ILIAS  release_4-4 Revision
class.ilRbacLog.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
14 class ilRbacLog
15 {
16  const EDIT_PERMISSIONS = 1;
17  const MOVE_OBJECT = 2;
18  const LINK_OBJECT = 3;
19  const COPY_OBJECT = 4;
20  const CREATE_OBJECT = 5;
21  const EDIT_TEMPLATE = 6;
23  const CHANGE_OWNER = 8;
24 
25  static public function isActive()
26  {
27  include_once "Services/PrivacySecurity/classes/class.ilPrivacySettings.php";
28  $settings = ilPrivacySettings::_getInstance();
29  if($settings->enabledRbacLog())
30  {
31  return true;
32  }
33  return false;
34  }
35 
36  static public function gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action = false)
37  {
38  global $rbacreview;
39 
40  $result = array();
41 
42  // #10946 - if result is written to log directly we need to add an "action" dimension
43  // if result is used as input to diffFaPa() we need "raw" data
44 
45  // roles
46  foreach($a_role_ids as $role_id)
47  {
48  if ($role_id != SYSTEM_ROLE_ID)
49  {
50  if($a_add_action)
51  {
52  $result["ops"][$role_id]["add"] = $rbacreview->getRoleOperationsOnObject($role_id, $a_ref_id);
53  }
54  else
55  {
56  $result["ops"][$role_id] = $rbacreview->getRoleOperationsOnObject($role_id, $a_ref_id);
57  }
58  }
59  }
60 
61  // inheritance
62  $rolf_data = $rbacreview->getRoleFolderOfObject($a_ref_id);
63  $rolf_id = $rolf_data["child"];
64  if($rolf_id && $rolf_id != ROLE_FOLDER_ID)
65  {
66  if($a_add_action)
67  {
68  $result["inht"]["add"] = $rbacreview->getRolesOfRoleFolder($rolf_id);
69  }
70  else
71  {
72  $result["inht"] = $rbacreview->getRolesOfRoleFolder($rolf_id);
73  }
74  }
75 
76  return $result;
77  }
78 
79  static public function diffFaPa(array $a_old, array $a_new)
80  {
81  $result = array();
82 
83  // roles
84  foreach((array) $a_old["ops"] as $role_id => $ops)
85  {
86  $diff = array_diff($ops, $a_new["ops"][$role_id]);
87  if(sizeof($diff))
88  {
89  $result["ops"][$role_id]["rmv"] = array_values($diff);
90  }
91  $diff = array_diff($a_new["ops"][$role_id], $ops);
92  if(sizeof($diff))
93  {
94  $result["ops"][$role_id]["add"] = array_values($diff);
95  }
96  }
97 
98  if(isset($a_old["inht"]) || isset($a_new["inht"]))
99  {
100  if(isset($a_old["inht"]) && !isset($a_new["inht"]))
101  {
102  $result["inht"]["rmv"] = $a_old["inht"];
103  }
104  else if(!isset($a_old["inht"]) && isset($a_new["inht"]))
105  {
106  $result["inht"]["add"] = $a_new["inht"];
107  }
108  else
109  {
110  $diff = array_diff($a_old["inht"], $a_new["inht"]);
111  if(sizeof($diff))
112  {
113  $result["inht"]["rmv"] = array_values($diff);
114  }
115  $diff = array_diff($a_new["inht"], $a_old["inht"]);
116  if(sizeof($diff))
117  {
118  $result["inht"]["add"] = array_values($diff);
119  }
120  }
121  }
122 
123  return $result;
124  }
125 
126  static public function gatherTemplate($a_role_folder_ref_id, $a_role_id)
127  {
128  global $rbacreview;
129 
130  return $rbacreview->getAllOperationsOfRole($a_role_id, $a_role_folder_ref_id);
131  }
132 
133  static public function diffTemplate(array $a_old, array $a_new)
134  {
135  $result = array();
136  $types = array_unique(array_merge(array_keys($a_old), array_keys($a_new)));
137  foreach($types as $type)
138  {
139  if(!isset($a_old[$type]))
140  {
141  $result[$type]["add"] = $a_new[$type];
142  }
143  else if(!isset($a_new[$type]))
144  {
145  $result[$type]["rmv"] = $a_old[$type];
146  }
147  else
148  {
149  $diff = array_diff($a_old[$type], $a_new[$type]);
150  if(sizeof($diff))
151  {
152  $result[$type]["rmv"] = array_values($diff);
153  }
154  $diff = array_diff($a_new[$type], $a_old[$type]);
155  if(sizeof($diff))
156  {
157  $result[$type]["add"] = array_values($diff);
158  }
159  }
160  }
161  return $result;
162  }
163 
164  static public function add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id = false)
165  {
166  global $ilUser, $ilDB;
167 
168  if(self::isValidAction($a_action) && sizeof($a_diff))
169  {
170  if($a_source_ref_id)
171  {
172  $a_diff["src"] = $a_source_ref_id;
173  }
174 
175  $ilDB->query("INSERT INTO rbac_log (user_id, created, ref_id, action, data)".
176  " VALUES (".$ilDB->quote($ilUser->getId(), "integer").",".$ilDB->quote(time(), "integer").
177  ",".$ilDB->quote($a_ref_id, "integer").",".$ilDB->quote($a_action, "integer").
178  ",".$ilDB->quote(serialize($a_diff), "text").")");
179  return true;
180  }
181  return false;
182  }
183 
184  static protected function isValidAction($a_action)
185  {
186  if(in_array($a_action, array(self::EDIT_PERMISSIONS, self::MOVE_OBJECT, self::LINK_OBJECT,
187  self::COPY_OBJECT, self::CREATE_OBJECT, self::EDIT_TEMPLATE, self::EDIT_TEMPLATE_EXISTING,
188  self::CHANGE_OWNER)))
189  {
190  return true;
191  }
192  return false;
193  }
194 
195  static public function getLogItems($a_ref_id, $a_limit, $a_offset, array $a_filter = NULL)
196  {
197  global $ilDB, $rbacreview;
198 
199  if($a_filter)
200  {
201  $where = NULL;
202  if($a_filter["action"])
203  {
204  $where[] = "action = ".$ilDB->quote($a_filter["action"], "integer");
205  }
206  if($a_filter["date"]["from"])
207  {
208  $from = $a_filter["date"]["from"]->get(IL_CAL_UNIX);
209  $from = strtotime("00:00:00", $from);
210  $where[] = "created >= ".$ilDB->quote($from, "integer");
211  }
212  if($a_filter["date"]["to"])
213  {
214  $to = $a_filter["date"]["to"]->get(IL_CAL_UNIX);
215  $to = strtotime("23:59:59", $to);
216  $where[] = "created <= ".$ilDB->quote($to, "integer");
217  }
218  if(sizeof($where))
219  {
220  $where = " AND ".implode(" AND ", $where);
221  }
222  }
223 
224  $set = $ilDB->query("SELECT COUNT(*) FROM rbac_log WHERE ref_id = ".$ilDB->quote($a_ref_id, "integer").$where);
225  $count = array_pop($ilDB->fetchAssoc($set));
226 
227  $ilDB->setLimit($a_limit, $a_offset);
228  $set = $ilDB->query("SELECT * FROM rbac_log WHERE ref_id = ".$ilDB->quote($a_ref_id, "integer").
229  $where." ORDER BY created DESC");
230  $result = array();
231  while($row = $ilDB->fetchAssoc($set))
232  {
233  $row["data"] = unserialize($row["data"]);
234  $result[] = $row;
235  }
236  return array("cnt"=>$count, "set"=>$result);
237  }
238 
239  static function delete($a_ref_id)
240  {
241  global $ilDB;
242 
243  $ilDB->query("DELETE FROM rbac_log WHERE ref_id = ".$ilDB->quote($a_ref_id, "integer"));
244 
245  self::garbageCollection();
246  }
247 
248  static function garbageCollection()
249  {
250  global $ilDB;
251 
252  include_once "Services/PrivacySecurity/classes/class.ilPrivacySettings.php";
253  $settings = ilPrivacySettings::_getInstance();
254  $max = $settings->getRbacLogAge();
255 
256  $ilDB->query("DELETE FROM rbac_log WHERE created < ".$ilDB->quote(strtotime("-".$max."months"), "integer"));
257  }
258 }
259 
260 ?>
$result
static garbageCollection()
static gatherTemplate($a_role_folder_ref_id, $a_role_id)
const CHANGE_OWNER
static isActive()
const IL_CAL_UNIX
static gatherFaPa($a_ref_id, array $a_role_ids, $a_add_action=false)
static diffFaPa(array $a_old, array $a_new)
const EDIT_PERMISSIONS
const CREATE_OBJECT
const COPY_OBJECT
const LINK_OBJECT
static getLogItems($a_ref_id, $a_limit, $a_offset, array $a_filter=NULL)
global $ilUser
Definition: imgupload.php:15
static add($a_action, $a_ref_id, array $a_diff, $a_source_ref_id=false)
static diffTemplate(array $a_old, array $a_new)
const EDIT_TEMPLATE_EXISTING
const EDIT_TEMPLATE
const MOVE_OBJECT
static _getInstance()
Get instance of ilPrivacySettings.
static isValidAction($a_action)
class ilRbacLog Log changes in Rbac-related settings