00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00037 class ilPermissionGUI
00038 {
00046 function ilPermissionGUI(&$a_gui_obj)
00047 {
00048 global $ilias, $objDefinition, $tpl, $tree, $ilCtrl, $ilErr, $lng;
00049
00050 if (!isset($ilErr))
00051 {
00052 $ilErr = new ilErrorHandling();
00053 $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
00054 }
00055 else
00056 {
00057 $this->ilErr =& $ilErr;
00058 }
00059
00060 $this->ilias =& $ilias;
00061 $this->objDefinition =& $objDefinition;
00062 $this->tree =& $tree;
00063 $this->tpl =& $tpl;
00064 $this->lng =& $lng;
00065 $this->lng->loadLanguageModule("rbac");
00066
00067 $this->ctrl =& $ilCtrl;
00068
00069 $this->gui_obj =& $a_gui_obj;
00070
00071 $this->roles = array();
00072 $this->num_roles = 0;
00073 }
00074
00075
00076 function &executeCommand()
00077 {
00078 global $rbacsystem, $ilErr;
00079
00080
00081 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00082 {
00083 $ilErr->raiseError($this->lng->txt("permission_denied"),$ilErr->MESSAGE);
00084 }
00085
00086 $next_class = $this->ctrl->getNextClass($this);
00087
00088 switch($next_class)
00089 {
00090 case "ilobjrolegui":
00091 include_once("classes/class.ilObjRoleGUI.php");
00092 $this->gui_obj = new ilObjRoleGUI("",(int) $_GET["obj_id"], false, false);
00093 $this->gui_obj->setBackTarget($this->lng->txt("perm_settings"),
00094 $this->ctrl->getLinkTarget($this, "perm"));
00095 $ret =& $this->ctrl->forwardCommand($this->gui_obj);
00096 break;
00097
00098 default:
00099 $cmd = $this->ctrl->getCmd();
00100 $this->$cmd();
00101 break;
00102 }
00103
00104 return true;
00105 }
00106
00112 function perm()
00113 {
00114 global $rbacsystem, $rbacreview;
00115
00116 $this->getRolesData();
00117
00119
00121 $this->__initSubTabs("perm");
00122
00123 $this->gui_obj->getTemplateFile("perm");
00124
00125 $this->num_roles = count($this->roles);
00126
00127
00128 $this->tpl->setCurrentBlock("filter");
00129 $this->tpl->setVariable("FILTER_TXT_FILTER",$this->lng->txt('filter'));
00130 $this->tpl->setVariable("SELECT_FILTER",$this->__buildRoleFilterSelect());
00131 $this->tpl->setVariable("FILTER_ACTION",$this->ctrl->getFormAction($this)."&cmd=perm");
00132 $this->tpl->setVariable("FILTER_NAME",'view');
00133 $this->tpl->setVariable("FILTER_VALUE",$this->lng->txt('apply_filter'));
00134 $this->tpl->parseCurrentBlock();
00135
00136
00137 if ($this->num_roles < 1)
00138 {
00139 sendinfo($this->lng->txt("msg_no_roles_of_type"),false);
00140 $this->__displayAddRoleForm();
00141 return true;
00142 }
00143
00144 $this->tpl->addBlockFile("PERM_PERMISSIONS", "permissions", "tpl.obj_perm_permissions.html");
00145
00146 $this->tpl->setVariable("TXT_TITLE", $this->lng->txt("permission_settings"));
00147 $this->tpl->setVariable("IMG_PERM", ilUtil::getImagePath("icon_perm.gif"));
00148 $this->tpl->setVariable("TXT_TITLE_INFO",
00149 sprintf($this->lng->txt("permission_settings_info"),
00150 $this->gui_obj->object->getTitle()
00151 ));
00152 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00153 $this->tpl->setVariable("FORMACTION",
00154 $this->gui_obj->getFormAction("permSave",$this->ctrl->getLinkTarget($this,"permSave")));
00155 $this->tpl->setVariable("TXT_SAVE", $this->lng->txt("save"));
00156
00157
00158 $global_roles = $rbacreview->getGlobalRoles();
00159
00160 foreach ($this->roles as $role)
00161 {
00162 $tmp_role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00163 $tmp_local_roles = array();
00164
00165 if ($tmp_role_folder)
00166 {
00167 $tmp_local_roles = $rbacreview->getRolesOfRoleFolder($tmp_role_folder["ref_id"]);
00168 }
00169
00170
00171 if ($role['protected'] == false and in_array($role['obj_id'],$tmp_local_roles))
00172 {
00173 $role_folder_data = $rbacreview->getRoleFolderOfObject($_GET['ref_id']);
00174 $role_folder_id = $role_folder_data['ref_id'];
00175
00176
00177 $this->tpl->setCurrentBlock("rolelink_open");
00178
00179 $up_path = defined('ILIAS_MODULE') ? "../" : "";
00180 $this->ctrl->setParameterByClass("ilobjrolegui", "obj_id",
00181 $role['obj_id']);
00182 $this->ctrl->setParameterByClass("ilobjrolegui", "rolf_ref_id",
00183 $role_folder_id);
00184 $this->tpl->setVariable("LINK_ROLE_RULESET",
00185 $this->ctrl->getLinkTargetByClass("ilobjrolegui", "perm"));
00186
00187 $this->tpl->setVariable("TXT_ROLE_RULESET",$this->lng->txt("edit_perm_ruleset"));
00188 $this->tpl->parseCurrentBlock();
00189
00190 $this->tpl->touchBlock("rolelink_close");
00191 }
00192
00193 $this->tpl->setCurrentBlock("role_infos");
00194
00195
00196 include_once ('class.ilObjRole.php');
00197 $this->tpl->setVariable("ROLE_NAME",str_replace(" "," ",ilObjRole::_getTranslation($role["title"])));
00198
00199
00200
00201 if (in_array($role["obj_id"],$global_roles))
00202 {
00203 $this->tpl->setVariable("ROLE_CONTEXT_TYPE","global");
00204 }
00205 else
00206 {
00207 $rolf = $rbacreview->getFoldersAssignedToRole($role["obj_id"],true);
00208 $parent_node = $this->tree->getParentNodeData($rolf[0]);
00209
00210
00211 $this->tpl->setVariable("ROLE_CONTEXT_TYPE",$parent_node["title"]);
00212 }
00213
00214 $this->tpl->parseCurrentBlock();
00215 }
00216 $this->ctrl->clearParametersByClass("ilobjrolegui");
00217
00218
00219
00220
00221 $this->__showPermissionsGeneralSection();
00222
00223
00224 $this->__showPermissionsObjectSection();
00225
00226
00227 $this->__showPermissionsRBACSection();
00228
00229
00230 $this->__showPermissionsCreateSection();
00231
00232 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00233
00234
00235 $this->__displayAddRoleForm();
00236 }
00237
00238
00244 function permSave()
00245 {
00246 global $rbacreview, $rbacadmin, $rbacsystem;
00247
00248
00249 $rbacadmin->revokePermission($this->gui_obj->object->getRefId());
00250
00251 if (is_array($_POST["perm"]))
00252 {
00253 foreach ($_POST["perm"] as $key => $new_role_perms)
00254 {
00255 $rbacadmin->grantPermission($key,$new_role_perms,$this->gui_obj->object->getRefId());
00256 }
00257 }
00258
00259
00260 $this->gui_obj->object->update();
00261
00262
00263
00264
00265
00266
00267
00268
00269
00270 $rolf_data = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00271 $rolf_id = $rolf_data["child"];
00272
00273 $stop_inherit_roles = $_POST["stop_inherit"] ? $_POST["stop_inherit"] : array();
00274
00275 if ($stop_inherit_roles)
00276 {
00277
00278 if (empty($rolf_id))
00279 {
00280
00281 $rfoldObj = $this->gui_obj->object->createRoleFolder();
00282
00283
00284 $rolf_id = $rfoldObj->getRefId();
00285 }
00286
00287 $roles_of_folder = $rbacreview->getRolesOfRoleFolder($rolf_id);
00288
00289 foreach ($stop_inherit_roles as $stop_inherit)
00290 {
00291
00292 if (!in_array($stop_inherit,$roles_of_folder))
00293 {
00294 $parentRoles = $rbacreview->getParentRoleIds($rolf_id);
00295 $rbacadmin->copyRolePermission($stop_inherit,$parentRoles[$stop_inherit]["parent"],
00296 $rolf_id,$stop_inherit);
00297 $rbacadmin->assignRoleToFolder($stop_inherit,$rolf_id,'n');
00298 }
00299 }
00300 }
00301
00302 if ($rolf_id and $rolf_id != ROLE_FOLDER_ID)
00303 {
00304
00305 $linked_roles = $rbacreview->getLinkedRolesOfRoleFolder($rolf_id);
00306 $linked_roles_to_remove = array_diff($linked_roles,$stop_inherit_roles);
00307
00308
00309 foreach ($linked_roles_to_remove as $role_id)
00310 {
00311 if ($rbacreview->isProtected($rolf_id,$role_id))
00312 {
00313 continue;
00314 }
00315
00316 $role_obj =& $this->ilias->obj_factory->getInstanceByObjId($role_id);
00317 $role_obj->setParent($rolf_id);
00318 $role_obj->delete();
00319 unset($role_obj);
00320 }
00321 }
00322
00323 sendinfo($this->lng->txt("saved_successfully"),true);
00324
00325
00326 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00327 {
00328 $this->ctrl->redirect($this->gui_obj);
00329 }
00330
00331 $this->ctrl->redirect($this,'perm');
00332 }
00333
00334
00335
00343 function addRole()
00344 {
00345 global $rbacadmin, $rbacreview, $rbacsystem;
00346
00347
00348 if ($rbacreview->roleExists($_POST["Fobject"]["title"]))
00349 {
00350 $this->ilias->raiseError($this->lng->txt("msg_role_exists1")." '".ilUtil::stripSlashes($_POST["Fobject"]["title"])."' ".
00351 $this->lng->txt("msg_role_exists2"),$this->ilias->error_obj->MESSAGE);
00352 }
00353
00354
00355 if (substr($_POST["Fobject"]["title"],0,3) == "il_")
00356 {
00357 $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
00358 }
00359
00360
00361 if ($this->gui_obj->object->getType() != "rolf")
00362 {
00363 $rolf_data = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00364
00365
00366 if (!($rolf_id = $rolf_data["child"]))
00367 {
00368
00369 $subobjects = $this->objDefinition->getSubObjects($this->gui_obj->object->getType());
00370
00371 if (!isset($subobjects["rolf"]))
00372 {
00373 $this->ilias->raiseError($this->lng->txt("msg_no_rolf_allowed1")." '".$this->gui_obj->object->getTitle()."' ".
00374 $this->lng->txt("msg_no_rolf_allowed2"),$this->ilias->error_obj->WARNING);
00375 }
00376
00377
00378 $rolfObj = $this->gui_obj->object->createRoleFolder();
00379 $rolf_id = $rolfObj->getRefId();
00380 }
00381 }
00382 else
00383 {
00384
00385 $rolf_id = $this->gui_obj->object->getRefId();
00386 }
00387
00388
00389 if ($this->gui_obj->object->getType() == "rolf")
00390 {
00391 $roleObj = $this->gui_obj->object->createRole($_POST["Fobject"]["title"],$_POST["Fobject"]["desc"]);
00392 }
00393 else
00394 {
00395 $rfoldObj = $this->ilias->obj_factory->getInstanceByRefId($rolf_id);
00396 $roleObj = $rfoldObj->createRole($_POST["Fobject"]["title"],$_POST["Fobject"]["desc"]);
00397 }
00398
00399 sendInfo($this->lng->txt("role_added"),true);
00400
00401
00402
00403
00404
00405
00406
00407
00408
00409
00410
00411
00412
00413
00414
00415
00416 $this->ctrl->redirect($this,'perm');
00417 }
00418
00419 function &__initTableGUI()
00420 {
00421 include_once "./classes/class.ilTableGUI.php";
00422
00423 return new ilTableGUI(0,false);
00424 }
00425
00431 function __setTableGUIBasicData(&$tbl,&$result_set,$a_from = "")
00432 {
00433 switch ($a_from)
00434 {
00435 case "clipboardObject":
00436 $offset = $_GET["offset"];
00437 $order = $_GET["sort_by"];
00438 $direction = $_GET["sort_order"];
00439 $tbl->disable("footer");
00440 break;
00441
00442 default:
00443 $offset = $_GET["offset"];
00444 $order = $_GET["sort_by"];
00445 $direction = $_GET["sort_order"];
00446 break;
00447 }
00448
00449 $tbl->setOrderColumn($order);
00450 $tbl->setOrderDirection($direction);
00451 $tbl->setOffset($offset);
00452 $tbl->setLimit($_GET["limit"]);
00453 $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
00454 $tbl->setData($result_set);
00455 }
00456
00457
00458 function __buildRoleFilterSelect()
00459 {
00460 $action[1] = $this->lng->txt('filter_all_roles');
00461 $action[2] = $this->lng->txt('filter_global_roles');
00462 $action[3] = $this->lng->txt('filter_local_roles');
00463 $action[4] = $this->lng->txt('filter_roles_local_policy');
00464 $action[5] = $this->lng->txt('filter_local_roles_object');
00465
00466 return ilUtil::formSelect($_SESSION['perm_filtered_roles'],"filter",$action,false,true);
00467 }
00468
00469 function __filterRoles($a_roles,$a_filter)
00470 {
00471 global $rbacreview;
00472
00473 switch ($a_filter)
00474 {
00475 case 1:
00476 return $a_roles;
00477 break;
00478
00479 case 2:
00480 $arr_global_roles = $rbacreview->getGlobalRoles();
00481 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_global_roles);
00482
00483 foreach ($arr_remove_roles as $role_id)
00484 {
00485 unset($a_roles[$role_id]);
00486 }
00487
00488 return $a_roles;
00489 break;
00490
00491 case 3:
00492 $arr_global_roles = $rbacreview->getGlobalRoles();
00493
00494 foreach ($arr_global_roles as $role_id)
00495 {
00496 unset($a_roles[$role_id]);
00497 }
00498
00499 return $a_roles;
00500 break;
00501
00502 case 4:
00503 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00504
00505 if (!$role_folder)
00506 {
00507 return array();
00508 }
00509
00510 $arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"]);
00511 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
00512
00513 foreach ($arr_remove_roles as $role_id)
00514 {
00515 unset($a_roles[$role_id]);
00516 }
00517
00518 return $a_roles;
00519 break;
00520
00521 case 5:
00522
00523 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00524
00525 if (!$role_folder)
00526 {
00527 return array();
00528 }
00529
00530 $arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"],false);
00531 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
00532
00533 foreach ($arr_remove_roles as $role_id)
00534 {
00535 unset($a_roles[$role_id]);
00536 }
00537
00538 return $a_roles;
00539 break;
00540 }
00541
00542 return $a_roles;
00543 }
00544
00545
00546 function owner()
00547 {
00548 global $ilObjDataCache,$ilUser;
00549
00550 $this->__initSubTabs("owner");
00551
00552 $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.obj_owner.html');
00553
00554 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00555 $this->tpl->setVariable("USERNAME",ilObjUser::_lookupLogin($this->gui_obj->object->getOwner()));
00556 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_usr.gif'));
00557 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('owner'));
00558 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('info_owner_of_object'));
00559 $this->tpl->setVariable("BTN_CHOWN",$this->lng->txt('change_owner'));
00560 $this->tpl->setVariable("TXT_USERNAME",$this->lng->txt('username'));
00561 $this->tpl->setVariable("CHOWN_WARNING",$this->lng->txt('chown_warning'));
00562 }
00563
00564 function changeOwner()
00565 {
00566 global $rbacsystem,$ilErr,$ilObjDataCache;
00567
00568 if(!$user_id = ilObjUser::_lookupId($_POST['owner']))
00569 {
00570 sendInfo($this->lng->txt('user_not_known'));
00571 $this->owner();
00572 return true;
00573 }
00574
00575 $this->gui_obj->object->setOwner($user_id);
00576 $this->gui_obj->object->updateOwner();
00577 $ilObjDataCache->deleteCachedEntry($this->gui_obj->object->getId());
00578 sendInfo($this->lng->txt('owner_updated'),true);
00579
00580 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00581 {
00582 $this->ctrl->redirect($this->gui_obj);
00583 return true;
00584 }
00585
00586 $this->ctrl->redirect($this,'owner');
00587 return true;
00588
00589 }
00590
00591
00592 function info()
00593 {
00594 $this->__initSubTabs("info");
00595
00596 include_once('classes/class.ilObjectStatusGUI.php');
00597
00598 $ilInfo = new ilObjectStatusGUI($this->gui_obj->object);
00599
00600 $this->tpl->setVariable("ADM_CONTENT",$ilInfo->getHTML());
00601 }
00602
00603
00604 function __initSubTabs($a_cmd)
00605 {
00606 global $ilTabs;
00607
00608 $perm = ($a_cmd == 'perm') ? true : false;
00609 $info = ($a_cmd == 'info') ? true : false;
00610 $owner = ($a_cmd == 'owner') ? true : false;
00611
00612 $ilTabs->addSubTabTarget("permission_settings", $this->ctrl->getLinkTarget($this, "perm"),
00613 "", "", "", $perm);
00614 $ilTabs->addSubTabTarget("info_status_info", $this->ctrl->getLinkTarget($this, "info"),
00615 "", "", "", $info);
00616 $ilTabs->addSubTabTarget("owner", $this->ctrl->getLinkTarget($this, "owner"),
00617 "", "", "", $owner);
00618 }
00619
00620 function getRolesData()
00621 {
00622 global $rbacsystem, $rbacreview;
00623
00624
00625 $roles = $rbacreview->getParentRoleIds($this->gui_obj->object->getRefId());
00626
00627
00628 $_SESSION['perm_filtered_roles'] = isset($_POST['filter']) ? $_POST['filter'] : $_SESSION['perm_filtered_roles'];
00629
00630
00631 if ($_SESSION['perm_filtered_roles'] == 0)
00632 {
00633 $_SESSION['perm_filtered_roles'] = 1;
00634 }
00635
00636
00637 $roles = $this->__filterRoles($roles,$_SESSION["perm_filtered_roles"]);
00638
00639
00640
00641 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00642
00643 $local_roles = array();
00644
00645 if (!empty($role_folder))
00646 {
00647 $local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"]);
00648 }
00649
00650 foreach ($roles as $key => $role)
00651 {
00652
00653 if ($role["obj_id"] == SYSTEM_ROLE_ID)
00654 {
00655 unset($roles[$key]);
00656 continue;
00657 }
00658
00659 $this->roles[$role['obj_id']] = $role;
00660
00661
00662 $this->roles[$role['obj_id']]['keep_protected'] = $rbacreview->isProtected($role['parent'],$role['obj_id']);
00663
00664 if (!in_array($role["obj_id"],$local_roles))
00665 {
00666 $this->roles[$role['obj_id']]['local_policy_enabled'] = false;
00667 $this->roles[$role['obj_id']]['local_policy_allowed'] = true;
00668 }
00669 else
00670 {
00671
00672 if ($rbacreview->isAssignable($role["obj_id"],$role_folder["ref_id"]))
00673 {
00674 $this->roles[$role['obj_id']]['local_policy_allowed'] = false;
00675 }
00676 else
00677 {
00678 $this->roles[$role['obj_id']]['local_policy_enabled'] = true;
00679 $this->roles[$role['obj_id']]['local_policy_allowed'] = true;
00680 }
00681 }
00682
00683
00684 $grouped_ops = groupOperationsByClass(getOperationList($this->gui_obj->object->getType()));
00685
00686 foreach ($grouped_ops as $ops_group => $ops_data)
00687 {
00688 foreach ($ops_data as $key => $operation)
00689 {
00690 $grouped_ops[$ops_group][$key]['checked'] = $rbacsystem->checkPermission($this->gui_obj->object->getRefId(), $role['obj_id'], $operation['name']);
00691 }
00692 }
00693
00694 $this->roles[$role['obj_id']]['permissions'] = $grouped_ops;
00695 unset($grouped_ops);
00696 }
00697 }
00698
00699 function __displayAddRoleForm()
00700 {
00701
00702 $object_types_exclude = array("adm","root","mail","objf","lngf","trac","taxf","auth", "assf",'seas','extt','adve');
00703
00704 if (!in_array($this->gui_obj->object->getType(),$object_types_exclude) and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00705 {
00706 $this->tpl->addBlockFile("PERM_ADD_ROLE", "add_local_roles", "tpl.obj_perm_add_role.html");
00707
00708
00709 $data = array();
00710 $data["fields"] = array();
00711 $data["fields"]["title"] = $_SESSION["error_post_vars"]["Fobject"]["title"];
00712 $data["fields"]["desc"] = $_SESSION["error_post_vars"]["Fobject"]["desc"];
00713
00714 foreach ($data["fields"] as $key => $val)
00715 {
00716 $this->tpl->setVariable("TXT_LR_".strtoupper($key), $this->lng->txt($key));
00717 $this->tpl->setVariable(strtoupper($key), $val);
00718 }
00719
00720 $this->tpl->setVariable("FORMACTION_LR",$this->gui_obj->getFormAction("addRole", $this->ctrl->getLinkTarget($this, "addRole")));
00721 $this->tpl->setVariable("TXT_LR_HEADER", $this->lng->txt("you_may_add_local_roles"));
00722 $this->tpl->setVariable("TXT_ADD_ROLE", $this->lng->txt("role_add_local"));
00723 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
00724 }
00725 }
00726
00727 function __showPermissionsGeneralSection()
00728 {
00729 $this->tpl->setCurrentBlock("perm_subtitle");
00730 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_general'));
00731 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_general_desc'));
00732 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00733 $this->tpl->parseCurrentBlock();
00734
00735 foreach ($this->roles as $role)
00736 {
00737 foreach ($role['permissions']['general'] as $perm)
00738 {
00739
00740 if ($perm['name'] == 'delete' and $this->gui_obj->object->getType() == 'rolf' and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00741 {
00742 continue;
00743 }
00744
00745 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00746
00747 $this->tpl->setCurrentBlock("perm_item");
00748 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00749 $this->tpl->setVariable("PERM_NAME",$this->lng->txt($perm['name']));
00750 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00751 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00752 $this->tpl->parseCurrentBlock();
00753 }
00754
00755 $this->tpl->setCurrentBlock("perm_table");
00756 $this->tpl->parseCurrentBlock();
00757 }
00758
00759 $this->tpl->setCurrentBlock("perm_settings");
00760 $this->tpl->parseCurrentBlock();
00761 }
00762
00763 function __showPermissionsObjectSection()
00764 {
00765
00766 reset($this->roles);
00767 $first_role =& current($this->roles);
00768
00769 if (count($first_role['permissions']['object']))
00770 {
00771 $this->tpl->setCurrentBlock("perm_subtitle");
00772 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_object'));
00773 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_object_desc'));
00774 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00775 $this->tpl->parseCurrentBlock();
00776
00777 foreach ($this->roles as $role)
00778 {
00779 foreach ($role['permissions']['object'] as $perm)
00780 {
00781 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00782
00783 $this->tpl->setCurrentBlock("perm_item");
00784 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00785 $this->tpl->setVariable("PERM_NAME",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00786 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00787 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00788 $this->tpl->parseCurrentBlock();
00789 }
00790
00791 $this->tpl->setCurrentBlock("perm_table");
00792 $this->tpl->parseCurrentBlock();
00793 }
00794
00795 $this->tpl->setCurrentBlock("perm_settings");
00796 $this->tpl->parseCurrentBlock();
00797 }
00798 }
00799
00800 function __showPermissionsRBACSection()
00801 {
00802 $this->tpl->setCurrentBlock("perm_subtitle");
00803 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_rbac'));
00804 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_rbac_desc'));
00805 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00806 $this->tpl->parseCurrentBlock();
00807
00808 foreach ($this->roles as $role)
00809 {
00810 foreach ($role['permissions']['rbac'] as $perm)
00811 {
00812 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00813
00814 $this->tpl->setCurrentBlock("perm_item");
00815 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00816 $this->tpl->setVariable("PERM_NAME",$this->lng->txt('perm_administrate'));
00817 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00818 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00819 $this->tpl->parseCurrentBlock();
00820 }
00821
00822
00823
00824 if ($this->objDefinition->stopInheritance($this->gui_obj->object->getType()))
00825 {
00826 if ($role['local_policy_allowed'])
00827 {
00828 $box = ilUtil::formCheckBox($role['local_policy_enabled'],'stop_inherit[]',$role['obj_id'],$role['keep_protected']);
00829 $lang = $this->lng->txt("perm_use_local_policy")." (".
00830 $this->lng->txt("stop_inheritance").")";
00831 $lang_desc = $this->lng->txt("perm_use_local_policy_desc");
00832 }
00833 else
00834 {
00835 $box = ' ';
00836 $lang = $this->lng->txt("perm_local_role");
00837 $lang_desc = $this->lng->txt("perm_local_role_desc");
00838 }
00839
00840 $this->tpl->setCurrentBlock("perm_item");
00841 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00842 $this->tpl->setVariable("PERM_NAME",$lang);
00843 $this->tpl->setVariable("PERM_TOOLTIP",$lang_desc);
00844 $this->tpl->setVariable("PERM_LABEL",'stop_inherit_'.$role['obj_id']);
00845 $this->tpl->parseCurrentBlock();
00846 }
00847
00848 $this->tpl->setCurrentBlock("perm_table");
00849 $this->tpl->parseCurrentBlock();
00850 }
00851
00852 $this->tpl->setCurrentBlock("perm_settings");
00853 $this->tpl->parseCurrentBlock();
00854 }
00855
00856 function __showPermissionsCreateSection()
00857 {
00858
00859
00860 if ($this->gui_obj->object->getType() == 'rolf' and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00861 {
00862 return;
00863 }
00864
00865
00866 reset($this->roles);
00867 $first_role =& current($this->roles);
00868
00869 if (count($first_role['permissions']['create']))
00870 {
00871 $this->tpl->setCurrentBlock("perm_subtitle");
00872 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_create'));
00873 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_create_desc'));
00874 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00875 $this->tpl->parseCurrentBlock();
00876
00877 foreach ($this->roles as $role)
00878 {
00879 foreach ($role['permissions']['create'] as $perm)
00880 {
00881 if ($perm["name"] == "create_icrs" and !$this->ilias->getSetting("ilinc_active"))
00882 {
00883 continue;
00884 }
00885
00886 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00887
00888 $this->tpl->setCurrentBlock("perm_item");
00889 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00890 $this->tpl->setVariable("PERM_NAME",$this->lng->txt("obj".substr($perm['name'],6)));
00891 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00892 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00893 $this->tpl->parseCurrentBlock();
00894 }
00895
00896 $this->tpl->setCurrentBlock("perm_table");
00897 $this->tpl->parseCurrentBlock();
00898 }
00899
00900 $this->tpl->setCurrentBlock("perm_settings");
00901 $this->tpl->parseCurrentBlock();
00902 }
00903 }
00904 }
00905 ?>