moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 08:56:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

accesslib: add support for multi-enrolments

Browse source 
I had dropped support for multi-enrolments on the same context.

 Oops!

This patch reinstates it, changing the semantics of the 'ra'
array leaves from an int to an array of ints.

So no instead of

   $USER->access['ra']['/1/12/543'] = 5

we have

   $USER->access['ra']['/1/12/543'] = array(5)

the functions that build the array, and the array walkers have
been updated. This touches...

  Writing RAs
    load_all_capabilities()
    get_user_access_sitewide()
    get_user_access_bycontext()

  Reading RAs
    has_cap_fromsess()
    aggr_roles_fromsess()

Thanks to Matt Clarkson for mentioning multi-enrolments!
This commit is contained in:
martinlanghoff 2007-09-19 07:06:30 +00:00
parent b1178725a8
commit 6cc59cb21b
1 changed files with 33 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

34
lib/accesslib.php
View file

@ -555,8 +555,11 @@ function has_cap_fromsess($capability, $context, $sess, $doanything) {
for ($n=$cc-1;$n>=0;$n--) { for ($n=$cc-1;$n>=0;$n--) {
$ctxp = $contexts[$n]; $ctxp = $contexts[$n];
if (isset($sess['ra'][$ctxp])) { if (isset($sess['ra'][$ctxp])) {
// Found a role assignment // Found role assignments on this leaf
$roleid = $sess['ra'][$ctxp]; $ras = $sess['ra'][$ctxp];
$rc = count($ras);
for ($rn=0;$rn<$rc;$rn++) {
$roleid = $ras[$rn];
// Walk the path for capabilities // Walk the path for capabilities
// from the bottom up... // from the bottom up...
for ($m=$cc-1;$m>=0;$m--) { for ($m=$cc-1;$m>=0;$m--) {
@ -572,6 +575,7 @@ function has_cap_fromsess($capability, $context, $sess, $doanything) {
} }
} }
} }
}
if ($can < 1) { if ($can < 1) {
if ($doanything) { if ($doanything) {
@ -608,10 +612,10 @@ function aggr_roles_fromsess($context, $sess) {
// From the bottom up... // From the bottom up...
for ($n=$cc-1;$n>=0;$n--) { for ($n=$cc-1;$n>=0;$n--) {
$ctxp = $contexts[$n]; $ctxp = $contexts[$n];
if (isset($sess['ra'][$ctxp])) { if (isset($sess['ra'][$ctxp]) && count($sess['ra'][$ctxp])) {
// Found a role assignment // Found assignments on this leaf
$roleid = $sess['ra'][$ctxp]; $addroles = $sess['ra'][$ctxp];
$roles[] = $roleid; $roles = array_merge($roles, $addroles);
} }
} }
@ -1671,7 +1675,7 @@ function load_user_capability($capability='', $context=NULL, $userid=NULL, $chec
* We do _not_ delve deeper than courses because the number of * We do _not_ delve deeper than courses because the number of
* overrides at the module/block levels is HUGE. * overrides at the module/block levels is HUGE.
* *
* [ra] => [/path/] = roleid * [ra] => [/path/] = array(roleid, roleid)
* [rdef] => [/path/:roleid][capability]=permission * [rdef] => [/path/:roleid][capability]=permission
* [loaded] => array('/path', '/path') * [loaded] => array('/path', '/path')
* *
@ -1727,7 +1731,12 @@ function get_user_access_sitewide($userid) {
$raparents = array(); $raparents = array();
if ($rs->RecordCount()) { if ($rs->RecordCount()) {
while ($ra = rs_fetch_next_record($rs)) { while ($ra = rs_fetch_next_record($rs)) {
$acc['ra'][$ra->path] = $ra->roleid; // RAs leafs are arrays to support multi
// role assignments...
if (!isset($acc['ra'][$ra->path])) {
$acc['ra'][$ra->path] = array();
}
array_push($acc['ra'][$ra->path], $ra->roleid);
if (!empty($ra->capability)) { if (!empty($ra->capability)) {
$k = "{$ra->path}:{$ra->roleid}"; $k = "{$ra->path}:{$ra->roleid}";
$acc['rdef'][$k][$ra->capability] = $ra->permission; $acc['rdef'][$k][$ra->capability] = $ra->permission;
@ -1905,7 +1914,10 @@ function get_user_access_bycontext($userid, $context, $acc=NULL) {
$newroles = array(); $newroles = array();
if ($rs->RecordCount()) { if ($rs->RecordCount()) {
while ($ra = rs_fetch_next_record($rs)) { while ($ra = rs_fetch_next_record($rs)) {
$acc['ra'][$ra->path] = $ra->roleid; if (!isset($acc['ra'][$ra->path])) {
$acc['ra'][$ra->path] = array();
}
array_push($acc['ra'][$ra->path], $ra->roleid);
if (!empty($ra->capability)) { if (!empty($ra->capability)) {
$k = "{$ra->path}:{$ra->roleid}"; $k = "{$ra->path}:{$ra->roleid}";
$acc['rdef'][$k][$ra->capability] = $ra->permission; $acc['rdef'][$k][$ra->capability] = $ra->permission;
@ -2082,7 +2094,7 @@ function load_all_capabilities() {
$USER->access = get_user_access_sitewide($USER->id); $USER->access = get_user_access_sitewide($USER->id);
$USER->access = get_role_access($CFG->defaultuserroleid, $USER->access); $USER->access = get_role_access($CFG->defaultuserroleid, $USER->access);
// define a "default" enrolment // define a "default" enrolment
$USER->access['ra']["$base:def"] = $CFG->defaultuserroleid; $USER->access['ra']["$base:def"] = array($CFG->defaultuserroleid);
if ($CFG->defaultuserroleid === $CFG->guestroleid ) { if ($CFG->defaultuserroleid === $CFG->guestroleid ) {
if (isset($USER->access['rdef']["$base:{$CFG->guestroleid}"]['moodle/legacy:guest'])) { if (isset($USER->access['rdef']["$base:{$CFG->guestroleid}"]['moodle/legacy:guest'])) {
unset($USER->access['rdef']["$base:{$CFG->guestroleid}"]['moodle/legacy:guest']); unset($USER->access['rdef']["$base:{$CFG->guestroleid}"]['moodle/legacy:guest']);
@ -2131,7 +2143,7 @@ function load_all_capabilities() {
} else { } else {
if ($roleid = get_notloggedin_roleid()) { if ($roleid = get_notloggedin_roleid()) {
$USER->access = get_role_access(get_notloggedin_roleid()); $USER->access = get_role_access(get_notloggedin_roleid());
$USER->access['ra']["$base:def"] = $roleid; $USER->access['ra']["$base:def"] = array($roleid);
} }
} }
} }