ILIAS  Release_3_10_x_branch Revision 61812
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilObjRole.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 require_once "./classes/class.ilObject.php";
25 
34 class ilObjRole extends ilObject
35 {
43  var $parent;
44 
45  var $allow_register;
46  var $assign_users;
47 
54  function ilObjRole($a_id = 0,$a_call_by_reference = false)
55  {
56  $this->type = "role";
57  $this->ilObject($a_id,$a_call_by_reference);
58  }
59 
60  function toggleAssignUsersStatus($a_assign_users)
61  {
62  $this->assign_users = (int) $a_assign_users;
63  }
64  function getAssignUsersStatus()
65  {
66  return $this->assign_users;
67  }
68  // Same method (static)
69  function _getAssignUsersStatus($a_role_id)
70  {
71  global $ilDB;
72 
73  $query = "SELECT assign_users FROM role_data WHERE role_id = ".$ilDB->quote($a_role_id)." ";
74 
75  $res = $ilDB->query($query);
76  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
77  {
78  return $row->assign_users ? true : false;
79  }
80  return false;
81  }
82 
87  function read ()
88  {
89  global $ilDB;
90 
91  $q = "SELECT * FROM role_data WHERE role_id= ".$ilDB->quote($this->id)." ";
92  $r = $this->ilias->db->query($q);
93 
94  if ($r->numRows() > 0)
95  {
96  $data = $r->fetchRow(DB_FETCHMODE_ASSOC);
97 
98  // fill member vars in one shot
99  $this->assignData($data);
100  }
101  else
102  {
103  $this->ilias->raiseError("<b>Error: There is no dataset with id ".$this->id."!</b><br />class: ".get_class($this)."<br />Script: ".__FILE__."<br />Line: ".__LINE__, $this->ilias->FATAL);
104  }
105 
106  parent::read();
107  }
108 
114  function assignData($a_data)
115  {
116  $this->setTitle(ilUtil::stripSlashes($a_data["title"]));
117  $this->setDescription(ilUtil::stripslashes($a_data["desc"]));
118  $this->setAllowRegister($a_data["allow_register"]);
119  $this->toggleAssignUsersStatus($a_data['assign_users']);
120  }
121 
126  function update ()
127  {
128  global $ilDB;
129 
130  $q = "UPDATE role_data SET ".
131  "allow_register= ".$ilDB->quote($this->allow_register).", ".
132  "assign_users = ".$ilDB->quote($this->getAssignUsersStatus())." ".
133  "WHERE role_id= ".$ilDB->quote($this->id)." ";
134 
135  $this->ilias->db->query($q);
136 
137  parent::update();
138 
139  $this->read();
140 
141  return true;
142  }
143 
151  function create()
152  {
153  global $ilDB;
154 
155  $this->id = parent::create();
156 
157  $q = "INSERT INTO role_data ".
158  "(role_id,allow_register,assign_users) ".
159  "VALUES ".
160  "(".$ilDB->quote($this->id).",".$ilDB->quote($this->getAllowRegister()).",".$ilDB->quote($this->getAssignUsersStatus()).")";
161  $this->ilias->db->query($q);
162 
163  return $this->id;
164  }
165 
172  function setAllowRegister($a_allow_register)
173  {
174  if (empty($a_allow_register))
175  {
176  $a_allow_register == 0;
177  }
178 
179  $this->allow_register = (int) $a_allow_register;
180  }
181 
188  function getAllowRegister()
189  {
190  return $this->allow_register;
191  }
192 
199  function _lookupRegisterAllowed()
200  {
201  global $ilDB;
202 
203  $q = "SELECT * FROM role_data ".
204  "LEFT JOIN object_data ON object_data.obj_id = role_data.role_id ".
205  "WHERE allow_register = 1";
206 
207  $r = $ilDB->query($q);
208 
209  $roles = array();
210  while ($role = $r->fetchRow(DB_FETCHMODE_ASSOC))
211  {
212  $roles[] = array("id" => $role["obj_id"],
213  "title" => $role["title"],
214  "auth_mode" => $role['auth_mode']);
215  }
216 
217  return $roles;
218  }
219 
226  function _lookupAllowRegister($a_role_id)
227  {
228  global $ilDB;
229 
230  $q = "SELECT * FROM role_data ".
231  " WHERE role_id =".$ilDB->quote($a_role_id);
232 
233  $role_set = $ilDB->query($q);
234 
235  if ($role_rec = $role_set->fetchRow(DB_FETCHMODE_ASSOC))
236  {
237  if ($role_rec["allow_register"])
238  {
239  return true;
240  }
241  }
242  return false;
243  }
244 
252  function setParent($a_parent_ref)
253  {
254  $this->parent = $a_parent_ref;
255  }
256 
263  function getParent()
264  {
265  return $this->parent;
266  }
267 
268 
275  function delete()
276  {
277  global $rbacadmin, $rbacreview,$ilDB;
278 
279  $role_folders = $rbacreview->getFoldersAssignedToRole($this->getId());
280 
281  if ($rbacreview->isAssignable($this->getId(),$this->getParent()))
282  {
283  // do not delete a global role, if the role is the last
284  // role a user is assigned to.
285  //
286  // Performance improvement: In the code section below, we
287  // only need to consider _global_ roles. We don't need
288  // to check for _local_ roles, because a user who has
289  // a local role _always_ has a global role too.
290  $last_role_user_ids = array();
291  if ($this->getParent() == ROLE_FOLDER_ID)
292  {
293  // The role is a global role: check if
294  // we find users who aren't assigned to any
295  // other global role than this one.
296  $user_ids = $rbacreview->assignedUsers($this->getId());
297 
298  foreach ($user_ids as $user_id)
299  {
300  // get all roles each user has
301  $role_ids = $rbacreview->assignedRoles($user_id);
302 
303  // is last role?
304  if (count($role_ids) == 1)
305  {
306  $last_role_user_ids[] = $user_id;
307  }
308  }
309  }
310 
311  // users with last role found?
312  if (count($last_role_user_ids) > 0)
313  {
314  foreach ($last_role_user_ids as $user_id)
315  {
316 //echo "<br>last role for user id:".$user_id.":";
317  // GET OBJECT TITLE
318  $tmp_obj = $this->ilias->obj_factory->getInstanceByObjId($user_id);
319  $user_names[] = $tmp_obj->getFullname();
320  unset($tmp_obj);
321  }
322 
323  // TODO: This check must be done in rolefolder object because if multiple
324  // roles were selected the other roles are still deleted and the system does not
325  // give any feedback about this.
326  $users = implode(', ',$user_names);
327  $this->ilias->raiseError($this->lng->txt("msg_user_last_role1")." ".
328  $users."<br/>".$this->lng->txt("msg_user_last_role2"),$this->ilias->error_obj->WARNING);
329  }
330  else
331  {
332  // IT'S A BASE ROLE
333  $rbacadmin->deleteRole($this->getId(),$this->getParent());
334 
335  // Delete ldap role group mappings
336  include_once('./Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php');
337  ilLDAPRoleGroupMappingSettings::_deleteByRole($this->getId());
338 
339  // delete object_data entry
340  parent::delete();
341 
342  // delete role_data entry
343  $q = "DELETE FROM role_data WHERE role_id = ".$ilDB->quote($this->getId())." ";
344  $this->ilias->db->query($q);
345 
346  include_once './classes/class.ilRoleDesktopItem.php';
347  $role_desk_item_obj =& new ilRoleDesktopItem($this->getId());
348  $role_desk_item_obj->deleteAll();
349 
350  }
351  }
352  else
353  {
354  // linked local role: INHERITANCE WAS STOPPED, SO DELETE ONLY THIS LOCAL ROLE
355  $rbacadmin->deleteLocalRole($this->getId(),$this->getParent());
356  }
357 
358  // purge empty rolefolders
359  //
360  // Performance improvement: We filter out all role folders
361  // which still contain roles, _before_ we attempt to purge them.
362  // This is faster than attempting to purge all role folders,
363  // and let function purge() of the role folder find out, if
364  // purging is possible.
365  $q = "SELECT DISTINCT parent FROM rbac_fa ".
366  "WHERE parent IN (".implode(',',$role_folders).")";
367 
368  $r = $ilDB->query($q);
369  $non_empty_role_folders = array();
370  while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
371  {
372  $non_empty_role_folders[] = $row->parent;
373  }
374  $role_folders = array_diff($role_folders,$non_empty_role_folders);
375 
376  // Attempt to purge the role folders
377  foreach ($role_folders as $rolf)
378  {
379  if (ilObject::_exists($rolf,true))
380  {
381  $rolfObj = $this->ilias->obj_factory->getInstanceByRefId($rolf);
382  $rolfObj->purge();
383  unset($roleObj);
384  }
385  }
386 
387  return true;
388  }
389 
390  function getCountMembers()
391  {
392  global $rbacreview;
393 
394  return count($rbacreview->assignedUsers($this->getId()));
395  }
396 
405  function _search(&$a_search_obj)
406  {
407  global $ilBench;
408 
409  // NO CLASS VARIABLES IN STATIC METHODS
410 
411  $where_condition = $a_search_obj->getWhereCondition("like",array("title","description"));
412  //$in = $a_search_obj->getInStatement("ore.ref_id");
413 
414  $query = "SELECT obj_id FROM object_data AS od ".
415  $where_condition." ".
416  "AND od.type = 'role' ";
417 
418  $ilBench->start("Search", "ilObjRole_search");
419  $res = $a_search_obj->ilias->db->query($query);
420  $ilBench->stop("Search", "ilObjRole_search");
421 
422  $counter = 0;
423 
424  while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
425  {
426  $result_data[$counter++]["id"] = $row->obj_id;
427  }
428 
429  return $result_data ? $result_data : array();
430  }
431 
432 
433  function _getTranslation($a_role_title)
434  {
435  global $lng;
436 
437  $test_str = explode('_',$a_role_title);
438 
439  if ($test_str[0] == 'il')
440  {
441  $test2 = (int) $test_str[3];
442  if ($test2 > 0)
443  {
444  unset($test_str[3]);
445  }
446 
447  return $lng->txt(implode('_',$test_str));
448  }
449 
450  return $a_role_title;
451  }
452 
453 
454 
455  function _updateAuthMode($a_roles)
456  {
457  global $ilDB;
458 
459  foreach ($a_roles as $role_id => $auth_mode)
460  {
461  $q = "UPDATE role_data SET ".
462  "auth_mode= ".$ilDB->quote($auth_mode)." ".
463  "WHERE role_id= ".$ilDB->quote($role_id)." ";
464  $ilDB->query($q);
465  }
466  }
467 
468  function _getAuthMode($a_role_id)
469  {
470  global $ilDB;
471 
472  $q = "SELECT auth_mode FROM role_data ".
473  "WHERE role_id= ".$ilDB->quote($a_role_id)." ";
474  $r = $ilDB->query($q);
475  $row = $r->fetchRow();
476 
477  return $row[0];
478  }
479 
487  public static function _getRolesByAuthMode($a_auth_mode)
488  {
489  global $ilDB;
490 
491  $query = "SELECT * FROM role_data ".
492  "WHERE auth_mode = ".$ilDB->quote($a_auth_mode);
493  $res = $ilDB->query($query);
494  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
495  {
496  $roles[] = $row->role_id;
497  }
498  return $roles ? $roles : array();
499  }
500 
509  public static function _resetAuthMode($a_auth_mode)
510  {
511  global $ilDB;
512 
513  $query = "UPDATE role_data SET auth_mode = 'default' WHERE auth_mode = ".$ilDB->quote($a_auth_mode);
514  $ilDB->query($query);
515  }
516 
517  // returns array of operation/objecttype definitions
518  // private
519  function __getPermissionDefinitions()
520  {
521  global $ilDB, $lng, $objDefinition;
522 
523  // build array with all rbac object types
524  $q = "SELECT ta.typ_id,obj.title,ops.ops_id,ops.operation FROM rbac_ta AS ta ".
525  "JOIN object_data AS obj ON obj.obj_id=ta.typ_id ".
526  "JOIN rbac_operations AS ops ON ops.ops_id=ta.ops_id";
527  $r = $ilDB->query($q);
528 
529  while ($row = $r->fetchRow(DB_FETCHMODE_OBJECT))
530  {
531  if($objDefinition->getDevMode($row->title))
532  {
533  continue;
534  }
535  // FILTER SUBOJECTS OF adm OBJECT
536  #if(in_array($row->title,$to_filter))
537  #{
538  # continue;
539  #}
540  $rbac_objects[$row->typ_id] = array("obj_id" => $row->typ_id,
541  "type" => $row->title
542  );
543 
544  $rbac_operations[$row->typ_id][$row->ops_id] = array(
545  "ops_id" => $row->ops_id,
546  "title" => $row->operation,
547  "name" => $lng->txt($row->title."_".$row->operation)
548  );
549  }
550  return array($rbac_objects,$rbac_operations);
551  }
552 } // END class.ilObjRole
553 ?>