00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00036 class ilPermissionGUI
00037 {
00045 function ilPermissionGUI(&$a_gui_obj)
00046 {
00047 global $ilias, $objDefinition, $tpl, $tree, $ilCtrl, $ilErr, $lng;
00048
00049 if (!isset($ilErr))
00050 {
00051 $ilErr = new ilErrorHandling();
00052 $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK,array($ilErr,'errorHandler'));
00053 }
00054 else
00055 {
00056 $this->ilErr =& $ilErr;
00057 }
00058
00059 $this->ilias =& $ilias;
00060 $this->objDefinition =& $objDefinition;
00061 $this->tree =& $tree;
00062 $this->tpl =& $tpl;
00063 $this->lng =& $lng;
00064 $this->lng->loadLanguageModule("rbac");
00065
00066 $this->ctrl =& $ilCtrl;
00067
00068 $this->gui_obj =& $a_gui_obj;
00069
00070 $this->roles = array();
00071 $this->num_roles = 0;
00072 }
00073
00074
00075 function &executeCommand()
00076 {
00077 global $rbacsystem, $ilErr;
00078
00079
00080 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00081 {
00082 $ilErr->raiseError($this->lng->txt("permission_denied"),$ilErr->MESSAGE);
00083 }
00084
00085 $next_class = $this->ctrl->getNextClass($this);
00086
00087 switch($next_class)
00088 {
00089 case "ilobjrolegui":
00090 include_once("classes/class.ilObjRoleGUI.php");
00091 $this->gui_obj = new ilObjRoleGUI("",(int) $_GET["obj_id"], false, false);
00092 $this->gui_obj->setBackTarget($this->lng->txt("perm_settings"),
00093 $this->ctrl->getLinkTarget($this, "perm"));
00094 $ret =& $this->ctrl->forwardCommand($this->gui_obj);
00095 break;
00096
00097 default:
00098 $cmd = $this->ctrl->getCmd();
00099 $this->$cmd();
00100 break;
00101 }
00102
00103 return true;
00104 }
00105
00111 function perm()
00112 {
00113 global $rbacsystem, $rbacreview;
00114
00115 $this->getRolesData();
00116
00118
00120 $this->__initSubTabs("perm");
00121
00122 $this->gui_obj->getTemplateFile("perm");
00123
00124
00125 $this->tpl->setCurrentBlock("filter");
00126 $this->tpl->setVariable("FILTER_TXT_FILTER",$this->lng->txt('filter'));
00127 $this->tpl->setVariable("SELECT_FILTER",$this->__buildRoleFilterSelect());
00128 $this->tpl->setVariable("FILTER_ACTION",$this->ctrl->getFormAction($this)."&cmd=perm");
00129 $this->tpl->setVariable("FILTER_NAME",'view');
00130 $this->tpl->setVariable("FILTER_VALUE",$this->lng->txt('apply_filter'));
00131 $this->tpl->parseCurrentBlock();
00132
00133 $this->num_roles = count($this->roles);
00134
00135
00136 if ($this->num_roles < 1)
00137 {
00138 sendinfo($this->lng->txt("msg_no_roles_of_type"),false);
00139 $this->__displayAddRoleForm();
00140 return true;
00141 }
00142
00143 $this->tpl->addBlockFile("PERM_PERMISSIONS", "permissions", "tpl.obj_perm_permissions.html");
00144 $this->tpl->setVariable("TXT_TITLE", $this->lng->txt("permission_settings"));
00145 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00146 $this->tpl->setVariable("FORMACTION",
00147 $this->gui_obj->getFormAction("permSave",$this->ctrl->getLinkTarget($this,"permSave")));
00148 $this->tpl->setVariable("TXT_SAVE", $this->lng->txt("save"));
00149
00150
00151 $global_roles = $rbacreview->getGlobalRoles();
00152
00153 foreach ($this->roles as $role)
00154 {
00155 $tmp_role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00156 $tmp_local_roles = array();
00157
00158 if ($tmp_role_folder)
00159 {
00160 $tmp_local_roles = $rbacreview->getRolesOfRoleFolder($tmp_role_folder["ref_id"]);
00161 }
00162
00163
00164 if ($role['protected'] == false and in_array($role['obj_id'],$tmp_local_roles))
00165 {
00166 $role_folder_data = $rbacreview->getRoleFolderOfObject($_GET['ref_id']);
00167 $role_folder_id = $role_folder_data['ref_id'];
00168
00169
00170 $this->tpl->setCurrentBlock("rolelink_open");
00171
00172 $up_path = defined('ILIAS_MODULE') ? "../" : "";
00173 $this->ctrl->setParameterByClass("ilobjrolegui", "obj_id",
00174 $role['obj_id']);
00175 $this->ctrl->setParameterByClass("ilobjrolegui", "rolf_ref_id",
00176 $role_folder_id);
00177 $this->tpl->setVariable("LINK_ROLE_RULESET",
00178 $this->ctrl->getLinkTargetByClass("ilobjrolegui", "perm"));
00179
00180 $this->tpl->setVariable("TXT_ROLE_RULESET",$this->lng->txt("edit_perm_ruleset"));
00181 $this->tpl->parseCurrentBlock();
00182
00183 $this->tpl->touchBlock("rolelink_close");
00184 }
00185
00186 $this->tpl->setCurrentBlock("role_infos");
00187
00188
00189 include_once ('class.ilObjRole.php');
00190 $this->tpl->setVariable("ROLE_NAME",str_replace(" "," ",ilObjRole::_getTranslation($role["title"])));
00191
00192
00193
00194 if (in_array($role["obj_id"],$global_roles))
00195 {
00196 $this->tpl->setVariable("ROLE_CONTEXT_TYPE","global");
00197 }
00198 else
00199 {
00200 $rolf = $rbacreview->getFoldersAssignedToRole($role["obj_id"],true);
00201 $parent_node = $this->tree->getParentNodeData($rolf[0]);
00202
00203
00204 $this->tpl->setVariable("ROLE_CONTEXT_TYPE",$parent_node["title"]);
00205 }
00206
00207 $this->tpl->parseCurrentBlock();
00208 }
00209 $this->ctrl->clearParametersByClass("ilobjrolegui");
00210
00211
00212
00213
00214 $this->__showPermissionsGeneralSection();
00215
00216
00217 $this->__showPermissionsObjectSection();
00218
00219
00220 $this->__showPermissionsRBACSection();
00221
00222
00223 $this->__showPermissionsCreateSection();
00224
00225 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00226
00227
00228 $this->__displayAddRoleForm();
00229 }
00230
00231
00237 function permSave()
00238 {
00239 global $rbacreview, $rbacadmin, $rbacsystem;
00240
00241
00242 $rbacadmin->revokePermission($this->gui_obj->object->getRefId());
00243
00244 if (is_array($_POST["perm"]))
00245 {
00246 foreach ($_POST["perm"] as $key => $new_role_perms)
00247 {
00248 $rbacadmin->grantPermission($key,$new_role_perms,$this->gui_obj->object->getRefId());
00249 }
00250 }
00251
00252
00253 $this->gui_obj->object->update();
00254
00255
00256
00257
00258
00259
00260
00261
00262
00263 $rolf_data = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00264 $rolf_id = $rolf_data["child"];
00265
00266 $stop_inherit_roles = $_POST["stop_inherit"] ? $_POST["stop_inherit"] : array();
00267
00268 if ($stop_inherit_roles)
00269 {
00270
00271 if (empty($rolf_id))
00272 {
00273
00274 $rfoldObj = $this->gui_obj->object->createRoleFolder();
00275
00276
00277 $rolf_id = $rfoldObj->getRefId();
00278 }
00279
00280 $roles_of_folder = $rbacreview->getRolesOfRoleFolder($rolf_id);
00281
00282 foreach ($stop_inherit_roles as $stop_inherit)
00283 {
00284
00285 if (!in_array($stop_inherit,$roles_of_folder))
00286 {
00287 $parentRoles = $rbacreview->getParentRoleIds($rolf_id);
00288 $rbacadmin->copyRolePermission($stop_inherit,$parentRoles[$stop_inherit]["parent"],
00289 $rolf_id,$stop_inherit);
00290 $rbacadmin->assignRoleToFolder($stop_inherit,$rolf_id,'n');
00291 }
00292 }
00293 }
00294
00295 if ($rolf_id and $rolf_id != ROLE_FOLDER_ID)
00296 {
00297
00298 $linked_roles = $rbacreview->getLinkedRolesOfRoleFolder($rolf_id);
00299 $linked_roles_to_remove = array_diff($linked_roles,$stop_inherit_roles);
00300
00301
00302 foreach ($linked_roles_to_remove as $role_id)
00303 {
00304 if ($rbacreview->isProtected($rolf_id,$role_id))
00305 {
00306 continue;
00307 }
00308
00309 $role_obj =& $this->ilias->obj_factory->getInstanceByObjId($role_id);
00310 $role_obj->setParent($rolf_id);
00311 $role_obj->delete();
00312 unset($role_obj);
00313 }
00314 }
00315
00316 sendinfo($this->lng->txt("saved_successfully"),true);
00317
00318
00319 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00320 {
00321 $this->ctrl->redirect($this->gui_obj);
00322 }
00323
00324 $this->ctrl->redirect($this,'perm');
00325 }
00326
00327
00328
00336 function addRole()
00337 {
00338 global $rbacadmin, $rbacreview, $rbacsystem;
00339
00340
00341 if ($rbacreview->roleExists($_POST["Fobject"]["title"]))
00342 {
00343 $this->ilias->raiseError($this->lng->txt("msg_role_exists1")." '".ilUtil::stripSlashes($_POST["Fobject"]["title"])."' ".
00344 $this->lng->txt("msg_role_exists2"),$this->ilias->error_obj->MESSAGE);
00345 }
00346
00347
00348 if (substr($_POST["Fobject"]["title"],0,3) == "il_")
00349 {
00350 $this->ilias->raiseError($this->lng->txt("msg_role_reserved_prefix"),$this->ilias->error_obj->MESSAGE);
00351 }
00352
00353
00354 if ($this->gui_obj->object->getType() != "rolf")
00355 {
00356 $rolf_data = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00357
00358
00359 if (!($rolf_id = $rolf_data["child"]))
00360 {
00361
00362 $subobjects = $this->objDefinition->getSubObjects($this->gui_obj->object->getType());
00363
00364 if (!isset($subobjects["rolf"]))
00365 {
00366 $this->ilias->raiseError($this->lng->txt("msg_no_rolf_allowed1")." '".$this->gui_obj->object->getTitle()."' ".
00367 $this->lng->txt("msg_no_rolf_allowed2"),$this->ilias->error_obj->WARNING);
00368 }
00369
00370
00371 $rolfObj = $this->gui_obj->object->createRoleFolder();
00372 $rolf_id = $rolfObj->getRefId();
00373 }
00374 }
00375 else
00376 {
00377
00378 $rolf_id = $this->gui_obj->object->getRefId();
00379 }
00380
00381
00382 if ($this->gui_obj->object->getType() == "rolf")
00383 {
00384 $roleObj = $this->gui_obj->object->createRole($_POST["Fobject"]["title"],$_POST["Fobject"]["desc"]);
00385 }
00386 else
00387 {
00388 $rfoldObj = $this->ilias->obj_factory->getInstanceByRefId($rolf_id);
00389 $roleObj = $rfoldObj->createRole($_POST["Fobject"]["title"],$_POST["Fobject"]["desc"]);
00390 }
00391
00392 sendInfo($this->lng->txt("role_added"),true);
00393
00394
00395
00396
00397
00398
00399
00400
00401
00402
00403
00404
00405
00406
00407
00408
00409 $this->ctrl->redirect($this,'perm');
00410 }
00411
00412 function &__initTableGUI()
00413 {
00414 include_once "./classes/class.ilTableGUI.php";
00415
00416 return new ilTableGUI(0,false);
00417 }
00418
00424 function __setTableGUIBasicData(&$tbl,&$result_set,$a_from = "")
00425 {
00426 switch ($a_from)
00427 {
00428 case "clipboardObject":
00429 $offset = $_GET["offset"];
00430 $order = $_GET["sort_by"];
00431 $direction = $_GET["sort_order"];
00432 $tbl->disable("footer");
00433 break;
00434
00435 default:
00436 $offset = $_GET["offset"];
00437 $order = $_GET["sort_by"];
00438 $direction = $_GET["sort_order"];
00439 break;
00440 }
00441
00442 $tbl->setOrderColumn($order);
00443 $tbl->setOrderDirection($direction);
00444 $tbl->setOffset($offset);
00445 $tbl->setLimit($_GET["limit"]);
00446 $tbl->setFooter("tblfooter",$this->lng->txt("previous"),$this->lng->txt("next"));
00447 $tbl->setData($result_set);
00448 }
00449
00450
00451 function __buildRoleFilterSelect()
00452 {
00453 $action[1] = $this->lng->txt('filter_all_roles');
00454 $action[2] = $this->lng->txt('filter_global_roles');
00455 $action[3] = $this->lng->txt('filter_local_roles');
00456 $action[4] = $this->lng->txt('filter_roles_local_policy');
00457 $action[5] = $this->lng->txt('filter_local_roles_object');
00458
00459 return ilUtil::formSelect($_SESSION['perm_filtered_roles'],"filter",$action,false,true);
00460 }
00461
00462 function __filterRoles($a_roles,$a_filter)
00463 {
00464 global $rbacreview;
00465
00466 switch ($a_filter)
00467 {
00468 case 1:
00469 return $a_roles;
00470 break;
00471
00472 case 2:
00473 $arr_global_roles = $rbacreview->getGlobalRoles();
00474 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_global_roles);
00475
00476 foreach ($arr_remove_roles as $role_id)
00477 {
00478 unset($a_roles[$role_id]);
00479 }
00480
00481 return $a_roles;
00482 break;
00483
00484 case 3:
00485 $arr_global_roles = $rbacreview->getGlobalRoles();
00486
00487 foreach ($arr_global_roles as $role_id)
00488 {
00489 unset($a_roles[$role_id]);
00490 }
00491
00492 return $a_roles;
00493 break;
00494
00495 case 4:
00496 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00497
00498 if (!$role_folder)
00499 {
00500 return array();
00501 }
00502
00503 $arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"]);
00504 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
00505
00506 foreach ($arr_remove_roles as $role_id)
00507 {
00508 unset($a_roles[$role_id]);
00509 }
00510
00511 return $a_roles;
00512 break;
00513
00514 case 5:
00515
00516 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00517
00518 if (!$role_folder)
00519 {
00520 return array();
00521 }
00522
00523 $arr_local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"],false);
00524 $arr_remove_roles = array_diff(array_keys($a_roles),$arr_local_roles);
00525
00526 foreach ($arr_remove_roles as $role_id)
00527 {
00528 unset($a_roles[$role_id]);
00529 }
00530
00531 return $a_roles;
00532 break;
00533 }
00534
00535 return $a_roles;
00536 }
00537
00538
00539 function owner()
00540 {
00541 global $ilObjDataCache,$ilUser;
00542
00543 $this->__initSubTabs("owner");
00544
00545 $this->tpl->addBlockfile('ADM_CONTENT','adm_content','tpl.obj_owner.html');
00546
00547 $this->tpl->setVariable("FORMACTION",$this->ctrl->getFormAction($this));
00548 $this->tpl->setVariable("USERNAME",ilObjUser::_lookupLogin($this->gui_obj->object->getOwner()));
00549 $this->tpl->setVariable("TBL_TITLE_IMG",ilUtil::getImagePath('icon_usr.gif'));
00550 $this->tpl->setVariable("TBL_TITLE_IMG_ALT",$this->lng->txt('owner'));
00551 $this->tpl->setVariable("TBL_TITLE",$this->lng->txt('info_owner_of_object'));
00552 $this->tpl->setVariable("BTN_CHOWN",$this->lng->txt('change_owner'));
00553 $this->tpl->setVariable("TXT_USERNAME",$this->lng->txt('username'));
00554 $this->tpl->setVariable("CHOWN_WARNING",$this->lng->txt('chown_warning'));
00555 }
00556
00557 function changeOwner()
00558 {
00559 global $rbacsystem,$ilErr,$ilObjDataCache;
00560
00561 if(!$user_id = ilObjUser::_lookupId($_POST['owner']))
00562 {
00563 sendInfo($this->lng->txt('user_not_known'));
00564 $this->owner();
00565 return true;
00566 }
00567
00568 $this->gui_obj->object->setOwner($user_id);
00569 $this->gui_obj->object->updateOwner();
00570 $ilObjDataCache->deleteCachedEntry($this->gui_obj->object->getId());
00571 sendInfo($this->lng->txt('owner_updated'),true);
00572
00573 if (!$rbacsystem->checkAccess("edit_permission",$this->gui_obj->object->getRefId()))
00574 {
00575 $this->ctrl->redirect($this->gui_obj);
00576 return true;
00577 }
00578
00579 $this->ctrl->redirect($this,'owner');
00580 return true;
00581
00582 }
00583
00584
00585 function info()
00586 {
00587 $this->__initSubTabs("info");
00588
00589 include_once('classes/class.ilObjectStatusGUI.php');
00590
00591 $ilInfo = new ilObjectStatusGUI($this->gui_obj->object);
00592
00593 $this->tpl->setVariable("ADM_CONTENT",$ilInfo->getHTML());
00594 }
00595
00596
00597 function __initSubTabs($a_cmd)
00598 {
00599 global $ilTabs;
00600
00601 $perm = ($a_cmd == 'perm') ? true : false;
00602 $info = ($a_cmd == 'info') ? true : false;
00603 $owner = ($a_cmd == 'owner') ? true : false;
00604
00605 $ilTabs->addSubTabTarget("permission_settings", $this->ctrl->getLinkTarget($this, "perm"),
00606 "", "", "", $perm);
00607 $ilTabs->addSubTabTarget("info_status_info", $this->ctrl->getLinkTarget($this, "info"),
00608 "", "", "", $info);
00609 $ilTabs->addSubTabTarget("owner", $this->ctrl->getLinkTarget($this, "owner"),
00610 "", "", "", $owner);
00611 }
00612
00613 function getRolesData()
00614 {
00615 global $rbacsystem, $rbacreview;
00616
00617
00618 $roles = $rbacreview->getParentRoleIds($this->gui_obj->object->getRefId());
00619
00620
00621 $_SESSION['perm_filtered_roles'] = isset($_POST['filter']) ? $_POST['filter'] : $_SESSION['perm_filtered_roles'];
00622
00623
00624 if ($_SESSION['perm_filtered_roles'] == 0)
00625 {
00626 $_SESSION['perm_filtered_roles'] = 1;
00627 }
00628
00629
00630 $roles = $this->__filterRoles($roles,$_SESSION["perm_filtered_roles"]);
00631
00632
00633
00634 $role_folder = $rbacreview->getRoleFolderOfObject($this->gui_obj->object->getRefId());
00635
00636 $local_roles = array();
00637
00638 if (!empty($role_folder))
00639 {
00640 $local_roles = $rbacreview->getRolesOfRoleFolder($role_folder["ref_id"]);
00641 }
00642
00643 foreach ($roles as $key => $role)
00644 {
00645
00646 if ($role["obj_id"] == SYSTEM_ROLE_ID)
00647 {
00648 unset($roles[$key]);
00649 continue;
00650 }
00651
00652 $this->roles[$role['obj_id']] = $role;
00653
00654
00655 $this->roles[$role['obj_id']]['keep_protected'] = $rbacreview->isProtected($role['parent'],$role['obj_id']);
00656
00657 if (!in_array($role["obj_id"],$local_roles))
00658 {
00659 $this->roles[$role['obj_id']]['local_policy_enabled'] = false;
00660 $this->roles[$role['obj_id']]['local_policy_allowed'] = true;
00661 }
00662 else
00663 {
00664
00665 if ($rbacreview->isAssignable($role["obj_id"],$role_folder["ref_id"]))
00666 {
00667 $this->roles[$role['obj_id']]['local_policy_allowed'] = false;
00668 }
00669 else
00670 {
00671 $this->roles[$role['obj_id']]['local_policy_enabled'] = true;
00672 $this->roles[$role['obj_id']]['local_policy_allowed'] = true;
00673 }
00674 }
00675
00676
00677 $grouped_ops = groupOperationsByClass(getOperationList($this->gui_obj->object->getType()));
00678
00679 foreach ($grouped_ops as $ops_group => $ops_data)
00680 {
00681 foreach ($ops_data as $key => $operation)
00682 {
00683 $grouped_ops[$ops_group][$key]['checked'] = $rbacsystem->checkPermission($this->gui_obj->object->getRefId(), $role['obj_id'], $operation['name']);
00684 }
00685 }
00686
00687 $this->roles[$role['obj_id']]['permissions'] = $grouped_ops;
00688 unset($grouped_ops);
00689 }
00690 }
00691
00692 function __displayAddRoleForm()
00693 {
00694
00695 $object_types_exclude = array("adm","root","mail","objf","lngf","trac","taxf","auth", "assf",'seas','extt');
00696
00697 if (!in_array($this->gui_obj->object->getType(),$object_types_exclude) and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00698 {
00699 $this->tpl->addBlockFile("PERM_ADD_ROLE", "add_local_roles", "tpl.obj_perm_add_role.html");
00700
00701
00702 $data = array();
00703 $data["fields"] = array();
00704 $data["fields"]["title"] = $_SESSION["error_post_vars"]["Fobject"]["title"];
00705 $data["fields"]["desc"] = $_SESSION["error_post_vars"]["Fobject"]["desc"];
00706
00707 foreach ($data["fields"] as $key => $val)
00708 {
00709 $this->tpl->setVariable("TXT_LR_".strtoupper($key), $this->lng->txt($key));
00710 $this->tpl->setVariable(strtoupper($key), $val);
00711 }
00712
00713 $this->tpl->setVariable("FORMACTION_LR",$this->gui_obj->getFormAction("addRole", $this->ctrl->getLinkTarget($this, "addRole")));
00714 $this->tpl->setVariable("TXT_LR_HEADER", $this->lng->txt("you_may_add_local_roles"));
00715 $this->tpl->setVariable("TXT_ADD_ROLE", $this->lng->txt("role_add_local"));
00716 $this->tpl->setVariable("TXT_REQUIRED_FLD", $this->lng->txt("required_field"));
00717 }
00718 }
00719
00720 function __showPermissionsGeneralSection()
00721 {
00722 $this->tpl->setCurrentBlock("perm_subtitle");
00723 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_general'));
00724 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_general_desc'));
00725 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00726 $this->tpl->parseCurrentBlock();
00727
00728 foreach ($this->roles as $role)
00729 {
00730 foreach ($role['permissions']['general'] as $perm)
00731 {
00732
00733 if ($perm['name'] == 'delete' and $this->gui_obj->object->getType() == 'rolf' and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00734 {
00735 continue;
00736 }
00737
00738 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00739
00740 $this->tpl->setCurrentBlock("perm_item");
00741 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00742 $this->tpl->setVariable("PERM_NAME",$this->lng->txt($perm['name']));
00743 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00744 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00745 $this->tpl->parseCurrentBlock();
00746 }
00747
00748 $this->tpl->setCurrentBlock("perm_table");
00749 $this->tpl->parseCurrentBlock();
00750 }
00751
00752 $this->tpl->setCurrentBlock("perm_settings");
00753 $this->tpl->parseCurrentBlock();
00754 }
00755
00756 function __showPermissionsObjectSection()
00757 {
00758
00759 reset($this->roles);
00760 $first_role =& current($this->roles);
00761
00762 if (count($first_role['permissions']['object']))
00763 {
00764 $this->tpl->setCurrentBlock("perm_subtitle");
00765 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_object'));
00766 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_object_desc'));
00767 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00768 $this->tpl->parseCurrentBlock();
00769
00770 foreach ($this->roles as $role)
00771 {
00772 foreach ($role['permissions']['object'] as $perm)
00773 {
00774 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00775
00776 $this->tpl->setCurrentBlock("perm_item");
00777 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00778 $this->tpl->setVariable("PERM_NAME",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00779 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00780 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00781 $this->tpl->parseCurrentBlock();
00782 }
00783
00784 $this->tpl->setCurrentBlock("perm_table");
00785 $this->tpl->parseCurrentBlock();
00786 }
00787
00788 $this->tpl->setCurrentBlock("perm_settings");
00789 $this->tpl->parseCurrentBlock();
00790 }
00791 }
00792
00793 function __showPermissionsRBACSection()
00794 {
00795 $this->tpl->setCurrentBlock("perm_subtitle");
00796 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_rbac'));
00797 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_rbac_desc'));
00798 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00799 $this->tpl->parseCurrentBlock();
00800
00801 foreach ($this->roles as $role)
00802 {
00803 foreach ($role['permissions']['rbac'] as $perm)
00804 {
00805 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00806
00807 $this->tpl->setCurrentBlock("perm_item");
00808 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00809 $this->tpl->setVariable("PERM_NAME",$this->lng->txt('perm_administrate'));
00810 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00811 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00812 $this->tpl->parseCurrentBlock();
00813 }
00814
00815
00816
00817 if ($this->objDefinition->stopInheritance($this->gui_obj->object->getType()))
00818 {
00819 if ($role['local_policy_allowed'])
00820 {
00821 $box = ilUtil::formCheckBox($role['local_policy_enabled'],'stop_inherit[]',$role['obj_id'],$role['keep_protected']);
00822 $lang = $this->lng->txt("perm_use_local_policy")." (".
00823 $this->lng->txt("stop_inheritance").")";
00824 $lang_desc = $this->lng->txt("perm_use_local_policy_desc");
00825 }
00826 else
00827 {
00828 $box = ' ';
00829 $lang = $this->lng->txt("perm_local_role");
00830 $lang_desc = $this->lng->txt("perm_local_role_desc");
00831 }
00832
00833 $this->tpl->setCurrentBlock("perm_item");
00834 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00835 $this->tpl->setVariable("PERM_NAME",$lang);
00836 $this->tpl->setVariable("PERM_TOOLTIP",$lang_desc);
00837 $this->tpl->setVariable("PERM_LABEL",'stop_inherit_'.$role['obj_id']);
00838 $this->tpl->parseCurrentBlock();
00839 }
00840
00841 $this->tpl->setCurrentBlock("perm_table");
00842 $this->tpl->parseCurrentBlock();
00843 }
00844
00845 $this->tpl->setCurrentBlock("perm_settings");
00846 $this->tpl->parseCurrentBlock();
00847 }
00848
00849 function __showPermissionsCreateSection()
00850 {
00851
00852
00853 if ($this->gui_obj->object->getType() == 'rolf' and $this->gui_obj->object->getRefId() != ROLE_FOLDER_ID)
00854 {
00855 return;
00856 }
00857
00858
00859 reset($this->roles);
00860 $first_role =& current($this->roles);
00861
00862 if (count($first_role['permissions']['create']))
00863 {
00864 $this->tpl->setCurrentBlock("perm_subtitle");
00865 $this->tpl->setVariable("TXT_PERM_CLASS",$this->lng->txt('perm_class_create'));
00866 $this->tpl->setVariable("TXT_PERM_CLASS_DESC",$this->lng->txt('perm_class_create_desc'));
00867 $this->tpl->setVariable("COLSPAN", $this->num_roles);
00868 $this->tpl->parseCurrentBlock();
00869
00870 foreach ($this->roles as $role)
00871 {
00872 foreach ($role['permissions']['create'] as $perm)
00873 {
00874 if (!$this->ilias->getSetting("ilinc_active") and $perm["name"] == "create_icrs")
00875 {
00876 continue;
00877 }
00878
00879 $box = ilUtil::formCheckBox($perm['checked'],"perm[".$role["obj_id"]."][]",$perm["ops_id"],$role["protected"]);
00880
00881 $this->tpl->setCurrentBlock("perm_item");
00882 $this->tpl->setVariable("PERM_CHECKBOX",$box);
00883 $this->tpl->setVariable("PERM_NAME",$this->lng->txt("obj".substr($perm['name'],6)));
00884 $this->tpl->setVariable("PERM_TOOLTIP",$this->lng->txt($this->gui_obj->object->getType()."_".$perm['name']));
00885 $this->tpl->setVariable("PERM_LABEL",'perm_'.$role['obj_id'].'_'.$perm['ops_id']);
00886 $this->tpl->parseCurrentBlock();
00887 }
00888
00889 $this->tpl->setCurrentBlock("perm_table");
00890 $this->tpl->parseCurrentBlock();
00891 }
00892
00893 $this->tpl->setCurrentBlock("perm_settings");
00894 $this->tpl->parseCurrentBlock();
00895 }
00896 }
00897 }
00898 ?>
