46 global $ilDB,
$ilErr,$ilias;
49 (isset($ilDB)) ? $this->ilDB =& $ilDB : $this->ilDB =& $ilias->db;
54 $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,
'errorHandler'));
73 if (!isset($a_usr_id))
75 $message = get_class($this).
"::removeUser(): No usr_id given!";
76 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
79 $q =
"DELETE FROM rbac_ua WHERE usr_id = ".$ilDB->quote($a_usr_id).
" ";
80 $this->ilDB->query($q);
96 if (!isset($a_rol_id) or !isset($a_ref_id))
98 $message = get_class($this).
"::deleteRole(): Missing parameter! role_id: ".$a_rol_id.
" ref_id of role folder: ".$a_ref_id;
99 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
103 if ($a_rol_id == SYSTEM_ROLE_ID)
105 $this->ilErr->raiseError($lng->txt(
"msg_sysrole_not_deletable"),$this->ilErr->MESSAGE);
108 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
110 $mapping->deleteRole($a_rol_id);
117 $q =
"DELETE FROM rbac_ua ".
118 "WHERE rol_id = ".$ilDB->quote($a_rol_id) .
" ";
119 $this->ilDB->query($q);
122 $q =
"DELETE FROM rbac_pa ".
123 "WHERE rol_id = ".$ilDB->quote($a_rol_id).
" ";
124 $this->ilDB->query($q);
142 if (!isset($a_obj_id))
144 $message = get_class($this).
"::deleteTemplate(): No obj_id given!";
145 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
148 $q =
"DELETE FROM rbac_templates ".
149 "WHERE rol_id = ".$ilDB->quote($a_obj_id) .
" ";
150 $this->ilDB->query($q);
152 $q =
"DELETE FROM rbac_fa ".
153 "WHERE rol_id = ".$ilDB->quote($a_obj_id) .
" ";
154 $this->ilDB->query($q);
170 if (!isset($a_rol_id))
172 $message = get_class($this).
"::deleteLocalRole(): Missing parameter! role_id: '".$a_rol_id.
"'";
173 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
177 if ($a_rol_id == SYSTEM_ROLE_ID)
184 $clause =
"AND parent = ".$ilDB->quote($a_ref_id).
" ";
187 $q =
"DELETE FROM rbac_fa ".
188 "WHERE rol_id = ".$ilDB->quote($a_rol_id).
" ".
191 $this->ilDB->query($q);
193 $q =
"DELETE FROM rbac_templates ".
194 "WHERE rol_id = ".$ilDB->quote($a_rol_id).
" ".
196 $this->ilDB->query($q);
213 global $ilDB,$rbacreview;
215 if (!isset($a_rol_id) or !isset($a_usr_id))
217 $message = get_class($this).
"::assignUser(): Missing parameter! role_id: ".$a_rol_id.
" usr_id: ".$a_usr_id;
218 #$this->ilErr->raiseError($message,$this->ilErr->WARNING);
222 $alreadyAssigned = $rbacreview->isAssigned($a_usr_id,$a_rol_id);
225 if (!$alreadyAssigned)
227 $q =
"REPLACE INTO rbac_ua ".
228 "VALUES (".$ilDB->quote($a_usr_id).
",".$ilDB->quote($a_rol_id).
")";
232 $res = $this->ilDB->query($q);
234 include_once
'./classes/class.ilRoleDesktopItem.php';
240 foreach($role_desk_item_obj->getAll() as $item_data)
242 if(!$tmp_user->isDesktopItem($item_data[
'item_id'],$item_data[
'item_type']))
244 $tmp_user->addDesktopItem($item_data[
'item_id'],$item_data[
'item_type']);
250 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
252 $mapping->assign($a_rol_id,$a_usr_id);
268 if (!isset($a_rol_id) or !isset($a_usr_id))
270 $message = get_class($this).
"::deassignUser(): Missing parameter! role_id: ".$a_rol_id.
" usr_id: ".$a_usr_id;
271 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
274 $q =
"DELETE FROM rbac_ua ".
275 "WHERE usr_id= ".$ilDB->quote($a_usr_id).
" ".
276 "AND rol_id=".$ilDB->quote($a_rol_id).
" ";
277 $this->ilDB->query($q);
279 include_once(
'Services/LDAP/classes/class.ilLDAPRoleGroupMapping.php');
281 $mapping->deassign($a_rol_id,$a_usr_id);
298 if (!isset($a_rol_id) or !isset($a_ops) or !isset($a_ref_id))
300 $this->ilErr->raiseError(get_class($this).
"::grantPermission(): Missing parameter! ".
301 "role_id: ".$a_rol_id.
" ref_id: ".$a_ref_id.
" operations: ",$this->ilErr->WARNING);
304 if (!is_array($a_ops))
306 $this->ilErr->raiseError(get_class($this).
"::grantPermission(): Wrong datatype for operations!",
307 $this->ilErr->WARNING);
310 if (count($a_ops) == 0)
316 if ($a_rol_id == SYSTEM_ROLE_ID)
322 foreach ($a_ops as $key => $operation)
324 $a_ops[$key] = (int) $operation;
328 $ops_ids = addslashes(serialize($a_ops));
330 $q =
"REPLACE INTO rbac_pa (rol_id,ops_id,ref_id) ".
332 "(".$ilDB->quote($a_rol_id).
",".$ilDB->quote($ops_ids).
",".$ilDB->quote($a_ref_id).
")";
333 $this->ilDB->query($q);
349 global $rbacreview,
$log,$ilDB;
351 if (!isset($a_ref_id))
353 $message = get_class($this).
"::revokePermission(): Missing parameter! ref_id: ".$a_ref_id;
354 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
356 #$log->write("ilRBACadmin::revokePermission(), 0");
359 if ($a_keep_protected !=
true)
362 if ($a_rol_id == SYSTEM_ROLE_ID)
369 $and1 =
" AND rol_id = ".$ilDB->quote($a_rol_id).
" ";
376 $q =
"DELETE FROM rbac_pa ".
377 "WHERE ref_id = ".$ilDB->quote($a_ref_id).
" ".
379 $this->ilDB->query($q);
390 #$log->write("ilRBACadmin::revokePermission(), 1");
392 $roles_in_scope = $rbacreview->getParentRoleIds($a_ref_id);
396 foreach ($roles_in_scope as $role)
398 if ($role[
'protected'] ==
true)
403 $role_ids[] = $role[
'obj_id'];
412 $q =
"DELETE FROM rbac_pa ".
414 "AND ref_id = ".$ilDB->quote($a_ref_id).
" ";
415 $this->ilDB->query($q);
419 #$log->write("ilRBACadmin::revokePermission(), 2");
421 if ($a_rol_id == SYSTEM_ROLE_ID)
431 $q =
"DELETE FROM rbac_pa ".
432 "WHERE ref_id = ".$ilDB->quote($a_ref_id).
" ".
433 "AND rol_id = ".$ilDB->quote($a_rol_id).
" ";
434 $this->ilDB->query($q);
451 if (!isset($a_ref_ids) or !is_array($a_ref_ids))
453 $message = get_class($this).
"::revokePermissionList(): Missing parameter or parameter is not an array! reference_list: ".var_dump($a_ref_ids);
454 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
457 if (!isset($a_rol_id))
459 $message = get_class($this).
"::revokePermissionList(): Missing parameter! rol_id: ".$a_rol_id;
460 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
464 if ($a_rol_id == SYSTEM_ROLE_ID)
472 $q =
"DELETE FROM rbac_pa ".
473 "WHERE ref_id IN (".$ref_ids.
") ".
474 "AND rol_id = ".$ilDB->quote($a_rol_id);
475 $this->ilDB->query($q);
490 public function copyRolePermissions($a_source_id,$a_source_parent,$a_dest_parent,$a_dest_id,$a_consider_protected =
true)
492 global $tree,$rbacreview;
497 $source_obj = $tree->getParentId($a_source_parent);
498 $target_obj = $tree->getParentId($a_dest_parent);
499 $ops = $rbacreview->getRoleOperationsOnObject($a_source_id,$source_obj);
518 global $rbacreview,$ilDB;
520 if (!isset($a_source_id) or !isset($a_source_parent) or !isset($a_dest_id) or !isset($a_dest_parent))
522 $message = __METHOD__.
": Missing parameter! source_id: ".$a_source_id.
523 " source_parent_id: ".$a_source_parent.
524 " dest_id : ".$a_dest_id.
525 " dest_parent_id: ".$a_dest_parent;
526 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
530 if ($a_dest_id == SYSTEM_ROLE_ID)
535 $query =
"DELETE FROM rbac_templates WHERE rol_id = ".$ilDB->quote($a_dest_id).
" ".
536 "AND parent = ".$ilDB->quote($a_dest_parent);
537 $ilDB->query($query);
540 $q =
"SELECT * FROM rbac_templates ".
541 "WHERE rol_id = ".$ilDB->quote($a_source_id).
" ".
542 "AND parent = ".$ilDB->quote($a_source_parent).
" ";
543 $r = $this->ilDB->query($q);
547 $q =
"INSERT INTO rbac_templates ".
549 "(".$ilDB->quote($a_dest_id).
",".$ilDB->quote($row->type).
",".$ilDB->quote($row->ops_id).
",".$ilDB->quote($a_dest_parent).
")";
550 $this->ilDB->query($q);
554 if ($a_consider_protected ==
true)
556 if ($rbacreview->isProtected($a_source_parent,$a_source_id))
579 global $rbacreview,$ilDB;
581 if (!isset($a_source1_id) or !isset($a_source1_parent)
582 or !isset($a_source2_id) or !isset($a_source2_parent)
583 or !isset($a_dest_id) or !isset($a_dest_parent))
585 $message = get_class($this).
"::copyRolePermissionIntersection(): Missing parameter! source1_id: ".$a_source1_id.
586 " source1_parent: ".$a_source1_parent.
587 " source2_id: ".$a_source2_id.
588 " source2_parent: ".$a_source2_parent.
589 " dest_id: ".$a_dest_id.
590 " dest_parent_id: ".$a_dest_parent;
591 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
595 if ($a_dest_id == SYSTEM_ROLE_ID)
600 if ($rbacreview->isProtected($a_source2_parent,$a_source2_id))
605 $q =
"SELECT s1.type, s1.ops_id ".
606 "FROM rbac_templates AS s1, rbac_templates AS s2 ".
607 "WHERE s1.rol_id = ".$ilDB->quote($a_source1_id).
" ".
608 "AND s1.parent = ".$ilDB->quote($a_source1_parent).
" ".
609 "AND s2.rol_id = ".$ilDB->quote($a_source2_id).
" ".
610 "AND s2.parent = ".$ilDB->quote($a_source2_parent).
" ".
611 "AND s1.type = s2.type ".
612 "AND s1.ops_id = s2.ops_id";
613 $r = $this->ilDB->query($q);
617 $q =
"INSERT INTO rbac_templates ".
619 "(".$ilDB->quote($a_dest_id).
",".$ilDB->quote($row->type).
",".$ilDB->quote($row->ops_id).
",".$ilDB->quote($a_dest_parent).
")";
620 $this->ilDB->query($q);
640 if (!isset($a_rol_id) or !isset($a_ref_id))
642 $message = get_class($this).
"::deleteRolePermission(): Missing parameter! role_id: ".$a_rol_id.
" ref_id: ".$a_ref_id;
643 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
647 if ($a_rol_id == SYSTEM_ROLE_ID)
652 if ($a_type !==
false)
654 $and_type =
" AND type=".$ilDB->quote($a_type).
" ";
657 $q =
"DELETE FROM rbac_templates ".
658 "WHERE rol_id = ".$ilDB->quote($a_rol_id).
" ".
659 "AND parent = ".$ilDB->quote($a_ref_id).
" ".
661 $this->ilDB->query($q);
680 if (!isset($a_rol_id) or !isset($a_type) or !isset($a_ops) or !isset($a_ref_id))
682 $message = get_class($this).
"::setRolePermission(): Missing parameter!".
683 " role_id: ".$a_rol_id.
685 " operations: ".$a_ops.
686 " ref_id: ".$a_ref_id;
687 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
690 if (!is_string($a_type) or empty($a_type))
692 $message = get_class($this).
"::setRolePermission(): a_type is no string or empty!";
693 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
696 if (!is_array($a_ops) or empty($a_ops))
698 $message = get_class($this).
"::setRolePermission(): a_ops is no array or empty!";
699 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
703 if ($a_rol_id == SYSTEM_ROLE_ID)
708 foreach ($a_ops as $op)
710 $q =
"INSERT INTO rbac_templates ".
712 "(".$ilDB->quote($a_rol_id).
",".$ilDB->quote($a_type).
",".$ilDB->quote($op).
",".$ilDB->quote($a_ref_id).
")";
713 $this->ilDB->query($q);
736 if (!isset($a_rol_id) or !isset($a_parent))
738 $message = get_class($this).
"::assignRoleToFolder(): Missing Parameter!".
739 " role_id: ".$a_rol_id.
740 " parent_id: ".$a_parent.
741 " assign: ".$a_assign;
742 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
746 if ($a_rol_id == SYSTEM_ROLE_ID)
752 if ($a_assign !=
"y")
757 $q =
"INSERT INTO rbac_fa (rol_id,parent,assign) ".
758 "VALUES (".$ilDB->quote($a_rol_id).
",".$ilDB->quote($a_parent).
",".$ilDB->quote($a_assign).
")";
759 $this->ilDB->query($q);
776 if (!isset($a_type_id) or !isset($a_ops_id))
778 $message = get_class($this).
"::assignOperationToObject(): Missing parameter!".
779 "type_id: ".$a_type_id.
780 "ops_id: ".$a_ops_id;
781 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
784 $q =
"INSERT INTO rbac_ta ".
785 "VALUES(".$ilDB->quote($a_type_id).
",".$ilDB->quote($a_ops_id).
")";
786 $this->ilDB->query($q);
803 if (!isset($a_type_id) or !isset($a_ops_id))
805 $message = get_class($this).
"::deassignPermissionFromObject(): Missing parameter!".
806 "type_id: ".$a_type_id.
807 "ops_id: ".$a_ops_id;
808 $this->ilErr->raiseError($message,$this->ilErr->WARNING);
811 $q =
"DELETE FROM rbac_ta ".
812 "WHERE typ_id = ".$ilDB->quote($a_type_id).
" ".
813 "AND ops_id = ".$ilDB->quote($a_ops_id).
" ";
814 $this->ilDB->query($q);
824 $q =
"UPDATE rbac_fa ".
825 "SET protected = ".$ilDB->quote($a_value).
" ".
827 "WHERE rol_id = ".$ilDB->quote($a_role_id).
" ";
828 $this->ilDB->query($q);
842 $query =
"SELECT * FROM rbac_fa WHERE rol_id = ".$ilDB->quote($a_role_id);
843 $res = $ilDB->query($query);
846 return $row->protected ==
'y' ?
true :
false;
863 global $rbacreview,
$ilLog,$ilObjDataCache;
865 $source_rolf = $rbacreview->getRoleFolderIdOfObject($a_source_id);
866 $target_rolf = $rbacreview->getRoleFolderIdOfObject($a_target_id);
873 $real_local = array();
874 foreach($rbacreview->getRolesOfRoleFolder($source_rolf,
false) as $role_data)
876 $title = $ilObjDataCache->lookupTitle($role_data);
877 if(substr(
$title,0,3) ==
'il_')
881 $real_local[] = $role_data;
883 if(!count($real_local))
891 if(!is_object($tmp_obj))
895 $rolf = $tmp_obj->createRoleFolder();
896 $target_rolf = $rolf->getRefId();
897 $ilLog->write(__METHOD__.
': Created new role folder with id '.$rolf->getRefId());
899 foreach($real_local as $role)
901 include_once (
"./Services/AccessControl/classes/class.ilObjRole.php");
905 $ilLog->write(__METHOD__.
': Start copying of role '.$orig->getTitle());
907 $roleObj->setTitle($orig->getTitle());
908 $roleObj->setDescription($orig->getDescription());
909 $roleObj->setImportId($orig->getImportId());
914 $ilLog->write(__METHOD__.
': Added new local role, id '.$roleObj->getId());
932 global $rbacreview,$tree,
$ilLog;
934 $new_parent = $tree->getParentId($a_ref_id);
935 $old_context_roles = $rbacreview->getParentRoleIds($a_old_parent,
false);
936 $new_context_roles = $rbacreview->getParentRoleIds($new_parent,
false);
938 $for_addition = $for_deletion = array();
939 foreach($new_context_roles as $new_role_id => $new_role)
941 if(!isset($old_context_roles[$new_role_id]))
943 $for_addition[$new_role_id] = $new_role;
945 elseif($new_role[
'parent'] != $old_context_roles[$new_role_id][
'parent'])
948 $for_deletion[$new_role_id] = $new_role;
949 $for_addition[$new_role_id] = $new_role;
952 foreach($old_context_roles as $old_role_id => $old_role)
954 if(!isset($new_context_roles[$old_role_id]))
956 $for_deletion[$old_role_id] = $old_role;
960 if(!count($for_deletion) and !count($for_addition))
964 foreach($nodes = $tree->getSubTree($node_data = $tree->getNodeData($a_ref_id),
true) as $node_data)
966 $node_id = $node_data[
'child'];
971 if(!$node_data[
'type'])
973 $ilLog->write(__METHOD__.
': No type give. Choosing next tree entry.');
979 $ilLog->write(__METHOD__.
': Missing subtree node_id');
983 foreach($for_deletion as $role_id => $role_data)
985 if($rolf_id = $rbacreview->getRoleFolderIdOfObject($node_id))
992 foreach($for_addition as $role_id => $role_data)
996 $ops = $rbacreview->getOperationsOfRole($role_id,$node_data[
'type'],$role_data[
'parent']),
1.8.1.2 (using Doxyfile)
