* @name $ACCESSLIB_PRIVATE
*/
global $ACCESSLIB_PRIVATE;
-$ACCESSLIB_PRIVATE = new stdClass;
-$ACCESSLIB_PRIVATE->contexts = array(); // Cache of context objects by level and instance
-$ACCESSLIB_PRIVATE->contextsbyid = array(); // Cache of context objects by id
-$ACCESSLIB_PRIVATE->systemcontext = NULL; // Used in get_system_context
-$ACCESSLIB_PRIVATE->dirtycontexts = NULL; // Dirty contexts cache
+$ACCESSLIB_PRIVATE = new stdClass();
+$ACCESSLIB_PRIVATE->contexts = array(); // Cache of context objects by level and instance
+$ACCESSLIB_PRIVATE->contextsbyid = array(); // Cache of context objects by id
+$ACCESSLIB_PRIVATE->systemcontext = null; // Used in get_system_context
+$ACCESSLIB_PRIVATE->dirtycontexts = null; // Dirty contexts cache
$ACCESSLIB_PRIVATE->accessdatabyuser = array(); // Holds the $accessdata structure for users other than $USER
-$ACCESSLIB_PRIVATE->roledefinitions = array(); // role definitions cache - helps a lot with mem usage in cron
-$ACCESSLIB_PRIVATE->croncache = array(); // Used in get_role_access
+$ACCESSLIB_PRIVATE->roledefinitions = array(); // role definitions cache - helps a lot with mem usage in cron
+$ACCESSLIB_PRIVATE->croncache = array(); // Used in get_role_access
$ACCESSLIB_PRIVATE->preloadedcourses = array(); // Used in preload_course_contexts.
-$ACCESSLIB_PRIVATE->capabilities = NULL; // detailed information about the capabilities
+$ACCESSLIB_PRIVATE->capabilities = null; // detailed information about the capabilities
/**
* Clears accesslib's private caches. ONLY BE USED BY UNIT TESTS
* This method should ONLY BE USED BY UNIT TESTS. It clears all of
* accesslib's private caches. You need to do this before setting up test data,
* and also at the end of the tests.
- * @global object
- * @global object
- * @global object
*/
function accesslib_clear_all_caches_for_unit_testing() {
global $UNITTEST, $USER, $ACCESSLIB_PRIVATE;
if (empty($UNITTEST->running)) {
throw new coding_exception('You must not call clear_all_caches outside of unit tests.');
}
- $ACCESSLIB_PRIVATE->contexts = array();
- $ACCESSLIB_PRIVATE->contextsbyid = array();
- $ACCESSLIB_PRIVATE->systemcontext = NULL;
- $ACCESSLIB_PRIVATE->dirtycontexts = NULL;
+ $ACCESSLIB_PRIVATE->contexts = array();
+ $ACCESSLIB_PRIVATE->contextsbyid = array();
+ $ACCESSLIB_PRIVATE->systemcontext = null;
+ $ACCESSLIB_PRIVATE->dirtycontexts = null;
$ACCESSLIB_PRIVATE->accessdatabyuser = array();
- $ACCESSLIB_PRIVATE->roledefinitions = array();
- $ACCESSLIB_PRIVATE->croncache = array();
+ $ACCESSLIB_PRIVATE->roledefinitions = array();
+ $ACCESSLIB_PRIVATE->croncache = array();
$ACCESSLIB_PRIVATE->preloadedcourses = array();
- $ACCESSLIB_PRIVATE->capabilities = NULL;
+ $ACCESSLIB_PRIVATE->capabilities = null;
unset($USER->access);
}
/**
* Private function. Add a context object to accesslib's caches.
- * @global object
+ *
* @param object $context
+ * @return void
*/
function cache_context($context) {
global $ACCESSLIB_PRIVATE;
/**
* This is really slow!!! do not use above course context level
*
- * @global object
* @param int $roleid
* @param object $context
* @return array
/**
* Gets the accessdata for role "sitewide" (system down to course)
*
- * @global object
- * @global object
* @param int $roleid
- * @param array $accessdata defaults to NULL
+ * @param array $accessdata defaults to null
* @return array
*/
-function get_role_access($roleid, $accessdata=NULL) {
-
+function get_role_access($roleid, $accessdata = null) {
global $CFG, $DB;
/* Get it in 1 cheap DB query...
/**
* Gets the accessdata for role "sitewide" (system down to course)
*
- * @global object
- * @global object
* @param int $roleid
- * @param array $accessdata defaults to NULL
+ * @param array $accessdata defaults to null
* @return array
*/
-function get_default_frontpage_role_access($roleid, $accessdata=NULL) {
+function get_default_frontpage_role_access($roleid, $accessdata = null) {
global $CFG, $DB;
/**
* Get the default guest role
*
- * @global object
- * @global object
- * @return object role
+ * @return stdClass role
*/
function get_guest_role() {
global $CFG, $DB;
*
* @param string $capability the name of the capability to check. For example mod/forum:view
* @param object $context the context to check the capability in. You normally get this with {@link get_context_instance}.
- * @param integer|object $user A user id or object. By default (NULL) checks the permissions of the current user.
+ * @param integer|object $user A user id or object. By default (null) checks the permissions of the current user.
* @param boolean $doanything If false, ignores effect of admin role assignment
* @return boolean true if the user has this capability. Otherwise false.
*/
-function has_capability($capability, $context, $user = NULL, $doanything=true) {
+function has_capability($capability, $context, $user = null, $doanything = true) {
global $USER, $CFG, $DB, $SCRIPT, $ACCESSLIB_PRIVATE;
if (during_initial_install()) {
}
// make sure there is a real user specified
- if ($user === NULL) {
+ if ($user === null) {
$userid = !empty($USER->id) ? $USER->id : 0;
} else {
$userid = !empty($user->id) ? $user->id : $user;
// In cron, some modules setup a 'fake' $USER,
// ensure we load the appropriate accessdata.
if (isset($ACCESSLIB_PRIVATE->accessdatabyuser[$userid])) {
- $ACCESSLIB_PRIVATE->dirtycontexts = NULL; //load fresh dirty contexts
+ $ACCESSLIB_PRIVATE->dirtycontexts = null; //load fresh dirty contexts
} else {
load_user_accessdata($userid);
$ACCESSLIB_PRIVATE->dirtycontexts = array();
* @see has_capability()
* @param array $capabilities an array of capability names.
* @param object $context the context to check the capability in. You normally get this with {@link get_context_instance}.
- * @param integer $userid A user id. By default (NULL) checks the permissions of the current user.
+ * @param integer $userid A user id. By default (null) checks the permissions of the current user.
* @param boolean $doanything If false, ignore effect of admin role assignment
* @return boolean true if the user has any of these capabilities. Otherwise false.
*/
-function has_any_capability($capabilities, $context, $userid=NULL, $doanything=true) {
+function has_any_capability($capabilities, $context, $userid = null, $doanything = true) {
if (!is_array($capabilities)) {
debugging('Incorrect $capabilities parameter in has_any_capabilities() call - must be an array');
return false;
* @see has_capability()
* @param array $capabilities an array of capability names.
* @param object $context the context to check the capability in. You normally get this with {@link get_context_instance}.
- * @param integer $userid A user id. By default (NULL) checks the permissions of the current user.
+ * @param integer $userid A user id. By default (null) checks the permissions of the current user.
* @param boolean $doanything If false, ignore effect of admin role assignment
* @return boolean true if the user has all of these capabilities. Otherwise false.
*/
-function has_all_capabilities($capabilities, $context, $userid=NULL, $doanything=true) {
+function has_all_capabilities($capabilities, $context, $userid = null, $doanything = true) {
if (!is_array($capabilities)) {
debugging('Incorrect $capabilities parameter in has_all_capabilities() call - must be an array');
return false;
* @param int|object $user_or_id user id or user object
* @returns bool true if user is one of the administrators, false otherwise
*/
-function is_siteadmin($user_or_id = NULL) {
+function is_siteadmin($user_or_id = null) {
global $CFG, $USER;
- if ($user_or_id === NULL) {
+ if ($user_or_id === null) {
$user_or_id = $USER;
}
/**
* Returns true if user has at least one role assign
* of 'coursecontact' role (is potentially listed in some course descriptions).
+ *
* @param $userid
- * @return unknown_type
+ * @return stdClass
*/
function has_coursecontact_role($userid) {
global $DB, $CFG;
foreach ($paths as $path) {
if (isset($accessdata['rsw'][$path])) {
// Found a switchrole assignment - check for that role _plus_ the default user role
- $roles = array($accessdata['rsw'][$path]=>NULL, $CFG->defaultuserroleid=>NULL);
+ $roles = array($accessdata['rsw'][$path]=>null, $CFG->defaultuserroleid=>null);
$switchedrole = true;
break;
}
foreach ($paths as $path) {
if (isset($accessdata['ra'][$path])) {
foreach ($accessdata['ra'][$path] as $roleid) {
- $roles[$roleid] = NULL;
+ $roles[$roleid] = null;
}
}
}
$roles = array();
// From the bottom up...
- for ($n=$cc-1;$n>=0;$n--) {
+ for ($n=$cc-1; $n>=0; $n--) {
$ctxp = $contexts[$n];
if (isset($accessdata['ra'][$ctxp]) && count($accessdata['ra'][$ctxp])) {
// Found assignments on this leaf
*
* @param string $capability the name of the capability to check. For example mod/forum:view
* @param object $context the context to check the capability in. You normally get this with {@link get_context_instance}.
- * @param integer $userid A user id. By default (NULL) checks the permissions of the current user.
+ * @param integer $userid A user id. By default (null) checks the permissions of the current user.
* @param bool $doanything If false, ignore effect of admin role assignment
* @param string $errorstring The error string to to user. Defaults to 'nopermissions'.
* @param string $stringfile The language file to load the error string from. Defaults to 'error'.
* @return void terminates with an error if the user does not have the given capability.
*/
-function require_capability($capability, $context, $userid = NULL, $doanything = true,
+function require_capability($capability, $context, $userid = null, $doanything = true,
$errormessage = 'nopermissions', $stringfile = '') {
if (!has_capability($capability, $context, $userid, $doanything)) {
throw new required_capability_exception($context, $capability, $errormessage, $stringfile);
* @param int $limit_ignored
* @return array $courses - ordered array of course objects - see notes above
*/
-function get_user_courses_bycap($userid, $cap, $accessdata_ignored, $doanything_ignored, $sort='c.sortorder ASC', $fields=NULL, $limit_ignored=0) {
+function get_user_courses_bycap($userid, $cap, $accessdata_ignored, $doanything_ignored, $sort = 'c.sortorder ASC', $fields = null, $limit_ignored = 0) {
//TODO: this should be most probably deprecated
* [rdef] => [/path/:roleid][capability]=permission
* [loaded] => array('/path', '/path')
*
- * @global object
- * @global object
- * @param $userid integer - the id of the user
+ * @param int $userid - the id of the user
+ * @return array
*/
function get_user_access_sitewide($userid) {
-
global $CFG, $DB;
/* Get in 3 cheap DB queries...
* - below this user's RAs - limited to course level
*/
- $accessdata = array(); // named list
+ $accessdata = array(); // named list
$accessdata['ra'] = array();
$accessdata['rdef'] = array();
$accessdata['loaded'] = array();
if ($clauses !== '') {
$sql = "SELECT ctx.path, rc.roleid, rc.capability, rc.permission
- FROM {role_capabilities} rc
- JOIN {context} ctx
- ON rc.contextid=ctx.id
- WHERE $clauses";
+ FROM {role_capabilities} rc
+ JOIN {context} ctx ON rc.contextid=ctx.id
+ WHERE $clauses";
unset($clauses);
$rs = $DB->get_recordset_sql($sql, $cparams);
JOIN {role_capabilities} rco
ON (rco.roleid=ra.roleid AND rco.contextid=sctx.id)
WHERE ra.userid = ?
- AND ctx.contextlevel <= ".CONTEXT_COURSECAT."
- AND sctx.contextlevel <= ".CONTEXT_COURSE."
+ AND ctx.contextlevel <= ".CONTEXT_COURSECAT."
+ AND sctx.contextlevel <= ".CONTEXT_COURSE."
ORDER BY sctx.depth, sctx.path, ra.roleid";
$params = array($userid);
$rs = $DB->get_recordset_sql($sql, $params);
/**
* Add to the access ctrl array the data needed by a user for a given context
*
- * @global object
- * @global object
* @param integer $userid the id of the user
* @param object $context needs path!
* @param array $accessdata accessdata array
+ * @return void
*/
function load_subcontext($userid, $context, &$accessdata) {
-
global $CFG, $DB;
/* Get the additional RAs and relevant rolecaps
* and to get an overview of what a role gets under a
* given context and below...
*
- * @global object
- * @global object
* @param integer $roleid the id of the user
* @param object $context needs path!
- * @param array $accessdata accessdata array NULL by default
+ * @param array $accessdata accessdata array null by default
* @return array
*/
-function get_role_access_bycontext($roleid, $context, $accessdata=NULL) {
-
+function get_role_access_bycontext($roleid, $context, $accessdata = null) {
global $CFG, $DB;
/* Get the relevant rolecaps into rdef
* to call it if you are about to run a BIG
* cron run across a bazillion users.
*
- * @global object
- * @global object
* @param int $userid
* @return array returns ACCESSLIB_PRIVATE->accessdatabyuser[userid]
*/
/**
* Use shared copy of role definitions stored in ACCESSLIB_PRIVATE->roledefinitions;
*
- * @global object
* @param array $rdefs array of role definitions in contexts
*/
function compact_rdefs(&$rdefs) {
* check_enrolment_plugins();
* @see check_enrolment_plugins()
*
- * @global object
- * @global object
- * @global object
+ * @return void
*/
function load_all_capabilities() {
global $CFG, $ACCESSLIB_PRIVATE;
*
* Note: rewrites $USER->access completely.
*
- * @global object
- * @global object
+ * @return void
*/
function reload_all_capabilities() {
global $USER, $DB;
* @param int $strictness
* @return object newly created context
*/
-function create_context($contextlevel, $instanceid, $strictness=IGNORE_MISSING) {
-
+function create_context($contextlevel, $instanceid, $strictness = IGNORE_MISSING) {
global $CFG, $DB;
if ($contextlevel == CONTEXT_SYSTEM) {
$basedepth = 1;
$result = true;
- $error_message = NULL;
+ $error_message = null;
switch ($contextlevel) {
case CONTEXT_COURSECAT:
$basedepth = $parent->depth;
} else {
// wrong parent category - no big deal, this can be fixed later
- $basepath = NULL;
+ $basepath = null;
$basedepth = 0;
}
} else {
$basedepth = $parent->depth;
} else {
// wrong parent category of course - no big deal, this can be fixed later
- $basepath = NULL;
+ $basepath = null;
$basedepth = 0;
}
} else if ($instanceid == SITEID) {
}
/**
- * Returns system context or NULL if can not be created yet.
- *
- * @todo can not use get_record() because we do not know if query failed :-(
- * switch to get_record() later
+ * Returns system context or null if can not be created yet.
*
- * @global object
- * @global object
* @param bool $cache use caching
- * @return mixed system context or NULL
+ * @return mixed system context or null
*/
-function get_system_context($cache=true) {
+function get_system_context($cache = true) {
global $DB, $ACCESSLIB_PRIVATE;
if ($cache and defined('SYSCONTEXTID')) {
if (is_null($ACCESSLIB_PRIVATE->systemcontext)) {
$context = $DB->get_record('context', array('contextlevel'=>CONTEXT_SYSTEM));
} catch (dml_exception $e) {
//table does not exist yet, sorry
- return NULL;
+ return null;
}
if (!$context) {
$context->contextlevel = CONTEXT_SYSTEM;
$context->instanceid = 0;
$context->depth = 1;
- $context->path = NULL; //not known before insert
+ $context->path = null; //not known before insert
try {
$context->id = $DB->insert_record('context', $context);
} catch (dml_exception $e) {
// can not create context yet, sorry
- return NULL;
+ return null;
}
}
/**
* Precreates all contexts including all parents
*
- * @global object
* @param int $contextlevel empty means all
* @param bool $buildpaths update paths and depths
* @return void
*/
-function create_contexts($contextlevel=NULL, $buildpaths=true) {
+function create_contexts($contextlevel = null, $buildpaths = true) {
global $DB;
//make sure system context exists
/**
* Remove stale context records
*
- * @global object
* @return bool
*/
function cleanup_contexts() {
* MUST_EXIST means throw exception if no record or multiple records found
* @return object The context object.
*/
-function get_context_instance($contextlevel, $instance=0, $strictness=IGNORE_MISSING) {
-
+function get_context_instance($contextlevel, $instance = 0, $strictness = IGNORE_MISSING) {
global $DB, $ACCESSLIB_PRIVATE;
static $allowed_contexts = array(CONTEXT_SYSTEM, CONTEXT_USER, CONTEXT_COURSECAT, CONTEXT_COURSE, CONTEXT_MODULE, CONTEXT_BLOCK);
/**
* Get a context instance as an object, from a given context id.
*
- * @param mixed $id a context id or array of ids.
+ * @param int $id context id
* @param int $strictness IGNORE_MISSING means compatible mode, false returned if record not found, debug message if more found;
* MUST_EXIST means throw exception if no record or multiple records found
- * @return mixed object, array of the context object, or false.
+ * @return stdClass|bool the context object or false if not found.
*/
-function get_context_instance_by_id($id, $strictness=IGNORE_MISSING) {
+function get_context_instance_by_id($id, $strictness = IGNORE_MISSING) {
global $DB, $ACCESSLIB_PRIVATE;
if ($id == SYSCONTEXTID) {
/**
* Get the local override (if any) for a given capability in a role in a context
*
- * @global object
* @param int $roleid
* @param int $contextid
* @param string $capability
global $DB;
$context = get_context_instance_by_id($contextid, MUST_EXIST);
- $course = NULL;
- $cm = NULL;
+ $course = null;
+ $cm = null;
if ($context->contextlevel == CONTEXT_COURSE) {
$course = $DB->get_record('course', array('id'=>$context->instanceid), '*', MUST_EXIST);
/**
* function that creates a role
*
- * @global object
* @param string $name role name
* @param string $shortname role short name
* @param string $description role description
* @param string $archetype
- * @return mixed id or dml_exception
+ * @return int id or dml_exception
*/
-function create_role($name, $shortname, $description, $archetype='') {
+function create_role($name, $shortname, $description, $archetype = '') {
global $DB;
if (strpos($archetype, 'moodle/legacy:') !== false) {
/**
* Function to write context specific overrides, or default capabilities.
*
- * @global object
- * @global object
- * @param string module string name
- * @param string capability string name
- * @param int contextid context id
- * @param int roleid role id
- * @param int permission int 1,-1 or -1000 should not be writing if permission is 0
- * @return bool
+ * @param string $capability string name
+ * @param int $permission CAP_ constants
+ * @param int $roleid role id
+ * @param int $contextid context id
+ * @param bool $overwrite
+ * @return bool always true or exception
*/
-function assign_capability($capability, $permission, $roleid, $contextid, $overwrite=false) {
+function assign_capability($capability, $permission, $roleid, $contextid, $overwrite = false) {
global $USER, $DB;
if (empty($permission) || $permission == CAP_INHERIT) { // if permission is not set
}
$cap = new stdClass();
- $cap->contextid = $contextid;
- $cap->roleid = $roleid;
- $cap->capability = $capability;
- $cap->permission = $permission;
+ $cap->contextid = $contextid;
+ $cap->roleid = $roleid;
+ $cap->capability = $capability;
+ $cap->permission = $permission;
$cap->timemodified = time();
- $cap->modifierid = empty($USER->id) ? 0 : $USER->id;
+ $cap->modifierid = empty($USER->id) ? 0 : $USER->id;
if ($existing) {
$cap->id = $existing->id;
/**
* Unassign a capability from a role.
*
- * @global object
- * @param int $roleid the role id
* @param string $capability the name of the capability
+ * @param int $roleid the role id
+ * @param int $contextid null means all contexts
* @return boolean success or failure
*/
-function unassign_capability($capability, $roleid, $contextid=NULL) {
+function unassign_capability($capability, $roleid, $contextid = null) {
global $DB;
if (!empty($contextid)) {
* @param bool $includmanual include manual role assignments too
* @return void
*/
-function role_unassign_all(array $params, $subcontexts = false, $includemanual=false) {
+function role_unassign_all(array $params, $subcontexts = false, $includemanual = false) {
global $USER, $CFG, $DB;
if (!$params) {
* @param int|object $user mixed user object or id, $USER if not specified
* @return bool true if user is the real guest user, false if not logged in or other user
*/
-function isguestuser($user = NULL) {
+function isguestuser($user = null) {
global $USER, $DB, $CFG;
// make sure we have the user id cached in config table, because we are going to use it a lot
}
set_config('siteguest', $guestid);
}
- if ($user === NULL) {
+ if ($user === null) {
$user = $USER;
}
- if ($user === NULL) {
+ if ($user === null) {
// happens when setting the $USER
return false;
/**
* Does user have a (temporary or real) guest access to course?
*
- * @param object $context
- * @param object|int $user
+ * @param stdClass $context
+ * @param stdClass|int $user
* @return bool
*/
-function is_guest($context, $user = NULL) {
+function is_guest($context, $user = null) {
global $USER;
// first find the course context
$coursecontext = get_course_context($context);
// make sure there is a real user specified
- if ($user === NULL) {
+ if ($user === null) {
$userid = !empty($USER->id) ? $USER->id : 0;
} else {
$userid = !empty($user->id) ? $user->id : $user;
* Returns true if the user has moodle/course:view capability in the course,
* this is intended for admins, managers (aka small admins), inspectors, etc.
*
- * @param object $context
- * @param int|object $user, if NULL $USER is used
+ * @param stdClass $context
+ * @param int|object $user, if null $USER is used
* @param string $withcapability extra capability name
* @return bool
*/
-function is_viewing($context, $user = NULL, $withcapability = '') {
- global $USER;
-
+function is_viewing($context, $user = null, $withcapability = '') {
// first find the course context
$coursecontext = get_course_context($context);
* this is intended for students and teachers.
*
* @param object $context
- * @param int|object $user, if NULL $USER is used, otherwise user object or id expected
+ * @param int|object $user, if null $USER is used, otherwise user object or id expected
* @param string $withcapability extra capability name
* @param bool $onlyactive consider only active enrolments in enabled plugins and time restrictions
* @return bool
*/
-function is_enrolled($context, $user = NULL, $withcapability = '', $onlyactive = false) {
+function is_enrolled($context, $user = null, $withcapability = '', $onlyactive = false) {
global $USER, $DB;
// first find the course context
$coursecontext = get_course_context($context);
// make sure there is a real user specified
- if ($user === NULL) {
+ if ($user === null) {
$userid = !empty($USER->id) ? $USER->id : 0;
} else {
$userid = !empty($user->id) ? $user->id : $user;
}
}
- $defaultuserroleid = isset($CFG->defaultuserroleid) ? $CFG->defaultuserroleid : NULL;
- $defaultfrontpageroleid = isset($CFG->defaultfrontpageroleid) ? $CFG->defaultfrontpageroleid : NULL;
+ $defaultuserroleid = isset($CFG->defaultuserroleid) ? $CFG->defaultuserroleid : null;
+ $defaultfrontpageroleid = isset($CFG->defaultfrontpageroleid) ? $CFG->defaultfrontpageroleid : null;
$nobody = false;
* Loads the capability definitions for the component (from file). If no
* capabilities are defined for the component, we simply return an empty array.
*
- * @global object
* @param string $component full plugin name, examples: 'moodle', 'mod_forum'
* @return array array of capabilities
*/
* @param string $component - examples: 'moodle', 'mod_forum'
* @return array array of capabilities
*/
-function get_cached_capabilities($component='moodle') {
+function get_cached_capabilities($component = 'moodle') {
global $DB;
return $DB->get_records('capabilities', array('component'=>$component));
}
* Reset role capabilities to default according to selected role archetype.
* If no archetype selected, removes all capabilities.
* @param int $roleid
+ * @return void
*/
function reset_role_capabilities($roleid) {
global $DB;
* will cause any stored capabilities for the component to be removed from
* the database.
*
- * @global object
* @param string $component examples: 'moodle', 'mod/forum', 'block/quiz_results'
* @return boolean true if success, exception in case of any problems
*/
-function update_capabilities($component='moodle') {
+function update_capabilities($component = 'moodle') {
global $DB, $OUTPUT, $ACCESSLIB_PRIVATE;
$storedcaps = array();
// Add new capabilities to the stored definition.
foreach ($newcaps as $capname => $capdef) {
$capability = new stdClass();
- $capability->name = $capname;
- $capability->captype = $capdef['captype'];
+ $capability->name = $capname;
+ $capability->captype = $capdef['captype'];
$capability->contextlevel = $capdef['contextlevel'];
- $capability->component = $component;
- $capability->riskbitmask = $capdef['riskbitmask'];
+ $capability->component = $component;
+ $capability->riskbitmask = $capdef['riskbitmask'];
$DB->insert_record('capabilities', $capability, false);
capabilities_cleanup($component, $filecaps);
// reset static caches
- $ACCESSLIB_PRIVATE->capabilities = NULL;
+ $ACCESSLIB_PRIVATE->capabilities = null;
return true;
}
* Deletes cached capabilities that are no longer needed by the component.
* Also unassigns these capabilities from any roles that have them.
*
- * @global object
- * @param string $component examples: 'moodle', 'mod/forum', 'block/quiz_results'
+ * @param string $component examples: 'moodle', 'mod_forum', 'block_quiz_results'
* @param array $newcapdef array of the new capability definitions that will be
* compared with the cached capabilities
* @return int number of deprecated capabilities that have been removed
*/
-function capabilities_cleanup($component, $newcapdef=NULL) {
+function capabilities_cleanup($component, $newcapdef = null) {
global $DB;
$removedcount = 0;
* @return string the name for this type of context.
*/
function get_contextlevel_name($contextlevel) {
- static $strcontextlevels = NULL;
+ static $strcontextlevels = null;
if (is_null($strcontextlevels)) {
$strcontextlevels = array(
- CONTEXT_SYSTEM => get_string('coresystem'),
- CONTEXT_USER => get_string('user'),
+ CONTEXT_SYSTEM => get_string('coresystem'),
+ CONTEXT_USER => get_string('user'),
CONTEXT_COURSECAT => get_string('category'),
- CONTEXT_COURSE => get_string('course'),
- CONTEXT_MODULE => get_string('activitymodule'),
- CONTEXT_BLOCK => get_string('block')
+ CONTEXT_COURSE => get_string('course'),
+ CONTEXT_MODULE => get_string('activitymodule'),
+ CONTEXT_BLOCK => get_string('block')
);
}
return $strcontextlevels[$contextlevel];
/**
* Prints human readable context identifier.
*
- * @global object
* @param object $context the context.
* @param boolean $withprefix whether to prefix the name of the context with the
* type of context, e.g. User, Course, Forum, etc.
function get_all_risks() {
return array(
'riskmanagetrust' => RISK_MANAGETRUST,
- 'riskconfig' => RISK_CONFIG,
- 'riskxss' => RISK_XSS,
- 'riskpersonal' => RISK_PERSONAL,
- 'riskspam' => RISK_SPAM,
- 'riskdataloss' => RISK_DATALOSS,
+ 'riskconfig' => RISK_CONFIG,
+ 'riskxss' => RISK_XSS,
+ 'riskpersonal' => RISK_PERSONAL,
+ 'riskspam' => RISK_SPAM,
+ 'riskdataloss' => RISK_DATALOSS,
);
}
/**
* Return a link to moodle docs for a given capability name
*
- * @global object
* @param object $capability a capability - a row from the mdl_capabilities table.
* @return string the human-readable capability name as a link to Moodle Docs.
*/
* `contextlevel` int(10) NOT NULL,
* `component` varchar(100) NOT NULL,
*
- * @global object
- * @global object
* @param object context
* @return array
*/
$extracaps = $modfunction();
}
}
- if(empty($extracaps)) {
+ if (empty($extracaps)) {
$extracaps = array();
}
* defaults) of a role used in capability overrides in contexts at a given
* context.
*
- * @global object
* @param obj $context
* @param int $roleid
* @param string $cap capability, optional, defaults to ''
- * @param bool if set to true, resolve till this level, else stop at immediate parent level
- * @return array
+ * @return array of capabilities
*/
-function role_context_capabilities($roleid, $context, $cap='') {
+function role_context_capabilities($roleid, $context, $cap = '') {
global $DB;
$contexts = get_parent_contexts($context);
* for the purpose of $select, you need to know that the context table has been
* aliased to ctx, so for example, you can call get_sorted_contexts('ctx.depth = 3');
*
- * @global object
* @param string $select the contents of the WHERE clause. Remember to do ctx.fieldname.
* @param array $params any parameters required by $select.
* @return array the requested context records.
}
return $DB->get_records_sql("
SELECT ctx.*
- FROM {context} ctx
- LEFT JOIN {user} u ON ctx.contextlevel = " . CONTEXT_USER . " AND u.id = ctx.instanceid
- LEFT JOIN {course_categories} cat ON ctx.contextlevel = " . CONTEXT_COURSECAT . " AND cat.id = ctx.instanceid
- LEFT JOIN {course} c ON ctx.contextlevel = " . CONTEXT_COURSE . " AND c.id = ctx.instanceid
- LEFT JOIN {course_modules} cm ON ctx.contextlevel = " . CONTEXT_MODULE . " AND cm.id = ctx.instanceid
- LEFT JOIN {block_instances} bi ON ctx.contextlevel = " . CONTEXT_BLOCK . " AND bi.id = ctx.instanceid
- $select
- ORDER BY ctx.contextlevel, bi.defaultregion, COALESCE(cat.sortorder, c.sortorder, cm.section, bi.defaultweight), u.lastname, u.firstname, cm.id
+ FROM {context} ctx
+ LEFT JOIN {user} u ON ctx.contextlevel = " . CONTEXT_USER . " AND u.id = ctx.instanceid
+ LEFT JOIN {course_categories} cat ON ctx.contextlevel = " . CONTEXT_COURSECAT . " AND cat.id = ctx.instanceid
+ LEFT JOIN {course} c ON ctx.contextlevel = " . CONTEXT_COURSE . " AND c.id = ctx.instanceid
+ LEFT JOIN {course_modules} cm ON ctx.contextlevel = " . CONTEXT_MODULE . " AND cm.id = ctx.instanceid
+ LEFT JOIN {block_instances} bi ON ctx.contextlevel = " . CONTEXT_BLOCK . " AND bi.id = ctx.instanceid
+ $select
+ ORDER BY ctx.contextlevel, bi.defaultregion, COALESCE(cat.sortorder, c.sortorder, cm.section, bi.defaultweight), u.lastname, u.firstname, cm.id
", $params);
}
* Returns capability information (cached)
*
* @param string $capabilityname
- * @return object or NULL if capability not found
+ * @return object or null if capability not found
*/
function get_capability_info($capabilityname) {
global $ACCESSLIB_PRIVATE, $DB; // one request per page only
}
}
- return isset($ACCESSLIB_PRIVATE->capabilities[$capabilityname]) ? $ACCESSLIB_PRIVATE->capabilities[$capabilityname] : NULL;
+ return isset($ACCESSLIB_PRIVATE->capabilities[$capabilityname]) ? $ACCESSLIB_PRIVATE->capabilities[$capabilityname] : null;
}
/**
/**
* Checks if a user can assign users to a particular role in this context
*
- * @global object
* @param object $context
* @param int $targetroleid - the id of the role you want to assign users to
* @return boolean
*/
function get_all_roles() {
global $DB;
- return $DB->get_records('role', NULL, 'sortorder ASC');
+ return $DB->get_records('role', null, 'sortorder ASC');
}
/**
* @param string $order defaults to 'c.contextlevel DESC, r.sortorder ASC'
* @return array
*/
-function get_user_roles($context, $userid=0, $checkparentcontexts=true, $order='c.contextlevel DESC, r.sortorder ASC') {
+function get_user_roles($context, $userid = 0, $checkparentcontexts = true, $order = 'c.contextlevel DESC, r.sortorder ASC') {
global $USER, $DB;
if (empty($userid)) {
/**
* Creates a record in the role_allow_override table
*
- * @global object
* @param int $sroleid source roleid
* @param int $troleid target roleid
* @return int id or false
/**
* Creates a record in the role_allow_assign table
*
- * @global object
* @param int $sroleid source roleid
* @param int $troleid target roleid
* @return int id or false
/**
* Creates a record in the role_allow_switch table
*
- * @global object
* @param int $sroleid source roleid
* @param int $troleid target roleid
* @return int id or false
* @param int $rolenamedisplay the type of role name to display. One of the
* ROLENAME_X constants. Default ROLENAME_ALIAS.
* @param bool $withusercounts if true, count the number of users with each role.
- * @param integer|object $user A user id or object. By default (NULL) checks the permissions of the current user.
+ * @param integer|object $user A user id or object. By default (null) checks the permissions of the current user.
* @return array if $withusercounts is false, then an array $roleid => $rolename.
* if $withusercounts is true, returns a list of three arrays,
* $rolenames, $rolecounts, and $nameswithcounts.
* This function just process the contents of the role_allow_switch table. You also need to
* test the moodle/role:switchroles to see if the user is allowed to switch in the first place.
*
- * @global object
- * @global object
* @param object $context a context.
* @return array an array $roleid => $rolename.
*/
$query = "
SELECT r.id, r.name
- FROM (
- SELECT DISTINCT rc.roleid
- FROM {role_capabilities} rc
- $extrajoins
- $extrawhere
- ) idlist
- JOIN {role} r ON r.id = idlist.roleid
- ORDER BY r.sortorder";
+ FROM (SELECT DISTINCT rc.roleid
+ FROM {role_capabilities} rc
+ $extrajoins
+ $extrawhere) idlist
+ JOIN {role} r ON r.id = idlist.roleid
+ ORDER BY r.sortorder";
$rolenames = $DB->get_records_sql_menu($query, $params);
return role_fix_names($rolenames, $context, ROLENAME_ALIAS);
/**
* Gets a list of roles that this user can override in this context.
*
- * @global object
- * @global object
* @param object $context the context.
* @param int $rolenamedisplay the type of role name to display. One of the
* ROLENAME_X constants. Default ROLENAME_ALIAS.
}
/**
- * @global object
* @param integer $roleid the id of a role.
* @return array list of the context levels at which this role may be assigned.
*/
}
/**
- * @global object
* @param integer $contextlevel a contextlevel.
* @return array list of role ids that are assignable at this context level.
*/
* Set the context levels at which a particular role can be assigned.
* Throws exceptions in case of error.
*
- * @global object
* @param integer $roleid the id of a role.
* @param array $contextlevels the context levels at which this role should be assignable,
* duplicate levels are removed.
function set_role_contextlevels($roleid, array $contextlevels) {
global $DB;
$DB->delete_records('role_context_levels', array('roleid' => $roleid));
- $rcl = new stdClass;
+ $rcl = new stdClass();
$rcl->roleid = $roleid;
$contextlevels = array_unique($contextlevels);
foreach ($contextlevels as $level) {
* in $groups.
* @return mixed
*/
-function get_users_by_capability($context, $capability, $fields='', $sort='', $limitfrom='', $limitnum='',
- $groups='', $exceptions='', $doanything_ignored=NULL, $view_ignored=NULL, $useviewallgroups=false) {
+function get_users_by_capability($context, $capability, $fields = '', $sort = '', $limitfrom = '', $limitnum = '',
+ $groups = '', $exceptions = '', $doanything_ignored = null, $view_ignored = null, $useviewallgroups = false) {
global $CFG, $DB;
if (empty($context->id)) {
throw new coding_exception('Invalid context specified');
}
- $defaultuserroleid = isset($CFG->defaultuserroleid) ? $CFG->defaultuserroleid : NULL;
- $defaultfrontpageroleid = isset($CFG->defaultfrontpageroleid) ? $CFG->defaultfrontpageroleid : NULL;
+ $defaultuserroleid = isset($CFG->defaultuserroleid) ? $CFG->defaultuserroleid : null;
+ $defaultfrontpageroleid = isset($CFG->defaultfrontpageroleid) ? $CFG->defaultfrontpageroleid : null;
$ctxids = trim($context->path, '/');
$ctxids = str_replace('/', ',', $ctxids);
* to weed out admin-ish roles. Or fetch a list of roles from
* variables like $CFG->coursecontact .
*
- * @global object
* @param array $users Users array, keyed on userid
* @param object $context
* @param array $roles ids of the roles to include, optional
* @param string $policy defaults to locality, more about
* @return array sorted copy of the array
*/
-function sort_by_roleassignment_authority($users, $context, $roles=array(), $sortpolicy='locality') {
+function sort_by_roleassignment_authority($users, $context, $roles = array(), $sortpolicy = 'locality') {
global $DB;
$userswhere = ' ra.userid IN (' . implode(',',array_keys($users)) . ')';
/**
* Gets all the users assigned this role in this context or higher
*
- * @global object
* @param int $roleid (can also be an array of ints!)
* @param stdClass $context
* @param bool $parent if true, get list of users assigned in higher context too
* @param string|array $whereparams defaults to ''
* @return array
*/
-function get_role_users($roleid, $context, $parent=false, $fields='',
- $sort='u.lastname, u.firstname', $gethidden_ignored=NULL, $group='',
- $limitfrom='', $limitnum='', $extrawheretest='', $whereparams=array()) {
+function get_role_users($roleid, $context, $parent = false, $fields = '',
+ $sort = 'u.lastname, u.firstname', $gethidden_ignored = null, $group = '',
+ $limitfrom = '', $limitnum = '', $extrawheretest = '', $whereparams = array()) {
global $DB;
if (empty($fields)) {
/**
* Counts all the users assigned this role in this context or higher
*
- * @global object
* @param mixed $roleid either int or an array of ints
* @param object $context
* @param bool $parent if true, get list of users assigned in higher context too
* @return int Returns the result count
*/
-function count_role_users($roleid, $context, $parent=false) {
+function count_role_users($roleid, $context, $parent = false) {
global $DB;
if ($parent) {
* This function gets the list of courses that this user has a particular capability in.
* It is still not very efficient.
*
- * @global object
* @param string $capability Capability in question
- * @param int $userid User ID or NULL for current user
+ * @param int $userid User ID or null for current user
* @param bool $doanything True if 'doanything' is permitted (default)
* @param string $fieldsexceptid Leave blank if you only need 'id' in the course records;
* otherwise use a comma-separated list of the fields you require, not including id
* table with sql modifiers (DESC) if needed
* @return array Array of courses, may have zero entries. Or false if query failed.
*/
-function get_user_capability_course($capability, $userid=NULL, $doanything=true, $fieldsexceptid='', $orderby='') {
+function get_user_capability_course($capability, $userid = null, $doanything = true, $fieldsexceptid = '', $orderby = '') {
global $DB;
// Convert fields list and ordering
$fields = explode(',', $orderby);
$orderby = '';
foreach($fields as $field) {
- if($orderby) {
+ if ($orderby) {
$orderby .= ',';
}
$orderby .= 'c.'.$field;
// Check capability for each course in turn
$courses = array();
foreach ($rs as $coursecontext) {
- if(has_capability($capability, $coursecontext, $userid, $doanything)) {
+ if (has_capability($capability, $coursecontext, $userid, $doanything)) {
// We've got the capability. Make the record look like a course record
// and store it
$coursecontext->id = $coursecontext->courseid;
return $courses;
}
-/** This function finds the roles assigned directly to this context only
+/**
+ * This function finds the roles assigned directly to this context only
* i.e. no parents role
*
- * @global object
* @param object $context
* @return array
*/
*
* This function *will* modify $USER->access - beware
*
- * @global object
* @param integer $roleid the role to switch to.
* @param object $context the context in which to perform the switch.
* @return bool success or failure.
/**
* Get all capabilities for this role on this context (overrides)
*
- * @global object
* @param object $role
* @param object $context
* @return array
/**
* Find out which roles has assignment on this context
*
- * @global object
* @param object $context
* @return array
*
/**
* Find all user assignment of users for this role, on this context
*
- * @global object
* @param object $role
* @param object $context
* @return array
/**
* Simple function returning a boolean true if roles exist, otherwise false
*
- * @global object
* @param int $userid
* @param int $roleid
* @param int $contextid
* @return bool
*/
-function user_has_role_assignment($userid, $roleid, $contextid=0) {
+function user_has_role_assignment($userid, $roleid, $contextid = 0) {
global $DB;
if ($contextid) {
/**
* Get role name or alias if exists and format the text.
*
- * @global object
* @param object $role role object
* @param object $coursecontext
* @return string name of role in course context
/**
* Prepare list of roles for display, apply aliases and format text
*
- * @global object
* @param array $roleoptions array roleid => rolename or roleid => roleobject
* @param object $context a context
* @return array Array of context-specific role names, or role objexts with a ->localname field added.
*/
-function role_fix_names($roleoptions, $context, $rolenamedisplay=ROLENAME_ALIAS) {
+function role_fix_names($roleoptions, $context, $rolenamedisplay = ROLENAME_ALIAS) {
global $DB;
// Make sure we are working with an array roleid => name. Normally we
/**
* Rebuild all related context depth and path caches
*
- * @global object
* @param array $fixcontexts array of contexts, strongtyped
*/
function rebuild_contexts(array $fixcontexts) {
*
* @param bool $force force a complete rebuild of the path and depth fields, defaults to false
*/
-function build_context_path($force=false) {
+function build_context_path($force = false) {
global $CFG, $DB;
// System context
* Mark a context as dirty (with timestamp)
* so as to force reloading of the context.
*
- * @global object
- * @global object
* @param string $path context path
*/
function mark_context_dirty($path) {
/**
* Switch the sort order of two roles (used in admin/roles/manage.php).
*
- * @global object
* @param object $first The first role. Actually, only ->sortorder is used.
* @param object $second The second role. Actually, only ->sortorder is used.
* @return boolean success or failure
/**
* duplicates all the base definitions of a role
*
- * @global object
* @param object $sourcerole role to copy from
* @param int $targetrole id of role to copy to
*/