| 1 |
efrain |
1 |
<?php
|
|
|
2 |
// This file is part of Moodle - https://moodle.org/
|
|
|
3 |
//
|
|
|
4 |
// Moodle is free software: you can redistribute it and/or modify
|
|
|
5 |
// it under the terms of the GNU General Public License as published by
|
|
|
6 |
// the Free Software Foundation, either version 3 of the License, or
|
|
|
7 |
// (at your option) any later version.
|
|
|
8 |
//
|
|
|
9 |
// Moodle is distributed in the hope that it will be useful,
|
|
|
10 |
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
11 |
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
12 |
// GNU General Public License for more details.
|
|
|
13 |
//
|
|
|
14 |
// You should have received a copy of the GNU General Public License
|
|
|
15 |
// along with Moodle. If not, see <https://www.gnu.org/licenses/>.
|
|
|
16 |
|
|
|
17 |
namespace core_user\external;
|
|
|
18 |
|
|
|
19 |
use core_external\external_api;
|
|
|
20 |
use core_external\external_description;
|
|
|
21 |
use core_external\external_function_parameters;
|
|
|
22 |
use core_external\external_multiple_structure;
|
|
|
23 |
use core_external\external_single_structure;
|
|
|
24 |
use core_external\external_value;
|
|
|
25 |
|
|
|
26 |
/**
|
|
|
27 |
* Provides the core_user_search_identity external function.
|
|
|
28 |
*
|
|
|
29 |
* @package core_user
|
|
|
30 |
* @category external
|
|
|
31 |
* @copyright 2021 David Mudrák <david@moodle.com>
|
|
|
32 |
* @license https://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
|
|
33 |
*/
|
|
|
34 |
class search_identity extends external_api {
|
|
|
35 |
|
|
|
36 |
/**
|
|
|
37 |
* Describes the external function parameters.
|
|
|
38 |
*
|
|
|
39 |
* @return external_function_parameters
|
|
|
40 |
*/
|
|
|
41 |
public static function execute_parameters(): external_function_parameters {
|
|
|
42 |
return new external_function_parameters([
|
|
|
43 |
'query' => new external_value(PARAM_RAW, 'The search query', VALUE_REQUIRED),
|
|
|
44 |
]);
|
|
|
45 |
}
|
|
|
46 |
|
|
|
47 |
/**
|
|
|
48 |
* Finds users with the identity matching the given query.
|
|
|
49 |
*
|
|
|
50 |
* @param string $query The search request.
|
|
|
51 |
* @return array
|
|
|
52 |
*/
|
|
|
53 |
public static function execute(string $query): array {
|
|
|
54 |
global $DB, $CFG;
|
|
|
55 |
|
|
|
56 |
$params = external_api::validate_parameters(self::execute_parameters(), [
|
|
|
57 |
'query' => $query,
|
|
|
58 |
]);
|
|
|
59 |
$query = clean_param($params['query'], PARAM_TEXT);
|
|
|
60 |
|
|
|
61 |
// Validate context.
|
|
|
62 |
$context = \context_system::instance();
|
|
|
63 |
self::validate_context($context);
|
|
|
64 |
require_capability('moodle/user:viewalldetails', $context);
|
|
|
65 |
|
|
|
66 |
$hasviewfullnames = has_capability('moodle/site:viewfullnames', $context);
|
|
|
67 |
|
|
|
68 |
$fields = \core_user\fields::for_name()->with_identity($context, false);
|
|
|
69 |
$extrafields = $fields->get_required_fields([\core_user\fields::PURPOSE_IDENTITY]);
|
|
|
70 |
|
|
|
71 |
list($searchsql, $searchparams) = users_search_sql($query, '', USER_SEARCH_CONTAINS, $extrafields);
|
|
|
72 |
list($sortsql, $sortparams) = users_order_by_sql('', $query, $context);
|
|
|
73 |
$params = array_merge($searchparams, $sortparams);
|
|
|
74 |
|
|
|
75 |
$rs = $DB->get_recordset_select('user', $searchsql, $params, $sortsql,
|
|
|
76 |
'id' . $fields->get_sql()->selects, 0, $CFG->maxusersperpage + 1);
|
|
|
77 |
|
|
|
78 |
$count = 0;
|
|
|
79 |
$list = [];
|
|
|
80 |
|
|
|
81 |
foreach ($rs as $record) {
|
|
|
82 |
$user = (object)[
|
|
|
83 |
'id' => $record->id,
|
|
|
84 |
'fullname' => fullname($record, $hasviewfullnames),
|
|
|
85 |
'extrafields' => [],
|
|
|
86 |
];
|
|
|
87 |
|
|
|
88 |
foreach ($extrafields as $extrafield) {
|
|
|
89 |
// Sanitize the extra fields to prevent potential XSS exploit.
|
|
|
90 |
$user->extrafields[] = (object)[
|
|
|
91 |
'name' => $extrafield,
|
|
|
92 |
'value' => s($record->$extrafield)
|
|
|
93 |
];
|
|
|
94 |
}
|
|
|
95 |
|
|
|
96 |
$count++;
|
|
|
97 |
|
|
|
98 |
if ($count <= $CFG->maxusersperpage) {
|
|
|
99 |
$list[$record->id] = $user;
|
|
|
100 |
}
|
|
|
101 |
}
|
|
|
102 |
|
|
|
103 |
$rs->close();
|
|
|
104 |
|
|
|
105 |
return [
|
|
|
106 |
'list' => $list,
|
|
|
107 |
'maxusersperpage' => $CFG->maxusersperpage,
|
|
|
108 |
'overflow' => ($count > $CFG->maxusersperpage),
|
|
|
109 |
];
|
|
|
110 |
}
|
|
|
111 |
|
|
|
112 |
/**
|
|
|
113 |
* Describes the external function result value.
|
|
|
114 |
*
|
|
|
115 |
* @return external_description
|
|
|
116 |
*/
|
|
|
117 |
public static function execute_returns(): external_description {
|
|
|
118 |
|
|
|
119 |
return new external_single_structure([
|
|
|
120 |
'list' => new external_multiple_structure(
|
|
|
121 |
new external_single_structure([
|
|
|
122 |
'id' => new external_value(\core_user::get_property_type('id'), 'ID of the user'),
|
|
|
123 |
// The output of the {@see fullname()} can contain formatting HTML such as <ruby> tags.
|
|
|
124 |
// So we need PARAM_RAW here and the caller is supposed to render it appropriately.
|
|
|
125 |
'fullname' => new external_value(PARAM_RAW, 'The fullname of the user'),
|
|
|
126 |
'extrafields' => new external_multiple_structure(
|
|
|
127 |
new external_single_structure([
|
|
|
128 |
'name' => new external_value(PARAM_TEXT, 'Name of the extrafield.'),
|
|
|
129 |
'value' => new external_value(PARAM_TEXT, 'Value of the extrafield.'),
|
|
|
130 |
]), 'List of extra fields', VALUE_OPTIONAL)
|
|
|
131 |
])
|
|
|
132 |
),
|
|
|
133 |
'maxusersperpage' => new external_value(PARAM_INT, 'Configured maximum users per page.'),
|
|
|
134 |
'overflow' => new external_value(PARAM_BOOL, 'Were there more records than maxusersperpage found?'),
|
|
|
135 |
]);
|
|
|
136 |
}
|
|
|
137 |
}
|