Moodle PHP Documentation 4.2
Moodle 4.2.8 (Build: 20240610) (2d41ac46f45)
core\access\get_user_capability_course_helper Class Reference

Helper functions to implement the complex get_user_capability_course function. More...

Static Public Member Functions

static get_sql ($userid, $capability)
 Gets SQL to restrict a query to contexts in which the user has a capability.
 
static map_fieldnames (string $fieldsexceptid='')
 Map fieldnames to get ready for the SQL query.
 

Static Protected Member Functions

static any_path_is_above ($prohibitpaths, $otherpath)
 Test if a context path $otherpath is the same as, or underneath, any of $prohibitpaths.
 
static calculate_permission_tree (array $pathroleperms)
 Calculates a permission tree based on an array of information about role permissions.
 
static create_sql ($parent)
 Creates SQL suitable for restricting by contexts listed in the given permission tree.
 
static get_capability_info_at_each_context ($userid, $capability)
 Based on the given user's access data (roles) and system role definitions, works out an array of capability values at each relevant context for the given user and capability.
 
static get_tree ($userid, $capability)
 Gets a permission tree for the given user and capability, representing the value of that capability at different contexts across the system.
 
static path_is_above ($parentpath, $otherpath)
 Test if a context path $otherpath is the same as, or underneath, $parentpath.
 
static remove_duplicate_nodes ($parent)
 Removes duplicate nodes of a tree - where a child node has the same permission as its parent.
 
static remove_negative_subtrees ($root)
 Given a permission tree (in calculate_permission_tree format), removes any subtrees that are negative from the root.
 

Detailed Description

Helper functions to implement the complex get_user_capability_course function.

License
http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later

Member Function Documentation

◆ any_path_is_above()

static core\access\get_user_capability_course_helper::any_path_is_above ( $prohibitpaths,
$otherpath )
staticprotected

Test if a context path $otherpath is the same as, or underneath, any of $prohibitpaths.

Parameters
array$prohibitpathsarray keys are context paths.
string$otherpaththe path of another context.
Return values
intreleavant $roleid if $otherpath is underneath (or equal to) any of the $prohibitpaths, 0 otherwise (so, can be used as a bool).

◆ calculate_permission_tree()

static core\access\get_user_capability_course_helper::calculate_permission_tree ( array $pathroleperms)
staticprotected

Calculates a permission tree based on an array of information about role permissions.

The input parameter must be in the format returned by get_capability_info_at_each_context.

The output is the root of a tree of stdClass objects with the fields 'path' (a context path), 'allow' (true or false), and 'children' (an array of similar objects).

Parameters
array$pathrolepermsArray of permissions
Return values
stdClassRoot object of permission tree

◆ create_sql()

static core\access\get_user_capability_course_helper::create_sql ( $parent)
staticprotected

Creates SQL suitable for restricting by contexts listed in the given permission tree.

This function relies on the permission tree being in the format created by get_tree. Specifically, all the children of the root element must be set to 'allow' permission, children of those children must be 'not allow', children of those grandchildren 'allow', etc.

Parameters
stdClass$parentRoot node of permission tree
Return values
arrayTwo-element array of SQL (containing ? placeholders) and then a params array

◆ get_capability_info_at_each_context()

static core\access\get_user_capability_course_helper::get_capability_info_at_each_context ( $userid,
$capability )
staticprotected

Based on the given user's access data (roles) and system role definitions, works out an array of capability values at each relevant context for the given user and capability.

This is organised by the effective context path (the one at which the capability takes effect) and then by role id. Note, however, that the resulting array only has the information that will be needed later. If there are Prohibits present in some roles, then they cannot be overridden by other roles or role overrides in lower contexts, therefore, such information, if any, is absent from the results.

Parameters
int$useridUser id
string$capabilityCapability e.g. 'moodle/course:view'
Return values
arrayArray of capability constants, indexed by context path and role id

◆ get_sql()

static core\access\get_user_capability_course_helper::get_sql ( $userid,
$capability )
static

Gets SQL to restrict a query to contexts in which the user has a capability.

This returns an array with two elements (SQL containing ? placeholders, and a params array). The SQL is intended to be used as part of a WHERE clause. It relies on the prefix 'x' being used for the Moodle context table.

If the user does not have the permission anywhere at all (so that there is no point doing the query) then the two returned values will both be false.

Parameters
int$useridUser id
string$capabilityCapability e.g. 'moodle/course:view'
Return values
arrayTwo-element array of SQL (containing ? placeholders) and then a params array

◆ get_tree()

static core\access\get_user_capability_course_helper::get_tree ( $userid,
$capability )
staticprotected

Gets a permission tree for the given user and capability, representing the value of that capability at different contexts across the system.

The tree will be simplified as far as possible.

The output is the root of a tree of stdClass objects with the fields 'path' (a context path), 'allow' (true or false), and 'children' (an array of similar objects).

Parameters
int$useridUser id
string$capabilityCapability e.g. 'moodle/course:view'
Return values
stdClassRoot node of tree

◆ map_fieldnames()

static core\access\get_user_capability_course_helper::map_fieldnames ( string $fieldsexceptid = '')
static

Map fieldnames to get ready for the SQL query.

Parameters
string$fieldsexceptidA comma-separated list of the fields you require, not including id. Add ctxid, ctxpath, ctxdepth etc to return course context information for preloading.
Return values
stringMapped field list for the SQL query.

◆ path_is_above()

static core\access\get_user_capability_course_helper::path_is_above ( $parentpath,
$otherpath )
staticprotected

Test if a context path $otherpath is the same as, or underneath, $parentpath.

Parameters
string$parentpaththe path of the parent context.
string$otherpaththe path of another context.
Return values
booltrue if $otherpath is underneath (or equal to) $parentpath.

◆ remove_duplicate_nodes()

static core\access\get_user_capability_course_helper::remove_duplicate_nodes ( $parent)
staticprotected

Removes duplicate nodes of a tree - where a child node has the same permission as its parent.

Parameters
stdClass$parentTree root node

◆ remove_negative_subtrees()

static core\access\get_user_capability_course_helper::remove_negative_subtrees ( $root)
staticprotected

Given a permission tree (in calculate_permission_tree format), removes any subtrees that are negative from the root.

For example, if a top-level node of the permission tree has 'false' permission then it is meaningless because the default permission is already false; this function will remove it. However, if there is a child within that node that is positive, then that will need to be kept.

Parameters
stdClass$rootRoot object
Return values
stdClassFiltered tree root

The documentation for this class was generated from the following file: