class ilRbacReview Contains Review functions of core Rbac. More...
Public Member Functions | |
| ilRbacReview () | |
| Constructor public. | |
| roleExists ($a_title, $a_id=0) | |
| Checks if a role already exists. | |
| __getParentRoles ($a_path, $a_templates, $a_keep_protected) | |
| Get parent roles in a path. | |
| getParentRoleIds ($a_endnode_id, $a_templates=false, $a_keep_protected=false) | |
| get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public | |
| getRoleListByObject ($a_ref_id, $a_templates=false) | |
| Returns a list of roles in an container public. | |
| getAssignableRoles ($a_templates=false, $a_internal_roles=false) | |
| Returns a list of all assignable roles public. | |
| getAssignableChildRoles ($a_ref_id) | |
| Get all assignable roles under a specific node public. | |
| __setTemplateFilter ($a_templates) | |
| get roles and templates or only roles; returns string for where clause private | |
| __setRoleType ($a_role_list) | |
| computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates | |
| assignedUsers ($a_rol_id, $a_fields=NULL) | |
| get all assigned users to a given role public | |
| isAssigned ($a_usr_id, $a_role_id) | |
| check if a specific user is assigned to specific role public | |
| assignedRoles ($a_usr_id) | |
| get all assigned roles to a given user public | |
| isAssignable ($a_rol_id, $a_ref_id) | |
| Check if its possible to assign users public. | |
| getFoldersAssignedToRole ($a_rol_id, $a_assignable=false) | |
| returns an array of role folder ids assigned to a role. | |
| getRolesOfRoleFolder ($a_ref_id, $a_nonassignable=true) | |
| get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public | |
| getGlobalRoles () | |
| get only 'global' roles public | |
| getGlobalRolesArray () | |
| get only 'global' roles public | |
| getGlobalAssignableRoles () | |
| get only 'global' roles (with flag 'assign_users') public | |
| __getAllRoleFolderIds () | |
| get all role folder ids private | |
| getRoleFolderOfObject ($a_ref_id) | |
| returns the data of a role folder assigned to an object public | |
| getRoleFolderIdOfObject ($a_ref_id) | |
| getOperations () | |
| get all possible operations public | |
| getOperation ($ops_id) | |
| get one operation by operation id public | |
| getOperationsOfRole ($a_rol_id, $a_type, $a_parent=0) | |
| get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public | |
| getRoleOperationsOnObject ($a_role_id, $a_ref_id) | |
| getOperationsOnType ($a_typ_id) | |
| all possible operations of a type public | |
| getOperationsOnTypeString ($a_type) | |
| all possible operations of a type public | |
| getObjectsWithStopedInheritance ($a_rol_id) | |
| get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder. | |
| isDeleted ($a_node_id) | |
| checks if a rolefolder is set as deleted (negative tree_id) public | |
| getRolesByFilter ($a_filter=0, $a_user_id=0) | |
| getTypeId ($a_type) | |
| _getOperationIdsByName ($operations) | |
| get ops_id's by name. | |
| getLinkedRolesOfRoleFolder ($a_ref_id) | |
| get all linked local roles of a role folder that are created due to stopped inheritance returns an array with role ids public | |
| isProtected ($a_ref_id, $a_role_id) | |
| __setProtectedStatus ($a_parent_roles, $a_role_hierarchy, $a_ref_id) | |
Data Fields | |
| $log = null | |
Detailed Description
class ilRbacReview Contains Review functions of core Rbac.
This class offers the possibility to view the contents of the user <-> role (UR) relation and the permission <-> role (PR) relation. For example, from the UA relation the administrator should have the facility to view all user assigned to a given role.
- Version:
- Id:
- class.ilRbacReview.php 11691 2006-07-29 17:23:20Z akill
Definition at line 40 of file class.ilRbacReview.php.
Member Function Documentation
| ilRbacReview::__getAllRoleFolderIds | ( | ) |
get all role folder ids private
- Returns:
- array
Definition at line 618 of file class.ilRbacReview.php.
Referenced by __getParentRoles().
{
$parent = array();
$q = "SELECT DISTINCT parent FROM rbac_fa";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$parent[] = $row->parent;
}
return $parent;
}
Here is the caller graph for this function:
| ilRbacReview::__getParentRoles | ( | $ | a_path, | |
| $ | a_templates, | |||
| $ | a_keep_protected | |||
| ) |
Get parent roles in a path.
If last parameter is set 'true' it delivers also all templates in the path private
- Parameters:
-
array array with path_ids boolean true for role templates (default: false)
- Returns:
- array array with all parent roles (obj_ids)
Definition at line 106 of file class.ilRbacReview.php.
References $id, $log, $q, $row, __getAllRoleFolderIds(), __setProtectedStatus(), and getRoleListByObject().
Referenced by getParentRoleIds().
{
global $log;
if (!isset($a_path) or !is_array($a_path))
{
$message = get_class($this)."::getParentRoles(): No path given or wrong datatype!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$parent_roles = array();
$role_hierarchy = array();
$child = $this->__getAllRoleFolderIds();
// CREATE IN() STATEMENT
$in = " IN('";
$in .= implode("','",$child);
$in .= "') ";
foreach ($a_path as $path)
{
$q = "SELECT * FROM tree ".
"WHERE child ".$in.
"AND parent = '".$path."'";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$roles = $this->getRoleListByObject($row->child,$a_templates);
foreach ($roles as $role)
{
$id = $role["obj_id"];
$role["parent"] = $row->child;
$parent_roles[$id] = $role;
if (!array_key_exists($role['obj_id'],$role_hierarchy))
{
$role_hierarchy[$id] = $row->child;
}
}
}
}
if (!$a_keep_protected)
{
return $this->__setProtectedStatus($parent_roles,$role_hierarchy,$path);
}
return $parent_roles;
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilRbacReview::__setProtectedStatus | ( | $ | a_parent_roles, | |
| $ | a_role_hierarchy, | |||
| $ | a_ref_id | |||
| ) |
Definition at line 1036 of file class.ilRbacReview.php.
References $_SESSION, $log, $rbacsystem, $role_id, and $rolf_id.
Referenced by __getParentRoles().
{
global $rbacsystem,$ilUser,$log;
if (in_array(SYSTEM_ROLE_ID,$_SESSION['RoleId']))
{
$leveladmin = true;
}
else
{
$leveladmin = false;
}
//var_dump($a_role_hierarchy);
foreach ($a_role_hierarchy as $role_id => $rolf_id)
{
$log->write("ilRBACreview::__setProtectedStatus(), 0");
//echo "<br/>ROLF: ".$rolf_id." ROLE_ID: ".$role_id." (".$a_parent_roles[$role_id]['title'].") ";
//var_dump($leveladmin,$a_parent_roles[$role_id]['protected']);
if ($leveladmin == true)
{
$a_parent_roles[$role_id]['protected'] = false;
continue;
}
if ($a_parent_roles[$role_id]['protected'] == true)
{
$arr_lvl_roles_user = array_intersect($_SESSION['RoleId'],array_keys($a_role_hierarchy,$rolf_id));
foreach ($arr_lvl_roles_user as $lvl_role_id)
{
//echo "<br/>level_role: ".$lvl_role_id;
//echo "<br/>a_ref_id: ".$a_ref_id;
$log->write("ilRBACreview::__setProtectedStatus(), 1");
// check if role grants 'edit_permission' to parent
if ($rbacsystem->checkPermission($a_ref_id,$lvl_role_id,'edit_permission'))
{
$log->write("ilRBACreview::__setProtectedStatus(), 2");
// user may change permissions of that higher-ranked role
$a_parent_roles[$role_id]['protected'] = false;
// remember successful check
$leveladmin = true;
}
}
}
}
return $a_parent_roles;
}
Here is the caller graph for this function:
| ilRbacReview::__setRoleType | ( | $ | a_role_list | ) |
computes role type in role list array: global: roles in ROLE_FOLDER_ID local: assignable roles in other role folders linked: roles with stoppped inheritance template: role templates
private
- Parameters:
-
array role list
- Returns:
- array role list with additional entry for role_type
Definition at line 307 of file class.ilRbacReview.php.
References $key.
Referenced by getAssignableRoles(), getRoleListByObject(), and getRolesByFilter().
{
foreach ($a_role_list as $key => $val)
{
// determine role type
if ($val["type"] == "rolt")
{
$a_role_list[$key]["role_type"] = "template";
}
else
{
if ($val["assign"] == "y")
{
if ($val["parent"] == ROLE_FOLDER_ID)
{
$a_role_list[$key]["role_type"] = "global";
}
else
{
$a_role_list[$key]["role_type"] = "local";
}
}
else
{
$a_role_list[$key]["role_type"] = "linked";
}
}
if ($val["protected"] == "y")
{
$a_role_list[$key]["protected"] = true;
}
else
{
$a_role_list[$key]["protected"] = false;
}
}
return $a_role_list;
}
Here is the caller graph for this function:
| ilRbacReview::__setTemplateFilter | ( | $ | a_templates | ) |
get roles and templates or only roles; returns string for where clause private
- Parameters:
-
boolean true: with templates
- Returns:
- string where clause
Definition at line 282 of file class.ilRbacReview.php.
Referenced by getAssignableRoles(), and getRoleListByObject().
{
if ($a_templates === true)
{
$where = "WHERE object_data.type IN ('role','rolt') ";
}
else
{
$where = "WHERE object_data.type = 'role' ";
}
return $where;
}
Here is the caller graph for this function:
| ilRbacReview::_getOperationIdsByName | ( | $ | operations | ) |
get ops_id's by name.
Example usage: $rbacadmin->grantPermission($roles,ilRbacReview::_getOperationIdsByName(array('visible','read'),$ref_id));
public
- Parameters:
-
array string name of operation. see rbac_operations
- Returns:
- array integer ops_id's
Definition at line 970 of file class.ilRbacReview.php.
References $query, $res, and $row.
Referenced by ilUtil::_getObjectsByOperations(), and ilObjChat::initDefaultRoles().
{
global $ilDB;
if(!count($operations))
{
return array();
}
$where = "WHERE operation IN ('";
$where .= implode("','",$operations);
$where .= "')";
$query = "SELECT ops_id FROM rbac_operations ".$where;
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$ops_ids[] = $row->ops_id;
}
return $ops_ids ? $ops_ids : array();
}
Here is the caller graph for this function:
| ilRbacReview::assignedRoles | ( | $ | a_usr_id | ) |
get all assigned roles to a given user public
- Parameters:
-
integer usr_id
- Returns:
- array all roles (id) the user have
Definition at line 427 of file class.ilRbacReview.php.
Referenced by getRolesByFilter().
{
if (!isset($a_usr_id))
{
$message = get_class($this)."::assignedRoles(): No user_id given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$role_arr = array();
$q = "SELECT rol_id FROM rbac_ua WHERE usr_id = '".$a_usr_id."'";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$role_arr[] = $row->rol_id;
}
if (!count($role_arr))
{
$message = get_class($this)."::assignedRoles(): No assigned roles found or user does not exist!";
#$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
return $role_arr;
}
Here is the caller graph for this function:
| ilRbacReview::assignedUsers | ( | $ | a_rol_id, | |
| $ | a_fields = NULL | |||
| ) |
get all assigned users to a given role public
- Parameters:
-
integer role_id array columns to get form usr_data table (optional)
- Returns:
- array all users (id) assigned to role OR arrays of user datas
Definition at line 355 of file class.ilRbacReview.php.
References $ilBench, $q, and $row.
Referenced by isAssigned().
{
global $ilBench;
$ilBench->start("RBAC", "review_assignedUsers");
if (!isset($a_rol_id))
{
$message = get_class($this)."::assignedUsers(): No role_id given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$result_arr = array();
if ($a_fields !== NULL and is_array($a_fields))
{
if (count($a_fields) == 0)
{
$select = "*";
}
else
{
if (($usr_id_field = array_search("usr_id",$a_fields)) !== false)
unset($a_fields[$usr_id_field]);
$select = implode(",",$a_fields).",usr_data.usr_id";
}
$q = "SELECT ".$select." FROM usr_data ".
"LEFT JOIN rbac_ua ON usr_data.usr_id=rbac_ua.usr_id ".
"WHERE rbac_ua.rol_id='".$a_rol_id."'";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_ASSOC))
{
$result_arr[] = $row;
}
}
else
{
$q = "SELECT usr_id FROM rbac_ua WHERE rol_id='".$a_rol_id."'";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_ASSOC))
{
array_push($result_arr,$row["usr_id"]);
}
}
$ilBench->stop("RBAC", "review_assignedUsers");
return $result_arr;
}
Here is the caller graph for this function:
| ilRbacReview::getAssignableChildRoles | ( | $ | a_ref_id | ) |
Get all assignable roles under a specific node public.
- Parameters:
-
ref_id
- Returns:
- array set ids
Definition at line 259 of file class.ilRbacReview.php.
References $tree, and getAssignableRoles().
{
global $tree;
$roles_data = $this->getAssignableRoles();
// Filter childs of node
foreach($roles_data as $role)
{
if($tree->isGrandChild($a_ref_id,$role['parent']))
{
$filtered[] = $role;
}
}
return $filtered ? $filtered : array();
}
Here is the call graph for this function:
| ilRbacReview::getAssignableRoles | ( | $ | a_templates = false, |
|
| $ | a_internal_roles = false | |||
| ) |
Returns a list of all assignable roles public.
- Parameters:
-
boolean if true fetch template roles too
- Returns:
- array set ids
Definition at line 230 of file class.ilRbacReview.php.
References $q, $row, __setRoleType(), __setTemplateFilter(), and fetchObjectData().
Referenced by getAssignableChildRoles(), and getRolesByFilter().
{
$role_list = array();
$where = $this->__setTemplateFilter($a_templates);
$q = "SELECT DISTINCT * FROM object_data ".
"JOIN rbac_fa ".$where.
"AND object_data.obj_id = rbac_fa.rol_id ".
"AND rbac_fa.assign = 'y'";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
//ifd $row->title
$role_list[] = fetchObjectData($row);
}
$role_list = $this->__setRoleType($role_list);
return $role_list;
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilRbacReview::getFoldersAssignedToRole | ( | $ | a_rol_id, | |
| $ | a_assignable = false | |||
| ) |
returns an array of role folder ids assigned to a role.
A role with stopped inheritance may be assigned to more than one rolefolder. To get only the original location of a role, set the second parameter to true
public
- Parameters:
-
integer role id boolean get only rolefolders where role is assignable (true)
- Returns:
- array reference IDs of role folders
Definition at line 502 of file class.ilRbacReview.php.
Referenced by getObjectsWithStopedInheritance().
{
if (!isset($a_rol_id))
{
$message = get_class($this)."::getFoldersAssignedToRole(): No role_id given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
if ($a_assignable)
{
$where = " AND assign ='y'";
}
$q = "SELECT DISTINCT parent FROM rbac_fa ".
"WHERE rol_id = '".$a_rol_id."'".$where;
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$folders[] = $row->parent;
}
return $folders ? $folders : array();
}
Here is the caller graph for this function:
| ilRbacReview::getGlobalAssignableRoles | ( | ) |
get only 'global' roles (with flag 'assign_users') public
- Returns:
- array Array with rol_ids
Definition at line 598 of file class.ilRbacReview.php.
References $role_id, ilObjRole::_getAssignUsersStatus(), and getGlobalRoles().
{
include_once './classes/class.ilObjRole.php';
foreach($this->getGlobalRoles() as $role_id)
{
if(ilObjRole::_getAssignUsersStatus($role_id))
{
$ga[] = array('obj_id' => $role_id,
'role_type' => 'global');
}
}
return $ga ? $ga : array();
}
Here is the call graph for this function:
| ilRbacReview::getGlobalRoles | ( | ) |
get only 'global' roles public
- Returns:
- array Array with rol_ids
Definition at line 573 of file class.ilRbacReview.php.
References getRolesOfRoleFolder().
Referenced by getGlobalAssignableRoles(), and getRolesByFilter().
{
return $this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false);
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilRbacReview::getGlobalRolesArray | ( | ) |
get only 'global' roles public
- Returns:
- array Array with rol_ids
Definition at line 583 of file class.ilRbacReview.php.
References $role_id, and getRolesOfRoleFolder().
{
foreach($this->getRolesOfRoleFolder(ROLE_FOLDER_ID,false) as $role_id)
{
$ga[] = array('obj_id' => $role_id,
'role_type' => 'global');
}
return $ga ? $ga : array();
}
Here is the call graph for this function:
| ilRbacReview::getLinkedRolesOfRoleFolder | ( | $ | a_ref_id | ) |
get all linked local roles of a role folder that are created due to stopped inheritance returns an array with role ids public
- Parameters:
-
integer ref_id of object boolean if false only get true local roles
- Returns:
- array Array with rol_ids
Definition at line 999 of file class.ilRbacReview.php.
{
if (!isset($a_ref_id))
{
$message = get_class($this)."::getLinkedRolesOfRoleFolder(): No ref_id given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$and = " AND assign='n'";
$q = "SELECT rol_id FROM rbac_fa ".
"WHERE parent = '".$a_ref_id."'".
$and;
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$rol_id[] = $row->rol_id;
}
return $rol_id ? $rol_id : array();
}
| ilRbacReview::getObjectsWithStopedInheritance | ( | $ | a_rol_id | ) |
get all objects in which the inheritance of role with role_id was stopped the function returns all reference ids of objects containing a role folder.
public
- Parameters:
-
integer role_id
- Returns:
- array with ref_ids of objects
Definition at line 817 of file class.ilRbacReview.php.
References $rolf_id, $tree, and getFoldersAssignedToRole().
{
$tree = new ilTree(ROOT_FOLDER_ID);
if (!isset($a_rol_id))
{
$message = get_class($this)."::getObjectsWithStopedInheritance(): No role_id given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$all_rolf_ids = $this->getFoldersAssignedToRole($a_rol_id,false);
foreach ($all_rolf_ids as $rolf_id)
{
$parent[] = $tree->getParentId($rolf_id);
}
return $parent ? $parent : array();
}
Here is the call graph for this function:
| ilRbacReview::getOperation | ( | $ | ops_id | ) |
get one operation by operation id public
- Returns:
- array data of operation_id
Definition at line 696 of file class.ilRbacReview.php.
References $ops, $ops_id, $query, $res, and $row.
{
$query = "SELECT * FROM rbac_operations WHERE ops_id = '".ilUtil::prepareDBString($ops_id)."'";
$res = $this->ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$ops = array('ops_id' => $row->ops_id,
'operation' => $row->operation,
'description' => $row->description);
}
return $ops ? $ops : array();
}
| ilRbacReview::getOperations | ( | ) |
get all possible operations public
- Returns:
- array array of operation_id
Definition at line 675 of file class.ilRbacReview.php.
| ilRbacReview::getOperationsOfRole | ( | $ | a_rol_id, | |
| $ | a_type, | |||
| $ | a_parent = 0 | |||
| ) |
get all possible operations of a specific role The ref_id of the role folder (parent object) is necessary to distinguish local roles public
- Parameters:
-
integer role_id string object type integer role folder id
- Returns:
- array array of operation_id
Definition at line 720 of file class.ilRbacReview.php.
{
if (!isset($a_rol_id) or !isset($a_type))
{
$message = get_class($this)."::getOperationsOfRole(): Missing Parameter!".
"role_id: ".$a_rol_id.
"type: ".$a_type.
"parent_id: ".$a_parent;
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$ops_arr = array();
// if no rolefolder id is given, assume global role folder as target
if ($a_parent == 0)
{
$a_parent = ROLE_FOLDER_ID;
}
$q = "SELECT ops_id FROM rbac_templates ".
"WHERE type ='".$a_type."' ".
"AND rol_id = '".$a_rol_id."' ".
"AND parent = '".$a_parent."'";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$ops_arr[] = $row->ops_id;
}
return $ops_arr;
}
| ilRbacReview::getOperationsOnType | ( | $ | a_typ_id | ) |
all possible operations of a type public
- Parameters:
-
integer object_ID of type
- Returns:
- array valid operation_IDs
Definition at line 774 of file class.ilRbacReview.php.
References $ops_id, $q, and $row.
Referenced by getOperationsOnTypeString().
{
if (!isset($a_typ_id))
{
$message = get_class($this)."::getOperationsOnType(): No type_id given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$q = "SELECT * FROM rbac_ta WHERE typ_id = '".$a_typ_id."'";
$r = $this->ilDB->query($q);
while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$ops_id[] = $row->ops_id;
}
return $ops_id ? $ops_id : array();
}
Here is the caller graph for this function:
| ilRbacReview::getOperationsOnTypeString | ( | $ | a_type | ) |
all possible operations of a type public
- Parameters:
-
integer object_ID of type
- Returns:
- array valid operation_IDs
Definition at line 799 of file class.ilRbacReview.php.
References $query, $res, $row, and getOperationsOnType().
{
$query = "SELECT * FROM object_data WHERE type = 'typ' AND title = '".ilUtil::prepareDBString($a_type)."'";
$res = $this->ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
return $this->getOperationsOnType($row->obj_id);
}
return false;
}
Here is the call graph for this function:
| ilRbacReview::getParentRoleIds | ( | $ | a_endnode_id, | |
| $ | a_templates = false, |
|||
| $ | a_keep_protected = false | |||
| ) |
get an array of parent role ids of all parent roles, if last parameter is set true you get also all parent templates public
- Parameters:
-
integer ref_id of an object which is end node boolean true for role templates (default: false)
- Returns:
- array array(role_ids => role_data)
Definition at line 167 of file class.ilRbacReview.php.
References $log, $tree, and __getParentRoles().
{
global $tree,$log;
if (!isset($a_endnode_id))
{
$message = get_class($this)."::getParentRoleIds(): No node_id (ref_id) given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
//var_dump($a_endnode_id);exit;
$log->write("ilRBACreview::getParentRoleIds(), 0");
$pathIds = $tree->getPathId($a_endnode_id);
// add system folder since it may not in the path
$pathIds[0] = SYSTEM_FOLDER_ID;
$log->write("ilRBACreview::getParentRoleIds(), 1");
return $this->__getParentRoles($pathIds,$a_templates,$a_keep_protected);
}
Here is the call graph for this function:
| ilRbacReview::getRoleFolderIdOfObject | ( | $ | a_ref_id | ) |
Definition at line 658 of file class.ilRbacReview.php.
References getRoleFolderOfObject().
{
$rolf = $this->getRoleFolderOfObject($a_ref_id);
if (!$rolf)
{
return false;
}
return $rolf['ref_id'];
}
Here is the call graph for this function:
| ilRbacReview::getRoleFolderOfObject | ( | $ | a_ref_id | ) |
returns the data of a role folder assigned to an object public
- Parameters:
-
integer ref_id of object with a rolefolder object under it
- Returns:
- array empty array if rolefolder not found
Definition at line 639 of file class.ilRbacReview.php.
References $ilBench, and $tree.
Referenced by getRoleFolderIdOfObject().
{
global $tree,$ilBench;
$ilBench->start("RBAC", "review_getRoleFolderOfObject");
if (!isset($a_ref_id))
{
$message = get_class($this)."::getRoleFolderOfObject(): No ref_id given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$childs = $tree->getChildsByType($a_ref_id,"rolf");
$ilBench->stop("RBAC", "review_getRoleFolderOfObject");
return $childs[0] ? $childs[0] : array();
}
Here is the caller graph for this function:
| ilRbacReview::getRoleListByObject | ( | $ | a_ref_id, | |
| $ | a_templates = false | |||
| ) |
Returns a list of roles in an container public.
- Parameters:
-
integer ref_id boolean if true fetch template roles too
- Returns:
- array set ids
Definition at line 194 of file class.ilRbacReview.php.
References $q, $row, __setRoleType(), __setTemplateFilter(), and fetchObjectData().
Referenced by __getParentRoles().
{
if (!isset($a_ref_id) or !isset($a_templates))
{
$message = get_class($this)."::getRoleListByObject(): Missing parameter!".
"ref_id: ".$a_ref_id.
"tpl_flag: ".$a_templates;
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$role_list = array();
$where = $this->__setTemplateFilter($a_templates);
$q = "SELECT * FROM object_data ".
"JOIN rbac_fa ".$where.
"AND object_data.obj_id = rbac_fa.rol_id ".
"AND rbac_fa.parent = '".$a_ref_id."'";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$role_list[] = fetchObjectData($row);
}
$role_list = $this->__setRoleType($role_list);
return $role_list;
}
Here is the call graph for this function:
Here is the caller graph for this function:
| ilRbacReview::getRoleOperationsOnObject | ( | $ | a_role_id, | |
| $ | a_ref_id | |||
| ) |
Definition at line 753 of file class.ilRbacReview.php.
| ilRbacReview::getRolesByFilter | ( | $ | a_filter = 0, |
|
| $ | a_user_id = 0 | |||
| ) |
Definition at line 869 of file class.ilRbacReview.php.
References $q, $row, __setRoleType(), assignedRoles(), fetchObjectData(), getAssignableRoles(), and getGlobalRoles().
{
$assign = "y";
switch($a_filter)
{
// all (assignable) roles
case 1:
return $this->getAssignableRoles();
break;
// all (assignable) global roles
case 2:
$where = "WHERE rbac_fa.rol_id IN ";
$where .= '(';
$where .= implode(',',$this->getGlobalRoles());
$where .= ')';
break;
// all (assignable) local roles
case 3:
case 4:
case 5:
$where = "WHERE rbac_fa.rol_id NOT IN ";
$where .= '(';
$where .= implode(',',$this->getGlobalRoles());
$where .= ')';
break;
// all role templates
case 6:
$where = "WHERE object_data.type = 'rolt'";
$assign = "n";
break;
// only assigned roles, handled by ilObjUserGUI::roleassignmentObject()
case 0:
default:
if (!$a_user_id) return array();
$where = "WHERE rbac_fa.rol_id IN ";
$where .= '(';
$where .= implode(',',$this->assignedRoles($a_user_id));
$where .= ')';
break;
}
$roles = array();
$q = "SELECT DISTINCT * FROM object_data ".
"JOIN rbac_fa ".$where.
"AND object_data.obj_id = rbac_fa.rol_id ".
"AND rbac_fa.assign = '".$assign."'";
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$prefix = (substr($row->title,0,3) == "il_") ? true : false;
// all (assignable) internal local roles only
if ($a_filter == 4 and !$prefix)
{
continue;
}
// all (assignable) non internal local roles only
if ($a_filter == 5 and $prefix)
{
continue;
}
$roles[] = fetchObjectData($row);
}
$roles = $this->__setRoleType($roles);
return $roles ? $roles : array();
}
Here is the call graph for this function:
| ilRbacReview::getRolesOfRoleFolder | ( | $ | a_ref_id, | |
| $ | a_nonassignable = true | |||
| ) |
get all roles of a role folder including linked local roles that are created due to stopped inheritance returns an array with role ids public
- Parameters:
-
integer ref_id of object boolean if false only get true local roles
- Returns:
- array Array with rol_ids
Definition at line 535 of file class.ilRbacReview.php.
References $ilBench, $q, and $row.
Referenced by getGlobalRoles(), and getGlobalRolesArray().
{
global $ilBench;
$ilBench->start("RBAC", "review_getRolesOfRoleFolder");
if (!isset($a_ref_id))
{
$message = get_class($this)."::getRolesOfRoleFolder(): No ref_id given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
if ($a_nonassignable === false)
{
$and = " AND assign='y'";
}
$q = "SELECT rol_id FROM rbac_fa ".
"WHERE parent = '".$a_ref_id."'".
$and;
$r = $this->ilDB->query($q);
while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
$rol_id[] = $row->rol_id;
}
$ilBench->stop("RBAC", "review_getRolesOfRoleFolder");
return $rol_id ? $rol_id : array();
}
Here is the caller graph for this function:
| ilRbacReview::getTypeId | ( | $ | a_type | ) |
| ilRbacReview::ilRbacReview | ( | ) |
Constructor public.
Definition at line 48 of file class.ilRbacReview.php.
References $ilErr, $ilias, $ilLog, and if.
{
global $ilDB,$ilErr,$ilias,$ilLog;
$this->log =& $ilLog;
// set db & error handler
(isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
if (!isset($ilErr))
{
$ilErr = new ilErrorHandling();
$ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
}
else
{
$this->ilErr =& $ilErr;
}
}
| ilRbacReview::isAssignable | ( | $ | a_rol_id, | |
| $ | a_ref_id | |||
| ) |
Check if its possible to assign users public.
- Parameters:
-
integer object id of role integer ref_id of object in question
- Returns:
- boolean
Definition at line 461 of file class.ilRbacReview.php.
References $ilBench, $q, and $row.
{
global $ilBench;
$ilBench->start("RBAC", "review_isAssignable");
// exclude system role from rbac
if ($a_rol_id == SYSTEM_ROLE_ID)
{
$ilBench->stop("RBAC", "review_isAssignable");
return true;
}
if (!isset($a_rol_id) or !isset($a_ref_id))
{
$message = get_class($this)."::isAssignable(): Missing parameter!".
" role_id: ".$a_rol_id." ,ref_id: ".$a_ref_id;
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$q = "SELECT * FROM rbac_fa ".
"WHERE rol_id = '".$a_rol_id."' ".
"AND parent = '".$a_ref_id."'";
$row = $this->ilDB->getRow($q);
$ilBench->stop("RBAC", "review_isAssignable");
return $row->assign == 'y' ? true : false;
}
| ilRbacReview::isAssigned | ( | $ | a_usr_id, | |
| $ | a_role_id | |||
| ) |
check if a specific user is assigned to specific role public
- Parameters:
-
integer usr_id integer role_id
- Returns:
- boolean
Definition at line 416 of file class.ilRbacReview.php.
References assignedUsers().
{
return in_array($a_usr_id,$this->assignedUsers($a_role_id));
}
Here is the call graph for this function:
| ilRbacReview::isDeleted | ( | $ | a_node_id | ) |
checks if a rolefolder is set as deleted (negative tree_id) public
- Parameters:
-
integer ref_id of rolefolder
- Returns:
- boolean true if rolefolder is set as deleted
Definition at line 843 of file class.ilRbacReview.php.
{
$q = "SELECT tree FROM tree WHERE child ='".$a_node_id."'";
$r = $this->ilDB->query($q);
$row = $r->fetchRow(DB_FETCHMODE_OBJECT);
if (!$row)
{
$message = sprintf('%s::isDeleted(): Role folder with ref_id %s not found!',
get_class($this),
$a_node_id);
$this->log->write($message,$this->log->FATAL);
return true;
}
// rolefolder is deleted
if ($row->tree < 0)
{
return true;
}
return false;
}
| ilRbacReview::isProtected | ( | $ | a_ref_id, | |
| $ | a_role_id | |||
| ) |
Definition at line 1023 of file class.ilRbacReview.php.
References $q, $row, and ilUtil::yn2tf().
{
$q = "SELECT protected FROM rbac_fa ".
"WHERE rol_id='".$a_role_id."' ".
"AND parent='".$a_ref_id."'";
$r = $this->ilDB->query($q);
$row = $r->fetchRow();
return ilUtil::yn2tf($row[0]);
}
Here is the call graph for this function:
| ilRbacReview::roleExists | ( | $ | a_title, | |
| $ | a_id = 0 | |||
| ) |
Checks if a role already exists.
Role title should be unique public
- Parameters:
-
string role title integer obj_id of role to exclude in the check. Commonly this is the current role you want to edit
- Returns:
- boolean true if exists
Definition at line 75 of file class.ilRbacReview.php.
{
if (empty($a_title))
{
$message = get_class($this)."::roleExists(): No title given!";
$this->ilErr->raiseError($message,$this->ilErr->WARNING);
}
$clause = ($a_id) ? " AND obj_id != '".$a_id."'" : "";
$q = "SELECT DISTINCT(obj_id) as obj_id FROM object_data ".
"WHERE title ='".addslashes($a_title)."' ".
"AND type IN('role','rolt')".
$clause;
$r = $this->ilDB->query($q);
while($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
{
return $row->obj_id;
}
return false;
}
Field Documentation
| ilRbacReview::$log = null |
Definition at line 42 of file class.ilRbacReview.php.
Referenced by __getParentRoles(), __setProtectedStatus(), and getParentRoleIds().
The documentation for this class was generated from the following file:
- classes/class.ilRbacReview.php
