moodle_local_treestudyplan/classes/local/helpers/webservicehelper.php

167 lines
6.8 KiB
PHP
Raw Permalink Normal View History

<?php
2023-08-24 23:02:41 +02:00
// This file is part of the Studyplan plugin for Moodle
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <https://www.gnu.org/licenses/>.
/**
2023-08-27 15:12:54 +02:00
* Helper functions for web services
2023-08-24 23:02:41 +02:00
* @package local_treestudyplan
* @copyright 2023 P.M. Kuipers
* @license https://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace local_treestudyplan\local\helpers;
2023-08-27 15:12:54 +02:00
use \core_course_category;
2023-08-25 12:04:27 +02:00
defined('MOODLE_INTERNAL') || die();
2023-08-17 23:28:48 +02:00
require_once($CFG->dirroot.'/webservice/lib.php');
2023-08-27 15:12:54 +02:00
/**
* Class containing helper functions for webservices
*/
class webservicehelper {
/** @var \context_system */
private static $systemcontext = null;
2023-08-27 15:12:54 +02:00
/** @var \context[] */
2023-08-25 09:33:42 +02:00
private static $validatedcontexts = [];
/**
2023-08-24 23:02:41 +02:00
* Test for capability in the given context for the current user and throw a \webservice_access_exception if not
* Note: The context is not validate
2023-08-25 11:52:05 +02:00
* @param array|string $capability One or more capabilities to be tested OR wise
* @param \context $context The context in which to check for the capability.
* @throws \webservice_access_exception If none of the capabilities provided are given to the current user
2023-08-24 23:02:41 +02:00
* @return boolean
*/
2023-08-24 23:02:41 +02:00
public static function has_capabilities($capability, $context) {
2023-08-24 23:02:41 +02:00
if ($context == null) {
$context = \context_system::instance();
}
2023-08-24 23:02:41 +02:00
if (is_array($capability)) {
2023-08-25 12:16:51 +02:00
// TODO: replace this by accesslib function \has_any_capability().
2023-08-24 23:02:41 +02:00
foreach ($capability as $cap) {
if (has_capability($cap, $context)) {
return true;
}
}
2023-08-24 23:09:20 +02:00
} else if (has_capability($capability, $context)) {
return true;
}
}
/**
* Test if the current user has a certain capability in any of the categories they have access to
* @param string $capability The capability to scan for in the categories
2023-08-27 15:12:54 +02:00
* @param core_course_category $parent The parent category to use as a scanning base. Used internally.
2023-08-24 23:02:41 +02:00
* @return boolean
*/
2023-08-27 15:12:54 +02:00
public static function has_capability_in_any_category($capability, core_course_category $parent = null) {
2023-08-24 23:02:41 +02:00
// List the categories in which the user has a specific capability.
$list = [];
2023-08-25 09:44:34 +02:00
// Initialize parent if needed.
2023-08-24 23:02:41 +02:00
if ($parent == null) {
$parent = \core_course_category::user_top();
if ($parent == null) {
// If the parent is still null, we do not have a valid user top.
return false;
}
2023-08-24 23:02:41 +02:00
if (has_capability($capability, $parent->get_context())) {
$list[] = $parent;
}
}
2023-08-24 23:02:41 +02:00
$children = $parent->get_children();
2023-08-24 23:02:41 +02:00
// Since the change for a category permission is greatest at the lower levels,.
2023-08-25 09:44:34 +02:00
// We scan in two stages, to focus the search more on the lower levels instead of diving deep into the first category.
2023-08-24 23:02:41 +02:00
// Stage one (surface check): check all children for the capability.
foreach ($children as $child) {
// Check if we should add this category.
if (has_capability($capability, $child->get_context())) {
return true;
2023-08-24 23:02:41 +02:00
}
2023-08-17 23:28:48 +02:00
}
2023-08-24 23:02:41 +02:00
// Stage two (deep dive): recurse into the child categories.
foreach ($children as $child) {
if ($child->get_children_count() > 0) {
if (self::has_capability_in_any_category($capability, $child)) {
2023-08-17 23:28:48 +02:00
return true;
}
}
}
return false;
}
/**
2023-08-24 23:02:41 +02:00
* Test for capability in the given context for the current user and throw a \webservice_access_exception if not
2023-08-25 11:52:05 +02:00
* @param array|string $capability One or more capabilities to be tested OR wise
* @param \context $context The context in which to check for the capability. Leave empty to use the system context.
* @param bool $validate Validate the context before checking capabilities
* @throws \webservice_access_exception If none of the capabilities provided are given to the current user
*/
2023-08-25 13:04:19 +02:00
public static function require_capabilities($capability, $context = null, $validate = true) {
2023-08-24 23:02:41 +02:00
if ($validate) {
\external_api::validate_context($context);
}
2023-08-24 23:02:41 +02:00
if (! static::has_capabilities($capability, $context)) {
2023-08-25 11:52:05 +02:00
throw new \webservice_access_exception(
"The capability {$capability} is required on this context ({$context->get_context_name()})"
);
}
}
/**
* Find and validate a given context by id
* @param int $contextid The id of the context
* @return \context The found context by id
* @throws \InvalidArgumentException When the context is not found
*/
2023-08-25 17:33:20 +02:00
public static function find_context($contextid): \context {
2023-08-24 23:02:41 +02:00
if (isset($contextid) && is_int($contextid) && $contextid > 0) {
2023-08-25 10:41:56 +02:00
if (!in_array($contextid, self::$validatedcontexts)) {
// Cache the context and make sure it is only validated once...
2023-08-24 23:09:20 +02:00
try {
$context = \context::instance_by_id($contextid);
2023-08-25 10:41:56 +02:00
} catch (\dml_missing_record_exception $x) {
2023-08-25 11:52:05 +02:00
// Just throw it up again. catch is included here to make sure we know it throws this exception.
throw new \InvalidArgumentException("Context {$contextid} not available");
}
2023-08-24 23:02:41 +02:00
// Validate the found context.
\external_api::validate_context($context);
2023-08-25 09:33:42 +02:00
self::$validatedcontexts[$contextid] = $context;
}
2023-08-25 09:33:42 +02:00
return self::$validatedcontexts[$contextid];
2023-08-25 10:41:56 +02:00
} else {
2023-08-24 23:02:41 +02:00
return static::system_context(); // This function ensures the system context is validated just once this call.
}
}
2023-08-24 23:02:41 +02:00
/**
* Return the validated system context (validation happens only once for this call)
* @return \context_system The system context, validated to use as this context
*/
public static function system_context(): \context_system {
2023-08-24 23:02:41 +02:00
if (!isset(static::$systemcontext)) {
static::$systemcontext = \context_system::instance();
\external_api::validate_context(static::$systemcontext);
}
return static::$systemcontext;
}
2023-08-25 11:52:05 +02:00
}