Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

MDL-31720 Refactor course/rest.php

This removes duplicates and block actions remains. It also makes it
possible to include course/rest.php in such a way that it could be extended
by non-core modules wishing to overide parts of its functionality (e.g.
mod_subpage)
  • Loading branch information...
commit ff92b711409fd6dfa38015eae8fb4a93d9407fda 1 parent 6a14c4f
Ruslan Kabalin authored danpoltawski committed
Showing with 23 additions and 46 deletions.
  1. +23 −46 course/rest.php
View
69 course/rest.php
@@ -23,7 +23,10 @@
* @package course
*/
-require_once('../config.php');
+if (!defined('AJAX_SCRIPT')) {
+ define('AJAX_SCRIPT', true);
+}
+require_once(dirname(__FILE__) . '/../config.php');
require_once($CFG->dirroot.'/course/lib.php');
// Initialise ALL the incoming parameters here, up front.
@@ -46,21 +49,24 @@
//NOTE: when making any changes here please make sure it is using the same access control as course/mod.php !!
-require_login();
-
-// Authorise the user and verify some incoming data
-if (!$course = $DB->get_record('course', array('id'=>$courseid))) {
- error_log('AJAX commands.php: Course does not exist');
- die;
-}
-
if (empty($CFG->enablecourseajax)) {
- error_log('Course AJAX not allowed');
- die;
+ throw new moodle_exception('Course AJAX not allowed');
}
+$course = $DB->get_record('course', array('id' => $courseid), '*', MUST_EXIST);
+// Check user is logged in and set contexts if we are dealing with resource
+if (in_array($class, array('resource'))) {
+ $cm = get_coursemodule_from_id(null, $id, $course->id, false, MUST_EXIST);
+ require_login($course, false, $cm);
+ $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
+} else {
+ require_login($course);
+ $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
+}
require_sesskey();
+echo $OUTPUT->header(); // send headers
+
// OK, now let's process the parameters and do stuff
// MDL-10221 the DELETE method is not allowed on some web servers, so we simulate it with the action URL param
$requestmethod = $_SERVER['REQUEST_METHOD'];
@@ -72,18 +78,11 @@
case 'POST':
switch ($class) {
- case 'block':
- // not used any more
- break;
-
case 'section':
- require_login($course);
- $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
require_capability('moodle/course:update', $coursecontext);
if (!$DB->record_exists('course_sections', array('course'=>$course->id, 'section'=>$id))) {
- error_log('AJAX commands.php: Bad Section ID '.$id);
- die;
+ throw new moodle_exception('AJAX commands.php: Bad Section ID '.$id);
}
switch ($field) {
@@ -100,12 +99,6 @@
break;
case 'resource':
- if (!$cm = get_coursemodule_from_id('', $id, $course->id)) {
- error_log('AJAX commands.php: Bad course module ID '.$id);
- die;
- }
- require_login($course, false, $cm);
- $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
switch ($field) {
case 'visible':
require_capability('moodle/course:activityvisibility', $modcontext);
@@ -128,8 +121,7 @@
case 'move':
require_capability('moodle/course:manageactivities', $modcontext);
if (!$section = $DB->get_record('course_sections', array('course'=>$course->id, 'section'=>$sectionid))) {
- error_log('AJAX commands.php: Bad section ID '.$sectionid);
- die;
+ throw new moodle_exception('AJAX commands.php: Bad section ID '.$sectionid);
}
if ($beforeid > 0){
@@ -160,8 +152,6 @@
case 'course':
switch($field) {
case 'marker':
- require_login($course);
- $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
require_capability('moodle/course:update', $coursecontext);
course_set_marker($course->id, $value);
break;
@@ -172,31 +162,20 @@
case 'DELETE':
switch ($class) {
- case 'block':
- // not used any more
- break;
-
case 'resource':
- if (!$cm = get_coursemodule_from_id('', $id, $course->id)) {
- error_log('AJAX rest.php: Bad course module ID '.$id);
- die;
- }
- require_login($course, false, $cm);
- $modcontext = get_context_instance(CONTEXT_MODULE, $cm->id);
require_capability('moodle/course:manageactivities', $modcontext);
$modlib = "$CFG->dirroot/mod/$cm->modname/lib.php";
if (file_exists($modlib)) {
include_once($modlib);
} else {
- error_log("Ajax rest.php: This module is missing mod/$cm->modname/lib.php");
- die;
+ throw new moodle_exception("Ajax rest.php: This module is missing mod/$cm->modname/lib.php");
}
$deleteinstancefunction = $cm->modname."_delete_instance";
// Run the module's cleanup funtion.
if (!$deleteinstancefunction($cm->instance)) {
- error_log("Ajax rest.php: Could not delete the $cm->modname $cm->name (instance)");
+ throw new moodle_exception("Ajax rest.php: Could not delete the $cm->modname $cm->name (instance)");
die;
}
@@ -205,11 +184,11 @@
$fs->delete_area_files($modcontext->id);
if (!delete_course_module($cm->id)) {
- error_log("Ajax rest.php: Could not delete the $cm->modname $cm->name (coursemodule)");
+ throw new moodle_exception("Ajax rest.php: Could not delete the $cm->modname $cm->name (coursemodule)");
}
// Remove the course_modules entry.
if (!delete_mod_from_section($cm->id, $cm->section)) {
- error_log("Ajax rest.php: Could not delete the $cm->modname $cm->name from section");
+ throw new moodle_exception("Ajax rest.php: Could not delete the $cm->modname $cm->name from section");
}
// Trigger a mod_deleted event with information about this module.
@@ -229,5 +208,3 @@
}
break;
}
-
-
Please sign in to comment.
Something went wrong with that request. Please try again.