当前位置: 首页>>代码示例>>PHP>>正文


PHP has_capability_in_accessdata函数代码示例

本文整理汇总了PHP中has_capability_in_accessdata函数的典型用法代码示例。如果您正苦于以下问题:PHP has_capability_in_accessdata函数的具体用法?PHP has_capability_in_accessdata怎么用?PHP has_capability_in_accessdata使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了has_capability_in_accessdata函数的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: has_capability


//.........这里部分代码省略.........
    }
    if (!is_bool($doanything)) {
        throw new coding_exception('Capability parameter "doanything" is wierd, only true or false is allowed. This has to be fixed in code.');
    }
    // capability must exist
    if (!($capinfo = get_capability_info($capability))) {
        debugging('Capability "' . $capability . '" was not found! This has to be fixed in code.');
        return false;
    }
    if (!isset($USER->id)) {
        // should never happen
        $USER->id = 0;
    }
    // make sure there is a real user specified
    if ($user === null) {
        $userid = $USER->id;
    } else {
        $userid = is_object($user) ? $user->id : $user;
    }
    // make sure forcelogin cuts off not-logged-in users if enabled
    if (!empty($CFG->forcelogin) and $userid == 0) {
        return false;
    }
    // make sure the guest account and not-logged-in users never get any risky caps no matter what the actual settings are.
    if ($capinfo->captype === 'write' or $capinfo->riskbitmask & (RISK_XSS | RISK_CONFIG | RISK_DATALOSS)) {
        if (isguestuser($userid) or $userid == 0) {
            return false;
        }
    }
    // somehow make sure the user is not deleted and actually exists
    if ($userid != 0) {
        if ($userid == $USER->id and isset($USER->deleted)) {
            // this prevents one query per page, it is a bit of cheating,
            // but hopefully session is terminated properly once user is deleted
            if ($USER->deleted) {
                return false;
            }
        } else {
            if (!context_user::instance($userid, IGNORE_MISSING)) {
                // no user context == invalid userid
                return false;
            }
        }
    }
    // context path/depth must be valid
    if (empty($context->path) or $context->depth == 0) {
        // this should not happen often, each upgrade tries to rebuild the context paths
        debugging('Context id ' . $context->id . ' does not have valid path, please use build_context_path()');
        if (is_siteadmin($userid)) {
            return true;
        } else {
            return false;
        }
    }
    // Find out if user is admin - it is not possible to override the doanything in any way
    // and it is not possible to switch to admin role either.
    if ($doanything) {
        if (is_siteadmin($userid)) {
            if ($userid != $USER->id) {
                return true;
            }
            // make sure switchrole is not used in this context
            if (empty($USER->access['rsw'])) {
                return true;
            }
            $parts = explode('/', trim($context->path, '/'));
            $path = '';
            $switched = false;
            foreach ($parts as $part) {
                $path .= '/' . $part;
                if (!empty($USER->access['rsw'][$path])) {
                    $switched = true;
                    break;
                }
            }
            if (!$switched) {
                return true;
            }
            //ok, admin switched role in this context, let's use normal access control rules
        }
    }
    // Careful check for staleness...
    $context->reload_if_dirty();
    if ($USER->id == $userid) {
        if (!isset($USER->access)) {
            load_all_capabilities();
        }
        $access =& $USER->access;
    } else {
        // make sure user accessdata is really loaded
        get_user_accessdata($userid, true);
        $access =& $ACCESSLIB_PRIVATE->accessdatabyuser[$userid];
    }
    // Load accessdata for below-the-course context if necessary,
    // all contexts at and above all courses are already loaded
    if ($context->contextlevel != CONTEXT_COURSE and $coursecontext = $context->get_course_context(false)) {
        load_course_context($userid, $coursecontext, $access);
    }
    return has_capability_in_accessdata($capability, $context, $access);
}
开发者ID:rolandovanegas,项目名称:moodle,代码行数:101,代码来源:accesslib.php

示例2: has_capability


//.........这里部分代码省略.........
            // caps not loaded yet - better to load them to keep BC with 1.8
            // not-logged-in user or $USER object set up manually first time here
            load_all_capabilities();
            $ACCESSLIB_PRIVATE->accessdatabyuser = array();
            // reset the cache for other users too, the dirty contexts are empty now
            $ACCESSLIB_PRIVATE->roledefinitions = array();
        }
    }
    // Load dirty contexts list if needed
    if (!isset($ACCESSLIB_PRIVATE->dirtycontexts)) {
        if (isset($USER->access['time'])) {
            $ACCESSLIB_PRIVATE->dirtycontexts = get_dirty_contexts($USER->access['time']);
        } else {
            $ACCESSLIB_PRIVATE->dirtycontexts = array();
        }
    }
    // Careful check for staleness...
    if (count($ACCESSLIB_PRIVATE->dirtycontexts) !== 0 and is_contextpath_dirty($contexts, $ACCESSLIB_PRIVATE->dirtycontexts)) {
        // reload all capabilities - preserving loginas, roleswitches, etc
        // and then cleanup any marks of dirtyness... at least from our short
        // term memory! :-)
        $ACCESSLIB_PRIVATE->accessdatabyuser = array();
        $ACCESSLIB_PRIVATE->roledefinitions = array();
        if (CLI_SCRIPT) {
            load_user_accessdata($userid);
            $USER->access = $ACCESSLIB_PRIVATE->accessdatabyuser[$userid];
            $ACCESSLIB_PRIVATE->dirtycontexts = array();
        } else {
            reload_all_capabilities();
        }
    }
    // Find out if user is admin - it is not possible to override the doanything in any way
    // and it is not possible to switch to admin role either.
    if ($doanything) {
        if (is_siteadmin($userid)) {
            if ($userid != $USER->id) {
                return true;
            }
            // make sure switchrole is not used in this context
            if (empty($USER->access['rsw'])) {
                return true;
            }
            $parts = explode('/', trim($context->path, '/'));
            $path = '';
            $switched = false;
            foreach ($parts as $part) {
                $path .= '/' . $part;
                if (!empty($USER->access['rsw'][$path])) {
                    $switched = true;
                    break;
                }
            }
            if (!$switched) {
                return true;
            }
            //ok, admin switched role in this context, let's use normal access control rules
        }
    }
    // divulge how many times we are called
    //// error_log("has_capability: id:{$context->id} path:{$context->path} userid:$userid cap:$capability");
    if (isset($USER->id) && $USER->id == $userid) {
        // we must accept strings and integers in $userid
        //
        // For the logged in user, we have $USER->access
        // which will have all RAs and caps preloaded for
        // course and above contexts.
        //
        // Contexts below courses && contexts that do not
        // hang from courses are loaded into $USER->access
        // on demand, and listed in $USER->access[loaded]
        //
        if ($context->contextlevel <= CONTEXT_COURSE) {
            // Course and above are always preloaded
            return has_capability_in_accessdata($capability, $context, $USER->access);
        }
        // Load accessdata for below-the-course contexts
        if (!path_inaccessdata($context->path, $USER->access)) {
            // error_log("loading access for context {$context->path} for $capability at {$context->contextlevel} {$context->id}");
            // $bt = debug_backtrace();
            // error_log("bt {$bt[0]['file']} {$bt[0]['line']}");
            load_subcontext($USER->id, $context, $USER->access);
        }
        return has_capability_in_accessdata($capability, $context, $USER->access);
    }
    if (!isset($ACCESSLIB_PRIVATE->accessdatabyuser[$userid])) {
        load_user_accessdata($userid);
    }
    if ($context->contextlevel <= CONTEXT_COURSE) {
        // Course and above are always preloaded
        return has_capability_in_accessdata($capability, $context, $ACCESSLIB_PRIVATE->accessdatabyuser[$userid]);
    }
    // Load accessdata for below-the-course contexts as needed
    if (!path_inaccessdata($context->path, $ACCESSLIB_PRIVATE->accessdatabyuser[$userid])) {
        // error_log("loading access for context {$context->path} for $capability at {$context->contextlevel} {$context->id}");
        // $bt = debug_backtrace();
        // error_log("bt {$bt[0]['file']} {$bt[0]['line']}");
        load_subcontext($userid, $context, $ACCESSLIB_PRIVATE->accessdatabyuser[$userid]);
    }
    return has_capability_in_accessdata($capability, $context, $ACCESSLIB_PRIVATE->accessdatabyuser[$userid]);
}
开发者ID:LMSeXT,项目名称:SAWEE-WS_server-lib,代码行数:101,代码来源:accesslib.php

示例3: get_user_courses_bycap

/**
 * Get an array of courses (with magic extra bits)
 * where the accessdata and in DB enrolments show
 * that the cap requested is available.
 *
 * The main use is for get_my_courses().
 *
 * Notes
 *
 * - $fields is an array of fieldnames to ADD
 *   so name the fields you really need, which will
 *   be added and uniq'd
 *
 * - the course records have $c->context which is a fully
 *   valid context object. Saves you a query per course!
 *
 * - the course records have $c->categorypath to make
 *   category lookups cheap
 *
 * - current implementation is split in -
 *
 *   - if the user has the cap systemwide, stupidly
 *     grab *every* course for a capcheck. This eats
 *     a TON of bandwidth, specially on large sites
 *     with separate DBs...
 *
 *   - otherwise, fetch "likely" courses with a wide net
 *     that should get us _cheaply_ at least the courses we need, and some
 *     we won't - we get courses that...
 *      - are in a category where user has the cap
 *      - or where use has a role-assignment (any kind)
 *      - or where the course has an override on for this cap
 *
 *   - walk the courses recordset checking the caps oneach one
 *     the checks are all in memory and quite fast
 *     (though we could implement a specialised variant of the
 *     has_capability_in_accessdata() code to speed it up)
 *
 * @param string $capability - name of the capability
 * @param array  $accessdata - accessdata session array
 * @param bool   $doanything - if false, ignore do anything
 * @param string $sort - sorting fields - prefix each fieldname with "c."
 * @param array  $fields - additional fields you are interested in...
 * @param int    $limit  - set if you want to limit the number of courses
 * @return array $courses - ordered array of course objects - see notes above
 *
 */
function get_user_courses_bycap($userid, $cap, $accessdata, $doanything, $sort = 'c.sortorder ASC', $fields = NULL, $limit = 0)
{
    global $CFG, $DB;
    // Slim base fields, let callers ask for what they need...
    $basefields = array('id', 'sortorder', 'shortname', 'idnumber');
    if (!is_null($fields)) {
        $fields = array_merge($basefields, $fields);
        $fields = array_unique($fields);
    } else {
        $fields = $basefields;
    }
    // If any of the fields is '*', leave it alone, discarding the rest
    // to avoid ambiguous columns under some silly DBs. See MDL-18746 :-D
    if (in_array('*', $fields)) {
        $fields = array('*');
    }
    $coursefields = 'c.' . implode(',c.', $fields);
    $sort = trim($sort);
    if ($sort !== '') {
        $sort = "ORDER BY {$sort}";
    }
    $sysctx = get_context_instance(CONTEXT_SYSTEM);
    if (has_capability_in_accessdata($cap, $sysctx, $accessdata, $doanything)) {
        //
        // Apparently the user has the cap sitewide, so walk *every* course
        // (the cap checks are moderately fast, but this moves massive bandwidth w the db)
        // Yuck.
        //
        $sql = "SELECT {$coursefields},\n                       ctx.id AS ctxid, ctx.path AS ctxpath,\n                       ctx.depth AS ctxdepth, ctx.contextlevel AS ctxlevel,\n                       cc.path AS categorypath\n                  FROM {course} c\n                  JOIN {course_categories} cc\n                       ON c.category=cc.id\n                  JOIN {context} ctx\n                       ON (c.id=ctx.instanceid AND ctx.contextlevel=" . CONTEXT_COURSE . ")\n                 {$sort} ";
        $rs = $DB->get_recordset_sql($sql);
    } else {
        //
        // narrow down where we have the caps to a few contexts
        // this will be a combination of
        // - courses    where user has an explicit enrolment
        // - courses    that have an override (any status) on that capability
        // - categories where user has the rights (granted status) on that capability
        //
        $sql = "SELECT ctx.*\n                  FROM {context} ctx\n                 WHERE ctx.contextlevel=" . CONTEXT_COURSECAT . "\n              ORDER BY ctx.depth";
        $rs = $DB->get_recordset_sql($sql);
        $catpaths = array();
        foreach ($rs as $catctx) {
            if ($catctx->path != '' && has_capability_in_accessdata($cap, $catctx, $accessdata, $doanything)) {
                $catpaths[] = $catctx->path;
            }
        }
        $rs->close();
        $catclause = '';
        $params = array();
        if (count($catpaths)) {
            $cc = count($catpaths);
            for ($n = 0; $n < $cc; $n++) {
                $catpaths[$n] = "ctx.path LIKE '{$catpaths[$n]}/%'";
//.........这里部分代码省略.........
开发者ID:nicolasconnault,项目名称:moodle2.0,代码行数:101,代码来源:accesslib.php

示例4: get_user_courses_bycap

function get_user_courses_bycap($userid, $cap, $accessdata, $doanything, $sort = 'c.sortorder ASC', $fields = NULL, $limit = 0)
{
    global $CFG;
    // Slim base fields, let callers ask for what they need...
    $basefields = array('id', 'sortorder', 'shortname', 'idnumber');
    if (!is_null($fields)) {
        $fields = array_merge($basefields, $fields);
        $fields = array_unique($fields);
    } else {
        $fields = $basefields;
    }
    $coursefields = 'c.' . implode(',c.', $fields);
    $sort = trim($sort);
    if ($sort !== '') {
        $sort = "ORDER BY {$sort}";
    }
    $sysctx = get_context_instance(CONTEXT_SYSTEM);
    if (has_capability_in_accessdata($cap, $sysctx, $accessdata, $doanything)) {
        //
        // Apparently the user has the cap sitewide, so walk *every* course
        // (the cap checks are moderately fast, but this moves massive bandwidth w the db)
        // Yuck.
        //
        $sql = "SELECT {$coursefields},\n                       ctx.id AS ctxid, ctx.path AS ctxpath,\n                       ctx.depth AS ctxdepth, ctx.contextlevel AS ctxlevel,\n                       cc.path AS categorypath\n                FROM {$CFG->prefix}course c\n                JOIN {$CFG->prefix}course_categories cc\n                  ON c.category=cc.id\n                JOIN {$CFG->prefix}context ctx \n                  ON (c.id=ctx.instanceid AND ctx.contextlevel=" . CONTEXT_COURSE . ")\n                {$sort} ";
        $rs = get_recordset_sql($sql);
    } else {
        //
        // narrow down where we have the caps to a few contexts
        // this will be a combination of
        // - categories where we have the rights
        // - courses    where we have an explicit enrolment OR that have an override
        //
        $sql = "SELECT ctx.*\n                FROM   {$CFG->prefix}context ctx\n                WHERE  ctx.contextlevel=" . CONTEXT_COURSECAT . "\n                ORDER BY ctx.depth";
        $rs = get_recordset_sql($sql);
        $catpaths = array();
        if ($rs->RecordCount()) {
            while ($catctx = rs_fetch_next_record($rs)) {
                if ($catctx->path != '' && has_capability_in_accessdata($cap, $catctx, $accessdata, $doanything)) {
                    $catpaths[] = $catctx->path;
                }
            }
        }
        rs_close($rs);
        $catclause = '';
        if (count($catpaths)) {
            $cc = count($catpaths);
            for ($n = 0; $n < $cc; $n++) {
                $catpaths[$n] = "ctx.path LIKE '{$catpaths[$n]}/%'";
            }
            $catclause = 'OR (' . implode(' OR ', $catpaths) . ')';
        }
        unset($catpaths);
        $capany = '';
        if ($doanything) {
            $capany = " OR rc.capability='moodle/site:doanything'";
        }
        //
        // Note here that we *have* to have the compound clauses
        // in the LEFT OUTER JOIN condition for them to return NULL
        // appropriately and narrow things down...
        //
        $sql = "SELECT {$coursefields},\n                       ctx.id AS ctxid, ctx.path AS ctxpath,\n                       ctx.depth AS ctxdepth, ctx.contextlevel AS ctxlevel,\n                       cc.path AS categorypath\n                FROM {$CFG->prefix}course c\n                JOIN {$CFG->prefix}course_categories cc\n                  ON c.category=cc.id\n                JOIN {$CFG->prefix}context ctx \n                  ON (c.id=ctx.instanceid AND ctx.contextlevel=" . CONTEXT_COURSE . ")\n                LEFT OUTER JOIN {$CFG->prefix}role_assignments ra\n                  ON (ra.contextid=ctx.id AND ra.userid={$userid})\n                LEFT OUTER JOIN {$CFG->prefix}role_capabilities rc\n                  ON (rc.contextid=ctx.id AND (rc.capability='{$cap}' {$capany}))\n                WHERE    ra.id IS NOT NULL\n                      OR rc.id IS NOT NULL\n                      {$catclause}\n                {$sort} ";
        $rs = get_recordset_sql($sql);
    }
    $courses = array();
    $cc = 0;
    // keep count
    if ($rs->RecordCount()) {
        while ($c = rs_fetch_next_record($rs)) {
            // build the context obj
            $c = make_context_subobj($c);
            if (has_capability_in_accessdata($cap, $c->context, $accessdata, $doanything)) {
                $courses[] = $c;
                if ($limit > 0 && $cc++ > $limit) {
                    break;
                }
            }
        }
    }
    rs_close($rs);
    return $courses;
}
开发者ID:BackupTheBerlios,项目名称:samouk-svn,代码行数:82,代码来源:accesslib.php


注:本文中的has_capability_in_accessdata函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。