e.currentTarget).data('role-id');
+                    changePermissions(row, roleid, action);
+                });
+            })
+            .fail(notification.exception);
+
+        });
+        loadOverideableRoles();
+    };
+
+    /**
+     * Prompts user when removing permission
+     *
+     * @access private
+     * @method handleRemoveRole
+     * @param {event} e
+     */
+    var handleRemoveRole = function(e){
+        e.preventDefault();
+        $('body').one('rolesloaded', function() {
+            var link = $(e.currentTarget);
+            var action = link.data('action');
+            var roleid = link.data('role-id');
+            var row = link.closest('tr.rolecap');
+            var questionDetails = {
+                role: overideableroles[roleid],
+                cap: row.data('humanname'),
+                context: contextname
+            };
+
+            notification.confirm(M.util.get_string('confirmunassigntitle', 'core_role'),
+                M.util.get_string('confirmrole' + action, 'core_role',questionDetails),
+                M.util.get_string('confirmunassignyes', 'core_role'),
+                M.util.get_string('confirmunassignno', 'core_role'),
+                function(){
+                   changePermissions(row, roleid, action);
+                }
+            );
+         });
+        loadOverideableRoles();
+    };
+
+    return /** @alias module:core/permissionmanager */ {
+        /**
+         * Initialize permissionmanager
+         * @access public
+         * @param {int} contextid
+         * @param {string} contextname
+         * @param {string} adminurl
+         */
+        initialize : function(args) {
+            contextid = args.contextid;
+            contextname = args.contextname;
+            adminurl = args.adminurl;
+            var body = $('body');
+            body.delegate(SELECTORS.ADDROLE, 'click', handleAddRole);
+            body.delegate(SELECTORS.REMOVEROLE, 'click', handleRemoveRole);
+        }
+    };
+});
\ No newline at end of file
diff --git a/lib/templates/permissionmanager_panelcontent.mustache b/lib/templates/permissionmanager_panelcontent.mustache
new file mode 100644 (file)
index 0000000..06e53fa
--- /dev/null
@@ -0,0 +1,44 @@
+{{!
+    This file is part of Moodle - http://moodle.org/
+
+    Moodle is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    Moodle is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+}}
+{{!
+    @template core/permissionmanager_panelcontent
+
+    Template which defines the inner content of panel when selecting roles.
+
+    Classes required for JS:
+    * none
+
+    Data attributes required for JS:
+    * none
+
+    Context variables required for this template:
+    * confirmation Confirmation text
+    * roles array of role details
+
+    Example context (json):
+    { "message": "Do you really want to remove Non-editing teacher from the list of allowed roles for capability 
+                View added and updated modules in recent activity block?",
+      "roles": [{"roleid": 1, "rolename": "manager", "disabled":"disabled"}]}
+}}
+<div class="popup_content" style="text-align:center;">
+    {{message}} <hr/>
+    <div class="role_buttons">
+        {{#roles}}
+            <input type="button" value="{{rolename}}" data-role-id="{{roleid}}" {{disabled}}/>
+        {{/roles}}
+    </div>
+</div>
\ No newline at end of file
diff --git a/lib/templates/permissionmanager_role.mustache b/lib/templates/permissionmanager_role.mustache
new file mode 100644 (file)
index 0000000..3f16ed5
--- /dev/null
@@ -0,0 +1,53 @@
+{{!
+    This file is part of Moodle - http://moodle.org/
+
+    Moodle is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    Moodle is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+}}
+{{!
+    @template core/permissionmanager_role
+
+    Template which defines the role name in the capability table.
+
+    Classes required for JS:
+    * none
+
+    Data attributes required for JS:
+    * role-id
+    * action
+
+    Context variables required for this template:
+    * rolename Name of the role rendered
+    * roleid Id of the role
+    * action WEhich action is done on click
+    * spanclass class attribute of span
+    * linkclass class attribute of link
+    * adminurl moodle admin url
+    * imageurl moodle url for delete(x) image
+
+    Example context (json):
+    {"rolename" : "Manager",
+     "roleid : 1,
+     "action": "prevent",
+     "spanclass": "allowed",
+     "linkclass": "preventlink",
+     "adminurl" : "http://localhost/moodle/admin/",
+     "imageurl": "http://localhost/moodle/theme/image.php?theme=base&component=core&image=t%2Fdelete"}
+}}
+<span style="display:inline-block;" class="{{spanclass}}">&nbsp;{{rolename}}&nbsp;
+    {{#imageurl}}
+        <a href="{{adminurl}}roles/permissions.php" class="{{linkclass}}" data-role-id="{{roleid}}" data-action="{{action}}">
+            <img src="{{imageurl}}" alt="{{action}}" />
+        </a>
+    {{/imageurl}}
+</span>
\ No newline at end of file