ILIAS Release_3_7_x_branch .rev 46817: classes/class.ilObjRoleGUI.php Source File

Go to the documentation of this file.
00001 <?php
00002 /*
00003         +-----------------------------------------------------------------------------+
00004         | ILIAS open source                                                           |
00005         +-----------------------------------------------------------------------------+
00006         | Copyright (c) 1998-2001 ILIAS open source, University of Cologne            |
00007         |                                                                             |
00008         | This program is free software; you can redistribute it and/or               |
00009         | modify it under the terms of the GNU General Public License                 |
00010         | as published by the Free Software Foundation; either version 2              |
00011         | of the License, or (at your option) any later version.                      |
00012         |                                                                             |
00013         | This program is distributed in the hope that it will be useful,             |
00014         | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
00015         | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
00016         | GNU General Public License for more details.                                |
00017         |                                                                             |
00018         | You should have received a copy of the GNU General Public License           |
00019         | along with this program; if not, write to the Free Software                 |
00020         | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
00021         +-----------------------------------------------------------------------------+
00022 */
00023 
00024 require_once "class.ilObjectGUI.php";
00025 
00038 class ilObjRoleGUI extends ilObjectGUI
00039 {
00045         var $type;
00046 
00052         var $rolf_ref_id;
00053 
00054 
00055         var $ctrl;
00056  
00061         function ilObjRoleGUI($a_data,$a_id,$a_call_by_reference = false,$a_prepare_output = true)
00062         {
00063                 global $tree;
00064                 
00065                 //TODO: move this to class.ilias.php
00066                 define("USER_FOLDER_ID",7);
00067 
00068                 // copy ref_id for later use.
00069                 if ($_GET['rolf_ref_id'] != "")
00070                 {
00071                         $this->rolf_ref_id = $_GET['rolf_ref_id'];
00072                 }
00073                 else
00074                 {
00075                         $this->rolf_ref_id = $_GET['ref_id'];
00076                 }
00077                 
00078                 // Add ref_id of object that contains this role folder
00079                 $this->obj_ref_id = $tree->getParentId($this->rolf_ref_id);
00080 
00081                 $this->type = "role";
00082                 $this->ilObjectGUI($a_data,$a_id,$a_call_by_reference,false);
00083                 $this->ctrl->saveParameter($this, array("obj_id", "rolf_ref_id"));
00084         }
00085 
00086 
00087         function &executeCommand()
00088         {
00089                 global $rbacsystem;
00090 
00091                 // todo: clean this mess up, but note that there are several
00092                 // points where roles can be edited:
00093                 // - repository categories, courses, groups, learning modules
00094                 // glossaries (see object.xml)
00095                 // - administration -> repository trash and permissions ->
00096                 //   item ->edit role
00097                 // - administration -> repository trash and permissions ->
00098                 //   role folder -> role
00099                 // - administration -> roles -> role
00100                 if($this->ctrl->getTargetScript() == 'repository.php' ||
00101                         $this->ctrl->getTargetScript() == 'role.php' ||
00102                         $this->ctrl->getTargetScript() == 'sahs_edit.php' ||
00103                         $this->ctrl->getTargetScript() == 'fblm_edit.php' ||
00104                         $this->ctrl->getTargetScript() == 'chat.php' ||
00105                         $this->ctrl->getTargetScript() == 'exercise.php' ||
00106                         $this->ctrl->getTargetScript() == 'mep_edit.php' ||
00107                         $this->ctrl->getTargetScript() == 'link_resources.php' ||
00108                         strtolower($_GET["baseClass"]) == 'illmeditorgui' ||
00109                         strtolower($_GET["baseClass"]) == 'ilobjsurveygui' ||
00110                         strtolower($_GET["baseClass"]) == 'ilobjsurveyquestionpoolgui' ||
00111                         strtolower($_GET["baseClass"]) == 'ilobjtestgui' ||
00112                         strtolower($_GET["baseClass"]) == 'ilobjquestionpoolgui' ||
00113                         strtolower($_GET["baseClass"]) == 'ilglossaryeditorgui' ||
00114                         $_GET["admin_mode"] == "repository")
00115                 {
00116                         $this->__prepareOutput();
00117                 }
00118                 else
00119                 {
00120                         if ($_GET["ref_id"] != SYSTEM_FOLDER_ID)
00121                         {
00122                                 $this->prepareOutput();
00123                         }
00124                         else
00125                         {
00126                                 $this->setAdminTabs();
00127                                 //$this->addAdminLocatorItems();
00128                                 //$tpl->setLocator();
00129                         }
00130                 }
00131 
00132                 $next_class = $this->ctrl->getNextClass($this);
00133                 $cmd = $this->ctrl->getCmd();
00134 
00135                 switch($next_class)
00136                 {
00137                         default:
00138                                 if(!$cmd)
00139                                 {
00140                                         $cmd = "perm";
00141                                 }
00142                                 $cmd .= "Object";
00143                                 $this->$cmd();
00144                                         
00145                                 break;
00146                 }
00147 
00148                 return true;
00149         }
00150         
00154         function setBackTarget($a_text, $a_link)
00155         {
00156                 $this->back_target = array("text" => $a_text,
00157                         "link" => $a_link);
00158         }
00159         
00163         function getAdminTabs(&$tabs_gui)
00164         {
00165                 $this->getTabs($tabs_gui);
00166         }
00167 
00168 
00169         function listDesktopItemsObject()
00170         {
00171                 global $rbacsystem,$rbacreview,$tree;
00172 
00173                 #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00174                 if(!$this->checkAccess('edit_permission'))
00175                 {
00176                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00177                 }
00178 
00179                 if(!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
00180                         $this->rolf_ref_id != ROLE_FOLDER_ID)
00181                 {
00182                         sendInfo($this->lng->txt('role_no_users_no_desk_items'));
00183                         return true;
00184                 }
00185 
00186 
00187                 include_once './classes/class.ilRoleDesktopItem.php';
00188                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00189 
00190                 if($rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00191                 {
00192                         $this->__showButton('selectDesktopItem',$this->lng->txt('role_desk_add'));
00193                 }
00194                 if(!count($items = $role_desk_item_obj->getAll()))
00195                 {
00196                         sendInfo($this->lng->txt('role_desk_none_created'));
00197                         return true;
00198                 }
00199                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_list.html");
00200                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00201                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
00202                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
00203                 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
00204                 $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
00205                 $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
00206                 $this->tpl->setVariable("IMG_ARROW",ilUtil::getImagePath('arrow_downright.gif'));
00207 
00208                 $counter = 0;
00209 
00210                 foreach($items as $role_item_id => $item)
00211                 {
00212                         $tmp_obj = ilObjectFactory::getInstanceByRefId($item['item_id']);
00213                         
00214                         if(strlen($desc = $tmp_obj->getDescription()))
00215                         {
00216                                 $this->tpl->setCurrentBlock("description");
00217                                 $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
00218                                 $this->tpl->parseCurrentBlock();
00219                         }
00220                         $this->tpl->setCurrentBlock("desk_row");
00221                         $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
00222                         $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
00223                         $this->tpl->setVariable("CHECK_DESK",ilUtil::formCheckBox(0,'del_desk_item[]',$role_item_id));
00224                         $this->tpl->setVariable("TXT_PATH",$this->lng->txt('path').':');
00225                         $this->tpl->setVariable("PATH",$this->__formatPath($tree->getPathFull($item['item_id'])));
00226                         $this->tpl->parseCurrentBlock();
00227                 }
00228 
00229                 return true;
00230         }
00231 
00232         function askDeleteDesktopItemObject()
00233         {
00234                 global $rbacsystem;
00235                 
00236                 
00237                 #if(!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00238                 if(!$this->checkAccess('edit_permission'))
00239                 {
00240                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00241                 }
00242                 if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00243                 {
00244                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00245                 }
00246                 if(!count($_POST['del_desk_item']))
00247                 {
00248                         sendInfo($this->lng->txt('role_select_one_item'));
00249 
00250                         $this->listDesktopItemsObject();
00251 
00252                         return true;
00253                 }
00254                 sendInfo($this->lng->txt('role_sure_delete_desk_items'));
00255                 
00256                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_ask_delete_desktop_item.html");
00257                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00258                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_role.gif'));
00259                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('obj_role'));
00260                 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('role_assigned_desk_items').' ('.$this->object->getTitle().')');
00261                 $this->tpl->setVariable("HEADER_DESC",$this->lng->txt('description'));
00262                 $this->tpl->setVariable("BTN_DELETE",$this->lng->txt('delete'));
00263                 $this->tpl->setVariable("BTN_CANCEL",$this->lng->txt('cancel'));
00264 
00265                 include_once './classes/class.ilRoleDesktopItem.php';
00266 
00267                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00268 
00269                 $counter = 0;
00270 
00271                 foreach($_POST['del_desk_item'] as $role_item_id)
00272                 {
00273                         $item_data = $role_desk_item_obj->getItem($role_item_id);
00274                         $tmp_obj =& ilObjectFactory::getInstanceByRefId($item_data['item_id']);
00275 
00276                         if(strlen($desc = $tmp_obj->getDescription()))
00277                         {
00278                                 $this->tpl->setCurrentBlock("description");
00279                                 $this->tpl->setVariable("DESCRIPTION_DESK",$desc);
00280                                 $this->tpl->parseCurrentBlock();
00281                         }
00282                         $this->tpl->setCurrentBlock("desk_row");
00283                         $this->tpl->setVariable("DESK_TITLE",$tmp_obj->getTitle());
00284                         $this->tpl->setVariable("ROW_CLASS",ilUtil::switchColor(++$counter,'tblrow1','tblrow2'));
00285                         $this->tpl->parseCurrentBlock();
00286                 }
00287 
00288                 $_SESSION['role_del_desk_items'] = $_POST['del_desk_item'];
00289 
00290                 return true;
00291         }
00292 
00293         function deleteDesktopItemsObject()
00294         {
00295                 global $rbacsystem;
00296                 
00297                 #if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00298                 if(!$this->checkAccess('edit_permission'))
00299                 {
00300                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00301                 }
00302 
00303                 if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00304                 {
00305                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00306                 }
00307 
00308                 if (!count($_SESSION['role_del_desk_items']))
00309                 {
00310                         sendInfo($this->lng->txt('role_select_one_item'));
00311 
00312                         $this->listDesktopItemsObject();
00313 
00314                         return true;
00315                 }
00316 
00317                 include_once './classes/class.ilRoleDesktopItem.php';
00318 
00319                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00320 
00321                 foreach ($_SESSION['role_del_desk_items'] as $role_item_id)
00322                 {
00323                         $role_desk_item_obj->delete($role_item_id);
00324                 }
00325 
00326                 sendInfo($this->lng->txt('role_deleted_desktop_items'));
00327                 $this->listDesktopItemsObject();
00328 
00329                 return true;
00330         }
00331 
00332 
00333         function selectDesktopItemObject()
00334         {
00335                 global $rbacsystem,$tree;
00336 
00337                 include_once './classes/class.ilRoleDesktopItemSelector.php';
00338                 include_once './classes/class.ilRoleDesktopItem.php';
00339 
00340                 if(!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00341                 {
00342                         #$this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00343                         sendInfo($this->lng->txt('permission_denied'));
00344                         $this->listDesktopItemsObject();
00345                         return false;
00346                 }
00347 
00348                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_desktop_item_selector.html");
00349                 $this->__showButton('listDesktopItems',$this->lng->txt('back'));
00350 
00351                 sendInfo($this->lng->txt("role_select_desktop_item"));
00352                 
00353                 $exp = new ilRoleDesktopItemSelector($this->ctrl->getLinkTarget($this,'selectDesktopItem'),
00354                                                                                          new ilRoleDesktopItem($this->object->getId()));
00355                 $exp->setExpand($_GET["role_desk_item_link_expand"] ? $_GET["role_desk_item_link_expand"] : $tree->readRootId());
00356                 $exp->setExpandTarget($this->ctrl->getLinkTarget($this,'selectDesktopItem'));
00357                 
00358                 $exp->setOutput(0);
00359                 
00360                 $this->tpl->setVariable("EXPLORER",$exp->getOutput());
00361 
00362                 return true;
00363         }
00364 
00365         function assignDesktopItemObject()
00366         {
00367                 global $rbacsystem;
00368 
00369                 if (!$rbacsystem->checkAccess('push_desktop_items',USER_FOLDER_ID))
00370                 {
00371                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00372                         return false;
00373                 }
00374         
00375                 #if (!$rbacsystem->checkAccess('edit_permission', $this->rolf_ref_id))
00376                 if(!$this->checkAccess('edit_permission'))
00377                 {
00378                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00379                         return false;
00380                 }
00381 
00382                 if (!isset($_GET['item_id']))
00383                 {
00384                         sendInfo($this->lng->txt('role_no_item_selected'));
00385                         $this->selectDesktopItemObject();
00386 
00387                         return false;
00388                 }
00389 
00390                 include_once './classes/class.ilRoleDesktopItem.php';
00391 
00392                 $role_desk_item_obj =& new ilRoleDesktopItem($this->object->getId());
00393                 $role_desk_item_obj->add((int) $_GET['item_id'],ilObject::_lookupType((int) $_GET['item_id'],true));
00394 
00395                 sendInfo($this->lng->txt('role_assigned_desktop_item'));
00396 
00397                 $this->ctrl->redirect($this,'listDesktopItems');
00398                 return true;
00399         }
00400 
00401 
00405         function createObject()
00406         {
00407                 global $rbacsystem;
00408                 
00409                 if (!$rbacsystem->checkAccess('create_role', $this->rolf_ref_id))
00410                 {
00411                         $this->ilias->raiseError($this->lng->txt("permission_denied"),$this->ilias->error_obj->MESSAGE);
00412                 }
00413 
00414                 $this->getTemplateFile("edit","role");
00415 
00416                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00417                 {
00418                         $this->tpl->setCurrentBlock("allow_register");
00419                         $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
00420                         $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
00421                         $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
00422                         $this->tpl->parseCurrentBlock();
00423 
00424                         $this->tpl->setCurrentBlock("assign_users");
00425                         $assign_users = $_SESSION["error_post_vars"]["Fobject"]["assign_users"] ? "checked=\"checked\"" : "";
00426                         $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt("allow_assign_users"));
00427                         $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
00428                         $this->tpl->parseCurrentBlock();
00429                         
00430                         $this->tpl->setCurrentBlock("protect_permissions");
00431                         $protect_permissions = $_SESSION["error_post_vars"]["Fobject"]["protect_permissions"] ? "checked=\"checked\"" : "";
00432                         $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt("role_protect_permissions"));
00433                         $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
00434                         $this->tpl->parseCurrentBlock();
00435                 }
00436 
00437                 // fill in saved values in case of error
00438                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
00439                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
00440 
00441                 $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
00442                 $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
00443                 $this->ctrl->setParameter($this, "new_type", $this->type);
00444                 $this->tpl->setVariable("FORMACTION",
00445                         $this->ctrl->getFormAction($this));
00446                 $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->type."_new"));
00447                 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
00448                 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt($this->type."_add"));
00449                 $this->tpl->setVariable("CMD_SUBMIT", "save");
00450                 $this->tpl->setVariable("TARGET", $this->getTargetFrame("save"));
00451                 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
00452         }
00453 
00459         function saveObject()
00460         {
00461                 global $rbacsystem, $rbacadmin, $rbacreview;
00462 
00463                 // check for create role permission
00464                 if (!$rbacsystem->checkAccess("create_role",$this->rolf_ref_id))
00465                 {
00466                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_create_role"),$this->ilias->error_obj->MESSAGE);
00467                 }
00468 
00469                 // check required fields
00470                 if (empty($_POST["Fobject"]["title"]))
00471                 {
00472                         $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
00473                 }
00474 
00475                 // check if role title is unique
00476                 if ($rbacreview->roleExists($_POST["Fobject"]["title"]))
00477                 {
00478                         $this->ilias->raiseError($this->lng->txt("msg_role_exists1")." '".ilUtil::stripSlashes($_POST["Fobject"]["title"])."' ".
00479                                                                          $this->lng->txt("msg_role_exists2"),$this->ilias->error_obj->MESSAGE);
00480                 }
00481                 
00482                 // check if role title has il_ prefix
00483                 if (substr($_POST["Fobject"]["title"],0,3) == "il_")
00484                 {
00485                         $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
00486                 }
00487 
00488                 // save
00489                 include_once("class.ilObjRole.php");
00490                 $roleObj = new ilObjRole();
00491                 $roleObj->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
00492                 $roleObj->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
00493                 $roleObj->setAllowRegister($_POST["Fobject"]["allow_register"]);
00494                 $roleObj->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
00495                 $roleObj->create();
00496                 $rbacadmin->assignRoleToFolder($roleObj->getId(), $this->rolf_ref_id,'y');
00497                 $rbacadmin->setProtected($this->rolf_ref_id,$roleObj->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"])); 
00498                 sendInfo($this->lng->txt("role_added"),true);
00499 
00500                 $this->ctrl->returnToParent($this);
00501         }
00502 
00508         function permObject()
00509         {
00510                 global $rbacadmin, $rbacreview, $rbacsystem, $objDefinition, $tree;
00511 
00512                 // for role administration check visible,write of global role folder
00513                 /*
00514                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00515                 {
00516                         $access = $rbacsystem->checkAccess('visible,write',$this->rolf_ref_id);
00517                 }
00518                 else    // for local roles check 'edit permission' of parent object of the local role folder
00519                 {
00520                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
00521                 }
00522                 */              
00523                 $access = $this->checkAccess('visible,write','edit_permission');
00524                         
00525                 if (!$access)
00526                 {
00527                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
00528                 }
00529                 
00530                 $perm_def = $this->object->__getPermissionDefinitions();
00531 
00532                 $rbac_objects =& $perm_def[0];
00533                 $rbac_operations =& $perm_def[1];
00534 
00535                 foreach ($rbac_objects as $key => $obj_data)
00536                 {
00537                         $rbac_objects[$key]["name"] = $this->lng->txt("obj_".$obj_data["type"]);
00538                         $rbac_objects[$key]["ops"] = $rbac_operations[$key];
00539                 }
00540                 
00541                 // for local roles display only the permissions settings for allowed subobjects
00542                 if ($this->rolf_ref_id != ROLE_FOLDER_ID)
00543                 {
00544                         // first get object in question (parent of role folder object)
00545                         $parent_data = $this->tree->getParentNodeData($this->rolf_ref_id);
00546                         // get allowed subobjects of object recursively
00547                         $subobj_data = $this->objDefinition->getSubObjectsRecursively($parent_data["type"]);
00548 
00549                         // remove not allowed object types from array but keep the type definition of object itself
00550                         foreach ($rbac_objects as $key => $obj_data)
00551                         {
00552                                 if ($obj_data["type"] == "rolf")
00553                                 {
00554                                         unset($rbac_objects[$key]);
00555                                         continue;
00556                                 }
00557                                 
00558                                 if (!$subobj_data[$obj_data["type"]] and $parent_data["type"] != $obj_data["type"])
00559                                 {
00560                                         unset($rbac_objects[$key]);
00561                                 }
00562                         }
00563                 } // end if local roles
00564                 
00565                 // now sort computed result
00566                 sort($rbac_objects);
00567                         
00568                 foreach ($rbac_objects as $key => $obj_data)
00569                 {
00570                         sort($rbac_objects[$key]["ops"]);
00571                 }
00572                 
00573                 // sort by (translated) name of object type
00574                 $rbac_objects = ilUtil::sortArray($rbac_objects,"name","asc");
00575 
00576                 // BEGIN CHECK_PERM
00577                 foreach ($rbac_objects as $key => $obj_data)
00578                 {
00579                         $arr_selected = $rbacreview->getOperationsOfRole($this->object->getId(), $obj_data["type"], $this->rolf_ref_id);
00580                         $arr_checked = array_intersect($arr_selected,array_keys($rbac_operations[$obj_data["obj_id"]]));
00581 
00582                         foreach ($rbac_operations[$obj_data["obj_id"]] as $operation)
00583                         {
00584                                 // check all boxes for system role
00585                                 if ($this->object->getId() == SYSTEM_ROLE_ID)
00586                                 {
00587                                         $checked = true;
00588                                         $disabled = true;
00589                                 }
00590                                 else
00591                                 {
00592                                         $checked = in_array($operation["ops_id"],$arr_checked);
00593                                         $disabled = false;
00594                                 }
00595 
00596                                 // Es wird eine 2-dim Post Variable �bergeben: perm[rol_id][ops_id]
00597                                 $box = ilUtil::formCheckBox($checked,"template_perm[".$obj_data["type"]."][]",$operation["ops_id"],$disabled);
00598                                 $output["perm"][$obj_data["obj_id"]][$operation["ops_id"]] = $box;
00599                         }
00600                 }
00601                 // END CHECK_PERM
00602 
00603                 $output["col_anz"] = count($rbac_objects);
00604                 $output["txt_save"] = $this->lng->txt("save");
00605                 $output["check_bottom"] = ilUtil::formCheckBox(0,"recursive",1);
00606                 $output["message_table"] = $this->lng->txt("change_existing_objects");
00607                 
00608                 $protected_disabled = true;
00609                 
00610                 if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
00611                 {
00612                         $protected_disabled = false;
00613                 }
00614                 
00615                 $output["check_protected"] = ilUtil::formCheckBox($rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()),
00616                                                                                                                         "protected",
00617                                                                                                                         1,
00618                                                                                                                         $protected_disabled);
00619                 
00620                 $output["text_protected"] = $this->lng->txt("role_protect_permissions");
00621 
00622 
00623 /************************************/
00624 /*              adopt permissions form          */
00625 /************************************/
00626 
00627                 $output["message_middle"] = $this->lng->txt("adopt_perm_from_template");
00628 
00629                 // send message for system role
00630                 if ($this->object->getId() == SYSTEM_ROLE_ID)
00631                 {
00632                         $output["adopt"] = array();
00633                         $output["sysrole_msg"] = $this->lng->txt("msg_sysrole_not_editable");
00634                 }
00635                 else
00636                 {
00637                         // BEGIN ADOPT_PERMISSIONS
00638                         $parent_role_ids = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
00639 
00640                         // Sort roles by title
00641                         $sorted_roles = ilUtil::sortArray(array_values($parent_role_ids), 'title', ASC);
00642                         $key = 0;
00643                         foreach ($sorted_roles as $par)
00644                         {
00645                                 if ($par["obj_id"] != SYSTEM_ROLE_ID)
00646                                 {
00647                                         $radio = ilUtil::formRadioButton(0,"adopt",$par["obj_id"]);
00648                                         $output["adopt"][$key]["css_row_adopt"] = ($key % 2 == 0) ? "tblrow1" : "tblrow2";
00649                                         $output["adopt"][$key]["check_adopt"] = $radio;
00650                                         $output["adopt"][$key]["role_id"] = $par["obj_id"];
00651                                         $output["adopt"][$key]["type"] = ($par["type"] == 'role' ? 'Role' : 'Template');
00652                                         $output["adopt"][$key]["role_name"] = $par["title"];
00653                                 }
00654                                 $key++;
00655                         }
00656 
00657                         $output["formaction_adopt"] = $this->ctrl->getFormAction($this);
00658                         // END ADOPT_PERMISSIONS
00659                 }
00660 
00661                 $output["formaction"] = $this->ctrl->getFormAction($this);
00662 
00663                 $this->data = $output;
00664 
00665 
00666 /************************************/
00667 /*                      generate output                 */
00668 /************************************/
00669 
00670                 $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.adm_perm_role.html');
00671 
00672                 foreach ($rbac_objects as $obj_data)
00673                 {
00674                         // BEGIN object_operations
00675                         $this->tpl->setCurrentBlock("object_operations");
00676 
00677                         $ops_ids = "";
00678 
00679                         foreach ($obj_data["ops"] as $operation)
00680                         {
00681                                 $ops_ids[] = $operation["ops_id"];
00682                                 
00683                                 //$css_row = ilUtil::switchColor($j++, "tblrow1", "tblrow2");
00684                                 $css_row = "tblrow1";
00685                                 $this->tpl->setVariable("CSS_ROW",$css_row);
00686                                 $this->tpl->setVariable("PERMISSION",$operation["name"]);
00687                                 if (substr($operation["title"], 0, 7) == "create_")
00688                                 {
00689                                         if ($this->objDefinition->getDevMode(substr($operation["title"], 7, strlen($operation["title"]) -7)))
00690                                         {
00691                                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
00692                                         }
00693                                 }
00694                                 $this->tpl->setVariable("CHECK_PERMISSION",$this->data["perm"][$obj_data["obj_id"]][$operation["ops_id"]]);
00695                                 $this->tpl->setVariable("LABEL_ID","template_perm_".$obj_data["type"]."_".$operation["ops_id"]);
00696                                 $this->tpl->parseCurrentBlock();
00697                         } // END object_operations
00698 
00699                         // BEGIN object_type
00700                         $this->tpl->setCurrentBlock("object_type");
00701                         $this->tpl->setVariable("TXT_OBJ_TYPE",$obj_data["name"]);
00702 
00703 // TODO: move this if in a function and query all objects that may be disabled or inactive
00704                         if ($this->objDefinition->getDevMode($obj_data["type"]))
00705                         {
00706                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_implemented_yet").")");
00707                         }
00708                         else if ($obj_data["type"] == "icrs" and !$this->ilias->getSetting("ilinc_active"))
00709                         {
00710                                 $this->tpl->setVariable("TXT_NOT_IMPL", "(".$this->lng->txt("not_enabled_or_configured").")");
00711                         }
00712                         
00713                         // js checkbox toggles
00714                         $this->tpl->setVariable("JS_VARNAME","template_perm_".$obj_data["type"]);
00715                         $this->tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($ops_ids));
00716                         $this->tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
00717                         $this->tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));                      
00718                         
00719                         $this->tpl->parseCurrentBlock();
00720                         // END object_type
00721                 }
00722 
00723                 // don't display adopt permissions form for system role
00724                 if ($this->object->getId() != SYSTEM_ROLE_ID)
00725                 {
00726                         // BEGIN ADOPT PERMISSIONS
00727                         foreach ($this->data["adopt"] as $key => $value)
00728                         {
00729                                 $this->tpl->setCurrentBlock("ADOPT_PERM_ROW");
00730                                 $this->tpl->setVariable("CSS_ROW_ADOPT",$value["css_row_adopt"]);
00731                                 $this->tpl->setVariable("CHECK_ADOPT",$value["check_adopt"]);
00732                                 $this->tpl->setVariable("LABEL_ID",$value["role_id"]);
00733                                 $this->tpl->setVariable("TYPE",$value["type"]);
00734                                 $this->tpl->setVariable("ROLE_NAME",$value["role_name"]);
00735                                 $this->tpl->parseCurrentBlock();
00736                         }
00737                         
00738                         $this->tpl->setCurrentBlock("ADOPT_PERM_FORM");
00739                         $this->tpl->setVariable("MESSAGE_MIDDLE",$this->data["message_middle"]);
00740                         $this->tpl->setVariable("FORMACTION_ADOPT",$this->data["formaction_adopt"]);
00741                         $this->tpl->setVariable("ADOPT",$this->lng->txt('copy'));
00742                         $this->tpl->parseCurrentBlock();
00743                         // END ADOPT PERMISSIONS
00744                 
00745                         $this->tpl->setCurrentBlock("tblfooter_recursive");
00746                         $this->tpl->setVariable("COL_ANZ",3);
00747                         $this->tpl->setVariable("CHECK_BOTTOM",$this->data["check_bottom"]);
00748                         $this->tpl->setVariable("MESSAGE_TABLE",$this->data["message_table"]);
00749                         $this->tpl->parseCurrentBlock();
00750                         
00751                         $this->tpl->setCurrentBlock("tblfooter_protected");
00752                         $this->tpl->setVariable("COL_ANZ",3);
00753                         $this->tpl->setVariable("CHECK_BOTTOM",$this->data["check_protected"]);
00754                         $this->tpl->setVariable("MESSAGE_TABLE",$this->data["text_protected"]);
00755                         $this->tpl->parseCurrentBlock();
00756 
00757                         $this->tpl->setCurrentBlock("tblfooter_standard");
00758                         $this->tpl->setVariable("COL_ANZ_PLUS",4);
00759                         $this->tpl->setVariable("TXT_SAVE",$this->data["txt_save"]);
00760                         $this->tpl->parseCurrentBlock();
00761                 }
00762                 else
00763                 {
00764                         // display form buttons not for system role
00765                         $this->tpl->setCurrentBlock("tblfooter_sysrole");
00766                         $this->tpl->setVariable("COL_ANZ_SYS",3);
00767                         $this->tpl->parseCurrentBlock();
00768 
00769                         // display sysrole_msg
00770                         $this->tpl->setCurrentBlock("sysrole_msg");
00771                         $this->tpl->setVariable("TXT_SYSROLE_MSG",$this->data["sysrole_msg"]);
00772                         $this->tpl->parseCurrentBlock();
00773                 }
00774                 
00775                 $this->tpl->setCurrentBlock("adm_content");
00776                 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath("icon_".$this->object->getType().".gif"));
00777                 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt($this->object->getType()));
00778                 $this->tpl->setVariable("TBL_HELP_IMG",ilUtil::getImagePath("icon_help.gif"));
00779                 $this->tpl->setVariable("TBL_HELP_LINK","tbl_help.php");
00780                 $this->tpl->setVariable("TBL_HELP_IMG_ALT",$this->lng->txt("help"));
00781                 
00782                 // compute additional information in title
00783                 $global_roles = $rbacreview->getGlobalRoles();
00784                 
00785                 if (in_array($this->object->getId(),$global_roles))
00786                 {
00787                         $desc = "global";
00788                 }
00789                 else
00790                 {
00791                         // description for autogenerated roles
00792                         $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
00793                         $parent_node = $this->tree->getParentNodeData($rolf[0]);
00794 
00795                         $desc = $this->lng->txt("obj_".$parent_node['type'])." (#".$parent_node['obj_id'].") : ".$parent_node['title'];
00796                 }
00797                 
00798                 $description = "&nbsp;<span class=\"small\">(".$desc.")</span>";
00799 
00800                 // translation for autogenerated roles
00801                 if (substr($this->object->getTitle(),0,3) == "il_")
00802                 {
00803                         $title = ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")";
00804                 }
00805                 else
00806                 {
00807                         $title = $this->object->getTitle();
00808                 }
00809 
00810                 $this->tpl->setVariable("TBL_TITLE",$title.$description);
00811 
00812                 // info text
00813                 $pid = $tree->getParentId($this->rolf_ref_id);
00814                 $ptitle = ilObject::_lookupTitle(ilObject::_lookupObjId($pid));
00815                 if ($this->rolf_ref_id != ROLE_FOLDER_ID)
00816                 {
00817                         $info = sprintf($this->lng->txt("perm_role_info_1"),
00818                                 $this->object->getTitle(), $ptitle)." ".
00819                                 sprintf($this->lng->txt("perm_role_info_2"),
00820                                 $this->object->getTitle(), $ptitle);
00821                 }
00822                 else
00823                 {
00824                         $info = sprintf($this->lng->txt("perm_role_info_glob_1"),
00825                                 $this->object->getTitle(), $ptitle)." ".
00826                                 sprintf($this->lng->txt("perm_role_info_glob_2"),
00827                                 $this->object->getTitle(), $ptitle);
00828                 }
00829                 $this->tpl->setVariable("TXT_TITLE_INFO", $info);
00830                 
00831                 $this->tpl->setVariable("TXT_PERMISSION",$this->data["txt_permission"]);
00832                 $this->tpl->setVariable("FORMACTION",$this->data["formaction"]);
00833                 $this->tpl->parseCurrentBlock();
00834                 
00835                 //var_dump($this->data["formaction"]);
00836         }
00837 
00843         function permSaveObject()
00844         {
00845                 global $rbacsystem, $rbacadmin, $rbacreview, $objDefinition, $tree;
00846 
00847                 // for role administration check write of global role folder
00848                 /*
00849                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00850                 {
00851                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
00852                 }
00853                 else    // for local roles check 'edit permission' of parent object of the local role folder
00854                 {
00855                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
00856                 }
00857                 */
00858                 $access = $this->checkAccess('visible,write','edit_permission');
00859                         
00860                 if (!$access)
00861                 {
00862                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
00863                 }
00864 
00865                 // delete all template entries
00866                 $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
00867 
00868                 if (empty($_POST["template_perm"]))
00869                 {
00870                         $_POST["template_perm"] = array();
00871                 }
00872 
00873                 foreach ($_POST["template_perm"] as $key => $ops_array)
00874                 {
00875                         // sets new template permissions
00876                         $rbacadmin->setRolePermission($this->object->getId(), $key, $ops_array, $this->rolf_ref_id);
00877                 }
00878 
00879                 // update object data entry (to update last modification date)
00880                 $this->object->update();
00881 
00882                 // CHANGE ALL EXISTING OBJECT UNDER PARENT NODE OF ROLE FOLDER
00883                 // BUT DON'T CHANGE PERMISSIONS OF SUBTREE OBJECTS IF INHERITANCE WAS STOPPED
00884                 if ($_POST["recursive"])
00885                 {
00886                         // IF ROLE IS A GLOBAL ROLE START AT ROOT
00887                         if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00888                         {
00889                                 $node_id = ROOT_FOLDER_ID;
00890                         }
00891                         else
00892                         {
00893                                 $node_id = $this->tree->getParentId($this->rolf_ref_id);
00894                         }
00895 
00896                         // GET ALL SUBNODES
00897                         $node_data = $this->tree->getNodeData($node_id);
00898                         $subtree_nodes = $this->tree->getSubTree($node_data);
00899 
00900                         // GET ALL OBJECTS THAT CONTAIN A ROLE FOLDER
00901                         $all_parent_obj_of_rolf = $rbacreview->getObjectsWithStopedInheritance($this->object->getId());
00902 
00903                         // DELETE ACTUAL ROLE FOLDER FROM ARRAY
00904                         if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00905                         {
00906                                 $key = array_keys($all_parent_obj_of_rolf,SYSTEM_FOLDER_ID);
00907                         }
00908                         else
00909                         {
00910                                 $key = array_keys($all_parent_obj_of_rolf,$node_id);
00911                         }
00912 
00913                         unset($all_parent_obj_of_rolf[$key[0]]);
00914 
00915                         $check = false;
00916 
00917                         foreach ($subtree_nodes as $node)
00918                         {
00919                                 if (!$check)
00920                                 {
00921                                         if (in_array($node["child"],$all_parent_obj_of_rolf))
00922                                         {
00923                                                 $lft = $node["lft"];
00924                                                 $rgt = $node["rgt"];
00925                                                 $check = true;
00926                                                 continue;
00927                                         }
00928 
00929                                         $valid_nodes[] = $node;
00930                                 }
00931                                 else
00932                                 {
00933                                         if (($node["lft"] > $lft) && ($node["rgt"] < $rgt))
00934                                         {
00935                                                 continue;
00936                                         }
00937                                         else
00938                                         {
00939                                                 $check = false;
00940                                                 
00941                                                 if (in_array($node["child"],$all_parent_obj_of_rolf))
00942                                                 {
00943                                                         $lft = $node["lft"];
00944                                                         $rgt = $node["rgt"];
00945                                                         $check = true;
00946                                                         continue;
00947                                                 }
00948                                                 
00949                                                 $valid_nodes[] = $node;
00950                                         }
00951                                 }
00952                         }
00953 
00954                         foreach ($valid_nodes as $key => $node)
00955                         {
00956                                 #if(!in_array($node["type"],$to_filter))
00957                                 {
00958                                         $node_ids[] = $node["child"];
00959                                         $valid_nodes[$key]["perms"] = $_POST["template_perm"][$node["type"]];
00960                                 }
00961                         }
00962                         
00963                         // FIRST REVOKE PERMISSIONS FROM ALL VALID OBJECTS
00964                         $rbacadmin->revokePermissionList($node_ids,$this->object->getId());
00965 
00966                         // NOW SET ALL PERMISSIONS
00967                         foreach ($valid_nodes as $node)
00968                         {
00969                                 if (is_array($node["perms"]))
00970                                 {
00971                                         $rbacadmin->grantPermission($this->object->getId(),$node["perms"],$node["child"]);
00972                                 }
00973                         }
00974                 }// END IF RECURSIVE
00975                 
00976                 // set protected flag
00977                 if ($this->rolf_ref_id == ROLE_FOLDER_ID or $rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id))
00978                 {
00979                         $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST['protected']));
00980                 }
00981 
00982                 sendInfo($this->lng->txt("saved_successfully"),true); 
00983                 $this->ctrl->redirect($this, "perm");
00984         }
00985 
00986 
00992         function adoptPermSaveObject()
00993         {
00994                 global $rbacadmin, $rbacsystem, $rbacreview, $tree;
00995 
00996                 // for role administration check write of global role folder
00997                 /*
00998                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
00999                 {
01000                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
01001                 }
01002                 else    // for local roles check 'edit permission' of parent object of the local role folder
01003                 {
01004                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
01005                 }
01006                 */      
01007         
01008                 $access = $this->checkAccess('visible,write','edit_permission');
01009                 if (!$access)
01010                 {
01011                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
01012                 }
01013 
01014                 if ($this->object->getId() == $_POST["adopt"])
01015                 {
01016                         sendInfo($this->lng->txt("msg_perm_adopted_from_itself"),true);
01017                 }
01018                 else
01019                 {
01020                         $rbacadmin->deleteRolePermission($this->object->getId(), $this->rolf_ref_id);
01021                         $parentRoles = $rbacreview->getParentRoleIds($this->rolf_ref_id,true);
01022                         $rbacadmin->copyRolePermission($_POST["adopt"],$parentRoles[$_POST["adopt"]]["parent"],
01023                                                                                    $this->rolf_ref_id,$this->object->getId());          
01024 
01025                         // update object data entry (to update last modification date)
01026                         $this->object->update();
01027 
01028                         // send info
01029                         $obj_data =& $this->ilias->obj_factory->getInstanceByObjId($_POST["adopt"]);
01030                         sendInfo($this->lng->txt("msg_perm_adopted_from1")." '".$obj_data->getTitle()."'.<br/>".
01031                                          $this->lng->txt("msg_perm_adopted_from2"),true);
01032                 }
01033 
01034                 $this->ctrl->redirect($this, "perm");
01035         }
01036 
01042         function assignSaveObject()
01043         {
01044         $this->assignUserObject();
01045     }
01046 
01052         function assignUserObject()
01053         {
01054         global $rbacsystem, $rbacadmin, $rbacreview;
01055 
01056                 #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01057                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01058                 {
01059                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01060                 }
01061 
01062                 if (!$rbacreview->isAssignable($this->object->getId(),$this->rolf_ref_id) &&
01063                         $this->rolf_ref_id != ROLE_FOLDER_ID)
01064                 {
01065                         $this->ilias->raiseError($this->lng->txt("err_role_not_assignable"),$this->ilias->error_obj->MESSAGE);
01066                 }
01067 
01068                 /*
01069                 if (!$rbacsystem->checkAccess('write',$this->rolf_ref_id))
01070                 {
01071                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
01072                 }
01073                 */
01074                 if (!isset($_POST["user"]))
01075                 {
01076                         sendInfo($this->lng->txt("no_checkbox"));
01077                         $this->searchObject();
01078 
01079                         return false;
01080                 }
01081                 
01082                 $selected_users = $_POST["user"];
01083                 $assigned_users_all = $rbacreview->assignedUsers($this->object->getId());
01084                                 
01085                 // users to assign
01086                 $assigned_users_new = array_diff($selected_users,array_intersect($selected_users,$assigned_users_all));
01087                 
01088                 // selected users all already assigned. stop
01089         if (count($assigned_users_new) == 0)
01090                 {
01091                         sendInfo($this->lng->txt("msg_selected_users_already_assigned"));
01092                         $this->searchObject();
01093                         
01094                         return false;
01095                 }
01096 
01097                 // assign new users
01098         foreach ($assigned_users_new as $user)
01099                 {
01100                         $rbacadmin->assignUser($this->object->getId(),$user,false);
01101         }
01102         
01103         // update session for newly assigned users online
01104         $this->object->_updateSessionRoles($assigned_users_new);
01105 
01106         // update object data entry (to update last modification date)
01107                 $this->object->update();
01108 
01109                 sendInfo($this->lng->txt("msg_userassignment_changed"),true);
01110                 
01111                 $this->ctrl->redirect($this,'userassignment');
01112         }
01113         
01119         function deassignUserObject()
01120         {
01121         global $rbacsystem, $rbacadmin, $rbacreview;
01122 
01123                 #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01124                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01125                 {
01126                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01127                 }
01128 
01129                 /*
01130                 if (!$rbacsystem->checkAccess('write',$this->rolf_ref_id))
01131                 {
01132                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_perm"),$this->ilias->error_obj->MESSAGE);
01133                 }
01134                 */
01135         $selected_users = ($_POST["user_id"]) ? $_POST["user_id"] : array($_GET["user_id"]);
01136 
01137                 if ($selected_users[0]=== NULL)
01138                 {
01139                         $this->ilias->raiseError($this->lng->txt("no_checkbox"),$this->ilias->error_obj->MESSAGE);
01140                 }
01141 
01142                 // prevent unassignment of system user from system role
01143                 if ($this->object->getId() == SYSTEM_ROLE_ID)
01144                 {
01145             if ($admin = array_search(SYSTEM_USER_ID,$selected_users) !== false)
01146                             unset($selected_users[$admin]);
01147                 }
01148 
01149                 // check for each user if the current role is his last global role before deassigning him
01150                 $last_role = array();
01151                 $global_roles = $rbacreview->getGlobalRoles();
01152                 
01153                 foreach ($selected_users as $user)
01154                 {
01155                         $assigned_roles = $rbacreview->assignedRoles($user);
01156                         $assigned_global_roles = array_intersect($assigned_roles,$global_roles);
01157 
01158                         if (count($assigned_roles) == 1 or (count($assigned_global_roles) == 1 and in_array($this->object->getId(),$assigned_global_roles)))
01159                         {
01160                                 $userObj = $this->ilias->obj_factory->getInstanceByObjId($user);
01161                                 $last_role[$user] = $userObj->getFullName();
01162                                 unset($userObj);
01163                         }
01164                 }
01165 
01166                 // raise error if last role was taken from a user...
01167                 if (count($last_role) > 0)
01168                 {
01169                         $user_list = implode(", ",$last_role);
01170                         $this->ilias->raiseError($this->lng->txt("msg_is_last_role").": ".$user_list."<br/>".$this->lng->txt("msg_min_one_role")."<br/>".$this->lng->txt("action_aborted"),$this->ilias->error_obj->MESSAGE);
01171                 }
01172                 
01173                 // ... else perform deassignment
01174                 foreach ($selected_users as $user)
01175         {
01176                         $rbacadmin->deassignUser($this->object->getId(),$user);
01177                 }
01178 
01179         // update session for newly assigned users online
01180         $this->object->_updateSessionRoles($selected_users);
01181 
01182         // update object data entry (to update last modification date)
01183                 $this->object->update();
01184 
01185                 sendInfo($this->lng->txt("msg_userassignment_changed"),true);
01186 
01187                 $this->ctrl->redirect($this,'userassignment');
01188         }
01189         
01195         function updateObject()
01196         {
01197                 global $rbacsystem, $rbacreview, $rbacadmin, $tree;
01198 
01199                 // for role administration check write of global role folder
01200                 /*
01201                 if ($this->rolf_ref_id == ROLE_FOLDER_ID)
01202                 {
01203                         $access = $rbacsystem->checkAccess('write',$this->rolf_ref_id);
01204                 }
01205                 else    // for local roles check 'edit permission' of parent object of the local role folder
01206                 {
01207                         $access = $rbacsystem->checkAccess('edit_permission',$tree->getParentId($this->rolf_ref_id));
01208                 }
01209                 */
01210                 $access = $this->checkAccess('write','edit_permission');        
01211                 if (!$access)
01212                 {
01213                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_modify_role"),$this->ilias->error_obj->MESSAGE);
01214                 }
01215 
01216                 if (substr($this->object->getTitle(),0,3) != "il_")
01217                 {
01218                         // check required fields
01219                         if (empty($_POST["Fobject"]["title"]))
01220                         {
01221                                 $this->ilias->raiseError($this->lng->txt("fill_out_all_required_fields"),$this->ilias->error_obj->MESSAGE);
01222                         }
01223         
01224                         // check if role title has il_ prefix
01225                         if (substr($_POST["Fobject"]["title"],0,3) == "il_")
01226                         {
01227                                 $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
01228                         }
01229         
01230                         // check if role title is unique
01231                         if ($rbacreview->roleExists($_POST["Fobject"]["title"],$this->object->getId()))
01232                         {
01233                                 $this->ilias->raiseError($this->lng->txt("msg_role_exists1")." '".ilUtil::stripSlashes($_POST["Fobject"]["title"])."' ".
01234                                                                                  $this->lng->txt("msg_role_exists2"),$this->ilias->error_obj->MESSAGE);
01235                         }
01236 
01237                         // update
01238                         $this->object->setTitle(ilUtil::stripSlashes($_POST["Fobject"]["title"]));
01239                         $this->object->setDescription(ilUtil::stripSlashes($_POST["Fobject"]["desc"]));
01240                 }
01241 
01242 
01243                 
01244                 // ensure that at least one role is available in the new user register form if registration is enabled
01245                 if ($_POST["Fobject"]["allow_register"] == "")
01246                 {
01247                         $roles_allowed = $this->object->_lookupRegisterAllowed();
01248 
01249                         if (count($roles_allowed) == 1 and $roles_allowed[0]['id'] == $this->object->getId())
01250                         {
01251                                 $this->ilias->raiseError($this->lng->txt("msg_last_role_for_registration"),$this->ilias->error_obj->MESSAGE);
01252                         }       
01253                 }
01254 
01255                 $this->object->setAllowRegister($_POST["Fobject"]["allow_register"]);
01256                 $this->object->toggleAssignUsersStatus($_POST["Fobject"]["assign_users"]);
01257                 $rbacadmin->setProtected($this->rolf_ref_id,$this->object->getId(),ilUtil::tf2yn($_POST["Fobject"]["protect_permissions"]));    
01258                 $this->object->update();
01259                 
01260                 sendInfo($this->lng->txt("saved_successfully"),true);
01261 
01262                 $this->ctrl->redirect($this,'edit');
01263         }
01264         
01270         function editObject()
01271         {
01272                 global $rbacsystem, $rbacreview;
01273 
01274                 #if (!$rbacsystem->checkAccess("write", $this->rolf_ref_id))
01275                 if(!$this->checkAccess('write','edit_permission'))
01276                 {
01277                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_write"),$this->ilias->error_obj->MESSAGE);
01278                 }
01279 
01280                 $this->getTemplateFile("edit");
01281 
01282                 if ($_SESSION["error_post_vars"])
01283                 {
01284                         // fill in saved values in case of error
01285                         if (substr($this->object->getTitle(false),0,3) != "il_")
01286                         {
01287                                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($_SESSION["error_post_vars"]["Fobject"]["title"]),true);
01288                                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($_SESSION["error_post_vars"]["Fobject"]["desc"]));
01289                         }
01290                 
01291                         $allow_register = ($_SESSION["error_post_vars"]["Fobject"]["allow_register"]) ? "checked=\"checked\"" : "";
01292                         $assign_users = ($_SESSION["error_post_vars"]["Fobject"]["assign_users"]) ? "checked=\"checked\"" : "";
01293                         $protect_permissions = ($_SESSION["error_post_vars"]["Fobject"]["protect_permissions"]) ? "checked=\"checked\"" : "";
01294                 }
01295                 else
01296                 {
01297                         if (substr($this->object->getTitle(),0,3) != "il_")
01298                         {
01299                                 $this->tpl->setVariable("TITLE",ilUtil::prepareFormOutput($this->object->getTitle()));
01300                                 $this->tpl->setVariable("DESC",ilUtil::stripSlashes($this->object->getDescription()));
01301                         }
01302 
01303                         $allow_register = ($this->object->getAllowRegister()) ? "checked=\"checked\"" : "";
01304                         $assign_users = $this->object->getAssignUsersStatus() ? "checked=\"checked\"" : "";
01305                         $protect_permissions = $rbacreview->isProtected($this->rolf_ref_id,$this->object->getId()) ? "checked=\"checked\"" : "";
01306 
01307                 }
01308 
01309                 $obj_str = "&obj_id=".$this->obj_id;
01310 
01311                 $this->tpl->setVariable("TXT_TITLE",$this->lng->txt("title"));
01312                 $this->tpl->setVariable("TXT_DESC",$this->lng->txt("desc"));
01313                 
01314                 // exclude allow register option for anonymous role, system role and all local roles
01315                 $global_roles = $rbacreview->getGlobalRoles();
01316 
01317                 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01318                 $this->tpl->setVariable("TXT_HEADER", $this->lng->txt($this->object->getType()."_edit"));
01319                 $this->tpl->setVariable("TARGET", $this->getTargetFrame("update"));
01320                 $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01321                 $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("save"));
01322                 $this->tpl->setVariable("CMD_SUBMIT", "update");
01323                 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
01324                 
01325                 if (substr($this->object->getTitle(),0,3) == "il_")
01326                 {
01327                         $this->tpl->setVariable("SHOW_TITLE",ilObjRole::_getTranslation($this->object->getTitle())." (".$this->object->getTitle().")");
01328                         
01329                         $rolf = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
01330                         $parent_node = $this->tree->getParentNodeData($rolf[0]);
01331 
01332                         $this->tpl->setVariable("SHOW_DESC",$this->lng->txt("obj_".$parent_node['type'])." (".$parent_node['obj_id'].") <br/>".$parent_node['title']);
01333 
01334                         $this->tpl->setVariable("TXT_CANCEL", $this->lng->txt("cancel"));
01335                         $this->tpl->setVariable("TXT_SUBMIT", $this->lng->txt("back"));
01336                         $this->tpl->setVariable("CMD_SUBMIT", "cancel");
01337                 }
01338 
01339                 if ($this->object->getId() != ANONYMOUS_ROLE_ID and 
01340                         $this->object->getId() != SYSTEM_ROLE_ID and 
01341                         in_array($this->object->getId(),$global_roles))
01342                 {
01343                         $this->tpl->setCurrentBlock("allow_register");
01344                         $this->tpl->setVariable("TXT_ALLOW_REGISTER",$this->lng->txt("allow_register"));
01345                         $this->tpl->setVariable("ALLOW_REGISTER",$allow_register);
01346                         $this->tpl->parseCurrentBlock();
01347 
01348                         $this->tpl->setCurrentBlock("assign_users");
01349                         $this->tpl->setVariable("TXT_ASSIGN_USERS",$this->lng->txt('allow_assign_users'));
01350                         $this->tpl->setVariable("ASSIGN_USERS",$assign_users);
01351                         $this->tpl->parseCurrentBlock();
01352 
01353                         $this->tpl->setCurrentBlock("protect_permissions");
01354                         $this->tpl->setVariable("TXT_PROTECT_PERMISSIONS",$this->lng->txt('role_protect_permissions'));
01355                         $this->tpl->setVariable("PROTECT_PERMISSIONS",$protect_permissions);
01356                         $this->tpl->parseCurrentBlock();
01357                 }
01358         }
01359         
01363         function userassignmentObject()
01364         {
01365                 global $rbacreview, $rbacsystem;
01366                 
01367                 //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01368                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01369                 {
01370                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01371                 }
01372                 $assigned_users = $rbacreview->assignedUsers($this->object->getId(),array("login","firstname","lastname","usr_id"));
01373 
01374                 //if current user is admin he is able to add new members to group
01375                 $val_contact = "<img src=\"".ilUtil::getImagePath("icon_pencil_b.gif")."\" alt=\"".
01376                         $this->lng->txt("role_user_send_mail")."\" title=\"".
01377                         $this->lng->txt("role_user_send_mail")."\" border=\"0\" vspace=\"0\"/>";
01378                 $val_change = "<img src=\"".ilUtil::getImagePath("icon_change_b.gif")."\" alt=\"".
01379                         $this->lng->txt("role_user_edit")."\" title=\"".$this->lng->txt("role_user_edit")."\" border=\"0\" vspace=\"0\"/>";
01380                 $val_leave = "<img src=\"".ilUtil::getImagePath("icon_group_out_b.gif")."\" alt=\"".
01381                         $this->lng->txt("role_user_deassign")."\" title=\"".$this->lng->txt("role_user_deassign")."\" border=\"0\" vspace=\"0\"/>";
01382 
01383                 $counter = 0;
01384 
01385                 foreach ($assigned_users as $user)
01386                 {
01387                         $link_contact = "mail_new.php?type=new&rcp_to=".$user["login"];
01388                         
01389                         if ($_GET["admin_mode"] == "settings"
01390                                 && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
01391                         {
01392                                 $this->ctrl->setParameterByClass("ilobjusergui", "obj_id", $user["usr_id"]); 
01393                                 $link_change = $this->ctrl->getLinkTargetByClass("ilobjusergui", "edit");
01394                         }
01395 
01396                         $this->ctrl->setParameter($this, "user_id", $user["usr_id"]);
01397                         $link_leave = $this->ctrl->getLinkTarget($this,"deassignUser");
01398 
01399             $member_functions = "";
01400 
01401             // exclude root/admin role and anon/anon
01402             if ($this->object->getId() != ANONYMOUS_ROLE_ID or $user["usr_id"] != ANONYMOUS_USER_ID)
01403                         {
01404                 //build function
01405                 $member_functions = "<a href=\"".$link_contact."\">".$val_contact."</a>";
01406                                 if($_GET["baseClass"] == 'iladministrationgui' && $_GET["admin_mode"] == "settings")
01407                                 {
01408                                         $member_functions .= "<a href=\"".$link_change."\">".$val_change."</a>";
01409                                 }
01410 
01411                 if ($this->object->getId() != SYSTEM_ROLE_ID or $user["usr_id"] != SYSTEM_USER_ID)
01412                 {
01413                     $member_functions .="<a href=\"".$link_leave."\">".$val_leave."</a>";
01414                 }
01415             }
01416 
01417                         // no check box for root/admin role and anon/anon
01418                         if (($this->object->getId() == SYSTEM_ROLE_ID and $user["usr_id"] == SYSTEM_USER_ID)
01419                 or ($this->object->getId() == ANONYMOUS_ROLE_ID and $user["usr_id"] == ANONYMOUS_USER_ID))
01420                         {
01421                 $result_set[$counter][] = "";
01422             }
01423             else
01424             {
01425                 $result_set[$counter][] = ilUtil::formCheckBox(0,"user_id[]",$user["usr_id"]);
01426             }
01427             
01428             $user_ids[$counter] = $user["usr_id"];
01429 
01430             $result_set[$counter][] = $user["login"];
01431                         $result_set[$counter][] = $user["firstname"];
01432                         $result_set[$counter][] = $user["lastname"];
01433                         $result_set[$counter][] = $member_functions;
01434 
01435                         ++$counter;
01436 
01437                         unset($member_functions);
01438                 }
01439 
01440                 return $this->__showAssignedUsersTable($result_set,$user_ids);
01441     }
01442         
01443         function __showAssignedUsersTable($a_result_set,$a_user_ids = NULL)
01444         {
01445         global $rbacsystem;
01446 
01447                 $actions = array("deassignUser"  => $this->lng->txt("remove"));
01448 
01449         $tbl =& $this->__initTableGUI();
01450                 $tpl =& $tbl->getTemplateObject();
01451                 
01452                 $this->__showButton('mailToRole',$this->lng->txt('role_mailto'),'target=\'_blank\'');
01453 
01454                 $tpl->setCurrentBlock("tbl_form_header");
01455                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01456                 $tpl->parseCurrentBlock();
01457 
01458                 $tpl->setCurrentBlock("tbl_action_row");
01459 
01460         $tpl->setCurrentBlock("plain_button");
01461                 $tpl->setVariable("PBTN_NAME","searchUserForm");
01462                 $tpl->setVariable("PBTN_VALUE",$this->lng->txt("role_add_user"));
01463                 $tpl->parseCurrentBlock();
01464                 $tpl->setCurrentBlock("plain_buttons");
01465                 $tpl->parseCurrentBlock();
01466 
01467                 $tpl->setVariable("COLUMN_COUNTS",5);
01468                 $tpl->setVariable("IMG_ARROW", ilUtil::getImagePath("arrow_downright.gif"));
01469 
01470                 foreach ($actions as $name => $value)
01471                 {
01472                         $tpl->setCurrentBlock("tbl_action_btn");
01473                         $tpl->setVariable("BTN_NAME",$name);
01474                         $tpl->setVariable("BTN_VALUE",$value);
01475                         $tpl->parseCurrentBlock();
01476                 }
01477                         
01478                 if (!empty($a_user_ids))
01479                 {
01480                         // set checkbox toggles
01481                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01482                         $tpl->setVariable("JS_VARNAME","user_id");                      
01483                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
01484                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01485                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01486                         $tpl->parseCurrentBlock();
01487                 }
01488 
01489         $tpl->setVariable("TPLPATH",$this->tpl->tplPath);
01490                 $this->ctrl->setParameter($this,"cmd","userassignment");
01491 
01492                 // title & header columns
01493                 $tbl->setTitle($this->lng->txt("assigned_users"),"icon_usr.gif",$this->lng->txt("users"));
01494 
01495                 //user must be administrator
01496                 $tbl->setHeaderNames(array("",$this->lng->txt("username"),$this->lng->txt("firstname"),
01497                         $this->lng->txt("lastname"),$this->lng->txt("grp_options")));
01498                 $tbl->setHeaderVars(array("","login","firstname","lastname","functions"),
01499                         $this->ctrl->getParameterArray($this,"",false));
01500                 $tbl->setColumnWidth(array("","30%","30%","30%","10%"));
01501                 
01502                 $this->__setTableGUIBasicData($tbl,$a_result_set,"userassignment");
01503                 $tbl->render();
01504                 $this->tpl->setVariable("ADM_CONTENT",$tbl->tpl->get());
01505 
01506                 return true;
01507         }
01508 
01509         function &__initTableGUI()
01510         {
01511                 include_once "class.ilTableGUI.php";
01512 
01513                 return new ilTableGUI(0,false);
01514         }
01515 
01516         function __setTableGUIBasicData(&$tbl,&$result_set,$from = "")
01517         {
01518         switch($from)
01519                 {
01520                         case "group":
01521                         $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
01522                                 break;
01523 
01524                         case "role":
01525                         $order = $_GET["sort_by"] ? $_GET["sort_by"] : "title";
01526                                 break;
01527 
01528                         default:
01529                                 // init sort_by (unfortunatly sort_by is preset with 'title')
01530                         if ($_GET["sort_by"] == "title" or empty($_GET["sort_by"]))
01531                 {
01532                     $_GET["sort_by"] = "login";
01533                 }
01534                 $order = $_GET["sort_by"];
01535                                 break;
01536                 }
01537 
01538                 $tbl->setOrderColumn($order);
01539                 $tbl->setOrderDirection($_GET["sort_order"]);
01540                 $tbl->setOffset($_GET["offset"]);
01541                 $tbl->setLimit($_GET["limit"]);
01542                 $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
01543                 $tbl->setData($result_set);
01544         }
01545 
01546         function searchUserFormObject()
01547         {
01548                 global $rbacsystem;
01549 
01550                 //if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01551                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01552                 {
01553                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01554                 }
01555 
01556                 $this->lng->loadLanguageModule('search');
01557 
01558                 $this->tpl->addBlockFile("ADM_CONTENT","adm_content","tpl.role_users_search.html");
01559 
01560                 $this->tpl->setVariable("F_ACTION",$this->ctrl->getFormAction($this));
01561                 $this->tpl->setVariable("SEARCH_ASSIGN_USR",$this->lng->txt("role_search_users"));
01562                 $this->tpl->setVariable("SEARCH_SEARCH_TERM",$this->lng->txt("search_search_term"));
01563                 $this->tpl->setVariable("SEARCH_VALUE",$_SESSION["role_search_str"] ? $_SESSION["role_search_str"] : "");
01564                 $this->tpl->setVariable("SEARCH_FOR",$this->lng->txt("exc_search_for"));
01565                 $this->tpl->setVariable("SEARCH_ROW_TXT_USER",$this->lng->txt("exc_users"));
01566                 $this->tpl->setVariable("SEARCH_ROW_TXT_ROLE",$this->lng->txt("exc_roles"));
01567                 $this->tpl->setVariable("SEARCH_ROW_TXT_GROUP",$this->lng->txt("exc_groups"));
01568                 $this->tpl->setVariable("BTN2_VALUE",$this->lng->txt("cancel"));
01569                 $this->tpl->setVariable("BTN1_VALUE",$this->lng->txt("search"));
01570 
01571         $usr = ($_POST["search_for"] == "usr" || $_POST["search_for"] == "") ? 1 : 0;
01572                 $grp = ($_POST["search_for"] == "grp") ? 1 : 0;
01573                 $role = ($_POST["search_for"] == "role") ? 1 : 0;
01574 
01575                 $this->tpl->setVariable("SEARCH_ROW_CHECK_USER",ilUtil::formRadioButton($usr,"search_for","usr"));
01576                 $this->tpl->setVariable("SEARCH_ROW_CHECK_ROLE",ilUtil::formRadioButton($role,"search_for","role"));
01577         $this->tpl->setVariable("SEARCH_ROW_CHECK_GROUP",ilUtil::formRadioButton($grp,"search_for","grp"));
01578 
01579                 $this->__unsetSessionVariables();
01580         }
01581 
01582         function __unsetSessionVariables()
01583         {
01584                 unset($_SESSION["role_delete_member_ids"]);
01585                 unset($_SESSION["role_delete_subscriber_ids"]);
01586                 unset($_SESSION["role_search_str"]);
01587                 unset($_SESSION["role_search_for"]);
01588                 unset($_SESSION["role_role"]);
01589                 unset($_SESSION["role_group"]);
01590                 unset($_SESSION["role_archives"]);
01591         }
01592 
01597         function cancelObject()
01598         {
01599                 sendInfo($this->lng->txt("action_aborted"),true);
01600                 
01601                 if ($_GET["new_type"] != "role")
01602                 {
01603                         $this->ctrl->redirect($this, "userassignment");
01604                 }
01605                 else
01606                 {
01607                         $this->ctrl->redirectByClass("ilobjrolefoldergui","view");
01608                 }
01609         }
01610 
01611         function searchObject()
01612         {
01613                 global $rbacsystem, $tree;
01614 
01615                 #if (!$rbacsystem->checkAccess("edit_userassignment", $this->rolf_ref_id))
01616                 if(!$this->checkAccess('edit_userassignment','edit_permission'))
01617                 {
01618                         $this->ilias->raiseError($this->lng->txt("msg_no_perm_assign_user_to_role"),$this->ilias->error_obj->MESSAGE);
01619                 }
01620 
01621                 $_SESSION["role_search_str"] = $_POST["search_str"] = $_POST["search_str"] ? $_POST["search_str"] : $_SESSION["role_search_str"];
01622                 $_SESSION["role_search_for"] = $_POST["search_for"] = $_POST["search_for"] ? $_POST["search_for"] : $_SESSION["role_search_for"];
01623 
01624                 if (!isset($_POST["search_for"]) or !isset($_POST["search_str"]))
01625                 {
01626                         sendInfo($this->lng->txt("role_search_enter_search_string"));
01627                         $this->searchUserFormObject();
01628 
01629                         return false;
01630                 }
01631 
01632                 if (!count($result = $this->__search(ilUtil::stripSlashes($_POST["search_str"]),$_POST["search_for"])))
01633                 {
01634                         sendInfo($this->lng->txt("role_no_results_found"));
01635                         $this->searchUserFormObject();
01636 
01637                         return false;
01638                 }
01639 
01640                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
01641                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
01642 
01643                 $counter = 0;
01644                 $f_result = array();
01645 
01646                 switch($_POST["search_for"])
01647                 {
01648                 case "usr":
01649                                 foreach($result as $user)
01650                                 {
01651                                         if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user["id"],false))
01652                                         {
01653                                                 continue;
01654                                         }
01655                                         
01656                                         $user_ids[$counter] = $user["id"];
01657                                         
01658                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user["id"]);
01659                                         $f_result[$counter][] = $tmp_obj->getLogin();
01660                                         $f_result[$counter][] = $tmp_obj->getFirstname();
01661                                         $f_result[$counter][] = $tmp_obj->getLastname();
01662 
01663                                         unset($tmp_obj);
01664                                         ++$counter;
01665                                 }
01666                                 $this->__showSearchUserTable($f_result,$user_ids);
01667 
01668                                 return true;
01669 
01670                         case "role":
01671                                 foreach($result as $role)
01672                                 {
01673                     // exclude anonymous role
01674                     if ($role["id"] == ANONYMOUS_ROLE_ID)
01675                     {
01676                         continue;
01677                     }
01678 
01679                     if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($role["id"],false))
01680                                         {
01681                                                 continue;
01682                                         }
01683 
01684                                     // exclude roles with no users assigned to
01685                     if ($tmp_obj->getCountMembers() == 0)
01686                     {
01687                         continue;
01688                     }
01689 
01690                                         $role_ids[$counter] = $role["id"];
01691 
01692                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"role[]",$role["id"]);
01693                                         $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
01694                                         $f_result[$counter][] = $tmp_obj->getCountMembers();
01695 
01696                                         unset($tmp_obj);
01697                                         ++$counter;
01698                                 }
01699 
01700                                 $this->__showSearchRoleTable($f_result,$role_ids);
01701 
01702                                 return true;
01703 
01704                         case "grp":
01705                                 foreach($result as $group)
01706                                 {
01707                                         if(!$tree->isInTree($group["id"]))
01708                                         {
01709                                                 continue;
01710                                         }
01711 
01712                                         if(!$tmp_obj = ilObjectFactory::getInstanceByRefId($group["id"],false))
01713                                         {
01714                                                 continue;
01715                                         }
01716 
01717                     // exclude myself :-)
01718                     if ($tmp_obj->getId() == $this->object->getId())
01719                     {
01720                         continue;
01721                     }
01722 
01723                                         $grp_ids[$counter] = $group["id"];
01724 
01725                                         $f_result[$counter][] = ilUtil::formCheckbox(0,"group[]",$group["id"]);
01726                                         $f_result[$counter][] = array($tmp_obj->getTitle(),$tmp_obj->getDescription());
01727                                         $f_result[$counter][] = $tmp_obj->getCountMembers();
01728 
01729                                         unset($tmp_obj);
01730                                         ++$counter;
01731                                 }
01732                                 $this->__showSearchGroupTable($f_result,$grp_ids);
01733 
01734                                 return true;
01735                 }
01736         }
01737 
01738         function __search($a_search_string,$a_search_for)
01739         {
01740                 include_once("class.ilSearch.php");
01741 
01742                 $this->lng->loadLanguageModule("content");
01743                 $search =& new ilSearch($_SESSION["AccountId"]);
01744                 $search->setPerformUpdate(false);
01745                 $search->setSearchString(ilUtil::stripSlashes($a_search_string));
01746                 $search->setCombination("and");
01747                 $search->setSearchFor(array(0 => $a_search_for));
01748                 $search->setSearchType('new');
01749 
01750                 if ($search->validate($message))
01751                 {
01752                         $search->performSearch();
01753                 }
01754                 else
01755                 {
01756                         sendInfo($message,true);
01757                         $this->ctrl->redirect($this,"searchUserForm");
01758                 }
01759 
01760                 return $search->getResultByType($a_search_for);
01761         }
01762 
01763         function __showSearchUserTable($a_result_set,$a_user_ids = NULL,$a_cmd = "search")
01764         {
01765         $return_to  = "searchUserForm";
01766 
01767         if ($a_cmd == "listUsersRole" or $a_cmd == "listUsersGroup")
01768         {
01769             $return_to = "search";
01770         }
01771 
01772                 $tbl =& $this->__initTableGUI();
01773                 $tpl =& $tbl->getTemplateObject();
01774 
01775                 // SET FORMACTION
01776                 $tpl->setCurrentBlock("tbl_form_header");
01777                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01778                 $tpl->parseCurrentBlock();
01779 
01780                 $tpl->setCurrentBlock("tbl_action_btn");
01781                 $tpl->setVariable("BTN_NAME",$return_to);
01782                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01783                 $tpl->parseCurrentBlock();
01784 
01785                 $tpl->setCurrentBlock("tbl_action_btn");
01786                 $tpl->setVariable("BTN_NAME","assignUser");
01787                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("add"));
01788                 $tpl->parseCurrentBlock();
01789 
01790                 if (!empty($a_user_ids))
01791                 {               
01792                         // set checkbox toggles
01793                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01794                         $tpl->setVariable("JS_VARNAME","user");                 
01795                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_user_ids));
01796                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01797                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01798                         $tpl->parseCurrentBlock();
01799                 }
01800 
01801                 $tpl->setCurrentBlock("tbl_action_row");
01802                 $tpl->setVariable("COLUMN_COUNTS",4);
01803                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01804                 $tpl->parseCurrentBlock();
01805 
01806                 $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
01807                 $tbl->setHeaderNames(array("",
01808                                                                    $this->lng->txt("username"),
01809                                                                    $this->lng->txt("firstname"),
01810                                                                    $this->lng->txt("lastname")));
01811                 $tbl->setHeaderVars(array("",
01812                                                                   "login",
01813                                                                   "firstname",
01814                                                                   "lastname"),
01815                                                         $this->ctrl->getParameterArray($this,$a_cmd,false));
01816                         //array("ref_id" => $this->rolf_ref_id,
01817                         //  "obj_id" => $this->object->getId(),
01818                         // "cmd" => $a_cmd,
01819                         //"cmdClass" => "ilobjrolegui",
01820                         // "cmdNode" => $_GET["cmdNode"]));
01821 
01822                 $tbl->setColumnWidth(array("","33%","33%","33%"));
01823 
01824                 $this->__setTableGUIBasicData($tbl,$a_result_set);
01825                 $tbl->render();
01826 
01827                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01828 
01829                 return true;
01830         }
01831 
01832         function __showSearchRoleTable($a_result_set,$a_role_ids = NULL)
01833         {
01834                 $tbl =& $this->__initTableGUI();
01835                 $tpl =& $tbl->getTemplateObject();
01836 
01837                 $tpl->setCurrentBlock("tbl_form_header");
01838                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01839                 $tpl->parseCurrentBlock();
01840 
01841                 $tpl->setCurrentBlock("tbl_action_btn");
01842                 $tpl->setVariable("BTN_NAME","searchUserForm");
01843                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01844                 $tpl->parseCurrentBlock();
01845 
01846                 $tpl->setCurrentBlock("tbl_action_btn");
01847                 $tpl->setVariable("BTN_NAME","listUsersRole");
01848                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("role_list_users"));
01849                 $tpl->parseCurrentBlock();
01850                 
01851                 if (!empty($a_role_ids))
01852                 {
01853                         // set checkbox toggles
01854                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01855                         $tpl->setVariable("JS_VARNAME","role");                 
01856                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_role_ids));
01857                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01858                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01859                         $tpl->parseCurrentBlock();
01860                 }
01861 
01862                 $tpl->setCurrentBlock("tbl_action_row");
01863                 $tpl->setVariable("COLUMN_COUNTS",4);
01864                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01865                 $tpl->parseCurrentBlock();
01866 
01867                 $tbl->setTitle($this->lng->txt("role_header_edit_users"),"icon_usr.gif",$this->lng->txt("role_header_edit_users"));
01868                 $tbl->setHeaderNames(array("",
01869                                                                    $this->lng->txt("obj_role"),
01870                                                                    $this->lng->txt("role_count_users")));
01871                 $tbl->setHeaderVars(array("",
01872                                                                   "title",
01873                                                                   "nr_members"),
01874                                                         $this->ctrl->getParameterArray($this,"search",false));
01875                         //array("ref_id" => $this->rolf_ref_id,
01876                         //"obj_id" => $this->object->getId(),
01877                         //"cmd" => "search",
01878                         //"cmdClass" => "ilobjrolegui",
01879                         //"cmdNode" => $_GET["cmdNode"]));
01880 
01881                 $tbl->setColumnWidth(array("","80%","19%"));
01882 
01883 
01884                 $this->__setTableGUIBasicData($tbl,$a_result_set,"role");
01885                 $tbl->render();
01886 
01887                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01888 
01889                 return true;
01890         }
01891 
01892         function __showSearchGroupTable($a_result_set,$a_grp_ids = NULL)
01893         {
01894         $tbl =& $this->__initTableGUI();
01895                 $tpl =& $tbl->getTemplateObject();
01896 
01897                 $tpl->setCurrentBlock("tbl_form_header");
01898                 $tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
01899                 $tpl->parseCurrentBlock();
01900 
01901                 $tpl->setCurrentBlock("tbl_action_btn");
01902                 $tpl->setVariable("BTN_NAME","searchUserForm");
01903                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("back"));
01904                 $tpl->parseCurrentBlock();
01905 
01906                 $tpl->setCurrentBlock("tbl_action_btn");
01907                 $tpl->setVariable("BTN_NAME","listUsersGroup");
01908                 $tpl->setVariable("BTN_VALUE",$this->lng->txt("grp_list_users"));
01909                 $tpl->parseCurrentBlock();
01910                 
01911                 if (!empty($a_grp_ids))
01912                 {
01913                         // set checkbox toggles
01914                         $tpl->setCurrentBlock("tbl_action_toggle_checkboxes");
01915                         $tpl->setVariable("JS_VARNAME","group");                        
01916                         $tpl->setVariable("JS_ONCLICK",ilUtil::array_php2js($a_grp_ids));
01917                         $tpl->setVariable("TXT_CHECKALL", $this->lng->txt("check_all"));
01918                         $tpl->setVariable("TXT_UNCHECKALL", $this->lng->txt("uncheck_all"));
01919                         $tpl->parseCurrentBlock();
01920                 }
01921 
01922                 $tpl->setCurrentBlock("tbl_action_row");
01923                 $tpl->setVariable("COLUMN_COUNTS",4);
01924                 $tpl->setVariable("IMG_ARROW",ilUtil::getImagePath("arrow_downright.gif"));
01925                 $tpl->parseCurrentBlock();
01926 
01927                 $tbl->setTitle($this->lng->txt("grp_header_edit_members"),"icon_usr.gif",$this->lng->txt("grp_header_edit_members"));
01928                 $tbl->setHeaderNames(array("",
01929                                                                    $this->lng->txt("obj_grp"),
01930                                                                    $this->lng->txt("grp_count_members")));
01931                 $tbl->setHeaderVars(array("",
01932                                                                   "title",
01933                                                                   "nr_members"),
01934                                                         array("ref_id" => $this->rolf_ref_id,
01935                                   "obj_id" => $this->object->getId(),
01936                                                                   "cmd" => "search",
01937                                                                   "cmdClass" => "ilobjrolegui",
01938                                                                   "cmdNode" => $_GET["cmdNode"]));
01939 
01940                 $tbl->setColumnWidth(array("","80%","19%"));
01941 
01942 
01943                 $this->__setTableGUIBasicData($tbl,$a_result_set,"group");
01944                 $tbl->render();
01945 
01946                 $this->tpl->setVariable("SEARCH_RESULT_TABLE",$tbl->tpl->get());
01947 
01948                 return true;
01949         }
01950 
01951         function listUsersRoleObject()
01952         {
01953                 global $rbacsystem,$rbacreview;
01954 
01955                 $_SESSION["role_role"] = $_POST["role"] = $_POST["role"] ? $_POST["role"] : $_SESSION["role_role"];
01956 
01957                 if (!is_array($_POST["role"]))
01958                 {
01959                         sendInfo($this->lng->txt("role_no_roles_selected"));
01960                         $this->searchObject();
01961 
01962                         return false;
01963                 }
01964 
01965                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
01966                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
01967 
01968                 // GET ALL MEMBERS
01969                 $members = array();
01970 
01971                 foreach ($_POST["role"] as $role_id)
01972                 {
01973                         $members = array_merge($rbacreview->assignedUsers($role_id),$members);
01974                 }
01975 
01976                 $members = array_unique($members);
01977 
01978                 // FORMAT USER DATA
01979                 $counter = 0;
01980                 $f_result = array();
01981 
01982                 foreach($members as $user)
01983                 {
01984                         if(!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
01985                         {
01986                                 continue;
01987                         }
01988                         
01989                         $user_ids[$counter] = $user;
01990                         
01991                         // TODO: exclude anonymous user
01992                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
01993                         $f_result[$counter][] = $tmp_obj->getLogin();
01994                         $f_result[$counter][] = $tmp_obj->getFirstname();
01995                         $f_result[$counter][] = $tmp_obj->getLastname();
01996 
01997                         unset($tmp_obj);
01998                         ++$counter;
01999                 }
02000 
02001                 $this->__showSearchUserTable($f_result,$user_ids,"listUsersRole");
02002 
02003                 return true;
02004         }
02005 
02006         function listUsersGroupObject()
02007         {
02008                 global $rbacsystem,$rbacreview,$tree;
02009 
02010                 $_SESSION["role_group"] = $_POST["group"] = $_POST["group"] ? $_POST["group"] : $_SESSION["role_group"];
02011 
02012                 if (!is_array($_POST["group"]))
02013                 {
02014                         sendInfo($this->lng->txt("role_no_groups_selected"));
02015                         $this->searchObject();
02016 
02017                         return false;
02018                 }
02019 
02020                 $this->tpl->addBlockFile("ADM_CONTENT", "adm_content", "tpl.role_usr_selection.html");
02021                 $this->__showButton("searchUserForm",$this->lng->txt("role_new_search"));
02022 
02023                 // GET ALL MEMBERS
02024                 $members = array();
02025 
02026                 foreach ($_POST["group"] as $group_id)
02027                 {
02028                         if (!$tree->isInTree($group_id))
02029                         {
02030                                 continue;
02031                         }
02032                         if (!$tmp_obj = ilObjectFactory::getInstanceByRefId($group_id))
02033                         {
02034                                 continue;
02035                         }
02036 
02037                         $members = array_merge($tmp_obj->getGroupMemberIds(),$members);
02038 
02039                         unset($tmp_obj);
02040                 }
02041 
02042                 $members = array_unique($members);
02043 
02044                 // FORMAT USER DATA
02045                 $counter = 0;
02046                 $f_result = array();
02047 
02048                 foreach($members as $user)
02049                 {
02050                         if (!$tmp_obj = ilObjectFactory::getInstanceByObjId($user,false))
02051                         {
02052                                 continue;
02053                         }
02054                         
02055                         $user_ids[$counter] = $user;                    
02056 
02057                         $f_result[$counter][] = ilUtil::formCheckbox(0,"user[]",$user);
02058                         $f_result[$counter][] = $tmp_obj->getLogin();
02059                         $f_result[$counter][] = $tmp_obj->getFirstname();
02060                         $f_result[$counter][] = $tmp_obj->getLastname();
02061 
02062                         unset($tmp_obj);
02063                         ++$counter;
02064                 }
02065 
02066                 $this->__showSearchUserTable($f_result,$user_ids,"listUsersGroup");
02067 
02068                 return true;
02069         }
02070 
02071 
02072         function __formatPath($a_path_arr)
02073         {
02074                 $counter = 0;
02075 
02076                 foreach ($a_path_arr as $data)
02077                 {
02078                         if ($counter++)
02079                         {
02080                                 $path .= " -> ";
02081                         }
02082 
02083                         $path .= $data['title'];
02084                 }
02085 
02086                 if (strlen($path) > 50)
02087                 {
02088                         return '...'.substr($path,-50);
02089                 }
02090 
02091                 return $path;
02092         }
02093 
02094         function __prepareOutput()
02095         {
02096                 // output objects
02097                 //$this->tpl->addBlockFile("CONTENT", "content", "tpl.role.html");
02098                 $this->tpl->addBlockFile("CONTENT", "content", "tpl.adm_content.html");
02099                 $this->tpl->addBlockFile("STATUSLINE", "statusline", "tpl.statusline.html");
02100 
02101                 // output locator
02102                 //$this->__setLocator();
02103 
02104                 // output message
02105                 if ($this->message)
02106                 {
02107                         sendInfo($this->message);
02108                 }
02109 
02110                 // display infopanel if something happened
02111                 infoPanel();
02112 
02113                 // set header
02114                 $this->__setHeader();
02115         }
02116 
02117         function __setHeader()
02118         {
02119                 include_once './classes/class.ilTabsGUI.php';
02120 
02121                 $this->tpl->setTitle($this->lng->txt('role'));
02122                 $this->tpl->setDescription($this->object->getTitle());
02123                 $this->tpl->setTitleIcon(ilUtil::getImagePath("icon_role.gif"));
02124 
02125                 #$tabs_gui =& new ilTabsGUI();
02126                 $this->getTabs($this->tabs_gui);
02127 
02128                 // output tabs
02129                 #$this->tpl->setVariable("TABS", $tabs_gui->getHTML());
02130         }
02131 
02132         function __setLocator()
02133         {
02134                 global $tree, $ilias_locator;
02135                 
02136                 return;
02137                 
02138                 $this->tpl->addBlockFile("LOCATOR", "locator", "tpl.locator.html");
02139 
02140                 $counter = 0;
02141 
02142                 foreach ($tree->getPathFull($this->rolf_ref_id) as $key => $row)
02143                 {
02144                         if ($counter++)
02145                         {
02146                                 $this->tpl->touchBlock('locator_separator_prefix');
02147                         }
02148 
02149                         $this->tpl->setCurrentBlock("locator_item");
02150 
02151                         if ($row["type"] == 'rolf')
02152                         {
02153                                 $this->tpl->setVariable("ITEM",$this->object->getTitle());
02154                                 $this->tpl->setVariable("LINK_ITEM",$this->ctrl->getLinkTarget($this));
02155                         }
02156                         elseif ($row["child"] != $tree->getRootId())
02157                         {
02158                                 $this->tpl->setVariable("ITEM", $row["title"]);
02159                                 $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
02160                         }
02161                         else
02162                         {
02163                                 $this->tpl->setVariable("ITEM", $this->lng->txt("repository"));
02164                                 $this->tpl->setVariable("LINK_ITEM","repository.php?ref_id=".$row["child"]);
02165                         }
02166 
02167                         $this->tpl->parseCurrentBlock();
02168                 }
02169 
02170                 $this->tpl->setVariable("TXT_LOCATOR",$this->lng->txt("locator"));
02171                 $this->tpl->parseCurrentBlock();
02172         }
02173         
02178         function addAdminLocatorItems()
02179         {
02180                 global $ilLocator;
02181 
02182                 if ($_GET["admin_mode"] == "settings"
02183                         && $_GET["ref_id"] != SYSTEM_FOLDER_ID) // system settings
02184                 {               
02185                         $ilLocator->addItem($this->lng->txt("administration"),
02186                                 $this->ctrl->getLinkTargetByClass("iladministrationgui", "frameset"),
02187                                 ilFrameTargetInfo::_getFrame("MainContent"));
02188 
02189                         $ilLocator->addItem($this->lng->txt("obj_".ilObject::_lookupType(
02190                                 ilObject::_lookupObjId($_GET["ref_id"]))),
02191                                 $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
02192                         
02193                         if ($_GET["obj_id"] > 0)
02194                         {
02195                                 $ilLocator->addItem($this->object->getTitle(),
02196                                         $this->ctrl->getLinkTarget($this, "view"));
02197                         }
02198                 }
02199                 else                                                    // repository administration
02200                 {
02201                         // ?
02202                 }
02203         }
02204         
02205         function showUpperIcon()
02206         {
02207                 global $tree, $tpl, $objDefinition;
02208                 
02209                 if (strtolower($_GET["baseClass"]) == "iladministrationgui")
02210                 {
02211                         if ($_GET["admin_mode"] == "settings"
02212                                 && $_GET["ref_id"] != SYSTEM_FOLDER_ID)
02213                         {
02214                                 $tpl->setUpperIcon(
02215                                         $this->ctrl->getLinkTargetByClass("ilobjrolefoldergui", "view"));
02216                         }
02217                 }
02218                 else
02219                 {               
02220                         if ($this->object->getRefId() != ROOT_FOLDER_ID &&
02221                                 $this->object->getRefId() != SYSTEM_FOLDER_ID)
02222                         {
02223                                 $par_id = $tree->getParentId($this->object->getRefId());
02224                                 $tpl->setUpperIcon("repository.php?ref_id=".$par_id);
02225                         }
02226                 }
02227         }
02228 
02229 
02230 
02231         function getTabs(&$tabs_gui)
02232         {
02233                 global $rbacsystem,$rbacreview;
02234 
02235                 $base_role_folder = $rbacreview->getFoldersAssignedToRole($this->object->getId(),true);
02236 //var_dump($base_role_folder);
02237 //echo "-".$this->rolf_ref_id."-";
02238 
02239                 $activate_role_edit = false;
02240                 
02241                 // todo: activate the following (allow editing of local roles in
02242                 // roles administration)
02243                 //if (in_array($this->rolf_ref_id,$base_role_folder))
02244                 if (in_array($this->rolf_ref_id,$base_role_folder) ||
02245                         (strtolower($_GET["baseClass"]) == "iladministrationgui" &&
02246                         $_GET["admin_mode"] == "settings"))
02247                 {
02248                         $activate_role_edit = true;
02249                 }
02250 
02251                 // not so nice (workaround for using tabs in repository)
02252                 $tabs_gui->clearTargets();
02253                 
02254                 if ($this->back_target != "")
02255                 {
02256                         $tabs_gui->setBackTarget(
02257                                 $this->back_target["text"],$this->back_target["link"]);
02258                 }
02259 
02260                 #if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02261                 if($this->checkAccess('write','edit_permission') && $activate_role_edit)
02262                 {
02263                         $tabs_gui->addTarget("edit_properties",
02264                                 $this->ctrl->getLinkTarget($this, "edit"), array("edit","update"), get_class($this));
02265                 }
02266 
02267                 #if ($rbacsystem->checkAccess('write',$this->rolf_ref_id))
02268                 if($this->checkAccess('write','edit_permission'))
02269                 {
02270                         $force_active = ($_GET["cmd"] == "perm" || $_GET["cmd"] == "")
02271                                 ? true
02272                                 : false;
02273                         $tabs_gui->addTarget("default_perm_settings",
02274                                 $this->ctrl->getLinkTarget($this, "perm"), array("perm", "adoptPermSave", "permSave"),
02275                                 get_class($this),
02276                                 "", $force_active);
02277                 }
02278 
02279                 #if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02280                 if($this->checkAccess('write','edit_permission') && $activate_role_edit)
02281                 {
02282                         $tabs_gui->addTarget("user_assignment",
02283                                 $this->ctrl->getLinkTarget($this, "userassignment"),
02284                                 array("deassignUser", "userassignment", "assignUser", "searchUserForm", "search"),
02285                                 get_class($this));
02286                 }
02287 
02288                 #if ($rbacsystem->checkAccess('write',$this->rolf_ref_id) && $activate_role_edit)
02289                 if($this->checkAccess('write','edit_permission') && $activate_role_edit)
02290                 {
02291                         $tabs_gui->addTarget("desktop_items",
02292                                 $this->ctrl->getLinkTarget($this, "listDesktopItems"),
02293                                 array("listDesktopItems", "deleteDesktopItems", "selectDesktopItem", "askDeleteDesktopItem"),
02294                                 get_class($this));
02295                 }
02296         }
02297         
02298         function mailToRoleObject()
02299         {
02300                 $_SESSION['mail_roles'][] = "#".$this->object->getTitle();
02301                 $script = 'mail_new.php?type=role';
02302                 ilUtil::redirect($script);
02303         }
02304         
02305         function checkAccess($a_perm_global,$a_perm_obj = '')
02306         {
02307                 global $rbacsystem,$ilAccess;
02308                 
02309                 $a_perm_obj = $a_perm_obj ? $a_perm_obj : $a_perm_global;
02310                 
02311                 if($this->rolf_ref_id == ROLE_FOLDER_ID)
02312                 {
02313                         return $rbacsystem->checkAccess($a_perm_global,$this->rolf_ref_id);
02314                 }
02315                 else
02316                 {
02317                         return $ilAccess->checkAccess($a_perm_obj,'',$this->obj_ref_id);
02318                 }
02319         }
02320         
02321 } // END class.ilObjRoleGUI
02322 ?>